Error: GCC_ANALYZER_WARNING (CWE-775): [#def1] audit-userspace-4.1.2/audisp/plugins/af_unix/audisp-af_unix.c:137:9: warning[-Wanalyzer-file-leak]: leak of FILE ‘fopen("/run/audit/af_unix.state", "w")’ audit-userspace-4.1.2/audisp/plugins/af_unix/audisp-af_unix.c:128:19: acquire_resource: opened here audit-userspace-4.1.2/audisp/plugins/af_unix/audisp-af_unix.c:130:12: branch_false: following ‘false’ branch... audit-userspace-4.1.2/audisp/plugins/af_unix/audisp-af_unix.c:133:22: branch_false: ...to here audit-userspace-4.1.2/audisp/plugins/af_unix/audisp-af_unix.c:137:9: danger: ‘fopen("/run/audit/af_unix.state", "w")’ leaks here; was opened at [(1)](sarif:/runs/0/results/0/codeFlows/0/threadFlows/0/locations/0) # 135| fprintf(f, "current time = %s\n", buf); # 136| fprintf(f, "client_connected = %s\n", client ? "yes" : "no"); # 137|-> fprintf(f, "queue_length = %zu\n", q_queue_length(queue)); # 138| fprintf(f, "max_queue_length = %zu\n", q_max_queue_length(queue)); # 139| fprintf(f, "queue_size = %zu\n", q_queue_size(queue)); Error: GCC_ANALYZER_WARNING (CWE-401): [#def2] audit-userspace-4.1.2/audisp/plugins/af_unix/audisp-af_unix.c:137:9: warning[-Wanalyzer-malloc-leak]: leak of ‘fopen("/run/audit/af_unix.state", "w")’ audit-userspace-4.1.2/audisp/plugins/af_unix/audisp-af_unix.c:128:19: acquire_memory: allocated here audit-userspace-4.1.2/audisp/plugins/af_unix/audisp-af_unix.c:130:12: branch_false: following ‘false’ branch... audit-userspace-4.1.2/audisp/plugins/af_unix/audisp-af_unix.c:133:22: branch_false: ...to here audit-userspace-4.1.2/audisp/plugins/af_unix/audisp-af_unix.c:137:9: danger: ‘fopen("/run/audit/af_unix.state", "w")’ leaks here; was allocated at [(1)](sarif:/runs/0/results/1/codeFlows/0/threadFlows/0/locations/0) # 135| fprintf(f, "current time = %s\n", buf); # 136| fprintf(f, "client_connected = %s\n", client ? "yes" : "no"); # 137|-> fprintf(f, "queue_length = %zu\n", q_queue_length(queue)); # 138| fprintf(f, "max_queue_length = %zu\n", q_max_queue_length(queue)); # 139| fprintf(f, "queue_size = %zu\n", q_queue_size(queue)); Error: GCC_ANALYZER_WARNING (CWE-775): [#def3] audit-userspace-4.1.2/audisp/plugins/af_unix/audisp-af_unix.c:138:9: warning[-Wanalyzer-file-leak]: leak of FILE ‘fopen("/run/audit/af_unix.state", "w")’ audit-userspace-4.1.2/audisp/plugins/af_unix/audisp-af_unix.c:128:19: acquire_resource: opened here audit-userspace-4.1.2/audisp/plugins/af_unix/audisp-af_unix.c:130:12: branch_false: following ‘false’ branch... audit-userspace-4.1.2/audisp/plugins/af_unix/audisp-af_unix.c:133:22: branch_false: ...to here audit-userspace-4.1.2/audisp/plugins/af_unix/audisp-af_unix.c:138:9: danger: ‘fopen("/run/audit/af_unix.state", "w")’ leaks here; was opened at [(1)](sarif:/runs/0/results/2/codeFlows/0/threadFlows/0/locations/0) # 136| fprintf(f, "client_connected = %s\n", client ? "yes" : "no"); # 137| fprintf(f, "queue_length = %zu\n", q_queue_length(queue)); # 138|-> fprintf(f, "max_queue_length = %zu\n", q_max_queue_length(queue)); # 139| fprintf(f, "queue_size = %zu\n", q_queue_size(queue)); # 140| #ifdef HAVE_MALLINFO2 Error: GCC_ANALYZER_WARNING (CWE-401): [#def4] audit-userspace-4.1.2/audisp/plugins/af_unix/audisp-af_unix.c:138:9: warning[-Wanalyzer-malloc-leak]: leak of ‘fopen("/run/audit/af_unix.state", "w")’ audit-userspace-4.1.2/audisp/plugins/af_unix/audisp-af_unix.c:128:19: acquire_memory: allocated here audit-userspace-4.1.2/audisp/plugins/af_unix/audisp-af_unix.c:130:12: branch_false: following ‘false’ branch... audit-userspace-4.1.2/audisp/plugins/af_unix/audisp-af_unix.c:133:22: branch_false: ...to here audit-userspace-4.1.2/audisp/plugins/af_unix/audisp-af_unix.c:138:9: danger: ‘fopen("/run/audit/af_unix.state", "w")’ leaks here; was allocated at [(1)](sarif:/runs/0/results/3/codeFlows/0/threadFlows/0/locations/0) # 136| fprintf(f, "client_connected = %s\n", client ? "yes" : "no"); # 137| fprintf(f, "queue_length = %zu\n", q_queue_length(queue)); # 138|-> fprintf(f, "max_queue_length = %zu\n", q_max_queue_length(queue)); # 139| fprintf(f, "queue_size = %zu\n", q_queue_size(queue)); # 140| #ifdef HAVE_MALLINFO2 Error: GCC_ANALYZER_WARNING (CWE-775): [#def5] audit-userspace-4.1.2/audisp/plugins/af_unix/audisp-af_unix.c:139:9: warning[-Wanalyzer-file-leak]: leak of FILE ‘fopen("/run/audit/af_unix.state", "w")’ audit-userspace-4.1.2/audisp/plugins/af_unix/audisp-af_unix.c:128:19: acquire_resource: opened here audit-userspace-4.1.2/audisp/plugins/af_unix/audisp-af_unix.c:130:12: branch_false: following ‘false’ branch... audit-userspace-4.1.2/audisp/plugins/af_unix/audisp-af_unix.c:133:22: branch_false: ...to here audit-userspace-4.1.2/audisp/plugins/af_unix/audisp-af_unix.c:139:9: danger: ‘fopen("/run/audit/af_unix.state", "w")’ leaks here; was opened at [(1)](sarif:/runs/0/results/4/codeFlows/0/threadFlows/0/locations/0) # 137| fprintf(f, "queue_length = %zu\n", q_queue_length(queue)); # 138| fprintf(f, "max_queue_length = %zu\n", q_max_queue_length(queue)); # 139|-> fprintf(f, "queue_size = %zu\n", q_queue_size(queue)); # 140| #ifdef HAVE_MALLINFO2 # 141| write_memory_state(f); Error: GCC_ANALYZER_WARNING (CWE-401): [#def6] audit-userspace-4.1.2/audisp/plugins/af_unix/audisp-af_unix.c:139:9: warning[-Wanalyzer-malloc-leak]: leak of ‘fopen("/run/audit/af_unix.state", "w")’ audit-userspace-4.1.2/audisp/plugins/af_unix/audisp-af_unix.c:128:19: acquire_memory: allocated here audit-userspace-4.1.2/audisp/plugins/af_unix/audisp-af_unix.c:130:12: branch_false: following ‘false’ branch... audit-userspace-4.1.2/audisp/plugins/af_unix/audisp-af_unix.c:133:22: branch_false: ...to here audit-userspace-4.1.2/audisp/plugins/af_unix/audisp-af_unix.c:139:9: danger: ‘fopen("/run/audit/af_unix.state", "w")’ leaks here; was allocated at [(1)](sarif:/runs/0/results/5/codeFlows/0/threadFlows/0/locations/0) # 137| fprintf(f, "queue_length = %zu\n", q_queue_length(queue)); # 138| fprintf(f, "max_queue_length = %zu\n", q_max_queue_length(queue)); # 139|-> fprintf(f, "queue_size = %zu\n", q_queue_size(queue)); # 140| #ifdef HAVE_MALLINFO2 # 141| write_memory_state(f); Error: GCC_ANALYZER_WARNING (CWE-401): [#def7] audit-userspace-4.1.2/audisp/plugins/af_unix/audisp-af_unix.c:446:45: warning[-Wanalyzer-malloc-leak]: leak of ‘buf’ audit-userspace-4.1.2/audisp/plugins/af_unix/audisp-af_unix.c:373:6: enter_function: entry to ‘read_audit_record’ audit-userspace-4.1.2/audisp/plugins/af_unix/audisp-af_unix.c:409:12: branch_true: following ‘true’ branch... audit-userspace-4.1.2/audisp/plugins/af_unix/audisp-af_unix.c:414:23: branch_true: ...to here audit-userspace-4.1.2/audisp/plugins/af_unix/audisp-af_unix.c:414:23: call_function: calling ‘read_binary_record’ from ‘read_audit_record’ audit-userspace-4.1.2/audisp/plugins/af_unix/audisp-af_unix.c:414:23: return_function: returning to ‘read_audit_record’ from ‘read_binary_record’ audit-userspace-4.1.2/audisp/plugins/af_unix/audisp-af_unix.c:415:20: branch_false: following ‘false’ branch... audit-userspace-4.1.2/audisp/plugins/af_unix/audisp-af_unix.c:421:21: branch_false: ...to here audit-userspace-4.1.2/audisp/plugins/af_unix/audisp-af_unix.c:421:20: branch_true: following ‘true’ branch... audit-userspace-4.1.2/audisp/plugins/af_unix/audisp-af_unix.c:422:28: branch_false: following ‘false’ branch... audit-userspace-4.1.2/audisp/plugins/af_unix/audisp-af_unix.c:439:35: branch_false: ...to here audit-userspace-4.1.2/audisp/plugins/af_unix/audisp-af_unix.c:439:35: branch_true: following ‘true’ branch... audit-userspace-4.1.2/audisp/plugins/af_unix/audisp-af_unix.c:440:60: branch_true: ...to here audit-userspace-4.1.2/audisp/plugins/af_unix/audisp-af_unix.c:441:45: acquire_memory: allocated here audit-userspace-4.1.2/audisp/plugins/af_unix/audisp-af_unix.c:442:36: branch_true: following ‘true’ branch (when ‘buf’ is non-NULL)... audit-userspace-4.1.2/audisp/plugins/af_unix/audisp-af_unix.c:443:41: branch_true: ...to here audit-userspace-4.1.2/audisp/plugins/af_unix/audisp-af_unix.c:446:45: danger: ‘buf’ leaks here; was allocated at [(17)](sarif:/runs/0/results/7/codeFlows/0/threadFlows/0/locations/16) # 444| memcpy(buf + sizeof(*hdr), data, # 445| hdr->size); # 446|-> if (q_append(queue, buf, total) != 0) { # 447| if (failed_append < 5) # 448| syslog(LOG_ERR, Error: GCC_ANALYZER_WARNING (CWE-401): [#def8] audit-userspace-4.1.2/audisp/plugins/af_unix/audisp-af_unix.c:448:57: warning[-Wanalyzer-malloc-leak]: leak of ‘buf’ audit-userspace-4.1.2/audisp/plugins/af_unix/audisp-af_unix.c:373:6: enter_function: entry to ‘read_audit_record’ audit-userspace-4.1.2/audisp/plugins/af_unix/audisp-af_unix.c:409:12: branch_true: following ‘true’ branch... audit-userspace-4.1.2/audisp/plugins/af_unix/audisp-af_unix.c:414:23: branch_true: ...to here audit-userspace-4.1.2/audisp/plugins/af_unix/audisp-af_unix.c:414:23: call_function: calling ‘read_binary_record’ from ‘read_audit_record’ audit-userspace-4.1.2/audisp/plugins/af_unix/audisp-af_unix.c:414:23: return_function: returning to ‘read_audit_record’ from ‘read_binary_record’ audit-userspace-4.1.2/audisp/plugins/af_unix/audisp-af_unix.c:415:20: branch_false: following ‘false’ branch... audit-userspace-4.1.2/audisp/plugins/af_unix/audisp-af_unix.c:421:21: branch_false: ...to here audit-userspace-4.1.2/audisp/plugins/af_unix/audisp-af_unix.c:421:20: branch_true: following ‘true’ branch... audit-userspace-4.1.2/audisp/plugins/af_unix/audisp-af_unix.c:422:28: branch_false: following ‘false’ branch... audit-userspace-4.1.2/audisp/plugins/af_unix/audisp-af_unix.c:439:35: branch_false: ...to here audit-userspace-4.1.2/audisp/plugins/af_unix/audisp-af_unix.c:439:35: branch_true: following ‘true’ branch... audit-userspace-4.1.2/audisp/plugins/af_unix/audisp-af_unix.c:440:60: branch_true: ...to here audit-userspace-4.1.2/audisp/plugins/af_unix/audisp-af_unix.c:441:45: acquire_memory: allocated here audit-userspace-4.1.2/audisp/plugins/af_unix/audisp-af_unix.c:442:36: branch_true: following ‘true’ branch (when ‘buf’ is non-NULL)... audit-userspace-4.1.2/audisp/plugins/af_unix/audisp-af_unix.c:443:41: branch_true: ...to here audit-userspace-4.1.2/audisp/plugins/af_unix/audisp-af_unix.c:446:44: branch_true: following ‘true’ branch... audit-userspace-4.1.2/audisp/plugins/af_unix/audisp-af_unix.c:447:53: branch_true: ...to here audit-userspace-4.1.2/audisp/plugins/af_unix/audisp-af_unix.c:447:52: branch_true: following ‘true’ branch... audit-userspace-4.1.2/audisp/plugins/af_unix/audisp-af_unix.c:450:69: branch_true: ...to here audit-userspace-4.1.2/audisp/plugins/af_unix/audisp-af_unix.c:448:57: danger: ‘buf’ leaks here; was allocated at [(17)](sarif:/runs/0/results/8/codeFlows/0/threadFlows/0/locations/16) # 446| if (q_append(queue, buf, total) != 0) { # 447| if (failed_append < 5) # 448|-> syslog(LOG_ERR, # 449| "Dropping event - queue append failed (%s)", # 450| strerror(errno)); Error: GCC_ANALYZER_WARNING (CWE-401): [#def9] audit-userspace-4.1.2/audisp/plugins/af_unix/audisp-af_unix.c:484:61: warning[-Wanalyzer-malloc-leak]: leak of ‘buf’ audit-userspace-4.1.2/audisp/plugins/af_unix/audisp-af_unix.c:409:12: branch_false: following ‘false’ branch... branch_false: ...to here audit-userspace-4.1.2/audisp/plugins/af_unix/audisp-af_unix.c:478:61: acquire_memory: allocated here audit-userspace-4.1.2/audisp/plugins/af_unix/audisp-af_unix.c:484:61: danger: ‘buf’ leaks here; was allocated at [(3)](sarif:/runs/0/results/9/codeFlows/0/threadFlows/0/locations/2) # 482| memcpy(buf+sizeof(hdr), # 483| rx_buf, len); # 484|-> if (q_append(queue, buf, # 485| total) != 0) # 486| syslog(LOG_ERR, Error: GCC_ANALYZER_WARNING (CWE-401): [#def10] audit-userspace-4.1.2/audisp/plugins/af_unix/audisp-af_unix.c:486:65: warning[-Wanalyzer-malloc-leak]: leak of ‘buf’ audit-userspace-4.1.2/audisp/plugins/af_unix/audisp-af_unix.c:409:12: branch_false: following ‘false’ branch... branch_false: ...to here audit-userspace-4.1.2/audisp/plugins/af_unix/audisp-af_unix.c:478:61: acquire_memory: allocated here audit-userspace-4.1.2/audisp/plugins/af_unix/audisp-af_unix.c:486:65: danger: ‘buf’ leaks here; was allocated at [(3)](sarif:/runs/0/results/10/codeFlows/0/threadFlows/0/locations/2) # 484| if (q_append(queue, buf, # 485| total) != 0) # 486|-> syslog(LOG_ERR, # 487| "Queue append failed (%s)", # 488| strerror(errno)); Error: GCC_ANALYZER_WARNING (CWE-401): [#def11] audit-userspace-4.1.2/auparse/test/auparse_extra_test.c:88:14: warning[-Wanalyzer-malloc-leak]: leak of ‘auparse_init(1, "./test.log")’ audit-userspace-4.1.2/auparse/test/auparse_extra_test.c:85:14: acquire_memory: allocated here audit-userspace-4.1.2/auparse/test/auparse_extra_test.c:86:9: branch_true: following ‘true’ branch... audit-userspace-4.1.2/auparse/test/auparse_extra_test.c:88:14: branch_true: ...to here audit-userspace-4.1.2/auparse/test/auparse_extra_test.c:88:14: danger: ‘auparse_init(1, "./test.log")’ leaks here; was allocated at [(1)](sarif:/runs/0/results/4/codeFlows/0/threadFlows/0/locations/0) # 86| assert(au != NULL); # 87| # 88|-> rc = ausearch_add_expression(au, # 89| "\\timestamp == ts:1.999", # 90| &err, AUSEARCH_RULE_CLEAR); Error: GCC_ANALYZER_WARNING (CWE-401): [#def12] audit-userspace-4.1.2/auparse/test/auparse_extra_test.c:120:14: warning[-Wanalyzer-malloc-leak]: leak of ‘id.cwd’ audit-userspace-4.1.2/auparse/test/auparse_extra_test.c:117:18: acquire_memory: allocated here audit-userspace-4.1.2/auparse/test/auparse_extra_test.c:118:21: branch_true: following ‘true’ branch (when ‘i != 9’)... audit-userspace-4.1.2/auparse/test/auparse_extra_test.c:119:17: branch_true: ...to here audit-userspace-4.1.2/auparse/test/auparse_extra_test.c:120:14: danger: ‘id.cwd’ leaks here; was allocated at [(1)](sarif:/runs/0/results/5/codeFlows/0/threadFlows/0/locations/0) # 118| for (i = 0; i < sizeof(fuzz) - 1; i++) # 119| seeds *= 3; # 120|-> au = auparse_init(AUSOURCE_FILE, "/dev/null"); # 121| assert(au != NULL); # 122| for (unsigned s = 0; s < seeds; s++) { Error: GCC_ANALYZER_WARNING (CWE-401): [#def13] audit-userspace-4.1.2/auparse/test/auparse_extra_test.c:128:17: warning[-Wanalyzer-malloc-leak]: leak of ‘auparse_init(1, "/dev/null")’ audit-userspace-4.1.2/auparse/test/auparse_extra_test.c:118:21: branch_true: following ‘true’ branch (when ‘i != 9’)... audit-userspace-4.1.2/auparse/test/auparse_extra_test.c:119:17: branch_true: ...to here audit-userspace-4.1.2/auparse/test/auparse_extra_test.c:120:14: acquire_memory: allocated here audit-userspace-4.1.2/auparse/test/auparse_extra_test.c:121:9: branch_true: following ‘true’ branch... branch_true: ...to here audit-userspace-4.1.2/auparse/test/auparse_extra_test.c:122:30: branch_true: following ‘true’ branch (when ‘seeds > s’)... branch_true: ...to here audit-userspace-4.1.2/auparse/test/auparse_extra_test.c:124:29: branch_true: following ‘true’ branch (when ‘i != 9’)... audit-userspace-4.1.2/auparse/test/auparse_extra_test.c:125:41: branch_true: ...to here audit-userspace-4.1.2/auparse/test/auparse_extra_test.c:128:17: danger: ‘auparse_init(1, "/dev/null")’ leaks here; was allocated at [(3)](sarif:/runs/0/results/6/codeFlows/0/threadFlows/0/locations/2) # 126| # 127| fuzz[sizeof(fuzz) - 1] = '\0'; # 128|-> audit_encode_value(val, fuzz, sizeof(fuzz)); # 129| id.val = val; # 130| out = auparse_do_interpretation(au, AUPARSE_TYPE_ESCAPED_FILE, Error: GCC_ANALYZER_WARNING (CWE-401): [#def14] audit-userspace-4.1.2/auparse/test/auparse_extra_test.c:128:17: warning[-Wanalyzer-malloc-leak]: leak of ‘id.cwd’ audit-userspace-4.1.2/auparse/test/auparse_extra_test.c:117:18: acquire_memory: allocated here audit-userspace-4.1.2/auparse/test/auparse_extra_test.c:118:21: branch_true: following ‘true’ branch (when ‘i != 9’)... audit-userspace-4.1.2/auparse/test/auparse_extra_test.c:119:17: branch_true: ...to here audit-userspace-4.1.2/auparse/test/auparse_extra_test.c:121:9: branch_true: following ‘true’ branch... branch_true: ...to here audit-userspace-4.1.2/auparse/test/auparse_extra_test.c:122:30: branch_true: following ‘true’ branch (when ‘seeds > s’)... branch_true: ...to here audit-userspace-4.1.2/auparse/test/auparse_extra_test.c:124:29: branch_true: following ‘true’ branch (when ‘i != 9’)... audit-userspace-4.1.2/auparse/test/auparse_extra_test.c:125:41: branch_true: ...to here audit-userspace-4.1.2/auparse/test/auparse_extra_test.c:128:17: danger: ‘id.cwd’ leaks here; was allocated at [(1)](sarif:/runs/0/results/7/codeFlows/0/threadFlows/0/locations/0) # 126| # 127| fuzz[sizeof(fuzz) - 1] = '\0'; # 128|-> audit_encode_value(val, fuzz, sizeof(fuzz)); # 129| id.val = val; # 130| out = auparse_do_interpretation(au, AUPARSE_TYPE_ESCAPED_FILE, Error: GCC_ANALYZER_WARNING (CWE-401): [#def15] audit-userspace-4.1.2/auparse/test/auparse_extra_test.c:130:23: warning[-Wanalyzer-malloc-leak]: leak of ‘auparse_init(1, "/dev/null")’ audit-userspace-4.1.2/auparse/test/auparse_extra_test.c:118:21: branch_true: following ‘true’ branch (when ‘i != 9’)... audit-userspace-4.1.2/auparse/test/auparse_extra_test.c:119:17: branch_true: ...to here audit-userspace-4.1.2/auparse/test/auparse_extra_test.c:120:14: acquire_memory: allocated here audit-userspace-4.1.2/auparse/test/auparse_extra_test.c:121:9: branch_true: following ‘true’ branch... branch_true: ...to here audit-userspace-4.1.2/auparse/test/auparse_extra_test.c:122:30: branch_true: following ‘true’ branch (when ‘seeds > s’)... branch_true: ...to here audit-userspace-4.1.2/auparse/test/auparse_extra_test.c:124:29: branch_true: following ‘true’ branch (when ‘i != 9’)... audit-userspace-4.1.2/auparse/test/auparse_extra_test.c:125:41: branch_true: ...to here audit-userspace-4.1.2/auparse/test/auparse_extra_test.c:130:23: danger: ‘auparse_init(1, "/dev/null")’ leaks here; was allocated at [(3)](sarif:/runs/0/results/9/codeFlows/0/threadFlows/0/locations/2) # 128| audit_encode_value(val, fuzz, sizeof(fuzz)); # 129| id.val = val; # 130|-> out = auparse_do_interpretation(au, AUPARSE_TYPE_ESCAPED_FILE, # 131| &id, AUPARSE_ESC_RAW); # 132| assert(out != NULL); Error: GCC_ANALYZER_WARNING (CWE-401): [#def16] audit-userspace-4.1.2/auparse/test/auparse_extra_test.c:130:23: warning[-Wanalyzer-malloc-leak]: leak of ‘id.cwd’ audit-userspace-4.1.2/auparse/test/auparse_extra_test.c:117:18: acquire_memory: allocated here audit-userspace-4.1.2/auparse/test/auparse_extra_test.c:118:21: branch_true: following ‘true’ branch (when ‘i != 9’)... audit-userspace-4.1.2/auparse/test/auparse_extra_test.c:119:17: branch_true: ...to here audit-userspace-4.1.2/auparse/test/auparse_extra_test.c:121:9: branch_true: following ‘true’ branch... branch_true: ...to here audit-userspace-4.1.2/auparse/test/auparse_extra_test.c:122:30: branch_true: following ‘true’ branch (when ‘seeds > s’)... branch_true: ...to here audit-userspace-4.1.2/auparse/test/auparse_extra_test.c:124:29: branch_true: following ‘true’ branch (when ‘i != 9’)... audit-userspace-4.1.2/auparse/test/auparse_extra_test.c:125:41: branch_true: ...to here audit-userspace-4.1.2/auparse/test/auparse_extra_test.c:130:23: danger: ‘id.cwd’ leaks here; was allocated at [(1)](sarif:/runs/0/results/8/codeFlows/0/threadFlows/0/locations/0) # 128| audit_encode_value(val, fuzz, sizeof(fuzz)); # 129| id.val = val; # 130|-> out = auparse_do_interpretation(au, AUPARSE_TYPE_ESCAPED_FILE, # 131| &id, AUPARSE_ESC_RAW); # 132| assert(out != NULL); Error: GCC_ANALYZER_WARNING (CWE-775): [#def17] audit-userspace-4.1.2/common/common.c:81:13: warning[-Wanalyzer-fd-leak]: leak of file descriptor 'open("/dev/console", 1)' audit-userspace-4.1.2/common/common.c:77:19: acquire_resource: opened here audit-userspace-4.1.2/common/common.c:77:12: branch_false: following 'false' branch... audit-userspace-4.1.2/common/common.c:80:9: branch_false: ...to here audit-userspace-4.1.2/common/common.c:81:13: danger: 'open("/dev/console", 1)' leaks here; was opened at [(1)](sarif:/runs/0/results/0/codeFlows/0/threadFlows/0/locations/0) # 79| # 80| va_start(args, fmt); # 81|-> if (vdprintf(fd, fmt, args) < 0) # 82| res = 0; # 83| Error: GCC_ANALYZER_WARNING (CWE-404): [#def18] audit-userspace-4.1.2/common/common.c:81:13: warning[-Wanalyzer-va-list-leak]: missing call to 'va_end' audit-userspace-4.1.2/common/common.c:77:12: branch_false: following 'false' branch... audit-userspace-4.1.2/common/common.c:80:9: branch_false: ...to here audit-userspace-4.1.2/common/common.c:80:9: acquire_resource: 'va_start' called here audit-userspace-4.1.2/common/common.c:81:13: danger: missing call to 'va_end' to match 'va_start' at [(3)](sarif:/runs/0/results/1/codeFlows/0/threadFlows/0/locations/2) # 79| # 80| va_start(args, fmt); # 81|-> if (vdprintf(fd, fmt, args) < 0) # 82| res = 0; # 83| Error: GCC_ANALYZER_WARNING (CWE-401): [#def19] audit-userspace-4.1.2/src/aureport.c:202:13: warning[-Wanalyzer-malloc-leak]: leak of ‘filename’ audit-userspace-4.1.2/src/aureport.c:194:20: acquire_memory: allocated here audit-userspace-4.1.2/src/aureport.c:195:12: branch_false: following ‘false’ branch (when ‘filename’ is non-NULL)... audit-userspace-4.1.2/src/aureport.c:202:13: branch_false: ...to here audit-userspace-4.1.2/src/aureport.c:202:13: danger: ‘filename’ leaks here; was allocated at [(1)](sarif:/runs/0/results/1/codeFlows/0/threadFlows/0/locations/0) # 200| # 201| /* Count the logs */ # 202|-> if (audit_log_list(config.log_file, &logs, &log_cnt)) { # 203| fprintf(stderr, "No memory\n"); # 204| free(filename); Error: GCC_ANALYZER_WARNING (CWE-401): [#def20] audit-userspace-4.1.2/src/aureport.c:218:28: warning[-Wanalyzer-malloc-leak]: leak of ‘filename’ audit-userspace-4.1.2/src/aureport.c:194:20: acquire_memory: allocated here audit-userspace-4.1.2/src/aureport.c:195:12: branch_false: following ‘false’ branch (when ‘filename’ is non-NULL)... audit-userspace-4.1.2/src/aureport.c:202:13: branch_false: ...to here audit-userspace-4.1.2/src/aureport.c:202:12: branch_false: following ‘false’ branch... audit-userspace-4.1.2/src/aureport.c:209:13: branch_false: ...to here audit-userspace-4.1.2/src/aureport.c:209:12: branch_false: following ‘false’ branch... audit-userspace-4.1.2/src/aureport.c:218:28: branch_false: ...to here audit-userspace-4.1.2/src/aureport.c:218:28: danger: ‘filename’ leaks here; was allocated at [(1)](sarif:/runs/0/results/2/codeFlows/0/threadFlows/0/locations/0) # 216| # 217| /* Locate the starting file that is in range */ # 218|-> files_to_process = audit_log_find_start(logs, log_cnt, start_time); # 219| audit_log_free(logs, log_cnt); # 220| Error: GCC_ANALYZER_WARNING (CWE-401): [#def21] audit-userspace-4.1.2/src/aureport.c:219:9: warning[-Wanalyzer-malloc-leak]: leak of ‘filename’ audit-userspace-4.1.2/src/aureport.c:194:20: acquire_memory: allocated here audit-userspace-4.1.2/src/aureport.c:195:12: branch_false: following ‘false’ branch (when ‘filename’ is non-NULL)... audit-userspace-4.1.2/src/aureport.c:202:13: branch_false: ...to here audit-userspace-4.1.2/src/aureport.c:202:12: branch_false: following ‘false’ branch... audit-userspace-4.1.2/src/aureport.c:209:13: branch_false: ...to here audit-userspace-4.1.2/src/aureport.c:209:12: branch_false: following ‘false’ branch... audit-userspace-4.1.2/src/aureport.c:218:28: branch_false: ...to here audit-userspace-4.1.2/src/aureport.c:219:9: danger: ‘filename’ leaks here; was allocated at [(1)](sarif:/runs/0/results/3/codeFlows/0/threadFlows/0/locations/0) # 217| /* Locate the starting file that is in range */ # 218| files_to_process = audit_log_find_start(logs, log_cnt, start_time); # 219|-> audit_log_free(logs, log_cnt); # 220| # 221| /* Got it, now process logs from last to first */ Error: GCC_ANALYZER_WARNING (CWE-401): [#def22] audit-userspace-4.1.2/src/ausearch-parse.c:2903:20: warning[-Wanalyzer-malloc-leak]: leak of ‘<unknown>’ audit-userspace-4.1.2/src/ausearch-parse.c:2879:5: enter_function: entry to ‘audit_log_list’ audit-userspace-4.1.2/src/ausearch-parse.c:2889:12: branch_false: following ‘false’ branch (when ‘filename’ is non-NULL)... audit-userspace-4.1.2/src/ausearch-parse.c:2892:9: branch_false: ...to here audit-userspace-4.1.2/src/ausearch-parse.c:2898:20: branch_false: following ‘false’ branch... audit-userspace-4.1.2/src/ausearch-parse.c:2900:21: branch_false: ...to here audit-userspace-4.1.2/src/ausearch-parse.c:2900:21: call_function: calling ‘read_first_ts’ from ‘audit_log_list’ audit-userspace-4.1.2/src/ausearch-parse.c:2900:21: return_function: returning to ‘audit_log_list’ from ‘read_first_ts’ audit-userspace-4.1.2/src/ausearch-parse.c:2900:20: branch_false: following ‘false’ branch... audit-userspace-4.1.2/src/ausearch-parse.c:2902:37: branch_false: ...to here audit-userspace-4.1.2/src/ausearch-parse.c:2903:20: branch_false: following ‘false’ branch (when ‘tmp’ is non-NULL)... audit-userspace-4.1.2/src/ausearch-parse.c:2909:21: branch_false: ...to here audit-userspace-4.1.2/src/ausearch-parse.c:2909:34: acquire_memory: allocated here audit-userspace-4.1.2/src/ausearch-parse.c:2910:20: branch_false: following ‘false’ branch... audit-userspace-4.1.2/src/ausearch-parse.c:2915:17: branch_false: ...to here audit-userspace-4.1.2/src/ausearch-parse.c:2898:20: branch_false: following ‘false’ branch... audit-userspace-4.1.2/src/ausearch-parse.c:2900:21: branch_false: ...to here audit-userspace-4.1.2/src/ausearch-parse.c:2900:21: call_function: calling ‘read_first_ts’ from ‘audit_log_list’ audit-userspace-4.1.2/src/ausearch-parse.c:2900:21: return_function: returning to ‘audit_log_list’ from ‘read_first_ts’ audit-userspace-4.1.2/src/ausearch-parse.c:2900:20: branch_true: following ‘true’ branch... audit-userspace-4.1.2/src/ausearch-parse.c:2901:25: branch_true: ...to here audit-userspace-4.1.2/src/ausearch-parse.c:2903:20: danger: ‘<unknown>’ leaks here; was allocated at [(23)](sarif:/runs/0/results/21/codeFlows/0/threadFlows/0/locations/22) # 2901| sec = 0; # 2902| tmp = realloc(list, (num + 1) * sizeof(*list)); # 2903|-> if (tmp == NULL) { # 2904| free(filename); # 2905| audit_log_free(list, num); Error: GCC_ANALYZER_WARNING (CWE-401): [#def23] audit-userspace-4.1.2/src/ausearch.c:325:21: warning[-Wanalyzer-malloc-leak]: leak of ‘filename’ audit-userspace-4.1.2/src/ausearch.c:257:20: acquire_memory: allocated here audit-userspace-4.1.2/src/ausearch.c:258:12: branch_false: following ‘false’ branch (when ‘filename’ is non-NULL)... audit-userspace-4.1.2/src/ausearch.c:268:13: branch_false: ...to here audit-userspace-4.1.2/src/ausearch.c:325:21: danger: ‘filename’ leaks here; was allocated at [(1)](sarif:/runs/0/results/1/codeFlows/0/threadFlows/0/locations/0) # 323| # 324| /* Count logs */ # 325|-> if (audit_log_list(config.log_file, &logs, &log_cnt)) { # 326| fprintf(stderr, "No memory\n"); # 327| free(filename); Error: GCC_ANALYZER_WARNING (CWE-401): [#def24] audit-userspace-4.1.2/src/ausearch.c:342:36: warning[-Wanalyzer-malloc-leak]: leak of ‘filename’ audit-userspace-4.1.2/src/ausearch.c:257:20: acquire_memory: allocated here audit-userspace-4.1.2/src/ausearch.c:258:12: branch_false: following ‘false’ branch (when ‘filename’ is non-NULL)... audit-userspace-4.1.2/src/ausearch.c:268:13: branch_false: ...to here audit-userspace-4.1.2/src/ausearch.c:325:20: branch_false: following ‘false’ branch... audit-userspace-4.1.2/src/ausearch.c:332:21: branch_false: ...to here audit-userspace-4.1.2/src/ausearch.c:332:20: branch_false: following ‘false’ branch... audit-userspace-4.1.2/src/ausearch.c:342:36: branch_false: ...to here audit-userspace-4.1.2/src/ausearch.c:342:36: danger: ‘filename’ leaks here; was allocated at [(1)](sarif:/runs/0/results/2/codeFlows/0/threadFlows/0/locations/0) # 340| # 341| /* Locate the starting file that's in range */ # 342|-> files_to_process = audit_log_find_start(logs, log_cnt, # 343| start_time); # 344| audit_log_free(logs, log_cnt); Error: GCC_ANALYZER_WARNING (CWE-401): [#def25] audit-userspace-4.1.2/src/ausearch.c:344:17: warning[-Wanalyzer-malloc-leak]: leak of ‘filename’ audit-userspace-4.1.2/src/ausearch.c:257:20: acquire_memory: allocated here audit-userspace-4.1.2/src/ausearch.c:258:12: branch_false: following ‘false’ branch (when ‘filename’ is non-NULL)... audit-userspace-4.1.2/src/ausearch.c:268:13: branch_false: ...to here audit-userspace-4.1.2/src/ausearch.c:325:20: branch_false: following ‘false’ branch... audit-userspace-4.1.2/src/ausearch.c:332:21: branch_false: ...to here audit-userspace-4.1.2/src/ausearch.c:332:20: branch_false: following ‘false’ branch... audit-userspace-4.1.2/src/ausearch.c:342:36: branch_false: ...to here audit-userspace-4.1.2/src/ausearch.c:344:17: danger: ‘filename’ leaks here; was allocated at [(1)](sarif:/runs/0/results/3/codeFlows/0/threadFlows/0/locations/0) # 342| files_to_process = audit_log_find_start(logs, log_cnt, # 343| start_time); # 344|-> audit_log_free(logs, log_cnt); # 345| } # 346|
| analyzer-version-clippy | 1.90.0 |
| analyzer-version-cppcheck | 2.18.3 |
| analyzer-version-gcc | 15.2.1 |
| analyzer-version-gcc-analyzer | 16.0.0 |
| analyzer-version-shellcheck | 0.11.0 |
| analyzer-version-unicontrol | 0.0.2 |
| diffbase-analyzer-version-clippy | 1.90.0 |
| diffbase-analyzer-version-cppcheck | 2.18.3 |
| diffbase-analyzer-version-gcc | 15.2.1 |
| diffbase-analyzer-version-gcc-analyzer | 16.0.0 |
| diffbase-analyzer-version-shellcheck | 0.11.0 |
| diffbase-analyzer-version-unicontrol | 0.0.2 |
| diffbase-enabled-plugins | clippy, cppcheck, gcc, shellcheck, unicontrol |
| diffbase-exit-code | 0 |
| diffbase-host | ip-172-16-1-222.us-west-2.compute.internal |
| diffbase-known-false-positives | /usr/share/csmock/known-false-positives.js |
| diffbase-known-false-positives-rpm | known-false-positives-0.0.0.20250521.132812.g8eff701.main-1.el9.noarch |
| diffbase-mock-config | fedora-rawhide-gcc-latest-x86_64 |
| diffbase-project-name | audit-4.1.1-2.fc43 |
| diffbase-store-results-to | /tmp/tmpj9ead0eh/audit-4.1.1-2.fc43.tar.xz |
| diffbase-time-created | 2025-10-28 17:28:09 |
| diffbase-time-finished | 2025-10-28 17:31:33 |
| diffbase-tool | csmock |
| diffbase-tool-args | '/usr/bin/csmock' '-r' 'fedora-rawhide-gcc-latest-x86_64' '-t' 'gcc,cppcheck,shellcheck,clippy,unicontrol' '-o' '/tmp/tmpj9ead0eh/audit-4.1.1-2.fc43.tar.xz' '--gcc-analyze' '--unicontrol-notests' '--unicontrol-bidi-only' '--install' 'pam' '--install=gcc-latest' '--gcc-analyzer-bin=/opt/gcc-latest/bin/gcc' '/tmp/tmpj9ead0eh/audit-4.1.1-2.fc43.src.rpm' |
| diffbase-tool-version | csmock-3.8.3.20251027.143044.ge6b947b-1.el9 |
| enabled-plugins | clippy, cppcheck, gcc, shellcheck, unicontrol |
| exit-code | 0 |
| host | ip-172-16-1-222.us-west-2.compute.internal |
| known-false-positives | /usr/share/csmock/known-false-positives.js |
| known-false-positives-rpm | known-false-positives-0.0.0.20250521.132812.g8eff701.main-1.el9.noarch |
| mock-config | fedora-rawhide-gcc-latest-x86_64 |
| project-name | audit-4.1.2-2.fc44 |
| store-results-to | /tmp/tmpcf8nh50b/audit-4.1.2-2.fc44.tar.xz |
| time-created | 2025-10-28 17:31:55 |
| time-finished | 2025-10-28 17:34:53 |
| title | Newly introduced findings |
| tool | csmock |
| tool-args | '/usr/bin/csmock' '-r' 'fedora-rawhide-gcc-latest-x86_64' '-t' 'gcc,cppcheck,shellcheck,clippy,unicontrol' '-o' '/tmp/tmpcf8nh50b/audit-4.1.2-2.fc44.tar.xz' '--gcc-analyze' '--unicontrol-notests' '--unicontrol-bidi-only' '--install' 'pam' '--install=gcc-latest' '--gcc-analyzer-bin=/opt/gcc-latest/bin/gcc' '/tmp/tmpcf8nh50b/audit-4.1.2-2.fc44.src.rpm' |
| tool-version | csmock-3.8.3.20251027.143044.ge6b947b-1.el9 |