audit-4.1.2-2.fc44

List of Findings

Error: GCC_ANALYZER_WARNING (CWE-775): [#def1]
audit-userspace-4.1.2/audisp/audispd-pconfig.c:197:9: warning[-Wanalyzer-fd-leak]: leak of file descriptor 'open(&fname, 0)'
audit-userspace-4.1.2/audisp/audispd-pconfig.c:143:12: branch_false: following 'false' branch...
audit-userspace-4.1.2/audisp/audispd-pconfig.c:158:13: branch_false: ...to here
audit-userspace-4.1.2/audisp/audispd-pconfig.c:158:12: branch_false: following 'false' branch...
audit-userspace-4.1.2/audisp/audispd-pconfig.c:164:13: branch_false: ...to here
audit-userspace-4.1.2/audisp/audispd-pconfig.c:164:12: branch_false: following 'false' branch...
audit-userspace-4.1.2/audisp/audispd-pconfig.c:170:14: branch_false: ...to here
audit-userspace-4.1.2/audisp/audispd-pconfig.c:170:12: branch_false: following 'false' branch...
audit-userspace-4.1.2/audisp/audispd-pconfig.c:177:14: branch_false: ...to here
audit-userspace-4.1.2/audisp/audispd-pconfig.c:177:12: branch_false: following 'false' branch...
audit-userspace-4.1.2/audisp/audispd-pconfig.c:186:9: branch_false: ...to here
audit-userspace-4.1.2/audisp/audispd-pconfig.c:188:14: acquire_resource: opened here
audit-userspace-4.1.2/audisp/audispd-pconfig.c:190:12: branch_false: following 'false' branch...
audit-userspace-4.1.2/audisp/audispd-pconfig.c:197:9: branch_false: ...to here
audit-userspace-4.1.2/audisp/audispd-pconfig.c:197:9: danger: 'open(&fname, 0)' leaks here; was opened at [(11)](sarif:/runs/0/results/0/codeFlows/0/threadFlows/0/locations/10)
#  195|   	}
#  196|   
#  197|-> 	close(fd);
#  198|   	fd = rc;
#  199|   

Error: GCC_ANALYZER_WARNING (CWE-401): [#def2]
audit-userspace-4.1.2/audisp/audispd-pconfig.c:218:33: warning[-Wanalyzer-malloc-leak]: leak of 'f'
audit-userspace-4.1.2/audisp/audispd-pconfig.c:130:5: enter_function: entry to 'load_pconfig'
audit-userspace-4.1.2/audisp/audispd-pconfig.c:143:12: branch_false: following 'false' branch...
audit-userspace-4.1.2/audisp/audispd-pconfig.c:158:13: branch_false: ...to here
audit-userspace-4.1.2/audisp/audispd-pconfig.c:158:12: branch_false: following 'false' branch...
audit-userspace-4.1.2/audisp/audispd-pconfig.c:164:13: branch_false: ...to here
audit-userspace-4.1.2/audisp/audispd-pconfig.c:164:12: branch_false: following 'false' branch...
audit-userspace-4.1.2/audisp/audispd-pconfig.c:170:14: branch_false: ...to here
audit-userspace-4.1.2/audisp/audispd-pconfig.c:170:12: branch_false: following 'false' branch...
audit-userspace-4.1.2/audisp/audispd-pconfig.c:177:14: branch_false: ...to here
audit-userspace-4.1.2/audisp/audispd-pconfig.c:177:12: branch_false: following 'false' branch...
audit-userspace-4.1.2/audisp/audispd-pconfig.c:186:9: branch_false: ...to here
audit-userspace-4.1.2/audisp/audispd-pconfig.c:190:12: branch_false: following 'false' branch...
audit-userspace-4.1.2/audisp/audispd-pconfig.c:197:9: branch_false: ...to here
audit-userspace-4.1.2/audisp/audispd-pconfig.c:201:13: acquire_memory: allocated here
audit-userspace-4.1.2/audisp/audispd-pconfig.c:202:12: branch_false: following 'false' branch (when 'f' is non-NULL)...
 branch_false: ...to here
audit-userspace-4.1.2/audisp/audispd-pconfig.c:209:16: call_function: calling 'get_line' from 'load_pconfig'
audit-userspace-4.1.2/audisp/audispd-pconfig.c:209:16: return_function: returning to 'load_pconfig' from 'get_line'
audit-userspace-4.1.2/audisp/audispd-pconfig.c:209:16: branch_true: following 'true' branch...
audit-userspace-4.1.2/audisp/audispd-pconfig.c:213:22: branch_true: ...to here
audit-userspace-4.1.2/audisp/audispd-pconfig.c:213:22: call_function: calling 'nv_split' from 'load_pconfig'
audit-userspace-4.1.2/audisp/audispd-pconfig.c:213:22: return_function: returning to 'load_pconfig' from 'nv_split'
audit-userspace-4.1.2/audisp/audispd-pconfig.c:218:33: danger: 'f' leaks here; was allocated at [(14)](sarif:/runs/0/results/1/codeFlows/0/threadFlows/0/locations/13)
#  216|   				break;
#  217|   			case 1: // not the right number of tokens.
#  218|-> 				audit_msg(LOG_ERR,
#  219|   				"Wrong number of arguments for line %d in %s",
#  220|   					lineno, file);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def3]
audit-userspace-4.1.2/audisp/audispd-pconfig.c:223:33: warning[-Wanalyzer-malloc-leak]: leak of 'f'
audit-userspace-4.1.2/audisp/audispd-pconfig.c:130:5: enter_function: entry to 'load_pconfig'
audit-userspace-4.1.2/audisp/audispd-pconfig.c:143:12: branch_false: following 'false' branch...
audit-userspace-4.1.2/audisp/audispd-pconfig.c:158:13: branch_false: ...to here
audit-userspace-4.1.2/audisp/audispd-pconfig.c:158:12: branch_false: following 'false' branch...
audit-userspace-4.1.2/audisp/audispd-pconfig.c:164:13: branch_false: ...to here
audit-userspace-4.1.2/audisp/audispd-pconfig.c:164:12: branch_false: following 'false' branch...
audit-userspace-4.1.2/audisp/audispd-pconfig.c:170:14: branch_false: ...to here
audit-userspace-4.1.2/audisp/audispd-pconfig.c:170:12: branch_false: following 'false' branch...
audit-userspace-4.1.2/audisp/audispd-pconfig.c:177:14: branch_false: ...to here
audit-userspace-4.1.2/audisp/audispd-pconfig.c:177:12: branch_false: following 'false' branch...
audit-userspace-4.1.2/audisp/audispd-pconfig.c:186:9: branch_false: ...to here
audit-userspace-4.1.2/audisp/audispd-pconfig.c:190:12: branch_false: following 'false' branch...
audit-userspace-4.1.2/audisp/audispd-pconfig.c:197:9: branch_false: ...to here
audit-userspace-4.1.2/audisp/audispd-pconfig.c:201:13: acquire_memory: allocated here
audit-userspace-4.1.2/audisp/audispd-pconfig.c:202:12: branch_false: following 'false' branch (when 'f' is non-NULL)...
 branch_false: ...to here
audit-userspace-4.1.2/audisp/audispd-pconfig.c:209:16: call_function: calling 'get_line' from 'load_pconfig'
audit-userspace-4.1.2/audisp/audispd-pconfig.c:209:16: return_function: returning to 'load_pconfig' from 'get_line'
audit-userspace-4.1.2/audisp/audispd-pconfig.c:209:16: branch_true: following 'true' branch...
audit-userspace-4.1.2/audisp/audispd-pconfig.c:213:22: branch_true: ...to here
audit-userspace-4.1.2/audisp/audispd-pconfig.c:213:22: call_function: calling 'nv_split' from 'load_pconfig'
audit-userspace-4.1.2/audisp/audispd-pconfig.c:213:22: return_function: returning to 'load_pconfig' from 'nv_split'
audit-userspace-4.1.2/audisp/audispd-pconfig.c:223:33: danger: 'f' leaks here; was allocated at [(14)](sarif:/runs/0/results/2/codeFlows/0/threadFlows/0/locations/13)
#  221|   				break;
#  222|   			case 2: // no '=' sign
#  223|-> 				audit_msg(LOG_ERR,
#  224|   					"Missing equal sign for line %d in %s",
#  225|   					lineno, file);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def4]
audit-userspace-4.1.2/audisp/audispd-pconfig.c:239:32: warning[-Wanalyzer-malloc-leak]: leak of 'nv.values'
audit-userspace-4.1.2/audisp/audispd-pconfig.c:130:5: enter_function: entry to 'load_pconfig'
audit-userspace-4.1.2/audisp/audispd-pconfig.c:143:12: branch_false: following 'false' branch...
audit-userspace-4.1.2/audisp/audispd-pconfig.c:158:13: branch_false: ...to here
audit-userspace-4.1.2/audisp/audispd-pconfig.c:158:12: branch_false: following 'false' branch...
audit-userspace-4.1.2/audisp/audispd-pconfig.c:164:13: branch_false: ...to here
audit-userspace-4.1.2/audisp/audispd-pconfig.c:164:12: branch_false: following 'false' branch...
audit-userspace-4.1.2/audisp/audispd-pconfig.c:170:14: branch_false: ...to here
audit-userspace-4.1.2/audisp/audispd-pconfig.c:170:12: branch_false: following 'false' branch...
audit-userspace-4.1.2/audisp/audispd-pconfig.c:177:14: branch_false: ...to here
audit-userspace-4.1.2/audisp/audispd-pconfig.c:177:12: branch_false: following 'false' branch...
audit-userspace-4.1.2/audisp/audispd-pconfig.c:186:9: branch_false: ...to here
audit-userspace-4.1.2/audisp/audispd-pconfig.c:190:12: branch_false: following 'false' branch...
audit-userspace-4.1.2/audisp/audispd-pconfig.c:197:9: branch_false: ...to here
audit-userspace-4.1.2/audisp/audispd-pconfig.c:202:12: branch_false: following 'false' branch (when 'f' is non-NULL)...
 branch_false: ...to here
audit-userspace-4.1.2/audisp/audispd-pconfig.c:209:16: call_function: calling 'get_line' from 'load_pconfig'
audit-userspace-4.1.2/audisp/audispd-pconfig.c:209:16: return_function: returning to 'load_pconfig' from 'get_line'
audit-userspace-4.1.2/audisp/audispd-pconfig.c:209:16: branch_true: following 'true' branch...
audit-userspace-4.1.2/audisp/audispd-pconfig.c:213:22: branch_true: ...to here
audit-userspace-4.1.2/audisp/audispd-pconfig.c:213:22: call_function: calling 'nv_split' from 'load_pconfig'
audit-userspace-4.1.2/audisp/audispd-pconfig.c:213:22: return_function: returning to 'load_pconfig' from 'nv_split'
audit-userspace-4.1.2/audisp/audispd-pconfig.c:233:20: branch_false: following 'false' branch...
audit-userspace-4.1.2/audisp/audispd-pconfig.c:237:21: branch_false: ...to here
audit-userspace-4.1.2/audisp/audispd-pconfig.c:237:20: branch_false: following 'false' branch...
audit-userspace-4.1.2/audisp/audispd-pconfig.c:243:22: branch_false: ...to here
audit-userspace-4.1.2/audisp/audispd-pconfig.c:243:22: call_function: calling 'kw_lookup' from 'load_pconfig'
audit-userspace-4.1.2/audisp/audispd-pconfig.c:243:22: return_function: returning to 'load_pconfig' from 'kw_lookup'
audit-userspace-4.1.2/audisp/audispd-pconfig.c:239:32: danger: 'nv.values' leaks here; was allocated at [(40)](sarif:/runs/0/results/3/codeFlows/0/threadFlows/0/locations/39)
#  237|   		if (nv.values == NULL) {
#  238|   			fclose(f);
#  239|-> 			return 1;
#  240|   		}
#  241|   

Error: GCC_ANALYZER_WARNING (CWE-401): [#def5]
audit-userspace-4.1.2/audisp/audispd-pconfig.c:245:25: warning[-Wanalyzer-malloc-leak]: leak of 'f'
audit-userspace-4.1.2/audisp/audispd-pconfig.c:130:5: enter_function: entry to 'load_pconfig'
audit-userspace-4.1.2/audisp/audispd-pconfig.c:143:12: branch_false: following 'false' branch...
audit-userspace-4.1.2/audisp/audispd-pconfig.c:158:13: branch_false: ...to here
audit-userspace-4.1.2/audisp/audispd-pconfig.c:158:12: branch_false: following 'false' branch...
audit-userspace-4.1.2/audisp/audispd-pconfig.c:164:13: branch_false: ...to here
audit-userspace-4.1.2/audisp/audispd-pconfig.c:164:12: branch_false: following 'false' branch...
audit-userspace-4.1.2/audisp/audispd-pconfig.c:170:14: branch_false: ...to here
audit-userspace-4.1.2/audisp/audispd-pconfig.c:170:12: branch_false: following 'false' branch...
audit-userspace-4.1.2/audisp/audispd-pconfig.c:177:14: branch_false: ...to here
audit-userspace-4.1.2/audisp/audispd-pconfig.c:177:12: branch_false: following 'false' branch...
audit-userspace-4.1.2/audisp/audispd-pconfig.c:186:9: branch_false: ...to here
audit-userspace-4.1.2/audisp/audispd-pconfig.c:190:12: branch_false: following 'false' branch...
audit-userspace-4.1.2/audisp/audispd-pconfig.c:197:9: branch_false: ...to here
audit-userspace-4.1.2/audisp/audispd-pconfig.c:201:13: acquire_memory: allocated here
audit-userspace-4.1.2/audisp/audispd-pconfig.c:202:12: branch_false: following 'false' branch (when 'f' is non-NULL)...
 branch_false: ...to here
audit-userspace-4.1.2/audisp/audispd-pconfig.c:209:16: call_function: calling 'get_line' from 'load_pconfig'
audit-userspace-4.1.2/audisp/audispd-pconfig.c:209:16: return_function: returning to 'load_pconfig' from 'get_line'
audit-userspace-4.1.2/audisp/audispd-pconfig.c:209:16: branch_true: following 'true' branch...
audit-userspace-4.1.2/audisp/audispd-pconfig.c:213:22: branch_true: ...to here
audit-userspace-4.1.2/audisp/audispd-pconfig.c:213:22: call_function: calling 'nv_split' from 'load_pconfig'
audit-userspace-4.1.2/audisp/audispd-pconfig.c:213:22: return_function: returning to 'load_pconfig' from 'nv_split'
audit-userspace-4.1.2/audisp/audispd-pconfig.c:233:20: branch_false: following 'false' branch...
audit-userspace-4.1.2/audisp/audispd-pconfig.c:237:21: branch_false: ...to here
audit-userspace-4.1.2/audisp/audispd-pconfig.c:237:20: branch_false: following 'false' branch...
audit-userspace-4.1.2/audisp/audispd-pconfig.c:243:22: branch_false: ...to here
audit-userspace-4.1.2/audisp/audispd-pconfig.c:243:22: call_function: calling 'kw_lookup' from 'load_pconfig'
audit-userspace-4.1.2/audisp/audispd-pconfig.c:243:22: return_function: returning to 'load_pconfig' from 'kw_lookup'
audit-userspace-4.1.2/audisp/audispd-pconfig.c:244:20: branch_true: following 'true' branch...
audit-userspace-4.1.2/audisp/audispd-pconfig.c:245:25: branch_true: ...to here
audit-userspace-4.1.2/audisp/audispd-pconfig.c:245:25: danger: 'f' leaks here; was allocated at [(14)](sarif:/runs/0/results/4/codeFlows/0/threadFlows/0/locations/13)
#  243|   		kw = kw_lookup(nv.name);
#  244|   		if (kw->name == NULL) {
#  245|-> 			audit_msg(LOG_ERR,
#  246|   				"Unknown keyword \"%s\" in line %d of %s",
#  247|   				nv.name, lineno, file);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def6]
audit-userspace-4.1.2/audisp/audispd-pconfig.c:245:25: warning[-Wanalyzer-malloc-leak]: leak of 'nv.values'
audit-userspace-4.1.2/audisp/audispd-pconfig.c:130:5: enter_function: entry to 'load_pconfig'
audit-userspace-4.1.2/audisp/audispd-pconfig.c:143:12: branch_false: following 'false' branch...
audit-userspace-4.1.2/audisp/audispd-pconfig.c:158:13: branch_false: ...to here
audit-userspace-4.1.2/audisp/audispd-pconfig.c:158:12: branch_false: following 'false' branch...
audit-userspace-4.1.2/audisp/audispd-pconfig.c:164:13: branch_false: ...to here
audit-userspace-4.1.2/audisp/audispd-pconfig.c:164:12: branch_false: following 'false' branch...
audit-userspace-4.1.2/audisp/audispd-pconfig.c:170:14: branch_false: ...to here
audit-userspace-4.1.2/audisp/audispd-pconfig.c:170:12: branch_false: following 'false' branch...
audit-userspace-4.1.2/audisp/audispd-pconfig.c:177:14: branch_false: ...to here
audit-userspace-4.1.2/audisp/audispd-pconfig.c:177:12: branch_false: following 'false' branch...
audit-userspace-4.1.2/audisp/audispd-pconfig.c:186:9: branch_false: ...to here
audit-userspace-4.1.2/audisp/audispd-pconfig.c:190:12: branch_false: following 'false' branch...
audit-userspace-4.1.2/audisp/audispd-pconfig.c:197:9: branch_false: ...to here
audit-userspace-4.1.2/audisp/audispd-pconfig.c:202:12: branch_false: following 'false' branch (when 'f' is non-NULL)...
 branch_false: ...to here
audit-userspace-4.1.2/audisp/audispd-pconfig.c:209:16: call_function: calling 'get_line' from 'load_pconfig'
audit-userspace-4.1.2/audisp/audispd-pconfig.c:209:16: return_function: returning to 'load_pconfig' from 'get_line'
audit-userspace-4.1.2/audisp/audispd-pconfig.c:209:16: branch_true: following 'true' branch...
audit-userspace-4.1.2/audisp/audispd-pconfig.c:213:22: branch_true: ...to here
audit-userspace-4.1.2/audisp/audispd-pconfig.c:213:22: call_function: calling 'nv_split' from 'load_pconfig'
audit-userspace-4.1.2/audisp/audispd-pconfig.c:213:22: return_function: returning to 'load_pconfig' from 'nv_split'
audit-userspace-4.1.2/audisp/audispd-pconfig.c:233:20: branch_false: following 'false' branch...
audit-userspace-4.1.2/audisp/audispd-pconfig.c:237:21: branch_false: ...to here
audit-userspace-4.1.2/audisp/audispd-pconfig.c:237:20: branch_false: following 'false' branch...
audit-userspace-4.1.2/audisp/audispd-pconfig.c:243:22: branch_false: ...to here
audit-userspace-4.1.2/audisp/audispd-pconfig.c:243:22: call_function: calling 'kw_lookup' from 'load_pconfig'
audit-userspace-4.1.2/audisp/audispd-pconfig.c:243:22: return_function: returning to 'load_pconfig' from 'kw_lookup'
audit-userspace-4.1.2/audisp/audispd-pconfig.c:244:20: branch_true: following 'true' branch...
audit-userspace-4.1.2/audisp/audispd-pconfig.c:245:25: branch_true: ...to here
audit-userspace-4.1.2/audisp/audispd-pconfig.c:245:25: danger: 'nv.values' leaks here; was allocated at [(40)](sarif:/runs/0/results/5/codeFlows/0/threadFlows/0/locations/39)
#  243|   		kw = kw_lookup(nv.name);
#  244|   		if (kw->name == NULL) {
#  245|-> 			audit_msg(LOG_ERR,
#  246|   				"Unknown keyword \"%s\" in line %d of %s",
#  247|   				nv.name, lineno, file);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def7]
audit-userspace-4.1.2/audisp/audispd-pconfig.c:257:25: warning[-Wanalyzer-malloc-leak]: leak of 'f'
audit-userspace-4.1.2/audisp/audispd-pconfig.c:130:5: enter_function: entry to 'load_pconfig'
audit-userspace-4.1.2/audisp/audispd-pconfig.c:143:12: branch_false: following 'false' branch...
audit-userspace-4.1.2/audisp/audispd-pconfig.c:158:13: branch_false: ...to here
audit-userspace-4.1.2/audisp/audispd-pconfig.c:158:12: branch_false: following 'false' branch...
audit-userspace-4.1.2/audisp/audispd-pconfig.c:164:13: branch_false: ...to here
audit-userspace-4.1.2/audisp/audispd-pconfig.c:164:12: branch_false: following 'false' branch...
audit-userspace-4.1.2/audisp/audispd-pconfig.c:170:14: branch_false: ...to here
audit-userspace-4.1.2/audisp/audispd-pconfig.c:170:12: branch_false: following 'false' branch...
audit-userspace-4.1.2/audisp/audispd-pconfig.c:177:14: branch_false: ...to here
audit-userspace-4.1.2/audisp/audispd-pconfig.c:177:12: branch_false: following 'false' branch...
audit-userspace-4.1.2/audisp/audispd-pconfig.c:186:9: branch_false: ...to here
audit-userspace-4.1.2/audisp/audispd-pconfig.c:190:12: branch_false: following 'false' branch...
audit-userspace-4.1.2/audisp/audispd-pconfig.c:197:9: branch_false: ...to here
audit-userspace-4.1.2/audisp/audispd-pconfig.c:201:13: acquire_memory: allocated here
audit-userspace-4.1.2/audisp/audispd-pconfig.c:202:12: branch_false: following 'false' branch (when 'f' is non-NULL)...
 branch_false: ...to here
audit-userspace-4.1.2/audisp/audispd-pconfig.c:209:16: call_function: calling 'get_line' from 'load_pconfig'
audit-userspace-4.1.2/audisp/audispd-pconfig.c:209:16: return_function: returning to 'load_pconfig' from 'get_line'
audit-userspace-4.1.2/audisp/audispd-pconfig.c:209:16: branch_true: following 'true' branch...
audit-userspace-4.1.2/audisp/audispd-pconfig.c:213:22: branch_true: ...to here
audit-userspace-4.1.2/audisp/audispd-pconfig.c:213:22: call_function: calling 'nv_split' from 'load_pconfig'
audit-userspace-4.1.2/audisp/audispd-pconfig.c:213:22: return_function: returning to 'load_pconfig' from 'nv_split'
audit-userspace-4.1.2/audisp/audispd-pconfig.c:233:20: branch_false: following 'false' branch...
audit-userspace-4.1.2/audisp/audispd-pconfig.c:237:21: branch_false: ...to here
audit-userspace-4.1.2/audisp/audispd-pconfig.c:237:20: branch_false: following 'false' branch...
audit-userspace-4.1.2/audisp/audispd-pconfig.c:243:22: branch_false: ...to here
audit-userspace-4.1.2/audisp/audispd-pconfig.c:243:22: call_function: calling 'kw_lookup' from 'load_pconfig'
audit-userspace-4.1.2/audisp/audispd-pconfig.c:243:22: return_function: returning to 'load_pconfig' from 'kw_lookup'
audit-userspace-4.1.2/audisp/audispd-pconfig.c:244:20: branch_false: following 'false' branch...
audit-userspace-4.1.2/audisp/audispd-pconfig.c:255:38: branch_false: ...to here
audit-userspace-4.1.2/audisp/audispd-pconfig.c:256:20: branch_true: following 'true' branch...
audit-userspace-4.1.2/audisp/audispd-pconfig.c:257:25: danger: 'f' leaks here; was allocated at [(14)](sarif:/runs/0/results/6/codeFlows/0/threadFlows/0/locations/13)
#  255|   		const int noptions = nv.nvalues - 1;
#  256|   		if (kw->max_options != -1 && kw->max_options < noptions) {
#  257|-> 			audit_msg(LOG_ERR,
#  258|   				"Keyword \"%s\" has invalid options "
#  259|   				"in line %d of %s",

Error: GCC_ANALYZER_WARNING (CWE-401): [#def8]
audit-userspace-4.1.2/audisp/audispd-pconfig.c:257:25: warning[-Wanalyzer-malloc-leak]: leak of 'nv.values'
audit-userspace-4.1.2/audisp/audispd-pconfig.c:130:5: enter_function: entry to 'load_pconfig'
audit-userspace-4.1.2/audisp/audispd-pconfig.c:143:12: branch_false: following 'false' branch...
audit-userspace-4.1.2/audisp/audispd-pconfig.c:158:13: branch_false: ...to here
audit-userspace-4.1.2/audisp/audispd-pconfig.c:158:12: branch_false: following 'false' branch...
audit-userspace-4.1.2/audisp/audispd-pconfig.c:164:13: branch_false: ...to here
audit-userspace-4.1.2/audisp/audispd-pconfig.c:164:12: branch_false: following 'false' branch...
audit-userspace-4.1.2/audisp/audispd-pconfig.c:170:14: branch_false: ...to here
audit-userspace-4.1.2/audisp/audispd-pconfig.c:170:12: branch_false: following 'false' branch...
audit-userspace-4.1.2/audisp/audispd-pconfig.c:177:14: branch_false: ...to here
audit-userspace-4.1.2/audisp/audispd-pconfig.c:177:12: branch_false: following 'false' branch...
audit-userspace-4.1.2/audisp/audispd-pconfig.c:186:9: branch_false: ...to here
audit-userspace-4.1.2/audisp/audispd-pconfig.c:190:12: branch_false: following 'false' branch...
audit-userspace-4.1.2/audisp/audispd-pconfig.c:197:9: branch_false: ...to here
audit-userspace-4.1.2/audisp/audispd-pconfig.c:202:12: branch_false: following 'false' branch (when 'f' is non-NULL)...
 branch_false: ...to here
audit-userspace-4.1.2/audisp/audispd-pconfig.c:209:16: call_function: calling 'get_line' from 'load_pconfig'
audit-userspace-4.1.2/audisp/audispd-pconfig.c:209:16: return_function: returning to 'load_pconfig' from 'get_line'
audit-userspace-4.1.2/audisp/audispd-pconfig.c:209:16: branch_true: following 'true' branch...
audit-userspace-4.1.2/audisp/audispd-pconfig.c:213:22: branch_true: ...to here
audit-userspace-4.1.2/audisp/audispd-pconfig.c:213:22: call_function: calling 'nv_split' from 'load_pconfig'
audit-userspace-4.1.2/audisp/audispd-pconfig.c:213:22: return_function: returning to 'load_pconfig' from 'nv_split'
audit-userspace-4.1.2/audisp/audispd-pconfig.c:233:20: branch_false: following 'false' branch...
audit-userspace-4.1.2/audisp/audispd-pconfig.c:237:21: branch_false: ...to here
audit-userspace-4.1.2/audisp/audispd-pconfig.c:237:20: branch_false: following 'false' branch...
audit-userspace-4.1.2/audisp/audispd-pconfig.c:243:22: branch_false: ...to here
audit-userspace-4.1.2/audisp/audispd-pconfig.c:243:22: call_function: calling 'kw_lookup' from 'load_pconfig'
audit-userspace-4.1.2/audisp/audispd-pconfig.c:243:22: return_function: returning to 'load_pconfig' from 'kw_lookup'
audit-userspace-4.1.2/audisp/audispd-pconfig.c:244:20: branch_false: following 'false' branch...
audit-userspace-4.1.2/audisp/audispd-pconfig.c:255:38: branch_false: ...to here
audit-userspace-4.1.2/audisp/audispd-pconfig.c:256:20: branch_true: following 'true' branch...
audit-userspace-4.1.2/audisp/audispd-pconfig.c:257:25: danger: 'nv.values' leaks here; was allocated at [(40)](sarif:/runs/0/results/7/codeFlows/0/threadFlows/0/locations/39)
#  255|   		const int noptions = nv.nvalues - 1;
#  256|   		if (kw->max_options != -1 && kw->max_options < noptions) {
#  257|-> 			audit_msg(LOG_ERR,
#  258|   				"Keyword \"%s\" has invalid options "
#  259|   				"in line %d of %s",

Error: GCC_ANALYZER_WARNING (CWE-401): [#def9]
audit-userspace-4.1.2/audisp/audispd-pconfig.c:266:22: warning[-Wanalyzer-malloc-leak]: leak of 'f'
audit-userspace-4.1.2/audisp/audispd-pconfig.c:130:5: enter_function: entry to 'load_pconfig'
audit-userspace-4.1.2/audisp/audispd-pconfig.c:143:12: branch_false: following 'false' branch...
audit-userspace-4.1.2/audisp/audispd-pconfig.c:158:13: branch_false: ...to here
audit-userspace-4.1.2/audisp/audispd-pconfig.c:158:12: branch_false: following 'false' branch...
audit-userspace-4.1.2/audisp/audispd-pconfig.c:164:13: branch_false: ...to here
audit-userspace-4.1.2/audisp/audispd-pconfig.c:164:12: branch_false: following 'false' branch...
audit-userspace-4.1.2/audisp/audispd-pconfig.c:170:14: branch_false: ...to here
audit-userspace-4.1.2/audisp/audispd-pconfig.c:170:12: branch_false: following 'false' branch...
audit-userspace-4.1.2/audisp/audispd-pconfig.c:177:14: branch_false: ...to here
audit-userspace-4.1.2/audisp/audispd-pconfig.c:177:12: branch_false: following 'false' branch...
audit-userspace-4.1.2/audisp/audispd-pconfig.c:186:9: branch_false: ...to here
audit-userspace-4.1.2/audisp/audispd-pconfig.c:190:12: branch_false: following 'false' branch...
audit-userspace-4.1.2/audisp/audispd-pconfig.c:197:9: branch_false: ...to here
audit-userspace-4.1.2/audisp/audispd-pconfig.c:201:13: acquire_memory: allocated here
audit-userspace-4.1.2/audisp/audispd-pconfig.c:202:12: branch_false: following 'false' branch (when 'f' is non-NULL)...
 branch_false: ...to here
audit-userspace-4.1.2/audisp/audispd-pconfig.c:209:16: call_function: calling 'get_line' from 'load_pconfig'
audit-userspace-4.1.2/audisp/audispd-pconfig.c:209:16: return_function: returning to 'load_pconfig' from 'get_line'
audit-userspace-4.1.2/audisp/audispd-pconfig.c:209:16: branch_true: following 'true' branch...
audit-userspace-4.1.2/audisp/audispd-pconfig.c:213:22: branch_true: ...to here
audit-userspace-4.1.2/audisp/audispd-pconfig.c:213:22: call_function: calling 'nv_split' from 'load_pconfig'
audit-userspace-4.1.2/audisp/audispd-pconfig.c:213:22: return_function: returning to 'load_pconfig' from 'nv_split'
audit-userspace-4.1.2/audisp/audispd-pconfig.c:233:20: branch_false: following 'false' branch...
audit-userspace-4.1.2/audisp/audispd-pconfig.c:237:21: branch_false: ...to here
audit-userspace-4.1.2/audisp/audispd-pconfig.c:237:20: branch_false: following 'false' branch...
audit-userspace-4.1.2/audisp/audispd-pconfig.c:243:22: branch_false: ...to here
audit-userspace-4.1.2/audisp/audispd-pconfig.c:243:22: call_function: calling 'kw_lookup' from 'load_pconfig'
audit-userspace-4.1.2/audisp/audispd-pconfig.c:243:22: return_function: returning to 'load_pconfig' from 'kw_lookup'
audit-userspace-4.1.2/audisp/audispd-pconfig.c:244:20: branch_false: following 'false' branch...
audit-userspace-4.1.2/audisp/audispd-pconfig.c:255:38: branch_false: ...to here
audit-userspace-4.1.2/audisp/audispd-pconfig.c:256:21: branch_false: following 'false' branch...
audit-userspace-4.1.2/audisp/audispd-pconfig.c:266:22: branch_false: ...to here
audit-userspace-4.1.2/audisp/audispd-pconfig.c:266:22: danger: 'f' leaks here; was allocated at [(14)](sarif:/runs/0/results/8/codeFlows/0/threadFlows/0/locations/13)
#  264|   
#  265|   		/* dispatch to keyword's local parser */
#  266|-> 		rc = kw->parser(&nv, lineno, config);
#  267|   		if (rc != 0) {
#  268|   			fclose(f);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def10]
audit-userspace-4.1.2/audisp/audispd-pconfig.c:266:22: warning[-Wanalyzer-malloc-leak]: leak of 'nv.values'
audit-userspace-4.1.2/audisp/audispd-pconfig.c:130:5: enter_function: entry to 'load_pconfig'
audit-userspace-4.1.2/audisp/audispd-pconfig.c:143:12: branch_false: following 'false' branch...
audit-userspace-4.1.2/audisp/audispd-pconfig.c:158:13: branch_false: ...to here
audit-userspace-4.1.2/audisp/audispd-pconfig.c:158:12: branch_false: following 'false' branch...
audit-userspace-4.1.2/audisp/audispd-pconfig.c:164:13: branch_false: ...to here
audit-userspace-4.1.2/audisp/audispd-pconfig.c:164:12: branch_false: following 'false' branch...
audit-userspace-4.1.2/audisp/audispd-pconfig.c:170:14: branch_false: ...to here
audit-userspace-4.1.2/audisp/audispd-pconfig.c:170:12: branch_false: following 'false' branch...
audit-userspace-4.1.2/audisp/audispd-pconfig.c:177:14: branch_false: ...to here
audit-userspace-4.1.2/audisp/audispd-pconfig.c:177:12: branch_false: following 'false' branch...
audit-userspace-4.1.2/audisp/audispd-pconfig.c:186:9: branch_false: ...to here
audit-userspace-4.1.2/audisp/audispd-pconfig.c:190:12: branch_false: following 'false' branch...
audit-userspace-4.1.2/audisp/audispd-pconfig.c:197:9: branch_false: ...to here
audit-userspace-4.1.2/audisp/audispd-pconfig.c:202:12: branch_false: following 'false' branch (when 'f' is non-NULL)...
 branch_false: ...to here
audit-userspace-4.1.2/audisp/audispd-pconfig.c:209:16: call_function: calling 'get_line' from 'load_pconfig'
audit-userspace-4.1.2/audisp/audispd-pconfig.c:209:16: return_function: returning to 'load_pconfig' from 'get_line'
audit-userspace-4.1.2/audisp/audispd-pconfig.c:209:16: branch_true: following 'true' branch...
audit-userspace-4.1.2/audisp/audispd-pconfig.c:213:22: branch_true: ...to here
audit-userspace-4.1.2/audisp/audispd-pconfig.c:213:22: call_function: calling 'nv_split' from 'load_pconfig'
audit-userspace-4.1.2/audisp/audispd-pconfig.c:213:22: return_function: returning to 'load_pconfig' from 'nv_split'
audit-userspace-4.1.2/audisp/audispd-pconfig.c:233:20: branch_false: following 'false' branch...
audit-userspace-4.1.2/audisp/audispd-pconfig.c:237:21: branch_false: ...to here
audit-userspace-4.1.2/audisp/audispd-pconfig.c:237:20: branch_false: following 'false' branch...
audit-userspace-4.1.2/audisp/audispd-pconfig.c:243:22: branch_false: ...to here
audit-userspace-4.1.2/audisp/audispd-pconfig.c:243:22: call_function: calling 'kw_lookup' from 'load_pconfig'
audit-userspace-4.1.2/audisp/audispd-pconfig.c:243:22: return_function: returning to 'load_pconfig' from 'kw_lookup'
audit-userspace-4.1.2/audisp/audispd-pconfig.c:244:20: branch_false: following 'false' branch...
audit-userspace-4.1.2/audisp/audispd-pconfig.c:255:38: branch_false: ...to here
audit-userspace-4.1.2/audisp/audispd-pconfig.c:256:21: branch_false: following 'false' branch...
audit-userspace-4.1.2/audisp/audispd-pconfig.c:266:22: branch_false: ...to here
audit-userspace-4.1.2/audisp/audispd-pconfig.c:266:22: danger: 'nv.values' leaks here; was allocated at [(40)](sarif:/runs/0/results/9/codeFlows/0/threadFlows/0/locations/39)
#  264|   
#  265|   		/* dispatch to keyword's local parser */
#  266|-> 		rc = kw->parser(&nv, lineno, config);
#  267|   		if (rc != 0) {
#  268|   			fclose(f);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def11]
audit-userspace-4.1.2/audisp/audispd-pconfig.c:302:33: warning[-Wanalyzer-malloc-leak]: leak of 'f'
audit-userspace-4.1.2/audisp/audispd-pconfig.c:130:5: enter_function: entry to 'load_pconfig'
audit-userspace-4.1.2/audisp/audispd-pconfig.c:143:12: branch_false: following 'false' branch...
audit-userspace-4.1.2/audisp/audispd-pconfig.c:158:13: branch_false: ...to here
audit-userspace-4.1.2/audisp/audispd-pconfig.c:158:12: branch_false: following 'false' branch...
audit-userspace-4.1.2/audisp/audispd-pconfig.c:164:13: branch_false: ...to here
audit-userspace-4.1.2/audisp/audispd-pconfig.c:164:12: branch_false: following 'false' branch...
audit-userspace-4.1.2/audisp/audispd-pconfig.c:170:14: branch_false: ...to here
audit-userspace-4.1.2/audisp/audispd-pconfig.c:170:12: branch_false: following 'false' branch...
audit-userspace-4.1.2/audisp/audispd-pconfig.c:177:14: branch_false: ...to here
audit-userspace-4.1.2/audisp/audispd-pconfig.c:177:12: branch_false: following 'false' branch...
audit-userspace-4.1.2/audisp/audispd-pconfig.c:186:9: branch_false: ...to here
audit-userspace-4.1.2/audisp/audispd-pconfig.c:190:12: branch_false: following 'false' branch...
audit-userspace-4.1.2/audisp/audispd-pconfig.c:197:9: branch_false: ...to here
audit-userspace-4.1.2/audisp/audispd-pconfig.c:201:13: acquire_memory: allocated here
audit-userspace-4.1.2/audisp/audispd-pconfig.c:202:12: branch_false: following 'false' branch (when 'f' is non-NULL)...
 branch_false: ...to here
audit-userspace-4.1.2/audisp/audispd-pconfig.c:209:16: call_function: calling 'get_line' from 'load_pconfig'
#  300|   			// Only output 1 warning
#  301|   			if (!too_long)
#  302|-> 				audit_msg(LOG_ERR,
#  303|   					"Skipping line %d in %s: too long",
#  304|   					*lineno, file);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def12]
audit-userspace-4.1.2/audisp/audispd-pconfig.c:340:17: warning[-Wanalyzer-malloc-leak]: leak of 'nv.values'
audit-userspace-4.1.2/audisp/audispd-pconfig.c:130:5: enter_function: entry to 'load_pconfig'
audit-userspace-4.1.2/audisp/audispd-pconfig.c:143:12: branch_false: following 'false' branch...
audit-userspace-4.1.2/audisp/audispd-pconfig.c:158:13: branch_false: ...to here
audit-userspace-4.1.2/audisp/audispd-pconfig.c:158:12: branch_false: following 'false' branch...
audit-userspace-4.1.2/audisp/audispd-pconfig.c:164:13: branch_false: ...to here
audit-userspace-4.1.2/audisp/audispd-pconfig.c:164:12: branch_false: following 'false' branch...
audit-userspace-4.1.2/audisp/audispd-pconfig.c:170:14: branch_false: ...to here
audit-userspace-4.1.2/audisp/audispd-pconfig.c:170:12: branch_false: following 'false' branch...
audit-userspace-4.1.2/audisp/audispd-pconfig.c:177:14: branch_false: ...to here
audit-userspace-4.1.2/audisp/audispd-pconfig.c:177:12: branch_false: following 'false' branch...
audit-userspace-4.1.2/audisp/audispd-pconfig.c:186:9: branch_false: ...to here
audit-userspace-4.1.2/audisp/audispd-pconfig.c:190:12: branch_false: following 'false' branch...
audit-userspace-4.1.2/audisp/audispd-pconfig.c:197:9: branch_false: ...to here
audit-userspace-4.1.2/audisp/audispd-pconfig.c:202:12: branch_false: following 'false' branch (when 'f' is non-NULL)...
 branch_false: ...to here
audit-userspace-4.1.2/audisp/audispd-pconfig.c:209:16: call_function: calling 'get_line' from 'load_pconfig'
audit-userspace-4.1.2/audisp/audispd-pconfig.c:209:16: return_function: returning to 'load_pconfig' from 'get_line'
audit-userspace-4.1.2/audisp/audispd-pconfig.c:209:16: branch_true: following 'true' branch...
audit-userspace-4.1.2/audisp/audispd-pconfig.c:213:22: branch_true: ...to here
audit-userspace-4.1.2/audisp/audispd-pconfig.c:213:22: call_function: calling 'nv_split' from 'load_pconfig'
#  338|   	/* get the value part */
#  339|   	while ((ptr = strtok_r(NULL, " ", &saved)) != NULL) {
#  340|-> 		nv->values = realloc(nv->values, (nv->nvalues + 1) * sizeof(char *));
#  341|   		if (nv->values == NULL) {
#  342|   			return 1;

Error: GCC_ANALYZER_WARNING (CWE-476): [#def13]
audit-userspace-4.1.2/audisp/audispd-pconfig.c:454:17: warning[-Wanalyzer-possible-null-dereference]: dereference of possibly-NULL '*config.args'
audit-userspace-4.1.2/audisp/audispd-pconfig.c:450:24: acquire_memory: this call could return NULL
audit-userspace-4.1.2/audisp/audispd-pconfig.c:453:25: branch_true: following 'true' branch...
audit-userspace-4.1.2/audisp/audispd-pconfig.c:454:42: branch_true: ...to here
audit-userspace-4.1.2/audisp/audispd-pconfig.c:454:17: danger: '*config.args + (long unsigned int)i * 8' could be NULL: unchecked value from [(1)](sarif:/runs/0/results/12/codeFlows/0/threadFlows/0/locations/0)
#  452|   
#  453|   	for (int i = 0; i < nv->nvalues; i++) {
#  454|-> 		config->args[i] = strdup(nv->values[nv->nvalues - i - 1]);
#  455|   	}
#  456|   

Error: GCC_ANALYZER_WARNING (CWE-775): [#def14]
audit-userspace-4.1.2/audisp/audispd.c:443:12: warning[-Wanalyzer-fd-leak]: leak of file descriptor 'dup2(*conf.plug_pipe[0], 0)'
audit-userspace-4.1.2/audisp/audispd.c:427:12: branch_false: following 'false' branch...
audit-userspace-4.1.2/audisp/audispd.c:430:15: branch_false: ...to here
audit-userspace-4.1.2/audisp/audispd.c:431:12: branch_false: following 'false' branch (when 'pid <= 0')...
audit-userspace-4.1.2/audisp/audispd.c:435:12: branch_false: ...to here
audit-userspace-4.1.2/audisp/audispd.c:435:12: branch_false: following 'false' branch (when 'pid == 0')...
audit-userspace-4.1.2/audisp/audispd.c:443:13: branch_false: ...to here
audit-userspace-4.1.2/audisp/audispd.c:443:13: acquire_resource: opened here
audit-userspace-4.1.2/audisp/audispd.c:443:12: danger: 'dup2(*conf.plug_pipe[0], 0)' leaks here; was opened at [(7)](sarif:/runs/0/results/0/codeFlows/0/threadFlows/0/locations/6)
#  441|   
#  442|   	/* Set up comm with child. It reads stdin so put the pipe there. */
#  443|-> 	if (dup2(conf->plug_pipe[0], 0) < 0) {
#  444|   		close(conf->plug_pipe[0]);
#  445|   		close(conf->plug_pipe[1]);

Error: GCC_ANALYZER_WARNING (CWE-775): [#def15]
audit-userspace-4.1.2/audisp/plugins/af_unix/audisp-af_unix.c:137:9: warning[-Wanalyzer-file-leak]: leak of FILE ‘fopen("/run/audit/af_unix.state", "w")’
audit-userspace-4.1.2/audisp/plugins/af_unix/audisp-af_unix.c:128:19: acquire_resource: opened here
audit-userspace-4.1.2/audisp/plugins/af_unix/audisp-af_unix.c:130:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/audisp/plugins/af_unix/audisp-af_unix.c:133:22: branch_false: ...to here
audit-userspace-4.1.2/audisp/plugins/af_unix/audisp-af_unix.c:137:9: danger: ‘fopen("/run/audit/af_unix.state", "w")’ leaks here; was opened at [(1)](sarif:/runs/0/results/0/codeFlows/0/threadFlows/0/locations/0)
#  135|   	fprintf(f, "current time = %s\n", buf);
#  136|   	fprintf(f, "client_connected = %s\n", client ? "yes" : "no");
#  137|-> 	fprintf(f, "queue_length = %zu\n", q_queue_length(queue));
#  138|   	fprintf(f, "max_queue_length = %zu\n", q_max_queue_length(queue));
#  139|   	fprintf(f, "queue_size = %zu\n", q_queue_size(queue));

Error: GCC_ANALYZER_WARNING (CWE-401): [#def16]
audit-userspace-4.1.2/audisp/plugins/af_unix/audisp-af_unix.c:137:9: warning[-Wanalyzer-malloc-leak]: leak of ‘fopen("/run/audit/af_unix.state", "w")’
audit-userspace-4.1.2/audisp/plugins/af_unix/audisp-af_unix.c:128:19: acquire_memory: allocated here
audit-userspace-4.1.2/audisp/plugins/af_unix/audisp-af_unix.c:130:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/audisp/plugins/af_unix/audisp-af_unix.c:133:22: branch_false: ...to here
audit-userspace-4.1.2/audisp/plugins/af_unix/audisp-af_unix.c:137:9: danger: ‘fopen("/run/audit/af_unix.state", "w")’ leaks here; was allocated at [(1)](sarif:/runs/0/results/1/codeFlows/0/threadFlows/0/locations/0)
#  135|   	fprintf(f, "current time = %s\n", buf);
#  136|   	fprintf(f, "client_connected = %s\n", client ? "yes" : "no");
#  137|-> 	fprintf(f, "queue_length = %zu\n", q_queue_length(queue));
#  138|   	fprintf(f, "max_queue_length = %zu\n", q_max_queue_length(queue));
#  139|   	fprintf(f, "queue_size = %zu\n", q_queue_size(queue));

Error: GCC_ANALYZER_WARNING (CWE-775): [#def17]
audit-userspace-4.1.2/audisp/plugins/af_unix/audisp-af_unix.c:138:9: warning[-Wanalyzer-file-leak]: leak of FILE ‘fopen("/run/audit/af_unix.state", "w")’
audit-userspace-4.1.2/audisp/plugins/af_unix/audisp-af_unix.c:128:19: acquire_resource: opened here
audit-userspace-4.1.2/audisp/plugins/af_unix/audisp-af_unix.c:130:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/audisp/plugins/af_unix/audisp-af_unix.c:133:22: branch_false: ...to here
audit-userspace-4.1.2/audisp/plugins/af_unix/audisp-af_unix.c:138:9: danger: ‘fopen("/run/audit/af_unix.state", "w")’ leaks here; was opened at [(1)](sarif:/runs/0/results/2/codeFlows/0/threadFlows/0/locations/0)
#  136|   	fprintf(f, "client_connected = %s\n", client ? "yes" : "no");
#  137|   	fprintf(f, "queue_length = %zu\n", q_queue_length(queue));
#  138|-> 	fprintf(f, "max_queue_length = %zu\n", q_max_queue_length(queue));
#  139|   	fprintf(f, "queue_size = %zu\n", q_queue_size(queue));
#  140|   #ifdef HAVE_MALLINFO2

Error: GCC_ANALYZER_WARNING (CWE-401): [#def18]
audit-userspace-4.1.2/audisp/plugins/af_unix/audisp-af_unix.c:138:9: warning[-Wanalyzer-malloc-leak]: leak of ‘fopen("/run/audit/af_unix.state", "w")’
audit-userspace-4.1.2/audisp/plugins/af_unix/audisp-af_unix.c:128:19: acquire_memory: allocated here
audit-userspace-4.1.2/audisp/plugins/af_unix/audisp-af_unix.c:130:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/audisp/plugins/af_unix/audisp-af_unix.c:133:22: branch_false: ...to here
audit-userspace-4.1.2/audisp/plugins/af_unix/audisp-af_unix.c:138:9: danger: ‘fopen("/run/audit/af_unix.state", "w")’ leaks here; was allocated at [(1)](sarif:/runs/0/results/3/codeFlows/0/threadFlows/0/locations/0)
#  136|   	fprintf(f, "client_connected = %s\n", client ? "yes" : "no");
#  137|   	fprintf(f, "queue_length = %zu\n", q_queue_length(queue));
#  138|-> 	fprintf(f, "max_queue_length = %zu\n", q_max_queue_length(queue));
#  139|   	fprintf(f, "queue_size = %zu\n", q_queue_size(queue));
#  140|   #ifdef HAVE_MALLINFO2

Error: GCC_ANALYZER_WARNING (CWE-775): [#def19]
audit-userspace-4.1.2/audisp/plugins/af_unix/audisp-af_unix.c:139:9: warning[-Wanalyzer-file-leak]: leak of FILE ‘fopen("/run/audit/af_unix.state", "w")’
audit-userspace-4.1.2/audisp/plugins/af_unix/audisp-af_unix.c:128:19: acquire_resource: opened here
audit-userspace-4.1.2/audisp/plugins/af_unix/audisp-af_unix.c:130:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/audisp/plugins/af_unix/audisp-af_unix.c:133:22: branch_false: ...to here
audit-userspace-4.1.2/audisp/plugins/af_unix/audisp-af_unix.c:139:9: danger: ‘fopen("/run/audit/af_unix.state", "w")’ leaks here; was opened at [(1)](sarif:/runs/0/results/4/codeFlows/0/threadFlows/0/locations/0)
#  137|   	fprintf(f, "queue_length = %zu\n", q_queue_length(queue));
#  138|   	fprintf(f, "max_queue_length = %zu\n", q_max_queue_length(queue));
#  139|-> 	fprintf(f, "queue_size = %zu\n", q_queue_size(queue));
#  140|   #ifdef HAVE_MALLINFO2
#  141|   	write_memory_state(f);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def20]
audit-userspace-4.1.2/audisp/plugins/af_unix/audisp-af_unix.c:139:9: warning[-Wanalyzer-malloc-leak]: leak of ‘fopen("/run/audit/af_unix.state", "w")’
audit-userspace-4.1.2/audisp/plugins/af_unix/audisp-af_unix.c:128:19: acquire_memory: allocated here
audit-userspace-4.1.2/audisp/plugins/af_unix/audisp-af_unix.c:130:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/audisp/plugins/af_unix/audisp-af_unix.c:133:22: branch_false: ...to here
audit-userspace-4.1.2/audisp/plugins/af_unix/audisp-af_unix.c:139:9: danger: ‘fopen("/run/audit/af_unix.state", "w")’ leaks here; was allocated at [(1)](sarif:/runs/0/results/5/codeFlows/0/threadFlows/0/locations/0)
#  137|   	fprintf(f, "queue_length = %zu\n", q_queue_length(queue));
#  138|   	fprintf(f, "max_queue_length = %zu\n", q_max_queue_length(queue));
#  139|-> 	fprintf(f, "queue_size = %zu\n", q_queue_size(queue));
#  140|   #ifdef HAVE_MALLINFO2
#  141|   	write_memory_state(f);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def21]
audit-userspace-4.1.2/audisp/plugins/af_unix/audisp-af_unix.c:231:41: warning[-Wanalyzer-malloc-leak]: leak of ‘opendir(base)’
audit-userspace-4.1.2/audisp/plugins/af_unix/audisp-af_unix.c:195:25: branch_true: following ‘true’ branch (when ‘i < argc’)...
audit-userspace-4.1.2/audisp/plugins/af_unix/audisp-af_unix.c:196:33: branch_true: ...to here
audit-userspace-4.1.2/audisp/plugins/af_unix/audisp-af_unix.c:197:20: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/audisp/plugins/af_unix/audisp-af_unix.c:218:28: branch_false: ...to here
audit-userspace-4.1.2/audisp/plugins/af_unix/audisp-af_unix.c:218:27: branch_true: following ‘true’ branch...
audit-userspace-4.1.2/audisp/plugins/af_unix/audisp-af_unix.c:221:25: branch_true: ...to here
audit-userspace-4.1.2/audisp/plugins/af_unix/audisp-af_unix.c:224:28: branch_true: following ‘true’ branch (when ‘base’ is non-NULL)...
audit-userspace-4.1.2/audisp/plugins/af_unix/audisp-af_unix.c:226:45: branch_true: ...to here
audit-userspace-4.1.2/audisp/plugins/af_unix/audisp-af_unix.c:228:37: acquire_memory: allocated here
audit-userspace-4.1.2/audisp/plugins/af_unix/audisp-af_unix.c:229:36: branch_true: following ‘true’ branch...
audit-userspace-4.1.2/audisp/plugins/af_unix/audisp-af_unix.c:230:41: branch_true: ...to here
audit-userspace-4.1.2/audisp/plugins/af_unix/audisp-af_unix.c:231:41: danger: ‘opendir(base)’ leaks here; was allocated at [(11)](sarif:/runs/0/results/6/codeFlows/0/threadFlows/0/locations/10)
#  229|   				if (d) {
#  230|   					closedir(d);
#  231|-> 					free(dir);
#  232|   				} else {
#  233|   					syslog(LOG_ERR,

Error: GCC_ANALYZER_WARNING (CWE-401): [#def22]
audit-userspace-4.1.2/audisp/plugins/af_unix/audisp-af_unix.c:446:45: warning[-Wanalyzer-malloc-leak]: leak of ‘buf’
audit-userspace-4.1.2/audisp/plugins/af_unix/audisp-af_unix.c:373:6: enter_function: entry to ‘read_audit_record’
audit-userspace-4.1.2/audisp/plugins/af_unix/audisp-af_unix.c:409:12: branch_true: following ‘true’ branch...
audit-userspace-4.1.2/audisp/plugins/af_unix/audisp-af_unix.c:414:23: branch_true: ...to here
audit-userspace-4.1.2/audisp/plugins/af_unix/audisp-af_unix.c:414:23: call_function: calling ‘read_binary_record’ from ‘read_audit_record’
audit-userspace-4.1.2/audisp/plugins/af_unix/audisp-af_unix.c:414:23: return_function: returning to ‘read_audit_record’ from ‘read_binary_record’
audit-userspace-4.1.2/audisp/plugins/af_unix/audisp-af_unix.c:415:20: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/audisp/plugins/af_unix/audisp-af_unix.c:421:21: branch_false: ...to here
audit-userspace-4.1.2/audisp/plugins/af_unix/audisp-af_unix.c:421:20: branch_true: following ‘true’ branch...
audit-userspace-4.1.2/audisp/plugins/af_unix/audisp-af_unix.c:422:28: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/audisp/plugins/af_unix/audisp-af_unix.c:439:35: branch_false: ...to here
audit-userspace-4.1.2/audisp/plugins/af_unix/audisp-af_unix.c:439:35: branch_true: following ‘true’ branch...
audit-userspace-4.1.2/audisp/plugins/af_unix/audisp-af_unix.c:440:60: branch_true: ...to here
audit-userspace-4.1.2/audisp/plugins/af_unix/audisp-af_unix.c:441:45: acquire_memory: allocated here
audit-userspace-4.1.2/audisp/plugins/af_unix/audisp-af_unix.c:442:36: branch_true: following ‘true’ branch (when ‘buf’ is non-NULL)...
audit-userspace-4.1.2/audisp/plugins/af_unix/audisp-af_unix.c:443:41: branch_true: ...to here
audit-userspace-4.1.2/audisp/plugins/af_unix/audisp-af_unix.c:446:45: danger: ‘buf’ leaks here; was allocated at [(17)](sarif:/runs/0/results/7/codeFlows/0/threadFlows/0/locations/16)
#  444|   					memcpy(buf + sizeof(*hdr), data,
#  445|   					       hdr->size);
#  446|-> 					if (q_append(queue, buf, total) != 0) {
#  447|   						if (failed_append < 5)
#  448|   							syslog(LOG_ERR,

Error: GCC_ANALYZER_WARNING (CWE-401): [#def23]
audit-userspace-4.1.2/audisp/plugins/af_unix/audisp-af_unix.c:448:57: warning[-Wanalyzer-malloc-leak]: leak of ‘buf’
audit-userspace-4.1.2/audisp/plugins/af_unix/audisp-af_unix.c:373:6: enter_function: entry to ‘read_audit_record’
audit-userspace-4.1.2/audisp/plugins/af_unix/audisp-af_unix.c:409:12: branch_true: following ‘true’ branch...
audit-userspace-4.1.2/audisp/plugins/af_unix/audisp-af_unix.c:414:23: branch_true: ...to here
audit-userspace-4.1.2/audisp/plugins/af_unix/audisp-af_unix.c:414:23: call_function: calling ‘read_binary_record’ from ‘read_audit_record’
audit-userspace-4.1.2/audisp/plugins/af_unix/audisp-af_unix.c:414:23: return_function: returning to ‘read_audit_record’ from ‘read_binary_record’
audit-userspace-4.1.2/audisp/plugins/af_unix/audisp-af_unix.c:415:20: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/audisp/plugins/af_unix/audisp-af_unix.c:421:21: branch_false: ...to here
audit-userspace-4.1.2/audisp/plugins/af_unix/audisp-af_unix.c:421:20: branch_true: following ‘true’ branch...
audit-userspace-4.1.2/audisp/plugins/af_unix/audisp-af_unix.c:422:28: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/audisp/plugins/af_unix/audisp-af_unix.c:439:35: branch_false: ...to here
audit-userspace-4.1.2/audisp/plugins/af_unix/audisp-af_unix.c:439:35: branch_true: following ‘true’ branch...
audit-userspace-4.1.2/audisp/plugins/af_unix/audisp-af_unix.c:440:60: branch_true: ...to here
audit-userspace-4.1.2/audisp/plugins/af_unix/audisp-af_unix.c:441:45: acquire_memory: allocated here
audit-userspace-4.1.2/audisp/plugins/af_unix/audisp-af_unix.c:442:36: branch_true: following ‘true’ branch (when ‘buf’ is non-NULL)...
audit-userspace-4.1.2/audisp/plugins/af_unix/audisp-af_unix.c:443:41: branch_true: ...to here
audit-userspace-4.1.2/audisp/plugins/af_unix/audisp-af_unix.c:446:44: branch_true: following ‘true’ branch...
audit-userspace-4.1.2/audisp/plugins/af_unix/audisp-af_unix.c:447:53: branch_true: ...to here
audit-userspace-4.1.2/audisp/plugins/af_unix/audisp-af_unix.c:447:52: branch_true: following ‘true’ branch...
audit-userspace-4.1.2/audisp/plugins/af_unix/audisp-af_unix.c:450:69: branch_true: ...to here
audit-userspace-4.1.2/audisp/plugins/af_unix/audisp-af_unix.c:448:57: danger: ‘buf’ leaks here; was allocated at [(17)](sarif:/runs/0/results/8/codeFlows/0/threadFlows/0/locations/16)
#  446|   					if (q_append(queue, buf, total) != 0) {
#  447|   						if (failed_append < 5)
#  448|-> 							syslog(LOG_ERR,
#  449|   				  "Dropping event - queue append failed (%s)",
#  450|   							   strerror(errno));

Error: GCC_ANALYZER_WARNING (CWE-401): [#def24]
audit-userspace-4.1.2/audisp/plugins/af_unix/audisp-af_unix.c:484:61: warning[-Wanalyzer-malloc-leak]: leak of ‘buf’
audit-userspace-4.1.2/audisp/plugins/af_unix/audisp-af_unix.c:409:12: branch_false: following ‘false’ branch...
 branch_false: ...to here
audit-userspace-4.1.2/audisp/plugins/af_unix/audisp-af_unix.c:478:61: acquire_memory: allocated here
audit-userspace-4.1.2/audisp/plugins/af_unix/audisp-af_unix.c:484:61: danger: ‘buf’ leaks here; was allocated at [(3)](sarif:/runs/0/results/9/codeFlows/0/threadFlows/0/locations/2)
#  482|   							memcpy(buf+sizeof(hdr),
#  483|   							       rx_buf, len);
#  484|-> 							if (q_append(queue, buf,
#  485|   								    total) != 0)
#  486|   								syslog(LOG_ERR,

Error: GCC_ANALYZER_WARNING (CWE-401): [#def25]
audit-userspace-4.1.2/audisp/plugins/af_unix/audisp-af_unix.c:486:65: warning[-Wanalyzer-malloc-leak]: leak of ‘buf’
audit-userspace-4.1.2/audisp/plugins/af_unix/audisp-af_unix.c:409:12: branch_false: following ‘false’ branch...
 branch_false: ...to here
audit-userspace-4.1.2/audisp/plugins/af_unix/audisp-af_unix.c:478:61: acquire_memory: allocated here
audit-userspace-4.1.2/audisp/plugins/af_unix/audisp-af_unix.c:486:65: danger: ‘buf’ leaks here; was allocated at [(3)](sarif:/runs/0/results/10/codeFlows/0/threadFlows/0/locations/2)
#  484|   							if (q_append(queue, buf,
#  485|   								    total) != 0)
#  486|-> 								syslog(LOG_ERR,
#  487|   						     "Queue append failed (%s)",
#  488|   							       strerror(errno));

Error: GCC_ANALYZER_WARNING (CWE-401): [#def26]
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:222:33: warning[-Wanalyzer-malloc-leak]: leak of ‘f’
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:323:12: enter_function: entry to ‘load_rules’
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:334:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:345:13: branch_false: ...to here
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:345:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:350:13: branch_false: ...to here
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:350:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:355:14: branch_false: ...to here
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:355:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:360:14: branch_false: ...to here
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:360:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:367:13: branch_false: ...to here
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:367:13: acquire_memory: allocated here
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:368:12: branch_false: following ‘false’ branch (when ‘f’ is non-NULL)...
 branch_false: ...to here
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:374:16: call_function: calling ‘get_line’ from ‘load_rules’
#  220|   			// Only output 1 warning
#  221|   			if (!too_long)
#  222|-> 				syslog(LOG_WARNING,
#  223|   				       "Skipping line %d in %s: too long",
#  224|   				       *lineno, file);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def27]
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:280:19: warning[-Wanalyzer-malloc-leak]: leak of ‘f’
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:323:12: enter_function: entry to ‘load_rules’
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:334:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:345:13: branch_false: ...to here
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:345:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:350:13: branch_false: ...to here
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:350:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:355:14: branch_false: ...to here
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:355:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:360:14: branch_false: ...to here
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:360:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:367:13: branch_false: ...to here
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:367:13: acquire_memory: allocated here
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:368:12: branch_false: following ‘false’ branch (when ‘f’ is non-NULL)...
 branch_false: ...to here
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:374:16: call_function: calling ‘get_line’ from ‘load_rules’
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:374:16: return_function: returning to ‘load_rules’ from ‘get_line’
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:374:16: branch_true: following ‘true’ branch...
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:375:17: branch_true: ...to here
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:377:29: call_function: calling ‘parse_line’ from ‘load_rules’
#  278|   	/* dummy instance of the audit parsing library, we use it to
#  279|   	validate search expressions that will be added to the filter engine */
#  280|-> 	if ((au = auparse_init(AUSOURCE_BUFFER_ARRAY, buf)) == NULL) {
#  281|   		syslog(LOG_ERR, "The auparse_init failed");
#  282|   		return NULL;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def28]
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:281:17: warning[-Wanalyzer-malloc-leak]: leak of ‘f’
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:323:12: enter_function: entry to ‘load_rules’
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:334:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:345:13: branch_false: ...to here
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:345:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:350:13: branch_false: ...to here
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:350:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:355:14: branch_false: ...to here
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:355:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:360:14: branch_false: ...to here
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:360:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:367:13: branch_false: ...to here
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:367:13: acquire_memory: allocated here
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:368:12: branch_false: following ‘false’ branch (when ‘f’ is non-NULL)...
 branch_false: ...to here
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:374:16: call_function: calling ‘get_line’ from ‘load_rules’
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:374:16: return_function: returning to ‘load_rules’ from ‘get_line’
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:374:16: branch_true: following ‘true’ branch...
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:375:17: branch_true: ...to here
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:377:29: call_function: calling ‘parse_line’ from ‘load_rules’
#  279|   	validate search expressions that will be added to the filter engine */
#  280|   	if ((au = auparse_init(AUSOURCE_BUFFER_ARRAY, buf)) == NULL) {
#  281|-> 		syslog(LOG_ERR, "The auparse_init failed");
#  282|   		return NULL;
#  283|   	}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def29]
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:291:17: warning[-Wanalyzer-malloc-leak]: leak of ‘auparse_init(4, &buf)’
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:280:19: acquire_memory: allocated here
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:280:12: branch_false: following ‘false’ branch...
 branch_false: ...to here
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:290:12: branch_true: following ‘true’ branch...
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:291:17: branch_true: ...to here
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:291:17: danger: ‘auparse_init(4, &buf)’ leaks here; was allocated at [(1)](sarif:/runs/0/results/3/codeFlows/0/threadFlows/0/locations/0)
#  289|   	// Empty line or it's a comment
#  290|   	if (!*line || *line == '#') {
#  291|-> 		auparse_destroy(au);
#  292|   		return NULL;
#  293|   	}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def30]
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:291:17: warning[-Wanalyzer-malloc-leak]: leak of ‘f’
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:323:12: enter_function: entry to ‘load_rules’
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:334:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:345:13: branch_false: ...to here
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:345:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:350:13: branch_false: ...to here
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:350:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:355:14: branch_false: ...to here
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:355:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:360:14: branch_false: ...to here
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:360:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:367:13: branch_false: ...to here
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:367:13: acquire_memory: allocated here
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:368:12: branch_false: following ‘false’ branch (when ‘f’ is non-NULL)...
 branch_false: ...to here
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:374:16: call_function: calling ‘get_line’ from ‘load_rules’
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:374:16: return_function: returning to ‘load_rules’ from ‘get_line’
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:374:16: branch_true: following ‘true’ branch...
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:375:17: branch_true: ...to here
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:377:29: call_function: calling ‘parse_line’ from ‘load_rules’
#  289|   	// Empty line or it's a comment
#  290|   	if (!*line || *line == '#') {
#  291|-> 		auparse_destroy(au);
#  292|   		return NULL;
#  293|   	}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def31]
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:296:17: warning[-Wanalyzer-malloc-leak]: leak of ‘auparse_init(4, &buf)’
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:280:19: acquire_memory: allocated here
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:280:12: branch_false: following ‘false’ branch...
 branch_false: ...to here
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:290:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:295:21: branch_false: ...to here
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:295:12: branch_true: following ‘true’ branch (when ‘rule’ is NULL)...
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:296:17: branch_true: ...to here
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:296:17: danger: ‘auparse_init(4, &buf)’ leaks here; was allocated at [(1)](sarif:/runs/0/results/5/codeFlows/0/threadFlows/0/locations/0)
#  294|   
#  295|   	if ((rule = malloc(sizeof(struct filter_rule))) == NULL) {
#  296|-> 		auparse_destroy(au);
#  297|   		return NULL;
#  298|   	}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def32]
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:296:17: warning[-Wanalyzer-malloc-leak]: leak of ‘f’
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:323:12: enter_function: entry to ‘load_rules’
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:334:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:345:13: branch_false: ...to here
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:345:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:350:13: branch_false: ...to here
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:350:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:355:14: branch_false: ...to here
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:355:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:360:14: branch_false: ...to here
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:360:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:367:13: branch_false: ...to here
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:367:13: acquire_memory: allocated here
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:368:12: branch_false: following ‘false’ branch (when ‘f’ is non-NULL)...
 branch_false: ...to here
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:374:16: call_function: calling ‘get_line’ from ‘load_rules’
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:374:16: return_function: returning to ‘load_rules’ from ‘get_line’
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:374:16: branch_true: following ‘true’ branch...
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:375:17: branch_true: ...to here
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:377:29: call_function: calling ‘parse_line’ from ‘load_rules’
#  294|   
#  295|   	if ((rule = malloc(sizeof(struct filter_rule))) == NULL) {
#  296|-> 		auparse_destroy(au);
#  297|   		return NULL;
#  298|   	}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def33]
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:303:17: warning[-Wanalyzer-malloc-leak]: leak of ‘f’
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:323:12: enter_function: entry to ‘load_rules’
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:334:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:345:13: branch_false: ...to here
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:345:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:350:13: branch_false: ...to here
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:350:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:355:14: branch_false: ...to here
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:355:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:360:14: branch_false: ...to here
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:360:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:367:13: branch_false: ...to here
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:367:13: acquire_memory: allocated here
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:368:12: branch_false: following ‘false’ branch (when ‘f’ is non-NULL)...
 branch_false: ...to here
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:374:16: call_function: calling ‘get_line’ from ‘load_rules’
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:374:16: return_function: returning to ‘load_rules’ from ‘get_line’
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:374:16: branch_true: following ‘true’ branch...
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:375:17: branch_true: ...to here
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:377:29: call_function: calling ‘parse_line’ from ‘load_rules’
#  301|   
#  302|   	if ((rule->expr = strdup(line)) == NULL) {
#  303|-> 		auparse_destroy(au);
#  304|   		free(rule);
#  305|   		return NULL;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def34]
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:303:17: warning[-Wanalyzer-malloc-leak]: leak of ‘rule’
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:280:12: branch_false: following ‘false’ branch...
 branch_false: ...to here
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:290:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:295:21: branch_false: ...to here
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:295:21: acquire_memory: allocated here
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:295:12: branch_false: following ‘false’ branch (when ‘rule’ is non-NULL)...
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:299:9: branch_false: ...to here
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:302:12: branch_true: following ‘true’ branch...
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:303:17: branch_true: ...to here
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:303:17: danger: ‘rule’ leaks here; was allocated at [(5)](sarif:/runs/0/results/7/codeFlows/0/threadFlows/0/locations/4)
#  301|   
#  302|   	if ((rule->expr = strdup(line)) == NULL) {
#  303|-> 		auparse_destroy(au);
#  304|   		free(rule);
#  305|   		return NULL;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def35]
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:304:17: warning[-Wanalyzer-malloc-leak]: leak of ‘auparse_init(4, &buf)’
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:280:19: acquire_memory: allocated here
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:280:12: branch_false: following ‘false’ branch...
 branch_false: ...to here
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:290:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:295:21: branch_false: ...to here
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:295:12: branch_false: following ‘false’ branch (when ‘rule’ is non-NULL)...
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:299:9: branch_false: ...to here
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:302:12: branch_true: following ‘true’ branch...
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:303:17: branch_true: ...to here
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:304:17: danger: ‘auparse_init(4, &buf)’ leaks here; was allocated at [(1)](sarif:/runs/0/results/9/codeFlows/0/threadFlows/0/locations/0)
#  302|   	if ((rule->expr = strdup(line)) == NULL) {
#  303|   		auparse_destroy(au);
#  304|-> 		free(rule);
#  305|   		return NULL;
#  306|   	}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def36]
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:308:13: warning[-Wanalyzer-malloc-leak]: leak of ‘auparse_init(4, &buf)’
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:280:19: acquire_memory: allocated here
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:280:12: branch_false: following ‘false’ branch...
 branch_false: ...to here
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:290:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:295:21: branch_false: ...to here
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:295:12: branch_false: following ‘false’ branch (when ‘rule’ is non-NULL)...
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:299:9: branch_false: ...to here
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:302:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:308:13: branch_false: ...to here
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:308:13: danger: ‘auparse_init(4, &buf)’ leaks here; was allocated at [(1)](sarif:/runs/0/results/13/codeFlows/0/threadFlows/0/locations/0)
#  306|   	}
#  307|   
#  308|-> 	if (ausearch_add_expression(au, rule->expr, &error, AUSEARCH_RULE_OR) != 0) {
#  309|   		syslog(LOG_ERR, "Invalid expression: %s (%s)", rule->expr, error);
#  310|   		free_rule(rule);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def37]
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:308:13: warning[-Wanalyzer-malloc-leak]: leak of ‘f’
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:323:12: enter_function: entry to ‘load_rules’
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:334:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:345:13: branch_false: ...to here
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:345:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:350:13: branch_false: ...to here
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:350:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:355:14: branch_false: ...to here
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:355:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:360:14: branch_false: ...to here
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:360:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:367:13: branch_false: ...to here
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:367:13: acquire_memory: allocated here
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:368:12: branch_false: following ‘false’ branch (when ‘f’ is non-NULL)...
 branch_false: ...to here
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:374:16: call_function: calling ‘get_line’ from ‘load_rules’
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:374:16: return_function: returning to ‘load_rules’ from ‘get_line’
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:374:16: branch_true: following ‘true’ branch...
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:375:17: branch_true: ...to here
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:377:29: call_function: calling ‘parse_line’ from ‘load_rules’
#  306|   	}
#  307|   
#  308|-> 	if (ausearch_add_expression(au, rule->expr, &error, AUSEARCH_RULE_OR) != 0) {
#  309|   		syslog(LOG_ERR, "Invalid expression: %s (%s)", rule->expr, error);
#  310|   		free_rule(rule);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def38]
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:308:13: warning[-Wanalyzer-malloc-leak]: leak of ‘rule’
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:280:12: branch_false: following ‘false’ branch...
 branch_false: ...to here
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:290:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:295:21: branch_false: ...to here
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:295:21: acquire_memory: allocated here
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:295:12: branch_false: following ‘false’ branch (when ‘rule’ is non-NULL)...
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:299:9: branch_false: ...to here
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:302:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:308:13: branch_false: ...to here
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:308:13: danger: ‘rule’ leaks here; was allocated at [(5)](sarif:/runs/0/results/12/codeFlows/0/threadFlows/0/locations/4)
#  306|   	}
#  307|   
#  308|-> 	if (ausearch_add_expression(au, rule->expr, &error, AUSEARCH_RULE_OR) != 0) {
#  309|   		syslog(LOG_ERR, "Invalid expression: %s (%s)", rule->expr, error);
#  310|   		free_rule(rule);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def39]
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:308:13: warning[-Wanalyzer-malloc-leak]: leak of ‘strdup(line)’
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:280:12: branch_false: following ‘false’ branch...
 branch_false: ...to here
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:290:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:295:21: branch_false: ...to here
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:295:12: branch_false: following ‘false’ branch (when ‘rule’ is non-NULL)...
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:299:9: branch_false: ...to here
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:302:27: acquire_memory: allocated here
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:302:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:308:13: branch_false: ...to here
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:308:13: danger: ‘strdup(line)’ leaks here; was allocated at [(7)](sarif:/runs/0/results/10/codeFlows/0/threadFlows/0/locations/6)
#  306|   	}
#  307|   
#  308|-> 	if (ausearch_add_expression(au, rule->expr, &error, AUSEARCH_RULE_OR) != 0) {
#  309|   		syslog(LOG_ERR, "Invalid expression: %s (%s)", rule->expr, error);
#  310|   		free_rule(rule);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def40]
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:309:17: warning[-Wanalyzer-malloc-leak]: leak of ‘f’
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:323:12: enter_function: entry to ‘load_rules’
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:334:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:345:13: branch_false: ...to here
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:345:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:350:13: branch_false: ...to here
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:350:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:355:14: branch_false: ...to here
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:355:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:360:14: branch_false: ...to here
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:360:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:367:13: branch_false: ...to here
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:367:13: acquire_memory: allocated here
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:368:12: branch_false: following ‘false’ branch (when ‘f’ is non-NULL)...
 branch_false: ...to here
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:374:16: call_function: calling ‘get_line’ from ‘load_rules’
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:374:16: return_function: returning to ‘load_rules’ from ‘get_line’
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:374:16: branch_true: following ‘true’ branch...
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:375:17: branch_true: ...to here
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:377:29: call_function: calling ‘parse_line’ from ‘load_rules’
#  307|   
#  308|   	if (ausearch_add_expression(au, rule->expr, &error, AUSEARCH_RULE_OR) != 0) {
#  309|-> 		syslog(LOG_ERR, "Invalid expression: %s (%s)", rule->expr, error);
#  310|   		free_rule(rule);
#  311|   		free(rule);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def41]
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:309:17: warning[-Wanalyzer-malloc-leak]: leak of ‘rule’
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:280:12: branch_false: following ‘false’ branch...
 branch_false: ...to here
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:290:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:295:21: branch_false: ...to here
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:295:21: acquire_memory: allocated here
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:295:12: branch_false: following ‘false’ branch (when ‘rule’ is non-NULL)...
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:299:9: branch_false: ...to here
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:302:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:308:13: branch_false: ...to here
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:308:12: branch_true: following ‘true’ branch...
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:309:17: branch_true: ...to here
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:309:17: danger: ‘rule’ leaks here; was allocated at [(5)](sarif:/runs/0/results/14/codeFlows/0/threadFlows/0/locations/4)
#  307|   
#  308|   	if (ausearch_add_expression(au, rule->expr, &error, AUSEARCH_RULE_OR) != 0) {
#  309|-> 		syslog(LOG_ERR, "Invalid expression: %s (%s)", rule->expr, error);
#  310|   		free_rule(rule);
#  311|   		free(rule);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def42]
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:309:17: warning[-Wanalyzer-malloc-leak]: leak of ‘strdup(line)’
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:280:12: branch_false: following ‘false’ branch...
 branch_false: ...to here
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:290:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:295:21: branch_false: ...to here
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:295:12: branch_false: following ‘false’ branch (when ‘rule’ is non-NULL)...
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:299:9: branch_false: ...to here
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:302:27: acquire_memory: allocated here
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:302:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:308:13: branch_false: ...to here
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:308:12: branch_true: following ‘true’ branch...
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:309:17: branch_true: ...to here
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:309:17: danger: ‘strdup(line)’ leaks here; was allocated at [(7)](sarif:/runs/0/results/16/codeFlows/0/threadFlows/0/locations/6)
#  307|   
#  308|   	if (ausearch_add_expression(au, rule->expr, &error, AUSEARCH_RULE_OR) != 0) {
#  309|-> 		syslog(LOG_ERR, "Invalid expression: %s (%s)", rule->expr, error);
#  310|   		free_rule(rule);
#  311|   		free(rule);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def43]
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:316:9: warning[-Wanalyzer-malloc-leak]: leak of ‘<unknown>’
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:280:12: branch_false: following ‘false’ branch...
 branch_false: ...to here
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:290:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:295:21: branch_false: ...to here
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:295:12: branch_false: following ‘false’ branch (when ‘rule’ is non-NULL)...
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:299:9: branch_false: ...to here
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:302:27: acquire_memory: allocated here
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:302:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:308:13: branch_false: ...to here
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:308:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:316:9: branch_false: ...to here
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:316:9: danger: ‘<unknown>’ leaks here; was allocated at [(7)](sarif:/runs/0/results/18/codeFlows/0/threadFlows/0/locations/6)
#  314|   	}
#  315|   
#  316|-> 	auparse_destroy(au);
#  317|   	return rule;
#  318|   }

Error: GCC_ANALYZER_WARNING (CWE-401): [#def44]
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:316:9: warning[-Wanalyzer-malloc-leak]: leak of ‘f’
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:323:12: enter_function: entry to ‘load_rules’
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:334:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:345:13: branch_false: ...to here
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:345:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:350:13: branch_false: ...to here
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:350:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:355:14: branch_false: ...to here
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:355:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:360:14: branch_false: ...to here
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:360:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:367:13: branch_false: ...to here
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:367:13: acquire_memory: allocated here
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:368:12: branch_false: following ‘false’ branch (when ‘f’ is non-NULL)...
 branch_false: ...to here
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:374:16: call_function: calling ‘get_line’ from ‘load_rules’
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:374:16: return_function: returning to ‘load_rules’ from ‘get_line’
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:374:16: branch_true: following ‘true’ branch...
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:375:17: branch_true: ...to here
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:377:29: call_function: calling ‘parse_line’ from ‘load_rules’
#  314|   	}
#  315|   
#  316|-> 	auparse_destroy(au);
#  317|   	return rule;
#  318|   }

Error: GCC_ANALYZER_WARNING (CWE-401): [#def45]
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:316:9: warning[-Wanalyzer-malloc-leak]: leak of ‘rule’
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:280:12: branch_false: following ‘false’ branch...
 branch_false: ...to here
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:290:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:295:21: branch_false: ...to here
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:295:21: acquire_memory: allocated here
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:295:12: branch_false: following ‘false’ branch (when ‘rule’ is non-NULL)...
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:299:9: branch_false: ...to here
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:302:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:308:13: branch_false: ...to here
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:308:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:316:9: branch_false: ...to here
audit-userspace-4.1.2/audisp/plugins/filter/audisp-filter.c:316:9: danger: ‘rule’ leaks here; was allocated at [(5)](sarif:/runs/0/results/17/codeFlows/0/threadFlows/0/locations/4)
#  314|   	}
#  315|   
#  316|-> 	auparse_destroy(au);
#  317|   	return rule;
#  318|   }

Error: GCC_ANALYZER_WARNING (CWE-688): [#def46]
audit-userspace-4.1.2/audisp/plugins/remote/audisp-remote.c:966:17: warning[-Wanalyzer-possible-null-argument]: use of possibly-NULL ‘config.krb5_principal’ where non-null expected
audit-userspace-4.1.2/audisp/plugins/remote/audisp-remote.c:1712:12: enter_function: entry to ‘relay_sock’
audit-userspace-4.1.2/audisp/plugins/remote/audisp-remote.c:1722:30: call_function: calling ‘relay_sock_ascii’ from ‘relay_sock’
#argument 1 of ‘__builtin_sprintf’ must be non-null
#  964|   		config.krb5_principal = (char *) malloc (strlen (name) + 1
#  965|   					+ strlen (config.remote_server) + 1);
#  966|-> 		sprintf((char *)config.krb5_principal, "%s@%s",
#  967|   			name, config.remote_server);
#  968|   	}

Error: GCC_ANALYZER_WARNING (CWE-775): [#def47]
audit-userspace-4.1.2/audisp/plugins/remote/audisp-remote.c:1178:21: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘socket(*runp.ai_family, *runp.ai_socktype, *runp.ai_protocol)’
audit-userspace-4.1.2/audisp/plugins/remote/audisp-remote.c:1712:12: enter_function: entry to ‘relay_sock’
audit-userspace-4.1.2/audisp/plugins/remote/audisp-remote.c:1722:30: call_function: calling ‘relay_sock_ascii’ from ‘relay_sock’
# 1176|   		sock = socket(runp->ai_family, runp->ai_socktype,
# 1177|   					runp->ai_protocol);
# 1178|-> 		if (sock < 0) {
# 1179|   			if (!quiet)
# 1180|   				syslog(LOG_ERR, "Error creating socket: %s",

Error: GCC_ANALYZER_WARNING (CWE-476): [#def48]
audit-userspace-4.1.2/audisp/plugins/remote/audisp-remote.c:1384:9: warning[-Wanalyzer-possible-null-dereference]: dereference of possibly-NULL ‘utok.value’
audit-userspace-4.1.2/audisp/plugins/remote/audisp-remote.c:1712:12: enter_function: entry to ‘relay_sock’
audit-userspace-4.1.2/audisp/plugins/remote/audisp-remote.c:1719:30: call_function: calling ‘relay_sock_managed’ from ‘relay_sock’
# 1382|   	utok.value = malloc (utok.length);
# 1383|   
# 1384|-> 	memcpy (utok.value, header, AUDIT_RMW_HEADER_SIZE);
# 1385|   
# 1386|   	if (msg != NULL && mlen > 0)

Error: GCC_ANALYZER_WARNING (CWE-401): [#def49]
audit-userspace-4.1.2/audisp/plugins/remote/audisp-remote.c:1389:24: warning[-Wanalyzer-malloc-leak]: leak of ‘utok.value’
audit-userspace-4.1.2/audisp/plugins/remote/audisp-remote.c:1712:12: enter_function: entry to ‘relay_sock’
audit-userspace-4.1.2/audisp/plugins/remote/audisp-remote.c:1719:30: call_function: calling ‘relay_sock_managed’ from ‘relay_sock’
# 1387|   		memcpy (utok.value+AUDIT_RMW_HEADER_SIZE, msg, mlen);
# 1388|   
# 1389|-> 	major_status = gss_wrap (&minor_status,
# 1390|   				 my_context,
# 1391|   				 1,

Error: GCC_ANALYZER_WARNING (CWE-401): [#def50]
audit-userspace-4.1.2/audisp/plugins/remote/queue.c:100:23: warning[-Wanalyzer-malloc-leak]: leak of ‘copy’
audit-userspace-4.1.2/audisp/plugins/remote/queue.c:338:12: enter_function: entry to ‘q_append_no_sync_fh_state’
audit-userspace-4.1.2/audisp/plugins/remote/queue.c:343:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/audisp/plugins/remote/queue.c:348:21: branch_false: ...to here
audit-userspace-4.1.2/audisp/plugins/remote/queue.c:349:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/audisp/plugins/remote/queue.c:354:24: branch_false: ...to here
audit-userspace-4.1.2/audisp/plugins/remote/queue.c:355:12: branch_true: following ‘true’ branch...
audit-userspace-4.1.2/audisp/plugins/remote/queue.c:356:30: branch_true: ...to here
audit-userspace-4.1.2/audisp/plugins/remote/queue.c:356:20: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/audisp/plugins/remote/queue.c:360:24: branch_false: ...to here
audit-userspace-4.1.2/audisp/plugins/remote/queue.c:360:24: acquire_memory: allocated here
audit-userspace-4.1.2/audisp/plugins/remote/queue.c:361:20: branch_false: following ‘false’ branch (when ‘copy’ is non-NULL)...
audit-userspace-4.1.2/audisp/plugins/remote/queue.c:363:17: branch_false: ...to here
audit-userspace-4.1.2/audisp/plugins/remote/queue.c:367:12: branch_true: following ‘true’ branch...
audit-userspace-4.1.2/audisp/plugins/remote/queue.c:370:26: call_function: inlined call to ‘entry_offset’ from ‘q_append_no_sync_fh_state’
audit-userspace-4.1.2/audisp/plugins/remote/queue.c:371:21: call_function: calling ‘full_pwrite’ from ‘q_append_no_sync_fh_state’
#   98|   		else
#   99|   			run = size;
#  100|-> 		res = pwrite(fd, buf, run, offset);
#  101|   		if (res < 0)
#  102|   			return -1;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def51]
audit-userspace-4.1.2/audisp/plugins/remote/queue.c:100:23: warning[-Wanalyzer-malloc-leak]: leak of ‘q’
audit-userspace-4.1.2/audisp/plugins/remote/queue.c:263:22: enter_function: entry to ‘q_open_no_resize’
audit-userspace-4.1.2/audisp/plugins/remote/queue.c:269:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/audisp/plugins/remote/queue.c:273:13: branch_false: ...to here
audit-userspace-4.1.2/audisp/plugins/remote/queue.c:273:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/audisp/plugins/remote/queue.c:273:13: branch_false: ...to here
audit-userspace-4.1.2/audisp/plugins/remote/queue.c:273:13: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/audisp/plugins/remote/queue.c:288:20: branch_false: ...to here
audit-userspace-4.1.2/audisp/plugins/remote/queue.c:288:13: acquire_memory: allocated here
audit-userspace-4.1.2/audisp/plugins/remote/queue.c:289:12: branch_false: following ‘false’ branch (when ‘q’ is non-NULL)...
audit-userspace-4.1.2/audisp/plugins/remote/queue.c:291:9: branch_false: ...to here
audit-userspace-4.1.2/audisp/plugins/remote/queue.c:299:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/audisp/plugins/remote/queue.c:308:13: branch_false: ...to here
audit-userspace-4.1.2/audisp/plugins/remote/queue.c:308:12: branch_true: following ‘true’ branch...
audit-userspace-4.1.2/audisp/plugins/remote/queue.c:308:43: branch_true: ...to here
audit-userspace-4.1.2/audisp/plugins/remote/queue.c:308:43: call_function: calling ‘q_open_file’ from ‘q_open_no_resize’
#   98|   		else
#   99|   			run = size;
#  100|-> 		res = pwrite(fd, buf, run, offset);
#  101|   		if (res < 0)
#  102|   			return -1;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def52]
audit-userspace-4.1.2/audisp/plugins/remote/queue.c:156:16: warning[-Wanalyzer-malloc-leak]: leak of ‘q’
audit-userspace-4.1.2/audisp/plugins/remote/queue.c:263:22: enter_function: entry to ‘q_open_no_resize’
audit-userspace-4.1.2/audisp/plugins/remote/queue.c:269:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/audisp/plugins/remote/queue.c:273:13: branch_false: ...to here
audit-userspace-4.1.2/audisp/plugins/remote/queue.c:273:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/audisp/plugins/remote/queue.c:273:13: branch_false: ...to here
audit-userspace-4.1.2/audisp/plugins/remote/queue.c:273:13: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/audisp/plugins/remote/queue.c:288:20: branch_false: ...to here
audit-userspace-4.1.2/audisp/plugins/remote/queue.c:288:13: acquire_memory: allocated here
audit-userspace-4.1.2/audisp/plugins/remote/queue.c:289:12: branch_false: following ‘false’ branch (when ‘q’ is non-NULL)...
audit-userspace-4.1.2/audisp/plugins/remote/queue.c:291:9: branch_false: ...to here
audit-userspace-4.1.2/audisp/plugins/remote/queue.c:299:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/audisp/plugins/remote/queue.c:308:13: branch_false: ...to here
audit-userspace-4.1.2/audisp/plugins/remote/queue.c:308:12: branch_true: following ‘true’ branch...
audit-userspace-4.1.2/audisp/plugins/remote/queue.c:308:43: branch_true: ...to here
audit-userspace-4.1.2/audisp/plugins/remote/queue.c:308:43: call_function: calling ‘q_open_file’ from ‘q_open_no_resize’
#  154|   	if ((q->flags & Q_SYNC) == 0)
#  155|   		return 0;
#  156|-> 	return fdatasync(q->fd);
#  157|   }
#  158|   

Error: GCC_ANALYZER_WARNING (CWE-401): [#def53]
audit-userspace-4.1.2/audisp/plugins/remote/queue.c:191:17: warning[-Wanalyzer-malloc-leak]: leak of ‘q’
audit-userspace-4.1.2/audisp/plugins/remote/queue.c:263:22: enter_function: entry to ‘q_open_no_resize’
audit-userspace-4.1.2/audisp/plugins/remote/queue.c:269:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/audisp/plugins/remote/queue.c:273:13: branch_false: ...to here
audit-userspace-4.1.2/audisp/plugins/remote/queue.c:273:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/audisp/plugins/remote/queue.c:273:13: branch_false: ...to here
audit-userspace-4.1.2/audisp/plugins/remote/queue.c:273:13: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/audisp/plugins/remote/queue.c:288:20: branch_false: ...to here
audit-userspace-4.1.2/audisp/plugins/remote/queue.c:288:13: acquire_memory: allocated here
audit-userspace-4.1.2/audisp/plugins/remote/queue.c:289:12: branch_false: following ‘false’ branch (when ‘q’ is non-NULL)...
audit-userspace-4.1.2/audisp/plugins/remote/queue.c:291:9: branch_false: ...to here
audit-userspace-4.1.2/audisp/plugins/remote/queue.c:299:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/audisp/plugins/remote/queue.c:308:13: branch_false: ...to here
audit-userspace-4.1.2/audisp/plugins/remote/queue.c:308:12: branch_true: following ‘true’ branch...
audit-userspace-4.1.2/audisp/plugins/remote/queue.c:308:43: branch_true: ...to here
audit-userspace-4.1.2/audisp/plugins/remote/queue.c:308:43: call_function: calling ‘q_open_file’ from ‘q_open_no_resize’
#  189|   	if ((q->flags & Q_EXCL) != 0)
#  190|   		open_flags |= O_EXCL;
#  191|-> 	q->fd = open(path, open_flags, S_IRUSR | S_IWUSR);
#  192|   	if (q->fd == -1)
#  193|   		return -1;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def54]
audit-userspace-4.1.2/audisp/plugins/remote/queue.c:195:20: warning[-Wanalyzer-malloc-leak]: leak of ‘q’
audit-userspace-4.1.2/audisp/plugins/remote/queue.c:263:22: enter_function: entry to ‘q_open_no_resize’
audit-userspace-4.1.2/audisp/plugins/remote/queue.c:269:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/audisp/plugins/remote/queue.c:273:13: branch_false: ...to here
audit-userspace-4.1.2/audisp/plugins/remote/queue.c:273:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/audisp/plugins/remote/queue.c:273:13: branch_false: ...to here
audit-userspace-4.1.2/audisp/plugins/remote/queue.c:273:13: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/audisp/plugins/remote/queue.c:288:20: branch_false: ...to here
audit-userspace-4.1.2/audisp/plugins/remote/queue.c:288:13: acquire_memory: allocated here
audit-userspace-4.1.2/audisp/plugins/remote/queue.c:289:12: branch_false: following ‘false’ branch (when ‘q’ is non-NULL)...
audit-userspace-4.1.2/audisp/plugins/remote/queue.c:291:9: branch_false: ...to here
audit-userspace-4.1.2/audisp/plugins/remote/queue.c:299:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/audisp/plugins/remote/queue.c:308:13: branch_false: ...to here
audit-userspace-4.1.2/audisp/plugins/remote/queue.c:308:12: branch_true: following ‘true’ branch...
audit-userspace-4.1.2/audisp/plugins/remote/queue.c:308:43: branch_true: ...to here
audit-userspace-4.1.2/audisp/plugins/remote/queue.c:308:43: call_function: calling ‘q_open_file’ from ‘q_open_no_resize’
#  193|   		return -1;
#  194|   
#  195|-> 	fd_flags = fcntl(q->fd, F_GETFD);
#  196|   	if (fd_flags < 0)
#  197|   		return -1;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def55]
audit-userspace-4.1.2/audisp/plugins/remote/queue.c:198:13: warning[-Wanalyzer-malloc-leak]: leak of ‘q’
audit-userspace-4.1.2/audisp/plugins/remote/queue.c:263:22: enter_function: entry to ‘q_open_no_resize’
audit-userspace-4.1.2/audisp/plugins/remote/queue.c:269:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/audisp/plugins/remote/queue.c:273:13: branch_false: ...to here
audit-userspace-4.1.2/audisp/plugins/remote/queue.c:273:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/audisp/plugins/remote/queue.c:273:13: branch_false: ...to here
audit-userspace-4.1.2/audisp/plugins/remote/queue.c:273:13: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/audisp/plugins/remote/queue.c:288:20: branch_false: ...to here
audit-userspace-4.1.2/audisp/plugins/remote/queue.c:288:13: acquire_memory: allocated here
audit-userspace-4.1.2/audisp/plugins/remote/queue.c:289:12: branch_false: following ‘false’ branch (when ‘q’ is non-NULL)...
audit-userspace-4.1.2/audisp/plugins/remote/queue.c:291:9: branch_false: ...to here
audit-userspace-4.1.2/audisp/plugins/remote/queue.c:299:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/audisp/plugins/remote/queue.c:308:13: branch_false: ...to here
audit-userspace-4.1.2/audisp/plugins/remote/queue.c:308:12: branch_true: following ‘true’ branch...
audit-userspace-4.1.2/audisp/plugins/remote/queue.c:308:43: branch_true: ...to here
audit-userspace-4.1.2/audisp/plugins/remote/queue.c:308:43: call_function: calling ‘q_open_file’ from ‘q_open_no_resize’
#  196|   	if (fd_flags < 0)
#  197|   		return -1;
#  198|-> 	if (fcntl(q->fd, F_SETFD, fd_flags | FD_CLOEXEC) == -1)
#  199|   		return -1;
#  200|   

Error: GCC_ANALYZER_WARNING (CWE-401): [#def56]
audit-userspace-4.1.2/audisp/plugins/remote/queue.c:205:13: warning[-Wanalyzer-malloc-leak]: leak of ‘q’
audit-userspace-4.1.2/audisp/plugins/remote/queue.c:263:22: enter_function: entry to ‘q_open_no_resize’
audit-userspace-4.1.2/audisp/plugins/remote/queue.c:269:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/audisp/plugins/remote/queue.c:273:13: branch_false: ...to here
audit-userspace-4.1.2/audisp/plugins/remote/queue.c:273:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/audisp/plugins/remote/queue.c:273:13: branch_false: ...to here
audit-userspace-4.1.2/audisp/plugins/remote/queue.c:273:13: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/audisp/plugins/remote/queue.c:288:20: branch_false: ...to here
audit-userspace-4.1.2/audisp/plugins/remote/queue.c:288:13: acquire_memory: allocated here
audit-userspace-4.1.2/audisp/plugins/remote/queue.c:289:12: branch_false: following ‘false’ branch (when ‘q’ is non-NULL)...
audit-userspace-4.1.2/audisp/plugins/remote/queue.c:291:9: branch_false: ...to here
audit-userspace-4.1.2/audisp/plugins/remote/queue.c:299:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/audisp/plugins/remote/queue.c:308:13: branch_false: ...to here
audit-userspace-4.1.2/audisp/plugins/remote/queue.c:308:12: branch_true: following ‘true’ branch...
audit-userspace-4.1.2/audisp/plugins/remote/queue.c:308:43: branch_true: ...to here
audit-userspace-4.1.2/audisp/plugins/remote/queue.c:308:43: call_function: calling ‘q_open_file’ from ‘q_open_no_resize’
#  203|   	   open() above has initialized the file offset to 0, so the lockf()
#  204|   	   below affects the whole file. */
#  205|-> 	if (lockf(q->fd, F_TLOCK, 0) != 0) {
#  206|   		if (errno == EACCES || errno == EAGAIN)
#  207|   			errno = EBUSY; /* This makes more sense... */

Error: GCC_ANALYZER_WARNING (CWE-401): [#def57]
audit-userspace-4.1.2/audisp/plugins/remote/queue.c:227:21: warning[-Wanalyzer-malloc-leak]: leak of ‘q’
audit-userspace-4.1.2/audisp/plugins/remote/queue.c:263:22: enter_function: entry to ‘q_open_no_resize’
audit-userspace-4.1.2/audisp/plugins/remote/queue.c:269:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/audisp/plugins/remote/queue.c:273:13: branch_false: ...to here
audit-userspace-4.1.2/audisp/plugins/remote/queue.c:273:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/audisp/plugins/remote/queue.c:273:13: branch_false: ...to here
audit-userspace-4.1.2/audisp/plugins/remote/queue.c:273:13: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/audisp/plugins/remote/queue.c:288:20: branch_false: ...to here
audit-userspace-4.1.2/audisp/plugins/remote/queue.c:288:13: acquire_memory: allocated here
audit-userspace-4.1.2/audisp/plugins/remote/queue.c:289:12: branch_false: following ‘false’ branch (when ‘q’ is non-NULL)...
audit-userspace-4.1.2/audisp/plugins/remote/queue.c:291:9: branch_false: ...to here
audit-userspace-4.1.2/audisp/plugins/remote/queue.c:299:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/audisp/plugins/remote/queue.c:308:13: branch_false: ...to here
audit-userspace-4.1.2/audisp/plugins/remote/queue.c:308:12: branch_true: following ‘true’ branch...
audit-userspace-4.1.2/audisp/plugins/remote/queue.c:308:43: branch_true: ...to here
audit-userspace-4.1.2/audisp/plugins/remote/queue.c:308:43: call_function: calling ‘q_open_file’ from ‘q_open_no_resize’
#  225|   			return -1;
#  226|   #ifdef HAVE_POSIX_FALLOCATE
#  227|-> 		if (posix_fallocate(q->fd, 0,
#  228|   				    (q->num_entries + 1) * q->entry_size) != 0)
#  229|   			return -1;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def58]
audit-userspace-4.1.2/audisp/plugins/remote/remote-config.c:304:33: warning[-Wanalyzer-malloc-leak]: leak of ‘f’
audit-userspace-4.1.2/audisp/plugins/remote/remote-config.c:234:5: enter_function: entry to ‘load_config’
audit-userspace-4.1.2/audisp/plugins/remote/remote-config.c:246:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/audisp/plugins/remote/remote-config.c:261:13: branch_false: ...to here
audit-userspace-4.1.2/audisp/plugins/remote/remote-config.c:261:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/audisp/plugins/remote/remote-config.c:267:13: branch_false: ...to here
audit-userspace-4.1.2/audisp/plugins/remote/remote-config.c:267:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/audisp/plugins/remote/remote-config.c:273:14: branch_false: ...to here
audit-userspace-4.1.2/audisp/plugins/remote/remote-config.c:273:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/audisp/plugins/remote/remote-config.c:279:14: branch_false: ...to here
audit-userspace-4.1.2/audisp/plugins/remote/remote-config.c:279:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/audisp/plugins/remote/remote-config.c:287:13: branch_false: ...to here
audit-userspace-4.1.2/audisp/plugins/remote/remote-config.c:287:13: acquire_memory: allocated here
audit-userspace-4.1.2/audisp/plugins/remote/remote-config.c:288:12: branch_false: following ‘false’ branch (when ‘f’ is non-NULL)...
 branch_false: ...to here
audit-userspace-4.1.2/audisp/plugins/remote/remote-config.c:295:16: call_function: calling ‘get_line’ from ‘load_config’
audit-userspace-4.1.2/audisp/plugins/remote/remote-config.c:295:16: return_function: returning to ‘load_config’ from ‘get_line’
audit-userspace-4.1.2/audisp/plugins/remote/remote-config.c:295:16: branch_true: following ‘true’ branch...
audit-userspace-4.1.2/audisp/plugins/remote/remote-config.c:299:22: branch_true: ...to here
audit-userspace-4.1.2/audisp/plugins/remote/remote-config.c:299:22: call_function: calling ‘nv_split’ from ‘load_config’
audit-userspace-4.1.2/audisp/plugins/remote/remote-config.c:299:22: return_function: returning to ‘load_config’ from ‘nv_split’
audit-userspace-4.1.2/audisp/plugins/remote/remote-config.c:304:33: danger: ‘f’ leaks here; was allocated at [(12)](sarif:/runs/0/results/0/codeFlows/0/threadFlows/0/locations/11)
#  302|   				break;
#  303|   			case 1: // not the right number of tokens.
#  304|-> 				syslog(LOG_ERR, 
#  305|   				"Wrong number of arguments for line %d in %s", 
#  306|   					lineno, file);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def59]
audit-userspace-4.1.2/audisp/plugins/remote/remote-config.c:309:33: warning[-Wanalyzer-malloc-leak]: leak of ‘f’
audit-userspace-4.1.2/audisp/plugins/remote/remote-config.c:234:5: enter_function: entry to ‘load_config’
audit-userspace-4.1.2/audisp/plugins/remote/remote-config.c:246:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/audisp/plugins/remote/remote-config.c:261:13: branch_false: ...to here
audit-userspace-4.1.2/audisp/plugins/remote/remote-config.c:261:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/audisp/plugins/remote/remote-config.c:267:13: branch_false: ...to here
audit-userspace-4.1.2/audisp/plugins/remote/remote-config.c:267:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/audisp/plugins/remote/remote-config.c:273:14: branch_false: ...to here
audit-userspace-4.1.2/audisp/plugins/remote/remote-config.c:273:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/audisp/plugins/remote/remote-config.c:279:14: branch_false: ...to here
audit-userspace-4.1.2/audisp/plugins/remote/remote-config.c:279:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/audisp/plugins/remote/remote-config.c:287:13: branch_false: ...to here
audit-userspace-4.1.2/audisp/plugins/remote/remote-config.c:287:13: acquire_memory: allocated here
audit-userspace-4.1.2/audisp/plugins/remote/remote-config.c:288:12: branch_false: following ‘false’ branch (when ‘f’ is non-NULL)...
 branch_false: ...to here
audit-userspace-4.1.2/audisp/plugins/remote/remote-config.c:295:16: call_function: calling ‘get_line’ from ‘load_config’
audit-userspace-4.1.2/audisp/plugins/remote/remote-config.c:295:16: return_function: returning to ‘load_config’ from ‘get_line’
audit-userspace-4.1.2/audisp/plugins/remote/remote-config.c:295:16: branch_true: following ‘true’ branch...
audit-userspace-4.1.2/audisp/plugins/remote/remote-config.c:299:22: branch_true: ...to here
audit-userspace-4.1.2/audisp/plugins/remote/remote-config.c:299:22: call_function: calling ‘nv_split’ from ‘load_config’
audit-userspace-4.1.2/audisp/plugins/remote/remote-config.c:299:22: return_function: returning to ‘load_config’ from ‘nv_split’
audit-userspace-4.1.2/audisp/plugins/remote/remote-config.c:309:33: danger: ‘f’ leaks here; was allocated at [(12)](sarif:/runs/0/results/1/codeFlows/0/threadFlows/0/locations/11)
#  307|   				break;
#  308|   			case 2: // no '=' sign
#  309|-> 				syslog(LOG_ERR, 
#  310|   					"Missing equal sign for line %d in %s", 
#  311|   					lineno, file);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def60]
audit-userspace-4.1.2/audisp/plugins/remote/remote-config.c:331:25: warning[-Wanalyzer-malloc-leak]: leak of ‘f’
audit-userspace-4.1.2/audisp/plugins/remote/remote-config.c:234:5: enter_function: entry to ‘load_config’
audit-userspace-4.1.2/audisp/plugins/remote/remote-config.c:246:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/audisp/plugins/remote/remote-config.c:261:13: branch_false: ...to here
audit-userspace-4.1.2/audisp/plugins/remote/remote-config.c:261:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/audisp/plugins/remote/remote-config.c:267:13: branch_false: ...to here
audit-userspace-4.1.2/audisp/plugins/remote/remote-config.c:267:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/audisp/plugins/remote/remote-config.c:273:14: branch_false: ...to here
audit-userspace-4.1.2/audisp/plugins/remote/remote-config.c:273:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/audisp/plugins/remote/remote-config.c:279:14: branch_false: ...to here
audit-userspace-4.1.2/audisp/plugins/remote/remote-config.c:279:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/audisp/plugins/remote/remote-config.c:287:13: branch_false: ...to here
audit-userspace-4.1.2/audisp/plugins/remote/remote-config.c:287:13: acquire_memory: allocated here
audit-userspace-4.1.2/audisp/plugins/remote/remote-config.c:288:12: branch_false: following ‘false’ branch (when ‘f’ is non-NULL)...
 branch_false: ...to here
audit-userspace-4.1.2/audisp/plugins/remote/remote-config.c:295:16: call_function: calling ‘get_line’ from ‘load_config’
audit-userspace-4.1.2/audisp/plugins/remote/remote-config.c:295:16: return_function: returning to ‘load_config’ from ‘get_line’
audit-userspace-4.1.2/audisp/plugins/remote/remote-config.c:295:16: branch_true: following ‘true’ branch...
audit-userspace-4.1.2/audisp/plugins/remote/remote-config.c:299:22: branch_true: ...to here
audit-userspace-4.1.2/audisp/plugins/remote/remote-config.c:299:22: call_function: calling ‘nv_split’ from ‘load_config’
audit-userspace-4.1.2/audisp/plugins/remote/remote-config.c:299:22: return_function: returning to ‘load_config’ from ‘nv_split’
audit-userspace-4.1.2/audisp/plugins/remote/remote-config.c:319:20: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/audisp/plugins/remote/remote-config.c:323:21: branch_false: ...to here
audit-userspace-4.1.2/audisp/plugins/remote/remote-config.c:323:20: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/audisp/plugins/remote/remote-config.c:329:22: branch_false: ...to here
audit-userspace-4.1.2/audisp/plugins/remote/remote-config.c:329:22: call_function: calling ‘kw_lookup’ from ‘load_config’
audit-userspace-4.1.2/audisp/plugins/remote/remote-config.c:329:22: return_function: returning to ‘load_config’ from ‘kw_lookup’
audit-userspace-4.1.2/audisp/plugins/remote/remote-config.c:330:20: branch_true: following ‘true’ branch...
audit-userspace-4.1.2/audisp/plugins/remote/remote-config.c:331:25: branch_true: ...to here
audit-userspace-4.1.2/audisp/plugins/remote/remote-config.c:331:25: danger: ‘f’ leaks here; was allocated at [(12)](sarif:/runs/0/results/2/codeFlows/0/threadFlows/0/locations/11)
#  329|   		kw = kw_lookup(nv.name);
#  330|   		if (kw->name == NULL) {
#  331|-> 			syslog(LOG_ERR, 
#  332|   				"Unknown keyword \"%s\" in line %d of %s", 
#  333|   				nv.name, lineno, file);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def61]
audit-userspace-4.1.2/audisp/plugins/remote/remote-config.c:340:25: warning[-Wanalyzer-malloc-leak]: leak of ‘f’
audit-userspace-4.1.2/audisp/plugins/remote/remote-config.c:234:5: enter_function: entry to ‘load_config’
audit-userspace-4.1.2/audisp/plugins/remote/remote-config.c:246:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/audisp/plugins/remote/remote-config.c:261:13: branch_false: ...to here
audit-userspace-4.1.2/audisp/plugins/remote/remote-config.c:261:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/audisp/plugins/remote/remote-config.c:267:13: branch_false: ...to here
audit-userspace-4.1.2/audisp/plugins/remote/remote-config.c:267:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/audisp/plugins/remote/remote-config.c:273:14: branch_false: ...to here
audit-userspace-4.1.2/audisp/plugins/remote/remote-config.c:273:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/audisp/plugins/remote/remote-config.c:279:14: branch_false: ...to here
audit-userspace-4.1.2/audisp/plugins/remote/remote-config.c:279:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/audisp/plugins/remote/remote-config.c:287:13: branch_false: ...to here
audit-userspace-4.1.2/audisp/plugins/remote/remote-config.c:287:13: acquire_memory: allocated here
audit-userspace-4.1.2/audisp/plugins/remote/remote-config.c:288:12: branch_false: following ‘false’ branch (when ‘f’ is non-NULL)...
 branch_false: ...to here
audit-userspace-4.1.2/audisp/plugins/remote/remote-config.c:295:16: call_function: calling ‘get_line’ from ‘load_config’
audit-userspace-4.1.2/audisp/plugins/remote/remote-config.c:295:16: return_function: returning to ‘load_config’ from ‘get_line’
audit-userspace-4.1.2/audisp/plugins/remote/remote-config.c:295:16: branch_true: following ‘true’ branch...
audit-userspace-4.1.2/audisp/plugins/remote/remote-config.c:299:22: branch_true: ...to here
audit-userspace-4.1.2/audisp/plugins/remote/remote-config.c:299:22: call_function: calling ‘nv_split’ from ‘load_config’
audit-userspace-4.1.2/audisp/plugins/remote/remote-config.c:299:22: return_function: returning to ‘load_config’ from ‘nv_split’
audit-userspace-4.1.2/audisp/plugins/remote/remote-config.c:319:20: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/audisp/plugins/remote/remote-config.c:323:21: branch_false: ...to here
audit-userspace-4.1.2/audisp/plugins/remote/remote-config.c:323:20: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/audisp/plugins/remote/remote-config.c:329:22: branch_false: ...to here
audit-userspace-4.1.2/audisp/plugins/remote/remote-config.c:329:22: call_function: calling ‘kw_lookup’ from ‘load_config’
audit-userspace-4.1.2/audisp/plugins/remote/remote-config.c:329:22: return_function: returning to ‘load_config’ from ‘kw_lookup’
audit-userspace-4.1.2/audisp/plugins/remote/remote-config.c:330:20: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/audisp/plugins/remote/remote-config.c:339:21: branch_false: ...to here
audit-userspace-4.1.2/audisp/plugins/remote/remote-config.c:339:20: branch_true: following ‘true’ branch...
audit-userspace-4.1.2/audisp/plugins/remote/remote-config.c:340:25: danger: ‘f’ leaks here; was allocated at [(12)](sarif:/runs/0/results/3/codeFlows/0/threadFlows/0/locations/11)
#  338|   		/* Check number of options */
#  339|   		if (kw->max_options == 0 && nv.option != NULL) {
#  340|-> 			syslog(LOG_ERR, 
#  341|   				"Keyword \"%s\" has invalid option "
#  342|   				"\"%s\" in line %d of %s", 

Error: GCC_ANALYZER_WARNING (CWE-401): [#def62]
audit-userspace-4.1.2/audisp/plugins/remote/remote-config.c:349:22: warning[-Wanalyzer-malloc-leak]: leak of ‘f’
audit-userspace-4.1.2/audisp/plugins/remote/remote-config.c:234:5: enter_function: entry to ‘load_config’
audit-userspace-4.1.2/audisp/plugins/remote/remote-config.c:246:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/audisp/plugins/remote/remote-config.c:261:13: branch_false: ...to here
audit-userspace-4.1.2/audisp/plugins/remote/remote-config.c:261:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/audisp/plugins/remote/remote-config.c:267:13: branch_false: ...to here
audit-userspace-4.1.2/audisp/plugins/remote/remote-config.c:267:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/audisp/plugins/remote/remote-config.c:273:14: branch_false: ...to here
audit-userspace-4.1.2/audisp/plugins/remote/remote-config.c:273:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/audisp/plugins/remote/remote-config.c:279:14: branch_false: ...to here
audit-userspace-4.1.2/audisp/plugins/remote/remote-config.c:279:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/audisp/plugins/remote/remote-config.c:287:13: branch_false: ...to here
audit-userspace-4.1.2/audisp/plugins/remote/remote-config.c:287:13: acquire_memory: allocated here
audit-userspace-4.1.2/audisp/plugins/remote/remote-config.c:288:12: branch_false: following ‘false’ branch (when ‘f’ is non-NULL)...
 branch_false: ...to here
audit-userspace-4.1.2/audisp/plugins/remote/remote-config.c:295:16: call_function: calling ‘get_line’ from ‘load_config’
audit-userspace-4.1.2/audisp/plugins/remote/remote-config.c:295:16: return_function: returning to ‘load_config’ from ‘get_line’
audit-userspace-4.1.2/audisp/plugins/remote/remote-config.c:295:16: branch_true: following ‘true’ branch...
audit-userspace-4.1.2/audisp/plugins/remote/remote-config.c:299:22: branch_true: ...to here
audit-userspace-4.1.2/audisp/plugins/remote/remote-config.c:299:22: call_function: calling ‘nv_split’ from ‘load_config’
audit-userspace-4.1.2/audisp/plugins/remote/remote-config.c:299:22: return_function: returning to ‘load_config’ from ‘nv_split’
audit-userspace-4.1.2/audisp/plugins/remote/remote-config.c:319:20: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/audisp/plugins/remote/remote-config.c:323:21: branch_false: ...to here
audit-userspace-4.1.2/audisp/plugins/remote/remote-config.c:323:20: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/audisp/plugins/remote/remote-config.c:329:22: branch_false: ...to here
audit-userspace-4.1.2/audisp/plugins/remote/remote-config.c:329:22: call_function: calling ‘kw_lookup’ from ‘load_config’
audit-userspace-4.1.2/audisp/plugins/remote/remote-config.c:329:22: return_function: returning to ‘load_config’ from ‘kw_lookup’
audit-userspace-4.1.2/audisp/plugins/remote/remote-config.c:330:20: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/audisp/plugins/remote/remote-config.c:339:21: branch_false: ...to here
audit-userspace-4.1.2/audisp/plugins/remote/remote-config.c:339:21: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/audisp/plugins/remote/remote-config.c:349:22: branch_false: ...to here
audit-userspace-4.1.2/audisp/plugins/remote/remote-config.c:349:22: danger: ‘f’ leaks here; was allocated at [(12)](sarif:/runs/0/results/4/codeFlows/0/threadFlows/0/locations/11)
#  347|   
#  348|   		/* dispatch to keyword's local parser */
#  349|-> 		rc = kw->parser(&nv, lineno, config);
#  350|   		if (rc != 0) {
#  351|   			fclose(f);

Error: GCC_ANALYZER_WARNING (CWE-775): [#def63]
audit-userspace-4.1.2/audisp/plugins/statsd/audisp-statsd.c:162:29: warning[-Wanalyzer-file-leak]: leak of FILE ‘fopen("/etc/audit/audisp-statsd.conf", "rt")’
audit-userspace-4.1.2/audisp/plugins/statsd/audisp-statsd.c:129:12: enter_function: entry to ‘load_config’
audit-userspace-4.1.2/audisp/plugins/statsd/audisp-statsd.c:134:19: acquire_resource: opened here
audit-userspace-4.1.2/audisp/plugins/statsd/audisp-statsd.c:135:12: branch_false: following ‘false’ branch...
 branch_false: ...to here
audit-userspace-4.1.2/audisp/plugins/statsd/audisp-statsd.c:140:16: call_function: calling ‘get_line’ from ‘load_config’
audit-userspace-4.1.2/audisp/plugins/statsd/audisp-statsd.c:140:16: return_function: returning to ‘load_config’ from ‘get_line’
audit-userspace-4.1.2/audisp/plugins/statsd/audisp-statsd.c:140:16: branch_true: following ‘true’ branch...
audit-userspace-4.1.2/audisp/plugins/statsd/audisp-statsd.c:141:17: branch_true: ...to here
audit-userspace-4.1.2/audisp/plugins/statsd/audisp-statsd.c:157:28: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/audisp/plugins/statsd/audisp-statsd.c:162:29: branch_false: ...to here
audit-userspace-4.1.2/audisp/plugins/statsd/audisp-statsd.c:162:29: danger: ‘fopen("/etc/audit/audisp-statsd.conf", "rt")’ leaks here; was opened at [(2)](sarif:/runs/0/results/0/codeFlows/0/threadFlows/0/locations/1)
#  160|   				return 1;
#  161|   			}
#  162|-> 			t = time_string_to_seconds(tstr, "statsd", line);
#  163|   			if (t < 0) {
#  164|   				fclose(f);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def64]
audit-userspace-4.1.2/audisp/plugins/statsd/audisp-statsd.c:162:29: warning[-Wanalyzer-malloc-leak]: leak of ‘fopen("/etc/audit/audisp-statsd.conf", "rt")’
audit-userspace-4.1.2/audisp/plugins/statsd/audisp-statsd.c:129:12: enter_function: entry to ‘load_config’
audit-userspace-4.1.2/audisp/plugins/statsd/audisp-statsd.c:134:19: acquire_memory: allocated here
audit-userspace-4.1.2/audisp/plugins/statsd/audisp-statsd.c:135:12: branch_false: following ‘false’ branch...
 branch_false: ...to here
audit-userspace-4.1.2/audisp/plugins/statsd/audisp-statsd.c:140:16: call_function: calling ‘get_line’ from ‘load_config’
audit-userspace-4.1.2/audisp/plugins/statsd/audisp-statsd.c:140:16: return_function: returning to ‘load_config’ from ‘get_line’
audit-userspace-4.1.2/audisp/plugins/statsd/audisp-statsd.c:140:16: branch_true: following ‘true’ branch...
audit-userspace-4.1.2/audisp/plugins/statsd/audisp-statsd.c:141:17: branch_true: ...to here
audit-userspace-4.1.2/audisp/plugins/statsd/audisp-statsd.c:157:28: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/audisp/plugins/statsd/audisp-statsd.c:162:29: branch_false: ...to here
audit-userspace-4.1.2/audisp/plugins/statsd/audisp-statsd.c:162:29: danger: ‘fopen("/etc/audit/audisp-statsd.conf", "rt")’ leaks here; was allocated at [(2)](sarif:/runs/0/results/1/codeFlows/0/threadFlows/0/locations/1)
#  160|   				return 1;
#  161|   			}
#  162|-> 			t = time_string_to_seconds(tstr, "statsd", line);
#  163|   			if (t < 0) {
#  164|   				fclose(f);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def65]
audit-userspace-4.1.2/audisp/plugins/syslog/audisp-syslog.c:155:22: warning[-Wanalyzer-malloc-leak]: leak of ‘auparse_init(3, s)’
audit-userspace-4.1.2/audisp/plugins/syslog/audisp-syslog.c:142:12: branch_true: following ‘true’ branch...
audit-userspace-4.1.2/audisp/plugins/syslog/audisp-syslog.c:147:21: branch_true: ...to here
audit-userspace-4.1.2/audisp/plugins/syslog/audisp-syslog.c:149:20: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/audisp/plugins/syslog/audisp-syslog.c:152:39: branch_false: ...to here
audit-userspace-4.1.2/audisp/plugins/syslog/audisp-syslog.c:152:39: acquire_memory: allocated here
audit-userspace-4.1.2/audisp/plugins/syslog/audisp-syslog.c:153:20: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/audisp/plugins/syslog/audisp-syslog.c:155:22: branch_false: ...to here
audit-userspace-4.1.2/audisp/plugins/syslog/audisp-syslog.c:155:22: danger: ‘auparse_init(3, s)’ leaks here; was allocated at [(5)](sarif:/runs/0/results/0/codeFlows/0/threadFlows/0/locations/4)
#  153|   		if (au == NULL)
#  154|   			return;
#  155|-> 		rc = auparse_first_record(au);
#  156|   
#  157|   		// AUDIT_EOE has no fields - drop it

Error: GCC_ANALYZER_WARNING (CWE-401): [#def66]
audit-userspace-4.1.2/audisp/plugins/zos-remote/zos-remote-config.c:162:25: warning[-Wanalyzer-malloc-leak]: leak of ‘f’
audit-userspace-4.1.2/audisp/plugins/zos-remote/zos-remote-config.c:95:5: enter_function: entry to ‘plugin_load_config’
audit-userspace-4.1.2/audisp/plugins/zos-remote/zos-remote-config.c:107:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/audisp/plugins/zos-remote/zos-remote-config.c:121:13: branch_false: ...to here
audit-userspace-4.1.2/audisp/plugins/zos-remote/zos-remote-config.c:121:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/audisp/plugins/zos-remote/zos-remote-config.c:127:13: branch_false: ...to here
audit-userspace-4.1.2/audisp/plugins/zos-remote/zos-remote-config.c:127:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/audisp/plugins/zos-remote/zos-remote-config.c:132:14: branch_false: ...to here
audit-userspace-4.1.2/audisp/plugins/zos-remote/zos-remote-config.c:132:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/audisp/plugins/zos-remote/zos-remote-config.c:138:14: branch_false: ...to here
audit-userspace-4.1.2/audisp/plugins/zos-remote/zos-remote-config.c:138:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/audisp/plugins/zos-remote/zos-remote-config.c:145:13: branch_false: ...to here
audit-userspace-4.1.2/audisp/plugins/zos-remote/zos-remote-config.c:145:13: acquire_memory: allocated here
audit-userspace-4.1.2/audisp/plugins/zos-remote/zos-remote-config.c:146:12: branch_false: following ‘false’ branch (when ‘f’ is non-NULL)...
 branch_false: ...to here
audit-userspace-4.1.2/audisp/plugins/zos-remote/zos-remote-config.c:152:16: call_function: calling ‘get_line’ from ‘plugin_load_config’
audit-userspace-4.1.2/audisp/plugins/zos-remote/zos-remote-config.c:152:16: return_function: returning to ‘plugin_load_config’ from ‘get_line’
audit-userspace-4.1.2/audisp/plugins/zos-remote/zos-remote-config.c:152:16: branch_true: following ‘true’ branch...
audit-userspace-4.1.2/audisp/plugins/zos-remote/zos-remote-config.c:157:22: branch_true: ...to here
audit-userspace-4.1.2/audisp/plugins/zos-remote/zos-remote-config.c:157:22: call_function: calling ‘nv_split’ from ‘plugin_load_config’
audit-userspace-4.1.2/audisp/plugins/zos-remote/zos-remote-config.c:157:22: return_function: returning to ‘plugin_load_config’ from ‘nv_split’
audit-userspace-4.1.2/audisp/plugins/zos-remote/zos-remote-config.c:162:25: danger: ‘f’ leaks here; was allocated at [(12)](sarif:/runs/0/results/0/codeFlows/0/threadFlows/0/locations/11)
#  160|                           break;
#  161|                   case 1:        /* not the right number of tokens. */
#  162|->                         log_err("Wrong number of arguments for line %d in %s", lineno, file);
#  163|                           break;
#  164|                   case 2:        /* no '=' sign */

Error: GCC_ANALYZER_WARNING (CWE-401): [#def67]
audit-userspace-4.1.2/audisp/plugins/zos-remote/zos-remote-config.c:165:25: warning[-Wanalyzer-malloc-leak]: leak of ‘f’
audit-userspace-4.1.2/audisp/plugins/zos-remote/zos-remote-config.c:95:5: enter_function: entry to ‘plugin_load_config’
audit-userspace-4.1.2/audisp/plugins/zos-remote/zos-remote-config.c:107:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/audisp/plugins/zos-remote/zos-remote-config.c:121:13: branch_false: ...to here
audit-userspace-4.1.2/audisp/plugins/zos-remote/zos-remote-config.c:121:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/audisp/plugins/zos-remote/zos-remote-config.c:127:13: branch_false: ...to here
audit-userspace-4.1.2/audisp/plugins/zos-remote/zos-remote-config.c:127:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/audisp/plugins/zos-remote/zos-remote-config.c:132:14: branch_false: ...to here
audit-userspace-4.1.2/audisp/plugins/zos-remote/zos-remote-config.c:132:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/audisp/plugins/zos-remote/zos-remote-config.c:138:14: branch_false: ...to here
audit-userspace-4.1.2/audisp/plugins/zos-remote/zos-remote-config.c:138:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/audisp/plugins/zos-remote/zos-remote-config.c:145:13: branch_false: ...to here
audit-userspace-4.1.2/audisp/plugins/zos-remote/zos-remote-config.c:145:13: acquire_memory: allocated here
audit-userspace-4.1.2/audisp/plugins/zos-remote/zos-remote-config.c:146:12: branch_false: following ‘false’ branch (when ‘f’ is non-NULL)...
 branch_false: ...to here
audit-userspace-4.1.2/audisp/plugins/zos-remote/zos-remote-config.c:152:16: call_function: calling ‘get_line’ from ‘plugin_load_config’
audit-userspace-4.1.2/audisp/plugins/zos-remote/zos-remote-config.c:152:16: return_function: returning to ‘plugin_load_config’ from ‘get_line’
audit-userspace-4.1.2/audisp/plugins/zos-remote/zos-remote-config.c:152:16: branch_true: following ‘true’ branch...
audit-userspace-4.1.2/audisp/plugins/zos-remote/zos-remote-config.c:157:22: branch_true: ...to here
audit-userspace-4.1.2/audisp/plugins/zos-remote/zos-remote-config.c:157:22: call_function: calling ‘nv_split’ from ‘plugin_load_config’
audit-userspace-4.1.2/audisp/plugins/zos-remote/zos-remote-config.c:157:22: return_function: returning to ‘plugin_load_config’ from ‘nv_split’
audit-userspace-4.1.2/audisp/plugins/zos-remote/zos-remote-config.c:165:25: danger: ‘f’ leaks here; was allocated at [(12)](sarif:/runs/0/results/1/codeFlows/0/threadFlows/0/locations/11)
#  163|                           break;
#  164|                   case 2:        /* no '=' sign */
#  165|->                         log_err("Missing equal sign for line %d in %s",
#  166|                                   lineno, file);
#  167|                           break;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def68]
audit-userspace-4.1.2/audisp/plugins/zos-remote/zos-remote-config.c:185:25: warning[-Wanalyzer-malloc-leak]: leak of ‘f’
audit-userspace-4.1.2/audisp/plugins/zos-remote/zos-remote-config.c:95:5: enter_function: entry to ‘plugin_load_config’
audit-userspace-4.1.2/audisp/plugins/zos-remote/zos-remote-config.c:107:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/audisp/plugins/zos-remote/zos-remote-config.c:121:13: branch_false: ...to here
audit-userspace-4.1.2/audisp/plugins/zos-remote/zos-remote-config.c:121:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/audisp/plugins/zos-remote/zos-remote-config.c:127:13: branch_false: ...to here
audit-userspace-4.1.2/audisp/plugins/zos-remote/zos-remote-config.c:127:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/audisp/plugins/zos-remote/zos-remote-config.c:132:14: branch_false: ...to here
audit-userspace-4.1.2/audisp/plugins/zos-remote/zos-remote-config.c:132:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/audisp/plugins/zos-remote/zos-remote-config.c:138:14: branch_false: ...to here
audit-userspace-4.1.2/audisp/plugins/zos-remote/zos-remote-config.c:138:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/audisp/plugins/zos-remote/zos-remote-config.c:145:13: branch_false: ...to here
audit-userspace-4.1.2/audisp/plugins/zos-remote/zos-remote-config.c:145:13: acquire_memory: allocated here
audit-userspace-4.1.2/audisp/plugins/zos-remote/zos-remote-config.c:146:12: branch_false: following ‘false’ branch (when ‘f’ is non-NULL)...
 branch_false: ...to here
audit-userspace-4.1.2/audisp/plugins/zos-remote/zos-remote-config.c:152:16: call_function: calling ‘get_line’ from ‘plugin_load_config’
audit-userspace-4.1.2/audisp/plugins/zos-remote/zos-remote-config.c:152:16: return_function: returning to ‘plugin_load_config’ from ‘get_line’
audit-userspace-4.1.2/audisp/plugins/zos-remote/zos-remote-config.c:152:16: branch_true: following ‘true’ branch...
audit-userspace-4.1.2/audisp/plugins/zos-remote/zos-remote-config.c:157:22: branch_true: ...to here
audit-userspace-4.1.2/audisp/plugins/zos-remote/zos-remote-config.c:157:22: call_function: calling ‘nv_split’ from ‘plugin_load_config’
audit-userspace-4.1.2/audisp/plugins/zos-remote/zos-remote-config.c:157:22: return_function: returning to ‘plugin_load_config’ from ‘nv_split’
audit-userspace-4.1.2/audisp/plugins/zos-remote/zos-remote-config.c:173:20: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/audisp/plugins/zos-remote/zos-remote-config.c:177:21: branch_false: ...to here
audit-userspace-4.1.2/audisp/plugins/zos-remote/zos-remote-config.c:177:20: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/audisp/plugins/zos-remote/zos-remote-config.c:183:22: branch_false: ...to here
audit-userspace-4.1.2/audisp/plugins/zos-remote/zos-remote-config.c:183:22: call_function: calling ‘kw_lookup’ from ‘plugin_load_config’
audit-userspace-4.1.2/audisp/plugins/zos-remote/zos-remote-config.c:183:22: return_function: returning to ‘plugin_load_config’ from ‘kw_lookup’
audit-userspace-4.1.2/audisp/plugins/zos-remote/zos-remote-config.c:184:20: branch_true: following ‘true’ branch...
audit-userspace-4.1.2/audisp/plugins/zos-remote/zos-remote-config.c:185:25: branch_true: ...to here
audit-userspace-4.1.2/audisp/plugins/zos-remote/zos-remote-config.c:185:25: danger: ‘f’ leaks here; was allocated at [(12)](sarif:/runs/0/results/2/codeFlows/0/threadFlows/0/locations/11)
#  183|                   kw = kw_lookup(nv.name);
#  184|                   if (kw->name == NULL) {
#  185|->                         log_err("Unknown keyword \"%s\" in line %d of %s",
#  186|                                   nv.name, lineno, file);
#  187|                           fclose(f);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def69]
audit-userspace-4.1.2/audisp/plugins/zos-remote/zos-remote-config.c:193:25: warning[-Wanalyzer-malloc-leak]: leak of ‘f’
audit-userspace-4.1.2/audisp/plugins/zos-remote/zos-remote-config.c:95:5: enter_function: entry to ‘plugin_load_config’
audit-userspace-4.1.2/audisp/plugins/zos-remote/zos-remote-config.c:107:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/audisp/plugins/zos-remote/zos-remote-config.c:121:13: branch_false: ...to here
audit-userspace-4.1.2/audisp/plugins/zos-remote/zos-remote-config.c:121:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/audisp/plugins/zos-remote/zos-remote-config.c:127:13: branch_false: ...to here
audit-userspace-4.1.2/audisp/plugins/zos-remote/zos-remote-config.c:127:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/audisp/plugins/zos-remote/zos-remote-config.c:132:14: branch_false: ...to here
audit-userspace-4.1.2/audisp/plugins/zos-remote/zos-remote-config.c:132:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/audisp/plugins/zos-remote/zos-remote-config.c:138:14: branch_false: ...to here
audit-userspace-4.1.2/audisp/plugins/zos-remote/zos-remote-config.c:138:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/audisp/plugins/zos-remote/zos-remote-config.c:145:13: branch_false: ...to here
audit-userspace-4.1.2/audisp/plugins/zos-remote/zos-remote-config.c:145:13: acquire_memory: allocated here
audit-userspace-4.1.2/audisp/plugins/zos-remote/zos-remote-config.c:146:12: branch_false: following ‘false’ branch (when ‘f’ is non-NULL)...
 branch_false: ...to here
audit-userspace-4.1.2/audisp/plugins/zos-remote/zos-remote-config.c:152:16: call_function: calling ‘get_line’ from ‘plugin_load_config’
audit-userspace-4.1.2/audisp/plugins/zos-remote/zos-remote-config.c:152:16: return_function: returning to ‘plugin_load_config’ from ‘get_line’
audit-userspace-4.1.2/audisp/plugins/zos-remote/zos-remote-config.c:152:16: branch_true: following ‘true’ branch...
audit-userspace-4.1.2/audisp/plugins/zos-remote/zos-remote-config.c:157:22: branch_true: ...to here
audit-userspace-4.1.2/audisp/plugins/zos-remote/zos-remote-config.c:157:22: call_function: calling ‘nv_split’ from ‘plugin_load_config’
audit-userspace-4.1.2/audisp/plugins/zos-remote/zos-remote-config.c:157:22: return_function: returning to ‘plugin_load_config’ from ‘nv_split’
audit-userspace-4.1.2/audisp/plugins/zos-remote/zos-remote-config.c:173:20: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/audisp/plugins/zos-remote/zos-remote-config.c:177:21: branch_false: ...to here
audit-userspace-4.1.2/audisp/plugins/zos-remote/zos-remote-config.c:177:20: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/audisp/plugins/zos-remote/zos-remote-config.c:183:22: branch_false: ...to here
audit-userspace-4.1.2/audisp/plugins/zos-remote/zos-remote-config.c:183:22: call_function: calling ‘kw_lookup’ from ‘plugin_load_config’
audit-userspace-4.1.2/audisp/plugins/zos-remote/zos-remote-config.c:183:22: return_function: returning to ‘plugin_load_config’ from ‘kw_lookup’
audit-userspace-4.1.2/audisp/plugins/zos-remote/zos-remote-config.c:184:20: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/audisp/plugins/zos-remote/zos-remote-config.c:192:21: branch_false: ...to here
audit-userspace-4.1.2/audisp/plugins/zos-remote/zos-remote-config.c:192:20: branch_true: following ‘true’ branch...
audit-userspace-4.1.2/audisp/plugins/zos-remote/zos-remote-config.c:193:25: danger: ‘f’ leaks here; was allocated at [(12)](sarif:/runs/0/results/3/codeFlows/0/threadFlows/0/locations/11)
#  191|                   /* Check number of options */
#  192|                   if (kw->max_options == 0 && nv.option != NULL) {
#  193|->                         log_err("Keyword \"%s\" has invalid option "
#  194|                                   "\"%s\" in line %d of %s",
#  195|                                   nv.name, nv.option, lineno, file);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def70]
audit-userspace-4.1.2/audisp/plugins/zos-remote/zos-remote-config.c:201:22: warning[-Wanalyzer-malloc-leak]: leak of ‘f’
audit-userspace-4.1.2/audisp/plugins/zos-remote/zos-remote-config.c:95:5: enter_function: entry to ‘plugin_load_config’
audit-userspace-4.1.2/audisp/plugins/zos-remote/zos-remote-config.c:107:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/audisp/plugins/zos-remote/zos-remote-config.c:121:13: branch_false: ...to here
audit-userspace-4.1.2/audisp/plugins/zos-remote/zos-remote-config.c:121:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/audisp/plugins/zos-remote/zos-remote-config.c:127:13: branch_false: ...to here
audit-userspace-4.1.2/audisp/plugins/zos-remote/zos-remote-config.c:127:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/audisp/plugins/zos-remote/zos-remote-config.c:132:14: branch_false: ...to here
audit-userspace-4.1.2/audisp/plugins/zos-remote/zos-remote-config.c:132:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/audisp/plugins/zos-remote/zos-remote-config.c:138:14: branch_false: ...to here
audit-userspace-4.1.2/audisp/plugins/zos-remote/zos-remote-config.c:138:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/audisp/plugins/zos-remote/zos-remote-config.c:145:13: branch_false: ...to here
audit-userspace-4.1.2/audisp/plugins/zos-remote/zos-remote-config.c:145:13: acquire_memory: allocated here
audit-userspace-4.1.2/audisp/plugins/zos-remote/zos-remote-config.c:146:12: branch_false: following ‘false’ branch (when ‘f’ is non-NULL)...
 branch_false: ...to here
audit-userspace-4.1.2/audisp/plugins/zos-remote/zos-remote-config.c:152:16: call_function: calling ‘get_line’ from ‘plugin_load_config’
audit-userspace-4.1.2/audisp/plugins/zos-remote/zos-remote-config.c:152:16: return_function: returning to ‘plugin_load_config’ from ‘get_line’
audit-userspace-4.1.2/audisp/plugins/zos-remote/zos-remote-config.c:152:16: branch_true: following ‘true’ branch...
audit-userspace-4.1.2/audisp/plugins/zos-remote/zos-remote-config.c:157:22: branch_true: ...to here
audit-userspace-4.1.2/audisp/plugins/zos-remote/zos-remote-config.c:157:22: call_function: calling ‘nv_split’ from ‘plugin_load_config’
audit-userspace-4.1.2/audisp/plugins/zos-remote/zos-remote-config.c:157:22: return_function: returning to ‘plugin_load_config’ from ‘nv_split’
audit-userspace-4.1.2/audisp/plugins/zos-remote/zos-remote-config.c:173:20: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/audisp/plugins/zos-remote/zos-remote-config.c:177:21: branch_false: ...to here
audit-userspace-4.1.2/audisp/plugins/zos-remote/zos-remote-config.c:177:20: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/audisp/plugins/zos-remote/zos-remote-config.c:183:22: branch_false: ...to here
audit-userspace-4.1.2/audisp/plugins/zos-remote/zos-remote-config.c:183:22: call_function: calling ‘kw_lookup’ from ‘plugin_load_config’
audit-userspace-4.1.2/audisp/plugins/zos-remote/zos-remote-config.c:183:22: return_function: returning to ‘plugin_load_config’ from ‘kw_lookup’
audit-userspace-4.1.2/audisp/plugins/zos-remote/zos-remote-config.c:184:20: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/audisp/plugins/zos-remote/zos-remote-config.c:192:21: branch_false: ...to here
audit-userspace-4.1.2/audisp/plugins/zos-remote/zos-remote-config.c:192:21: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/audisp/plugins/zos-remote/zos-remote-config.c:201:22: branch_false: ...to here
audit-userspace-4.1.2/audisp/plugins/zos-remote/zos-remote-config.c:201:22: danger: ‘f’ leaks here; was allocated at [(12)](sarif:/runs/0/results/4/codeFlows/0/threadFlows/0/locations/11)
#  199|   
#  200|                   /* dispatch to keyword's local parser */
#  201|->                 rc = kw->parser(&nv, lineno, c);
#  202|                   if (rc != 0) {
#  203|                           fclose(f);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def71]
audit-userspace-4.1.2/audisp/plugins/zos-remote/zos-remote-ldap.c:589:23: warning[-Wanalyzer-malloc-leak]: leak of ‘item’
audit-userspace-4.1.2/audisp/plugins/zos-remote/zos-remote-ldap.c:534:12: branch_false: following ‘false’ branch (when ‘bv’ is non-NULL)...
audit-userspace-4.1.2/audisp/plugins/zos-remote/zos-remote-ldap.c:537:27: branch_false: ...to here
audit-userspace-4.1.2/audisp/plugins/zos-remote/zos-remote-ldap.c:537:19: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/audisp/plugins/zos-remote/zos-remote-ldap.c:545:9: branch_false: ...to here
audit-userspace-4.1.2/audisp/plugins/zos-remote/zos-remote-ldap.c:551:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/audisp/plugins/zos-remote/zos-remote-ldap.c:559:13: branch_false: ...to here
audit-userspace-4.1.2/audisp/plugins/zos-remote/zos-remote-ldap.c:559:12: branch_false: following ‘false’ branch...
 branch_false: ...to here
audit-userspace-4.1.2/audisp/plugins/zos-remote/zos-remote-ldap.c:567:16: branch_true: following ‘true’ branch...
audit-userspace-4.1.2/audisp/plugins/zos-remote/zos-remote-ldap.c:568:17: branch_true: ...to here
audit-userspace-4.1.2/audisp/plugins/zos-remote/zos-remote-ldap.c:574:20: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/audisp/plugins/zos-remote/zos-remote-ldap.c:582:25: branch_false: ...to here
audit-userspace-4.1.2/audisp/plugins/zos-remote/zos-remote-ldap.c:582:25: acquire_memory: allocated here
audit-userspace-4.1.2/audisp/plugins/zos-remote/zos-remote-ldap.c:584:20: branch_false: following ‘false’ branch (when ‘item’ is non-NULL)...
audit-userspace-4.1.2/audisp/plugins/zos-remote/zos-remote-ldap.c:589:23: branch_false: ...to here
audit-userspace-4.1.2/audisp/plugins/zos-remote/zos-remote-ldap.c:589:23: danger: ‘item’ leaks here; was allocated at [(14)](sarif:/runs/0/results/0/codeFlows/0/threadFlows/0/locations/13)
#  587|                   }
#  588|   
#  589|->                 rc |= ber_scanf(ber, "{{iiiiii}}",
#  590|                                   &item->version,
#  591|                                   &item->itemTag,

Error: GCC_ANALYZER_WARNING (CWE-404): [#def72]
audit-userspace-4.1.2/audisp/plugins/zos-remote/zos-remote-log.c:36:17: warning[-Wanalyzer-va-list-leak]: missing call to ‘va_end’
audit-userspace-4.1.2/audisp/plugins/zos-remote/zos-remote-log.c:68:6: enter_function: entry to ‘_log_debug’
audit-userspace-4.1.2/audisp/plugins/zos-remote/zos-remote-log.c:72:9: acquire_resource: ‘va_start’ called here
audit-userspace-4.1.2/audisp/plugins/zos-remote/zos-remote-log.c:73:9: call_function: calling ‘vlog_prio’ from ‘_log_debug’
#   34|   
#   35|           if (asprintf(&str, "pid=%d: %s", mypid, fmt) != -1) {
#   36|->                 vsyslog(LOG_DAEMON | prio, str, ap);
#   37|                   free(str);
#   38|           }

Error: GCC_ANALYZER_WARNING (CWE-401): [#def73]
audit-userspace-4.1.2/audisp/plugins/zos-remote/zos-remote-plugin.c:193:33: warning[-Wanalyzer-malloc-leak]: leak of ‘auparse_get_node(au)’
audit-userspace-4.1.2/audisp/plugins/zos-remote/zos-remote-plugin.c:169:12: branch_false: following ‘false’ branch (when ‘cb_event_type == 0’)...
audit-userspace-4.1.2/audisp/plugins/zos-remote/zos-remote-plugin.c:172:31: branch_false: ...to here
audit-userspace-4.1.2/audisp/plugins/zos-remote/zos-remote-plugin.c:173:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/audisp/plugins/zos-remote/zos-remote-plugin.c:183:15: branch_false: ...to here
audit-userspace-4.1.2/audisp/plugins/zos-remote/zos-remote-plugin.c:184:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/audisp/plugins/zos-remote/zos-remote-plugin.c:192:28: branch_false: ...to here
audit-userspace-4.1.2/audisp/plugins/zos-remote/zos-remote-plugin.c:192:28: acquire_memory: allocated here
audit-userspace-4.1.2/audisp/plugins/zos-remote/zos-remote-plugin.c:193:33: danger: ‘auparse_get_node(au)’ leaks here; was allocated at [(7)](sarif:/runs/0/results/0/codeFlows/0/threadFlows/0/locations/6)
#  191|            */
#  192|           const char *node = auparse_get_node(au);
#  193|->         const char *orig_type = auparse_find_field(au, "type");
#  194|           /* roll back event to get 'success' */
#  195|           auparse_first_record(au);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def74]
audit-userspace-4.1.2/audisp/plugins/zos-remote/zos-remote-plugin.c:195:9: warning[-Wanalyzer-malloc-leak]: leak of ‘auparse_get_node(au)’
audit-userspace-4.1.2/audisp/plugins/zos-remote/zos-remote-plugin.c:169:12: branch_false: following ‘false’ branch (when ‘cb_event_type == 0’)...
audit-userspace-4.1.2/audisp/plugins/zos-remote/zos-remote-plugin.c:172:31: branch_false: ...to here
audit-userspace-4.1.2/audisp/plugins/zos-remote/zos-remote-plugin.c:173:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/audisp/plugins/zos-remote/zos-remote-plugin.c:183:15: branch_false: ...to here
audit-userspace-4.1.2/audisp/plugins/zos-remote/zos-remote-plugin.c:184:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/audisp/plugins/zos-remote/zos-remote-plugin.c:192:28: branch_false: ...to here
audit-userspace-4.1.2/audisp/plugins/zos-remote/zos-remote-plugin.c:192:28: acquire_memory: allocated here
audit-userspace-4.1.2/audisp/plugins/zos-remote/zos-remote-plugin.c:195:9: danger: ‘auparse_get_node(au)’ leaks here; was allocated at [(7)](sarif:/runs/0/results/1/codeFlows/0/threadFlows/0/locations/6)
#  193|           const char *orig_type = auparse_find_field(au, "type");
#  194|           /* roll back event to get 'success' */
#  195|->         auparse_first_record(au);
#  196|           const char *success = auparse_find_field(au, "success");
#  197|           /* roll back event to get 'res' */

Error: GCC_ANALYZER_WARNING (CWE-401): [#def75]
audit-userspace-4.1.2/audisp/plugins/zos-remote/zos-remote-plugin.c:196:31: warning[-Wanalyzer-malloc-leak]: leak of ‘auparse_get_node(au)’
audit-userspace-4.1.2/audisp/plugins/zos-remote/zos-remote-plugin.c:169:12: branch_false: following ‘false’ branch (when ‘cb_event_type == 0’)...
audit-userspace-4.1.2/audisp/plugins/zos-remote/zos-remote-plugin.c:172:31: branch_false: ...to here
audit-userspace-4.1.2/audisp/plugins/zos-remote/zos-remote-plugin.c:173:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/audisp/plugins/zos-remote/zos-remote-plugin.c:183:15: branch_false: ...to here
audit-userspace-4.1.2/audisp/plugins/zos-remote/zos-remote-plugin.c:184:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/audisp/plugins/zos-remote/zos-remote-plugin.c:192:28: branch_false: ...to here
audit-userspace-4.1.2/audisp/plugins/zos-remote/zos-remote-plugin.c:192:28: acquire_memory: allocated here
audit-userspace-4.1.2/audisp/plugins/zos-remote/zos-remote-plugin.c:196:31: danger: ‘auparse_get_node(au)’ leaks here; was allocated at [(7)](sarif:/runs/0/results/2/codeFlows/0/threadFlows/0/locations/6)
#  194|           /* roll back event to get 'success' */
#  195|           auparse_first_record(au);
#  196|->         const char *success = auparse_find_field(au, "success");
#  197|           /* roll back event to get 'res' */
#  198|           auparse_first_record(au);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def76]
audit-userspace-4.1.2/audisp/plugins/zos-remote/zos-remote-plugin.c:198:9: warning[-Wanalyzer-malloc-leak]: leak of ‘auparse_get_node(au)’
audit-userspace-4.1.2/audisp/plugins/zos-remote/zos-remote-plugin.c:169:12: branch_false: following ‘false’ branch (when ‘cb_event_type == 0’)...
audit-userspace-4.1.2/audisp/plugins/zos-remote/zos-remote-plugin.c:172:31: branch_false: ...to here
audit-userspace-4.1.2/audisp/plugins/zos-remote/zos-remote-plugin.c:173:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/audisp/plugins/zos-remote/zos-remote-plugin.c:183:15: branch_false: ...to here
audit-userspace-4.1.2/audisp/plugins/zos-remote/zos-remote-plugin.c:184:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/audisp/plugins/zos-remote/zos-remote-plugin.c:192:28: branch_false: ...to here
audit-userspace-4.1.2/audisp/plugins/zos-remote/zos-remote-plugin.c:192:28: acquire_memory: allocated here
audit-userspace-4.1.2/audisp/plugins/zos-remote/zos-remote-plugin.c:198:9: danger: ‘auparse_get_node(au)’ leaks here; was allocated at [(7)](sarif:/runs/0/results/3/codeFlows/0/threadFlows/0/locations/6)
#  196|           const char *success = auparse_find_field(au, "success");
#  197|           /* roll back event to get 'res' */
#  198|->         auparse_first_record(au);
#  199|           const char *res = auparse_find_field(au, "res");
#  200|           

Error: GCC_ANALYZER_WARNING (CWE-401): [#def77]
audit-userspace-4.1.2/audisp/plugins/zos-remote/zos-remote-plugin.c:199:27: warning[-Wanalyzer-malloc-leak]: leak of ‘auparse_get_node(au)’
audit-userspace-4.1.2/audisp/plugins/zos-remote/zos-remote-plugin.c:169:12: branch_false: following ‘false’ branch (when ‘cb_event_type == 0’)...
audit-userspace-4.1.2/audisp/plugins/zos-remote/zos-remote-plugin.c:172:31: branch_false: ...to here
audit-userspace-4.1.2/audisp/plugins/zos-remote/zos-remote-plugin.c:173:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/audisp/plugins/zos-remote/zos-remote-plugin.c:183:15: branch_false: ...to here
audit-userspace-4.1.2/audisp/plugins/zos-remote/zos-remote-plugin.c:184:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/audisp/plugins/zos-remote/zos-remote-plugin.c:192:28: branch_false: ...to here
audit-userspace-4.1.2/audisp/plugins/zos-remote/zos-remote-plugin.c:192:28: acquire_memory: allocated here
audit-userspace-4.1.2/audisp/plugins/zos-remote/zos-remote-plugin.c:199:27: danger: ‘auparse_get_node(au)’ leaks here; was allocated at [(7)](sarif:/runs/0/results/4/codeFlows/0/threadFlows/0/locations/6)
#  197|           /* roll back event to get 'res' */
#  198|           auparse_first_record(au);
#  199|->         const char *res = auparse_find_field(au, "res");
#  200|           
#  201|           /* check if this event is a success or failure one */

Error: GCC_ANALYZER_WARNING (CWE-401): [#def78]
audit-userspace-4.1.2/audisp/plugins/zos-remote/zos-remote-plugin.c:526:17: warning[-Wanalyzer-malloc-leak]: leak of ‘auparse_init(7, 0)’
audit-userspace-4.1.2/audisp/plugins/zos-remote/zos-remote-plugin.c:469:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/audisp/plugins/zos-remote/zos-remote-plugin.c:476:9: branch_false: ...to here
audit-userspace-4.1.2/audisp/plugins/zos-remote/zos-remote-plugin.c:482:12: branch_false: following ‘false’ branch...
 branch_false: ...to here
audit-userspace-4.1.2/audisp/plugins/zos-remote/zos-remote-plugin.c:501:20: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/audisp/plugins/zos-remote/zos-remote-plugin.c:505:17: branch_false: ...to here
audit-userspace-4.1.2/audisp/plugins/zos-remote/zos-remote-plugin.c:508:22: acquire_memory: allocated here
audit-userspace-4.1.2/audisp/plugins/zos-remote/zos-remote-plugin.c:509:20: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/audisp/plugins/zos-remote/zos-remote-plugin.c:519:17: branch_false: ...to here
audit-userspace-4.1.2/audisp/plugins/zos-remote/zos-remote-plugin.c:526:17: danger: ‘auparse_init(7, 0)’ leaks here; was allocated at [(7)](sarif:/runs/0/results/5/codeFlows/0/threadFlows/0/locations/6)
#  524|   
#  525|                   /* add our event consumer callback */
#  526|->                 auparse_add_callback(au, push_event, NULL, NULL);  /* 4 */
#  527|   
#  528|                   /* main loop */

Error: GCC_ANALYZER_WARNING (CWE-401): [#def79]
audit-userspace-4.1.2/auparse/auditd-config.c:219:33: warning[-Wanalyzer-malloc-leak]: leak of 'f'
audit-userspace-4.1.2/auparse/auditd-config.c:109:5: enter_function: entry to 'aup_load_config'
audit-userspace-4.1.2/auparse/auditd-config.c:120:12: branch_false: following 'false' branch...
audit-userspace-4.1.2/auparse/auditd-config.c:137:13: branch_false: ...to here
audit-userspace-4.1.2/auparse/auditd-config.c:137:13: acquire_memory: allocated here
audit-userspace-4.1.2/auparse/auditd-config.c:138:12: branch_false: following 'false' branch (when 'f' is non-NULL)...
 branch_false: ...to here
audit-userspace-4.1.2/auparse/auditd-config.c:145:16: call_function: calling 'get_line' from 'aup_load_config'
#  217|   			// Only output 1 warning
#  218|   			if (!too_long)
#  219|-> 				audit_msg(au, LOG_ERR,
#  220|   					"Skipping line %d in %s: too long",
#  221|   					*lineno, file);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def80]
audit-userspace-4.1.2/auparse/auditd-config.c:235:15: warning[-Wanalyzer-malloc-leak]: leak of 'f'
audit-userspace-4.1.2/auparse/auditd-config.c:109:5: enter_function: entry to 'aup_load_config'
audit-userspace-4.1.2/auparse/auditd-config.c:120:12: branch_false: following 'false' branch...
audit-userspace-4.1.2/auparse/auditd-config.c:137:13: branch_false: ...to here
audit-userspace-4.1.2/auparse/auditd-config.c:137:13: acquire_memory: allocated here
audit-userspace-4.1.2/auparse/auditd-config.c:138:12: branch_false: following 'false' branch (when 'f' is non-NULL)...
 branch_false: ...to here
audit-userspace-4.1.2/auparse/auditd-config.c:145:16: call_function: calling 'get_line' from 'aup_load_config'
audit-userspace-4.1.2/auparse/auditd-config.c:145:16: return_function: returning to 'aup_load_config' from 'get_line'
audit-userspace-4.1.2/auparse/auditd-config.c:145:16: branch_true: following 'true' branch...
audit-userspace-4.1.2/auparse/auditd-config.c:149:26: branch_true: ...to here
audit-userspace-4.1.2/auparse/auditd-config.c:149:26: call_function: calling 'nv_split' from 'aup_load_config'
#  233|   	nv->name = NULL;
#  234|   	nv->value = NULL;
#  235|-> 	ptr = audit_strsplit(buf);
#  236|   	if (ptr == NULL)
#  237|   		return 0; /* If there's nothing, go to next line */

Error: GCC_ANALYZER_WARNING (CWE-401): [#def81]
audit-userspace-4.1.2/auparse/auditd-config.c:243:15: warning[-Wanalyzer-malloc-leak]: leak of 'f'
audit-userspace-4.1.2/auparse/auditd-config.c:109:5: enter_function: entry to 'aup_load_config'
audit-userspace-4.1.2/auparse/auditd-config.c:120:12: branch_false: following 'false' branch...
audit-userspace-4.1.2/auparse/auditd-config.c:137:13: branch_false: ...to here
audit-userspace-4.1.2/auparse/auditd-config.c:137:13: acquire_memory: allocated here
audit-userspace-4.1.2/auparse/auditd-config.c:138:12: branch_false: following 'false' branch (when 'f' is non-NULL)...
 branch_false: ...to here
audit-userspace-4.1.2/auparse/auditd-config.c:145:16: call_function: calling 'get_line' from 'aup_load_config'
audit-userspace-4.1.2/auparse/auditd-config.c:145:16: return_function: returning to 'aup_load_config' from 'get_line'
audit-userspace-4.1.2/auparse/auditd-config.c:145:16: branch_true: following 'true' branch...
audit-userspace-4.1.2/auparse/auditd-config.c:149:26: branch_true: ...to here
audit-userspace-4.1.2/auparse/auditd-config.c:149:26: call_function: calling 'nv_split' from 'aup_load_config'
#  241|   
#  242|   	/* Check for a '=' */
#  243|-> 	ptr = audit_strsplit(NULL);
#  244|   	if (ptr == NULL)
#  245|   		return 1;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def82]
audit-userspace-4.1.2/auparse/auditd-config.c:250:15: warning[-Wanalyzer-malloc-leak]: leak of 'f'
audit-userspace-4.1.2/auparse/auditd-config.c:109:5: enter_function: entry to 'aup_load_config'
audit-userspace-4.1.2/auparse/auditd-config.c:120:12: branch_false: following 'false' branch...
audit-userspace-4.1.2/auparse/auditd-config.c:137:13: branch_false: ...to here
audit-userspace-4.1.2/auparse/auditd-config.c:137:13: acquire_memory: allocated here
audit-userspace-4.1.2/auparse/auditd-config.c:138:12: branch_false: following 'false' branch (when 'f' is non-NULL)...
 branch_false: ...to here
audit-userspace-4.1.2/auparse/auditd-config.c:145:16: call_function: calling 'get_line' from 'aup_load_config'
audit-userspace-4.1.2/auparse/auditd-config.c:145:16: return_function: returning to 'aup_load_config' from 'get_line'
audit-userspace-4.1.2/auparse/auditd-config.c:145:16: branch_true: following 'true' branch...
audit-userspace-4.1.2/auparse/auditd-config.c:149:26: branch_true: ...to here
audit-userspace-4.1.2/auparse/auditd-config.c:149:26: call_function: calling 'nv_split' from 'aup_load_config'
#  248|   
#  249|   	/* get the value */
#  250|-> 	ptr = audit_strsplit(NULL);
#  251|   	if (ptr == NULL)
#  252|   		return 1;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def83]
audit-userspace-4.1.2/auparse/auditd-config.c:256:15: warning[-Wanalyzer-malloc-leak]: leak of 'f'
audit-userspace-4.1.2/auparse/auditd-config.c:109:5: enter_function: entry to 'aup_load_config'
audit-userspace-4.1.2/auparse/auditd-config.c:120:12: branch_false: following 'false' branch...
audit-userspace-4.1.2/auparse/auditd-config.c:137:13: branch_false: ...to here
audit-userspace-4.1.2/auparse/auditd-config.c:137:13: acquire_memory: allocated here
audit-userspace-4.1.2/auparse/auditd-config.c:138:12: branch_false: following 'false' branch (when 'f' is non-NULL)...
 branch_false: ...to here
audit-userspace-4.1.2/auparse/auditd-config.c:145:16: call_function: calling 'get_line' from 'aup_load_config'
audit-userspace-4.1.2/auparse/auditd-config.c:145:16: return_function: returning to 'aup_load_config' from 'get_line'
audit-userspace-4.1.2/auparse/auditd-config.c:145:16: branch_true: following 'true' branch...
audit-userspace-4.1.2/auparse/auditd-config.c:149:26: branch_true: ...to here
audit-userspace-4.1.2/auparse/auditd-config.c:149:26: call_function: calling 'nv_split' from 'aup_load_config'
#  254|   
#  255|   	/* Make sure there's nothing else */
#  256|-> 	ptr = audit_strsplit(NULL);
#  257|   	if (ptr) {
#  258|   		/* Allow one option, but check that there's not 2 */

Error: GCC_ANALYZER_WARNING (CWE-401): [#def84]
audit-userspace-4.1.2/auparse/auditd-config.c:259:23: warning[-Wanalyzer-malloc-leak]: leak of 'f'
audit-userspace-4.1.2/auparse/auditd-config.c:109:5: enter_function: entry to 'aup_load_config'
audit-userspace-4.1.2/auparse/auditd-config.c:120:12: branch_false: following 'false' branch...
audit-userspace-4.1.2/auparse/auditd-config.c:137:13: branch_false: ...to here
audit-userspace-4.1.2/auparse/auditd-config.c:137:13: acquire_memory: allocated here
audit-userspace-4.1.2/auparse/auditd-config.c:138:12: branch_false: following 'false' branch (when 'f' is non-NULL)...
 branch_false: ...to here
audit-userspace-4.1.2/auparse/auditd-config.c:145:16: call_function: calling 'get_line' from 'aup_load_config'
audit-userspace-4.1.2/auparse/auditd-config.c:145:16: return_function: returning to 'aup_load_config' from 'get_line'
audit-userspace-4.1.2/auparse/auditd-config.c:145:16: branch_true: following 'true' branch...
audit-userspace-4.1.2/auparse/auditd-config.c:149:26: branch_true: ...to here
audit-userspace-4.1.2/auparse/auditd-config.c:149:26: call_function: calling 'nv_split' from 'aup_load_config'
#  257|   	if (ptr) {
#  258|   		/* Allow one option, but check that there's not 2 */
#  259|-> 		ptr = audit_strsplit(NULL);
#  260|   		if (ptr)
#  261|   			return 1;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def85]
audit-userspace-4.1.2/auparse/auditd-config.c:319:14: warning[-Wanalyzer-malloc-leak]: leak of 'opendir(dir)'
audit-userspace-4.1.2/auparse/auditd-config.c:288:12: branch_true: following 'true' branch (when 'tdir' is non-NULL)...
audit-userspace-4.1.2/auparse/auditd-config.c:289:23: branch_true: ...to here
audit-userspace-4.1.2/auparse/auditd-config.c:290:12: branch_false: following 'false' branch...
audit-userspace-4.1.2/auparse/auditd-config.c:299:12: branch_false: following 'false' branch...
audit-userspace-4.1.2/auparse/auditd-config.c:307:13: acquire_memory: allocated here
audit-userspace-4.1.2/auparse/auditd-config.c:308:12: branch_false: following 'false' branch...
audit-userspace-4.1.2/auparse/auditd-config.c:314:9: branch_false: ...to here
audit-userspace-4.1.2/auparse/auditd-config.c:319:14: danger: 'opendir(dir)' leaks here; was allocated at [(7)](sarif:/runs/0/results/6/codeFlows/0/threadFlows/0/locations/6)
#  317|   	/* Verify the log file can be opened. */
#  318|   	mode = O_RDONLY;
#  319|-> 	fd = open(val, mode);
#  320|   	if (fd < 0) {
#  321|   		audit_msg(au, LOG_ERR, "Unable to open %s (%s)", val, 

Error: GCC_ANALYZER_WARNING (CWE-775): [#def86]
audit-userspace-4.1.2/auparse/auditd-config.c:327:22: warning[-Wanalyzer-fd-leak]: leak of file descriptor 'open(val, 0)'
audit-userspace-4.1.2/auparse/auditd-config.c:288:12: branch_true: following 'true' branch (when 'tdir' is non-NULL)...
audit-userspace-4.1.2/auparse/auditd-config.c:289:23: branch_true: ...to here
audit-userspace-4.1.2/auparse/auditd-config.c:290:12: branch_false: following 'false' branch...
audit-userspace-4.1.2/auparse/auditd-config.c:299:12: branch_false: following 'false' branch...
audit-userspace-4.1.2/auparse/auditd-config.c:308:12: branch_false: following 'false' branch...
audit-userspace-4.1.2/auparse/auditd-config.c:314:9: branch_false: ...to here
audit-userspace-4.1.2/auparse/auditd-config.c:319:14: acquire_resource: opened here
audit-userspace-4.1.2/auparse/auditd-config.c:320:12: branch_false: following 'false' branch...
audit-userspace-4.1.2/auparse/auditd-config.c:325:9: branch_false: ...to here
audit-userspace-4.1.2/auparse/auditd-config.c:327:22: danger: 'open(val, 0)' leaks here; was opened at [(9)](sarif:/runs/0/results/7/codeFlows/0/threadFlows/0/locations/8)
#  325|   	close(fd);
#  326|   
#  327|-> 	free((void *)config->log_file);
#  328|   	config->log_file = strdup(val);
#  329|   	if (config->log_file == NULL)

Error: GCC_ANALYZER_WARNING (CWE-401): [#def87]
audit-userspace-4.1.2/auparse/auparse.c:161:9: warning[-Wanalyzer-malloc-leak]: leak of '<return-value>'
audit-userspace-4.1.2/auparse/auparse.c:1715:5: enter_function: entry to 'auparse_next_event'
audit-userspace-4.1.2/auparse/auparse.c:1718:16: call_function: calling 'au_auparse_next_event' from 'auparse_next_event'
#  159|   
#  160|   	lol->limit = ARRAY_LIMIT;
#  161|-> 	memset(lol->array, 0x00, sz);
#  162|   
#  163|   	return lol->array;

Error: CPPCHECK_WARNING (CWE-476): [#def88]
audit-userspace-4.1.2/auparse/auparse.c:509: warning[nullPointerOutOfMemory]: If memory allocation fails, then there is a possible null pointer dereference: tmp
#  507|   			tmp = malloc((n+1)*sizeof(char *));
#  508|   			for (i=0; i<n; i++)
#  509|-> 				tmp[i] = strdup(bb[i]);
#  510|   			tmp[n] = NULL;
#  511|   			au->source_list = tmp;

Error: CPPCHECK_WARNING (CWE-476): [#def89]
audit-userspace-4.1.2/auparse/auparse.c:510: warning[nullPointerOutOfMemory]: If memory allocation fails, then there is a possible null pointer dereference: tmp
#  508|   			for (i=0; i<n; i++)
#  509|   				tmp[i] = strdup(bb[i]);
#  510|-> 			tmp[n] = NULL;
#  511|   			au->source_list = tmp;
#  512|   			break;

Error: CPPCHECK_WARNING (CWE-682): [#def90]
audit-userspace-4.1.2/auparse/ellist.c:77: error[nullPointerArithmeticOutOfMemory]: If memory allocation fails: pointer addition with NULL pointer.
#   75|   
#   76|   	for (i=0; i<size; i++) {
#   77|-> 		*ptr++ = hex[(buf[i] & 0xF0)>>4]; /* Upper nibble */
#   78|   		*ptr++ = hex[buf[i] & 0x0F];      /* Lower nibble */
#   79|   	}

Error: CPPCHECK_WARNING (CWE-476): [#def91]
audit-userspace-4.1.2/auparse/ellist.c:77: warning[nullPointerOutOfMemory]: If memory allocation fails, then there is a possible null pointer dereference: ptr++
#   75|   
#   76|   	for (i=0; i<size; i++) {
#   77|-> 		*ptr++ = hex[(buf[i] & 0xF0)>>4]; /* Upper nibble */
#   78|   		*ptr++ = hex[buf[i] & 0x0F];      /* Lower nibble */
#   79|   	}

Error: GCC_ANALYZER_WARNING (CWE-476): [#def92]
audit-userspace-4.1.2/auparse/ellist.c:77:17: warning[-Wanalyzer-possible-null-dereference]: dereference of possibly-NULL 'ptr'
audit-userspace-4.1.2/auparse/ellist.c:103:12: enter_function: entry to 'parse_up_record'
audit-userspace-4.1.2/auparse/ellist.c:110:12: branch_false: following 'false' branch (when 'ptr' is NULL)...
audit-userspace-4.1.2/auparse/ellist.c:114:9: branch_false: ...to here
audit-userspace-4.1.2/auparse/ellist.c:120:12: branch_false: following 'false' branch (when 'buf' is non-NULL)...
audit-userspace-4.1.2/auparse/ellist.c:122:9: branch_false: ...to here
audit-userspace-4.1.2/auparse/ellist.c:126:12: branch_false: following 'false' branch...
 branch_false: ...to here
audit-userspace-4.1.2/auparse/ellist.c:136:20: branch_true: following 'true' branch (when 'val' is non-NULL)...
audit-userspace-4.1.2/auparse/ellist.c:140:29: branch_true: ...to here
audit-userspace-4.1.2/auparse/ellist.c:188:28: branch_true: following 'true' branch...
audit-userspace-4.1.2/auparse/ellist.c:204:44: branch_false: following 'false' branch...
audit-userspace-4.1.2/auparse/ellist.c:214:48: branch_false: ...to here
audit-userspace-4.1.2/auparse/ellist.c:215:48: branch_true: following 'true' branch (when 'ptr2' is non-NULL)...
audit-userspace-4.1.2/auparse/ellist.c:216:58: branch_true: ...to here
audit-userspace-4.1.2/auparse/ellist.c:217:57: call_function: calling 'escape' from 'parse_up_record'
#   75|   
#   76|   	for (i=0; i<size; i++) {
#   77|-> 		*ptr++ = hex[(buf[i] & 0xF0)>>4]; /* Upper nibble */
#   78|   		*ptr++ = hex[buf[i] & 0x0F];      /* Lower nibble */
#   79|   	}

Error: GCC_ANALYZER_WARNING (CWE-476): [#def93]
audit-userspace-4.1.2/auparse/ellist.c:80:9: warning[-Wanalyzer-possible-null-dereference]: dereference of possibly-NULL 'ptr'
audit-userspace-4.1.2/auparse/ellist.c:103:12: enter_function: entry to 'parse_up_record'
audit-userspace-4.1.2/auparse/ellist.c:110:12: branch_false: following 'false' branch (when 'ptr' is NULL)...
audit-userspace-4.1.2/auparse/ellist.c:114:9: branch_false: ...to here
audit-userspace-4.1.2/auparse/ellist.c:120:12: branch_false: following 'false' branch (when 'buf' is non-NULL)...
audit-userspace-4.1.2/auparse/ellist.c:122:9: branch_false: ...to here
audit-userspace-4.1.2/auparse/ellist.c:126:12: branch_false: following 'false' branch...
 branch_false: ...to here
audit-userspace-4.1.2/auparse/ellist.c:136:20: branch_true: following 'true' branch (when 'val' is non-NULL)...
audit-userspace-4.1.2/auparse/ellist.c:140:29: branch_true: ...to here
audit-userspace-4.1.2/auparse/ellist.c:188:28: branch_true: following 'true' branch...
audit-userspace-4.1.2/auparse/ellist.c:204:44: branch_false: following 'false' branch...
audit-userspace-4.1.2/auparse/ellist.c:214:48: branch_false: ...to here
audit-userspace-4.1.2/auparse/ellist.c:215:48: branch_true: following 'true' branch (when 'ptr2' is non-NULL)...
audit-userspace-4.1.2/auparse/ellist.c:216:58: branch_true: ...to here
audit-userspace-4.1.2/auparse/ellist.c:217:57: call_function: calling 'escape' from 'parse_up_record'
#   78|   		*ptr++ = hex[buf[i] & 0x0F];      /* Lower nibble */
#   79|   	}
#   80|-> 	*ptr = 0;
#   81|   	return final;
#   82|   }

Error: GCC_ANALYZER_WARNING (CWE-401): [#def94]
audit-userspace-4.1.2/auparse/ellist.c:194:45: warning[-Wanalyzer-malloc-leak]: leak of 'n.name'
audit-userspace-4.1.2/auparse/ellist.c:110:12: branch_false: following 'false' branch (when 'ptr' is NULL)...
audit-userspace-4.1.2/auparse/ellist.c:114:9: branch_false: ...to here
audit-userspace-4.1.2/auparse/ellist.c:120:12: branch_false: following 'false' branch (when 'buf' is non-NULL)...
audit-userspace-4.1.2/auparse/ellist.c:122:9: branch_false: ...to here
audit-userspace-4.1.2/auparse/ellist.c:126:12: branch_false: following 'false' branch...
 branch_false: ...to here
audit-userspace-4.1.2/auparse/ellist.c:136:20: branch_true: following 'true' branch (when 'val' is non-NULL)...
audit-userspace-4.1.2/auparse/ellist.c:140:29: branch_true: ...to here
audit-userspace-4.1.2/auparse/ellist.c:188:28: branch_true: following 'true' branch...
audit-userspace-4.1.2/auparse/ellist.c:189:36: branch_true: following 'true' branch...
audit-userspace-4.1.2/auparse/ellist.c:191:50: branch_true: ...to here
audit-userspace-4.1.2/auparse/ellist.c:191:50: acquire_memory: allocated here
audit-userspace-4.1.2/auparse/ellist.c:194:45: danger: 'n.name' leaks here; was allocated at [(15)](sarif:/runs/0/results/2/codeFlows/0/threadFlows/0/locations/14)
#  192|   					char *t = strdup(n.val);
#  193|   					n.val = t;
#  194|-> 					if (nvlist_append(&r->nv, &n)) {
#  195|   						free(n.name);
#  196|   						free(n.val);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def95]
audit-userspace-4.1.2/auparse/ellist.c:194:45: warning[-Wanalyzer-malloc-leak]: leak of 't'
audit-userspace-4.1.2/auparse/ellist.c:110:12: branch_false: following 'false' branch (when 'ptr' is NULL)...
audit-userspace-4.1.2/auparse/ellist.c:114:9: branch_false: ...to here
audit-userspace-4.1.2/auparse/ellist.c:120:12: branch_false: following 'false' branch (when 'buf' is non-NULL)...
audit-userspace-4.1.2/auparse/ellist.c:122:9: branch_false: ...to here
audit-userspace-4.1.2/auparse/ellist.c:126:12: branch_false: following 'false' branch...
 branch_false: ...to here
audit-userspace-4.1.2/auparse/ellist.c:136:20: branch_true: following 'true' branch (when 'val' is non-NULL)...
audit-userspace-4.1.2/auparse/ellist.c:140:29: branch_true: ...to here
audit-userspace-4.1.2/auparse/ellist.c:188:28: branch_true: following 'true' branch...
audit-userspace-4.1.2/auparse/ellist.c:189:36: branch_true: following 'true' branch...
audit-userspace-4.1.2/auparse/ellist.c:191:50: branch_true: ...to here
audit-userspace-4.1.2/auparse/ellist.c:192:51: acquire_memory: allocated here
audit-userspace-4.1.2/auparse/ellist.c:194:45: danger: 't' leaks here; was allocated at [(15)](sarif:/runs/0/results/3/codeFlows/0/threadFlows/0/locations/14)
#  192|   					char *t = strdup(n.val);
#  193|   					n.val = t;
#  194|-> 					if (nvlist_append(&r->nv, &n)) {
#  195|   						free(n.name);
#  196|   						free(n.val);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def96]
audit-userspace-4.1.2/auparse/ellist.c:208:53: warning[-Wanalyzer-malloc-leak]: leak of 'n.name'
audit-userspace-4.1.2/auparse/ellist.c:110:12: branch_false: following 'false' branch (when 'ptr' is NULL)...
audit-userspace-4.1.2/auparse/ellist.c:114:9: branch_false: ...to here
audit-userspace-4.1.2/auparse/ellist.c:120:12: branch_false: following 'false' branch (when 'buf' is non-NULL)...
audit-userspace-4.1.2/auparse/ellist.c:122:9: branch_false: ...to here
audit-userspace-4.1.2/auparse/ellist.c:126:12: branch_false: following 'false' branch...
 branch_false: ...to here
audit-userspace-4.1.2/auparse/ellist.c:136:20: branch_true: following 'true' branch (when 'val' is non-NULL)...
audit-userspace-4.1.2/auparse/ellist.c:140:29: branch_true: ...to here
audit-userspace-4.1.2/auparse/ellist.c:188:28: branch_true: following 'true' branch...
audit-userspace-4.1.2/auparse/ellist.c:204:44: branch_true: following 'true' branch...
audit-userspace-4.1.2/auparse/ellist.c:205:58: branch_true: ...to here
audit-userspace-4.1.2/auparse/ellist.c:205:58: acquire_memory: allocated here
audit-userspace-4.1.2/auparse/ellist.c:208:53: danger: 'n.name' leaks here; was allocated at [(15)](sarif:/runs/0/results/4/codeFlows/0/threadFlows/0/locations/14)
#  206|   						n.val = NULL;
#  207|   						// Malformed key - save as is
#  208|-> 						if (nvlist_append(&r->nv, &n)) {
#  209|   							free(n.name);
#  210|   							free(n.val);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def97]
audit-userspace-4.1.2/auparse/ellist.c:218:53: warning[-Wanalyzer-malloc-leak]: leak of 'n.name'
audit-userspace-4.1.2/auparse/ellist.c:103:12: enter_function: entry to 'parse_up_record'
audit-userspace-4.1.2/auparse/ellist.c:110:12: branch_false: following 'false' branch (when 'ptr' is NULL)...
audit-userspace-4.1.2/auparse/ellist.c:114:9: branch_false: ...to here
audit-userspace-4.1.2/auparse/ellist.c:120:12: branch_false: following 'false' branch (when 'buf' is non-NULL)...
audit-userspace-4.1.2/auparse/ellist.c:122:9: branch_false: ...to here
audit-userspace-4.1.2/auparse/ellist.c:126:12: branch_false: following 'false' branch...
 branch_false: ...to here
audit-userspace-4.1.2/auparse/ellist.c:136:20: branch_true: following 'true' branch (when 'val' is non-NULL)...
audit-userspace-4.1.2/auparse/ellist.c:140:29: branch_true: ...to here
audit-userspace-4.1.2/auparse/ellist.c:188:28: branch_true: following 'true' branch...
audit-userspace-4.1.2/auparse/ellist.c:204:44: branch_false: following 'false' branch...
audit-userspace-4.1.2/auparse/ellist.c:214:48: branch_false: ...to here
audit-userspace-4.1.2/auparse/ellist.c:215:48: branch_true: following 'true' branch (when 'ptr2' is non-NULL)...
audit-userspace-4.1.2/auparse/ellist.c:216:58: branch_true: ...to here
audit-userspace-4.1.2/auparse/ellist.c:216:58: acquire_memory: allocated here
audit-userspace-4.1.2/auparse/ellist.c:217:57: call_function: calling 'escape' from 'parse_up_record'
audit-userspace-4.1.2/auparse/ellist.c:217:57: return_function: returning to 'parse_up_record' from 'escape'
audit-userspace-4.1.2/auparse/ellist.c:218:53: danger: 'n.name' leaks here; was allocated at [(18)](sarif:/runs/0/results/5/codeFlows/0/threadFlows/0/locations/17)
#  216|   						n.name = strdup("key");
#  217|   						n.val = escape(ptr2);
#  218|-> 						if (nvlist_append(&r->nv, &n)) {
#  219|   							free(n.name);
#  220|   							free(n.val);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def98]
audit-userspace-4.1.2/auparse/ellist.c:218:53: warning[-Wanalyzer-malloc-leak]: leak of 'n.val'
audit-userspace-4.1.2/auparse/ellist.c:103:12: enter_function: entry to 'parse_up_record'
audit-userspace-4.1.2/auparse/ellist.c:110:12: branch_false: following 'false' branch (when 'ptr' is NULL)...
audit-userspace-4.1.2/auparse/ellist.c:114:9: branch_false: ...to here
audit-userspace-4.1.2/auparse/ellist.c:120:12: branch_false: following 'false' branch (when 'buf' is non-NULL)...
audit-userspace-4.1.2/auparse/ellist.c:122:9: branch_false: ...to here
audit-userspace-4.1.2/auparse/ellist.c:126:12: branch_false: following 'false' branch...
 branch_false: ...to here
audit-userspace-4.1.2/auparse/ellist.c:136:20: branch_true: following 'true' branch (when 'val' is non-NULL)...
audit-userspace-4.1.2/auparse/ellist.c:140:29: branch_true: ...to here
audit-userspace-4.1.2/auparse/ellist.c:188:28: branch_true: following 'true' branch...
audit-userspace-4.1.2/auparse/ellist.c:204:44: branch_false: following 'false' branch...
audit-userspace-4.1.2/auparse/ellist.c:214:48: branch_false: ...to here
audit-userspace-4.1.2/auparse/ellist.c:215:48: branch_true: following 'true' branch (when 'ptr2' is non-NULL)...
audit-userspace-4.1.2/auparse/ellist.c:216:58: branch_true: ...to here
audit-userspace-4.1.2/auparse/ellist.c:217:57: call_function: calling 'escape' from 'parse_up_record'
audit-userspace-4.1.2/auparse/ellist.c:217:57: return_function: returning to 'parse_up_record' from 'escape'
audit-userspace-4.1.2/auparse/ellist.c:218:53: danger: 'n.val' leaks here; was allocated at [(22)](sarif:/runs/0/results/6/codeFlows/0/threadFlows/0/locations/21)
#  216|   						n.name = strdup("key");
#  217|   						n.val = escape(ptr2);
#  218|-> 						if (nvlist_append(&r->nv, &n)) {
#  219|   							free(n.name);
#  220|   							free(n.val);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def99]
audit-userspace-4.1.2/auparse/ellist.c:234:45: warning[-Wanalyzer-malloc-leak]: leak of 'n.name'
audit-userspace-4.1.2/auparse/ellist.c:110:12: branch_false: following 'false' branch (when 'ptr' is NULL)...
audit-userspace-4.1.2/auparse/ellist.c:114:9: branch_false: ...to here
audit-userspace-4.1.2/auparse/ellist.c:120:12: branch_false: following 'false' branch (when 'buf' is non-NULL)...
audit-userspace-4.1.2/auparse/ellist.c:122:9: branch_false: ...to here
audit-userspace-4.1.2/auparse/ellist.c:126:12: branch_false: following 'false' branch...
 branch_false: ...to here
audit-userspace-4.1.2/auparse/ellist.c:136:20: branch_true: following 'true' branch (when 'val' is non-NULL)...
audit-userspace-4.1.2/auparse/ellist.c:140:29: branch_true: ...to here
audit-userspace-4.1.2/auparse/ellist.c:229:36: branch_true: following 'true' branch (when the strings are equal)...
audit-userspace-4.1.2/auparse/ellist.c:231:50: branch_true: ...to here
audit-userspace-4.1.2/auparse/ellist.c:231:50: acquire_memory: allocated here
audit-userspace-4.1.2/auparse/ellist.c:234:45: danger: 'n.name' leaks here; was allocated at [(13)](sarif:/runs/0/results/8/codeFlows/0/threadFlows/0/locations/12)
#  232|   					char *t = strdup(n.val);
#  233|   					n.val = t;
#  234|-> 					if (nvlist_append(&r->nv, &n)) {
#  235|   						free(n.name);
#  236|   						free(n.val);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def100]
audit-userspace-4.1.2/auparse/ellist.c:234:45: warning[-Wanalyzer-malloc-leak]: leak of 't'
audit-userspace-4.1.2/auparse/ellist.c:110:12: branch_false: following 'false' branch (when 'ptr' is NULL)...
audit-userspace-4.1.2/auparse/ellist.c:114:9: branch_false: ...to here
audit-userspace-4.1.2/auparse/ellist.c:120:12: branch_false: following 'false' branch (when 'buf' is non-NULL)...
audit-userspace-4.1.2/auparse/ellist.c:122:9: branch_false: ...to here
audit-userspace-4.1.2/auparse/ellist.c:126:12: branch_false: following 'false' branch...
 branch_false: ...to here
audit-userspace-4.1.2/auparse/ellist.c:136:20: branch_true: following 'true' branch (when 'val' is non-NULL)...
audit-userspace-4.1.2/auparse/ellist.c:140:29: branch_true: ...to here
audit-userspace-4.1.2/auparse/ellist.c:229:36: branch_true: following 'true' branch (when the strings are equal)...
audit-userspace-4.1.2/auparse/ellist.c:231:50: branch_true: ...to here
audit-userspace-4.1.2/auparse/ellist.c:232:51: acquire_memory: allocated here
audit-userspace-4.1.2/auparse/ellist.c:234:45: danger: 't' leaks here; was allocated at [(13)](sarif:/runs/0/results/7/codeFlows/0/threadFlows/0/locations/12)
#  232|   					char *t = strdup(n.val);
#  233|   					n.val = t;
#  234|-> 					if (nvlist_append(&r->nv, &n)) {
#  235|   						free(n.name);
#  236|   						free(n.val);

Error: CPPCHECK_WARNING (CWE-401): [#def101]
audit-userspace-4.1.2/auparse/ellist.c:316: error[memleak]: Memory leak: n.name
#  314|   									 == 0)
#  315|   								free(buf);
#  316|-> 							return -1;
#  317|   						}
#  318|   						if (tmpctx[0]) {

Error: GCC_ANALYZER_WARNING (CWE-401): [#def102]
audit-userspace-4.1.2/auparse/ellist.c:329:45: warning[-Wanalyzer-malloc-leak]: leak of 'n.name'
audit-userspace-4.1.2/auparse/ellist.c:110:12: branch_false: following 'false' branch (when 'ptr' is NULL)...
audit-userspace-4.1.2/auparse/ellist.c:114:9: branch_false: ...to here
audit-userspace-4.1.2/auparse/ellist.c:120:12: branch_false: following 'false' branch (when 'buf' is non-NULL)...
audit-userspace-4.1.2/auparse/ellist.c:122:9: branch_false: ...to here
audit-userspace-4.1.2/auparse/ellist.c:126:12: branch_false: following 'false' branch...
 branch_false: ...to here
audit-userspace-4.1.2/auparse/ellist.c:136:20: branch_false: following 'false' branch (when 'val' is NULL)...
audit-userspace-4.1.2/auparse/ellist.c:293:28: branch_false: ...to here
audit-userspace-4.1.2/auparse/ellist.c:293:27: branch_true: following 'true' branch...
audit-userspace-4.1.2/auparse/ellist.c:296:25: branch_true: ...to here
audit-userspace-4.1.2/auparse/ellist.c:297:28: branch_false: following 'false' branch...
audit-userspace-4.1.2/auparse/ellist.c:302:62: branch_false: ...to here
audit-userspace-4.1.2/auparse/ellist.c:302:35: branch_true: following 'true' branch...
audit-userspace-4.1.2/auparse/ellist.c:304:37: branch_true: ...to here
audit-userspace-4.1.2/auparse/ellist.c:304:36: branch_true: following 'true' branch...
audit-userspace-4.1.2/auparse/ellist.c:307:41: branch_true: ...to here
audit-userspace-4.1.2/auparse/ellist.c:327:50: acquire_memory: allocated here
audit-userspace-4.1.2/auparse/ellist.c:329:45: danger: 'n.name' leaks here; was allocated at [(19)](sarif:/runs/0/results/9/codeFlows/0/threadFlows/0/locations/18)
#  327|   					n.name = strdup("seperms");
#  328|   					n.val = strdup(tmpctx);
#  329|-> 					if (nvlist_append(&r->nv, &n)) {
#  330|   						free(n.name);
#  331|   						free(n.val);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def103]
audit-userspace-4.1.2/auparse/ellist.c:329:45: warning[-Wanalyzer-malloc-leak]: leak of 'n.val'
audit-userspace-4.1.2/auparse/ellist.c:110:12: branch_false: following 'false' branch (when 'ptr' is NULL)...
audit-userspace-4.1.2/auparse/ellist.c:114:9: branch_false: ...to here
audit-userspace-4.1.2/auparse/ellist.c:120:12: branch_false: following 'false' branch (when 'buf' is non-NULL)...
audit-userspace-4.1.2/auparse/ellist.c:122:9: branch_false: ...to here
audit-userspace-4.1.2/auparse/ellist.c:126:12: branch_false: following 'false' branch...
 branch_false: ...to here
audit-userspace-4.1.2/auparse/ellist.c:136:20: branch_false: following 'false' branch (when 'val' is NULL)...
audit-userspace-4.1.2/auparse/ellist.c:293:28: branch_false: ...to here
audit-userspace-4.1.2/auparse/ellist.c:293:27: branch_true: following 'true' branch...
audit-userspace-4.1.2/auparse/ellist.c:296:25: branch_true: ...to here
audit-userspace-4.1.2/auparse/ellist.c:297:28: branch_false: following 'false' branch...
audit-userspace-4.1.2/auparse/ellist.c:302:62: branch_false: ...to here
audit-userspace-4.1.2/auparse/ellist.c:302:35: branch_true: following 'true' branch...
audit-userspace-4.1.2/auparse/ellist.c:304:37: branch_true: ...to here
audit-userspace-4.1.2/auparse/ellist.c:304:36: branch_true: following 'true' branch...
audit-userspace-4.1.2/auparse/ellist.c:307:41: branch_true: ...to here
audit-userspace-4.1.2/auparse/ellist.c:328:49: acquire_memory: allocated here
audit-userspace-4.1.2/auparse/ellist.c:329:45: danger: 'n.val' leaks here; was allocated at [(19)](sarif:/runs/0/results/10/codeFlows/0/threadFlows/0/locations/18)
#  327|   					n.name = strdup("seperms");
#  328|   					n.val = strdup(tmpctx);
#  329|-> 					if (nvlist_append(&r->nv, &n)) {
#  330|   						free(n.name);
#  331|   						free(n.val);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def104]
audit-userspace-4.1.2/auparse/ellist.c:339:25: warning[-Wanalyzer-malloc-leak]: leak of 'n.name'
audit-userspace-4.1.2/auparse/ellist.c:356:5: enter_function: entry to 'aup_list_append'
audit-userspace-4.1.2/auparse/ellist.c:362:12: branch_false: following 'false' branch (when 'record' is non-NULL)...
audit-userspace-4.1.2/auparse/ellist.c:366:13: branch_false: ...to here
audit-userspace-4.1.2/auparse/ellist.c:367:12: branch_false: following 'false' branch (when 'r' is non-NULL)...
audit-userspace-4.1.2/auparse/ellist.c:370:9: branch_false: ...to here
audit-userspace-4.1.2/auparse/ellist.c:397:14: call_function: calling 'parse_up_record' from 'aup_list_append'
#  337|   
#  338|   			n.val = ptr;
#  339|-> 			nvlist_append(&r->nv, &n);
#  340|   		}
#  341|   	} while((ptr = audit_strsplit_r(NULL, &saved)));

Error: GCC_ANALYZER_WARNING (CWE-401): [#def105]
audit-userspace-4.1.2/auparse/ellist.c:382:9: warning[-Wanalyzer-malloc-leak]: leak of 'r'
audit-userspace-4.1.2/auparse/ellist.c:362:12: branch_false: following 'false' branch (when 'record' is non-NULL)...
audit-userspace-4.1.2/auparse/ellist.c:366:13: branch_false: ...to here
audit-userspace-4.1.2/auparse/ellist.c:366:13: acquire_memory: allocated here
audit-userspace-4.1.2/auparse/ellist.c:367:12: branch_false: following 'false' branch (when 'r' is non-NULL)...
audit-userspace-4.1.2/auparse/ellist.c:370:9: branch_false: ...to here
audit-userspace-4.1.2/auparse/ellist.c:382:9: danger: 'r' leaks here; was allocated at [(3)](sarif:/runs/0/results/12/codeFlows/0/threadFlows/0/locations/2)
#  380|   	r->line_number = line_number;
#  381|   	r->next = NULL;
#  382|-> 	nvlist_create(&r->nv);
#  383|   
#  384|   	// if we are at top, fix this up

Error: GCC_ANALYZER_WARNING (CWE-401): [#def106]
audit-userspace-4.1.2/auparse/interpret.c:345:13: warning[-Wanalyzer-malloc-leak]: leak of 'au_unescape(raw_data)'
audit-userspace-4.1.2/auparse/interpret.c:3414:7: enter_function: entry to 'auparse_do_interpretation'
audit-userspace-4.1.2/auparse/interpret.c:3507:31: call_function: calling 'print_tty_data' from 'auparse_do_interpretation'
#  343|   
#  344|   	/* Find the end of the name */
#  345|-> 	if (*ptr == '(') {
#  346|   		ptr = strchr(ptr, ')');
#  347|   		if (ptr == NULL)

Error: GCC_ANALYZER_WARNING (CWE-401): [#def107]
audit-userspace-4.1.2/auparse/interpret.c:345:13: warning[-Wanalyzer-malloc-leak]: leak of 'au_unescape(val + 2)'
audit-userspace-4.1.2/auparse/interpret.c:3414:7: enter_function: entry to 'auparse_do_interpretation'
audit-userspace-4.1.2/auparse/interpret.c:3465:31: call_function: calling 'print_escaped' from 'auparse_do_interpretation'
#  343|   
#  344|   	/* Find the end of the name */
#  345|-> 	if (*ptr == '(') {
#  346|   		ptr = strchr(ptr, ')');
#  347|   		if (ptr == NULL)

Error: GCC_ANALYZER_WARNING (CWE-401): [#def108]
audit-userspace-4.1.2/auparse/interpret.c:345:13: warning[-Wanalyzer-malloc-leak]: leak of 'au_unescape(val)'
audit-userspace-4.1.2/auparse/interpret.c:3414:7: enter_function: entry to 'auparse_do_interpretation'
audit-userspace-4.1.2/auparse/interpret.c:3477:31: call_function: calling 'print_sockaddr' from 'auparse_do_interpretation'
#  343|   
#  344|   	/* Find the end of the name */
#  345|-> 	if (*ptr == '(') {
#  346|   		ptr = strchr(ptr, ')');
#  347|   		if (ptr == NULL)

Error: GCC_ANALYZER_WARNING (CWE-688): [#def109]
audit-userspace-4.1.2/auparse/interpret.c:1078:32: warning[-Wanalyzer-possible-null-argument]: use of possibly-NULL 'ptr' where non-null expected
audit-userspace-4.1.2/auparse/interpret.c:3414:7: enter_function: entry to 'auparse_do_interpretation'
audit-userspace-4.1.2/auparse/interpret.c:3540:31: call_function: calling 'print_proctitle' from 'auparse_do_interpretation'
# 1076|   		// We need to write over the NUL bytes with a space
# 1077|   		// so that we can see the arguments
# 1078|-> 		while ((ptr  = STRCHR(ptr, '\0'))) {
# 1079|   			if (ptr >= end)
# 1080|   				break;

Error: GCC_ANALYZER_WARNING (CWE-835): [#def110]
audit-userspace-4.1.2/auparse/lru.c:137:16: warning[-Wanalyzer-infinite-loop]: infinite loop
audit-userspace-4.1.2/auparse/lru.c:446:6: enter_function: entry to 'destroy_lru'
#  135|   	// remove_node, end is updated to a prior node as part of detaching
#  136|   	// the current end node.
#  137|-> 	while (queue->count)
#  138|   		dequeue(queue);
#  139|   

Error: GCC_ANALYZER_WARNING (CWE-404): [#def111]
audit-userspace-4.1.2/auparse/message.c:51:17: warning[-Wanalyzer-va-list-leak]: missing call to 'va_end'
audit-userspace-4.1.2/auparse/message.c:43:12: branch_false: following 'false' branch...
audit-userspace-4.1.2/auparse/message.c:46:12: branch_false: ...to here
audit-userspace-4.1.2/auparse/message.c:49:9: acquire_resource: 'va_start' called here
audit-userspace-4.1.2/auparse/message.c:50:12: branch_true: following 'true' branch...
audit-userspace-4.1.2/auparse/message.c:51:17: branch_true: ...to here
audit-userspace-4.1.2/auparse/message.c:51:17: danger: missing call to 'va_end' to match 'va_start' at [(3)](sarif:/runs/0/results/0/codeFlows/0/threadFlows/0/locations/2)
#   49|           va_start(ap, fmt);
#   50|           if (au->message_mode == MSG_SYSLOG)
#   51|->                 vsyslog(priority, fmt, ap);
#   52|           else {
#   53|                   vfprintf(stderr, fmt, ap);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def112]
audit-userspace-4.1.2/auparse/test/auparse_extra_test.c:16:9: warning[-Wanalyzer-malloc-leak]: leak of ‘auparse_init(3, &buf1)’
audit-userspace-4.1.2/auparse/test/auparse_extra_test.c:14:31: acquire_memory: allocated here
audit-userspace-4.1.2/auparse/test/auparse_extra_test.c:15:9: branch_true: following ‘true’ branch...
audit-userspace-4.1.2/auparse/test/auparse_extra_test.c:16:9: branch_true: ...to here
audit-userspace-4.1.2/auparse/test/auparse_extra_test.c:16:9: danger: ‘auparse_init(3, &buf1)’ leaks here; was allocated at [(1)](sarif:/runs/0/results/0/codeFlows/0/threadFlows/0/locations/0)
#   14|   	auparse_state_t *au = auparse_init(AUSOURCE_BUFFER, buf1);
#   15|   	assert(au != NULL);
#   16|-> 	assert(auparse_next_event(au) > 0);
#   17|   	assert(auparse_get_type(au) == AUDIT_LOGIN);
#   18|   	assert(auparse_new_buffer(au, buf2, strlen(buf2)) == 0);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def113]
audit-userspace-4.1.2/auparse/test/auparse_extra_test.c:36:9: warning[-Wanalyzer-malloc-leak]: leak of ‘auparse_init(7, 0)’
audit-userspace-4.1.2/auparse/test/auparse_extra_test.c:34:31: acquire_memory: allocated here
audit-userspace-4.1.2/auparse/test/auparse_extra_test.c:35:9: branch_true: following ‘true’ branch...
audit-userspace-4.1.2/auparse/test/auparse_extra_test.c:36:9: branch_true: ...to here
audit-userspace-4.1.2/auparse/test/auparse_extra_test.c:36:9: danger: ‘auparse_init(7, 0)’ leaks here; was allocated at [(1)](sarif:/runs/0/results/1/codeFlows/0/threadFlows/0/locations/0)
#   34|   	auparse_state_t *au = auparse_init(AUSOURCE_FEED, NULL);
#   35|   	assert(au != NULL);
#   36|-> 	auparse_add_callback(au, ready_cb, NULL, NULL);
#   37|   	assert(auparse_feed_has_data(au) == 0);
#   38|   	assert(auparse_feed(au, buf, strlen(buf)) == 0);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def114]
audit-userspace-4.1.2/auparse/test/auparse_extra_test.c:49:9: warning[-Wanalyzer-malloc-leak]: leak of ‘auparse_init(1, "./test.log")’
audit-userspace-4.1.2/auparse/test/auparse_extra_test.c:47:31: acquire_memory: allocated here
audit-userspace-4.1.2/auparse/test/auparse_extra_test.c:48:9: branch_true: following ‘true’ branch...
audit-userspace-4.1.2/auparse/test/auparse_extra_test.c:49:9: branch_true: ...to here
audit-userspace-4.1.2/auparse/test/auparse_extra_test.c:49:9: danger: ‘auparse_init(1, "./test.log")’ leaks here; was allocated at [(1)](sarif:/runs/0/results/2/codeFlows/0/threadFlows/0/locations/0)
#   47|   	auparse_state_t *au = auparse_init(AUSOURCE_FILE, "./test.log");
#   48|   	assert(au != NULL);
#   49|-> 	assert(auparse_next_event(au) > 0);
#   50|   	assert(auparse_normalize(au, NORM_OPT_ALL) == 0);
#   51|   	const char *kind = auparse_normalize_get_event_kind(au);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def115]
audit-userspace-4.1.2/auparse/test/auparse_extra_test.c:64:9: warning[-Wanalyzer-malloc-leak]: leak of ‘auparse_init(1, "./test.log")’
audit-userspace-4.1.2/auparse/test/auparse_extra_test.c:62:31: acquire_memory: allocated here
audit-userspace-4.1.2/auparse/test/auparse_extra_test.c:63:9: branch_true: following ‘true’ branch...
audit-userspace-4.1.2/auparse/test/auparse_extra_test.c:64:9: branch_true: ...to here
audit-userspace-4.1.2/auparse/test/auparse_extra_test.c:64:9: danger: ‘auparse_init(1, "./test.log")’ leaks here; was allocated at [(1)](sarif:/runs/0/results/3/codeFlows/0/threadFlows/0/locations/0)
#   62|   	auparse_state_t *au = auparse_init(AUSOURCE_FILE, "./test.log");
#   63|   	assert(au != NULL);
#   64|-> 	assert(auparse_next_event(au) > 0);
#   65|   	const au_event_t *e1 = auparse_get_timestamp(au);
#   66|   	assert(e1 != NULL);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def116]
audit-userspace-4.1.2/auparse/test/auparse_extra_test.c:88:14: warning[-Wanalyzer-malloc-leak]: leak of ‘auparse_init(1, "./test.log")’
audit-userspace-4.1.2/auparse/test/auparse_extra_test.c:85:14: acquire_memory: allocated here
audit-userspace-4.1.2/auparse/test/auparse_extra_test.c:86:9: branch_true: following ‘true’ branch...
audit-userspace-4.1.2/auparse/test/auparse_extra_test.c:88:14: branch_true: ...to here
audit-userspace-4.1.2/auparse/test/auparse_extra_test.c:88:14: danger: ‘auparse_init(1, "./test.log")’ leaks here; was allocated at [(1)](sarif:/runs/0/results/4/codeFlows/0/threadFlows/0/locations/0)
#   86|   	assert(au != NULL);
#   87|   
#   88|-> 	rc = ausearch_add_expression(au,
#   89|   				"\\timestamp == ts:1.999",
#   90|   				&err, AUSEARCH_RULE_CLEAR);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def117]
audit-userspace-4.1.2/auparse/test/auparse_extra_test.c:120:14: warning[-Wanalyzer-malloc-leak]: leak of ‘id.cwd’
audit-userspace-4.1.2/auparse/test/auparse_extra_test.c:117:18: acquire_memory: allocated here
audit-userspace-4.1.2/auparse/test/auparse_extra_test.c:118:21: branch_true: following ‘true’ branch (when ‘i != 9’)...
audit-userspace-4.1.2/auparse/test/auparse_extra_test.c:119:17: branch_true: ...to here
audit-userspace-4.1.2/auparse/test/auparse_extra_test.c:120:14: danger: ‘id.cwd’ leaks here; was allocated at [(1)](sarif:/runs/0/results/5/codeFlows/0/threadFlows/0/locations/0)
#  118|   	for (i = 0; i < sizeof(fuzz) - 1; i++)
#  119|   		seeds *= 3;
#  120|-> 	au = auparse_init(AUSOURCE_FILE, "/dev/null");
#  121|   	assert(au != NULL);
#  122|   	for (unsigned s = 0; s < seeds; s++) {

Error: GCC_ANALYZER_WARNING (CWE-401): [#def118]
audit-userspace-4.1.2/auparse/test/auparse_extra_test.c:128:17: warning[-Wanalyzer-malloc-leak]: leak of ‘auparse_init(1, "/dev/null")’
audit-userspace-4.1.2/auparse/test/auparse_extra_test.c:118:21: branch_true: following ‘true’ branch (when ‘i != 9’)...
audit-userspace-4.1.2/auparse/test/auparse_extra_test.c:119:17: branch_true: ...to here
audit-userspace-4.1.2/auparse/test/auparse_extra_test.c:120:14: acquire_memory: allocated here
audit-userspace-4.1.2/auparse/test/auparse_extra_test.c:121:9: branch_true: following ‘true’ branch...
 branch_true: ...to here
audit-userspace-4.1.2/auparse/test/auparse_extra_test.c:122:30: branch_true: following ‘true’ branch (when ‘seeds > s’)...
 branch_true: ...to here
audit-userspace-4.1.2/auparse/test/auparse_extra_test.c:124:29: branch_true: following ‘true’ branch (when ‘i != 9’)...
audit-userspace-4.1.2/auparse/test/auparse_extra_test.c:125:41: branch_true: ...to here
audit-userspace-4.1.2/auparse/test/auparse_extra_test.c:128:17: danger: ‘auparse_init(1, "/dev/null")’ leaks here; was allocated at [(3)](sarif:/runs/0/results/6/codeFlows/0/threadFlows/0/locations/2)
#  126|   
#  127|   		fuzz[sizeof(fuzz) - 1] = '\0';
#  128|-> 		audit_encode_value(val, fuzz, sizeof(fuzz));
#  129|   		id.val = val;
#  130|   		out = auparse_do_interpretation(au, AUPARSE_TYPE_ESCAPED_FILE,

Error: GCC_ANALYZER_WARNING (CWE-401): [#def119]
audit-userspace-4.1.2/auparse/test/auparse_extra_test.c:128:17: warning[-Wanalyzer-malloc-leak]: leak of ‘id.cwd’
audit-userspace-4.1.2/auparse/test/auparse_extra_test.c:117:18: acquire_memory: allocated here
audit-userspace-4.1.2/auparse/test/auparse_extra_test.c:118:21: branch_true: following ‘true’ branch (when ‘i != 9’)...
audit-userspace-4.1.2/auparse/test/auparse_extra_test.c:119:17: branch_true: ...to here
audit-userspace-4.1.2/auparse/test/auparse_extra_test.c:121:9: branch_true: following ‘true’ branch...
 branch_true: ...to here
audit-userspace-4.1.2/auparse/test/auparse_extra_test.c:122:30: branch_true: following ‘true’ branch (when ‘seeds > s’)...
 branch_true: ...to here
audit-userspace-4.1.2/auparse/test/auparse_extra_test.c:124:29: branch_true: following ‘true’ branch (when ‘i != 9’)...
audit-userspace-4.1.2/auparse/test/auparse_extra_test.c:125:41: branch_true: ...to here
audit-userspace-4.1.2/auparse/test/auparse_extra_test.c:128:17: danger: ‘id.cwd’ leaks here; was allocated at [(1)](sarif:/runs/0/results/7/codeFlows/0/threadFlows/0/locations/0)
#  126|   
#  127|   		fuzz[sizeof(fuzz) - 1] = '\0';
#  128|-> 		audit_encode_value(val, fuzz, sizeof(fuzz));
#  129|   		id.val = val;
#  130|   		out = auparse_do_interpretation(au, AUPARSE_TYPE_ESCAPED_FILE,

Error: GCC_ANALYZER_WARNING (CWE-401): [#def120]
audit-userspace-4.1.2/auparse/test/auparse_extra_test.c:130:23: warning[-Wanalyzer-malloc-leak]: leak of ‘auparse_init(1, "/dev/null")’
audit-userspace-4.1.2/auparse/test/auparse_extra_test.c:118:21: branch_true: following ‘true’ branch (when ‘i != 9’)...
audit-userspace-4.1.2/auparse/test/auparse_extra_test.c:119:17: branch_true: ...to here
audit-userspace-4.1.2/auparse/test/auparse_extra_test.c:120:14: acquire_memory: allocated here
audit-userspace-4.1.2/auparse/test/auparse_extra_test.c:121:9: branch_true: following ‘true’ branch...
 branch_true: ...to here
audit-userspace-4.1.2/auparse/test/auparse_extra_test.c:122:30: branch_true: following ‘true’ branch (when ‘seeds > s’)...
 branch_true: ...to here
audit-userspace-4.1.2/auparse/test/auparse_extra_test.c:124:29: branch_true: following ‘true’ branch (when ‘i != 9’)...
audit-userspace-4.1.2/auparse/test/auparse_extra_test.c:125:41: branch_true: ...to here
audit-userspace-4.1.2/auparse/test/auparse_extra_test.c:130:23: danger: ‘auparse_init(1, "/dev/null")’ leaks here; was allocated at [(3)](sarif:/runs/0/results/9/codeFlows/0/threadFlows/0/locations/2)
#  128|   		audit_encode_value(val, fuzz, sizeof(fuzz));
#  129|   		id.val = val;
#  130|-> 		out = auparse_do_interpretation(au, AUPARSE_TYPE_ESCAPED_FILE,
#  131|   						&id, AUPARSE_ESC_RAW);
#  132|   		assert(out != NULL);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def121]
audit-userspace-4.1.2/auparse/test/auparse_extra_test.c:130:23: warning[-Wanalyzer-malloc-leak]: leak of ‘id.cwd’
audit-userspace-4.1.2/auparse/test/auparse_extra_test.c:117:18: acquire_memory: allocated here
audit-userspace-4.1.2/auparse/test/auparse_extra_test.c:118:21: branch_true: following ‘true’ branch (when ‘i != 9’)...
audit-userspace-4.1.2/auparse/test/auparse_extra_test.c:119:17: branch_true: ...to here
audit-userspace-4.1.2/auparse/test/auparse_extra_test.c:121:9: branch_true: following ‘true’ branch...
 branch_true: ...to here
audit-userspace-4.1.2/auparse/test/auparse_extra_test.c:122:30: branch_true: following ‘true’ branch (when ‘seeds > s’)...
 branch_true: ...to here
audit-userspace-4.1.2/auparse/test/auparse_extra_test.c:124:29: branch_true: following ‘true’ branch (when ‘i != 9’)...
audit-userspace-4.1.2/auparse/test/auparse_extra_test.c:125:41: branch_true: ...to here
audit-userspace-4.1.2/auparse/test/auparse_extra_test.c:130:23: danger: ‘id.cwd’ leaks here; was allocated at [(1)](sarif:/runs/0/results/8/codeFlows/0/threadFlows/0/locations/0)
#  128|   		audit_encode_value(val, fuzz, sizeof(fuzz));
#  129|   		id.val = val;
#  130|-> 		out = auparse_do_interpretation(au, AUPARSE_TYPE_ESCAPED_FILE,
#  131|   						&id, AUPARSE_ESC_RAW);
#  132|   		assert(out != NULL);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def122]
audit-userspace-4.1.2/auparse/test/auparse_test.c:128:13: warning[-Wanalyzer-malloc-leak]: leak of ‘au’
audit-userspace-4.1.2/auparse/test/auparse_test.c:117:12: branch_true: following ‘true’ branch (when ‘source == 1’)...
audit-userspace-4.1.2/auparse/test/auparse_test.c:118:22: branch_true: ...to here
audit-userspace-4.1.2/auparse/test/auparse_test.c:118:22: acquire_memory: allocated here
audit-userspace-4.1.2/auparse/test/auparse_test.c:124:12: branch_false: following ‘false’ branch (when ‘au’ is non-NULL)...
audit-userspace-4.1.2/auparse/test/auparse_test.c:128:13: branch_false: ...to here
audit-userspace-4.1.2/auparse/test/auparse_test.c:128:13: danger: ‘au’ leaks here; was allocated at [(3)](sarif:/runs/0/results/0/codeFlows/0/threadFlows/0/locations/2)
#  126|   		exit(1);
#  127|   	}
#  128|-> 	if (ausearch_add_item(au, "auid", "=", val, AUSEARCH_RULE_CLEAR)){
#  129|   		printf("ausearch_add_item error - %s\n", strerror(errno));
#  130|   		exit(1);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def123]
audit-userspace-4.1.2/auparse/test/auparse_test.c:154:21: warning[-Wanalyzer-malloc-leak]: leak of ‘auparse_init(1, "./test.log")’
audit-userspace-4.1.2/auparse/test/auparse_test.c:148:14: acquire_memory: allocated here
audit-userspace-4.1.2/auparse/test/auparse_test.c:149:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/auparse/test/auparse_test.c:153:12: branch_false: ...to here
audit-userspace-4.1.2/auparse/test/auparse_test.c:153:12: branch_true: following ‘true’ branch (when ‘how == 2’)...
audit-userspace-4.1.2/auparse/test/auparse_test.c:154:21: branch_true: ...to here
audit-userspace-4.1.2/auparse/test/auparse_test.c:154:21: danger: ‘auparse_init(1, "./test.log")’ leaks here; was allocated at [(1)](sarif:/runs/0/results/1/codeFlows/0/threadFlows/0/locations/0)
#  152|   	}
#  153|   	if (how == AUSEARCH_RULE_AND) {
#  154|-> 		if (ausearch_add_item(au, "uid", "=", "0",
#  155|   							 AUSEARCH_RULE_CLEAR)){
#  156|   			printf("ausearch_add_item 1 error - %s\n",

Error: GCC_ANALYZER_WARNING (CWE-401): [#def124]
audit-userspace-4.1.2/auparse/test/auparse_test.c:171:21: warning[-Wanalyzer-malloc-leak]: leak of ‘auparse_init(1, "./test.log")’
audit-userspace-4.1.2/auparse/test/auparse_test.c:148:14: acquire_memory: allocated here
audit-userspace-4.1.2/auparse/test/auparse_test.c:149:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/auparse/test/auparse_test.c:153:12: branch_false: ...to here
audit-userspace-4.1.2/auparse/test/auparse_test.c:153:12: branch_false: following ‘false’ branch (when ‘how != 2’)...
audit-userspace-4.1.2/auparse/test/auparse_test.c:171:21: branch_false: ...to here
audit-userspace-4.1.2/auparse/test/auparse_test.c:171:21: danger: ‘auparse_init(1, "./test.log")’ leaks here; was allocated at [(1)](sarif:/runs/0/results/2/codeFlows/0/threadFlows/0/locations/0)
#  169|   		}
#  170|   	} else {
#  171|-> 		if (ausearch_add_item(au, "auid", "=", "42",
#  172|   							 AUSEARCH_RULE_CLEAR)){
#  173|   			printf("ausearch_add_item 4 error - %s\n",

Error: GCC_ANALYZER_WARNING (CWE-401): [#def125]
audit-userspace-4.1.2/auparse/test/auparse_test.c:211:13: warning[-Wanalyzer-malloc-leak]: leak of ‘auparse_init(4, &buf)’
audit-userspace-4.1.2/auparse/test/auparse_test.c:206:14: acquire_memory: allocated here
audit-userspace-4.1.2/auparse/test/auparse_test.c:207:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/auparse/test/auparse_test.c:211:13: branch_false: ...to here
audit-userspace-4.1.2/auparse/test/auparse_test.c:211:13: danger: ‘auparse_init(4, &buf)’ leaks here; was allocated at [(1)](sarif:/runs/0/results/3/codeFlows/0/threadFlows/0/locations/0)
#  209|   		exit(1);
#  210|   	}
#  211|-> 	if (ausearch_add_regex(au, expr)){
#  212|   		printf("ausearch_add_regex error - %s\n", strerror(errno));
#  213|   		exit(1);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def126]
audit-userspace-4.1.2/auparse/test/auparse_test.c:300:16: warning[-Wanalyzer-malloc-leak]: leak of ‘auparse_init(4, &buf)’
audit-userspace-4.1.2/auparse/test/auparse_test.c:293:14: acquire_memory: allocated here
audit-userspace-4.1.2/auparse/test/auparse_test.c:294:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/auparse/test/auparse_test.c:299:9: branch_false: ...to here
audit-userspace-4.1.2/auparse/test/auparse_test.c:300:16: danger: ‘auparse_init(4, &buf)’ leaks here; was allocated at [(1)](sarif:/runs/0/results/4/codeFlows/0/threadFlows/0/locations/0)
#  298|   
#  299|   	printf("Starting Test 1, iterate...\n");
#  300|-> 	while (auparse_next_event(au) > 0) {
#  301|   		if (auparse_find_field(au, "auid")) {
#  302|   			printf("%s=%s\n", auparse_get_field_name(au),

Error: GCC_ANALYZER_WARNING (CWE-775): [#def127]
audit-userspace-4.1.2/auparse/test/auparselol_test.c:235:10: warning[-Wanalyzer-file-leak]: leak of FILE ‘fd’
audit-userspace-4.1.2/auparse/test/auparselol_test.c:203:9: branch_false: following ‘false’ branch (when ‘filename’ is NULL)...
audit-userspace-4.1.2/auparse/test/auparselol_test.c:210:8: branch_false: ...to here
audit-userspace-4.1.2/auparse/test/auparselol_test.c:210:8: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/auparse/test/auparselol_test.c:217:22: branch_false: ...to here
audit-userspace-4.1.2/auparse/test/auparselol_test.c:217:8: branch_false: following ‘false’ branch (when ‘event_cnt’ is non-NULL)...
audit-userspace-4.1.2/auparse/test/auparselol_test.c:224:8: branch_false: ...to here
audit-userspace-4.1.2/auparse/test/auparselol_test.c:224:8: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/auparse/test/auparselol_test.c:227:19: branch_false: ...to here
audit-userspace-4.1.2/auparse/test/auparselol_test.c:227:19: acquire_resource: opened here
audit-userspace-4.1.2/auparse/test/auparselol_test.c:227:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/auparse/test/auparselol_test.c:235:10: branch_false: ...to here
audit-userspace-4.1.2/auparse/test/auparselol_test.c:235:10: danger: ‘fd’ leaks here; was opened at [(9)](sarif:/runs/0/results/1/codeFlows/0/threadFlows/0/locations/8)
#  233|       }
#  234|   
#  235|->     au = auparse_init(AUSOURCE_FEED, NULL);
#  236|       *event_cnt = 1;
#  237|       auparse_add_callback(au, auparse_callback, event_cnt, free);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def128]
audit-userspace-4.1.2/auparse/test/auparselol_test.c:235:10: warning[-Wanalyzer-malloc-leak]: leak of ‘event_cnt’
audit-userspace-4.1.2/auparse/test/auparselol_test.c:203:9: branch_false: following ‘false’ branch (when ‘filename’ is NULL)...
audit-userspace-4.1.2/auparse/test/auparselol_test.c:210:8: branch_false: ...to here
audit-userspace-4.1.2/auparse/test/auparselol_test.c:210:8: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/auparse/test/auparselol_test.c:217:22: branch_false: ...to here
audit-userspace-4.1.2/auparse/test/auparselol_test.c:217:22: acquire_memory: allocated here
audit-userspace-4.1.2/auparse/test/auparselol_test.c:217:8: branch_false: following ‘false’ branch (when ‘event_cnt’ is non-NULL)...
audit-userspace-4.1.2/auparse/test/auparselol_test.c:224:8: branch_false: ...to here
audit-userspace-4.1.2/auparse/test/auparselol_test.c:224:8: branch_true: following ‘true’ branch...
audit-userspace-4.1.2/auparse/test/auparselol_test.c:225:9: branch_true: ...to here
audit-userspace-4.1.2/auparse/test/auparselol_test.c:235:10: danger: ‘event_cnt’ leaks here; was allocated at [(5)](sarif:/runs/0/results/0/codeFlows/0/threadFlows/0/locations/4)
#  233|       }
#  234|   
#  235|->     au = auparse_init(AUSOURCE_FEED, NULL);
#  236|       *event_cnt = 1;
#  237|       auparse_add_callback(au, auparse_callback, event_cnt, free);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def129]
audit-userspace-4.1.2/auparse/test/auparselol_test.c:235:10: warning[-Wanalyzer-malloc-leak]: leak of ‘fd’
audit-userspace-4.1.2/auparse/test/auparselol_test.c:203:9: branch_false: following ‘false’ branch (when ‘filename’ is NULL)...
audit-userspace-4.1.2/auparse/test/auparselol_test.c:210:8: branch_false: ...to here
audit-userspace-4.1.2/auparse/test/auparselol_test.c:210:8: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/auparse/test/auparselol_test.c:217:22: branch_false: ...to here
audit-userspace-4.1.2/auparse/test/auparselol_test.c:217:8: branch_false: following ‘false’ branch (when ‘event_cnt’ is non-NULL)...
audit-userspace-4.1.2/auparse/test/auparselol_test.c:224:8: branch_false: ...to here
audit-userspace-4.1.2/auparse/test/auparselol_test.c:224:8: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/auparse/test/auparselol_test.c:227:19: branch_false: ...to here
audit-userspace-4.1.2/auparse/test/auparselol_test.c:227:19: acquire_memory: allocated here
audit-userspace-4.1.2/auparse/test/auparselol_test.c:227:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/auparse/test/auparselol_test.c:235:10: branch_false: ...to here
audit-userspace-4.1.2/auparse/test/auparselol_test.c:235:10: danger: ‘fd’ leaks here; was allocated at [(9)](sarif:/runs/0/results/2/codeFlows/0/threadFlows/0/locations/8)
#  233|       }
#  234|   
#  235|->     au = auparse_init(AUSOURCE_FEED, NULL);
#  236|       *event_cnt = 1;
#  237|       auparse_add_callback(au, auparse_callback, event_cnt, free);

Error: GCC_ANALYZER_WARNING (CWE-775): [#def130]
audit-userspace-4.1.2/auparse/test/auparselol_test.c:237:5: warning[-Wanalyzer-file-leak]: leak of FILE ‘fd’
audit-userspace-4.1.2/auparse/test/auparselol_test.c:203:9: branch_false: following ‘false’ branch (when ‘filename’ is NULL)...
audit-userspace-4.1.2/auparse/test/auparselol_test.c:210:8: branch_false: ...to here
audit-userspace-4.1.2/auparse/test/auparselol_test.c:210:8: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/auparse/test/auparselol_test.c:217:22: branch_false: ...to here
audit-userspace-4.1.2/auparse/test/auparselol_test.c:217:8: branch_false: following ‘false’ branch (when ‘event_cnt’ is non-NULL)...
audit-userspace-4.1.2/auparse/test/auparselol_test.c:224:8: branch_false: ...to here
audit-userspace-4.1.2/auparse/test/auparselol_test.c:224:8: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/auparse/test/auparselol_test.c:227:19: branch_false: ...to here
audit-userspace-4.1.2/auparse/test/auparselol_test.c:227:19: acquire_resource: opened here
audit-userspace-4.1.2/auparse/test/auparselol_test.c:227:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/auparse/test/auparselol_test.c:235:10: branch_false: ...to here
audit-userspace-4.1.2/auparse/test/auparselol_test.c:237:5: danger: ‘fd’ leaks here; was opened at [(9)](sarif:/runs/0/results/5/codeFlows/0/threadFlows/0/locations/8)
#  235|       au = auparse_init(AUSOURCE_FEED, NULL);
#  236|       *event_cnt = 1;
#  237|->     auparse_add_callback(au, auparse_callback, event_cnt, free);
#  238|       i = 0;
#  239|       while ((len = fread(buf, 1, sizeof(buf), fd))) {

Error: GCC_ANALYZER_WARNING (CWE-401): [#def131]
audit-userspace-4.1.2/auparse/test/auparselol_test.c:237:5: warning[-Wanalyzer-malloc-leak]: leak of ‘auparse_init(7, 0)’
audit-userspace-4.1.2/auparse/test/auparselol_test.c:203:9: branch_false: following ‘false’ branch (when ‘filename’ is NULL)...
audit-userspace-4.1.2/auparse/test/auparselol_test.c:210:8: branch_false: ...to here
audit-userspace-4.1.2/auparse/test/auparselol_test.c:210:8: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/auparse/test/auparselol_test.c:217:22: branch_false: ...to here
audit-userspace-4.1.2/auparse/test/auparselol_test.c:217:8: branch_false: following ‘false’ branch (when ‘event_cnt’ is non-NULL)...
audit-userspace-4.1.2/auparse/test/auparselol_test.c:224:8: branch_false: ...to here
audit-userspace-4.1.2/auparse/test/auparselol_test.c:224:8: branch_true: following ‘true’ branch...
audit-userspace-4.1.2/auparse/test/auparselol_test.c:225:9: branch_true: ...to here
audit-userspace-4.1.2/auparse/test/auparselol_test.c:235:10: acquire_memory: allocated here
audit-userspace-4.1.2/auparse/test/auparselol_test.c:237:5: danger: ‘auparse_init(7, 0)’ leaks here; was allocated at [(9)](sarif:/runs/0/results/3/codeFlows/0/threadFlows/0/locations/8)
#  235|       au = auparse_init(AUSOURCE_FEED, NULL);
#  236|       *event_cnt = 1;
#  237|->     auparse_add_callback(au, auparse_callback, event_cnt, free);
#  238|       i = 0;
#  239|       while ((len = fread(buf, 1, sizeof(buf), fd))) {

Error: GCC_ANALYZER_WARNING (CWE-401): [#def132]
audit-userspace-4.1.2/auparse/test/auparselol_test.c:237:5: warning[-Wanalyzer-malloc-leak]: leak of ‘event_cnt’
audit-userspace-4.1.2/auparse/test/auparselol_test.c:203:9: branch_false: following ‘false’ branch (when ‘filename’ is NULL)...
audit-userspace-4.1.2/auparse/test/auparselol_test.c:210:8: branch_false: ...to here
audit-userspace-4.1.2/auparse/test/auparselol_test.c:210:8: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/auparse/test/auparselol_test.c:217:22: branch_false: ...to here
audit-userspace-4.1.2/auparse/test/auparselol_test.c:217:22: acquire_memory: allocated here
audit-userspace-4.1.2/auparse/test/auparselol_test.c:217:8: branch_false: following ‘false’ branch (when ‘event_cnt’ is non-NULL)...
audit-userspace-4.1.2/auparse/test/auparselol_test.c:224:8: branch_false: ...to here
audit-userspace-4.1.2/auparse/test/auparselol_test.c:224:8: branch_true: following ‘true’ branch...
audit-userspace-4.1.2/auparse/test/auparselol_test.c:225:9: branch_true: ...to here
audit-userspace-4.1.2/auparse/test/auparselol_test.c:237:5: danger: ‘event_cnt’ leaks here; was allocated at [(5)](sarif:/runs/0/results/4/codeFlows/0/threadFlows/0/locations/4)
#  235|       au = auparse_init(AUSOURCE_FEED, NULL);
#  236|       *event_cnt = 1;
#  237|->     auparse_add_callback(au, auparse_callback, event_cnt, free);
#  238|       i = 0;
#  239|       while ((len = fread(buf, 1, sizeof(buf), fd))) {

Error: GCC_ANALYZER_WARNING (CWE-401): [#def133]
audit-userspace-4.1.2/auparse/test/auparselol_test.c:237:5: warning[-Wanalyzer-malloc-leak]: leak of ‘fd’
audit-userspace-4.1.2/auparse/test/auparselol_test.c:203:9: branch_false: following ‘false’ branch (when ‘filename’ is NULL)...
audit-userspace-4.1.2/auparse/test/auparselol_test.c:210:8: branch_false: ...to here
audit-userspace-4.1.2/auparse/test/auparselol_test.c:210:8: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/auparse/test/auparselol_test.c:217:22: branch_false: ...to here
audit-userspace-4.1.2/auparse/test/auparselol_test.c:217:8: branch_false: following ‘false’ branch (when ‘event_cnt’ is non-NULL)...
audit-userspace-4.1.2/auparse/test/auparselol_test.c:224:8: branch_false: ...to here
audit-userspace-4.1.2/auparse/test/auparselol_test.c:224:8: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/auparse/test/auparselol_test.c:227:19: branch_false: ...to here
audit-userspace-4.1.2/auparse/test/auparselol_test.c:227:19: acquire_memory: allocated here
audit-userspace-4.1.2/auparse/test/auparselol_test.c:227:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/auparse/test/auparselol_test.c:235:10: branch_false: ...to here
audit-userspace-4.1.2/auparse/test/auparselol_test.c:237:5: danger: ‘fd’ leaks here; was allocated at [(9)](sarif:/runs/0/results/6/codeFlows/0/threadFlows/0/locations/8)
#  235|       au = auparse_init(AUSOURCE_FEED, NULL);
#  236|       *event_cnt = 1;
#  237|->     auparse_add_callback(au, auparse_callback, event_cnt, free);
#  238|       i = 0;
#  239|       while ((len = fread(buf, 1, sizeof(buf), fd))) {

Error: GCC_ANALYZER_WARNING (CWE-775): [#def134]
audit-userspace-4.1.2/auparse/test/auparselol_test.c:241:9: warning[-Wanalyzer-file-leak]: leak of FILE ‘fd’
audit-userspace-4.1.2/auparse/test/auparselol_test.c:203:9: branch_false: following ‘false’ branch (when ‘filename’ is NULL)...
audit-userspace-4.1.2/auparse/test/auparselol_test.c:210:8: branch_false: ...to here
audit-userspace-4.1.2/auparse/test/auparselol_test.c:210:8: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/auparse/test/auparselol_test.c:217:22: branch_false: ...to here
audit-userspace-4.1.2/auparse/test/auparselol_test.c:217:8: branch_false: following ‘false’ branch (when ‘event_cnt’ is non-NULL)...
audit-userspace-4.1.2/auparse/test/auparselol_test.c:224:8: branch_false: ...to here
audit-userspace-4.1.2/auparse/test/auparselol_test.c:224:8: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/auparse/test/auparselol_test.c:227:19: branch_false: ...to here
audit-userspace-4.1.2/auparse/test/auparselol_test.c:227:19: acquire_resource: opened here
audit-userspace-4.1.2/auparse/test/auparselol_test.c:227:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/auparse/test/auparselol_test.c:235:10: branch_false: ...to here
audit-userspace-4.1.2/auparse/test/auparselol_test.c:239:12: branch_true: following ‘true’ branch...
audit-userspace-4.1.2/auparse/test/auparselol_test.c:241:9: branch_true: ...to here
audit-userspace-4.1.2/auparse/test/auparselol_test.c:241:9: danger: ‘fd’ leaks here; was opened at [(9)](sarif:/runs/0/results/7/codeFlows/0/threadFlows/0/locations/8)
#  239|       while ((len = fread(buf, 1, sizeof(buf), fd))) {
#  240|   
#  241|->         auparse_feed(au, buf, len);
#  242|           i++;
#  243|       }

Error: GCC_ANALYZER_WARNING (CWE-401): [#def135]
audit-userspace-4.1.2/auparse/test/auparselol_test.c:241:9: warning[-Wanalyzer-malloc-leak]: leak of ‘fd’
audit-userspace-4.1.2/auparse/test/auparselol_test.c:203:9: branch_false: following ‘false’ branch (when ‘filename’ is NULL)...
audit-userspace-4.1.2/auparse/test/auparselol_test.c:210:8: branch_false: ...to here
audit-userspace-4.1.2/auparse/test/auparselol_test.c:210:8: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/auparse/test/auparselol_test.c:217:22: branch_false: ...to here
audit-userspace-4.1.2/auparse/test/auparselol_test.c:217:8: branch_false: following ‘false’ branch (when ‘event_cnt’ is non-NULL)...
audit-userspace-4.1.2/auparse/test/auparselol_test.c:224:8: branch_false: ...to here
audit-userspace-4.1.2/auparse/test/auparselol_test.c:224:8: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/auparse/test/auparselol_test.c:227:19: branch_false: ...to here
audit-userspace-4.1.2/auparse/test/auparselol_test.c:227:19: acquire_memory: allocated here
audit-userspace-4.1.2/auparse/test/auparselol_test.c:227:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/auparse/test/auparselol_test.c:235:10: branch_false: ...to here
audit-userspace-4.1.2/auparse/test/auparselol_test.c:239:12: branch_true: following ‘true’ branch...
audit-userspace-4.1.2/auparse/test/auparselol_test.c:241:9: branch_true: ...to here
audit-userspace-4.1.2/auparse/test/auparselol_test.c:241:9: danger: ‘fd’ leaks here; was allocated at [(9)](sarif:/runs/0/results/8/codeFlows/0/threadFlows/0/locations/8)
#  239|       while ((len = fread(buf, 1, sizeof(buf), fd))) {
#  240|   
#  241|->         auparse_feed(au, buf, len);
#  242|           i++;
#  243|       }

Error: GCC_ANALYZER_WARNING (CWE-775): [#def136]
audit-userspace-4.1.2/auparse/test/auparselol_test.c:244:5: warning[-Wanalyzer-file-leak]: leak of FILE ‘fd’
audit-userspace-4.1.2/auparse/test/auparselol_test.c:203:9: branch_false: following ‘false’ branch (when ‘filename’ is NULL)...
audit-userspace-4.1.2/auparse/test/auparselol_test.c:210:8: branch_false: ...to here
audit-userspace-4.1.2/auparse/test/auparselol_test.c:210:8: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/auparse/test/auparselol_test.c:217:22: branch_false: ...to here
audit-userspace-4.1.2/auparse/test/auparselol_test.c:217:8: branch_false: following ‘false’ branch (when ‘event_cnt’ is non-NULL)...
audit-userspace-4.1.2/auparse/test/auparselol_test.c:224:8: branch_false: ...to here
audit-userspace-4.1.2/auparse/test/auparselol_test.c:224:8: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/auparse/test/auparselol_test.c:227:19: branch_false: ...to here
audit-userspace-4.1.2/auparse/test/auparselol_test.c:227:19: acquire_resource: opened here
audit-userspace-4.1.2/auparse/test/auparselol_test.c:227:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/auparse/test/auparselol_test.c:235:10: branch_false: ...to here
audit-userspace-4.1.2/auparse/test/auparselol_test.c:239:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/auparse/test/auparselol_test.c:244:5: branch_false: ...to here
audit-userspace-4.1.2/auparse/test/auparselol_test.c:244:5: danger: ‘fd’ leaks here; was opened at [(9)](sarif:/runs/0/results/9/codeFlows/0/threadFlows/0/locations/8)
#  242|           i++;
#  243|       }
#  244|->     auparse_flush_feed(au);
#  245|       auparse_destroy(au);        /* this also free's event_cnt */
#  246|       if (!(flags & F_USESTDIN))

Error: GCC_ANALYZER_WARNING (CWE-401): [#def137]
audit-userspace-4.1.2/auparse/test/auparselol_test.c:244:5: warning[-Wanalyzer-malloc-leak]: leak of ‘fd’
audit-userspace-4.1.2/auparse/test/auparselol_test.c:203:9: branch_false: following ‘false’ branch (when ‘filename’ is NULL)...
audit-userspace-4.1.2/auparse/test/auparselol_test.c:210:8: branch_false: ...to here
audit-userspace-4.1.2/auparse/test/auparselol_test.c:210:8: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/auparse/test/auparselol_test.c:217:22: branch_false: ...to here
audit-userspace-4.1.2/auparse/test/auparselol_test.c:217:8: branch_false: following ‘false’ branch (when ‘event_cnt’ is non-NULL)...
audit-userspace-4.1.2/auparse/test/auparselol_test.c:224:8: branch_false: ...to here
audit-userspace-4.1.2/auparse/test/auparselol_test.c:224:8: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/auparse/test/auparselol_test.c:227:19: branch_false: ...to here
audit-userspace-4.1.2/auparse/test/auparselol_test.c:227:19: acquire_memory: allocated here
audit-userspace-4.1.2/auparse/test/auparselol_test.c:227:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/auparse/test/auparselol_test.c:235:10: branch_false: ...to here
audit-userspace-4.1.2/auparse/test/auparselol_test.c:239:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/auparse/test/auparselol_test.c:244:5: branch_false: ...to here
audit-userspace-4.1.2/auparse/test/auparselol_test.c:244:5: danger: ‘fd’ leaks here; was allocated at [(9)](sarif:/runs/0/results/10/codeFlows/0/threadFlows/0/locations/8)
#  242|           i++;
#  243|       }
#  244|->     auparse_flush_feed(au);
#  245|       auparse_destroy(au);        /* this also free's event_cnt */
#  246|       if (!(flags & F_USESTDIN))

Error: GCC_ANALYZER_WARNING (CWE-775): [#def138]
audit-userspace-4.1.2/auparse/test/auparselol_test.c:245:5: warning[-Wanalyzer-file-leak]: leak of FILE ‘fd’
audit-userspace-4.1.2/auparse/test/auparselol_test.c:203:9: branch_false: following ‘false’ branch (when ‘filename’ is NULL)...
audit-userspace-4.1.2/auparse/test/auparselol_test.c:210:8: branch_false: ...to here
audit-userspace-4.1.2/auparse/test/auparselol_test.c:210:8: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/auparse/test/auparselol_test.c:217:22: branch_false: ...to here
audit-userspace-4.1.2/auparse/test/auparselol_test.c:217:8: branch_false: following ‘false’ branch (when ‘event_cnt’ is non-NULL)...
audit-userspace-4.1.2/auparse/test/auparselol_test.c:224:8: branch_false: ...to here
audit-userspace-4.1.2/auparse/test/auparselol_test.c:224:8: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/auparse/test/auparselol_test.c:227:19: branch_false: ...to here
audit-userspace-4.1.2/auparse/test/auparselol_test.c:227:19: acquire_resource: opened here
audit-userspace-4.1.2/auparse/test/auparselol_test.c:227:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/auparse/test/auparselol_test.c:235:10: branch_false: ...to here
audit-userspace-4.1.2/auparse/test/auparselol_test.c:245:5: danger: ‘fd’ leaks here; was opened at [(9)](sarif:/runs/0/results/11/codeFlows/0/threadFlows/0/locations/8)
#  243|       }
#  244|       auparse_flush_feed(au);
#  245|->     auparse_destroy(au);        /* this also free's event_cnt */
#  246|       if (!(flags & F_USESTDIN))
#  247|           fclose(fd);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def139]
audit-userspace-4.1.2/auparse/test/auparselol_test.c:245:5: warning[-Wanalyzer-malloc-leak]: leak of ‘fd’
audit-userspace-4.1.2/auparse/test/auparselol_test.c:203:9: branch_false: following ‘false’ branch (when ‘filename’ is NULL)...
audit-userspace-4.1.2/auparse/test/auparselol_test.c:210:8: branch_false: ...to here
audit-userspace-4.1.2/auparse/test/auparselol_test.c:210:8: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/auparse/test/auparselol_test.c:217:22: branch_false: ...to here
audit-userspace-4.1.2/auparse/test/auparselol_test.c:217:8: branch_false: following ‘false’ branch (when ‘event_cnt’ is non-NULL)...
audit-userspace-4.1.2/auparse/test/auparselol_test.c:224:8: branch_false: ...to here
audit-userspace-4.1.2/auparse/test/auparselol_test.c:224:8: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/auparse/test/auparselol_test.c:227:19: branch_false: ...to here
audit-userspace-4.1.2/auparse/test/auparselol_test.c:227:19: acquire_memory: allocated here
audit-userspace-4.1.2/auparse/test/auparselol_test.c:227:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/auparse/test/auparselol_test.c:235:10: branch_false: ...to here
audit-userspace-4.1.2/auparse/test/auparselol_test.c:245:5: danger: ‘fd’ leaks here; was allocated at [(9)](sarif:/runs/0/results/12/codeFlows/0/threadFlows/0/locations/8)
#  243|       }
#  244|       auparse_flush_feed(au);
#  245|->     auparse_destroy(au);        /* this also free's event_cnt */
#  246|       if (!(flags & F_USESTDIN))
#  247|           fclose(fd);

Error: GCC_ANALYZER_WARNING (CWE-476): [#def140]
audit-userspace-4.1.2/auparse/test/databuf_test.c:17:9: warning[-Wanalyzer-null-dereference]: dereference of NULL ‘0’
audit-userspace-4.1.2/auparse/test/databuf_test.c:7:13: enter_function: entry to ‘test_basic’
audit-userspace-4.1.2/auparse/test/databuf_test.c:14:9: branch_true: following ‘true’ branch...
audit-userspace-4.1.2/auparse/test/databuf_test.c:15:9: branch_true: ...to here
audit-userspace-4.1.2/auparse/test/databuf_test.c:15:9: branch_true: following ‘true’ branch...
audit-userspace-4.1.2/auparse/test/databuf_test.c:16:9: branch_true: ...to here
audit-userspace-4.1.2/auparse/test/databuf_test.c:16:9: branch_true: following ‘true’ branch...
audit-userspace-4.1.2/auparse/test/databuf_test.c:17:9: branch_false: ...to here
audit-userspace-4.1.2/auparse/test/databuf_test.c:17:9: danger: dereference of NULL ‘<unknown>’
#   15|   	assert(databuf_append(&db, data1, sizeof(data1) - 1) == 1);
#   16|   	assert(db.len == 4 && db.offset == 0);
#   17|-> 	assert(memcmp(databuf_beg(&db), "abcd", 4) == 0);
#   18|   
#   19|   	assert(databuf_append(&db, data2, sizeof(data2) - 1) == 1);

Error: GCC_ANALYZER_WARNING (CWE-688): [#def141]
audit-userspace-4.1.2/auparse/test/databuf_test.c:21:9: warning[-Wanalyzer-null-argument]: use of NULL where non-null expected
audit-userspace-4.1.2/auparse/test/databuf_test.c:7:13: enter_function: entry to ‘test_basic’
audit-userspace-4.1.2/auparse/test/databuf_test.c:14:9: branch_true: following ‘true’ branch...
audit-userspace-4.1.2/auparse/test/databuf_test.c:15:9: branch_true: ...to here
audit-userspace-4.1.2/auparse/test/databuf_test.c:15:9: branch_true: following ‘true’ branch...
audit-userspace-4.1.2/auparse/test/databuf_test.c:16:9: branch_true: ...to here
audit-userspace-4.1.2/auparse/test/databuf_test.c:16:9: branch_true: following ‘true’ branch...
audit-userspace-4.1.2/auparse/test/databuf_test.c:17:9: branch_true: following ‘true’ branch...
audit-userspace-4.1.2/auparse/test/databuf_test.c:19:9: branch_true: ...to here
audit-userspace-4.1.2/auparse/test/databuf_test.c:19:9: branch_true: following ‘true’ branch...
audit-userspace-4.1.2/auparse/test/databuf_test.c:20:9: branch_true: ...to here
audit-userspace-4.1.2/auparse/test/databuf_test.c:20:9: branch_true: following ‘true’ branch...
audit-userspace-4.1.2/auparse/test/databuf_test.c:21:9: branch_false: ...to here
audit-userspace-4.1.2/auparse/test/databuf_test.c:21:9: danger: argument 1 (‘<unknown>’) NULL where non-null expected
#   19|   	assert(databuf_append(&db, data2, sizeof(data2) - 1) == 1);
#   20|   	assert(db.len == 6 && db.offset == 0);
#   21|-> 	assert(memcmp(databuf_beg(&db), "abcdef", 6) == 0);
#   22|   
#   23|   	assert(databuf_advance(&db, 3) == 1);

Error: GCC_ANALYZER_WARNING (CWE-688): [#def142]
audit-userspace-4.1.2/auparse/test/databuf_test.c:25:9: warning[-Wanalyzer-null-argument]: use of NULL where non-null expected
audit-userspace-4.1.2/auparse/test/databuf_test.c:7:13: enter_function: entry to ‘test_basic’
audit-userspace-4.1.2/auparse/test/databuf_test.c:14:9: branch_true: following ‘true’ branch...
audit-userspace-4.1.2/auparse/test/databuf_test.c:15:9: branch_true: ...to here
audit-userspace-4.1.2/auparse/test/databuf_test.c:15:9: branch_true: following ‘true’ branch...
audit-userspace-4.1.2/auparse/test/databuf_test.c:16:9: branch_true: ...to here
audit-userspace-4.1.2/auparse/test/databuf_test.c:16:9: branch_true: following ‘true’ branch...
audit-userspace-4.1.2/auparse/test/databuf_test.c:17:9: branch_true: following ‘true’ branch...
audit-userspace-4.1.2/auparse/test/databuf_test.c:19:9: branch_true: ...to here
audit-userspace-4.1.2/auparse/test/databuf_test.c:19:9: branch_true: following ‘true’ branch...
audit-userspace-4.1.2/auparse/test/databuf_test.c:20:9: branch_true: ...to here
audit-userspace-4.1.2/auparse/test/databuf_test.c:20:9: branch_true: following ‘true’ branch...
audit-userspace-4.1.2/auparse/test/databuf_test.c:21:9: branch_true: following ‘true’ branch...
audit-userspace-4.1.2/auparse/test/databuf_test.c:23:9: branch_true: ...to here
audit-userspace-4.1.2/auparse/test/databuf_test.c:23:9: branch_true: following ‘true’ branch...
audit-userspace-4.1.2/auparse/test/databuf_test.c:24:9: branch_true: ...to here
audit-userspace-4.1.2/auparse/test/databuf_test.c:24:9: branch_true: following ‘true’ branch...
audit-userspace-4.1.2/auparse/test/databuf_test.c:25:9: branch_false: ...to here
audit-userspace-4.1.2/auparse/test/databuf_test.c:25:9: danger: argument 1 (‘<unknown>’) NULL where non-null expected
#   23|   	assert(databuf_advance(&db, 3) == 1);
#   24|   	assert(db.offset == 3 && db.len == 3);
#   25|-> 	assert(memcmp(databuf_beg(&db), "def", 3) == 0);
#   26|   
#   27|   	assert(databuf_append(&db, data3, sizeof(data3) - 1) == 1);

Error: GCC_ANALYZER_WARNING (CWE-688): [#def143]
audit-userspace-4.1.2/auparse/test/databuf_test.c:29:9: warning[-Wanalyzer-null-argument]: use of NULL where non-null expected
audit-userspace-4.1.2/auparse/test/databuf_test.c:7:13: enter_function: entry to ‘test_basic’
audit-userspace-4.1.2/auparse/test/databuf_test.c:14:9: branch_true: following ‘true’ branch...
audit-userspace-4.1.2/auparse/test/databuf_test.c:15:9: branch_true: ...to here
audit-userspace-4.1.2/auparse/test/databuf_test.c:15:9: branch_true: following ‘true’ branch...
audit-userspace-4.1.2/auparse/test/databuf_test.c:16:9: branch_true: ...to here
audit-userspace-4.1.2/auparse/test/databuf_test.c:16:9: branch_true: following ‘true’ branch...
audit-userspace-4.1.2/auparse/test/databuf_test.c:17:9: branch_true: following ‘true’ branch...
audit-userspace-4.1.2/auparse/test/databuf_test.c:19:9: branch_true: ...to here
audit-userspace-4.1.2/auparse/test/databuf_test.c:19:9: branch_true: following ‘true’ branch...
audit-userspace-4.1.2/auparse/test/databuf_test.c:20:9: branch_true: ...to here
audit-userspace-4.1.2/auparse/test/databuf_test.c:20:9: branch_true: following ‘true’ branch...
audit-userspace-4.1.2/auparse/test/databuf_test.c:21:9: branch_true: following ‘true’ branch...
audit-userspace-4.1.2/auparse/test/databuf_test.c:23:9: branch_true: ...to here
audit-userspace-4.1.2/auparse/test/databuf_test.c:23:9: branch_true: following ‘true’ branch...
audit-userspace-4.1.2/auparse/test/databuf_test.c:24:9: branch_true: ...to here
audit-userspace-4.1.2/auparse/test/databuf_test.c:24:9: branch_true: following ‘true’ branch...
audit-userspace-4.1.2/auparse/test/databuf_test.c:25:9: branch_true: following ‘true’ branch...
audit-userspace-4.1.2/auparse/test/databuf_test.c:27:9: branch_true: ...to here
audit-userspace-4.1.2/auparse/test/databuf_test.c:27:9: branch_true: following ‘true’ branch...
audit-userspace-4.1.2/auparse/test/databuf_test.c:28:9: branch_true: ...to here
audit-userspace-4.1.2/auparse/test/databuf_test.c:28:9: branch_true: following ‘true’ branch...
audit-userspace-4.1.2/auparse/test/databuf_test.c:29:9: branch_false: ...to here
audit-userspace-4.1.2/auparse/test/databuf_test.c:29:9: danger: argument 1 (‘<unknown>’) NULL where non-null expected
#   27|   	assert(databuf_append(&db, data3, sizeof(data3) - 1) == 1);
#   28|   	assert(db.offset == 0 && db.len == 7);
#   29|-> 	assert(memcmp(databuf_beg(&db), "defghij", 7) == 0);
#   30|   
#   31|   	databuf_free(&db);

Error: GCC_ANALYZER_WARNING (CWE-688): [#def144]
audit-userspace-4.1.2/auparse/test/databuf_test.c:49:9: warning[-Wanalyzer-null-argument]: use of NULL where non-null expected
audit-userspace-4.1.2/auparse/test/databuf_test.c:34:13: enter_function: entry to ‘test_preserve’
audit-userspace-4.1.2/auparse/test/databuf_test.c:41:9: branch_true: following ‘true’ branch...
audit-userspace-4.1.2/auparse/test/databuf_test.c:42:9: branch_true: ...to here
audit-userspace-4.1.2/auparse/test/databuf_test.c:42:9: branch_true: following ‘true’ branch...
audit-userspace-4.1.2/auparse/test/databuf_test.c:43:9: branch_true: ...to here
audit-userspace-4.1.2/auparse/test/databuf_test.c:43:9: branch_true: following ‘true’ branch...
audit-userspace-4.1.2/auparse/test/databuf_test.c:44:9: branch_true: ...to here
audit-userspace-4.1.2/auparse/test/databuf_test.c:44:9: branch_true: following ‘true’ branch...
audit-userspace-4.1.2/auparse/test/databuf_test.c:45:9: branch_true: ...to here
audit-userspace-4.1.2/auparse/test/databuf_test.c:45:9: branch_true: following ‘true’ branch...
audit-userspace-4.1.2/auparse/test/databuf_test.c:47:9: branch_true: following ‘true’ branch...
audit-userspace-4.1.2/auparse/test/databuf_test.c:48:9: branch_true: ...to here
audit-userspace-4.1.2/auparse/test/databuf_test.c:48:9: branch_true: following ‘true’ branch...
audit-userspace-4.1.2/auparse/test/databuf_test.c:49:9: branch_false: ...to here
audit-userspace-4.1.2/auparse/test/databuf_test.c:49:9: danger: argument 1 (‘<unknown>’) NULL where non-null expected
#   47|   	assert(databuf_reset(&db) == 1);
#   48|   	assert(db.offset == 0 && db.len == 6);
#   49|-> 	assert(memcmp(databuf_beg(&db), "abcdef", 6) == 0);
#   50|   
#   51|   	assert(databuf_replace(&db, "xy", 2) == 1);

Error: GCC_ANALYZER_WARNING (CWE-476): [#def145]
audit-userspace-4.1.2/auparse/test/databuf_test.c:58:9: warning[-Wanalyzer-null-dereference]: dereference of NULL ‘0’
audit-userspace-4.1.2/auparse/test/databuf_test.c:34:13: enter_function: entry to ‘test_preserve’
audit-userspace-4.1.2/auparse/test/databuf_test.c:41:9: branch_true: following ‘true’ branch...
audit-userspace-4.1.2/auparse/test/databuf_test.c:42:9: branch_true: ...to here
audit-userspace-4.1.2/auparse/test/databuf_test.c:42:9: branch_true: following ‘true’ branch...
audit-userspace-4.1.2/auparse/test/databuf_test.c:43:9: branch_true: ...to here
audit-userspace-4.1.2/auparse/test/databuf_test.c:43:9: branch_true: following ‘true’ branch...
audit-userspace-4.1.2/auparse/test/databuf_test.c:44:9: branch_true: ...to here
audit-userspace-4.1.2/auparse/test/databuf_test.c:44:9: branch_true: following ‘true’ branch...
audit-userspace-4.1.2/auparse/test/databuf_test.c:45:9: branch_true: ...to here
audit-userspace-4.1.2/auparse/test/databuf_test.c:45:9: branch_true: following ‘true’ branch...
audit-userspace-4.1.2/auparse/test/databuf_test.c:47:9: branch_true: following ‘true’ branch...
audit-userspace-4.1.2/auparse/test/databuf_test.c:48:9: branch_true: ...to here
audit-userspace-4.1.2/auparse/test/databuf_test.c:48:9: branch_true: following ‘true’ branch...
audit-userspace-4.1.2/auparse/test/databuf_test.c:49:9: branch_true: following ‘true’ branch...
audit-userspace-4.1.2/auparse/test/databuf_test.c:51:9: branch_true: ...to here
audit-userspace-4.1.2/auparse/test/databuf_test.c:51:9: branch_true: following ‘true’ branch...
audit-userspace-4.1.2/auparse/test/databuf_test.c:52:9: branch_true: ...to here
audit-userspace-4.1.2/auparse/test/databuf_test.c:52:9: branch_true: following ‘true’ branch...
audit-userspace-4.1.2/auparse/test/databuf_test.c:53:9: branch_true: ...to here
audit-userspace-4.1.2/auparse/test/databuf_test.c:53:9: branch_true: following ‘true’ branch...
audit-userspace-4.1.2/auparse/test/databuf_test.c:54:9: branch_true: ...to here
audit-userspace-4.1.2/auparse/test/databuf_test.c:54:9: branch_true: following ‘true’ branch...
audit-userspace-4.1.2/auparse/test/databuf_test.c:56:9: branch_true: following ‘true’ branch...
audit-userspace-4.1.2/auparse/test/databuf_test.c:57:9: branch_true: ...to here
audit-userspace-4.1.2/auparse/test/databuf_test.c:57:9: branch_true: following ‘true’ branch...
audit-userspace-4.1.2/auparse/test/databuf_test.c:58:9: branch_false: ...to here
audit-userspace-4.1.2/auparse/test/databuf_test.c:58:9: danger: dereference of NULL ‘<unknown>’
#   56|   	assert(databuf_reset(&db) == 1);
#   57|   	assert(db.offset == 0 && db.len == 8);
#   58|-> 	assert(memcmp(databuf_beg(&db), "xy012345", 8) == 0);
#   59|   
#   60|   	databuf_free(&db);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def146]
audit-userspace-4.1.2/auplugin/auplugin.c:139:41: warning[-Wanalyzer-malloc-leak]: leak of 'e'
audit-userspace-4.1.2/auplugin/auplugin.c:109:17: branch_true: following 'true' branch (when '__i != 16')...
audit-userspace-4.1.2/auplugin/auplugin.c:109:17: branch_true: ...to here
audit-userspace-4.1.2/auplugin/auplugin.c:128:28: branch_true: following 'true' branch...
audit-userspace-4.1.2/auplugin/auplugin.c:131:57: branch_true: ...to here
audit-userspace-4.1.2/auplugin/auplugin.c:131:57: acquire_memory: allocated here
audit-userspace-4.1.2/auplugin/auplugin.c:139:41: danger: 'e' leaks here; was allocated at [(5)](sarif:/runs/0/results/0/codeFlows/0/threadFlows/0/locations/4)
#  137|   					e->hdr.size = len;
#  138|   					e->hdr.ver = AUDISP_PROTOCOL_VER2;
#  139|-> 					enqueue(e, &q_config);
#  140|   				}
#  141|   			} else if (len < 0) {

Error: GCC_ANALYZER_WARNING (CWE-401): [#def147]
audit-userspace-4.1.2/auplugin/auplugin.c:202:9: warning[-Wanalyzer-malloc-leak]: leak of 'auparse_init(7, 0)'
audit-userspace-4.1.2/auplugin/auplugin.c:194:12: branch_false: following 'false' branch (when 'callback' is non-NULL)...
audit-userspace-4.1.2/auplugin/auplugin.c:197:31: branch_false: ...to here
audit-userspace-4.1.2/auplugin/auplugin.c:197:31: acquire_memory: allocated here
audit-userspace-4.1.2/auplugin/auplugin.c:198:12: branch_false: following 'false' branch...
audit-userspace-4.1.2/auplugin/auplugin.c:202:9: branch_false: ...to here
audit-userspace-4.1.2/auplugin/auplugin.c:202:9: danger: 'auparse_init(7, 0)' leaks here; was allocated at [(3)](sarif:/runs/0/results/1/codeFlows/0/threadFlows/0/locations/2)
#  200|                   return -1;
#  201|           }
#  202|->         auparse_set_eoe_timeout(2);
#  203|           auparse_add_callback(au, callback, NULL, NULL);
#  204|   	timer_interval = t_interval;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def148]
audit-userspace-4.1.2/auplugin/auplugin.c:203:9: warning[-Wanalyzer-malloc-leak]: leak of 'auparse_init(7, 0)'
audit-userspace-4.1.2/auplugin/auplugin.c:194:12: branch_false: following 'false' branch (when 'callback' is non-NULL)...
audit-userspace-4.1.2/auplugin/auplugin.c:197:31: branch_false: ...to here
audit-userspace-4.1.2/auplugin/auplugin.c:197:31: acquire_memory: allocated here
audit-userspace-4.1.2/auplugin/auplugin.c:198:12: branch_false: following 'false' branch...
audit-userspace-4.1.2/auplugin/auplugin.c:202:9: branch_false: ...to here
audit-userspace-4.1.2/auplugin/auplugin.c:203:9: danger: 'auparse_init(7, 0)' leaks here; was allocated at [(3)](sarif:/runs/0/results/2/codeFlows/0/threadFlows/0/locations/2)
#  201|           }
#  202|           auparse_set_eoe_timeout(2);
#  203|->         auparse_add_callback(au, callback, NULL, NULL);
#  204|   	timer_interval = t_interval;
#  205|   	timer_cb = t_cb;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def149]
audit-userspace-4.1.2/bindings/python/auparse_python.c:339:97: warning[-Wanalyzer-malloc-leak]: leak of 'fp'
audit-userspace-4.1.2/bindings/python/auparse_python.c:328:1: enter_function: entry to 'AuParser_init'
audit-userspace-4.1.2/bindings/python/auparse_python.c:339:8: branch_false: following 'false' branch...
audit-userspace-4.1.2/bindings/python/auparse_python.c:341:5: branch_false: ...to here
audit-userspace-4.1.2/bindings/python/auparse_python.c:458:12: branch_false: following 'false' branch...
audit-userspace-4.1.2/bindings/python/auparse_python.c:462:19: branch_false: ...to here
audit-userspace-4.1.2/bindings/python/auparse_python.c:462:19: acquire_memory: allocated here
audit-userspace-4.1.2/bindings/python/auparse_python.c:462:12: branch_false: following 'false' branch (when 'fp' is non-NULL)...
audit-userspace-4.1.2/bindings/python/auparse_python.c:474:30: branch_false: ...to here
audit-userspace-4.1.2/bindings/python/auparse_python.c:477:9: call_function: calling 'Py_XDECREF' from 'AuParser_init'
audit-userspace-4.1.2/bindings/python/auparse_python.c:477:9: return_function: returning to 'AuParser_init' from 'Py_XDECREF'
audit-userspace-4.1.2/bindings/python/auparse_python.c:479:12: branch_false: following 'false' branch...
audit-userspace-4.1.2/bindings/python/auparse_python.c:503:9: branch_false: ...to here
audit-userspace-4.1.2/bindings/python/auparse_python.c:339:97: danger: 'fp' leaks here; was allocated at [(8)](sarif:/runs/0/results/1/codeFlows/0/threadFlows/0/locations/7)
#  337|       }
#  338|   
#  339|->     if (! PyArg_ParseTupleAndKeywords(args, kwds, "|iO", kwlist, &source_type, &source)) return -1; 
#  340|   
#  341|       switch (source_type) {

Error: GCC_ANALYZER_WARNING (CWE-401): [#def150]
audit-userspace-4.1.2/bindings/python/auparse_python.c:474:30: warning[-Wanalyzer-malloc-leak]: leak of 'fp'
audit-userspace-4.1.2/bindings/python/auparse_python.c:339:8: branch_false: following 'false' branch...
audit-userspace-4.1.2/bindings/python/auparse_python.c:341:5: branch_false: ...to here
audit-userspace-4.1.2/bindings/python/auparse_python.c:458:12: branch_false: following 'false' branch...
audit-userspace-4.1.2/bindings/python/auparse_python.c:462:19: branch_false: ...to here
audit-userspace-4.1.2/bindings/python/auparse_python.c:462:19: acquire_memory: allocated here
audit-userspace-4.1.2/bindings/python/auparse_python.c:462:12: branch_false: following 'false' branch (when 'fp' is non-NULL)...
audit-userspace-4.1.2/bindings/python/auparse_python.c:474:30: branch_false: ...to here
audit-userspace-4.1.2/bindings/python/auparse_python.c:474:30: danger: 'fp' leaks here; was allocated at [(7)](sarif:/runs/0/results/2/codeFlows/0/threadFlows/0/locations/6)
#  472|   #else
#  473|           /* In Python 3 obtain the name attribute if possible */
#  474|->         PyObject *name_obj = PyObject_GetAttrString(source, "name");
#  475|           if (name_obj && PYSTR_CHECK(name_obj))
#  476|               filename = PYSTR_ASSTRING(name_obj);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def151]
audit-userspace-4.1.2/bindings/python/auparse_python.c:476:24: warning[-Wanalyzer-malloc-leak]: leak of 'fp'
audit-userspace-4.1.2/bindings/python/auparse_python.c:328:1: enter_function: entry to 'AuParser_init'
audit-userspace-4.1.2/bindings/python/auparse_python.c:339:8: branch_false: following 'false' branch...
audit-userspace-4.1.2/bindings/python/auparse_python.c:341:5: branch_false: ...to here
audit-userspace-4.1.2/bindings/python/auparse_python.c:458:12: branch_false: following 'false' branch...
audit-userspace-4.1.2/bindings/python/auparse_python.c:462:19: branch_false: ...to here
audit-userspace-4.1.2/bindings/python/auparse_python.c:462:19: acquire_memory: allocated here
audit-userspace-4.1.2/bindings/python/auparse_python.c:462:12: branch_false: following 'false' branch (when 'fp' is non-NULL)...
audit-userspace-4.1.2/bindings/python/auparse_python.c:474:30: branch_false: ...to here
audit-userspace-4.1.2/bindings/python/auparse_python.c:475:12: branch_true: following 'true' branch...
audit-userspace-4.1.2/bindings/python/auparse_python.c:475:25: call_function: inlined call to '_Py_TYPE' from 'AuParser_init'
audit-userspace-4.1.2/bindings/python/auparse_python.c:475:13: branch_true: following 'true' branch...
audit-userspace-4.1.2/bindings/python/auparse_python.c:476:24: branch_true: ...to here
audit-userspace-4.1.2/bindings/python/auparse_python.c:476:24: danger: 'fp' leaks here; was allocated at [(8)](sarif:/runs/0/results/3/codeFlows/0/threadFlows/0/locations/7)
#  474|           PyObject *name_obj = PyObject_GetAttrString(source, "name");
#  475|           if (name_obj && PYSTR_CHECK(name_obj))
#  476|->             filename = PYSTR_ASSTRING(name_obj);
#  477|   	Py_XDECREF(name_obj);
#  478|   #endif

Error: GCC_ANALYZER_WARNING (CWE-401): [#def152]
audit-userspace-4.1.2/bindings/python/auparse_python.c:479:25: warning[-Wanalyzer-malloc-leak]: leak of 'fp'
audit-userspace-4.1.2/bindings/python/auparse_python.c:328:1: enter_function: entry to 'AuParser_init'
audit-userspace-4.1.2/bindings/python/auparse_python.c:339:8: branch_false: following 'false' branch...
audit-userspace-4.1.2/bindings/python/auparse_python.c:341:5: branch_false: ...to here
audit-userspace-4.1.2/bindings/python/auparse_python.c:458:12: branch_false: following 'false' branch...
audit-userspace-4.1.2/bindings/python/auparse_python.c:462:19: branch_false: ...to here
audit-userspace-4.1.2/bindings/python/auparse_python.c:462:19: acquire_memory: allocated here
audit-userspace-4.1.2/bindings/python/auparse_python.c:462:12: branch_false: following 'false' branch (when 'fp' is non-NULL)...
audit-userspace-4.1.2/bindings/python/auparse_python.c:474:30: branch_false: ...to here
audit-userspace-4.1.2/bindings/python/auparse_python.c:477:9: call_function: calling 'Py_XDECREF' from 'AuParser_init'
audit-userspace-4.1.2/bindings/python/auparse_python.c:477:9: return_function: returning to 'AuParser_init' from 'Py_XDECREF'
audit-userspace-4.1.2/bindings/python/auparse_python.c:479:25: danger: 'fp' leaks here; was allocated at [(8)](sarif:/runs/0/results/4/codeFlows/0/threadFlows/0/locations/7)
#  477|   	Py_XDECREF(name_obj);
#  478|   #endif
#  479|->         if ((self->au = auparse_init(source_type, fp)) == NULL) {
#  480|               if (filename)
#  481|                   PyErr_SetFromErrnoWithFilename(PyExc_IOError, filename);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def153]
audit-userspace-4.1.2/bindings/python/auparse_python.c:481:17: warning[-Wanalyzer-malloc-leak]: leak of 'fp'
audit-userspace-4.1.2/bindings/python/auparse_python.c:328:1: enter_function: entry to 'AuParser_init'
audit-userspace-4.1.2/bindings/python/auparse_python.c:339:8: branch_false: following 'false' branch...
audit-userspace-4.1.2/bindings/python/auparse_python.c:341:5: branch_false: ...to here
audit-userspace-4.1.2/bindings/python/auparse_python.c:458:12: branch_false: following 'false' branch...
audit-userspace-4.1.2/bindings/python/auparse_python.c:462:19: branch_false: ...to here
audit-userspace-4.1.2/bindings/python/auparse_python.c:462:19: acquire_memory: allocated here
audit-userspace-4.1.2/bindings/python/auparse_python.c:462:12: branch_false: following 'false' branch (when 'fp' is non-NULL)...
audit-userspace-4.1.2/bindings/python/auparse_python.c:474:30: branch_false: ...to here
audit-userspace-4.1.2/bindings/python/auparse_python.c:475:12: branch_true: following 'true' branch...
audit-userspace-4.1.2/bindings/python/auparse_python.c:475:25: call_function: inlined call to '_Py_TYPE' from 'AuParser_init'
audit-userspace-4.1.2/bindings/python/auparse_python.c:475:13: branch_true: following 'true' branch...
audit-userspace-4.1.2/bindings/python/auparse_python.c:476:24: branch_true: ...to here
audit-userspace-4.1.2/bindings/python/auparse_python.c:477:9: call_function: calling 'Py_XDECREF' from 'AuParser_init'
audit-userspace-4.1.2/bindings/python/auparse_python.c:477:9: return_function: returning to 'AuParser_init' from 'Py_XDECREF'
audit-userspace-4.1.2/bindings/python/auparse_python.c:479:12: branch_true: following 'true' branch...
audit-userspace-4.1.2/bindings/python/auparse_python.c:480:16: branch_true: ...to here
audit-userspace-4.1.2/bindings/python/auparse_python.c:480:16: branch_true: following 'true' branch (when 'filename' is non-NULL)...
audit-userspace-4.1.2/bindings/python/auparse_python.c:481:17: branch_true: ...to here
audit-userspace-4.1.2/bindings/python/auparse_python.c:481:17: danger: 'fp' leaks here; was allocated at [(8)](sarif:/runs/0/results/5/codeFlows/0/threadFlows/0/locations/7)
#  479|           if ((self->au = auparse_init(source_type, fp)) == NULL) {
#  480|               if (filename)
#  481|->                 PyErr_SetFromErrnoWithFilename(PyExc_IOError, filename);
#  482|               else
#  483|                   PyErr_SetFromErrno(PyExc_IOError);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def154]
audit-userspace-4.1.2/bindings/python/auparse_python.c:483:17: warning[-Wanalyzer-malloc-leak]: leak of 'fp'
audit-userspace-4.1.2/bindings/python/auparse_python.c:328:1: enter_function: entry to 'AuParser_init'
audit-userspace-4.1.2/bindings/python/auparse_python.c:339:8: branch_false: following 'false' branch...
audit-userspace-4.1.2/bindings/python/auparse_python.c:341:5: branch_false: ...to here
audit-userspace-4.1.2/bindings/python/auparse_python.c:458:12: branch_false: following 'false' branch...
audit-userspace-4.1.2/bindings/python/auparse_python.c:462:19: branch_false: ...to here
audit-userspace-4.1.2/bindings/python/auparse_python.c:462:19: acquire_memory: allocated here
audit-userspace-4.1.2/bindings/python/auparse_python.c:462:12: branch_false: following 'false' branch (when 'fp' is non-NULL)...
audit-userspace-4.1.2/bindings/python/auparse_python.c:474:30: branch_false: ...to here
audit-userspace-4.1.2/bindings/python/auparse_python.c:477:9: call_function: calling 'Py_XDECREF' from 'AuParser_init'
audit-userspace-4.1.2/bindings/python/auparse_python.c:477:9: return_function: returning to 'AuParser_init' from 'Py_XDECREF'
audit-userspace-4.1.2/bindings/python/auparse_python.c:479:12: branch_true: following 'true' branch...
audit-userspace-4.1.2/bindings/python/auparse_python.c:480:16: branch_true: ...to here
audit-userspace-4.1.2/bindings/python/auparse_python.c:480:16: branch_false: following 'false' branch (when 'filename' is NULL)...
audit-userspace-4.1.2/bindings/python/auparse_python.c:483:17: branch_false: ...to here
audit-userspace-4.1.2/bindings/python/auparse_python.c:483:17: danger: 'fp' leaks here; was allocated at [(8)](sarif:/runs/0/results/6/codeFlows/0/threadFlows/0/locations/7)
#  481|                   PyErr_SetFromErrnoWithFilename(PyExc_IOError, filename);
#  482|               else
#  483|->                 PyErr_SetFromErrno(PyExc_IOError);
#  484|               return -1;
#  485|           }

Error: GCC_ANALYZER_WARNING (CWE-401): [#def155]
audit-userspace-4.1.2/bindings/python/auparse_python.c:779:21: warning[-Wanalyzer-malloc-leak]: leak of 'auparse_metrics(*self.au)'
audit-userspace-4.1.2/bindings/python/auparse_python.c:773:5: branch_false: following 'false' branch...
audit-userspace-4.1.2/bindings/python/auparse_python.c:774:13: branch_false: ...to here
audit-userspace-4.1.2/bindings/python/auparse_python.c:774:13: acquire_memory: allocated here
audit-userspace-4.1.2/bindings/python/auparse_python.c:775:8: branch_false: following 'false' branch...
audit-userspace-4.1.2/bindings/python/auparse_python.c:779:21: branch_false: ...to here
audit-userspace-4.1.2/bindings/python/auparse_python.c:779:21: danger: 'auparse_metrics(*self.au)' leaks here; was allocated at [(3)](sarif:/runs/0/results/7/codeFlows/0/threadFlows/0/locations/2)
#  777|           return NULL;
#  778|       }
#  779|->     PyObject *obj = Py_BuildValue("s", value);
#  780|       free(value);
#  781|       return obj;

Error: GCC_ANALYZER_WARNING (CWE-476): [#def156]
audit-userspace-4.1.2/bindings/swig/python3/audit_wrap.c:724:9: warning[-Wanalyzer-null-dereference]: dereference of NULL 'iter'
audit-userspace-4.1.2/bindings/swig/python3/audit_wrap.c:6369:22: enter_function: entry to '_wrap_audit_msg_type_to_name'
audit-userspace-4.1.2/bindings/swig/python3/audit_wrap.c:6378:6: branch_false: following 'false' branch (when 'args' is non-NULL)...
audit-userspace-4.1.2/bindings/swig/python3/audit_wrap.c:6380:12: branch_false: ...to here
audit-userspace-4.1.2/bindings/swig/python3/audit_wrap.c:6380:12: call_function: calling 'SWIG_AsVal_int' from '_wrap_audit_msg_type_to_name'
audit-userspace-4.1.2/bindings/swig/python3/audit_wrap.c:6380:12: return_function: returning to '_wrap_audit_msg_type_to_name' from 'SWIG_AsVal_int'
audit-userspace-4.1.2/bindings/swig/python3/audit_wrap.c:6381:6: branch_false: following 'false' branch...
audit-userspace-4.1.2/bindings/swig/python3/audit_wrap.c:6384:3: branch_false: ...to here
audit-userspace-4.1.2/bindings/swig/python3/audit_wrap.c:6386:15: call_function: calling 'SWIG_FromCharPtr' from '_wrap_audit_msg_type_to_name'
#  722|     swig_module_info *iter = start;
#  723|     do {
#  724|->     if (iter->size) {
#  725|         size_t l = 0;
#  726|         size_t r = iter->size - 1;

Error: CPPCHECK_WARNING (CWE-457): [#def157]
audit-userspace-4.1.2/bindings/swig/python3/audit_wrap.c:872: warning[uninitvar]: Uninitialized variable: buff
#  870|       *r = 0;
#  871|     }
#  872|->   return buff;
#  873|   }
#  874|   

Error: GCC_ANALYZER_WARNING (CWE-401): [#def158]
audit-userspace-4.1.2/bindings/swig/python3/audit_wrap.c:1452:39: warning[-Wanalyzer-malloc-leak]: leak of 'result'
audit-userspace-4.1.2/bindings/swig/python3/audit_wrap.c:4784:22: enter_function: entry to '_wrap_new_audit_features'
audit-userspace-4.1.2/bindings/swig/python3/audit_wrap.c:4789:8: call_function: calling 'SWIG_Python_UnpackTuple' from '_wrap_new_audit_features'
audit-userspace-4.1.2/bindings/swig/python3/audit_wrap.c:4789:8: return_function: returning to '_wrap_new_audit_features' from 'SWIG_Python_UnpackTuple'
audit-userspace-4.1.2/bindings/swig/python3/audit_wrap.c:4789:6: branch_false: following 'false' branch...
audit-userspace-4.1.2/bindings/swig/python3/audit_wrap.c:4790:37: branch_false: ...to here
audit-userspace-4.1.2/bindings/swig/python3/audit_wrap.c:4790:37: acquire_memory: allocated here
audit-userspace-4.1.2/bindings/swig/python3/audit_wrap.c:4791:15: call_function: calling 'SWIG_Python_NewPointerObj' from '_wrap_new_audit_features'
# 1450|       /* free-threading note: the GIL is always enabled when this function is first called
# 1451|          by SWIG_init, so there's no risk of race conditions */
# 1452|->     Swig_runtime_data_module_global = PyImport_AddModuleRef(SWIG_RUNTIME_MODULE);
# 1453|   #elif PY_VERSION_HEX >= 0x03000000
# 1454|       Swig_runtime_data_module_global = PyImport_AddModule(SWIG_RUNTIME_MODULE);

Error: CPPCHECK_WARNING (CWE-476): [#def159]
audit-userspace-4.1.2/bindings/swig/python3/audit_wrap.c:1901: warning[nullPointerOutOfMemory]: If memory allocation fails, then there is a possible null pointer dereference: data
# 1899|       SwigPyClientData *data = (SwigPyClientData *)malloc(sizeof(SwigPyClientData));
# 1900|       /* the klass element */
# 1901|->     data->klass = obj;
# 1902|       SWIG_Py_INCREF(data->klass);
# 1903|       /* the newraw method and newargs arguments used to create a new raw instance */

Error: GCC_ANALYZER_WARNING (CWE-476): [#def160]
audit-userspace-4.1.2/bindings/swig/python3/audit_wrap.c:1901:5: warning[-Wanalyzer-possible-null-dereference]: dereference of possibly-NULL 'data'
audit-userspace-4.1.2/bindings/swig/python3/audit_wrap.c:5485:22: enter_function: entry to 'audit_rule_data_swigregister'
audit-userspace-4.1.2/bindings/swig/python3/audit_wrap.c:5487:8: call_function: calling 'SWIG_Python_UnpackTuple' from 'audit_rule_data_swigregister'
audit-userspace-4.1.2/bindings/swig/python3/audit_wrap.c:5487:8: return_function: returning to 'audit_rule_data_swigregister' from 'SWIG_Python_UnpackTuple'
audit-userspace-4.1.2/bindings/swig/python3/audit_wrap.c:5487:6: branch_false: following 'false' branch...
audit-userspace-4.1.2/bindings/swig/python3/audit_wrap.c:5488:3: branch_false: ...to here
audit-userspace-4.1.2/bindings/swig/python3/audit_wrap.c:5488:54: call_function: calling 'SwigPyClientData_New' from 'audit_rule_data_swigregister'
# 1899|       SwigPyClientData *data = (SwigPyClientData *)malloc(sizeof(SwigPyClientData));
# 1900|       /* the klass element */
# 1901|->     data->klass = obj;
# 1902|       SWIG_Py_INCREF(data->klass);
# 1903|       /* the newraw method and newargs arguments used to create a new raw instance */

Error: CPPCHECK_WARNING (CWE-476): [#def161]
audit-userspace-4.1.2/bindings/swig/python3/audit_wrap.c:1902: warning[nullPointerOutOfMemory]: If memory allocation fails, then there is a possible null pointer dereference: data
# 1900|       /* the klass element */
# 1901|       data->klass = obj;
# 1902|->     SWIG_Py_INCREF(data->klass);
# 1903|       /* the newraw method and newargs arguments used to create a new raw instance */
# 1904|       if (PyClass_Check(obj)) {

Error: GCC_ANALYZER_WARNING (CWE-401): [#def162]
audit-userspace-4.1.2/bindings/swig/python3/audit_wrap.c:1904:9: warning[-Wanalyzer-malloc-leak]: leak of 'data'
audit-userspace-4.1.2/bindings/swig/python3/audit_wrap.c:5485:22: enter_function: entry to 'audit_rule_data_swigregister'
audit-userspace-4.1.2/bindings/swig/python3/audit_wrap.c:5487:8: call_function: calling 'SWIG_Python_UnpackTuple' from 'audit_rule_data_swigregister'
audit-userspace-4.1.2/bindings/swig/python3/audit_wrap.c:5487:8: return_function: returning to 'audit_rule_data_swigregister' from 'SWIG_Python_UnpackTuple'
audit-userspace-4.1.2/bindings/swig/python3/audit_wrap.c:5487:6: branch_false: following 'false' branch...
audit-userspace-4.1.2/bindings/swig/python3/audit_wrap.c:5488:3: branch_false: ...to here
audit-userspace-4.1.2/bindings/swig/python3/audit_wrap.c:5488:54: call_function: calling 'SwigPyClientData_New' from 'audit_rule_data_swigregister'
# 1902|       SWIG_Py_INCREF(data->klass);
# 1903|       /* the newraw method and newargs arguments used to create a new raw instance */
# 1904|->     if (PyClass_Check(obj)) {
# 1905|         data->newraw = 0;
# 1906|         SWIG_Py_INCREF(obj);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def163]
audit-userspace-4.1.2/bindings/swig/python3/audit_wrap.c:1909:22: warning[-Wanalyzer-malloc-leak]: leak of 'data'
audit-userspace-4.1.2/bindings/swig/python3/audit_wrap.c:5485:22: enter_function: entry to 'audit_rule_data_swigregister'
audit-userspace-4.1.2/bindings/swig/python3/audit_wrap.c:5487:8: call_function: calling 'SWIG_Python_UnpackTuple' from 'audit_rule_data_swigregister'
audit-userspace-4.1.2/bindings/swig/python3/audit_wrap.c:5487:8: return_function: returning to 'audit_rule_data_swigregister' from 'SWIG_Python_UnpackTuple'
audit-userspace-4.1.2/bindings/swig/python3/audit_wrap.c:5487:6: branch_false: following 'false' branch...
audit-userspace-4.1.2/bindings/swig/python3/audit_wrap.c:5488:3: branch_false: ...to here
audit-userspace-4.1.2/bindings/swig/python3/audit_wrap.c:5488:54: call_function: calling 'SwigPyClientData_New' from 'audit_rule_data_swigregister'
# 1907|         data->newargs = obj;
# 1908|       } else {
# 1909|->       data->newraw = PyObject_GetAttrString(data->klass, "__new__");
# 1910|         if (data->newraw) {
# 1911|           data->newargs = PyTuple_New(1);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def164]
audit-userspace-4.1.2/bindings/swig/python3/audit_wrap.c:1911:25: warning[-Wanalyzer-malloc-leak]: leak of 'data'
audit-userspace-4.1.2/bindings/swig/python3/audit_wrap.c:5485:22: enter_function: entry to 'audit_rule_data_swigregister'
audit-userspace-4.1.2/bindings/swig/python3/audit_wrap.c:5487:8: call_function: calling 'SWIG_Python_UnpackTuple' from 'audit_rule_data_swigregister'
audit-userspace-4.1.2/bindings/swig/python3/audit_wrap.c:5487:8: return_function: returning to 'audit_rule_data_swigregister' from 'SWIG_Python_UnpackTuple'
audit-userspace-4.1.2/bindings/swig/python3/audit_wrap.c:5487:6: branch_false: following 'false' branch...
audit-userspace-4.1.2/bindings/swig/python3/audit_wrap.c:5488:3: branch_false: ...to here
audit-userspace-4.1.2/bindings/swig/python3/audit_wrap.c:5488:54: call_function: calling 'SwigPyClientData_New' from 'audit_rule_data_swigregister'
# 1909|         data->newraw = PyObject_GetAttrString(data->klass, "__new__");
# 1910|         if (data->newraw) {
# 1911|->         data->newargs = PyTuple_New(1);
# 1912|           if (data->newargs) {
# 1913|             SWIG_Py_INCREF(obj);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def165]
audit-userspace-4.1.2/bindings/swig/python3/audit_wrap.c:1927:21: warning[-Wanalyzer-malloc-leak]: leak of 'data'
audit-userspace-4.1.2/bindings/swig/python3/audit_wrap.c:5485:22: enter_function: entry to 'audit_rule_data_swigregister'
audit-userspace-4.1.2/bindings/swig/python3/audit_wrap.c:5487:8: call_function: calling 'SWIG_Python_UnpackTuple' from 'audit_rule_data_swigregister'
audit-userspace-4.1.2/bindings/swig/python3/audit_wrap.c:5487:8: return_function: returning to 'audit_rule_data_swigregister' from 'SWIG_Python_UnpackTuple'
audit-userspace-4.1.2/bindings/swig/python3/audit_wrap.c:5487:6: branch_false: following 'false' branch...
audit-userspace-4.1.2/bindings/swig/python3/audit_wrap.c:5488:3: branch_false: ...to here
audit-userspace-4.1.2/bindings/swig/python3/audit_wrap.c:5488:54: call_function: calling 'SwigPyClientData_New' from 'audit_rule_data_swigregister'
# 1925|       }
# 1926|       /* the destroy method, aka as the C++ delete method */
# 1927|->     data->destroy = PyObject_GetAttrString(data->klass, "__swig_destroy__");
# 1928|       if (PyErr_Occurred()) {
# 1929|         PyErr_Clear();

Error: GCC_ANALYZER_WARNING (CWE-401): [#def166]
audit-userspace-4.1.2/bindings/swig/python3/audit_wrap.c:1928:9: warning[-Wanalyzer-malloc-leak]: leak of 'data'
audit-userspace-4.1.2/bindings/swig/python3/audit_wrap.c:5485:22: enter_function: entry to 'audit_rule_data_swigregister'
audit-userspace-4.1.2/bindings/swig/python3/audit_wrap.c:5487:8: call_function: calling 'SWIG_Python_UnpackTuple' from 'audit_rule_data_swigregister'
audit-userspace-4.1.2/bindings/swig/python3/audit_wrap.c:5487:8: return_function: returning to 'audit_rule_data_swigregister' from 'SWIG_Python_UnpackTuple'
audit-userspace-4.1.2/bindings/swig/python3/audit_wrap.c:5487:6: branch_false: following 'false' branch...
audit-userspace-4.1.2/bindings/swig/python3/audit_wrap.c:5488:3: branch_false: ...to here
audit-userspace-4.1.2/bindings/swig/python3/audit_wrap.c:5488:54: call_function: calling 'SwigPyClientData_New' from 'audit_rule_data_swigregister'
# 1926|       /* the destroy method, aka as the C++ delete method */
# 1927|       data->destroy = PyObject_GetAttrString(data->klass, "__swig_destroy__");
# 1928|->     if (PyErr_Occurred()) {
# 1929|         PyErr_Clear();
# 1930|         data->destroy = 0;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def167]
audit-userspace-4.1.2/bindings/swig/python3/audit_wrap.c:1929:7: warning[-Wanalyzer-malloc-leak]: leak of 'data'
audit-userspace-4.1.2/bindings/swig/python3/audit_wrap.c:5485:22: enter_function: entry to 'audit_rule_data_swigregister'
audit-userspace-4.1.2/bindings/swig/python3/audit_wrap.c:5487:8: call_function: calling 'SWIG_Python_UnpackTuple' from 'audit_rule_data_swigregister'
audit-userspace-4.1.2/bindings/swig/python3/audit_wrap.c:5487:8: return_function: returning to 'audit_rule_data_swigregister' from 'SWIG_Python_UnpackTuple'
audit-userspace-4.1.2/bindings/swig/python3/audit_wrap.c:5487:6: branch_false: following 'false' branch...
audit-userspace-4.1.2/bindings/swig/python3/audit_wrap.c:5488:3: branch_false: ...to here
audit-userspace-4.1.2/bindings/swig/python3/audit_wrap.c:5488:54: call_function: calling 'SwigPyClientData_New' from 'audit_rule_data_swigregister'
# 1927|       data->destroy = PyObject_GetAttrString(data->klass, "__swig_destroy__");
# 1928|       if (PyErr_Occurred()) {
# 1929|->       PyErr_Clear();
# 1930|         data->destroy = 0;
# 1931|       }

Error: GCC_ANALYZER_WARNING (CWE-401): [#def168]
audit-userspace-4.1.2/bindings/swig/python3/audit_wrap.c:2440:22: warning[-Wanalyzer-malloc-leak]: leak of 'result'
audit-userspace-4.1.2/bindings/swig/python3/audit_wrap.c:4784:22: enter_function: entry to '_wrap_new_audit_features'
audit-userspace-4.1.2/bindings/swig/python3/audit_wrap.c:4789:8: call_function: calling 'SWIG_Python_UnpackTuple' from '_wrap_new_audit_features'
audit-userspace-4.1.2/bindings/swig/python3/audit_wrap.c:4789:8: return_function: returning to '_wrap_new_audit_features' from 'SWIG_Python_UnpackTuple'
audit-userspace-4.1.2/bindings/swig/python3/audit_wrap.c:4789:6: branch_false: following 'false' branch...
audit-userspace-4.1.2/bindings/swig/python3/audit_wrap.c:4790:37: branch_false: ...to here
audit-userspace-4.1.2/bindings/swig/python3/audit_wrap.c:4790:37: acquire_memory: allocated here
audit-userspace-4.1.2/bindings/swig/python3/audit_wrap.c:4791:15: call_function: calling 'SWIG_Python_NewPointerObj' from '_wrap_new_audit_features'
# 2438|       slots
# 2439|     };
# 2440|->   PyObject *pytype = PyType_FromSpec(&spec);
# 2441|     PyObject *runtime_data_module = SWIG_runtime_data_module();
# 2442|   #if !defined(Py_LIMITED_API)

Error: GCC_ANALYZER_WARNING (CWE-401): [#def169]
audit-userspace-4.1.2/bindings/swig/python3/audit_wrap.c:2453:17: warning[-Wanalyzer-malloc-leak]: leak of 'result'
audit-userspace-4.1.2/bindings/swig/python3/audit_wrap.c:5448:22: enter_function: entry to '_wrap_new_audit_rule_data'
audit-userspace-4.1.2/bindings/swig/python3/audit_wrap.c:5453:8: call_function: calling 'SWIG_Python_UnpackTuple' from '_wrap_new_audit_rule_data'
audit-userspace-4.1.2/bindings/swig/python3/audit_wrap.c:5453:8: return_function: returning to '_wrap_new_audit_rule_data' from 'SWIG_Python_UnpackTuple'
audit-userspace-4.1.2/bindings/swig/python3/audit_wrap.c:5453:6: branch_false: following 'false' branch...
audit-userspace-4.1.2/bindings/swig/python3/audit_wrap.c:5454:38: branch_false: ...to here
audit-userspace-4.1.2/bindings/swig/python3/audit_wrap.c:5454:38: acquire_memory: allocated here
audit-userspace-4.1.2/bindings/swig/python3/audit_wrap.c:5455:15: call_function: calling 'SWIG_Python_NewPointerObj' from '_wrap_new_audit_rule_data'
# 2451|   #endif
# 2452|   #endif
# 2453|->   if (pytype && PyModule_AddObject(runtime_data_module, "SwigPyObject", pytype) == 0)
# 2454|       SWIG_Py_INCREF(pytype);
# 2455|     return (PyTypeObject *)pytype;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def170]
audit-userspace-4.1.2/bindings/swig/python3/audit_wrap.c:2462:24: warning[-Wanalyzer-malloc-leak]: leak of 'result'
audit-userspace-4.1.2/bindings/swig/python3/audit_wrap.c:4784:22: enter_function: entry to '_wrap_new_audit_features'
audit-userspace-4.1.2/bindings/swig/python3/audit_wrap.c:4789:8: call_function: calling 'SWIG_Python_UnpackTuple' from '_wrap_new_audit_features'
audit-userspace-4.1.2/bindings/swig/python3/audit_wrap.c:4789:8: return_function: returning to '_wrap_new_audit_features' from 'SWIG_Python_UnpackTuple'
audit-userspace-4.1.2/bindings/swig/python3/audit_wrap.c:4789:6: branch_false: following 'false' branch...
audit-userspace-4.1.2/bindings/swig/python3/audit_wrap.c:4790:37: branch_false: ...to here
audit-userspace-4.1.2/bindings/swig/python3/audit_wrap.c:4790:37: acquire_memory: allocated here
audit-userspace-4.1.2/bindings/swig/python3/audit_wrap.c:4791:15: call_function: calling 'SWIG_Python_NewPointerObj' from '_wrap_new_audit_features'
# 2460|   SwigPyObject_New(void *ptr, swig_type_info *ty, int own)
# 2461|   {
# 2462|->   SwigPyObject *sobj = PyObject_New(SwigPyObject, SwigPyObject_Type());
# 2463|     if (sobj) {
# 2464|       sobj->ptr  = ptr;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def171]
audit-userspace-4.1.2/bindings/swig/python3/audit_wrap.c:3136:16: warning[-Wanalyzer-malloc-leak]: leak of 'result'
audit-userspace-4.1.2/bindings/swig/python3/audit_wrap.c:5448:22: enter_function: entry to '_wrap_new_audit_rule_data'
audit-userspace-4.1.2/bindings/swig/python3/audit_wrap.c:5453:8: call_function: calling 'SWIG_Python_UnpackTuple' from '_wrap_new_audit_rule_data'
audit-userspace-4.1.2/bindings/swig/python3/audit_wrap.c:5453:8: return_function: returning to '_wrap_new_audit_rule_data' from 'SWIG_Python_UnpackTuple'
audit-userspace-4.1.2/bindings/swig/python3/audit_wrap.c:5453:6: branch_false: following 'false' branch...
audit-userspace-4.1.2/bindings/swig/python3/audit_wrap.c:5454:38: branch_false: ...to here
audit-userspace-4.1.2/bindings/swig/python3/audit_wrap.c:5454:38: acquire_memory: allocated here
audit-userspace-4.1.2/bindings/swig/python3/audit_wrap.c:5455:15: call_function: calling 'SWIG_Python_NewPointerObj' from '_wrap_new_audit_rule_data'
# 3134|         }
# 3135|       } else {
# 3136|->       newobj = PyObject_New(SwigPyObject, clientdata->pytype);
# 3137|         if (newobj) {
# 3138|           newobj->swigdict = 0;

Error: GCC_ANALYZER_WARNING (CWE-775): [#def172]
audit-userspace-4.1.2/common/common.c:81:13: warning[-Wanalyzer-fd-leak]: leak of file descriptor 'open("/dev/console", 1)'
audit-userspace-4.1.2/common/common.c:77:19: acquire_resource: opened here
audit-userspace-4.1.2/common/common.c:77:12: branch_false: following 'false' branch...
audit-userspace-4.1.2/common/common.c:80:9: branch_false: ...to here
audit-userspace-4.1.2/common/common.c:81:13: danger: 'open("/dev/console", 1)' leaks here; was opened at [(1)](sarif:/runs/0/results/0/codeFlows/0/threadFlows/0/locations/0)
#   79|   
#   80|   	va_start(args, fmt);
#   81|-> 	if (vdprintf(fd, fmt, args) < 0)
#   82|   		res = 0;
#   83|   

Error: GCC_ANALYZER_WARNING (CWE-404): [#def173]
audit-userspace-4.1.2/common/common.c:81:13: warning[-Wanalyzer-va-list-leak]: missing call to 'va_end'
audit-userspace-4.1.2/common/common.c:77:12: branch_false: following 'false' branch...
audit-userspace-4.1.2/common/common.c:80:9: branch_false: ...to here
audit-userspace-4.1.2/common/common.c:80:9: acquire_resource: 'va_start' called here
audit-userspace-4.1.2/common/common.c:81:13: danger: missing call to 'va_end' to match 'va_start' at [(3)](sarif:/runs/0/results/1/codeFlows/0/threadFlows/0/locations/2)
#   79|   
#   80|   	va_start(args, fmt);
#   81|-> 	if (vdprintf(fd, fmt, args) < 0)
#   82|   		res = 0;
#   83|   

Error: GCC_ANALYZER_WARNING (CWE-775): [#def174]
audit-userspace-4.1.2/common/common.c:114:33: warning[-Wanalyzer-fd-leak]: leak of file descriptor 'open(&tty_path, 257)'
audit-userspace-4.1.2/common/common.c:105:16: branch_true: following 'true' branch...
audit-userspace-4.1.2/common/common.c:107:21: branch_true: ...to here
audit-userspace-4.1.2/common/common.c:112:30: acquire_resource: opened here
audit-userspace-4.1.2/common/common.c:114:33: danger: 'open(&tty_path, 257)' leaks here; was opened at [(3)](sarif:/runs/0/results/2/codeFlows/0/threadFlows/0/locations/2)
#  112|   			fd = open(tty_path, O_WRONLY | O_NOCTTY);
#  113|   			if (fd != -1) {
#  114|-> 				dprintf(fd, "\nBroadcast message from audit daemon:\n%s\n", message);
#  115|   				close(fd);
#  116|   			}

Error: GCC_ANALYZER_WARNING (CWE-404): [#def175]
audit-userspace-4.1.2/common/message.c:55:17: warning[-Wanalyzer-va-list-leak]: missing call to 'va_end'
audit-userspace-4.1.2/common/message.c:47:12: branch_false: following 'false' branch...
audit-userspace-4.1.2/common/message.c:50:12: branch_false: ...to here
audit-userspace-4.1.2/common/message.c:53:9: acquire_resource: 'va_start' called here
audit-userspace-4.1.2/common/message.c:54:12: branch_true: following 'true' branch...
audit-userspace-4.1.2/common/message.c:55:17: branch_true: ...to here
audit-userspace-4.1.2/common/message.c:55:17: danger: missing call to 'va_end' to match 'va_start' at [(3)](sarif:/runs/0/results/0/codeFlows/0/threadFlows/0/locations/2)
#   53|           va_start(ap, fmt);
#   54|           if (message_mode == MSG_SYSLOG)
#   55|->                 vsyslog(priority, fmt, ap);
#   56|           else {
#   57|                   vfprintf(stderr, fmt, ap);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def176]
audit-userspace-4.1.2/lib/libaudit.c:914:14: warning[-Wanalyzer-malloc-leak]: leak of 'cmd'
audit-userspace-4.1.2/lib/libaudit.c:902:18: acquire_memory: allocated here
audit-userspace-4.1.2/lib/libaudit.c:904:12: branch_false: following 'false' branch (when 'cmd' is non-NULL)...
audit-userspace-4.1.2/lib/libaudit.c:909:9: branch_false: ...to here
audit-userspace-4.1.2/lib/libaudit.c:914:14: danger: 'cmd' leaks here; was allocated at [(1)](sarif:/runs/0/results/0/codeFlows/0/threadFlows/0/locations/0)
#  912|   	memcpy(&cmd->buf[len1], subtree, len2);
#  913|   
#  914|-> 	rc = audit_send(fd, AUDIT_MAKE_EQUIV, cmd, sizeof(*cmd) + len1 + len2);
#  915|   	if (rc < 0)
#  916|   		audit_msg(audit_priority(errno),

Error: GCC_ANALYZER_WARNING (CWE-401): [#def177]
audit-userspace-4.1.2/lib/libaudit.c:916:17: warning[-Wanalyzer-malloc-leak]: leak of 'cmd'
audit-userspace-4.1.2/lib/libaudit.c:902:18: acquire_memory: allocated here
audit-userspace-4.1.2/lib/libaudit.c:904:12: branch_false: following 'false' branch (when 'cmd' is non-NULL)...
audit-userspace-4.1.2/lib/libaudit.c:909:9: branch_false: ...to here
audit-userspace-4.1.2/lib/libaudit.c:915:12: branch_true: following 'true' branch...
audit-userspace-4.1.2/lib/libaudit.c:916:17: branch_true: ...to here
audit-userspace-4.1.2/lib/libaudit.c:916:17: danger: 'cmd' leaks here; was allocated at [(1)](sarif:/runs/0/results/1/codeFlows/0/threadFlows/0/locations/0)
#  914|   	rc = audit_send(fd, AUDIT_MAKE_EQUIV, cmd, sizeof(*cmd) + len1 + len2);
#  915|   	if (rc < 0)
#  916|-> 		audit_msg(audit_priority(errno),
#  917|   			"Error sending make_equivalent command (%s)",
#  918|   			strerror(-rc));

Error: GCC_ANALYZER_WARNING (CWE-775): [#def178]
audit-userspace-4.1.2/lib/libaudit.c:942:13: warning[-Wanalyzer-fd-leak]: leak of file descriptor 'open("/proc/self/loginuid", 655360)'
audit-userspace-4.1.2/lib/libaudit.c:935:14: acquire_resource: opened here
audit-userspace-4.1.2/lib/libaudit.c:936:12: branch_false: following 'false' branch...
 branch_false: ...to here
audit-userspace-4.1.2/lib/libaudit.c:942:13: danger: 'open("/proc/self/loginuid", 655360)' leaks here; was opened at [(1)](sarif:/runs/0/results/2/codeFlows/0/threadFlows/0/locations/0)
#  940|   	} while (len < 0 && errno == EINTR);
#  941|   	close(in);
#  942|-> 	if (len < 0 || (size_t)len >= sizeof(buf))
#  943|   		return -1;
#  944|   	buf[len] = 0;

Error: GCC_ANALYZER_WARNING (CWE-775): [#def179]
audit-userspace-4.1.2/lib/libaudit.c:968:33: warning[-Wanalyzer-fd-leak]: leak of file descriptor 'open("/proc/self/loginuid", 655873)'
audit-userspace-4.1.2/lib/libaudit.c:963:13: acquire_resource: opened here
audit-userspace-4.1.2/lib/libaudit.c:964:12: branch_true: following 'true' branch...
 branch_true: ...to here
audit-userspace-4.1.2/lib/libaudit.c:967:24: branch_true: following 'true' branch (when 'count > 0')...
audit-userspace-4.1.2/lib/libaudit.c:968:33: branch_true: ...to here
audit-userspace-4.1.2/lib/libaudit.c:968:33: danger: 'open("/proc/self/loginuid", 655873)' leaks here; was opened at [(1)](sarif:/runs/0/results/3/codeFlows/0/threadFlows/0/locations/0)
#  966|   
#  967|   		while (count > 0) {
#  968|-> 			block = write(o, &loginuid[offset], (unsigned)count);
#  969|   
#  970|   			if (block < 0) {

Error: GCC_ANALYZER_WARNING (CWE-775): [#def180]
audit-userspace-4.1.2/lib/libaudit.c:973:33: warning[-Wanalyzer-fd-leak]: leak of file descriptor 'open("/proc/self/loginuid", 655873)'
audit-userspace-4.1.2/lib/libaudit.c:963:13: acquire_resource: opened here
audit-userspace-4.1.2/lib/libaudit.c:964:12: branch_true: following 'true' branch...
 branch_true: ...to here
audit-userspace-4.1.2/lib/libaudit.c:967:24: branch_true: following 'true' branch (when 'count > 0')...
audit-userspace-4.1.2/lib/libaudit.c:968:33: branch_true: ...to here
audit-userspace-4.1.2/lib/libaudit.c:973:33: danger: 'open("/proc/self/loginuid", 655873)' leaks here; was opened at [(1)](sarif:/runs/0/results/4/codeFlows/0/threadFlows/0/locations/0)
#  971|   				if (errno == EINTR)
#  972|   					continue;
#  973|-> 				audit_msg(LOG_ERR, "Error writing loginuid");
#  974|   				close(o);
#  975|   				return 1;

Error: GCC_ANALYZER_WARNING (CWE-775): [#def181]
audit-userspace-4.1.2/lib/libaudit.c:974:33: warning[-Wanalyzer-fd-leak]: leak of file descriptor 'open("/proc/self/loginuid", 655873)'
audit-userspace-4.1.2/lib/libaudit.c:963:13: acquire_resource: opened here
audit-userspace-4.1.2/lib/libaudit.c:964:12: branch_true: following 'true' branch...
 branch_true: ...to here
audit-userspace-4.1.2/lib/libaudit.c:967:24: branch_true: following 'true' branch (when 'count > 0')...
audit-userspace-4.1.2/lib/libaudit.c:968:33: branch_true: ...to here
audit-userspace-4.1.2/lib/libaudit.c:974:33: danger: 'open("/proc/self/loginuid", 655873)' leaks here; was opened at [(1)](sarif:/runs/0/results/5/codeFlows/0/threadFlows/0/locations/0)
#  972|   					continue;
#  973|   				audit_msg(LOG_ERR, "Error writing loginuid");
#  974|-> 				close(o);
#  975|   				return 1;
#  976|   			}

Error: GCC_ANALYZER_WARNING (CWE-775): [#def182]
audit-userspace-4.1.2/lib/libaudit.c:980:17: warning[-Wanalyzer-fd-leak]: leak of file descriptor 'open("/proc/self/loginuid", 655873)'
audit-userspace-4.1.2/lib/libaudit.c:963:13: acquire_resource: opened here
audit-userspace-4.1.2/lib/libaudit.c:964:12: branch_true: following 'true' branch...
 branch_true: ...to here
audit-userspace-4.1.2/lib/libaudit.c:980:17: danger: 'open("/proc/self/loginuid", 655873)' leaks here; was opened at [(1)](sarif:/runs/0/results/6/codeFlows/0/threadFlows/0/locations/0)
#  978|   			count -= block;
#  979|   		}
#  980|-> 		close(o);
#  981|   	} else {
#  982|   		audit_msg(LOG_ERR, "Error opening /proc/self/loginuid");

Error: GCC_ANALYZER_WARNING (CWE-775): [#def183]
audit-userspace-4.1.2/lib/libaudit.c:1007:13: warning[-Wanalyzer-fd-leak]: leak of file descriptor 'open("/proc/self/sessionid", 655360)'
audit-userspace-4.1.2/lib/libaudit.c:1000:14: acquire_resource: opened here
audit-userspace-4.1.2/lib/libaudit.c:1001:12: branch_false: following 'false' branch...
 branch_false: ...to here
audit-userspace-4.1.2/lib/libaudit.c:1007:13: danger: 'open("/proc/self/sessionid", 655360)' leaks here; was opened at [(1)](sarif:/runs/0/results/7/codeFlows/0/threadFlows/0/locations/0)
# 1005|   	} while (len < 0 && errno == EINTR);
# 1006|   	close(in);
# 1007|-> 	if (len < 0 || (size_t)len >= sizeof(buf))
# 1008|   		return -2;
# 1009|   	buf[len] = 0;

Error: GCC_ANALYZER_WARNING (CWE-688): [#def184]
audit-userspace-4.1.2/lib/libaudit.c:1509:13: warning[-Wanalyzer-null-argument]: use of NULL 'optarg' where non-null expected
audit-userspace-4.1.2/lib/libaudit.c:1576:12: enter_function: entry to 'audit_add_perm_syscalls'
audit-userspace-4.1.2/lib/libaudit.c:1583:12: branch_false: following 'false' branch...
audit-userspace-4.1.2/lib/libaudit.c:1588:29: branch_false: ...to here
audit-userspace-4.1.2/lib/libaudit.c:1595:35: call_function: calling 'filter_supported_syscalls' from 'audit_add_perm_syscalls'
audit-userspace-4.1.2/lib/libaudit.c:1595:35: return_function: returning to 'audit_add_perm_syscalls' from 'filter_supported_syscalls'
audit-userspace-4.1.2/lib/libaudit.c:1596:12: branch_true: following 'true' branch...
audit-userspace-4.1.2/lib/libaudit.c:1599:17: branch_true: ...to here
audit-userspace-4.1.2/lib/libaudit.c:1604:18: call_function: calling '_audit_parse_syscall' from 'audit_add_perm_syscalls'
#argument 1 of '__builtin_strchr' must be non-null
# 1507|   	char *saved;
# 1508|   
# 1509|-> 	if (strchr(optarg, ',')) {
# 1510|   		char *ptr, *tmp = strdup(optarg);
# 1511|   		if (tmp == NULL)

Error: GCC_ANALYZER_WARNING (CWE-401): [#def185]
audit-userspace-4.1.2/lib/libaudit.c:1557:21: warning[-Wanalyzer-malloc-leak]: leak of 'filter_supported_syscalls(audit_perm_to_name(perm), audit_elf_to_machine(_audit_elf))'
audit-userspace-4.1.2/lib/libaudit.c:1576:12: enter_function: entry to 'audit_add_perm_syscalls'
audit-userspace-4.1.2/lib/libaudit.c:1583:12: branch_false: following 'false' branch...
audit-userspace-4.1.2/lib/libaudit.c:1588:29: branch_false: ...to here
audit-userspace-4.1.2/lib/libaudit.c:1595:35: acquire_memory: allocated here
audit-userspace-4.1.2/lib/libaudit.c:1595:35: call_function: calling 'filter_supported_syscalls' from 'audit_add_perm_syscalls'
# 1555|   
# 1556|   	while (token != NULL) {
# 1557|-> 		if (audit_name_to_syscall(token, machine) != -1) {
# 1558|   			if (!first)
# 1559|   				*ptr++ = ',';

Error: GCC_ANALYZER_WARNING (CWE-401): [#def186]
audit-userspace-4.1.2/lib/libaudit.c:1557:21: warning[-Wanalyzer-malloc-leak]: leak of 'syscalls_copy'
audit-userspace-4.1.2/lib/libaudit.c:1541:12: branch_false: following 'false' branch (when 'syscalls' is non-NULL)...
audit-userspace-4.1.2/lib/libaudit.c:1545:14: branch_false: ...to here
audit-userspace-4.1.2/lib/libaudit.c:1549:31: acquire_memory: allocated here
audit-userspace-4.1.2/lib/libaudit.c:1550:12: branch_false: following 'false' branch (when 'syscalls_copy' is non-NULL)...
audit-userspace-4.1.2/lib/libaudit.c:1553:23: branch_false: ...to here
audit-userspace-4.1.2/lib/libaudit.c:1556:16: branch_true: following 'true' branch (when 'token' is non-NULL)...
audit-userspace-4.1.2/lib/libaudit.c:1557:21: branch_true: ...to here
audit-userspace-4.1.2/lib/libaudit.c:1557:21: danger: 'syscalls_copy' leaks here; was allocated at [(3)](sarif:/runs/0/results/9/codeFlows/0/threadFlows/0/locations/2)
# 1555|   
# 1556|   	while (token != NULL) {
# 1557|-> 		if (audit_name_to_syscall(token, machine) != -1) {
# 1558|   			if (!first)
# 1559|   				*ptr++ = ',';

Error: GCC_ANALYZER_WARNING (CWE-401): [#def187]
audit-userspace-4.1.2/lib/libaudit.c:2067:14: warning[-Wanalyzer-malloc-leak]: leak of 'buf'
audit-userspace-4.1.2/lib/libaudit.c:2062:15: acquire_memory: allocated here
audit-userspace-4.1.2/lib/libaudit.c:2063:12: branch_false: following 'false' branch (when 'buf' is non-NULL)...
audit-userspace-4.1.2/lib/libaudit.c:2066:9: branch_false: ...to here
audit-userspace-4.1.2/lib/libaudit.c:2067:14: danger: 'buf' leaks here; was allocated at [(1)](sarif:/runs/0/results/11/codeFlows/0/threadFlows/0/locations/0)
# 2065|   
# 2066|   	errno = 0;
# 2067|-> 	rc = getpwnam_r(name, &pwd, buf, bufsize, &result);
# 2068|   	if (rc == ERANGE) {
# 2069|   		free(buf);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def188]
audit-userspace-4.1.2/lib/libaudit.c:2112:14: warning[-Wanalyzer-malloc-leak]: leak of 'buf'
audit-userspace-4.1.2/lib/libaudit.c:2107:15: acquire_memory: allocated here
audit-userspace-4.1.2/lib/libaudit.c:2108:12: branch_false: following 'false' branch (when 'buf' is non-NULL)...
audit-userspace-4.1.2/lib/libaudit.c:2111:9: branch_false: ...to here
audit-userspace-4.1.2/lib/libaudit.c:2112:14: danger: 'buf' leaks here; was allocated at [(1)](sarif:/runs/0/results/12/codeFlows/0/threadFlows/0/locations/0)
# 2110|   
# 2111|   	errno = 0;
# 2112|-> 	rc = getgrnam_r(name, &gr, buf, bufsize, &result);
# 2113|   	if (rc == ERANGE) {
# 2114|   		free(buf);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def189]
audit-userspace-4.1.2/lib/libaudit.c:2141:24: warning[-Wanalyzer-malloc-leak]: leak of 'syscalls_to_use'
audit-userspace-4.1.2/lib/libaudit.c:1621:5: enter_function: entry to 'audit_rule_fieldpair_data'
audit-userspace-4.1.2/lib/libaudit.c:1632:12: branch_false: following 'false' branch (when 'pair' is non-NULL)...
audit-userspace-4.1.2/lib/libaudit.c:1635:13: branch_false: ...to here
audit-userspace-4.1.2/lib/libaudit.c:1635:12: branch_false: following 'false' branch...
audit-userspace-4.1.2/lib/libaudit.c:1643:19: branch_false: ...to here
audit-userspace-4.1.2/lib/libaudit.c:1643:12: branch_false: following 'false' branch (when 'v' is NULL)...
audit-userspace-4.1.2/lib/libaudit.c:1647:26: branch_false: ...to here
audit-userspace-4.1.2/lib/libaudit.c:1647:19: branch_false: following 'false' branch (when 'v' is NULL)...
audit-userspace-4.1.2/lib/libaudit.c:1651:26: branch_false: ...to here
audit-userspace-4.1.2/lib/libaudit.c:1651:19: branch_false: following 'false' branch (when 'v' is NULL)...
audit-userspace-4.1.2/lib/libaudit.c:1655:26: branch_false: ...to here
audit-userspace-4.1.2/lib/libaudit.c:1655:19: branch_false: following 'false' branch (when 'v' is NULL)...
audit-userspace-4.1.2/lib/libaudit.c:1659:26: branch_false: ...to here
audit-userspace-4.1.2/lib/libaudit.c:1659:19: branch_true: following 'true' branch (when 'v' is non-NULL)...
audit-userspace-4.1.2/lib/libaudit.c:1660:18: branch_true: ...to here
audit-userspace-4.1.2/lib/libaudit.c:1676:12: branch_false: following 'false' branch...
audit-userspace-4.1.2/lib/libaudit.c:1679:13: branch_false: ...to here
audit-userspace-4.1.2/lib/libaudit.c:1679:12: branch_false: following 'false' branch...
audit-userspace-4.1.2/lib/libaudit.c:1682:22: branch_false: ...to here
audit-userspace-4.1.2/lib/libaudit.c:1682:12: branch_false: following 'false' branch...
audit-userspace-4.1.2/lib/libaudit.c:1687:12: branch_false: ...to here
audit-userspace-4.1.2/lib/libaudit.c:1687:12: branch_false: following 'false' branch (when 'flags != 5')...
audit-userspace-4.1.2/lib/libaudit.c:1710:12: branch_false: ...to here
audit-userspace-4.1.2/lib/libaudit.c:1710:12: branch_false: following 'false' branch (when 'flags != 6')...
audit-userspace-4.1.2/lib/libaudit.c:1717:22: branch_false: ...to here
audit-userspace-4.1.2/lib/libaudit.c:1888:28: branch_false: following 'false' branch...
audit-userspace-4.1.2/lib/libaudit.c:1891:33: branch_false: ...to here
audit-userspace-4.1.2/lib/libaudit.c:1891:33: branch_false: following 'false' branch (when 'op == 1073741824')...
audit-userspace-4.1.2/lib/libaudit.c:1897:39: branch_false: ...to here
audit-userspace-4.1.2/lib/libaudit.c:1898:36: branch_false: following 'false' branch (when 'len <= 4')...
 branch_false: ...to here
audit-userspace-4.1.2/lib/libaudit.c:1901:45: branch_true: following 'true' branch (when 'i < len')...
audit-userspace-4.1.2/lib/libaudit.c:1902:49: branch_true: ...to here
audit-userspace-4.1.2/lib/libaudit.c:1905:39: call_function: calling 'audit_add_perm_syscalls' from 'audit_rule_fieldpair_data'
# 2139|   	if (uname(&uts) == 0)
# 2140|   //		strcpy(uts.machine, "x86_64");
# 2141|-> 		return audit_name_to_machine(uts.machine);
# 2142|   	return -1;
# 2143|   }

Error: GCC_ANALYZER_WARNING (CWE-401): [#def190]
audit-userspace-4.1.2/src/auditctl.c:100:9: warning[-Wanalyzer-malloc-leak]: leak of ‘fields’
audit-userspace-4.1.2/src/auditctl.c:1558:12: enter_function: entry to ‘fileopt’
audit-userspace-4.1.2/src/auditctl.c:1567:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/src/auditctl.c:1579:13: branch_false: ...to here
audit-userspace-4.1.2/src/auditctl.c:1579:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/src/auditctl.c:1585:14: branch_false: ...to here
audit-userspace-4.1.2/src/auditctl.c:1585:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/src/auditctl.c:1591:13: branch_false: ...to here
audit-userspace-4.1.2/src/auditctl.c:1592:12: branch_false: following ‘false’ branch (when ‘f’ is non-NULL)...
 branch_false: ...to here
audit-userspace-4.1.2/src/auditctl.c:1600:16: call_function: calling ‘get_line’ from ‘fileopt’
audit-userspace-4.1.2/src/auditctl.c:1600:16: return_function: returning to ‘fileopt’ from ‘get_line’
audit-userspace-4.1.2/src/auditctl.c:1600:16: branch_true: following ‘true’ branch...
audit-userspace-4.1.2/src/auditctl.c:1602:43: branch_true: ...to here
audit-userspace-4.1.2/src/auditctl.c:1607:20: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/src/auditctl.c:1612:17: branch_false: ...to here
audit-userspace-4.1.2/src/auditctl.c:1614:20: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/src/auditctl.c:1618:21: branch_false: ...to here
audit-userspace-4.1.2/src/auditctl.c:1618:20: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/src/auditctl.c:1623:26: branch_false: ...to here
audit-userspace-4.1.2/src/auditctl.c:1623:26: acquire_memory: allocated here
audit-userspace-4.1.2/src/auditctl.c:1624:20: branch_false: following ‘false’ branch (when ‘fields’ is non-NULL)...
audit-userspace-4.1.2/src/auditctl.c:1630:17: branch_false: ...to here
audit-userspace-4.1.2/src/auditctl.c:1640:21: call_function: calling ‘reset_vars’ from ‘fileopt’
#   98|   	multiple = 0;
#   99|   
#  100|-> 	audit_rule_free_data(rule_new);
#  101|   	rule_new = audit_rule_create_data();
#  102|   	if (fd < 0) {

Error: GCC_ANALYZER_WARNING (CWE-401): [#def191]
audit-userspace-4.1.2/src/auditctl.c:100:9: warning[-Wanalyzer-malloc-leak]: leak of ‘f’
audit-userspace-4.1.2/src/auditctl.c:1558:12: enter_function: entry to ‘fileopt’
audit-userspace-4.1.2/src/auditctl.c:1567:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/src/auditctl.c:1579:13: branch_false: ...to here
audit-userspace-4.1.2/src/auditctl.c:1579:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/src/auditctl.c:1585:14: branch_false: ...to here
audit-userspace-4.1.2/src/auditctl.c:1585:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/src/auditctl.c:1591:13: branch_false: ...to here
audit-userspace-4.1.2/src/auditctl.c:1591:13: acquire_memory: allocated here
audit-userspace-4.1.2/src/auditctl.c:1592:12: branch_false: following ‘false’ branch (when ‘f’ is non-NULL)...
 branch_false: ...to here
audit-userspace-4.1.2/src/auditctl.c:1600:16: call_function: calling ‘get_line’ from ‘fileopt’
audit-userspace-4.1.2/src/auditctl.c:1600:16: return_function: returning to ‘fileopt’ from ‘get_line’
audit-userspace-4.1.2/src/auditctl.c:1600:16: branch_true: following ‘true’ branch...
audit-userspace-4.1.2/src/auditctl.c:1602:43: branch_true: ...to here
audit-userspace-4.1.2/src/auditctl.c:1607:20: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/src/auditctl.c:1612:17: branch_false: ...to here
audit-userspace-4.1.2/src/auditctl.c:1614:20: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/src/auditctl.c:1618:21: branch_false: ...to here
audit-userspace-4.1.2/src/auditctl.c:1618:20: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/src/auditctl.c:1623:26: branch_false: ...to here
audit-userspace-4.1.2/src/auditctl.c:1624:20: branch_false: following ‘false’ branch (when ‘fields’ is non-NULL)...
audit-userspace-4.1.2/src/auditctl.c:1630:17: branch_false: ...to here
audit-userspace-4.1.2/src/auditctl.c:1640:21: call_function: calling ‘reset_vars’ from ‘fileopt’
#   98|   	multiple = 0;
#   99|   
#  100|-> 	audit_rule_free_data(rule_new);
#  101|   	rule_new = audit_rule_create_data();
#  102|   	if (fd < 0) {

Error: GCC_ANALYZER_WARNING (CWE-401): [#def192]
audit-userspace-4.1.2/src/auditctl.c:101:20: warning[-Wanalyzer-malloc-leak]: leak of ‘fields’
audit-userspace-4.1.2/src/auditctl.c:1558:12: enter_function: entry to ‘fileopt’
audit-userspace-4.1.2/src/auditctl.c:1567:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/src/auditctl.c:1579:13: branch_false: ...to here
audit-userspace-4.1.2/src/auditctl.c:1579:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/src/auditctl.c:1585:14: branch_false: ...to here
audit-userspace-4.1.2/src/auditctl.c:1585:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/src/auditctl.c:1591:13: branch_false: ...to here
audit-userspace-4.1.2/src/auditctl.c:1592:12: branch_false: following ‘false’ branch (when ‘f’ is non-NULL)...
 branch_false: ...to here
audit-userspace-4.1.2/src/auditctl.c:1600:16: call_function: calling ‘get_line’ from ‘fileopt’
audit-userspace-4.1.2/src/auditctl.c:1600:16: return_function: returning to ‘fileopt’ from ‘get_line’
audit-userspace-4.1.2/src/auditctl.c:1600:16: branch_true: following ‘true’ branch...
audit-userspace-4.1.2/src/auditctl.c:1602:43: branch_true: ...to here
audit-userspace-4.1.2/src/auditctl.c:1607:20: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/src/auditctl.c:1612:17: branch_false: ...to here
audit-userspace-4.1.2/src/auditctl.c:1614:20: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/src/auditctl.c:1618:21: branch_false: ...to here
audit-userspace-4.1.2/src/auditctl.c:1618:20: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/src/auditctl.c:1623:26: branch_false: ...to here
audit-userspace-4.1.2/src/auditctl.c:1623:26: acquire_memory: allocated here
audit-userspace-4.1.2/src/auditctl.c:1624:20: branch_false: following ‘false’ branch (when ‘fields’ is non-NULL)...
audit-userspace-4.1.2/src/auditctl.c:1630:17: branch_false: ...to here
audit-userspace-4.1.2/src/auditctl.c:1640:21: call_function: calling ‘reset_vars’ from ‘fileopt’
#   99|   
#  100|   	audit_rule_free_data(rule_new);
#  101|-> 	rule_new = audit_rule_create_data();
#  102|   	if (fd < 0) {
#  103|   		if ((fd = audit_open()) < 0) {

Error: GCC_ANALYZER_WARNING (CWE-401): [#def193]
audit-userspace-4.1.2/src/auditctl.c:101:20: warning[-Wanalyzer-malloc-leak]: leak of ‘f’
audit-userspace-4.1.2/src/auditctl.c:1558:12: enter_function: entry to ‘fileopt’
audit-userspace-4.1.2/src/auditctl.c:1567:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/src/auditctl.c:1579:13: branch_false: ...to here
audit-userspace-4.1.2/src/auditctl.c:1579:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/src/auditctl.c:1585:14: branch_false: ...to here
audit-userspace-4.1.2/src/auditctl.c:1585:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/src/auditctl.c:1591:13: branch_false: ...to here
audit-userspace-4.1.2/src/auditctl.c:1591:13: acquire_memory: allocated here
audit-userspace-4.1.2/src/auditctl.c:1592:12: branch_false: following ‘false’ branch (when ‘f’ is non-NULL)...
 branch_false: ...to here
audit-userspace-4.1.2/src/auditctl.c:1600:16: call_function: calling ‘get_line’ from ‘fileopt’
audit-userspace-4.1.2/src/auditctl.c:1600:16: return_function: returning to ‘fileopt’ from ‘get_line’
audit-userspace-4.1.2/src/auditctl.c:1600:16: branch_true: following ‘true’ branch...
audit-userspace-4.1.2/src/auditctl.c:1602:43: branch_true: ...to here
audit-userspace-4.1.2/src/auditctl.c:1607:20: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/src/auditctl.c:1612:17: branch_false: ...to here
audit-userspace-4.1.2/src/auditctl.c:1614:20: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/src/auditctl.c:1618:21: branch_false: ...to here
audit-userspace-4.1.2/src/auditctl.c:1618:20: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/src/auditctl.c:1623:26: branch_false: ...to here
audit-userspace-4.1.2/src/auditctl.c:1624:20: branch_false: following ‘false’ branch (when ‘fields’ is non-NULL)...
audit-userspace-4.1.2/src/auditctl.c:1630:17: branch_false: ...to here
audit-userspace-4.1.2/src/auditctl.c:1640:21: call_function: calling ‘reset_vars’ from ‘fileopt’
#   99|   
#  100|   	audit_rule_free_data(rule_new);
#  101|-> 	rule_new = audit_rule_create_data();
#  102|   	if (fd < 0) {
#  103|   		if ((fd = audit_open()) < 0) {

Error: GCC_ANALYZER_WARNING (CWE-401): [#def194]
audit-userspace-4.1.2/src/auditctl.c:103:27: warning[-Wanalyzer-malloc-leak]: leak of ‘fields’
audit-userspace-4.1.2/src/auditctl.c:1558:12: enter_function: entry to ‘fileopt’
audit-userspace-4.1.2/src/auditctl.c:1567:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/src/auditctl.c:1579:13: branch_false: ...to here
audit-userspace-4.1.2/src/auditctl.c:1579:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/src/auditctl.c:1585:14: branch_false: ...to here
audit-userspace-4.1.2/src/auditctl.c:1585:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/src/auditctl.c:1591:13: branch_false: ...to here
audit-userspace-4.1.2/src/auditctl.c:1592:12: branch_false: following ‘false’ branch (when ‘f’ is non-NULL)...
 branch_false: ...to here
audit-userspace-4.1.2/src/auditctl.c:1600:16: call_function: calling ‘get_line’ from ‘fileopt’
audit-userspace-4.1.2/src/auditctl.c:1600:16: return_function: returning to ‘fileopt’ from ‘get_line’
audit-userspace-4.1.2/src/auditctl.c:1600:16: branch_true: following ‘true’ branch...
audit-userspace-4.1.2/src/auditctl.c:1602:43: branch_true: ...to here
audit-userspace-4.1.2/src/auditctl.c:1607:20: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/src/auditctl.c:1612:17: branch_false: ...to here
audit-userspace-4.1.2/src/auditctl.c:1614:20: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/src/auditctl.c:1618:21: branch_false: ...to here
audit-userspace-4.1.2/src/auditctl.c:1618:20: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/src/auditctl.c:1623:26: branch_false: ...to here
audit-userspace-4.1.2/src/auditctl.c:1623:26: acquire_memory: allocated here
audit-userspace-4.1.2/src/auditctl.c:1624:20: branch_false: following ‘false’ branch (when ‘fields’ is non-NULL)...
audit-userspace-4.1.2/src/auditctl.c:1630:17: branch_false: ...to here
audit-userspace-4.1.2/src/auditctl.c:1640:21: call_function: calling ‘reset_vars’ from ‘fileopt’
#  101|   	rule_new = audit_rule_create_data();
#  102|   	if (fd < 0) {
#  103|-> 		if ((fd = audit_open()) < 0) {
#  104|   			audit_msg(LOG_ERR, "Cannot open netlink audit socket");
#  105|   			return 1;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def195]
audit-userspace-4.1.2/src/auditctl.c:103:27: warning[-Wanalyzer-malloc-leak]: leak of ‘f’
audit-userspace-4.1.2/src/auditctl.c:1558:12: enter_function: entry to ‘fileopt’
audit-userspace-4.1.2/src/auditctl.c:1567:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/src/auditctl.c:1579:13: branch_false: ...to here
audit-userspace-4.1.2/src/auditctl.c:1579:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/src/auditctl.c:1585:14: branch_false: ...to here
audit-userspace-4.1.2/src/auditctl.c:1585:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/src/auditctl.c:1591:13: branch_false: ...to here
audit-userspace-4.1.2/src/auditctl.c:1591:13: acquire_memory: allocated here
audit-userspace-4.1.2/src/auditctl.c:1592:12: branch_false: following ‘false’ branch (when ‘f’ is non-NULL)...
 branch_false: ...to here
audit-userspace-4.1.2/src/auditctl.c:1600:16: call_function: calling ‘get_line’ from ‘fileopt’
audit-userspace-4.1.2/src/auditctl.c:1600:16: return_function: returning to ‘fileopt’ from ‘get_line’
audit-userspace-4.1.2/src/auditctl.c:1600:16: branch_true: following ‘true’ branch...
audit-userspace-4.1.2/src/auditctl.c:1602:43: branch_true: ...to here
audit-userspace-4.1.2/src/auditctl.c:1607:20: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/src/auditctl.c:1612:17: branch_false: ...to here
audit-userspace-4.1.2/src/auditctl.c:1614:20: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/src/auditctl.c:1618:21: branch_false: ...to here
audit-userspace-4.1.2/src/auditctl.c:1618:20: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/src/auditctl.c:1623:26: branch_false: ...to here
audit-userspace-4.1.2/src/auditctl.c:1624:20: branch_false: following ‘false’ branch (when ‘fields’ is non-NULL)...
audit-userspace-4.1.2/src/auditctl.c:1630:17: branch_false: ...to here
audit-userspace-4.1.2/src/auditctl.c:1640:21: call_function: calling ‘reset_vars’ from ‘fileopt’
#  101|   	rule_new = audit_rule_create_data();
#  102|   	if (fd < 0) {
#  103|-> 		if ((fd = audit_open()) < 0) {
#  104|   			audit_msg(LOG_ERR, "Cannot open netlink audit socket");
#  105|   			return 1;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def196]
audit-userspace-4.1.2/src/auditctl.c:104:25: warning[-Wanalyzer-malloc-leak]: leak of ‘fields’
audit-userspace-4.1.2/src/auditctl.c:1558:12: enter_function: entry to ‘fileopt’
audit-userspace-4.1.2/src/auditctl.c:1567:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/src/auditctl.c:1579:13: branch_false: ...to here
audit-userspace-4.1.2/src/auditctl.c:1579:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/src/auditctl.c:1585:14: branch_false: ...to here
audit-userspace-4.1.2/src/auditctl.c:1585:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/src/auditctl.c:1591:13: branch_false: ...to here
audit-userspace-4.1.2/src/auditctl.c:1592:12: branch_false: following ‘false’ branch (when ‘f’ is non-NULL)...
 branch_false: ...to here
audit-userspace-4.1.2/src/auditctl.c:1600:16: call_function: calling ‘get_line’ from ‘fileopt’
audit-userspace-4.1.2/src/auditctl.c:1600:16: return_function: returning to ‘fileopt’ from ‘get_line’
audit-userspace-4.1.2/src/auditctl.c:1600:16: branch_true: following ‘true’ branch...
audit-userspace-4.1.2/src/auditctl.c:1602:43: branch_true: ...to here
audit-userspace-4.1.2/src/auditctl.c:1607:20: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/src/auditctl.c:1612:17: branch_false: ...to here
audit-userspace-4.1.2/src/auditctl.c:1614:20: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/src/auditctl.c:1618:21: branch_false: ...to here
audit-userspace-4.1.2/src/auditctl.c:1618:20: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/src/auditctl.c:1623:26: branch_false: ...to here
audit-userspace-4.1.2/src/auditctl.c:1623:26: acquire_memory: allocated here
audit-userspace-4.1.2/src/auditctl.c:1624:20: branch_false: following ‘false’ branch (when ‘fields’ is non-NULL)...
audit-userspace-4.1.2/src/auditctl.c:1630:17: branch_false: ...to here
audit-userspace-4.1.2/src/auditctl.c:1640:21: call_function: calling ‘reset_vars’ from ‘fileopt’
#  102|   	if (fd < 0) {
#  103|   		if ((fd = audit_open()) < 0) {
#  104|-> 			audit_msg(LOG_ERR, "Cannot open netlink audit socket");
#  105|   			return 1;
#  106|   		}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def197]
audit-userspace-4.1.2/src/auditctl.c:104:25: warning[-Wanalyzer-malloc-leak]: leak of ‘f’
audit-userspace-4.1.2/src/auditctl.c:1558:12: enter_function: entry to ‘fileopt’
audit-userspace-4.1.2/src/auditctl.c:1567:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/src/auditctl.c:1579:13: branch_false: ...to here
audit-userspace-4.1.2/src/auditctl.c:1579:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/src/auditctl.c:1585:14: branch_false: ...to here
audit-userspace-4.1.2/src/auditctl.c:1585:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/src/auditctl.c:1591:13: branch_false: ...to here
audit-userspace-4.1.2/src/auditctl.c:1591:13: acquire_memory: allocated here
audit-userspace-4.1.2/src/auditctl.c:1592:12: branch_false: following ‘false’ branch (when ‘f’ is non-NULL)...
 branch_false: ...to here
audit-userspace-4.1.2/src/auditctl.c:1600:16: call_function: calling ‘get_line’ from ‘fileopt’
audit-userspace-4.1.2/src/auditctl.c:1600:16: return_function: returning to ‘fileopt’ from ‘get_line’
audit-userspace-4.1.2/src/auditctl.c:1600:16: branch_true: following ‘true’ branch...
audit-userspace-4.1.2/src/auditctl.c:1602:43: branch_true: ...to here
audit-userspace-4.1.2/src/auditctl.c:1607:20: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/src/auditctl.c:1612:17: branch_false: ...to here
audit-userspace-4.1.2/src/auditctl.c:1614:20: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/src/auditctl.c:1618:21: branch_false: ...to here
audit-userspace-4.1.2/src/auditctl.c:1618:20: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/src/auditctl.c:1623:26: branch_false: ...to here
audit-userspace-4.1.2/src/auditctl.c:1624:20: branch_false: following ‘false’ branch (when ‘fields’ is non-NULL)...
audit-userspace-4.1.2/src/auditctl.c:1630:17: branch_false: ...to here
audit-userspace-4.1.2/src/auditctl.c:1640:21: call_function: calling ‘reset_vars’ from ‘fileopt’
#  102|   	if (fd < 0) {
#  103|   		if ((fd = audit_open()) < 0) {
#  104|-> 			audit_msg(LOG_ERR, "Cannot open netlink audit socket");
#  105|   			return 1;
#  106|   		}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def198]
audit-userspace-4.1.2/src/auditctl.c:1356:17: warning[-Wanalyzer-malloc-leak]: leak of ‘fields’
audit-userspace-4.1.2/src/auditctl.c:1558:12: enter_function: entry to ‘fileopt’
audit-userspace-4.1.2/src/auditctl.c:1567:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/src/auditctl.c:1579:13: branch_false: ...to here
audit-userspace-4.1.2/src/auditctl.c:1579:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/src/auditctl.c:1585:14: branch_false: ...to here
audit-userspace-4.1.2/src/auditctl.c:1585:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/src/auditctl.c:1591:13: branch_false: ...to here
audit-userspace-4.1.2/src/auditctl.c:1592:12: branch_false: following ‘false’ branch (when ‘f’ is non-NULL)...
 branch_false: ...to here
audit-userspace-4.1.2/src/auditctl.c:1600:16: call_function: calling ‘get_line’ from ‘fileopt’
audit-userspace-4.1.2/src/auditctl.c:1600:16: return_function: returning to ‘fileopt’ from ‘get_line’
audit-userspace-4.1.2/src/auditctl.c:1600:16: branch_true: following ‘true’ branch...
audit-userspace-4.1.2/src/auditctl.c:1602:43: branch_true: ...to here
audit-userspace-4.1.2/src/auditctl.c:1607:20: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/src/auditctl.c:1612:17: branch_false: ...to here
audit-userspace-4.1.2/src/auditctl.c:1614:20: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/src/auditctl.c:1618:21: branch_false: ...to here
audit-userspace-4.1.2/src/auditctl.c:1618:20: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/src/auditctl.c:1623:26: branch_false: ...to here
audit-userspace-4.1.2/src/auditctl.c:1623:26: acquire_memory: allocated here
audit-userspace-4.1.2/src/auditctl.c:1624:20: branch_false: following ‘false’ branch (when ‘fields’ is non-NULL)...
audit-userspace-4.1.2/src/auditctl.c:1630:17: branch_false: ...to here
audit-userspace-4.1.2/src/auditctl.c:1640:21: call_function: calling ‘reset_vars’ from ‘fileopt’
audit-userspace-4.1.2/src/auditctl.c:1640:21: return_function: returning to ‘fileopt’ from ‘reset_vars’
audit-userspace-4.1.2/src/auditctl.c:1640:20: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/src/auditctl.c:1645:22: branch_false: ...to here
audit-userspace-4.1.2/src/auditctl.c:1645:22: call_function: calling ‘setopt’ from ‘fileopt’
# 1354|   		bad_opt = " ";
# 1355|   	if (args->lineno)
# 1356|-> 		audit_msg(LOG_ERR,
# 1357|   			"Option %s on line %d is invalid", bad_opt, args->lineno);
# 1358|   	else

Error: GCC_ANALYZER_WARNING (CWE-401): [#def199]
audit-userspace-4.1.2/src/auditctl.c:1356:17: warning[-Wanalyzer-malloc-leak]: leak of ‘f’
audit-userspace-4.1.2/src/auditctl.c:1558:12: enter_function: entry to ‘fileopt’
audit-userspace-4.1.2/src/auditctl.c:1567:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/src/auditctl.c:1579:13: branch_false: ...to here
audit-userspace-4.1.2/src/auditctl.c:1579:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/src/auditctl.c:1585:14: branch_false: ...to here
audit-userspace-4.1.2/src/auditctl.c:1585:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/src/auditctl.c:1591:13: branch_false: ...to here
audit-userspace-4.1.2/src/auditctl.c:1591:13: acquire_memory: allocated here
audit-userspace-4.1.2/src/auditctl.c:1592:12: branch_false: following ‘false’ branch (when ‘f’ is non-NULL)...
 branch_false: ...to here
audit-userspace-4.1.2/src/auditctl.c:1600:16: call_function: calling ‘get_line’ from ‘fileopt’
audit-userspace-4.1.2/src/auditctl.c:1600:16: return_function: returning to ‘fileopt’ from ‘get_line’
audit-userspace-4.1.2/src/auditctl.c:1600:16: branch_true: following ‘true’ branch...
audit-userspace-4.1.2/src/auditctl.c:1602:43: branch_true: ...to here
audit-userspace-4.1.2/src/auditctl.c:1607:20: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/src/auditctl.c:1612:17: branch_false: ...to here
audit-userspace-4.1.2/src/auditctl.c:1614:20: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/src/auditctl.c:1618:21: branch_false: ...to here
audit-userspace-4.1.2/src/auditctl.c:1618:20: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/src/auditctl.c:1623:26: branch_false: ...to here
audit-userspace-4.1.2/src/auditctl.c:1624:20: branch_false: following ‘false’ branch (when ‘fields’ is non-NULL)...
audit-userspace-4.1.2/src/auditctl.c:1630:17: branch_false: ...to here
audit-userspace-4.1.2/src/auditctl.c:1640:21: call_function: calling ‘reset_vars’ from ‘fileopt’
audit-userspace-4.1.2/src/auditctl.c:1640:21: return_function: returning to ‘fileopt’ from ‘reset_vars’
audit-userspace-4.1.2/src/auditctl.c:1640:20: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/src/auditctl.c:1645:22: branch_false: ...to here
audit-userspace-4.1.2/src/auditctl.c:1645:22: call_function: calling ‘setopt’ from ‘fileopt’
# 1354|   		bad_opt = " ";
# 1355|   	if (args->lineno)
# 1356|-> 		audit_msg(LOG_ERR,
# 1357|   			"Option %s on line %d is invalid", bad_opt, args->lineno);
# 1358|   	else

Error: GCC_ANALYZER_WARNING (CWE-401): [#def200]
audit-userspace-4.1.2/src/auditctl.c:1407:32: warning[-Wanalyzer-malloc-leak]: leak of ‘fields’
audit-userspace-4.1.2/src/auditctl.c:1558:12: enter_function: entry to ‘fileopt’
audit-userspace-4.1.2/src/auditctl.c:1567:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/src/auditctl.c:1579:13: branch_false: ...to here
audit-userspace-4.1.2/src/auditctl.c:1579:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/src/auditctl.c:1585:14: branch_false: ...to here
audit-userspace-4.1.2/src/auditctl.c:1585:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/src/auditctl.c:1591:13: branch_false: ...to here
audit-userspace-4.1.2/src/auditctl.c:1592:12: branch_false: following ‘false’ branch (when ‘f’ is non-NULL)...
 branch_false: ...to here
audit-userspace-4.1.2/src/auditctl.c:1600:16: call_function: calling ‘get_line’ from ‘fileopt’
audit-userspace-4.1.2/src/auditctl.c:1600:16: return_function: returning to ‘fileopt’ from ‘get_line’
audit-userspace-4.1.2/src/auditctl.c:1600:16: branch_true: following ‘true’ branch...
audit-userspace-4.1.2/src/auditctl.c:1602:43: branch_true: ...to here
audit-userspace-4.1.2/src/auditctl.c:1607:20: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/src/auditctl.c:1612:17: branch_false: ...to here
audit-userspace-4.1.2/src/auditctl.c:1614:20: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/src/auditctl.c:1618:21: branch_false: ...to here
audit-userspace-4.1.2/src/auditctl.c:1618:20: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/src/auditctl.c:1623:26: branch_false: ...to here
audit-userspace-4.1.2/src/auditctl.c:1623:26: acquire_memory: allocated here
audit-userspace-4.1.2/src/auditctl.c:1624:20: branch_false: following ‘false’ branch (when ‘fields’ is non-NULL)...
audit-userspace-4.1.2/src/auditctl.c:1630:17: branch_false: ...to here
audit-userspace-4.1.2/src/auditctl.c:1640:21: call_function: calling ‘reset_vars’ from ‘fileopt’
audit-userspace-4.1.2/src/auditctl.c:1640:21: return_function: returning to ‘fileopt’ from ‘reset_vars’
audit-userspace-4.1.2/src/auditctl.c:1640:20: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/src/auditctl.c:1645:22: branch_false: ...to here
audit-userspace-4.1.2/src/auditctl.c:1645:22: call_function: calling ‘setopt’ from ‘fileopt’
# 1405|   	for (size_t i = 0; i < NUM_HANDLERS; i++) {
# 1406|   		if (opt_handlers[i].option == option) {
# 1407|-> 			return opt_handlers[i].handler(args);
# 1408|   		}
# 1409|   	}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def201]
audit-userspace-4.1.2/src/auditctl.c:1407:32: warning[-Wanalyzer-malloc-leak]: leak of ‘f’
audit-userspace-4.1.2/src/auditctl.c:1558:12: enter_function: entry to ‘fileopt’
audit-userspace-4.1.2/src/auditctl.c:1567:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/src/auditctl.c:1579:13: branch_false: ...to here
audit-userspace-4.1.2/src/auditctl.c:1579:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/src/auditctl.c:1585:14: branch_false: ...to here
audit-userspace-4.1.2/src/auditctl.c:1585:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/src/auditctl.c:1591:13: branch_false: ...to here
audit-userspace-4.1.2/src/auditctl.c:1591:13: acquire_memory: allocated here
audit-userspace-4.1.2/src/auditctl.c:1592:12: branch_false: following ‘false’ branch (when ‘f’ is non-NULL)...
 branch_false: ...to here
audit-userspace-4.1.2/src/auditctl.c:1600:16: call_function: calling ‘get_line’ from ‘fileopt’
audit-userspace-4.1.2/src/auditctl.c:1600:16: return_function: returning to ‘fileopt’ from ‘get_line’
audit-userspace-4.1.2/src/auditctl.c:1600:16: branch_true: following ‘true’ branch...
audit-userspace-4.1.2/src/auditctl.c:1602:43: branch_true: ...to here
audit-userspace-4.1.2/src/auditctl.c:1607:20: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/src/auditctl.c:1612:17: branch_false: ...to here
audit-userspace-4.1.2/src/auditctl.c:1614:20: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/src/auditctl.c:1618:21: branch_false: ...to here
audit-userspace-4.1.2/src/auditctl.c:1618:20: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/src/auditctl.c:1623:26: branch_false: ...to here
audit-userspace-4.1.2/src/auditctl.c:1624:20: branch_false: following ‘false’ branch (when ‘fields’ is non-NULL)...
audit-userspace-4.1.2/src/auditctl.c:1630:17: branch_false: ...to here
audit-userspace-4.1.2/src/auditctl.c:1640:21: call_function: calling ‘reset_vars’ from ‘fileopt’
audit-userspace-4.1.2/src/auditctl.c:1640:21: return_function: returning to ‘fileopt’ from ‘reset_vars’
audit-userspace-4.1.2/src/auditctl.c:1640:20: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/src/auditctl.c:1645:22: branch_false: ...to here
audit-userspace-4.1.2/src/auditctl.c:1645:22: call_function: calling ‘setopt’ from ‘fileopt’
# 1405|   	for (size_t i = 0; i < NUM_HANDLERS; i++) {
# 1406|   		if (opt_handlers[i].option == option) {
# 1407|-> 			return opt_handlers[i].handler(args);
# 1408|   		}
# 1409|   	}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def202]
audit-userspace-4.1.2/src/auditctl.c:1443:17: warning[-Wanalyzer-malloc-leak]: leak of ‘fields’
audit-userspace-4.1.2/src/auditctl.c:1558:12: enter_function: entry to ‘fileopt’
audit-userspace-4.1.2/src/auditctl.c:1567:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/src/auditctl.c:1579:13: branch_false: ...to here
audit-userspace-4.1.2/src/auditctl.c:1579:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/src/auditctl.c:1585:14: branch_false: ...to here
audit-userspace-4.1.2/src/auditctl.c:1585:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/src/auditctl.c:1591:13: branch_false: ...to here
audit-userspace-4.1.2/src/auditctl.c:1592:12: branch_false: following ‘false’ branch (when ‘f’ is non-NULL)...
 branch_false: ...to here
audit-userspace-4.1.2/src/auditctl.c:1600:16: call_function: calling ‘get_line’ from ‘fileopt’
audit-userspace-4.1.2/src/auditctl.c:1600:16: return_function: returning to ‘fileopt’ from ‘get_line’
audit-userspace-4.1.2/src/auditctl.c:1600:16: branch_true: following ‘true’ branch...
audit-userspace-4.1.2/src/auditctl.c:1602:43: branch_true: ...to here
audit-userspace-4.1.2/src/auditctl.c:1607:20: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/src/auditctl.c:1612:17: branch_false: ...to here
audit-userspace-4.1.2/src/auditctl.c:1614:20: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/src/auditctl.c:1618:21: branch_false: ...to here
audit-userspace-4.1.2/src/auditctl.c:1618:20: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/src/auditctl.c:1623:26: branch_false: ...to here
audit-userspace-4.1.2/src/auditctl.c:1623:26: acquire_memory: allocated here
audit-userspace-4.1.2/src/auditctl.c:1624:20: branch_false: following ‘false’ branch (when ‘fields’ is non-NULL)...
audit-userspace-4.1.2/src/auditctl.c:1630:17: branch_false: ...to here
audit-userspace-4.1.2/src/auditctl.c:1640:20: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/src/auditctl.c:1645:22: branch_false: ...to here
audit-userspace-4.1.2/src/auditctl.c:1645:22: call_function: calling ‘setopt’ from ‘fileopt’
# 1441|   		retval = OPT_ERROR_NO_REPLY;
# 1442|   	else if ((optind < count) && (retval != OPT_ERROR_NO_REPLY)) {
# 1443|-> 		audit_msg(LOG_ERR, "parameter passed without an option given");
# 1444|   		retval = OPT_ERROR_NO_REPLY;
# 1445|   	}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def203]
audit-userspace-4.1.2/src/auditctl.c:1443:17: warning[-Wanalyzer-malloc-leak]: leak of ‘f’
audit-userspace-4.1.2/src/auditctl.c:1558:12: enter_function: entry to ‘fileopt’
audit-userspace-4.1.2/src/auditctl.c:1567:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/src/auditctl.c:1579:13: branch_false: ...to here
audit-userspace-4.1.2/src/auditctl.c:1579:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/src/auditctl.c:1585:14: branch_false: ...to here
audit-userspace-4.1.2/src/auditctl.c:1585:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/src/auditctl.c:1591:13: branch_false: ...to here
audit-userspace-4.1.2/src/auditctl.c:1591:13: acquire_memory: allocated here
audit-userspace-4.1.2/src/auditctl.c:1592:12: branch_false: following ‘false’ branch (when ‘f’ is non-NULL)...
 branch_false: ...to here
audit-userspace-4.1.2/src/auditctl.c:1600:16: call_function: calling ‘get_line’ from ‘fileopt’
audit-userspace-4.1.2/src/auditctl.c:1600:16: return_function: returning to ‘fileopt’ from ‘get_line’
audit-userspace-4.1.2/src/auditctl.c:1600:16: branch_true: following ‘true’ branch...
audit-userspace-4.1.2/src/auditctl.c:1602:43: branch_true: ...to here
audit-userspace-4.1.2/src/auditctl.c:1607:20: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/src/auditctl.c:1612:17: branch_false: ...to here
audit-userspace-4.1.2/src/auditctl.c:1614:20: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/src/auditctl.c:1618:21: branch_false: ...to here
audit-userspace-4.1.2/src/auditctl.c:1618:20: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/src/auditctl.c:1623:26: branch_false: ...to here
audit-userspace-4.1.2/src/auditctl.c:1624:20: branch_false: following ‘false’ branch (when ‘fields’ is non-NULL)...
audit-userspace-4.1.2/src/auditctl.c:1630:17: branch_false: ...to here
audit-userspace-4.1.2/src/auditctl.c:1640:20: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/src/auditctl.c:1645:22: branch_false: ...to here
audit-userspace-4.1.2/src/auditctl.c:1645:22: call_function: calling ‘setopt’ from ‘fileopt’
# 1441|   		retval = OPT_ERROR_NO_REPLY;
# 1442|   	else if ((optind < count) && (retval != OPT_ERROR_NO_REPLY)) {
# 1443|-> 		audit_msg(LOG_ERR, "parameter passed without an option given");
# 1444|   		retval = OPT_ERROR_NO_REPLY;
# 1445|   	}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def204]
audit-userspace-4.1.2/src/auditctl.c:1461:25: warning[-Wanalyzer-malloc-leak]: leak of ‘f’
audit-userspace-4.1.2/src/auditctl.c:1558:12: enter_function: entry to ‘fileopt’
audit-userspace-4.1.2/src/auditctl.c:1567:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/src/auditctl.c:1579:13: branch_false: ...to here
audit-userspace-4.1.2/src/auditctl.c:1579:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/src/auditctl.c:1585:14: branch_false: ...to here
audit-userspace-4.1.2/src/auditctl.c:1585:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/src/auditctl.c:1591:13: branch_false: ...to here
audit-userspace-4.1.2/src/auditctl.c:1591:13: acquire_memory: allocated here
audit-userspace-4.1.2/src/auditctl.c:1592:12: branch_false: following ‘false’ branch (when ‘f’ is non-NULL)...
 branch_false: ...to here
audit-userspace-4.1.2/src/auditctl.c:1600:16: call_function: calling ‘get_line’ from ‘fileopt’
audit-userspace-4.1.2/src/auditctl.c:1600:16: return_function: returning to ‘fileopt’ from ‘get_line’
audit-userspace-4.1.2/src/auditctl.c:1600:16: branch_true: following ‘true’ branch...
audit-userspace-4.1.2/src/auditctl.c:1602:43: branch_true: ...to here
audit-userspace-4.1.2/src/auditctl.c:1607:20: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/src/auditctl.c:1612:17: branch_false: ...to here
audit-userspace-4.1.2/src/auditctl.c:1614:20: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/src/auditctl.c:1618:21: branch_false: ...to here
audit-userspace-4.1.2/src/auditctl.c:1618:20: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/src/auditctl.c:1623:26: branch_false: ...to here
audit-userspace-4.1.2/src/auditctl.c:1624:20: branch_false: following ‘false’ branch (when ‘fields’ is non-NULL)...
audit-userspace-4.1.2/src/auditctl.c:1630:17: branch_false: ...to here
audit-userspace-4.1.2/src/auditctl.c:1640:20: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/src/auditctl.c:1645:22: branch_false: ...to here
audit-userspace-4.1.2/src/auditctl.c:1645:22: call_function: calling ‘setopt’ from ‘fileopt’
# 1459|   		if (asprintf(&cmd, "key=%s", key) < 0) {
# 1460|   			cmd = NULL;
# 1461|-> 			audit_msg(LOG_ERR, "Out of memory adding key");
# 1462|   			retval = OPT_ERROR_NO_REPLY;
# 1463|   		} else {

Error: GCC_ANALYZER_WARNING (CWE-401): [#def205]
audit-userspace-4.1.2/src/auditctl.c:1613:23: warning[-Wanalyzer-malloc-leak]: leak of ‘f’
audit-userspace-4.1.2/src/auditctl.c:1558:12: enter_function: entry to ‘fileopt’
audit-userspace-4.1.2/src/auditctl.c:1567:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/src/auditctl.c:1579:13: branch_false: ...to here
audit-userspace-4.1.2/src/auditctl.c:1579:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/src/auditctl.c:1585:14: branch_false: ...to here
audit-userspace-4.1.2/src/auditctl.c:1585:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/src/auditctl.c:1591:13: branch_false: ...to here
audit-userspace-4.1.2/src/auditctl.c:1591:13: acquire_memory: allocated here
audit-userspace-4.1.2/src/auditctl.c:1592:12: branch_false: following ‘false’ branch (when ‘f’ is non-NULL)...
 branch_false: ...to here
audit-userspace-4.1.2/src/auditctl.c:1600:16: call_function: calling ‘get_line’ from ‘fileopt’
audit-userspace-4.1.2/src/auditctl.c:1600:16: return_function: returning to ‘fileopt’ from ‘get_line’
audit-userspace-4.1.2/src/auditctl.c:1600:16: branch_true: following ‘true’ branch...
audit-userspace-4.1.2/src/auditctl.c:1602:43: branch_true: ...to here
audit-userspace-4.1.2/src/auditctl.c:1607:20: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/src/auditctl.c:1612:17: branch_false: ...to here
audit-userspace-4.1.2/src/auditctl.c:1613:23: danger: ‘f’ leaks here; was allocated at [(8)](sarif:/runs/0/results/15/codeFlows/0/threadFlows/0/locations/7)
# 1611|   
# 1612|   		preprocess(buf);
# 1613|-> 		ptr = audit_strsplit(buf);
# 1614|   		if (ptr == NULL)
# 1615|   			break;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def206]
audit-userspace-4.1.2/src/auditctl.c:1625:25: warning[-Wanalyzer-malloc-leak]: leak of ‘f’
audit-userspace-4.1.2/src/auditctl.c:1558:12: enter_function: entry to ‘fileopt’
audit-userspace-4.1.2/src/auditctl.c:1567:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/src/auditctl.c:1579:13: branch_false: ...to here
audit-userspace-4.1.2/src/auditctl.c:1579:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/src/auditctl.c:1585:14: branch_false: ...to here
audit-userspace-4.1.2/src/auditctl.c:1585:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/src/auditctl.c:1591:13: branch_false: ...to here
audit-userspace-4.1.2/src/auditctl.c:1591:13: acquire_memory: allocated here
audit-userspace-4.1.2/src/auditctl.c:1592:12: branch_false: following ‘false’ branch (when ‘f’ is non-NULL)...
 branch_false: ...to here
audit-userspace-4.1.2/src/auditctl.c:1600:16: call_function: calling ‘get_line’ from ‘fileopt’
audit-userspace-4.1.2/src/auditctl.c:1600:16: return_function: returning to ‘fileopt’ from ‘get_line’
audit-userspace-4.1.2/src/auditctl.c:1600:16: branch_true: following ‘true’ branch...
audit-userspace-4.1.2/src/auditctl.c:1602:43: branch_true: ...to here
audit-userspace-4.1.2/src/auditctl.c:1614:20: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/src/auditctl.c:1618:21: branch_false: ...to here
audit-userspace-4.1.2/src/auditctl.c:1624:20: branch_true: following ‘true’ branch (when ‘fields’ is NULL)...
audit-userspace-4.1.2/src/auditctl.c:1625:25: branch_true: ...to here
audit-userspace-4.1.2/src/auditctl.c:1625:25: danger: ‘f’ leaks here; was allocated at [(8)](sarif:/runs/0/results/16/codeFlows/0/threadFlows/0/locations/7)
# 1623|   		fields = malloc(nf * sizeof(char *));
# 1624|   		if (fields == NULL) {
# 1625|-> 			audit_msg(LOG_ERR, "Out of memory. Check %s file, %d line", __FILE__, __LINE__);
# 1626|   			fclose(f);
# 1627|   			return 1;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def207]
audit-userspace-4.1.2/src/auditctl.c:1632:29: warning[-Wanalyzer-malloc-leak]: leak of ‘fields’
audit-userspace-4.1.2/src/auditctl.c:1558:12: enter_function: entry to ‘fileopt’
audit-userspace-4.1.2/src/auditctl.c:1567:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/src/auditctl.c:1579:13: branch_false: ...to here
audit-userspace-4.1.2/src/auditctl.c:1579:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/src/auditctl.c:1585:14: branch_false: ...to here
audit-userspace-4.1.2/src/auditctl.c:1585:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/src/auditctl.c:1591:13: branch_false: ...to here
audit-userspace-4.1.2/src/auditctl.c:1592:12: branch_false: following ‘false’ branch (when ‘f’ is non-NULL)...
 branch_false: ...to here
audit-userspace-4.1.2/src/auditctl.c:1600:16: call_function: calling ‘get_line’ from ‘fileopt’
audit-userspace-4.1.2/src/auditctl.c:1600:16: return_function: returning to ‘fileopt’ from ‘get_line’
audit-userspace-4.1.2/src/auditctl.c:1600:16: branch_true: following ‘true’ branch...
audit-userspace-4.1.2/src/auditctl.c:1602:43: branch_true: ...to here
audit-userspace-4.1.2/src/auditctl.c:1607:20: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/src/auditctl.c:1612:17: branch_false: ...to here
audit-userspace-4.1.2/src/auditctl.c:1614:20: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/src/auditctl.c:1618:21: branch_false: ...to here
audit-userspace-4.1.2/src/auditctl.c:1618:20: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/src/auditctl.c:1623:26: branch_false: ...to here
audit-userspace-4.1.2/src/auditctl.c:1623:26: acquire_memory: allocated here
audit-userspace-4.1.2/src/auditctl.c:1624:20: branch_false: following ‘false’ branch (when ‘fields’ is non-NULL)...
audit-userspace-4.1.2/src/auditctl.c:1630:17: branch_false: ...to here
audit-userspace-4.1.2/src/auditctl.c:1632:29: danger: ‘fields’ leaks here; was allocated at [(26)](sarif:/runs/0/results/17/codeFlows/0/threadFlows/0/locations/25)
# 1630|   		fields[i++] = "auditctl";
# 1631|   		fields[i++] = ptr;
# 1632|-> 		while( (ptr=audit_strsplit(NULL)) && (i < nf-1)) {
# 1633|   		        postprocess(ptr);
# 1634|   			fields[i++] = ptr;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def208]
audit-userspace-4.1.2/src/auditctl.c:1632:29: warning[-Wanalyzer-malloc-leak]: leak of ‘f’
audit-userspace-4.1.2/src/auditctl.c:1558:12: enter_function: entry to ‘fileopt’
audit-userspace-4.1.2/src/auditctl.c:1567:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/src/auditctl.c:1579:13: branch_false: ...to here
audit-userspace-4.1.2/src/auditctl.c:1579:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/src/auditctl.c:1585:14: branch_false: ...to here
audit-userspace-4.1.2/src/auditctl.c:1585:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/src/auditctl.c:1591:13: branch_false: ...to here
audit-userspace-4.1.2/src/auditctl.c:1591:13: acquire_memory: allocated here
audit-userspace-4.1.2/src/auditctl.c:1592:12: branch_false: following ‘false’ branch (when ‘f’ is non-NULL)...
 branch_false: ...to here
audit-userspace-4.1.2/src/auditctl.c:1600:16: call_function: calling ‘get_line’ from ‘fileopt’
audit-userspace-4.1.2/src/auditctl.c:1600:16: return_function: returning to ‘fileopt’ from ‘get_line’
audit-userspace-4.1.2/src/auditctl.c:1600:16: branch_true: following ‘true’ branch...
audit-userspace-4.1.2/src/auditctl.c:1602:43: branch_true: ...to here
audit-userspace-4.1.2/src/auditctl.c:1607:20: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/src/auditctl.c:1612:17: branch_false: ...to here
audit-userspace-4.1.2/src/auditctl.c:1614:20: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/src/auditctl.c:1618:21: branch_false: ...to here
audit-userspace-4.1.2/src/auditctl.c:1618:20: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/src/auditctl.c:1623:26: branch_false: ...to here
audit-userspace-4.1.2/src/auditctl.c:1624:20: branch_false: following ‘false’ branch (when ‘fields’ is non-NULL)...
audit-userspace-4.1.2/src/auditctl.c:1630:17: branch_false: ...to here
audit-userspace-4.1.2/src/auditctl.c:1632:29: danger: ‘f’ leaks here; was allocated at [(8)](sarif:/runs/0/results/18/codeFlows/0/threadFlows/0/locations/7)
# 1630|   		fields[i++] = "auditctl";
# 1631|   		fields[i++] = ptr;
# 1632|-> 		while( (ptr=audit_strsplit(NULL)) && (i < nf-1)) {
# 1633|   		        postprocess(ptr);
# 1634|   			fields[i++] = ptr;

Error: GCC_ANALYZER_WARNING (CWE-688): [#def209]
audit-userspace-4.1.2/src/auditd-config.c:369:14: warning[-Wanalyzer-possible-null-argument]: use of possibly-NULL ‘config_file’ where non-null expected
audit-userspace-4.1.2/src/auditd-config.c:362:12: branch_true: following ‘true’ branch...
audit-userspace-4.1.2/src/auditd-config.c:363:31: branch_true: ...to here
audit-userspace-4.1.2/src/auditd-config.c:363:31: acquire_memory: this call could return NULL
audit-userspace-4.1.2/src/auditd-config.c:369:14: danger: argument 1 (‘config_file’) from [(3)](sarif:/runs/0/results/0/codeFlows/0/threadFlows/0/locations/2) could be NULL where non-null expected
#  367|   	if (allow_links == 0)
#  368|   		mode |= O_NOFOLLOW;
#  369|-> 	rc = open(config_file, mode);
#  370|   	if (rc < 0) {
#  371|   		if (errno != ENOENT) {

Error: GCC_ANALYZER_WARNING (CWE-775): [#def210]
audit-userspace-4.1.2/src/auditd-config.c:385:9: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘open(config_file,  mode)’
audit-userspace-4.1.2/src/auditd-config.c:362:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/src/auditd-config.c:367:13: branch_false: ...to here
audit-userspace-4.1.2/src/auditd-config.c:369:14: acquire_resource: opened here
audit-userspace-4.1.2/src/auditd-config.c:370:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/src/auditd-config.c:385:9: branch_false: ...to here
audit-userspace-4.1.2/src/auditd-config.c:385:9: danger: ‘open(config_file,  mode)’ leaks here; was opened at [(3)](sarif:/runs/0/results/1/codeFlows/0/threadFlows/0/locations/2)
#  383|   	 * not symlink.
#  384|   	 */
#  385|-> 	audit_msg(LOG_DEBUG, "Config file %s opened for parsing", 
#  386|   			config_file);
#  387|   	if (fstat(fd, &st) < 0) {

Error: GCC_ANALYZER_WARNING (CWE-401): [#def211]
audit-userspace-4.1.2/src/auditd-config.c:512:33: warning[-Wanalyzer-malloc-leak]: leak of ‘f’
audit-userspace-4.1.2/src/auditd-config.c:353:5: enter_function: entry to ‘load_config’
audit-userspace-4.1.2/src/auditd-config.c:370:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/src/auditd-config.c:385:9: branch_false: ...to here
audit-userspace-4.1.2/src/auditd-config.c:387:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/src/auditd-config.c:393:13: branch_false: ...to here
audit-userspace-4.1.2/src/auditd-config.c:393:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/src/auditd-config.c:399:14: branch_false: ...to here
audit-userspace-4.1.2/src/auditd-config.c:399:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/src/auditd-config.c:405:14: branch_false: ...to here
audit-userspace-4.1.2/src/auditd-config.c:405:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/src/auditd-config.c:413:13: branch_false: ...to here
audit-userspace-4.1.2/src/auditd-config.c:413:13: acquire_memory: allocated here
audit-userspace-4.1.2/src/auditd-config.c:414:12: branch_false: following ‘false’ branch (when ‘f’ is non-NULL)...
 branch_false: ...to here
audit-userspace-4.1.2/src/auditd-config.c:421:16: call_function: calling ‘get_line’ from ‘load_config’
#  510|   			// Only output 1 warning
#  511|   			if (!too_long)
#  512|-> 				audit_msg(LOG_ERR,
#  513|   					"Skipping line %d in %s: too long",
#  514|   					*lineno, file);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def212]
audit-userspace-4.1.2/src/auditd-config.c:530:15: warning[-Wanalyzer-malloc-leak]: leak of ‘f’
audit-userspace-4.1.2/src/auditd-config.c:353:5: enter_function: entry to ‘load_config’
audit-userspace-4.1.2/src/auditd-config.c:370:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/src/auditd-config.c:385:9: branch_false: ...to here
audit-userspace-4.1.2/src/auditd-config.c:387:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/src/auditd-config.c:393:13: branch_false: ...to here
audit-userspace-4.1.2/src/auditd-config.c:393:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/src/auditd-config.c:399:14: branch_false: ...to here
audit-userspace-4.1.2/src/auditd-config.c:399:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/src/auditd-config.c:405:14: branch_false: ...to here
audit-userspace-4.1.2/src/auditd-config.c:405:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/src/auditd-config.c:413:13: branch_false: ...to here
audit-userspace-4.1.2/src/auditd-config.c:413:13: acquire_memory: allocated here
audit-userspace-4.1.2/src/auditd-config.c:414:12: branch_false: following ‘false’ branch (when ‘f’ is non-NULL)...
 branch_false: ...to here
audit-userspace-4.1.2/src/auditd-config.c:421:16: call_function: calling ‘get_line’ from ‘load_config’
audit-userspace-4.1.2/src/auditd-config.c:421:16: return_function: returning to ‘load_config’ from ‘get_line’
audit-userspace-4.1.2/src/auditd-config.c:421:16: branch_true: following ‘true’ branch...
audit-userspace-4.1.2/src/auditd-config.c:425:22: branch_true: ...to here
audit-userspace-4.1.2/src/auditd-config.c:425:22: call_function: calling ‘nv_split’ from ‘load_config’
#  528|   	nv->value = NULL;
#  529|   	nv->option = NULL;
#  530|-> 	ptr = audit_strsplit(buf);
#  531|   	if (ptr == NULL)
#  532|   		return 0; /* If there's nothing, go to next line */

Error: GCC_ANALYZER_WARNING (CWE-401): [#def213]
audit-userspace-4.1.2/src/auditd-config.c:538:15: warning[-Wanalyzer-malloc-leak]: leak of ‘f’
audit-userspace-4.1.2/src/auditd-config.c:353:5: enter_function: entry to ‘load_config’
audit-userspace-4.1.2/src/auditd-config.c:370:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/src/auditd-config.c:385:9: branch_false: ...to here
audit-userspace-4.1.2/src/auditd-config.c:387:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/src/auditd-config.c:393:13: branch_false: ...to here
audit-userspace-4.1.2/src/auditd-config.c:393:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/src/auditd-config.c:399:14: branch_false: ...to here
audit-userspace-4.1.2/src/auditd-config.c:399:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/src/auditd-config.c:405:14: branch_false: ...to here
audit-userspace-4.1.2/src/auditd-config.c:405:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/src/auditd-config.c:413:13: branch_false: ...to here
audit-userspace-4.1.2/src/auditd-config.c:413:13: acquire_memory: allocated here
audit-userspace-4.1.2/src/auditd-config.c:414:12: branch_false: following ‘false’ branch (when ‘f’ is non-NULL)...
 branch_false: ...to here
audit-userspace-4.1.2/src/auditd-config.c:421:16: call_function: calling ‘get_line’ from ‘load_config’
audit-userspace-4.1.2/src/auditd-config.c:421:16: return_function: returning to ‘load_config’ from ‘get_line’
audit-userspace-4.1.2/src/auditd-config.c:421:16: branch_true: following ‘true’ branch...
audit-userspace-4.1.2/src/auditd-config.c:425:22: branch_true: ...to here
audit-userspace-4.1.2/src/auditd-config.c:425:22: call_function: calling ‘nv_split’ from ‘load_config’
#  536|   
#  537|   	/* Check for a '=' */
#  538|-> 	ptr = audit_strsplit(NULL);
#  539|   	if (ptr == NULL)
#  540|   		return 1;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def214]
audit-userspace-4.1.2/src/auditd-config.c:545:15: warning[-Wanalyzer-malloc-leak]: leak of ‘f’
audit-userspace-4.1.2/src/auditd-config.c:353:5: enter_function: entry to ‘load_config’
audit-userspace-4.1.2/src/auditd-config.c:370:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/src/auditd-config.c:385:9: branch_false: ...to here
audit-userspace-4.1.2/src/auditd-config.c:387:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/src/auditd-config.c:393:13: branch_false: ...to here
audit-userspace-4.1.2/src/auditd-config.c:393:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/src/auditd-config.c:399:14: branch_false: ...to here
audit-userspace-4.1.2/src/auditd-config.c:399:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/src/auditd-config.c:405:14: branch_false: ...to here
audit-userspace-4.1.2/src/auditd-config.c:405:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/src/auditd-config.c:413:13: branch_false: ...to here
audit-userspace-4.1.2/src/auditd-config.c:413:13: acquire_memory: allocated here
audit-userspace-4.1.2/src/auditd-config.c:414:12: branch_false: following ‘false’ branch (when ‘f’ is non-NULL)...
 branch_false: ...to here
audit-userspace-4.1.2/src/auditd-config.c:421:16: call_function: calling ‘get_line’ from ‘load_config’
audit-userspace-4.1.2/src/auditd-config.c:421:16: return_function: returning to ‘load_config’ from ‘get_line’
audit-userspace-4.1.2/src/auditd-config.c:421:16: branch_true: following ‘true’ branch...
audit-userspace-4.1.2/src/auditd-config.c:425:22: branch_true: ...to here
audit-userspace-4.1.2/src/auditd-config.c:425:22: call_function: calling ‘nv_split’ from ‘load_config’
#  543|   
#  544|   	/* get the value */
#  545|-> 	ptr = audit_strsplit(NULL);
#  546|   	if (ptr == NULL)
#  547|   		return 1;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def215]
audit-userspace-4.1.2/src/auditd-config.c:551:15: warning[-Wanalyzer-malloc-leak]: leak of ‘f’
audit-userspace-4.1.2/src/auditd-config.c:353:5: enter_function: entry to ‘load_config’
audit-userspace-4.1.2/src/auditd-config.c:370:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/src/auditd-config.c:385:9: branch_false: ...to here
audit-userspace-4.1.2/src/auditd-config.c:387:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/src/auditd-config.c:393:13: branch_false: ...to here
audit-userspace-4.1.2/src/auditd-config.c:393:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/src/auditd-config.c:399:14: branch_false: ...to here
audit-userspace-4.1.2/src/auditd-config.c:399:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/src/auditd-config.c:405:14: branch_false: ...to here
audit-userspace-4.1.2/src/auditd-config.c:405:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/src/auditd-config.c:413:13: branch_false: ...to here
audit-userspace-4.1.2/src/auditd-config.c:413:13: acquire_memory: allocated here
audit-userspace-4.1.2/src/auditd-config.c:414:12: branch_false: following ‘false’ branch (when ‘f’ is non-NULL)...
 branch_false: ...to here
audit-userspace-4.1.2/src/auditd-config.c:421:16: call_function: calling ‘get_line’ from ‘load_config’
audit-userspace-4.1.2/src/auditd-config.c:421:16: return_function: returning to ‘load_config’ from ‘get_line’
audit-userspace-4.1.2/src/auditd-config.c:421:16: branch_true: following ‘true’ branch...
audit-userspace-4.1.2/src/auditd-config.c:425:22: branch_true: ...to here
audit-userspace-4.1.2/src/auditd-config.c:425:22: call_function: calling ‘nv_split’ from ‘load_config’
#  549|   
#  550|   	/* See if there's an option */
#  551|-> 	ptr = audit_strsplit(NULL);
#  552|   	if (ptr) {
#  553|   		nv->option = ptr;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def216]
audit-userspace-4.1.2/src/auditd-config.c:556:23: warning[-Wanalyzer-malloc-leak]: leak of ‘f’
audit-userspace-4.1.2/src/auditd-config.c:353:5: enter_function: entry to ‘load_config’
audit-userspace-4.1.2/src/auditd-config.c:370:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/src/auditd-config.c:385:9: branch_false: ...to here
audit-userspace-4.1.2/src/auditd-config.c:387:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/src/auditd-config.c:393:13: branch_false: ...to here
audit-userspace-4.1.2/src/auditd-config.c:393:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/src/auditd-config.c:399:14: branch_false: ...to here
audit-userspace-4.1.2/src/auditd-config.c:399:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/src/auditd-config.c:405:14: branch_false: ...to here
audit-userspace-4.1.2/src/auditd-config.c:405:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/src/auditd-config.c:413:13: branch_false: ...to here
audit-userspace-4.1.2/src/auditd-config.c:413:13: acquire_memory: allocated here
audit-userspace-4.1.2/src/auditd-config.c:414:12: branch_false: following ‘false’ branch (when ‘f’ is non-NULL)...
 branch_false: ...to here
audit-userspace-4.1.2/src/auditd-config.c:421:16: call_function: calling ‘get_line’ from ‘load_config’
audit-userspace-4.1.2/src/auditd-config.c:421:16: return_function: returning to ‘load_config’ from ‘get_line’
audit-userspace-4.1.2/src/auditd-config.c:421:16: branch_true: following ‘true’ branch...
audit-userspace-4.1.2/src/auditd-config.c:425:22: branch_true: ...to here
audit-userspace-4.1.2/src/auditd-config.c:425:22: call_function: calling ‘nv_split’ from ‘load_config’
#  554|   
#  555|   		/* Make sure there's nothing else */
#  556|-> 		ptr = audit_strsplit(NULL);
#  557|   		if (ptr)
#  558|   			return 1;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def217]
audit-userspace-4.1.2/src/auditd-config.c:647:13: warning[-Wanalyzer-malloc-leak]: leak of ‘opendir(dir)’
audit-userspace-4.1.2/src/auditd-config.c:624:12: branch_true: following ‘true’ branch (when ‘tdir’ is non-NULL)...
audit-userspace-4.1.2/src/auditd-config.c:625:23: branch_true: ...to here
audit-userspace-4.1.2/src/auditd-config.c:626:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/src/auditd-config.c:635:13: acquire_memory: allocated here
audit-userspace-4.1.2/src/auditd-config.c:636:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/src/auditd-config.c:642:9: branch_false: ...to here
audit-userspace-4.1.2/src/auditd-config.c:647:13: danger: ‘opendir(dir)’ leaks here; was allocated at [(5)](sarif:/runs/0/results/8/codeFlows/0/threadFlows/0/locations/4)
#  645|   	/* if the file exists, see that its regular, owned by root, 
#  646|   	 * and not world anything */
#  647|-> 	if (log_test == TEST_AUDITD)
#  648|   		mode = O_APPEND;
#  649|   	else

Error: GCC_ANALYZER_WARNING (CWE-401): [#def218]
audit-userspace-4.1.2/src/auditd-config.c:1080:17: warning[-Wanalyzer-malloc-leak]: leak of ‘tmail’
audit-userspace-4.1.2/src/auditd-config.c:1134:12: enter_function: entry to ‘action_mail_acct_parser’
audit-userspace-4.1.2/src/auditd-config.c:1141:17: acquire_memory: allocated here
audit-userspace-4.1.2/src/auditd-config.c:1142:12: branch_false: following ‘false’ branch (when ‘tmail’ is non-NULL)...
audit-userspace-4.1.2/src/auditd-config.c:1145:13: branch_false: ...to here
audit-userspace-4.1.2/src/auditd-config.c:1145:12: branch_true: following ‘true’ branch...
audit-userspace-4.1.2/src/auditd-config.c:1145:37: branch_true: ...to here
audit-userspace-4.1.2/src/auditd-config.c:1145:37: call_function: calling ‘validate_email’ from ‘action_mail_acct_parser’
# 1078|   	len = strlen(acct);
# 1079|   	if (len < 2) {
# 1080|-> 		audit_msg(LOG_ERR,
# 1081|   		    "email: %s is too short, expecting at least 2 characters",
# 1082|   			 acct);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def219]
audit-userspace-4.1.2/src/auditd-config.c:1091:25: warning[-Wanalyzer-malloc-leak]: leak of ‘tmail’
audit-userspace-4.1.2/src/auditd-config.c:1134:12: enter_function: entry to ‘action_mail_acct_parser’
audit-userspace-4.1.2/src/auditd-config.c:1141:17: acquire_memory: allocated here
audit-userspace-4.1.2/src/auditd-config.c:1142:12: branch_false: following ‘false’ branch (when ‘tmail’ is non-NULL)...
audit-userspace-4.1.2/src/auditd-config.c:1145:13: branch_false: ...to here
audit-userspace-4.1.2/src/auditd-config.c:1145:12: branch_true: following ‘true’ branch...
audit-userspace-4.1.2/src/auditd-config.c:1145:37: branch_true: ...to here
audit-userspace-4.1.2/src/auditd-config.c:1145:37: call_function: calling ‘validate_email’ from ‘action_mail_acct_parser’
# 1089|   				(acct[i]=='.') || (acct[i]=='-') ||
# 1090|   				(acct[i] == '_') || (acct[i] == '+')) ) {
# 1091|-> 			audit_msg(LOG_ERR, "email: %s has illegal character",
# 1092|   				acct);
# 1093|   			return 2;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def220]
audit-userspace-4.1.2/src/auditd-config.c:1105:25: warning[-Wanalyzer-malloc-leak]: leak of ‘tmail’
audit-userspace-4.1.2/src/auditd-config.c:1134:12: enter_function: entry to ‘action_mail_acct_parser’
audit-userspace-4.1.2/src/auditd-config.c:1141:17: acquire_memory: allocated here
audit-userspace-4.1.2/src/auditd-config.c:1142:12: branch_false: following ‘false’ branch (when ‘tmail’ is non-NULL)...
audit-userspace-4.1.2/src/auditd-config.c:1145:13: branch_false: ...to here
audit-userspace-4.1.2/src/auditd-config.c:1145:12: branch_true: following ‘true’ branch...
audit-userspace-4.1.2/src/auditd-config.c:1145:37: branch_true: ...to here
audit-userspace-4.1.2/src/auditd-config.c:1145:37: call_function: calling ‘validate_email’ from ‘action_mail_acct_parser’
# 1103|   		ptr2 = strrchr(acct, '.');        // get last dot - sb after @
# 1104|   		if ((ptr2 == NULL) || (ptr1 > ptr2)) {
# 1105|-> 			audit_msg(LOG_ERR, "email: %s should have . after @",
# 1106|   				acct);
# 1107|   			return 2;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def221]
audit-userspace-4.1.2/src/auditd-config.c:1115:23: warning[-Wanalyzer-malloc-leak]: leak of ‘tmail’
audit-userspace-4.1.2/src/auditd-config.c:1134:12: enter_function: entry to ‘action_mail_acct_parser’
audit-userspace-4.1.2/src/auditd-config.c:1141:17: acquire_memory: allocated here
audit-userspace-4.1.2/src/auditd-config.c:1142:12: branch_false: following ‘false’ branch (when ‘tmail’ is non-NULL)...
audit-userspace-4.1.2/src/auditd-config.c:1145:13: branch_false: ...to here
audit-userspace-4.1.2/src/auditd-config.c:1145:12: branch_true: following ‘true’ branch...
audit-userspace-4.1.2/src/auditd-config.c:1145:37: branch_true: ...to here
audit-userspace-4.1.2/src/auditd-config.c:1145:37: call_function: calling ‘validate_email’ from ‘action_mail_acct_parser’
# 1113|   
# 1114|   		h_errno = 0;
# 1115|-> 		rc2 = getaddrinfo(ptr1+1, NULL, &hints, &ai);
# 1116|   		if (rc2 != 0) {
# 1117|   			if ((h_errno == HOST_NOT_FOUND) ||

Error: GCC_ANALYZER_WARNING (CWE-401): [#def222]
audit-userspace-4.1.2/src/auditd-dispatch.c:98:16: warning[-Wanalyzer-malloc-leak]: leak of ‘e’
audit-userspace-4.1.2/src/auditd-dispatch.c:75:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/src/auditd-dispatch.c:79:13: branch_false: ...to here
audit-userspace-4.1.2/src/auditd-dispatch.c:79:13: acquire_memory: allocated here
audit-userspace-4.1.2/src/auditd-dispatch.c:80:12: branch_false: following ‘false’ branch (when ‘e’ is non-NULL)...
audit-userspace-4.1.2/src/auditd-dispatch.c:83:9: branch_false: ...to here
audit-userspace-4.1.2/src/auditd-dispatch.c:88:12: branch_true: following ‘true’ branch (when ‘protocol_ver == 0’)...
audit-userspace-4.1.2/src/auditd-dispatch.c:89:31: branch_true: ...to here
audit-userspace-4.1.2/src/auditd-dispatch.c:98:16: danger: ‘e’ leaks here; was allocated at [(3)](sarif:/runs/0/results/0/codeFlows/0/threadFlows/0/locations/2)
#   96|   		return 0;
#   97|   	}
#   98|-> 	return libdisp_enqueue(e);
#   99|   }
#  100|   

Error: GCC_ANALYZER_WARNING (CWE-401): [#def223]
audit-userspace-4.1.2/src/auditd-event.c:1246:17: warning[-Wanalyzer-malloc-leak]: leak of ‘oldname’
audit-userspace-4.1.2/src/auditd-event.c:833:13: enter_function: entry to ‘check_space_left’
audit-userspace-4.1.2/src/auditd-event.c:842:12: branch_true: following ‘true’ branch (when ‘rc == 0’)...
audit-userspace-4.1.2/src/auditd-event.c:843:21: branch_true: ...to here
audit-userspace-4.1.2/src/auditd-event.c:843:20: branch_true: following ‘true’ branch...
audit-userspace-4.1.2/src/auditd-event.c:845:25: branch_true: ...to here
audit-userspace-4.1.2/src/auditd-event.c:846:25: call_function: calling ‘do_disk_full_action’ from ‘check_space_left’
# 1244|   	newname = (char *)malloc(len);
# 1245|   	if (newname == NULL) { /* Not fatal - just messy */
# 1246|-> 		audit_msg(LOG_ERR, "No memory rotating logs");
# 1247|   		free(oldname);
# 1248|   		logging_suspended = 1;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def224]
audit-userspace-4.1.2/src/auditd-event.c:1288:17: warning[-Wanalyzer-malloc-leak]: leak of ‘oldname’
audit-userspace-4.1.2/src/auditd-event.c:833:13: enter_function: entry to ‘check_space_left’
audit-userspace-4.1.2/src/auditd-event.c:842:12: branch_true: following ‘true’ branch (when ‘rc == 0’)...
audit-userspace-4.1.2/src/auditd-event.c:843:21: branch_true: ...to here
audit-userspace-4.1.2/src/auditd-event.c:843:20: branch_true: following ‘true’ branch...
audit-userspace-4.1.2/src/auditd-event.c:845:25: branch_true: ...to here
audit-userspace-4.1.2/src/auditd-event.c:846:25: call_function: calling ‘do_disk_full_action’ from ‘check_space_left’
# 1286|   		// Likely errors: ENOSPC, ENOMEM, EBUSY
# 1287|   		int saved_errno = errno;
# 1288|-> 		audit_msg(LOG_ERR, "Error rotating logs from %s to %s (%s)",
# 1289|   			config->log_file, newname, strerror(errno));
# 1290|   		if (saved_errno == ENOSPC && fs_space_left == 1) {

Error: GCC_ANALYZER_WARNING (CWE-476): [#def225]
audit-userspace-4.1.2/src/auditd-listen.c:515:17: warning[-Wanalyzer-possible-null-dereference]: dereference of possibly-NULL ‘utok.value’
audit-userspace-4.1.2/src/auditd-listen.c:513:30: acquire_memory: this call could return NULL
audit-userspace-4.1.2/src/auditd-listen.c:515:17: danger: ‘malloc((long unsigned int)(mlen + 16) + 1)’ could be NULL: unchecked value from [(1)](sarif:/runs/0/results/0/codeFlows/0/threadFlows/0/locations/0)
#  513|   		utok.value = malloc(utok.length + 1);
#  514|   
#  515|-> 		memcpy(utok.value, header, AUDIT_RMW_HEADER_SIZE);
#  516|   		memcpy(utok.value+AUDIT_RMW_HEADER_SIZE, msg, mlen);
#  517|   

Error: GCC_ANALYZER_WARNING (CWE-401): [#def226]
audit-userspace-4.1.2/src/auditd-listen.c:522:32: warning[-Wanalyzer-malloc-leak]: leak of ‘utok.value’
audit-userspace-4.1.2/src/auditd-listen.c:513:30: acquire_memory: allocated here
audit-userspace-4.1.2/src/auditd-listen.c:522:32: danger: ‘utok.value’ leaks here; was allocated at [(1)](sarif:/runs/0/results/1/codeFlows/0/threadFlows/0/locations/0)
#  520|   		   the token.  */
#  521|   
#  522|-> 		major_status = gss_wrap(&minor_status,
#  523|   					 io->gss_context,
#  524|   					 1,

Error: GCC_ANALYZER_WARNING (CWE-401): [#def227]
audit-userspace-4.1.2/src/auditd-reconfig.c:109:17: warning[-Wanalyzer-malloc-leak]: leak of ‘new_config.sender_ctx’
audit-userspace-4.1.2/src/auditd-reconfig.c:97:12: branch_true: following ‘true’ branch...
audit-userspace-4.1.2/src/auditd-reconfig.c:99:41: branch_true: ...to here
audit-userspace-4.1.2/src/auditd-reconfig.c:101:20: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/src/auditd-reconfig.c:105:49: branch_false: ...to here
audit-userspace-4.1.2/src/auditd-reconfig.c:105:49: acquire_memory: allocated here
audit-userspace-4.1.2/src/auditd-reconfig.c:109:17: danger: ‘new_config.sender_ctx’ leaks here; was allocated at [(5)](sarif:/runs/0/results/0/codeFlows/0/threadFlows/0/locations/4)
#  107|   		e->reply.conf = (struct daemon_conf *)e->reply.msg.data;
#  108|   		e->reply.type = AUDIT_DAEMON_RECONFIG;
#  109|-> 		reconfig_ready();
#  110|   	} else {
#  111|   		// need to send a failed event message

Error: GCC_ANALYZER_WARNING (CWE-775): [#def228]
audit-userspace-4.1.2/src/auditd-sendmail.c:87:17: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘pipe_fd[0]’
audit-userspace-4.1.2/src/auditd-sendmail.c:79:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/src/auditd-sendmail.c:85:16: branch_false: ...to here
audit-userspace-4.1.2/src/auditd-sendmail.c:86:12: branch_true: following ‘true’ branch...
audit-userspace-4.1.2/src/auditd-sendmail.c:87:17: branch_true: ...to here
audit-userspace-4.1.2/src/auditd-sendmail.c:87:17: danger: ‘pipe_fd[0]’ leaks here
#   85|   	*pid = fork();
#   86|   	if (*pid < 0) {
#   87|-> 		close(pipe_fd[0]);
#   88|   		close(pipe_fd[1]);
#   89|   		audit_msg(LOG_ALERT,

Error: GCC_ANALYZER_WARNING (CWE-775): [#def229]
audit-userspace-4.1.2/src/auditd-sendmail.c:87:17: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘pipe_fd[1]’
audit-userspace-4.1.2/src/auditd-sendmail.c:79:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/src/auditd-sendmail.c:85:16: branch_false: ...to here
audit-userspace-4.1.2/src/auditd-sendmail.c:86:12: branch_true: following ‘true’ branch...
audit-userspace-4.1.2/src/auditd-sendmail.c:87:17: branch_true: ...to here
audit-userspace-4.1.2/src/auditd-sendmail.c:87:17: danger: ‘pipe_fd[1]’ leaks here
#   85|   	*pid = fork();
#   86|   	if (*pid < 0) {
#   87|-> 		close(pipe_fd[0]);
#   88|   		close(pipe_fd[1]);
#   89|   		audit_msg(LOG_ALERT,

Error: GCC_ANALYZER_WARNING (CWE-775): [#def230]
audit-userspace-4.1.2/src/auditd-sendmail.c:88:17: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘pipe_fd[1]’
audit-userspace-4.1.2/src/auditd-sendmail.c:79:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/src/auditd-sendmail.c:85:16: branch_false: ...to here
audit-userspace-4.1.2/src/auditd-sendmail.c:86:12: branch_true: following ‘true’ branch...
audit-userspace-4.1.2/src/auditd-sendmail.c:87:17: branch_true: ...to here
audit-userspace-4.1.2/src/auditd-sendmail.c:88:17: danger: ‘pipe_fd[1]’ leaks here
#   86|   	if (*pid < 0) {
#   87|   		close(pipe_fd[0]);
#   88|-> 		close(pipe_fd[1]);
#   89|   		audit_msg(LOG_ALERT,
#   90|   		    "Audit daemon failed to fork while sending email alert");

Error: GCC_ANALYZER_WARNING (CWE-775): [#def231]
audit-userspace-4.1.2/src/auditd-sendmail.c:94:17: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘pipe_fd[0]’
audit-userspace-4.1.2/src/auditd-sendmail.c:79:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/src/auditd-sendmail.c:85:16: branch_false: ...to here
audit-userspace-4.1.2/src/auditd-sendmail.c:86:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/src/auditd-sendmail.c:93:12: branch_false: ...to here
audit-userspace-4.1.2/src/auditd-sendmail.c:93:12: branch_true: following ‘true’ branch...
audit-userspace-4.1.2/src/auditd-sendmail.c:94:17: branch_true: ...to here
audit-userspace-4.1.2/src/auditd-sendmail.c:94:17: danger: ‘pipe_fd[0]’ leaks here
#   92|   	}
#   93|   	if (*pid) {       /* Parent */
#   94|-> 		close(pipe_fd[0]);	// adjust pipe
#   95|   		return pipe_fd[1];
#   96|   	}

Error: GCC_ANALYZER_WARNING (CWE-775): [#def232]
audit-userspace-4.1.2/src/auditd-sendmail.c:94:17: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘pipe_fd[1]’
audit-userspace-4.1.2/src/auditd-sendmail.c:79:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/src/auditd-sendmail.c:85:16: branch_false: ...to here
audit-userspace-4.1.2/src/auditd-sendmail.c:86:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/src/auditd-sendmail.c:93:12: branch_false: ...to here
audit-userspace-4.1.2/src/auditd-sendmail.c:93:12: branch_true: following ‘true’ branch...
audit-userspace-4.1.2/src/auditd-sendmail.c:94:17: branch_true: ...to here
audit-userspace-4.1.2/src/auditd-sendmail.c:94:17: danger: ‘pipe_fd[1]’ leaks here
#   92|   	}
#   93|   	if (*pid) {       /* Parent */
#   94|-> 		close(pipe_fd[0]);	// adjust pipe
#   95|   		return pipe_fd[1];
#   96|   	}

Error: GCC_ANALYZER_WARNING (CWE-775): [#def233]
audit-userspace-4.1.2/src/auditd-sendmail.c:101:9: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘pipe_fd[0]’
audit-userspace-4.1.2/src/auditd-sendmail.c:79:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/src/auditd-sendmail.c:85:16: branch_false: ...to here
audit-userspace-4.1.2/src/auditd-sendmail.c:86:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/src/auditd-sendmail.c:93:12: branch_false: ...to here
audit-userspace-4.1.2/src/auditd-sendmail.c:93:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/src/auditd-sendmail.c:98:9: branch_false: ...to here
audit-userspace-4.1.2/src/auditd-sendmail.c:101:9: danger: ‘pipe_fd[0]’ leaks here
#   99|   	sigprocmask (SIG_UNBLOCK, &sa.sa_mask, 0);
#  100|   
#  101|-> 	close(pipe_fd[1]);	// adjust pipe
#  102|   	dup2(pipe_fd[0], 0);
#  103|   

Error: GCC_ANALYZER_WARNING (CWE-775): [#def234]
audit-userspace-4.1.2/src/auditd-sendmail.c:101:9: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘pipe_fd[1]’
audit-userspace-4.1.2/src/auditd-sendmail.c:79:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/src/auditd-sendmail.c:85:16: branch_false: ...to here
audit-userspace-4.1.2/src/auditd-sendmail.c:86:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/src/auditd-sendmail.c:93:12: branch_false: ...to here
audit-userspace-4.1.2/src/auditd-sendmail.c:93:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/src/auditd-sendmail.c:98:9: branch_false: ...to here
audit-userspace-4.1.2/src/auditd-sendmail.c:101:9: danger: ‘pipe_fd[1]’ leaks here
#   99|   	sigprocmask (SIG_UNBLOCK, &sa.sa_mask, 0);
#  100|   
#  101|-> 	close(pipe_fd[1]);	// adjust pipe
#  102|   	dup2(pipe_fd[0], 0);
#  103|   

Error: GCC_ANALYZER_WARNING (CWE-775): [#def235]
audit-userspace-4.1.2/src/auditd-sendmail.c:113:9: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘pipe_fd[0]’
audit-userspace-4.1.2/src/auditd-sendmail.c:79:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/src/auditd-sendmail.c:85:16: branch_false: ...to here
audit-userspace-4.1.2/src/auditd-sendmail.c:86:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/src/auditd-sendmail.c:93:12: branch_false: ...to here
audit-userspace-4.1.2/src/auditd-sendmail.c:93:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/src/auditd-sendmail.c:98:9: branch_false: ...to here
audit-userspace-4.1.2/src/auditd-sendmail.c:113:9: danger: ‘pipe_fd[0]’ leaks here
#  111|   	argv[3] = NULL;
#  112|   	execve(email_command, argv, NULL);
#  113|-> 	audit_msg(LOG_ALERT, "Audit daemon failed to exec %s", email_command);
#  114|   	exit(1);
#  115|   }

Error: GCC_ANALYZER_WARNING (CWE-775): [#def236]
audit-userspace-4.1.2/src/auditd.c:243:25: warning[-Wanalyzer-file-leak]: leak of FILE ‘fopen(state_file, "w")’
audit-userspace-4.1.2/src/auditd.c:235:19: acquire_resource: opened here
audit-userspace-4.1.2/src/auditd.c:237:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/src/auditd.c:240:21: branch_false: ...to here
audit-userspace-4.1.2/src/auditd.c:241:12: branch_true: following ‘true’ branch (when ‘sr_fd > 0’)...
audit-userspace-4.1.2/src/auditd.c:242:38: branch_true: ...to here
audit-userspace-4.1.2/src/auditd.c:242:20: branch_true: following ‘true’ branch...
audit-userspace-4.1.2/src/auditd.c:245:38: branch_true: ...to here
audit-userspace-4.1.2/src/auditd.c:243:25: danger: ‘fopen(state_file, "w")’ leaks here; was opened at [(1)](sarif:/runs/0/results/0/codeFlows/0/threadFlows/0/locations/0)
#  241|   	if (sr_fd > 0)
#  242|   		if (fchown(sr_fd, 0, config.log_group)) {
#  243|-> 			audit_msg(LOG_INFO,
#  244|   			    "fchown on state report failed (%s) continuing",
#  245|   			    strerror(errno));

Error: GCC_ANALYZER_WARNING (CWE-401): [#def237]
audit-userspace-4.1.2/src/auditd.c:243:25: warning[-Wanalyzer-malloc-leak]: leak of ‘fopen(state_file, "w")’
audit-userspace-4.1.2/src/auditd.c:235:19: acquire_memory: allocated here
audit-userspace-4.1.2/src/auditd.c:237:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/src/auditd.c:240:21: branch_false: ...to here
audit-userspace-4.1.2/src/auditd.c:241:12: branch_true: following ‘true’ branch (when ‘sr_fd > 0’)...
audit-userspace-4.1.2/src/auditd.c:242:38: branch_true: ...to here
audit-userspace-4.1.2/src/auditd.c:242:20: branch_true: following ‘true’ branch...
audit-userspace-4.1.2/src/auditd.c:245:38: branch_true: ...to here
audit-userspace-4.1.2/src/auditd.c:243:25: danger: ‘fopen(state_file, "w")’ leaks here; was allocated at [(1)](sarif:/runs/0/results/1/codeFlows/0/threadFlows/0/locations/0)
#  241|   	if (sr_fd > 0)
#  242|   		if (fchown(sr_fd, 0, config.log_group)) {
#  243|-> 			audit_msg(LOG_INFO,
#  244|   			    "fchown on state report failed (%s) continuing",
#  245|   			    strerror(errno));

Error: GCC_ANALYZER_WARNING (CWE-775): [#def238]
audit-userspace-4.1.2/src/auditd.c:252:9: warning[-Wanalyzer-file-leak]: leak of FILE ‘fopen(state_file, "w")’
audit-userspace-4.1.2/src/auditd.c:235:19: acquire_resource: opened here
audit-userspace-4.1.2/src/auditd.c:237:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/src/auditd.c:240:21: branch_false: ...to here
audit-userspace-4.1.2/src/auditd.c:252:9: danger: ‘fopen(state_file, "w")’ leaks here; was opened at [(1)](sarif:/runs/0/results/2/codeFlows/0/threadFlows/0/locations/0)
#  250|   	fprintf(f, "current time = %s\n", buf);
#  251|   	fprintf(f, "process priority = %d\n", getpriority(PRIO_PROCESS, 0));
#  252|-> 	write_logging_state(f);
#  253|   	libdisp_write_queue_state(f);
#  254|   #ifdef USE_LISTENER

Error: GCC_ANALYZER_WARNING (CWE-401): [#def239]
audit-userspace-4.1.2/src/auditd.c:252:9: warning[-Wanalyzer-malloc-leak]: leak of ‘fopen(state_file, "w")’
audit-userspace-4.1.2/src/auditd.c:235:19: acquire_memory: allocated here
audit-userspace-4.1.2/src/auditd.c:237:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/src/auditd.c:240:21: branch_false: ...to here
audit-userspace-4.1.2/src/auditd.c:252:9: danger: ‘fopen(state_file, "w")’ leaks here; was allocated at [(1)](sarif:/runs/0/results/3/codeFlows/0/threadFlows/0/locations/0)
#  250|   	fprintf(f, "current time = %s\n", buf);
#  251|   	fprintf(f, "process priority = %d\n", getpriority(PRIO_PROCESS, 0));
#  252|-> 	write_logging_state(f);
#  253|   	libdisp_write_queue_state(f);
#  254|   #ifdef USE_LISTENER

Error: GCC_ANALYZER_WARNING (CWE-775): [#def240]
audit-userspace-4.1.2/src/auditd.c:472:14: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘oomfd’
audit-userspace-4.1.2/src/auditd.c:460:22: acquire_resource: opened here
audit-userspace-4.1.2/src/auditd.c:460:12: branch_true: following ‘true’ branch...
audit-userspace-4.1.2/src/auditd.c:471:15: branch_true: ...to here
audit-userspace-4.1.2/src/auditd.c:472:14: danger: ‘oomfd’ leaks here; was opened at [(1)](sarif:/runs/0/results/4/codeFlows/0/threadFlows/0/locations/0)
#  470|   
#  471|   	len = strlen(score);
#  472|-> 	rc = write(oomfd, score, len);
#  473|   	if (rc != len)
#  474|   		audit_msg(LOG_NOTICE, "Unable to adjust out of memory score");

Error: GCC_ANALYZER_WARNING (CWE-775): [#def241]
audit-userspace-4.1.2/src/auditd.c:474:17: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘oomfd’
audit-userspace-4.1.2/src/auditd.c:460:22: acquire_resource: opened here
audit-userspace-4.1.2/src/auditd.c:460:12: branch_true: following ‘true’ branch...
audit-userspace-4.1.2/src/auditd.c:471:15: branch_true: ...to here
audit-userspace-4.1.2/src/auditd.c:473:12: branch_true: following ‘true’ branch (when ‘len != rc’)...
audit-userspace-4.1.2/src/auditd.c:474:17: branch_true: ...to here
audit-userspace-4.1.2/src/auditd.c:474:17: danger: ‘oomfd’ leaks here; was opened at [(1)](sarif:/runs/0/results/5/codeFlows/0/threadFlows/0/locations/0)
#  472|   	rc = write(oomfd, score, len);
#  473|   	if (rc != len)
#  474|-> 		audit_msg(LOG_NOTICE, "Unable to adjust out of memory score");
#  475|   
#  476|   	close(oomfd);

Error: GCC_ANALYZER_WARNING (CWE-775): [#def242]
audit-userspace-4.1.2/src/auditd.c:476:9: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘oomfd’
audit-userspace-4.1.2/src/auditd.c:460:22: acquire_resource: opened here
audit-userspace-4.1.2/src/auditd.c:460:12: branch_true: following ‘true’ branch...
audit-userspace-4.1.2/src/auditd.c:471:15: branch_true: ...to here
audit-userspace-4.1.2/src/auditd.c:476:9: danger: ‘oomfd’ leaks here; was opened at [(1)](sarif:/runs/0/results/6/codeFlows/0/threadFlows/0/locations/0)
#  474|   		audit_msg(LOG_NOTICE, "Unable to adjust out of memory score");
#  475|   
#  476|-> 	close(oomfd);
#  477|   }
#  478|   

Error: GCC_ANALYZER_WARNING (CWE-775): [#def243]
audit-userspace-4.1.2/src/auditd.c:516:28: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘dup2(open("/dev/null", 2), 0)’
audit-userspace-4.1.2/src/auditd.c:512:28: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/src/auditd.c:516:30: branch_false: ...to here
audit-userspace-4.1.2/src/auditd.c:516:30: acquire_resource: opened here
audit-userspace-4.1.2/src/auditd.c:516:28: danger: ‘dup2(open("/dev/null", 2), 0)’ leaks here; was opened at [(3)](sarif:/runs/0/results/7/codeFlows/0/threadFlows/0/locations/2)
#  514|   				return -1;
#  515|   			}
#  516|-> 			if ((dup2(nfd, 0) < 0) || (dup2(nfd, 1) < 0) ||
#  517|   							(dup2(nfd, 2) < 0)) {
#  518|   				audit_msg(LOG_ERR,

Error: GCC_ANALYZER_WARNING (CWE-775): [#def244]
audit-userspace-4.1.2/src/auditd.c:516:29: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘dup2(open("/dev/null", 2), 1)’
audit-userspace-4.1.2/src/auditd.c:512:28: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/src/auditd.c:516:30: branch_false: ...to here
audit-userspace-4.1.2/src/auditd.c:516:28: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/src/auditd.c:516:52: branch_false: ...to here
audit-userspace-4.1.2/src/auditd.c:516:52: acquire_resource: opened here
audit-userspace-4.1.2/src/auditd.c:516:29: danger: ‘dup2(open("/dev/null", 2), 1)’ leaks here; was opened at [(5)](sarif:/runs/0/results/8/codeFlows/0/threadFlows/0/locations/4)
#  514|   				return -1;
#  515|   			}
#  516|-> 			if ((dup2(nfd, 0) < 0) || (dup2(nfd, 1) < 0) ||
#  517|   							(dup2(nfd, 2) < 0)) {
#  518|   				audit_msg(LOG_ERR,

Error: GCC_ANALYZER_WARNING (CWE-775): [#def245]
audit-userspace-4.1.2/src/auditd.c:516:29: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘dup2(open("/dev/null", 2), 2)’
audit-userspace-4.1.2/src/auditd.c:512:28: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/src/auditd.c:516:30: branch_false: ...to here
audit-userspace-4.1.2/src/auditd.c:516:28: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/src/auditd.c:517:58: acquire_resource: opened here
audit-userspace-4.1.2/src/auditd.c:516:29: danger: ‘dup2(open("/dev/null", 2), 2)’ leaks here; was opened at [(5)](sarif:/runs/0/results/9/codeFlows/0/threadFlows/0/locations/4)
#  514|   				return -1;
#  515|   			}
#  516|-> 			if ((dup2(nfd, 0) < 0) || (dup2(nfd, 1) < 0) ||
#  517|   							(dup2(nfd, 2) < 0)) {
#  518|   				audit_msg(LOG_ERR,

Error: GCC_ANALYZER_WARNING (CWE-775): [#def246]
audit-userspace-4.1.2/src/auditd.c:518:33: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘open("/dev/null", 2)’
audit-userspace-4.1.2/src/auditd.c:511:31: acquire_resource: opened here
audit-userspace-4.1.2/src/auditd.c:512:28: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/src/auditd.c:516:30: branch_false: ...to here
audit-userspace-4.1.2/src/auditd.c:518:33: danger: ‘open("/dev/null", 2)’ leaks here; was opened at [(1)](sarif:/runs/0/results/10/codeFlows/0/threadFlows/0/locations/0)
#  516|   			if ((dup2(nfd, 0) < 0) || (dup2(nfd, 1) < 0) ||
#  517|   							(dup2(nfd, 2) < 0)) {
#  518|-> 				audit_msg(LOG_ERR,
#  519|   				    "Cannot reassign descriptors to /dev/null");
#  520|   				close(nfd);

Error: GCC_ANALYZER_WARNING (CWE-775): [#def247]
audit-userspace-4.1.2/src/auditd.c:520:33: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘open("/dev/null", 2)’
audit-userspace-4.1.2/src/auditd.c:511:31: acquire_resource: opened here
audit-userspace-4.1.2/src/auditd.c:512:28: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/src/auditd.c:516:30: branch_false: ...to here
audit-userspace-4.1.2/src/auditd.c:520:33: danger: ‘open("/dev/null", 2)’ leaks here; was opened at [(1)](sarif:/runs/0/results/11/codeFlows/0/threadFlows/0/locations/0)
#  518|   				audit_msg(LOG_ERR,
#  519|   				    "Cannot reassign descriptors to /dev/null");
#  520|-> 				close(nfd);
#  521|   				return -1;
#  522|   			}

Error: GCC_ANALYZER_WARNING (CWE-775): [#def248]
audit-userspace-4.1.2/src/auditd.c:526:30: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘open("/dev/null", 2)’
audit-userspace-4.1.2/src/auditd.c:511:31: acquire_resource: opened here
audit-userspace-4.1.2/src/auditd.c:512:28: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/src/auditd.c:516:30: branch_false: ...to here
audit-userspace-4.1.2/src/auditd.c:516:28: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/src/auditd.c:526:30: danger: ‘open("/dev/null", 2)’ leaks here; was opened at [(1)](sarif:/runs/0/results/12/codeFlows/0/threadFlows/0/locations/0)
#  524|   
#  525|   			/* Change to '/' */
#  526|-> 			rc = chdir("/");
#  527|   			if (rc < 0) {
#  528|   				audit_msg(LOG_ERR,

Error: GCC_ANALYZER_WARNING (CWE-775): [#def249]
audit-userspace-4.1.2/src/auditd.c:1245:11: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘open(&filename, 0)’
audit-userspace-4.1.2/src/auditd.c:1236:15: acquire_resource: opened here
audit-userspace-4.1.2/src/auditd.c:1237:11: branch_false: following ‘false’ branch...
 branch_false: ...to here
audit-userspace-4.1.2/src/auditd.c:1245:11: danger: ‘open(&filename, 0)’ leaks here; was opened at [(1)](sarif:/runs/0/results/13/codeFlows/0/threadFlows/0/locations/0)
# 1243|   	} while (num_read < 0 && errno == EINTR);
# 1244|   	close(sfd);
# 1245|-> 	if(num_read <= 0) {
# 1246|   		dsubj[0] = 0;
# 1247|   		return NULL;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def250]
audit-userspace-4.1.2/src/aureport-options.c:699:33: warning[-Wanalyzer-malloc-leak]: leak of ‘sn.str’
audit-userspace-4.1.2/src/aureport-options.c:246:5: enter_function: entry to ‘check_params’
audit-userspace-4.1.2/src/aureport-options.c:252:16: branch_true: following ‘true’ branch...
audit-userspace-4.1.2/src/aureport-options.c:254:21: branch_true: ...to here
audit-userspace-4.1.2/src/aureport-options.c:254:20: branch_true: following ‘true’ branch...
audit-userspace-4.1.2/src/aureport-options.c:255:34: branch_true: ...to here
audit-userspace-4.1.2/src/aureport-options.c:255:28: branch_true: following ‘true’ branch...
audit-userspace-4.1.2/src/aureport-options.c:262:49: branch_true: ...to here
audit-userspace-4.1.2/src/aureport-options.c:262:25: call_function: calling ‘audit_lookup_option’ from ‘check_params’
audit-userspace-4.1.2/src/aureport-options.c:262:25: return_function: returning to ‘check_params’ from ‘audit_lookup_option’
audit-userspace-4.1.2/src/aureport-options.c:678:28: branch_false: following ‘false’ branch (when ‘optarg’ is non-NULL)...
audit-userspace-4.1.2/src/aureport-options.c:687:37: branch_false: ...to here
audit-userspace-4.1.2/src/aureport-options.c:696:42: acquire_memory: allocated here
audit-userspace-4.1.2/src/aureport-options.c:699:33: danger: ‘sn.str’ leaks here; was allocated at [(17)](sarif:/runs/0/results/0/codeFlows/0/threadFlows/0/locations/16)
#  697|   				sn.key = NULL;
#  698|   				sn.hits=0;
#  699|-> 				slist_append(event_node_list, &sn);
#  700|   			}
#  701|   			break;

Error: GCC_ANALYZER_WARNING (CWE-688): [#def251]
audit-userspace-4.1.2/src/aureport.c:193:15: warning[-Wanalyzer-possible-null-argument]: use of possibly-NULL ‘config.log_file’ where non-null expected
audit-userspace-4.1.2/src/aureport.c:179:12: branch_true: following ‘true’ branch...
audit-userspace-4.1.2/src/aureport.c:189:33: acquire_memory: this call could return NULL
audit-userspace-4.1.2/src/aureport.c:193:15: danger: argument 1 (‘config.log_file’) from [(4)](sarif:/runs/0/results/0/codeFlows/0/threadFlows/0/locations/3) could be NULL where non-null expected
#argument 1 of ‘__builtin_strlen’ must be non-null
#  191|   	}
#  192|   
#  193|-> 	len = strlen(config.log_file) + 16;
#  194|   	filename = malloc(len);
#  195|   	if (!filename) {

Error: GCC_ANALYZER_WARNING (CWE-401): [#def252]
audit-userspace-4.1.2/src/aureport.c:202:13: warning[-Wanalyzer-malloc-leak]: leak of ‘filename’
audit-userspace-4.1.2/src/aureport.c:194:20: acquire_memory: allocated here
audit-userspace-4.1.2/src/aureport.c:195:12: branch_false: following ‘false’ branch (when ‘filename’ is non-NULL)...
audit-userspace-4.1.2/src/aureport.c:202:13: branch_false: ...to here
audit-userspace-4.1.2/src/aureport.c:202:13: danger: ‘filename’ leaks here; was allocated at [(1)](sarif:/runs/0/results/1/codeFlows/0/threadFlows/0/locations/0)
#  200|   
#  201|   	/* Count the logs */
#  202|-> 	if (audit_log_list(config.log_file, &logs, &log_cnt)) {
#  203|   		fprintf(stderr, "No memory\n");
#  204|   		free(filename);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def253]
audit-userspace-4.1.2/src/aureport.c:218:28: warning[-Wanalyzer-malloc-leak]: leak of ‘filename’
audit-userspace-4.1.2/src/aureport.c:194:20: acquire_memory: allocated here
audit-userspace-4.1.2/src/aureport.c:195:12: branch_false: following ‘false’ branch (when ‘filename’ is non-NULL)...
audit-userspace-4.1.2/src/aureport.c:202:13: branch_false: ...to here
audit-userspace-4.1.2/src/aureport.c:202:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/src/aureport.c:209:13: branch_false: ...to here
audit-userspace-4.1.2/src/aureport.c:209:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/src/aureport.c:218:28: branch_false: ...to here
audit-userspace-4.1.2/src/aureport.c:218:28: danger: ‘filename’ leaks here; was allocated at [(1)](sarif:/runs/0/results/2/codeFlows/0/threadFlows/0/locations/0)
#  216|   
#  217|   	/* Locate the starting file that is in range */
#  218|-> 	files_to_process = audit_log_find_start(logs, log_cnt, start_time);
#  219|   	audit_log_free(logs, log_cnt);
#  220|   

Error: GCC_ANALYZER_WARNING (CWE-401): [#def254]
audit-userspace-4.1.2/src/aureport.c:219:9: warning[-Wanalyzer-malloc-leak]: leak of ‘filename’
audit-userspace-4.1.2/src/aureport.c:194:20: acquire_memory: allocated here
audit-userspace-4.1.2/src/aureport.c:195:12: branch_false: following ‘false’ branch (when ‘filename’ is non-NULL)...
audit-userspace-4.1.2/src/aureport.c:202:13: branch_false: ...to here
audit-userspace-4.1.2/src/aureport.c:202:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/src/aureport.c:209:13: branch_false: ...to here
audit-userspace-4.1.2/src/aureport.c:209:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/src/aureport.c:218:28: branch_false: ...to here
audit-userspace-4.1.2/src/aureport.c:219:9: danger: ‘filename’ leaks here; was allocated at [(1)](sarif:/runs/0/results/3/codeFlows/0/threadFlows/0/locations/0)
#  217|   	/* Locate the starting file that is in range */
#  218|   	files_to_process = audit_log_find_start(logs, log_cnt, start_time);
#  219|-> 	audit_log_free(logs, log_cnt);
#  220|   
#  221|   	/* Got it, now process logs from last to first */

Error: GCC_ANALYZER_WARNING (CWE-401): [#def255]
audit-userspace-4.1.2/src/aureport.c:372:29: warning[-Wanalyzer-malloc-leak]: leak of ‘buff’
audit-userspace-4.1.2/src/aureport.c:360:12: branch_false: following ‘false’ branch...
 branch_false: ...to here
audit-userspace-4.1.2/src/aureport.c:364:20: branch_true: following ‘true’ branch (when ‘buff’ is NULL)...
audit-userspace-4.1.2/src/aureport.c:365:32: branch_true: ...to here
audit-userspace-4.1.2/src/aureport.c:365:32: acquire_memory: allocated here
audit-userspace-4.1.2/src/aureport.c:366:28: branch_false: following ‘false’ branch (when ‘buff’ is non-NULL)...
audit-userspace-4.1.2/src/aureport.c:369:22: branch_false: ...to here
audit-userspace-4.1.2/src/aureport.c:371:20: branch_true: following ‘true’ branch...
audit-userspace-4.1.2/src/aureport.c:372:29: branch_true: ...to here
audit-userspace-4.1.2/src/aureport.c:372:29: danger: ‘buff’ leaks here; was allocated at [(5)](sarif:/runs/0/results/4/codeFlows/0/threadFlows/0/locations/4)
#  370|   					log_fd);
#  371|   		if (rc) {
#  372|-> 			if (lol_add_record(&lo, buff)) {
#  373|   				*l = get_ready_event(&lo);
#  374|   				if (*l)

Error: GCC_ANALYZER_WARNING (CWE-401): [#def256]
audit-userspace-4.1.2/src/ausearch-lookup.c:251:13: warning[-Wanalyzer-malloc-leak]: leak of ‘nv.name’
audit-userspace-4.1.2/src/ausearch-lookup.c:217:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/src/ausearch-lookup.c:221:12: branch_false: ...to here
audit-userspace-4.1.2/src/ausearch-lookup.c:221:12: branch_false: following ‘false’ branch (when ‘uid != 4294967295’)...
audit-userspace-4.1.2/src/ausearch-lookup.c:226:16: branch_false: ...to here
audit-userspace-4.1.2/src/ausearch-lookup.c:227:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/src/ausearch-lookup.c:234:13: branch_false: ...to here
audit-userspace-4.1.2/src/ausearch-lookup.c:240:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/src/ausearch-lookup.c:246:22: branch_false: ...to here
audit-userspace-4.1.2/src/ausearch-lookup.c:247:20: branch_true: following ‘true’ branch...
audit-userspace-4.1.2/src/ausearch-lookup.c:249:42: branch_true: ...to here
audit-userspace-4.1.2/src/ausearch-lookup.c:249:35: acquire_memory: allocated here
audit-userspace-4.1.2/src/ausearch-lookup.c:251:13: danger: ‘nv.name’ leaks here; was allocated at [(11)](sarif:/runs/0/results/0/codeFlows/0/threadFlows/0/locations/10)
#  249|   			nv.name = strdup(pw->pw_name);
#  250|   			nv.val = uid;
#  251|->             search_list_append(&uid_nvl, &nv);
#  252|   			name = uid_nvl.cur->name;
#  253|   		}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def257]
audit-userspace-4.1.2/src/ausearch-options.c:786:33: warning[-Wanalyzer-malloc-leak]: leak of ‘sn.str’
audit-userspace-4.1.2/src/ausearch-options.c:309:5: enter_function: entry to ‘check_params’
audit-userspace-4.1.2/src/ausearch-options.c:315:12: branch_false: following ‘false’ branch (when ‘count > 1’)...
 branch_false: ...to here
audit-userspace-4.1.2/src/ausearch-options.c:319:16: branch_true: following ‘true’ branch...
audit-userspace-4.1.2/src/ausearch-options.c:321:21: branch_true: ...to here
audit-userspace-4.1.2/src/ausearch-options.c:321:20: branch_true: following ‘true’ branch...
audit-userspace-4.1.2/src/ausearch-options.c:322:34: branch_true: ...to here
audit-userspace-4.1.2/src/ausearch-options.c:322:28: branch_true: following ‘true’ branch...
audit-userspace-4.1.2/src/ausearch-options.c:329:49: branch_true: ...to here
audit-userspace-4.1.2/src/ausearch-options.c:329:25: call_function: calling ‘audit_lookup_option’ from ‘check_params’
audit-userspace-4.1.2/src/ausearch-options.c:329:25: return_function: returning to ‘check_params’ from ‘audit_lookup_option’
audit-userspace-4.1.2/src/ausearch-options.c:765:28: branch_false: following ‘false’ branch (when ‘optarg’ is non-NULL)...
audit-userspace-4.1.2/src/ausearch-options.c:774:37: branch_false: ...to here
audit-userspace-4.1.2/src/ausearch-options.c:783:42: acquire_memory: allocated here
audit-userspace-4.1.2/src/ausearch-options.c:786:33: danger: ‘sn.str’ leaks here; was allocated at [(19)](sarif:/runs/0/results/0/codeFlows/0/threadFlows/0/locations/18)
#  784|   				sn.key = NULL;
#  785|   				sn.hits=0;
#  786|-> 				slist_append(event_node_list, &sn);
#  787|   			}
#  788|   			break;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def258]
audit-userspace-4.1.2/src/ausearch-parse.c:77:17: warning[-Wanalyzer-malloc-leak]: leak of ‘an.avc_class’
audit-userspace-4.1.2/src/ausearch-parse.c:1950:12: enter_function: entry to ‘parse_avc’
audit-userspace-4.1.2/src/ausearch-parse.c:1961:12: branch_false: following ‘false’ branch (when ‘str’ is NULL)...
audit-userspace-4.1.2/src/ausearch-parse.c:1996:1: branch_false: ...to here
audit-userspace-4.1.2/src/ausearch-parse.c:1998:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/src/ausearch-parse.c:2012:13: branch_false: ...to here
audit-userspace-4.1.2/src/ausearch-parse.c:2113:12: branch_false: following ‘false’ branch (when ‘str’ is non-NULL)...
audit-userspace-4.1.2/src/ausearch-parse.c:2117:9: branch_false: ...to here
audit-userspace-4.1.2/src/ausearch-parse.c:2119:12: branch_false: following ‘false’ branch (when ‘term’ is NULL)...
audit-userspace-4.1.2/src/ausearch-parse.c:2121:24: branch_false: ...to here
audit-userspace-4.1.2/src/ausearch-parse.c:2121:24: acquire_memory: allocated here
audit-userspace-4.1.2/src/ausearch-parse.c:2122:12: branch_false: following ‘false’ branch (when ‘term’ is NULL)...
audit-userspace-4.1.2/src/ausearch-parse.c:2126:13: branch_false: ...to here
audit-userspace-4.1.2/src/ausearch-parse.c:2126:13: call_function: calling ‘audit_avc_init’ from ‘parse_avc’
#   75|   		if (s->avc == NULL)
#   76|   			return -1;
#   77|-> 		alist_create(s->avc);
#   78|   	}
#   79|   	return 0;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def259]
audit-userspace-4.1.2/src/ausearch-parse.c:252:13: warning[-Wanalyzer-malloc-leak]: leak of ‘nv.name’
audit-userspace-4.1.2/src/ausearch-parse.c:230:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/src/ausearch-parse.c:232:12: branch_false: ...to here
audit-userspace-4.1.2/src/ausearch-parse.c:232:12: branch_false: following ‘false’ branch (when ‘uid != 0’)...
audit-userspace-4.1.2/src/ausearch-parse.c:234:17: branch_false: ...to here
audit-userspace-4.1.2/src/ausearch-parse.c:234:17: branch_false: following ‘false’ branch (when ‘uid != 4294967295’)...
audit-userspace-4.1.2/src/ausearch-parse.c:237:13: branch_false: ...to here
audit-userspace-4.1.2/src/ausearch-parse.c:243:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/src/ausearch-parse.c:247:22: branch_false: ...to here
audit-userspace-4.1.2/src/ausearch-parse.c:248:20: branch_true: following ‘true’ branch...
audit-userspace-4.1.2/src/ausearch-parse.c:250:42: branch_true: ...to here
audit-userspace-4.1.2/src/ausearch-parse.c:250:35: acquire_memory: allocated here
audit-userspace-4.1.2/src/ausearch-parse.c:252:13: danger: ‘nv.name’ leaks here; was allocated at [(11)](sarif:/runs/0/results/1/codeFlows/0/threadFlows/0/locations/10)
#  250|   			nv.name = strdup(pw->pw_name);
#  251|   			nv.val = uid;
#  252|->             search_list_append(&uid_nvl, &nv);
#  253|   			return strdup(pw->pw_name);
#  254|   		}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def260]
audit-userspace-4.1.2/src/ausearch-parse.c:493:33: warning[-Wanalyzer-malloc-leak]: leak of ‘an.scontext’
audit-userspace-4.1.2/src/ausearch-parse.c:306:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/src/ausearch-parse.c:328:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/src/ausearch-parse.c:370:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/src/ausearch-parse.c:479:12: branch_true: following ‘true’ branch...
audit-userspace-4.1.2/src/ausearch-parse.c:481:23: branch_true: ...to here
audit-userspace-4.1.2/src/ausearch-parse.c:482:20: branch_true: following ‘true’ branch (when ‘str’ is non-NULL)...
audit-userspace-4.1.2/src/ausearch-parse.c:483:25: branch_true: ...to here
audit-userspace-4.1.2/src/ausearch-parse.c:485:28: branch_false: following ‘false’ branch (when ‘term’ is non-NULL)...
audit-userspace-4.1.2/src/ausearch-parse.c:487:25: branch_false: ...to here
audit-userspace-4.1.2/src/ausearch-parse.c:488:28: branch_true: following ‘true’ branch...
audit-userspace-4.1.2/src/ausearch-parse.c:491:33: branch_true: ...to here
audit-userspace-4.1.2/src/ausearch-parse.c:492:47: acquire_memory: allocated here
audit-userspace-4.1.2/src/ausearch-parse.c:493:33: danger: ‘an.scontext’ leaks here; was allocated at [(17)](sarif:/runs/0/results/2/codeFlows/0/threadFlows/0/locations/16)
#  491|   				anode_init(&an);
#  492|   				an.scontext = strdup(str);
#  493|-> 				alist_append(s->avc, &an);
#  494|   				*term = ' ';
#  495|   			} else

Error: GCC_ANALYZER_WARNING (CWE-401): [#def261]
audit-userspace-4.1.2/src/ausearch-parse.c:757:25: warning[-Wanalyzer-malloc-leak]: leak of ‘sn.str’
audit-userspace-4.1.2/src/ausearch-parse.c:727:12: branch_true: following ‘true’ branch...
audit-userspace-4.1.2/src/ausearch-parse.c:729:17: branch_true: ...to here
audit-userspace-4.1.2/src/ausearch-parse.c:731:20: branch_false: following ‘false’ branch (when ‘term’ is non-NULL)...
audit-userspace-4.1.2/src/ausearch-parse.c:733:17: branch_false: ...to here
audit-userspace-4.1.2/src/ausearch-parse.c:734:20: branch_true: following ‘true’ branch...
audit-userspace-4.1.2/src/ausearch-parse.c:737:34: branch_true: ...to here
audit-userspace-4.1.2/src/ausearch-parse.c:737:34: acquire_memory: allocated here
audit-userspace-4.1.2/src/ausearch-parse.c:738:28: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/src/ausearch-parse.c:742:25: branch_false: ...to here
audit-userspace-4.1.2/src/ausearch-parse.c:757:25: danger: ‘sn.str’ leaks here; was allocated at [(8)](sarif:/runs/0/results/3/codeFlows/0/threadFlows/0/locations/7)
#  755|   				sn.str = tmp;
#  756|   			}
#  757|-> 			slist_append(s->filename, &sn);
#  758|   		}
#  759|   		*term = '"';

Error: GCC_ANALYZER_WARNING (CWE-401): [#def262]
audit-userspace-4.1.2/src/ausearch-parse.c:798:25: warning[-Wanalyzer-malloc-leak]: leak of ‘sn.str’
audit-userspace-4.1.2/src/ausearch-parse.c:727:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/src/ausearch-parse.c:761:21: branch_false: ...to here
audit-userspace-4.1.2/src/ausearch-parse.c:761:20: branch_true: following ‘true’ branch...
audit-userspace-4.1.2/src/ausearch-parse.c:764:25: branch_true: ...to here
audit-userspace-4.1.2/src/ausearch-parse.c:766:28: branch_true: following ‘true’ branch...
audit-userspace-4.1.2/src/ausearch-parse.c:767:42: branch_true: ...to here
audit-userspace-4.1.2/src/ausearch-parse.c:767:42: acquire_memory: allocated here
audit-userspace-4.1.2/src/ausearch-parse.c:798:25: danger: ‘sn.str’ leaks here; was allocated at [(7)](sarif:/runs/0/results/4/codeFlows/0/threadFlows/0/locations/6)
#  796|   			}
#  797|   append:
#  798|-> 			slist_append(s->filename, &sn);
#  799|   		}
#  800|   	}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def263]
audit-userspace-4.1.2/src/ausearch-parse.c:864:33: warning[-Wanalyzer-malloc-leak]: leak of ‘an.tcontext’
audit-userspace-4.1.2/src/ausearch-parse.c:828:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/src/ausearch-parse.c:830:13: branch_false: ...to here
audit-userspace-4.1.2/src/ausearch-parse.c:851:12: branch_true: following ‘true’ branch...
audit-userspace-4.1.2/src/ausearch-parse.c:853:23: branch_true: ...to here
audit-userspace-4.1.2/src/ausearch-parse.c:854:20: branch_true: following ‘true’ branch (when ‘str’ is non-NULL)...
audit-userspace-4.1.2/src/ausearch-parse.c:855:25: branch_true: ...to here
audit-userspace-4.1.2/src/ausearch-parse.c:857:28: branch_false: following ‘false’ branch (when ‘term’ is NULL)...
audit-userspace-4.1.2/src/ausearch-parse.c:859:29: branch_false: ...to here
audit-userspace-4.1.2/src/ausearch-parse.c:859:28: branch_true: following ‘true’ branch...
audit-userspace-4.1.2/src/ausearch-parse.c:862:33: branch_true: ...to here
audit-userspace-4.1.2/src/ausearch-parse.c:863:47: acquire_memory: allocated here
audit-userspace-4.1.2/src/ausearch-parse.c:864:33: danger: ‘an.tcontext’ leaks here; was allocated at [(13)](sarif:/runs/0/results/5/codeFlows/0/threadFlows/0/locations/12)
#  862|   				anode_init(&an);
#  863|   				an.tcontext = strdup(str);
#  864|-> 				alist_append(s->avc, &an);
#  865|   				if (term)
#  866|   					*term = ' ';

Error: GCC_ANALYZER_WARNING (CWE-401): [#def264]
audit-userspace-4.1.2/src/ausearch-parse.c:892:33: warning[-Wanalyzer-malloc-leak]: leak of ‘an.tcontext’
audit-userspace-4.1.2/src/ausearch-parse.c:879:12: branch_true: following ‘true’ branch...
audit-userspace-4.1.2/src/ausearch-parse.c:881:23: branch_true: ...to here
audit-userspace-4.1.2/src/ausearch-parse.c:882:20: branch_true: following ‘true’ branch (when ‘str’ is non-NULL)...
audit-userspace-4.1.2/src/ausearch-parse.c:883:25: branch_true: ...to here
audit-userspace-4.1.2/src/ausearch-parse.c:885:28: branch_false: following ‘false’ branch (when ‘term’ is NULL)...
audit-userspace-4.1.2/src/ausearch-parse.c:887:29: branch_false: ...to here
audit-userspace-4.1.2/src/ausearch-parse.c:887:28: branch_true: following ‘true’ branch...
audit-userspace-4.1.2/src/ausearch-parse.c:890:33: branch_true: ...to here
audit-userspace-4.1.2/src/ausearch-parse.c:891:47: acquire_memory: allocated here
audit-userspace-4.1.2/src/ausearch-parse.c:892:33: danger: ‘an.tcontext’ leaks here; was allocated at [(11)](sarif:/runs/0/results/6/codeFlows/0/threadFlows/0/locations/10)
#  890|   				anode_init(&an);
#  891|   				an.tcontext = strdup(str);
#  892|-> 				alist_append(s->avc, &an);
#  893|   				if (term)
#  894|   					*term = ' ';

Error: GCC_ANALYZER_WARNING (CWE-401): [#def265]
audit-userspace-4.1.2/src/ausearch-parse.c:995:33: warning[-Wanalyzer-malloc-leak]: leak of ‘an.scontext’
audit-userspace-4.1.2/src/ausearch-parse.c:925:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/src/ausearch-parse.c:942:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/src/ausearch-parse.c:978:12: branch_true: following ‘true’ branch...
audit-userspace-4.1.2/src/ausearch-parse.c:980:23: branch_true: ...to here
audit-userspace-4.1.2/src/ausearch-parse.c:981:20: branch_true: following ‘true’ branch (when ‘str’ is non-NULL)...
audit-userspace-4.1.2/src/ausearch-parse.c:982:25: branch_true: ...to here
audit-userspace-4.1.2/src/ausearch-parse.c:984:28: branch_false: following ‘false’ branch (when ‘term’ is non-NULL)...
audit-userspace-4.1.2/src/ausearch-parse.c:986:25: branch_false: ...to here
audit-userspace-4.1.2/src/ausearch-parse.c:987:28: branch_false: following ‘false’ branch (when ‘avc’ is NULL)...
audit-userspace-4.1.2/src/ausearch-parse.c:990:36: branch_false: ...to here
audit-userspace-4.1.2/src/ausearch-parse.c:990:35: branch_true: following ‘true’ branch...
audit-userspace-4.1.2/src/ausearch-parse.c:993:33: branch_true: ...to here
audit-userspace-4.1.2/src/ausearch-parse.c:994:47: acquire_memory: allocated here
audit-userspace-4.1.2/src/ausearch-parse.c:995:33: danger: ‘an.scontext’ leaks here; was allocated at [(17)](sarif:/runs/0/results/7/codeFlows/0/threadFlows/0/locations/16)
#  993|   				anode_init(&an);
#  994|   				an.scontext = strdup(str);
#  995|-> 				alist_append(s->avc, &an);
#  996|   				*term = ' ';
#  997|   			} else

Error: GCC_ANALYZER_WARNING (CWE-401): [#def266]
audit-userspace-4.1.2/src/ausearch-parse.c:1095:41: warning[-Wanalyzer-malloc-leak]: leak of ‘an.scontext’
audit-userspace-4.1.2/src/ausearch-parse.c:925:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/src/ausearch-parse.c:942:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/src/ausearch-parse.c:981:20: branch_false: following ‘false’ branch (when ‘str’ is NULL)...
audit-userspace-4.1.2/src/ausearch-parse.c:1002:12: branch_false: ...to here
audit-userspace-4.1.2/src/ausearch-parse.c:1081:12: branch_true: following ‘true’ branch...
audit-userspace-4.1.2/src/ausearch-parse.c:1082:21: branch_true: ...to here
audit-userspace-4.1.2/src/ausearch-parse.c:1082:20: branch_true: following ‘true’ branch...
audit-userspace-4.1.2/src/ausearch-parse.c:1083:31: branch_true: ...to here
audit-userspace-4.1.2/src/ausearch-parse.c:1084:28: branch_true: following ‘true’ branch (when ‘str’ is non-NULL)...
audit-userspace-4.1.2/src/ausearch-parse.c:1085:33: branch_true: ...to here
audit-userspace-4.1.2/src/ausearch-parse.c:1087:36: branch_false: following ‘false’ branch (when ‘term’ is non-NULL)...
audit-userspace-4.1.2/src/ausearch-parse.c:1089:33: branch_false: ...to here
audit-userspace-4.1.2/src/ausearch-parse.c:1090:36: branch_true: following ‘true’ branch...
audit-userspace-4.1.2/src/ausearch-parse.c:1093:41: branch_true: ...to here
audit-userspace-4.1.2/src/ausearch-parse.c:1094:55: acquire_memory: allocated here
audit-userspace-4.1.2/src/ausearch-parse.c:1095:41: danger: ‘an.scontext’ leaks here; was allocated at [(20)](sarif:/runs/0/results/8/codeFlows/0/threadFlows/0/locations/19)
# 1093|   					anode_init(&an);
# 1094|   					an.scontext = strdup(str);
# 1095|-> 					alist_append(s->avc, &an);
# 1096|   					*term = ' ';
# 1097|   				} else

Error: GCC_ANALYZER_WARNING (CWE-401): [#def267]
audit-userspace-4.1.2/src/ausearch-parse.c:1114:41: warning[-Wanalyzer-malloc-leak]: leak of ‘an.tcontext’
audit-userspace-4.1.2/src/ausearch-parse.c:925:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/src/ausearch-parse.c:942:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/src/ausearch-parse.c:1081:12: branch_true: following ‘true’ branch...
audit-userspace-4.1.2/src/ausearch-parse.c:1082:21: branch_true: ...to here
audit-userspace-4.1.2/src/ausearch-parse.c:1101:20: branch_true: following ‘true’ branch...
audit-userspace-4.1.2/src/ausearch-parse.c:1102:31: branch_true: ...to here
audit-userspace-4.1.2/src/ausearch-parse.c:1103:28: branch_true: following ‘true’ branch (when ‘str’ is non-NULL)...
audit-userspace-4.1.2/src/ausearch-parse.c:1104:33: branch_true: ...to here
audit-userspace-4.1.2/src/ausearch-parse.c:1106:36: branch_false: following ‘false’ branch (when ‘term’ is non-NULL)...
audit-userspace-4.1.2/src/ausearch-parse.c:1108:33: branch_false: ...to here
audit-userspace-4.1.2/src/ausearch-parse.c:1109:36: branch_true: following ‘true’ branch...
audit-userspace-4.1.2/src/ausearch-parse.c:1112:41: branch_true: ...to here
audit-userspace-4.1.2/src/ausearch-parse.c:1113:55: acquire_memory: allocated here
audit-userspace-4.1.2/src/ausearch-parse.c:1114:41: danger: ‘an.tcontext’ leaks here; was allocated at [(17)](sarif:/runs/0/results/9/codeFlows/0/threadFlows/0/locations/16)
# 1112|   					anode_init(&an);
# 1113|   					an.tcontext = strdup(str);
# 1114|-> 					alist_append(s->avc, &an);
# 1115|   					*term = ' ';
# 1116|   				} else

Error: GCC_ANALYZER_WARNING (CWE-401): [#def268]
audit-userspace-4.1.2/src/ausearch-parse.c:1441:33: warning[-Wanalyzer-malloc-leak]: leak of ‘an.scontext’
audit-userspace-4.1.2/src/ausearch-parse.c:1411:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/src/ausearch-parse.c:1428:12: branch_true: following ‘true’ branch...
audit-userspace-4.1.2/src/ausearch-parse.c:1429:23: branch_true: ...to here
audit-userspace-4.1.2/src/ausearch-parse.c:1430:20: branch_true: following ‘true’ branch (when ‘str’ is non-NULL)...
audit-userspace-4.1.2/src/ausearch-parse.c:1431:25: branch_true: ...to here
audit-userspace-4.1.2/src/ausearch-parse.c:1433:28: branch_false: following ‘false’ branch (when ‘term’ is non-NULL)...
audit-userspace-4.1.2/src/ausearch-parse.c:1435:25: branch_false: ...to here
audit-userspace-4.1.2/src/ausearch-parse.c:1436:28: branch_true: following ‘true’ branch...
audit-userspace-4.1.2/src/ausearch-parse.c:1439:33: branch_true: ...to here
audit-userspace-4.1.2/src/ausearch-parse.c:1440:47: acquire_memory: allocated here
audit-userspace-4.1.2/src/ausearch-parse.c:1441:33: danger: ‘an.scontext’ leaks here; was allocated at [(13)](sarif:/runs/0/results/10/codeFlows/0/threadFlows/0/locations/12)
# 1439|   				anode_init(&an);
# 1440|   				an.scontext = strdup(str);
# 1441|-> 				alist_append(s->avc, &an);
# 1442|   				*term = ' ';
# 1443|   			} else

Error: GCC_ANALYZER_WARNING (CWE-401): [#def269]
audit-userspace-4.1.2/src/ausearch-parse.c:1620:33: warning[-Wanalyzer-malloc-leak]: leak of ‘an.scontext’
audit-userspace-4.1.2/src/ausearch-parse.c:1527:12: branch_false: following ‘false’ branch (when ‘mptr’ is non-NULL)...
audit-userspace-4.1.2/src/ausearch-parse.c:1532:13: branch_false: ...to here
audit-userspace-4.1.2/src/ausearch-parse.c:1532:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/src/ausearch-parse.c:1607:12: branch_true: following ‘true’ branch...
audit-userspace-4.1.2/src/ausearch-parse.c:1609:23: branch_true: ...to here
audit-userspace-4.1.2/src/ausearch-parse.c:1610:20: branch_true: following ‘true’ branch (when ‘str’ is non-NULL)...
audit-userspace-4.1.2/src/ausearch-parse.c:1611:25: branch_true: ...to here
audit-userspace-4.1.2/src/ausearch-parse.c:1613:28: branch_false: following ‘false’ branch (when ‘term’ is NULL)...
audit-userspace-4.1.2/src/ausearch-parse.c:1615:29: branch_false: ...to here
audit-userspace-4.1.2/src/ausearch-parse.c:1615:28: branch_true: following ‘true’ branch...
audit-userspace-4.1.2/src/ausearch-parse.c:1618:33: branch_true: ...to here
audit-userspace-4.1.2/src/ausearch-parse.c:1619:47: acquire_memory: allocated here
audit-userspace-4.1.2/src/ausearch-parse.c:1620:33: danger: ‘an.scontext’ leaks here; was allocated at [(16)](sarif:/runs/0/results/11/codeFlows/0/threadFlows/0/locations/15)
# 1618|   				anode_init(&an);
# 1619|   				an.scontext = strdup(str);
# 1620|-> 				alist_append(s->avc, &an);
# 1621|   			} else
# 1622|   				return 11;

Error: CPPCHECK_WARNING (CWE-401): [#def270]
audit-userspace-4.1.2/src/ausearch-parse.c:1764: error[memleak]: Memory leak: sn.str
# 1762|   							strdup(un->sun_path+1);
# 1763|   						else
# 1764|-> 							return 6;
# 1765|   
# 1766|   						sn.key = NULL;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def271]
audit-userspace-4.1.2/src/ausearch-parse.c:1768:49: warning[-Wanalyzer-malloc-leak]: leak of ‘sn.str’
audit-userspace-4.1.2/src/ausearch-parse.c:1701:20: branch_true: following ‘true’ branch (when ‘str’ is non-NULL)...
audit-userspace-4.1.2/src/ausearch-parse.c:1706:25: branch_true: ...to here
audit-userspace-4.1.2/src/ausearch-parse.c:1710:36: branch_true: following ‘true’ branch (when ‘ptr2’ is non-NULL)...
audit-userspace-4.1.2/src/ausearch-parse.c:1711:47: branch_true: ...to here
audit-userspace-4.1.2/src/ausearch-parse.c:1718:28: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/src/ausearch-parse.c:1721:29: branch_false: ...to here
audit-userspace-4.1.2/src/ausearch-parse.c:1721:28: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/src/ausearch-parse.c:1728:35: branch_false: ...to here
audit-userspace-4.1.2/src/ausearch-parse.c:1728:35: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/src/ausearch-parse.c:1735:35: branch_false: ...to here
audit-userspace-4.1.2/src/ausearch-parse.c:1735:35: branch_true: following ‘true’ branch...
audit-userspace-4.1.2/src/ausearch-parse.c:1738:37: branch_true: ...to here
audit-userspace-4.1.2/src/ausearch-parse.c:1738:36: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/src/ausearch-parse.c:1745:37: branch_false: ...to here
audit-userspace-4.1.2/src/ausearch-parse.c:1745:36: branch_true: following ‘true’ branch...
audit-userspace-4.1.2/src/ausearch-parse.c:1746:46: branch_true: ...to here
audit-userspace-4.1.2/src/ausearch-parse.c:1746:44: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/src/ausearch-parse.c:1754:45: branch_false: ...to here
audit-userspace-4.1.2/src/ausearch-parse.c:1754:44: branch_true: following ‘true’ branch...
audit-userspace-4.1.2/src/ausearch-parse.c:1757:53: branch_true: ...to here
audit-userspace-4.1.2/src/ausearch-parse.c:1757:52: branch_true: following ‘true’ branch...
audit-userspace-4.1.2/src/ausearch-parse.c:1759:64: branch_true: ...to here
audit-userspace-4.1.2/src/ausearch-parse.c:1759:57: acquire_memory: allocated here
audit-userspace-4.1.2/src/ausearch-parse.c:1768:49: danger: ‘sn.str’ leaks here; was allocated at [(25)](sarif:/runs/0/results/12/codeFlows/0/threadFlows/0/locations/24)
# 1766|   						sn.key = NULL;
# 1767|   						sn.hits = 1;
# 1768|-> 						slist_append(s->filename, &sn);
# 1769|   					}
# 1770|   					free(s->hostname);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def272]
audit-userspace-4.1.2/src/ausearch-parse.c:1890:33: warning[-Wanalyzer-malloc-leak]: leak of ‘an.scontext’
audit-userspace-4.1.2/src/ausearch-parse.c:1810:12: branch_false: following ‘false’ branch (when ‘str’ is NULL)...
audit-userspace-4.1.2/src/ausearch-parse.c:1824:13: branch_false: ...to here
audit-userspace-4.1.2/src/ausearch-parse.c:1876:12: branch_true: following ‘true’ branch...
audit-userspace-4.1.2/src/ausearch-parse.c:1878:23: branch_true: ...to here
audit-userspace-4.1.2/src/ausearch-parse.c:1879:20: branch_true: following ‘true’ branch (when ‘str’ is non-NULL)...
audit-userspace-4.1.2/src/ausearch-parse.c:1880:25: branch_true: ...to here
audit-userspace-4.1.2/src/ausearch-parse.c:1882:28: branch_false: following ‘false’ branch (when ‘term’ is non-NULL)...
audit-userspace-4.1.2/src/ausearch-parse.c:1884:25: branch_false: ...to here
audit-userspace-4.1.2/src/ausearch-parse.c:1885:28: branch_true: following ‘true’ branch...
audit-userspace-4.1.2/src/ausearch-parse.c:1888:33: branch_true: ...to here
audit-userspace-4.1.2/src/ausearch-parse.c:1889:47: acquire_memory: allocated here
audit-userspace-4.1.2/src/ausearch-parse.c:1890:33: danger: ‘an.scontext’ leaks here; was allocated at [(14)](sarif:/runs/0/results/13/codeFlows/0/threadFlows/0/locations/13)
# 1888|   				anode_init(&an);
# 1889|   				an.scontext = strdup(str);
# 1890|-> 				alist_append(s->avc, &an);
# 1891|   				*term = ' ';
# 1892|   			} else

Error: GCC_ANALYZER_WARNING (CWE-401): [#def273]
audit-userspace-4.1.2/src/ausearch-parse.c:2127:17: warning[-Wanalyzer-malloc-leak]: leak of ‘an.avc_class’
audit-userspace-4.1.2/src/ausearch-parse.c:1950:12: enter_function: entry to ‘parse_avc’
audit-userspace-4.1.2/src/ausearch-parse.c:1961:12: branch_false: following ‘false’ branch (when ‘str’ is NULL)...
audit-userspace-4.1.2/src/ausearch-parse.c:1996:1: branch_false: ...to here
audit-userspace-4.1.2/src/ausearch-parse.c:1998:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/src/ausearch-parse.c:2012:13: branch_false: ...to here
audit-userspace-4.1.2/src/ausearch-parse.c:2113:12: branch_false: following ‘false’ branch (when ‘str’ is non-NULL)...
audit-userspace-4.1.2/src/ausearch-parse.c:2117:9: branch_false: ...to here
audit-userspace-4.1.2/src/ausearch-parse.c:2119:12: branch_false: following ‘false’ branch (when ‘term’ is NULL)...
audit-userspace-4.1.2/src/ausearch-parse.c:2121:24: branch_false: ...to here
audit-userspace-4.1.2/src/ausearch-parse.c:2121:24: acquire_memory: allocated here
audit-userspace-4.1.2/src/ausearch-parse.c:2122:12: branch_false: following ‘false’ branch (when ‘term’ is NULL)...
audit-userspace-4.1.2/src/ausearch-parse.c:2126:13: branch_false: ...to here
audit-userspace-4.1.2/src/ausearch-parse.c:2126:13: call_function: calling ‘audit_avc_init’ from ‘parse_avc’
audit-userspace-4.1.2/src/ausearch-parse.c:2126:13: return_function: returning to ‘parse_avc’ from ‘audit_avc_init’
audit-userspace-4.1.2/src/ausearch-parse.c:2126:12: branch_true: following ‘true’ branch...
audit-userspace-4.1.2/src/ausearch-parse.c:2127:17: branch_true: ...to here
audit-userspace-4.1.2/src/ausearch-parse.c:2127:17: danger: ‘an.avc_class’ leaks here; was allocated at [(13)](sarif:/runs/0/results/14/codeFlows/0/threadFlows/0/locations/12)
# 2125|   	// This can be called multiple times. Only first time it initializes.
# 2126|   	if (audit_avc_init(s) == 0) {
# 2127|-> 		alist_append(s->avc, &an);
# 2128|   	} else {
# 2129|   		rc = 10;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def274]
audit-userspace-4.1.2/src/ausearch-parse.c:2233:33: warning[-Wanalyzer-malloc-leak]: leak of ‘an.scontext’
audit-userspace-4.1.2/src/ausearch-parse.c:2144:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/src/ausearch-parse.c:2216:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/src/ausearch-parse.c:2219:13: branch_false: ...to here
audit-userspace-4.1.2/src/ausearch-parse.c:2219:12: branch_true: following ‘true’ branch...
audit-userspace-4.1.2/src/ausearch-parse.c:2221:23: branch_true: ...to here
audit-userspace-4.1.2/src/ausearch-parse.c:2222:20: branch_true: following ‘true’ branch (when ‘str’ is non-NULL)...
audit-userspace-4.1.2/src/ausearch-parse.c:2223:25: branch_true: ...to here
audit-userspace-4.1.2/src/ausearch-parse.c:2225:28: branch_false: following ‘false’ branch (when ‘term’ is non-NULL)...
audit-userspace-4.1.2/src/ausearch-parse.c:2227:25: branch_false: ...to here
audit-userspace-4.1.2/src/ausearch-parse.c:2228:28: branch_true: following ‘true’ branch...
audit-userspace-4.1.2/src/ausearch-parse.c:2231:33: branch_true: ...to here
audit-userspace-4.1.2/src/ausearch-parse.c:2232:47: acquire_memory: allocated here
audit-userspace-4.1.2/src/ausearch-parse.c:2233:33: danger: ‘an.scontext’ leaks here; was allocated at [(15)](sarif:/runs/0/results/15/codeFlows/0/threadFlows/0/locations/14)
# 2231|   				anode_init(&an);
# 2232|   				an.scontext = strdup(str);
# 2233|-> 				alist_append(s->avc, &an);
# 2234|   				*term = ' ';
# 2235|   			} else

Error: GCC_ANALYZER_WARNING (CWE-401): [#def275]
audit-userspace-4.1.2/src/ausearch-parse.c:2406:33: warning[-Wanalyzer-malloc-leak]: leak of ‘an.scontext’
audit-userspace-4.1.2/src/ausearch-parse.c:2393:12: branch_true: following ‘true’ branch...
audit-userspace-4.1.2/src/ausearch-parse.c:2395:23: branch_true: ...to here
audit-userspace-4.1.2/src/ausearch-parse.c:2396:20: branch_true: following ‘true’ branch (when ‘str’ is non-NULL)...
audit-userspace-4.1.2/src/ausearch-parse.c:2397:25: branch_true: ...to here
audit-userspace-4.1.2/src/ausearch-parse.c:2399:28: branch_false: following ‘false’ branch (when ‘term’ is NULL)...
audit-userspace-4.1.2/src/ausearch-parse.c:2401:29: branch_false: ...to here
audit-userspace-4.1.2/src/ausearch-parse.c:2401:28: branch_true: following ‘true’ branch...
audit-userspace-4.1.2/src/ausearch-parse.c:2404:33: branch_true: ...to here
audit-userspace-4.1.2/src/ausearch-parse.c:2405:47: acquire_memory: allocated here
audit-userspace-4.1.2/src/ausearch-parse.c:2406:33: danger: ‘an.scontext’ leaks here; was allocated at [(11)](sarif:/runs/0/results/16/codeFlows/0/threadFlows/0/locations/10)
# 2404|   				anode_init(&an);
# 2405|   				an.scontext = strdup(str);
# 2406|-> 				alist_append(s->avc, &an);
# 2407|   				if (term)
# 2408|   					*term = ' ';

Error: GCC_ANALYZER_WARNING (CWE-401): [#def276]
audit-userspace-4.1.2/src/ausearch-parse.c:2438:49: warning[-Wanalyzer-malloc-leak]: leak of ‘sn.str’
audit-userspace-4.1.2/src/ausearch-parse.c:2416:12: branch_true: following ‘true’ branch...
audit-userspace-4.1.2/src/ausearch-parse.c:2417:23: branch_true: ...to here
audit-userspace-4.1.2/src/ausearch-parse.c:2418:20: branch_true: following ‘true’ branch (when ‘str’ is non-NULL)...
audit-userspace-4.1.2/src/ausearch-parse.c:2419:30: branch_true: ...to here
audit-userspace-4.1.2/src/ausearch-parse.c:2427:28: branch_true: following ‘true’ branch...
audit-userspace-4.1.2/src/ausearch-parse.c:2428:33: branch_true: ...to here
audit-userspace-4.1.2/src/ausearch-parse.c:2430:36: branch_true: following ‘true’ branch (when ‘term’ is non-NULL)...
audit-userspace-4.1.2/src/ausearch-parse.c:2431:41: branch_true: ...to here
audit-userspace-4.1.2/src/ausearch-parse.c:2432:44: branch_true: following ‘true’ branch...
audit-userspace-4.1.2/src/ausearch-parse.c:2435:58: branch_true: ...to here
audit-userspace-4.1.2/src/ausearch-parse.c:2435:58: acquire_memory: allocated here
audit-userspace-4.1.2/src/ausearch-parse.c:2438:49: danger: ‘sn.str’ leaks here; was allocated at [(13)](sarif:/runs/0/results/17/codeFlows/0/threadFlows/0/locations/12)
# 2436|   						sn.key = NULL;
# 2437|   						sn.hits = 1;
# 2438|-> 						slist_append(s->key, &sn);
# 2439|   					}
# 2440|   					*term = '"';

Error: GCC_ANALYZER_WARNING (CWE-401): [#def277]
audit-userspace-4.1.2/src/ausearch-parse.c:2457:49: warning[-Wanalyzer-malloc-leak]: leak of ‘sn.str’
audit-userspace-4.1.2/src/ausearch-parse.c:2416:12: branch_true: following ‘true’ branch...
audit-userspace-4.1.2/src/ausearch-parse.c:2417:23: branch_true: ...to here
audit-userspace-4.1.2/src/ausearch-parse.c:2418:20: branch_true: following ‘true’ branch (when ‘str’ is non-NULL)...
audit-userspace-4.1.2/src/ausearch-parse.c:2419:30: branch_true: ...to here
audit-userspace-4.1.2/src/ausearch-parse.c:2427:28: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/src/ausearch-parse.c:2444:37: branch_false: ...to here
audit-userspace-4.1.2/src/ausearch-parse.c:2444:36: branch_true: following ‘true’ branch...
audit-userspace-4.1.2/src/ausearch-parse.c:2446:56: branch_true: ...to here
audit-userspace-4.1.2/src/ausearch-parse.c:2447:44: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/src/ausearch-parse.c:2449:54: branch_false: ...to here
audit-userspace-4.1.2/src/ausearch-parse.c:2451:48: branch_true: following ‘true’ branch (when ‘kptr’ is non-NULL)...
audit-userspace-4.1.2/src/ausearch-parse.c:2454:58: branch_true: ...to here
audit-userspace-4.1.2/src/ausearch-parse.c:2454:58: acquire_memory: allocated here
audit-userspace-4.1.2/src/ausearch-parse.c:2457:49: danger: ‘sn.str’ leaks here; was allocated at [(14)](sarif:/runs/0/results/18/codeFlows/0/threadFlows/0/locations/13)
# 2455|   						sn.key = NULL;
# 2456|   						sn.hits = 1;
# 2457|-> 						slist_append(s->key, &sn);
# 2458|   						kptr = strtok_r(NULL,
# 2459|   							key_sep, &saved);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def278]
audit-userspace-4.1.2/src/ausearch-parse.c:2642:33: warning[-Wanalyzer-malloc-leak]: leak of ‘an.tcontext’
audit-userspace-4.1.2/src/ausearch-parse.c:2630:12: branch_true: following ‘true’ branch...
audit-userspace-4.1.2/src/ausearch-parse.c:2631:23: branch_true: ...to here
audit-userspace-4.1.2/src/ausearch-parse.c:2632:20: branch_true: following ‘true’ branch (when ‘str’ is non-NULL)...
audit-userspace-4.1.2/src/ausearch-parse.c:2633:25: branch_true: ...to here
audit-userspace-4.1.2/src/ausearch-parse.c:2635:28: branch_false: following ‘false’ branch (when ‘term’ is NULL)...
audit-userspace-4.1.2/src/ausearch-parse.c:2637:29: branch_false: ...to here
audit-userspace-4.1.2/src/ausearch-parse.c:2637:28: branch_true: following ‘true’ branch...
audit-userspace-4.1.2/src/ausearch-parse.c:2640:33: branch_true: ...to here
audit-userspace-4.1.2/src/ausearch-parse.c:2641:47: acquire_memory: allocated here
audit-userspace-4.1.2/src/ausearch-parse.c:2642:33: danger: ‘an.tcontext’ leaks here; was allocated at [(11)](sarif:/runs/0/results/19/codeFlows/0/threadFlows/0/locations/10)
# 2640|   				anode_init(&an);
# 2641|   				an.tcontext = strdup(str);
# 2642|-> 				alist_append(s->avc, &an);
# 2643|   				if (term)
# 2644|   					*term = ' ';

Error: GCC_ANALYZER_WARNING (CWE-401): [#def279]
audit-userspace-4.1.2/src/ausearch-parse.c:2764:33: warning[-Wanalyzer-malloc-leak]: leak of ‘an.scontext’
audit-userspace-4.1.2/src/ausearch-parse.c:2750:12: branch_true: following ‘true’ branch...
audit-userspace-4.1.2/src/ausearch-parse.c:2753:20: branch_true: following ‘true’ branch (when ‘str’ is non-NULL)...
audit-userspace-4.1.2/src/ausearch-parse.c:2754:25: branch_true: ...to here
audit-userspace-4.1.2/src/ausearch-parse.c:2756:28: branch_false: following ‘false’ branch (when ‘term’ is non-NULL)...
audit-userspace-4.1.2/src/ausearch-parse.c:2758:25: branch_false: ...to here
audit-userspace-4.1.2/src/ausearch-parse.c:2759:28: branch_true: following ‘true’ branch...
audit-userspace-4.1.2/src/ausearch-parse.c:2762:33: branch_true: ...to here
audit-userspace-4.1.2/src/ausearch-parse.c:2763:47: acquire_memory: allocated here
audit-userspace-4.1.2/src/ausearch-parse.c:2764:33: danger: ‘an.scontext’ leaks here; was allocated at [(11)](sarif:/runs/0/results/20/codeFlows/0/threadFlows/0/locations/10)
# 2762|   				anode_init(&an);
# 2763|   				an.scontext = strdup(str);
# 2764|-> 				alist_append(s->avc, &an);
# 2765|   				*term = ' ';
# 2766|   			} else

Error: GCC_ANALYZER_WARNING (CWE-401): [#def280]
audit-userspace-4.1.2/src/ausearch-parse.c:2903:20: warning[-Wanalyzer-malloc-leak]: leak of ‘<unknown>’
audit-userspace-4.1.2/src/ausearch-parse.c:2879:5: enter_function: entry to ‘audit_log_list’
audit-userspace-4.1.2/src/ausearch-parse.c:2889:12: branch_false: following ‘false’ branch (when ‘filename’ is non-NULL)...
audit-userspace-4.1.2/src/ausearch-parse.c:2892:9: branch_false: ...to here
audit-userspace-4.1.2/src/ausearch-parse.c:2898:20: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/src/ausearch-parse.c:2900:21: branch_false: ...to here
audit-userspace-4.1.2/src/ausearch-parse.c:2900:21: call_function: calling ‘read_first_ts’ from ‘audit_log_list’
audit-userspace-4.1.2/src/ausearch-parse.c:2900:21: return_function: returning to ‘audit_log_list’ from ‘read_first_ts’
audit-userspace-4.1.2/src/ausearch-parse.c:2900:20: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/src/ausearch-parse.c:2902:37: branch_false: ...to here
audit-userspace-4.1.2/src/ausearch-parse.c:2903:20: branch_false: following ‘false’ branch (when ‘tmp’ is non-NULL)...
audit-userspace-4.1.2/src/ausearch-parse.c:2909:21: branch_false: ...to here
audit-userspace-4.1.2/src/ausearch-parse.c:2909:34: acquire_memory: allocated here
audit-userspace-4.1.2/src/ausearch-parse.c:2910:20: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/src/ausearch-parse.c:2915:17: branch_false: ...to here
audit-userspace-4.1.2/src/ausearch-parse.c:2898:20: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/src/ausearch-parse.c:2900:21: branch_false: ...to here
audit-userspace-4.1.2/src/ausearch-parse.c:2900:21: call_function: calling ‘read_first_ts’ from ‘audit_log_list’
audit-userspace-4.1.2/src/ausearch-parse.c:2900:21: return_function: returning to ‘audit_log_list’ from ‘read_first_ts’
audit-userspace-4.1.2/src/ausearch-parse.c:2900:20: branch_true: following ‘true’ branch...
audit-userspace-4.1.2/src/ausearch-parse.c:2901:25: branch_true: ...to here
audit-userspace-4.1.2/src/ausearch-parse.c:2903:20: danger: ‘<unknown>’ leaks here; was allocated at [(23)](sarif:/runs/0/results/21/codeFlows/0/threadFlows/0/locations/22)
# 2901|   			sec = 0;
# 2902|   		tmp = realloc(list, (num + 1) * sizeof(*list));
# 2903|-> 		if (tmp == NULL) {
# 2904|   			free(filename);
# 2905|   			audit_log_free(list, num);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def281]
audit-userspace-4.1.2/src/ausearch-report.c:456:17: warning[-Wanalyzer-malloc-leak]: leak of ‘auparse_get_node(au)’
audit-userspace-4.1.2/src/ausearch-report.c:432:12: branch_false: following ‘false’ branch (when ‘cb_event_type == 0’)...
audit-userspace-4.1.2/src/ausearch-report.c:435:13: branch_false: ...to here
audit-userspace-4.1.2/src/ausearch-report.c:454:16: acquire_memory: allocated here
audit-userspace-4.1.2/src/ausearch-report.c:455:12: branch_true: following ‘true’ branch...
audit-userspace-4.1.2/src/ausearch-report.c:456:17: branch_true: ...to here
audit-userspace-4.1.2/src/ausearch-report.c:456:17: danger: ‘auparse_get_node(au)’ leaks here; was allocated at [(3)](sarif:/runs/0/results/0/codeFlows/0/threadFlows/0/locations/2)
#  454|   	item = auparse_get_node(au);
#  455|   	if (item) {
#  456|-> 		printf("%s", auparse_interpret_field(au));
#  457|   		free((void *)item);
#  458|   	}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def282]
audit-userspace-4.1.2/src/ausearch-report.c:716:17: warning[-Wanalyzer-malloc-leak]: leak of ‘auparse_get_node(au)’
audit-userspace-4.1.2/src/ausearch-report.c:714:16: acquire_memory: allocated here
audit-userspace-4.1.2/src/ausearch-report.c:715:12: branch_true: following ‘true’ branch...
audit-userspace-4.1.2/src/ausearch-report.c:716:17: branch_true: ...to here
audit-userspace-4.1.2/src/ausearch-report.c:716:17: danger: ‘auparse_get_node(au)’ leaks here; was allocated at [(1)](sarif:/runs/0/results/1/codeFlows/0/threadFlows/0/locations/0)
#  714|   	item = auparse_get_node(au);
#  715|   	if (item) {
#  716|-> 		printf("On %s at %s ", auparse_interpret_field(au), tmp);
#  717|   		free((void *)item);
#  718|   	} else

Error: GCC_ANALYZER_WARNING (CWE-775): [#def283]
audit-userspace-4.1.2/src/ausearch-time.c:153:12: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘open("/proc/uptime", 0)’
audit-userspace-4.1.2/src/ausearch-time.c:143:22: acquire_resource: opened here
audit-userspace-4.1.2/src/ausearch-time.c:144:12: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/src/ausearch-time.c:150:13: branch_false: ...to here
audit-userspace-4.1.2/src/ausearch-time.c:153:12: danger: ‘open("/proc/uptime", 0)’ leaks here; was opened at [(1)](sarif:/runs/0/results/0/codeFlows/0/threadFlows/0/locations/0)
#  151|   	rc = read(fd, buf, sizeof(buf)-1);
#  152|   	close(fd);
#  153|-> 	if (rc > 0) {
#  154|   		struct tm *tv;
#  155|   		float f_uptime;

Error: GCC_ANALYZER_WARNING (CWE-688): [#def284]
audit-userspace-4.1.2/src/ausearch.c:256:15: warning[-Wanalyzer-possible-null-argument]: use of possibly-NULL ‘config.log_file’ where non-null expected
audit-userspace-4.1.2/src/ausearch.c:242:12: branch_true: following ‘true’ branch...
audit-userspace-4.1.2/src/ausearch.c:252:33: acquire_memory: this call could return NULL
audit-userspace-4.1.2/src/ausearch.c:256:15: danger: argument 1 (‘config.log_file’) from [(4)](sarif:/runs/0/results/0/codeFlows/0/threadFlows/0/locations/3) could be NULL where non-null expected
#argument 1 of ‘__builtin_strlen’ must be non-null
#  254|   	}
#  255|   
#  256|-> 	len = strlen(config.log_file) + 16;
#  257|   	filename = malloc(len);
#  258|   	if (!filename) {

Error: GCC_ANALYZER_WARNING (CWE-401): [#def285]
audit-userspace-4.1.2/src/ausearch.c:325:21: warning[-Wanalyzer-malloc-leak]: leak of ‘filename’
audit-userspace-4.1.2/src/ausearch.c:257:20: acquire_memory: allocated here
audit-userspace-4.1.2/src/ausearch.c:258:12: branch_false: following ‘false’ branch (when ‘filename’ is non-NULL)...
audit-userspace-4.1.2/src/ausearch.c:268:13: branch_false: ...to here
audit-userspace-4.1.2/src/ausearch.c:325:21: danger: ‘filename’ leaks here; was allocated at [(1)](sarif:/runs/0/results/1/codeFlows/0/threadFlows/0/locations/0)
#  323|   
#  324|   		/* Count logs */
#  325|-> 		if (audit_log_list(config.log_file, &logs, &log_cnt)) {
#  326|   			fprintf(stderr, "No memory\n");
#  327|   			free(filename);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def286]
audit-userspace-4.1.2/src/ausearch.c:342:36: warning[-Wanalyzer-malloc-leak]: leak of ‘filename’
audit-userspace-4.1.2/src/ausearch.c:257:20: acquire_memory: allocated here
audit-userspace-4.1.2/src/ausearch.c:258:12: branch_false: following ‘false’ branch (when ‘filename’ is non-NULL)...
audit-userspace-4.1.2/src/ausearch.c:268:13: branch_false: ...to here
audit-userspace-4.1.2/src/ausearch.c:325:20: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/src/ausearch.c:332:21: branch_false: ...to here
audit-userspace-4.1.2/src/ausearch.c:332:20: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/src/ausearch.c:342:36: branch_false: ...to here
audit-userspace-4.1.2/src/ausearch.c:342:36: danger: ‘filename’ leaks here; was allocated at [(1)](sarif:/runs/0/results/2/codeFlows/0/threadFlows/0/locations/0)
#  340|   
#  341|   		/* Locate the starting file that's in range */
#  342|-> 		files_to_process = audit_log_find_start(logs, log_cnt,
#  343|   							start_time);
#  344|   		audit_log_free(logs, log_cnt);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def287]
audit-userspace-4.1.2/src/ausearch.c:344:17: warning[-Wanalyzer-malloc-leak]: leak of ‘filename’
audit-userspace-4.1.2/src/ausearch.c:257:20: acquire_memory: allocated here
audit-userspace-4.1.2/src/ausearch.c:258:12: branch_false: following ‘false’ branch (when ‘filename’ is non-NULL)...
audit-userspace-4.1.2/src/ausearch.c:268:13: branch_false: ...to here
audit-userspace-4.1.2/src/ausearch.c:325:20: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/src/ausearch.c:332:21: branch_false: ...to here
audit-userspace-4.1.2/src/ausearch.c:332:20: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/src/ausearch.c:342:36: branch_false: ...to here
audit-userspace-4.1.2/src/ausearch.c:344:17: danger: ‘filename’ leaks here; was allocated at [(1)](sarif:/runs/0/results/3/codeFlows/0/threadFlows/0/locations/0)
#  342|   		files_to_process = audit_log_find_start(logs, log_cnt,
#  343|   							start_time);
#  344|-> 		audit_log_free(logs, log_cnt);
#  345|   	}
#  346|   

Error: GCC_ANALYZER_WARNING (CWE-401): [#def288]
audit-userspace-4.1.2/src/ausearch.c:634:29: warning[-Wanalyzer-malloc-leak]: leak of ‘buff’
audit-userspace-4.1.2/src/ausearch.c:607:12: branch_false: following ‘false’ branch...
 branch_false: ...to here
audit-userspace-4.1.2/src/ausearch.c:613:20: branch_true: following ‘true’ branch (when ‘buff’ is NULL)...
audit-userspace-4.1.2/src/ausearch.c:614:32: branch_true: ...to here
audit-userspace-4.1.2/src/ausearch.c:614:32: acquire_memory: allocated here
audit-userspace-4.1.2/src/ausearch.c:615:28: branch_false: following ‘false’ branch (when ‘buff’ is non-NULL)...
audit-userspace-4.1.2/src/ausearch.c:619:21: branch_false: ...to here
audit-userspace-4.1.2/src/ausearch.c:619:20: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/src/ausearch.c:624:22: branch_false: ...to here
audit-userspace-4.1.2/src/ausearch.c:627:20: branch_false: following ‘false’ branch (when ‘timer_running == 0’)...
audit-userspace-4.1.2/src/ausearch.c:633:20: branch_false: ...to here
audit-userspace-4.1.2/src/ausearch.c:633:20: branch_true: following ‘true’ branch...
audit-userspace-4.1.2/src/ausearch.c:634:29: branch_true: ...to here
audit-userspace-4.1.2/src/ausearch.c:634:29: danger: ‘buff’ leaks here; was allocated at [(5)](sarif:/runs/0/results/4/codeFlows/0/threadFlows/0/locations/4)
#  632|   
#  633|   		if (rc) {
#  634|-> 			if (lol_add_record(&lo, buff)) {
#  635|   				*l = get_ready_event(&lo);
#  636|   				if (*l)

Error: CPPCHECK_WARNING (CWE-190): [#def289]
audit-userspace-4.1.2/src/libev/ev.c:1517: error[integerOverflow]: Signed integer overflow for expression '14-24'.
# 1515|   
# 1516|         /* too small, will be zero */
# 1517|->       if (e < (14 - 24)) /* might not be sharp, but is good enough */
# 1518|           return s;
# 1519|   

Error: COMPILER_WARNING: [#def290]
audit-userspace-4.1.2/src/libev/ev.c:2146:31: warning: 'ev_default_loop_ptr' initialized and declared 'extern'
# 2146 |   EV_API_DECL struct ev_loop *ev_default_loop_ptr = 0; /* needs to be initialised to make it a definition despite extern */
#      |                               ^~~~~~~~~~~~~~~~~~~
# 2144|   
# 2145|     static struct ev_loop default_loop_struct;
# 2146|->   EV_API_DECL struct ev_loop *ev_default_loop_ptr = 0; /* needs to be initialised to make it a definition despite extern */
# 2147|   
# 2148|   #else

Error: COMPILER_WARNING: [#def291]
audit-userspace-4.1.2/src/libev/ev.c:2146:31: warning[warning]: 'ev_default_loop_ptr' initialized and declared 'extern'
# 2144|   
# 2145|     static struct ev_loop default_loop_struct;
# 2146|->   EV_API_DECL struct ev_loop *ev_default_loop_ptr = 0; /* needs to be initialised to make it a definition despite extern */
# 2147|   
# 2148|   #else

Error: GCC_ANALYZER_WARNING (CWE-775): [#def292]
audit-userspace-4.1.2/src/libev/ev.c:2566:3: warning[-Wanalyzer-fd-leak]: leak of file descriptor 'fds[0]'
audit-userspace-4.1.2/src/libev/ev.c:5412:1: enter_function: entry to 'ev_async_start'
audit-userspace-4.1.2/src/libev/ev.c:5414:6: branch_false: following 'false' branch...
audit-userspace-4.1.2/src/libev/ev.c:5417:3: branch_false: ...to here
audit-userspace-4.1.2/src/libev/ev.c:5419:3: call_function: calling 'evpipe_init' from 'ev_async_start'
# 2564|     ioctlsocket (EV_FD_TO_WIN32_HANDLE (fd), FIONBIO, &arg);
# 2565|   #else
# 2566|->   fcntl (fd, F_SETFD, FD_CLOEXEC);
# 2567|     fcntl (fd, F_SETFL, O_NONBLOCK);
# 2568|   #endif

Error: GCC_ANALYZER_WARNING (CWE-775): [#def293]
audit-userspace-4.1.2/src/libev/ev.c:2566:3: warning[-Wanalyzer-fd-leak]: leak of file descriptor 'fds[1]'
audit-userspace-4.1.2/src/libev/ev.c:5412:1: enter_function: entry to 'ev_async_start'
audit-userspace-4.1.2/src/libev/ev.c:5414:6: branch_false: following 'false' branch...
audit-userspace-4.1.2/src/libev/ev.c:5417:3: branch_false: ...to here
audit-userspace-4.1.2/src/libev/ev.c:5419:3: call_function: calling 'evpipe_init' from 'ev_async_start'
# 2564|     ioctlsocket (EV_FD_TO_WIN32_HANDLE (fd), FIONBIO, &arg);
# 2565|   #else
# 2566|->   fcntl (fd, F_SETFD, FD_CLOEXEC);
# 2567|     fcntl (fd, F_SETFL, O_NONBLOCK);
# 2568|   #endif

Error: GCC_ANALYZER_WARNING (CWE-775): [#def294]
audit-userspace-4.1.2/src/libev/ev.c:2566:3: warning[-Wanalyzer-fd-leak]: leak of file descriptor 'fds[flags]'
audit-userspace-4.1.2/src/libev/ev.c:5252:1: enter_function: entry to 'embed_fork_cb'
audit-userspace-4.1.2/src/libev/ev.c:5262:5: call_function: calling 'ev_run' from 'embed_fork_cb'
# 2564|     ioctlsocket (EV_FD_TO_WIN32_HANDLE (fd), FIONBIO, &arg);
# 2565|   #else
# 2566|->   fcntl (fd, F_SETFD, FD_CLOEXEC);
# 2567|     fcntl (fd, F_SETFL, O_NONBLOCK);
# 2568|   #endif

Error: GCC_ANALYZER_WARNING (CWE-775): [#def295]
audit-userspace-4.1.2/src/libev/ev.c:2567:3: warning[-Wanalyzer-fd-leak]: leak of file descriptor 'fds[1]'
audit-userspace-4.1.2/src/libev/ev.c:5412:1: enter_function: entry to 'ev_async_start'
audit-userspace-4.1.2/src/libev/ev.c:5414:6: branch_false: following 'false' branch...
audit-userspace-4.1.2/src/libev/ev.c:5417:3: branch_false: ...to here
audit-userspace-4.1.2/src/libev/ev.c:5419:3: call_function: calling 'evpipe_init' from 'ev_async_start'
# 2565|   #else
# 2566|     fcntl (fd, F_SETFD, FD_CLOEXEC);
# 2567|->   fcntl (fd, F_SETFL, O_NONBLOCK);
# 2568|   #endif
# 2569|   }

Error: GCC_ANALYZER_WARNING (CWE-775): [#def296]
audit-userspace-4.1.2/src/libev/ev.c:2567:3: warning[-Wanalyzer-fd-leak]: leak of file descriptor 'fds[flags]'
audit-userspace-4.1.2/src/libev/ev.c:5252:1: enter_function: entry to 'embed_fork_cb'
audit-userspace-4.1.2/src/libev/ev.c:5262:5: call_function: calling 'ev_run' from 'embed_fork_cb'
# 2565|   #else
# 2566|     fcntl (fd, F_SETFD, FD_CLOEXEC);
# 2567|->   fcntl (fd, F_SETFL, O_NONBLOCK);
# 2568|   #endif
# 2569|   }

Error: GCC_ANALYZER_WARNING (CWE-775): [#def297]
audit-userspace-4.1.2/src/libev/ev.c:2769:11: warning[-Wanalyzer-fd-leak]: leak of file descriptor 'fds[1]'
audit-userspace-4.1.2/src/libev/ev.c:5412:1: enter_function: entry to 'ev_async_start'
audit-userspace-4.1.2/src/libev/ev.c:5414:6: branch_false: following 'false' branch...
audit-userspace-4.1.2/src/libev/ev.c:5417:3: branch_false: ...to here
audit-userspace-4.1.2/src/libev/ev.c:5419:3: call_function: calling 'evpipe_init' from 'ev_async_start'
# 2767|   
# 2768|             dup2 (fds [1], evpipe [1]);
# 2769|->           close (fds [1]);
# 2770|           }
# 2771|   

Error: GCC_ANALYZER_WARNING (CWE-401): [#def298]
audit-userspace-4.1.2/src/libev/event.c:414:3: warning[-Wanalyzer-malloc-leak]: leak of 'once'
audit-userspace-4.1.2/src/libev/event.c:404:48: acquire_memory: allocated here
audit-userspace-4.1.2/src/libev/event.c:407:6: branch_false: following 'false' branch (when 'once' is non-NULL)...
audit-userspace-4.1.2/src/libev/event.c:410:3: branch_false: ...to here
audit-userspace-4.1.2/src/libev/event.c:414:3: danger: 'once' leaks here; was allocated at [(1)](sarif:/runs/0/results/0/codeFlows/0/threadFlows/0/locations/0)
#  412|     once->arg = arg;
#  413|   
#  414|->   ev_once (EV_A_ fd, events & (EV_READ | EV_WRITE), ev_tv_get (tv), ev_x_once_cb, (void *)once);
#  415|   
#  416|     return 0;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def299]
audit-userspace-4.1.2/tools/aulast/aulast.c:443:21: warning[-Wanalyzer-malloc-leak]: leak of ‘strdup("reboot")’
audit-userspace-4.1.2/tools/aulast/aulast.c:479:5: enter_function: entry to ‘main’
audit-userspace-4.1.2/tools/aulast/aulast.c:534:12: branch_false: following ‘false’ branch (when ‘file’ is NULL)...
audit-userspace-4.1.2/tools/aulast/aulast.c:536:17: branch_false: ...to here
audit-userspace-4.1.2/tools/aulast/aulast.c:545:12: branch_false: following ‘false’ branch (when ‘au’ is non-NULL)...
 branch_false: ...to here
audit-userspace-4.1.2/tools/aulast/aulast.c:559:16: branch_true: following ‘true’ branch...
audit-userspace-4.1.2/tools/aulast/aulast.c:562:28: branch_true: ...to here
audit-userspace-4.1.2/tools/aulast/aulast.c:563:20: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/tools/aulast/aulast.c:565:17: branch_false: ...to here
audit-userspace-4.1.2/tools/aulast/aulast.c:580:33: call_function: calling ‘process_bootup’ from ‘main’
#  441|   	cur->start = start;
#  442|   	cur->name = strdup("reboot");
#  443|-> 	cur->term = strdup("system boot");
#  444|   	if (kernel)
#  445|   		cur->host = strdup(kernel);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def300]
audit-userspace-4.1.2/tools/aulast/aulast.c:444:13: warning[-Wanalyzer-malloc-leak]: leak of ‘strdup("system boot")’
audit-userspace-4.1.2/tools/aulast/aulast.c:479:5: enter_function: entry to ‘main’
audit-userspace-4.1.2/tools/aulast/aulast.c:534:12: branch_false: following ‘false’ branch (when ‘file’ is NULL)...
audit-userspace-4.1.2/tools/aulast/aulast.c:536:17: branch_false: ...to here
audit-userspace-4.1.2/tools/aulast/aulast.c:545:12: branch_false: following ‘false’ branch (when ‘au’ is non-NULL)...
 branch_false: ...to here
audit-userspace-4.1.2/tools/aulast/aulast.c:559:16: branch_true: following ‘true’ branch...
audit-userspace-4.1.2/tools/aulast/aulast.c:562:28: branch_true: ...to here
audit-userspace-4.1.2/tools/aulast/aulast.c:563:20: branch_false: following ‘false’ branch...
audit-userspace-4.1.2/tools/aulast/aulast.c:565:17: branch_false: ...to here
audit-userspace-4.1.2/tools/aulast/aulast.c:580:33: call_function: calling ‘process_bootup’ from ‘main’
#  442|   	cur->name = strdup("reboot");
#  443|   	cur->term = strdup("system boot");
#  444|-> 	if (kernel)
#  445|   		cur->host = strdup(kernel);
#  446|   	cur->result = 0;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def301]
audit-userspace-4.1.2/tools/aulast/aulast.c:559:16: warning[-Wanalyzer-malloc-leak]: leak of ‘au’
audit-userspace-4.1.2/tools/aulast/aulast.c:534:12: branch_false: following ‘false’ branch (when ‘file’ is NULL)...
audit-userspace-4.1.2/tools/aulast/aulast.c:536:17: branch_false: ...to here
audit-userspace-4.1.2/tools/aulast/aulast.c:536:17: branch_false: following ‘false’ branch (when ‘use_stdin == 0’)...
audit-userspace-4.1.2/tools/aulast/aulast.c:539:21: branch_false: ...to here
audit-userspace-4.1.2/tools/aulast/aulast.c:543:22: acquire_memory: allocated here
audit-userspace-4.1.2/tools/aulast/aulast.c:545:12: branch_false: following ‘false’ branch (when ‘au’ is non-NULL)...
 branch_false: ...to here
audit-userspace-4.1.2/tools/aulast/aulast.c:559:16: danger: ‘au’ leaks here; was allocated at [(5)](sarif:/runs/0/results/2/codeFlows/0/threadFlows/0/locations/4)
#  557|   	// 7) When SHUTDOWN found, close out reboot record
#  558|   
#  559|-> 	while (auparse_next_event(au) > 0) {
#  560|   		// We will take advantage of the fact that all events
#  561|   		// of interest are one record long

Error: GCC_ANALYZER_WARNING (CWE-401): [#def302]
audit-userspace-4.1.2/tools/aulastlog/aulastlog.c:98:13: warning[-Wanalyzer-malloc-leak]: leak of ‘au’
audit-userspace-4.1.2/tools/aulastlog/aulastlog.c:84:12: branch_false: following ‘false’ branch (when ‘user’ is NULL)...
audit-userspace-4.1.2/tools/aulastlog/aulastlog.c:90:12: branch_false: ...to here
audit-userspace-4.1.2/tools/aulastlog/aulastlog.c:90:12: branch_false: following ‘false’ branch (when ‘use_stdin == 0’)...
audit-userspace-4.1.2/tools/aulastlog/aulastlog.c:93:22: branch_false: ...to here
audit-userspace-4.1.2/tools/aulastlog/aulastlog.c:93:22: acquire_memory: allocated here
audit-userspace-4.1.2/tools/aulastlog/aulastlog.c:94:12: branch_false: following ‘false’ branch (when ‘au’ is non-NULL)...
audit-userspace-4.1.2/tools/aulastlog/aulastlog.c:98:13: branch_false: ...to here
audit-userspace-4.1.2/tools/aulastlog/aulastlog.c:98:13: danger: ‘au’ leaks here; was allocated at [(5)](sarif:/runs/0/results/0/codeFlows/0/threadFlows/0/locations/4)
#   96|   		goto error_exit_1;
#   97|   	}
#   98|-> 	if (ausearch_add_item(au, "type", "=", "USER_LOGIN",
#   99|   						 AUSEARCH_RULE_CLEAR)){
#  100|   		printf("ausearch_add_item error - %s\n", strerror(errno));