Error: GCC_ANALYZER_WARNING (CWE-401): [#def1] zstd-1.5.7/lib//compress/../common/allocations.h:53:1: warning[-Wanalyzer-malloc-leak]: leak of ‘<return-value>.start’ zstd-1.5.7/lib//compress/zstdmt_compress.c:1403:15: enter_function: entry to ‘ZSTDMT_createCompressionJob’ zstd-1.5.7/lib//compress/zstdmt_compress.c:1408:8: branch_false: following ‘false’ branch... zstd-1.5.7/lib//compress/zstdmt_compress.c:1414:10: branch_false: ...to here zstd-1.5.7/lib//compress/zstdmt_compress.c:1414:8: branch_true: following ‘true’ branch... zstd-1.5.7/lib//compress/zstdmt_compress.c:1415:21: branch_true: ...to here zstd-1.5.7/lib//compress/zstdmt_compress.c:1443:12: branch_true: following ‘true’ branch (when ‘endOp != 2’)... zstd-1.5.7/lib//compress/zstdmt_compress.c:1444:42: branch_true: ...to here zstd-1.5.7/lib//compress/zstdmt_compress.c:1455:12: branch_true: following ‘true’ branch (when ‘srcSize == 0’)... zstd-1.5.7/lib//compress/zstdmt_compress.c:1455:14: branch_true: ...to here zstd-1.5.7/lib//compress/zstdmt_compress.c:1455:14: branch_true: following ‘true’ branch... zstd-1.5.7/lib//compress/zstdmt_compress.c:1459:13: branch_true: ...to here zstd-1.5.7/lib//compress/zstdmt_compress.c:1459:13: call_function: calling ‘ZSTDMT_writeLastEmptyBlock’ from ‘ZSTDMT_createCompressionJob’ # 51| ZSTD_free(ptr); # 52| } # 53|-> } # 54| # 55| #endif /* ZSTD_ALLOCATIONS_H */ Error: GCC_ANALYZER_WARNING (CWE-401): [#def2] zstd-1.5.7/lib//compress/zstdmt_compress.c:226:1: warning[-Wanalyzer-malloc-leak]: leak of ‘<return-value>.start’ zstd-1.5.7/lib//compress/zstdmt_compress.c:1403:15: enter_function: entry to ‘ZSTDMT_createCompressionJob’ zstd-1.5.7/lib//compress/zstdmt_compress.c:1408:8: branch_false: following ‘false’ branch... zstd-1.5.7/lib//compress/zstdmt_compress.c:1414:10: branch_false: ...to here zstd-1.5.7/lib//compress/zstdmt_compress.c:1414:8: branch_true: following ‘true’ branch... zstd-1.5.7/lib//compress/zstdmt_compress.c:1415:21: branch_true: ...to here zstd-1.5.7/lib//compress/zstdmt_compress.c:1443:12: branch_false: following ‘false’ branch (when ‘endOp == 2’)... zstd-1.5.7/lib//compress/zstdmt_compress.c:1448:13: branch_false: ...to here zstd-1.5.7/lib//compress/zstdmt_compress.c:1450:16: branch_false: following ‘false’ branch... zstd-1.5.7/lib//compress/zstdmt_compress.c:1455:12: branch_false: ...to here zstd-1.5.7/lib//compress/zstdmt_compress.c:1455:12: branch_true: following ‘true’ branch (when ‘srcSize == 0’)... zstd-1.5.7/lib//compress/zstdmt_compress.c:1455:14: branch_true: ...to here zstd-1.5.7/lib//compress/zstdmt_compress.c:1455:14: branch_true: following ‘true’ branch... zstd-1.5.7/lib//compress/zstdmt_compress.c:1459:13: branch_true: ...to here zstd-1.5.7/lib//compress/zstdmt_compress.c:1459:13: call_function: calling ‘ZSTDMT_writeLastEmptyBlock’ from ‘ZSTDMT_createCompressionJob’ # 224| return buffer; # 225| } # 226|-> } # 227| # 228| #if ZSTD_RESIZE_SEQPOOL Error: GCC_ANALYZER_WARNING (CWE-835): [#def3] zstd-1.5.7/lib//compress/zstdmt_compress.c:1499:27: warning[-Wanalyzer-infinite-loop]: infinite loop zstd-1.5.7/lib//compress/zstdmt_compress.c:1499:27: danger: infinite loop here zstd-1.5.7/lib//compress/zstdmt_compress.c:1499:16: branch_true: if it ever follows ‘true’ branch, it will always do so... zstd-1.5.7/lib//compress/zstdmt_compress.c:1500:17: branch_true: ...to here zstd-1.5.7/lib//compress/zstdmt_compress.c:1500:16: branch_false: if it ever follows ‘false’ branch, it will always do so... zstd-1.5.7/lib//compress/zstdmt_compress.c:1500:16: branch_false: ...to here # 1497| && (mtctx->doneJobID < mtctx->nextJobID) ) { # 1498| assert(mtctx->jobs[wJobID].dstFlushed <= mtctx->jobs[wJobID].cSize); # 1499|-> while (mtctx->jobs[wJobID].dstFlushed == mtctx->jobs[wJobID].cSize) { /* nothing to flush */ # 1500| if (mtctx->jobs[wJobID].consumed == mtctx->jobs[wJobID].src.size) { # 1501| DEBUGLOG(5, "job %u is completely consumed (%u == %u) => don't wait for cond, there will be none", Error: GCC_ANALYZER_WARNING (CWE-835): [#def4] zstd-1.5.7/lib//dictBuilder/cover.c:914:10: warning[-Wanalyzer-infinite-loop]: infinite loop zstd-1.5.7/lib//dictBuilder/cover.c:914:10: danger: infinite loop here zstd-1.5.7/lib//dictBuilder/cover.c:914:10: branch_true: if it ever follows ‘true’ branch, it will always do so... zstd-1.5.7/lib//dictBuilder/cover.c:914:10: branch_true: ...to here # 912| } # 913| ZSTD_pthread_mutex_lock(&best->mutex); # 914|-> while (best->liveJobs != 0) { # 915| ZSTD_pthread_cond_wait(&best->cond, &best->mutex); # 916| } Error: GCC_ANALYZER_WARNING (CWE-401): [#def5] zstd-1.5.7/lib//dictBuilder/cover.c:976:12: warning[-Wanalyzer-malloc-leak]: leak of ‘*best.dict’ zstd-1.5.7/lib//dictBuilder/cover.c:1122:13: enter_function: entry to ‘COVER_tryParameters’ zstd-1.5.7/lib//dictBuilder/cover.c:1135:8: call_function: calling ‘COVER_map_init’ from ‘COVER_tryParameters’ zstd-1.5.7/lib//dictBuilder/cover.c:1135:8: return_function: returning to ‘COVER_tryParameters’ from ‘COVER_map_init’ zstd-1.5.7/lib//dictBuilder/cover.c:1135:6: branch_true: following ‘true’ branch... zstd-1.5.7/lib//dictBuilder/cover.c:1136:5: branch_true: ...to here zstd-1.5.7/lib//dictBuilder/cover.c:1160:3: call_function: calling ‘COVER_best_finish’ from ‘COVER_tryParameters’ # 974| } # 975| best->dict = malloc(dictSize); # 976|-> if (!best->dict) { # 977| best->compressedSize = ERROR(GENERIC); # 978| best->dictSize = 0; Error: GCC_ANALYZER_WARNING (CWE-401): [#def6] zstd-1.5.7/programs/util.c:896:17: warning[-Wanalyzer-malloc-leak]: leak of ‘buf’ zstd-1.5.7/programs/util.c:1339:6: enter_function: entry to ‘UTIL_expandFNT’ zstd-1.5.7/programs/util.c:1341:36: call_function: calling ‘UTIL_createExpandedFNT’ from ‘UTIL_expandFNT’ # 894| int nbFiles = 0; # 895| # 896|-> if (!(dir = opendir(dirName))) { # 897| UTIL_DISPLAYLEVEL(1, "Cannot open directory '%s': %s\n", dirName, strerror(errno)); # 898| return 0; Error: GCC_ANALYZER_WARNING (CWE-401): [#def7] zstd-1.5.7/programs/util.c:903:21: warning[-Wanalyzer-malloc-leak]: leak of ‘buf’ zstd-1.5.7/programs/util.c:1339:6: enter_function: entry to ‘UTIL_expandFNT’ zstd-1.5.7/programs/util.c:1341:36: call_function: calling ‘UTIL_createExpandedFNT’ from ‘UTIL_expandFNT’ # 901| dirLength = strlen(dirName); # 902| errno = 0; # 903|-> while ((entry = readdir(dir)) != NULL) { # 904| char* path; # 905| size_t fnameLength, pathLength; Error: GCC_ANALYZER_WARNING (CWE-401): [#def8] zstd-1.5.7/programs/util.c:903:21: warning[-Wanalyzer-malloc-leak]: leak of ‘opendir(dirName)’ zstd-1.5.7/programs/util.c:1339:6: enter_function: entry to ‘UTIL_expandFNT’ zstd-1.5.7/programs/util.c:1341:36: call_function: calling ‘UTIL_createExpandedFNT’ from ‘UTIL_expandFNT’ # 901| dirLength = strlen(dirName); # 902| errno = 0; # 903|-> while ((entry = readdir(dir)) != NULL) { # 904| char* path; # 905| size_t fnameLength, pathLength; Error: GCC_ANALYZER_WARNING (CWE-401): [#def9] zstd-1.5.7/programs/util.c:910:22: warning[-Wanalyzer-malloc-leak]: leak of ‘buf’ zstd-1.5.7/programs/util.c:1339:6: enter_function: entry to ‘UTIL_expandFNT’ zstd-1.5.7/programs/util.c:1341:36: call_function: calling ‘UTIL_createExpandedFNT’ from ‘UTIL_expandFNT’ # 908| fnameLength = strlen(entry->d_name); # 909| path = (char*) malloc(dirLength + fnameLength + 2); # 910|-> if (!path) { closedir(dir); return 0; } # 911| memcpy(path, dirName, dirLength); # 912|
| analyzer-version-clippy | 1.92.0 |
| analyzer-version-cppcheck | 2.19.1 |
| analyzer-version-gcc | 16.0.0 |
| analyzer-version-gcc-analyzer | 16.0.0 |
| analyzer-version-shellcheck | 0.11.0 |
| analyzer-version-unicontrol | 0.0.2 |
| diffbase-analyzer-version-clippy | 1.92.0 |
| diffbase-analyzer-version-cppcheck | 2.19.1 |
| diffbase-analyzer-version-gcc | 16.0.0 |
| diffbase-analyzer-version-gcc-analyzer | 16.0.0 |
| diffbase-analyzer-version-shellcheck | 0.11.0 |
| diffbase-analyzer-version-unicontrol | 0.0.2 |
| diffbase-enabled-plugins | clippy, cppcheck, gcc, shellcheck, unicontrol |
| diffbase-exit-code | 0 |
| diffbase-host | ip-172-16-1-211.us-west-2.compute.internal |
| diffbase-known-false-positives | /usr/share/csmock/known-false-positives.js |
| diffbase-known-false-positives-rpm | known-false-positives-0.0.0.20250521.132812.g8eff701.main-1.el9.noarch |
| diffbase-mock-config | fedora-rawhide-x86_64 |
| diffbase-project-name | zstd-1.5.7-3.fc44 |
| diffbase-store-results-to | /tmp/tmpazzl8563/zstd-1.5.7-3.fc44.tar.xz |
| diffbase-time-created | 2026-01-08 22:22:43 |
| diffbase-time-finished | 2026-01-08 22:27:22 |
| diffbase-tool | csmock |
| diffbase-tool-args | '/usr/bin/csmock' '-r' 'fedora-rawhide-x86_64' '-t' 'gcc,cppcheck,clippy,shellcheck,unicontrol' '-o' '/tmp/tmpazzl8563/zstd-1.5.7-3.fc44.tar.xz' '--gcc-analyze' '--unicontrol-notests' '--unicontrol-bidi-only' '--install' 'pam' '--gcc-analyzer-bin=/usr/bin/gcc' '/tmp/tmpazzl8563/zstd-1.5.7-3.fc44.src.rpm' |
| diffbase-tool-version | csmock-3.8.3.20251215.161544.g62de9a5-1.el9 |
| enabled-plugins | clippy, cppcheck, gcc, shellcheck, unicontrol |
| exit-code | 0 |
| host | ip-172-16-1-211.us-west-2.compute.internal |
| known-false-positives | /usr/share/csmock/known-false-positives.js |
| known-false-positives-rpm | known-false-positives-0.0.0.20250521.132812.g8eff701.main-1.el9.noarch |
| mock-config | fedora-rawhide-x86_64 |
| project-name | zstd-1.5.7-2.fc43 |
| store-results-to | /tmp/tmpkr4geo9n/zstd-1.5.7-2.fc43.tar.xz |
| time-created | 2026-01-08 22:17:34 |
| time-finished | 2026-01-08 22:22:24 |
| title | Fixed findings |
| tool | csmock |
| tool-args | '/usr/bin/csmock' '-r' 'fedora-rawhide-x86_64' '-t' 'gcc,cppcheck,clippy,shellcheck,unicontrol' '-o' '/tmp/tmpkr4geo9n/zstd-1.5.7-2.fc43.tar.xz' '--gcc-analyze' '--unicontrol-notests' '--unicontrol-bidi-only' '--install' 'pam' '--gcc-analyzer-bin=/usr/bin/gcc' '/tmp/tmpkr4geo9n/zstd-1.5.7-2.fc43.src.rpm' |
| tool-version | csmock-3.8.3.20251215.161544.g62de9a5-1.el9 |