Error: GCC_ANALYZER_WARNING (CWE-457): [#def1] expat-2.7.2/lib/xmltok.c:1374:5: warning[-Wanalyzer-use-of-uninitialized-value]: use of uninitialized value 'utf8' expat-2.7.2/lib/xmltok.c:1357:8: branch_false: following 'false' branch... expat-2.7.2/lib/xmltok.c:1359:38: branch_false: ...to here expat-2.7.2/lib/xmltok.c:1361:8: branch_true: following 'true' branch (when 'n == 0')... expat-2.7.2/lib/xmltok.c:1362:15: branch_true: ...to here expat-2.7.2/lib/xmltok.c:1364:10: branch_false: following 'false' branch... expat-2.7.2/lib/xmltok.c:1367:7: branch_false: ...to here expat-2.7.2/lib/xmltok.c:1374:5: danger: use of uninitialized value 'utf8' here # 1372| (*fromP)++; # 1373| } # 1374|-> memcpy(*toP, utf8, n); # 1375| *toP += n; # 1376| } Error: GCC_ANALYZER_WARNING (CWE-401): [#def2] expat-2.7.2/tests/benchmark/benchmark.c:132:14: warning[-Wanalyzer-malloc-leak]: leak of ‘XMLBuf’ expat-2.7.2/tests/benchmark/benchmark.c:82:6: branch_true: following ‘true’ branch (when ‘argc > 1’)... expat-2.7.2/tests/benchmark/benchmark.c:83:9: branch_true: ...to here expat-2.7.2/tests/benchmark/benchmark.c:84:10: branch_true: following ‘true’ branch... expat-2.7.2/tests/benchmark/benchmark.c:92:6: branch_false: following ‘false’ branch... expat-2.7.2/tests/benchmark/benchmark.c:95:18: branch_false: ...to here expat-2.7.2/tests/benchmark/benchmark.c:96:6: branch_false: following ‘false’ branch... expat-2.7.2/tests/benchmark/benchmark.c:101:7: branch_false: ...to here expat-2.7.2/tests/benchmark/benchmark.c:101:6: branch_false: following ‘false’ branch... expat-2.7.2/tests/benchmark/benchmark.c:107:10: branch_false: ...to here expat-2.7.2/tests/benchmark/benchmark.c:108:6: branch_false: following ‘false’ branch (when ‘file’ is non-NULL)... expat-2.7.2/tests/benchmark/benchmark.c:114:26: branch_false: ...to here expat-2.7.2/tests/benchmark/benchmark.c:116:6: branch_false: following ‘false’ branch... expat-2.7.2/tests/benchmark/benchmark.c:122:19: branch_false: ...to here expat-2.7.2/tests/benchmark/benchmark.c:122:12: acquire_memory: allocated here expat-2.7.2/tests/benchmark/benchmark.c:123:6: branch_false: following ‘false’ branch (when ‘XMLBuf’ is non-NULL)... expat-2.7.2/tests/benchmark/benchmark.c:128:14: branch_false: ...to here expat-2.7.2/tests/benchmark/benchmark.c:131:6: branch_true: following ‘true’ branch (when ‘j != 0’)... expat-2.7.2/tests/benchmark/benchmark.c:132:14: branch_true: ...to here expat-2.7.2/tests/benchmark/benchmark.c:132:14: danger: ‘XMLBuf’ leaks here; was allocated at [(15)](sarif:/runs/0/results/0/codeFlows/0/threadFlows/0/locations/14) # 130| # 131| if (ns) # 132|-> parser = XML_ParserCreateNS(NULL, '!'); # 133| else # 134| parser = XML_ParserCreate(NULL); Error: GCC_ANALYZER_WARNING (CWE-401): [#def3] expat-2.7.2/tests/benchmark/benchmark.c:134:14: warning[-Wanalyzer-malloc-leak]: leak of ‘XMLBuf’ expat-2.7.2/tests/benchmark/benchmark.c:82:6: branch_true: following ‘true’ branch (when ‘argc > 1’)... expat-2.7.2/tests/benchmark/benchmark.c:83:9: branch_true: ...to here expat-2.7.2/tests/benchmark/benchmark.c:92:6: branch_false: following ‘false’ branch... expat-2.7.2/tests/benchmark/benchmark.c:95:18: branch_false: ...to here expat-2.7.2/tests/benchmark/benchmark.c:96:6: branch_false: following ‘false’ branch... expat-2.7.2/tests/benchmark/benchmark.c:101:7: branch_false: ...to here expat-2.7.2/tests/benchmark/benchmark.c:101:6: branch_false: following ‘false’ branch... expat-2.7.2/tests/benchmark/benchmark.c:107:10: branch_false: ...to here expat-2.7.2/tests/benchmark/benchmark.c:108:6: branch_false: following ‘false’ branch (when ‘file’ is non-NULL)... expat-2.7.2/tests/benchmark/benchmark.c:114:26: branch_false: ...to here expat-2.7.2/tests/benchmark/benchmark.c:116:6: branch_false: following ‘false’ branch... expat-2.7.2/tests/benchmark/benchmark.c:122:19: branch_false: ...to here expat-2.7.2/tests/benchmark/benchmark.c:122:12: acquire_memory: allocated here expat-2.7.2/tests/benchmark/benchmark.c:123:6: branch_false: following ‘false’ branch (when ‘XMLBuf’ is non-NULL)... expat-2.7.2/tests/benchmark/benchmark.c:128:14: branch_false: ...to here expat-2.7.2/tests/benchmark/benchmark.c:131:6: branch_false: following ‘false’ branch (when ‘j == 0’)... expat-2.7.2/tests/benchmark/benchmark.c:134:14: branch_false: ...to here expat-2.7.2/tests/benchmark/benchmark.c:134:14: danger: ‘XMLBuf’ leaks here; was allocated at [(13)](sarif:/runs/0/results/1/codeFlows/0/threadFlows/0/locations/12) # 132| parser = XML_ParserCreateNS(NULL, '!'); # 133| else # 134|-> parser = XML_ParserCreate(NULL); # 135| # 136| i = 0; Error: GCC_ANALYZER_WARNING (CWE-401): [#def4] expat-2.7.2/tests/benchmark/benchmark.c:149:13: warning[-Wanalyzer-malloc-leak]: leak of ‘XMLBufPtr’ expat-2.7.2/tests/benchmark/benchmark.c:82:6: branch_true: following ‘true’ branch (when ‘argc > 1’)... expat-2.7.2/tests/benchmark/benchmark.c:83:9: branch_true: ...to here expat-2.7.2/tests/benchmark/benchmark.c:92:6: branch_false: following ‘false’ branch... expat-2.7.2/tests/benchmark/benchmark.c:95:18: branch_false: ...to here expat-2.7.2/tests/benchmark/benchmark.c:96:6: branch_false: following ‘false’ branch... expat-2.7.2/tests/benchmark/benchmark.c:101:7: branch_false: ...to here expat-2.7.2/tests/benchmark/benchmark.c:101:6: branch_false: following ‘false’ branch... expat-2.7.2/tests/benchmark/benchmark.c:107:10: branch_false: ...to here expat-2.7.2/tests/benchmark/benchmark.c:108:6: branch_false: following ‘false’ branch (when ‘file’ is non-NULL)... expat-2.7.2/tests/benchmark/benchmark.c:114:26: branch_false: ...to here expat-2.7.2/tests/benchmark/benchmark.c:116:6: branch_false: following ‘false’ branch... expat-2.7.2/tests/benchmark/benchmark.c:122:19: branch_false: ...to here expat-2.7.2/tests/benchmark/benchmark.c:122:12: acquire_memory: allocated here expat-2.7.2/tests/benchmark/benchmark.c:123:6: branch_false: following ‘false’ branch (when ‘XMLBuf’ is non-NULL)... expat-2.7.2/tests/benchmark/benchmark.c:128:14: branch_false: ...to here expat-2.7.2/tests/benchmark/benchmark.c:138:10: branch_true: following ‘true’ branch... expat-2.7.2/tests/benchmark/benchmark.c:141:14: branch_true: ...to here expat-2.7.2/tests/benchmark/benchmark.c:144:10: branch_true: following ‘true’ branch... expat-2.7.2/tests/benchmark/benchmark.c:148:7: branch_true: ...to here expat-2.7.2/tests/benchmark/benchmark.c:148:7: branch_true: following ‘true’ branch... expat-2.7.2/tests/benchmark/benchmark.c:149:13: branch_true: ...to here expat-2.7.2/tests/benchmark/benchmark.c:149:13: danger: ‘XMLBufPtr’ leaks here; was allocated at [(13)](sarif:/runs/0/results/2/codeFlows/0/threadFlows/0/locations/12) # 147| parseBufferSize = bufferSize; # 148| assert(parseBufferSize <= (ptrdiff_t)bufferSize); # 149|-> if (! XML_Parse(parser, XMLBufPtr, (int)parseBufferSize, isFinal)) { # 150| fprintf(stderr, # 151| "error '%" XML_FMT_STR "' at line %" XML_FMT_INT_MOD Error: GCC_ANALYZER_WARNING (CWE-401): [#def5] expat-2.7.2/tests/benchmark/benchmark.c:149:13: warning[-Wanalyzer-malloc-leak]: leak of ‘XMLBuf’ expat-2.7.2/tests/benchmark/benchmark.c:82:6: branch_true: following ‘true’ branch (when ‘argc > 1’)... expat-2.7.2/tests/benchmark/benchmark.c:83:9: branch_true: ...to here expat-2.7.2/tests/benchmark/benchmark.c:92:6: branch_false: following ‘false’ branch... expat-2.7.2/tests/benchmark/benchmark.c:95:18: branch_false: ...to here expat-2.7.2/tests/benchmark/benchmark.c:96:6: branch_false: following ‘false’ branch... expat-2.7.2/tests/benchmark/benchmark.c:101:7: branch_false: ...to here expat-2.7.2/tests/benchmark/benchmark.c:101:6: branch_false: following ‘false’ branch... expat-2.7.2/tests/benchmark/benchmark.c:107:10: branch_false: ...to here expat-2.7.2/tests/benchmark/benchmark.c:108:6: branch_false: following ‘false’ branch (when ‘file’ is non-NULL)... expat-2.7.2/tests/benchmark/benchmark.c:114:26: branch_false: ...to here expat-2.7.2/tests/benchmark/benchmark.c:116:6: branch_false: following ‘false’ branch... expat-2.7.2/tests/benchmark/benchmark.c:122:19: branch_false: ...to here expat-2.7.2/tests/benchmark/benchmark.c:122:12: acquire_memory: allocated here expat-2.7.2/tests/benchmark/benchmark.c:123:6: branch_false: following ‘false’ branch (when ‘XMLBuf’ is non-NULL)... expat-2.7.2/tests/benchmark/benchmark.c:128:14: branch_false: ...to here expat-2.7.2/tests/benchmark/benchmark.c:138:10: branch_true: following ‘true’ branch... expat-2.7.2/tests/benchmark/benchmark.c:141:14: branch_true: ...to here expat-2.7.2/tests/benchmark/benchmark.c:144:10: branch_false: following ‘false’ branch... branch_false: ...to here expat-2.7.2/tests/benchmark/benchmark.c:148:7: branch_true: following ‘true’ branch... expat-2.7.2/tests/benchmark/benchmark.c:149:13: branch_true: ...to here expat-2.7.2/tests/benchmark/benchmark.c:149:10: branch_false: following ‘false’ branch... expat-2.7.2/tests/benchmark/benchmark.c:160:17: branch_false: ...to here expat-2.7.2/tests/benchmark/benchmark.c:161:14: branch_true: following ‘true’ branch (when ‘isFinal == 0’)... branch_true: ...to here expat-2.7.2/tests/benchmark/benchmark.c:144:10: branch_true: following ‘true’ branch... expat-2.7.2/tests/benchmark/benchmark.c:148:7: branch_true: ...to here expat-2.7.2/tests/benchmark/benchmark.c:148:7: branch_true: following ‘true’ branch... expat-2.7.2/tests/benchmark/benchmark.c:149:13: branch_true: ...to here expat-2.7.2/tests/benchmark/benchmark.c:149:13: danger: ‘XMLBuf’ leaks here; was allocated at [(13)](sarif:/runs/0/results/3/codeFlows/0/threadFlows/0/locations/12) # 147| parseBufferSize = bufferSize; # 148| assert(parseBufferSize <= (ptrdiff_t)bufferSize); # 149|-> if (! XML_Parse(parser, XMLBufPtr, (int)parseBufferSize, isFinal)) { # 150| fprintf(stderr, # 151| "error '%" XML_FMT_STR "' at line %" XML_FMT_INT_MOD Error: GCC_ANALYZER_WARNING (CWE-401): [#def6] expat-2.7.2/tests/benchmark/benchmark.c:164:5: warning[-Wanalyzer-malloc-leak]: leak of ‘XMLBufPtr’ expat-2.7.2/tests/benchmark/benchmark.c:82:6: branch_true: following ‘true’ branch (when ‘argc > 1’)... expat-2.7.2/tests/benchmark/benchmark.c:83:9: branch_true: ...to here expat-2.7.2/tests/benchmark/benchmark.c:92:6: branch_false: following ‘false’ branch... expat-2.7.2/tests/benchmark/benchmark.c:95:18: branch_false: ...to here expat-2.7.2/tests/benchmark/benchmark.c:96:6: branch_false: following ‘false’ branch... expat-2.7.2/tests/benchmark/benchmark.c:101:7: branch_false: ...to here expat-2.7.2/tests/benchmark/benchmark.c:101:6: branch_false: following ‘false’ branch... expat-2.7.2/tests/benchmark/benchmark.c:107:10: branch_false: ...to here expat-2.7.2/tests/benchmark/benchmark.c:108:6: branch_false: following ‘false’ branch (when ‘file’ is non-NULL)... expat-2.7.2/tests/benchmark/benchmark.c:114:26: branch_false: ...to here expat-2.7.2/tests/benchmark/benchmark.c:116:6: branch_false: following ‘false’ branch... expat-2.7.2/tests/benchmark/benchmark.c:122:19: branch_false: ...to here expat-2.7.2/tests/benchmark/benchmark.c:122:12: acquire_memory: allocated here expat-2.7.2/tests/benchmark/benchmark.c:123:6: branch_false: following ‘false’ branch (when ‘XMLBuf’ is non-NULL)... expat-2.7.2/tests/benchmark/benchmark.c:128:14: branch_false: ...to here expat-2.7.2/tests/benchmark/benchmark.c:138:10: branch_true: following ‘true’ branch... expat-2.7.2/tests/benchmark/benchmark.c:141:14: branch_true: ...to here expat-2.7.2/tests/benchmark/benchmark.c:148:7: branch_true: following ‘true’ branch... expat-2.7.2/tests/benchmark/benchmark.c:149:13: branch_true: ...to here expat-2.7.2/tests/benchmark/benchmark.c:149:10: branch_false: following ‘false’ branch... expat-2.7.2/tests/benchmark/benchmark.c:160:17: branch_false: ...to here expat-2.7.2/tests/benchmark/benchmark.c:161:14: branch_false: following ‘false’ branch (when ‘isFinal != 0’)... expat-2.7.2/tests/benchmark/benchmark.c:162:12: branch_false: ...to here expat-2.7.2/tests/benchmark/benchmark.c:164:5: danger: ‘XMLBufPtr’ leaks here; was allocated at [(13)](sarif:/runs/0/results/4/codeFlows/0/threadFlows/0/locations/12) # 162| tend = clock(); # 163| cpuTime += ((double)(tend - tstart)) / CLOCKS_PER_SEC; # 164|-> XML_ParserReset(parser, NULL); # 165| i++; # 166| } Error: GCC_ANALYZER_WARNING (CWE-775): [#def7] expat-2.7.2/xmlwf/xmlfile.c:93:25: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘fd’ expat-2.7.2/xmlwf/xmlfile.c:190:1: enter_function: entry to ‘processStream’ expat-2.7.2/xmlwf/xmlfile.c:194:6: branch_true: following ‘true’ branch (when ‘filename’ is non-NULL)... expat-2.7.2/xmlwf/xmlfile.c:195:10: branch_true: ...to here expat-2.7.2/xmlwf/xmlfile.c:195:10: acquire_resource: opened here expat-2.7.2/xmlwf/xmlfile.c:196:8: branch_false: following ‘false’ branch... branch_false: ...to here expat-2.7.2/xmlwf/xmlfile.c:204:8: branch_false: following ‘false’ branch... expat-2.7.2/xmlwf/xmlfile.c:211:13: branch_false: ...to here expat-2.7.2/xmlwf/xmlfile.c:212:8: branch_false: following ‘false’ branch... expat-2.7.2/xmlwf/xmlfile.c:218:9: branch_false: ...to here expat-2.7.2/xmlwf/xmlfile.c:219:7: branch_true: following ‘true’ branch (when ‘filename’ is non-NULL)... expat-2.7.2/xmlwf/xmlfile.c:219:7: branch_true: ...to here expat-2.7.2/xmlwf/xmlfile.c:219:7: call_function: calling ‘reportError’ from ‘processStream’ # 91| static void # 92| reportError(XML_Parser parser, const XML_Char *filename) { # 93|-> enum XML_Error code = XML_GetErrorCode(parser); # 94| const XML_Char *message = XML_ErrorString(code); # 95| if (message) Error: GCC_ANALYZER_WARNING (CWE-775): [#def8] expat-2.7.2/xmlwf/xmlfile.c:94:29: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘fd’ expat-2.7.2/xmlwf/xmlfile.c:190:1: enter_function: entry to ‘processStream’ expat-2.7.2/xmlwf/xmlfile.c:194:6: branch_true: following ‘true’ branch (when ‘filename’ is non-NULL)... expat-2.7.2/xmlwf/xmlfile.c:195:10: branch_true: ...to here expat-2.7.2/xmlwf/xmlfile.c:195:10: acquire_resource: opened here expat-2.7.2/xmlwf/xmlfile.c:196:8: branch_false: following ‘false’ branch... branch_false: ...to here expat-2.7.2/xmlwf/xmlfile.c:204:8: branch_false: following ‘false’ branch... expat-2.7.2/xmlwf/xmlfile.c:211:13: branch_false: ...to here expat-2.7.2/xmlwf/xmlfile.c:212:8: branch_false: following ‘false’ branch... expat-2.7.2/xmlwf/xmlfile.c:218:9: branch_false: ...to here expat-2.7.2/xmlwf/xmlfile.c:219:7: branch_true: following ‘true’ branch (when ‘filename’ is non-NULL)... expat-2.7.2/xmlwf/xmlfile.c:219:7: branch_true: ...to here expat-2.7.2/xmlwf/xmlfile.c:219:7: call_function: calling ‘reportError’ from ‘processStream’ # 92| reportError(XML_Parser parser, const XML_Char *filename) { # 93| enum XML_Error code = XML_GetErrorCode(parser); # 94|-> const XML_Char *message = XML_ErrorString(code); # 95| if (message) # 96| ftprintf(stdout, Error: GCC_ANALYZER_WARNING (CWE-775): [#def9] expat-2.7.2/xmlwf/xmlfile.c:96:5: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘fd’ expat-2.7.2/xmlwf/xmlfile.c:190:1: enter_function: entry to ‘processStream’ expat-2.7.2/xmlwf/xmlfile.c:194:6: branch_true: following ‘true’ branch (when ‘filename’ is non-NULL)... expat-2.7.2/xmlwf/xmlfile.c:195:10: branch_true: ...to here expat-2.7.2/xmlwf/xmlfile.c:195:10: acquire_resource: opened here expat-2.7.2/xmlwf/xmlfile.c:196:8: branch_false: following ‘false’ branch... branch_false: ...to here expat-2.7.2/xmlwf/xmlfile.c:204:8: branch_false: following ‘false’ branch... expat-2.7.2/xmlwf/xmlfile.c:211:13: branch_false: ...to here expat-2.7.2/xmlwf/xmlfile.c:212:8: branch_false: following ‘false’ branch... expat-2.7.2/xmlwf/xmlfile.c:218:9: branch_false: ...to here expat-2.7.2/xmlwf/xmlfile.c:219:7: branch_true: following ‘true’ branch (when ‘filename’ is non-NULL)... expat-2.7.2/xmlwf/xmlfile.c:219:7: branch_true: ...to here expat-2.7.2/xmlwf/xmlfile.c:219:7: call_function: calling ‘reportError’ from ‘processStream’ # 94| const XML_Char *message = XML_ErrorString(code); # 95| if (message) # 96|-> ftprintf(stdout, # 97| T("%s") T(":%") T(XML_FMT_INT_MOD) T("u") T(":%") # 98| T(XML_FMT_INT_MOD) T("u") T(": %s\n"), Error: GCC_ANALYZER_WARNING (CWE-775): [#def10] expat-2.7.2/xmlwf/xmlfile.c:203:25: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘fd’ expat-2.7.2/xmlwf/xmlfile.c:194:6: branch_true: following ‘true’ branch (when ‘filename’ is non-NULL)... expat-2.7.2/xmlwf/xmlfile.c:195:10: branch_true: ...to here expat-2.7.2/xmlwf/xmlfile.c:195:10: acquire_resource: opened here expat-2.7.2/xmlwf/xmlfile.c:196:8: branch_false: following ‘false’ branch... branch_false: ...to here expat-2.7.2/xmlwf/xmlfile.c:203:25: danger: ‘fd’ leaks here; was opened at [(3)](sarif:/runs/0/results/4/codeFlows/0/threadFlows/0/locations/2) # 201| for (;;) { # 202| EXPAT_read_count_t nread; # 203|-> char *buf = (char *)XML_GetBuffer(parser, g_read_size_bytes); # 204| if (! buf) { # 205| if (filename != NULL) Error: GCC_ANALYZER_WARNING (CWE-775): [#def11] expat-2.7.2/xmlwf/xmlfile.c:206:9: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘fd’ expat-2.7.2/xmlwf/xmlfile.c:194:6: branch_true: following ‘true’ branch (when ‘filename’ is non-NULL)... expat-2.7.2/xmlwf/xmlfile.c:195:10: branch_true: ...to here expat-2.7.2/xmlwf/xmlfile.c:195:10: acquire_resource: opened here expat-2.7.2/xmlwf/xmlfile.c:196:8: branch_false: following ‘false’ branch... branch_false: ...to here expat-2.7.2/xmlwf/xmlfile.c:205:10: branch_true: following ‘true’ branch (when ‘filename’ is non-NULL)... expat-2.7.2/xmlwf/xmlfile.c:206:9: branch_true: ...to here expat-2.7.2/xmlwf/xmlfile.c:206:9: danger: ‘fd’ leaks here; was opened at [(3)](sarif:/runs/0/results/5/codeFlows/0/threadFlows/0/locations/2) # 204| if (! buf) { # 205| if (filename != NULL) # 206|-> close(fd); # 207| ftprintf(stderr, T("%s: out of memory\n"), # 208| filename != NULL ? filename : T("xmlwf")); Error: GCC_ANALYZER_WARNING (CWE-775): [#def12] expat-2.7.2/xmlwf/xmlfile.c:213:7: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘fd’ expat-2.7.2/xmlwf/xmlfile.c:194:6: branch_true: following ‘true’ branch (when ‘filename’ is non-NULL)... expat-2.7.2/xmlwf/xmlfile.c:195:10: branch_true: ...to here expat-2.7.2/xmlwf/xmlfile.c:195:10: acquire_resource: opened here expat-2.7.2/xmlwf/xmlfile.c:196:8: branch_false: following ‘false’ branch... branch_false: ...to here expat-2.7.2/xmlwf/xmlfile.c:204:8: branch_false: following ‘false’ branch... expat-2.7.2/xmlwf/xmlfile.c:211:13: branch_false: ...to here expat-2.7.2/xmlwf/xmlfile.c:213:7: branch_true: following ‘true’ branch (when ‘filename’ is non-NULL)... expat-2.7.2/xmlwf/xmlfile.c:213:7: branch_true: ...to here expat-2.7.2/xmlwf/xmlfile.c:213:7: danger: ‘fd’ leaks here; was opened at [(3)](sarif:/runs/0/results/6/codeFlows/0/threadFlows/0/locations/2) # 211| nread = EXPAT_read(fd, buf, (EXPAT_read_req_t)g_read_size_bytes); # 212| if (nread < 0) { # 213|-> tperror(filename != NULL ? filename : T("STDIN")); # 214| if (filename != NULL) # 215| close(fd); Error: GCC_ANALYZER_WARNING (CWE-775): [#def13] expat-2.7.2/xmlwf/xmlfile.c:215:9: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘fd’ expat-2.7.2/xmlwf/xmlfile.c:194:6: branch_true: following ‘true’ branch (when ‘filename’ is non-NULL)... expat-2.7.2/xmlwf/xmlfile.c:195:10: branch_true: ...to here expat-2.7.2/xmlwf/xmlfile.c:195:10: acquire_resource: opened here expat-2.7.2/xmlwf/xmlfile.c:196:8: branch_false: following ‘false’ branch... branch_false: ...to here expat-2.7.2/xmlwf/xmlfile.c:204:8: branch_false: following ‘false’ branch... expat-2.7.2/xmlwf/xmlfile.c:211:13: branch_false: ...to here expat-2.7.2/xmlwf/xmlfile.c:213:7: branch_true: following ‘true’ branch (when ‘filename’ is non-NULL)... expat-2.7.2/xmlwf/xmlfile.c:213:7: branch_true: ...to here expat-2.7.2/xmlwf/xmlfile.c:214:10: branch_true: following ‘true’ branch (when ‘filename’ is non-NULL)... expat-2.7.2/xmlwf/xmlfile.c:215:9: branch_true: ...to here expat-2.7.2/xmlwf/xmlfile.c:215:9: danger: ‘fd’ leaks here; was opened at [(3)](sarif:/runs/0/results/7/codeFlows/0/threadFlows/0/locations/2) # 213| tperror(filename != NULL ? filename : T("STDIN")); # 214| if (filename != NULL) # 215|-> close(fd); # 216| return 0; # 217| } Error: GCC_ANALYZER_WARNING (CWE-775): [#def14] expat-2.7.2/xmlwf/xmlfile.c:218:9: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘fd’ expat-2.7.2/xmlwf/xmlfile.c:194:6: branch_true: following ‘true’ branch (when ‘filename’ is non-NULL)... expat-2.7.2/xmlwf/xmlfile.c:195:10: branch_true: ...to here expat-2.7.2/xmlwf/xmlfile.c:195:10: acquire_resource: opened here expat-2.7.2/xmlwf/xmlfile.c:196:8: branch_false: following ‘false’ branch... branch_false: ...to here expat-2.7.2/xmlwf/xmlfile.c:204:8: branch_false: following ‘false’ branch... expat-2.7.2/xmlwf/xmlfile.c:211:13: branch_false: ...to here expat-2.7.2/xmlwf/xmlfile.c:212:8: branch_false: following ‘false’ branch... expat-2.7.2/xmlwf/xmlfile.c:218:9: branch_false: ...to here expat-2.7.2/xmlwf/xmlfile.c:218:9: danger: ‘fd’ leaks here; was opened at [(3)](sarif:/runs/0/results/8/codeFlows/0/threadFlows/0/locations/2) # 216| return 0; # 217| } # 218|-> if (XML_ParseBuffer(parser, (int)nread, nread == 0) == XML_STATUS_ERROR) { # 219| reportError(parser, filename != NULL ? filename : T("STDIN")); # 220| if (filename != NULL) Error: GCC_ANALYZER_WARNING (CWE-775): [#def15] expat-2.7.2/xmlwf/xmlfile.c:226:9: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘fd’ expat-2.7.2/xmlwf/xmlfile.c:194:6: branch_true: following ‘true’ branch (when ‘filename’ is non-NULL)... expat-2.7.2/xmlwf/xmlfile.c:195:10: branch_true: ...to here expat-2.7.2/xmlwf/xmlfile.c:195:10: acquire_resource: opened here expat-2.7.2/xmlwf/xmlfile.c:196:8: branch_false: following ‘false’ branch... branch_false: ...to here expat-2.7.2/xmlwf/xmlfile.c:204:8: branch_false: following ‘false’ branch... expat-2.7.2/xmlwf/xmlfile.c:211:13: branch_false: ...to here expat-2.7.2/xmlwf/xmlfile.c:212:8: branch_false: following ‘false’ branch... expat-2.7.2/xmlwf/xmlfile.c:218:9: branch_false: ...to here expat-2.7.2/xmlwf/xmlfile.c:218:8: branch_false: following ‘false’ branch... expat-2.7.2/xmlwf/xmlfile.c:224:8: branch_false: ...to here expat-2.7.2/xmlwf/xmlfile.c:225:10: branch_true: following ‘true’ branch (when ‘filename’ is non-NULL)... expat-2.7.2/xmlwf/xmlfile.c:226:9: branch_true: ...to here expat-2.7.2/xmlwf/xmlfile.c:226:9: danger: ‘fd’ leaks here; was opened at [(3)](sarif:/runs/0/results/9/codeFlows/0/threadFlows/0/locations/2) # 224| if (nread == 0) { # 225| if (filename != NULL) # 226|-> close(fd); # 227| break; # 228| ; Error: GCC_ANALYZER_WARNING (CWE-401): [#def16] expat-2.7.2/xmlwf/xmlfile.c:244:3: warning[-Wanalyzer-malloc-leak]: leak of ‘s’ expat-2.7.2/xmlwf/xmlfile.c:235:1: enter_function: entry to ‘externalEntityRefStream’ expat-2.7.2/xmlwf/xmlfile.c:243:14: call_function: calling ‘resolveSystemId’ from ‘externalEntityRefStream’ expat-2.7.2/xmlwf/xmlfile.c:243:14: return_function: returning to ‘externalEntityRefStream’ from ‘resolveSystemId’ expat-2.7.2/xmlwf/xmlfile.c:244:3: danger: ‘s’ leaks here; was allocated at [(6)](sarif:/runs/0/results/10/codeFlows/0/threadFlows/0/locations/5) # 242| UNUSED_P(publicId); # 243| filename = resolveSystemId(base, systemId, &s); # 244|-> XML_SetBase(entParser, filename); # 245| ret = processStream(filename, entParser); # 246| free(s); Error: GCC_ANALYZER_WARNING (CWE-401): [#def17] expat-2.7.2/xmlwf/xmlwf.c:408:3: warning[-Wanalyzer-malloc-leak]: leak of ‘notations’ expat-2.7.2/xmlwf/xmlwf.c:391:6: branch_false: following ‘false’ branch (when ‘notationCount != 0’)... expat-2.7.2/xmlwf/xmlwf.c:398:15: branch_false: ...to here expat-2.7.2/xmlwf/xmlwf.c:398:15: acquire_memory: allocated here expat-2.7.2/xmlwf/xmlwf.c:399:6: branch_false: following ‘false’ branch (when ‘notations’ is non-NULL)... branch_false: ...to here expat-2.7.2/xmlwf/xmlwf.c:408:3: danger: ‘notations’ leaks here; was allocated at [(3)](sarif:/runs/0/results/0/codeFlows/0/threadFlows/0/locations/2) # 406| notations[i] = p; # 407| } # 408|-> qsort(notations, notationCount, sizeof(NotationList *), notationCmp); # 409| # 410| /* Output the DOCTYPE header */ Error: GCC_ANALYZER_WARNING (CWE-401): [#def18] expat-2.7.2/xmlwf/xmlwf.c:1248:9: warning[-Wanalyzer-malloc-leak]: leak of ‘outName’ expat-2.7.2/xmlwf/xmlwf.c:1004:10: branch_true: following ‘true’ branch (when ‘i < argc’)... expat-2.7.2/xmlwf/xmlwf.c:1005:8: branch_true: ...to here expat-2.7.2/xmlwf/xmlwf.c:1005:8: branch_true: following ‘true’ branch (when ‘j == 0’)... expat-2.7.2/xmlwf/xmlwf.c:1006:15: branch_true: ...to here expat-2.7.2/xmlwf/xmlwf.c:1006:10: branch_false: following ‘false’ branch... expat-2.7.2/xmlwf/xmlwf.c:1008:11: branch_false: ...to here expat-2.7.2/xmlwf/xmlwf.c:1166:10: branch_true: following ‘true’ branch (when ‘i < argc’)... expat-2.7.2/xmlwf/xmlwf.c:1170:8: branch_true: ...to here expat-2.7.2/xmlwf/xmlwf.c:1175:8: branch_false: following ‘false’ branch (when ‘parser’ is non-NULL)... expat-2.7.2/xmlwf/xmlwf.c:1180:8: branch_false: ...to here expat-2.7.2/xmlwf/xmlwf.c:1188:8: branch_false: following ‘false’ branch (when ‘attackThresholdGiven == 0’)... expat-2.7.2/xmlwf/xmlwf.c:1198:8: branch_false: ...to here expat-2.7.2/xmlwf/xmlwf.c:1211:8: branch_false: following ‘false’ branch (when ‘outputType != 116’)... expat-2.7.2/xmlwf/xmlwf.c:1218:15: branch_false: ...to here expat-2.7.2/xmlwf/xmlwf.c:1218:15: branch_true: following ‘true’ branch (when ‘outputDir’ is non-NULL)... expat-2.7.2/xmlwf/xmlwf.c:1220:30: branch_true: ...to here expat-2.7.2/xmlwf/xmlwf.c:1237:29: acquire_memory: allocated here expat-2.7.2/xmlwf/xmlwf.c:1239:10: branch_false: following ‘false’ branch (when ‘outName’ is non-NULL)... expat-2.7.2/xmlwf/xmlwf.c:1243:7: branch_false: ...to here expat-2.7.2/xmlwf/xmlwf.c:1247:10: branch_true: following ‘true’ branch... expat-2.7.2/xmlwf/xmlwf.c:1248:9: branch_true: ...to here expat-2.7.2/xmlwf/xmlwf.c:1248:9: danger: ‘outName’ leaks here; was allocated at [(17)](sarif:/runs/0/results/1/codeFlows/0/threadFlows/0/locations/16) # 1246| userData.fp = tfopen(outName, T("wb")); # 1247| if (! userData.fp) { # 1248|-> tperror(outName); # 1249| exitCode = XMLWF_EXIT_OUTPUT_ERROR; # 1250| free(outName); Error: GCC_ANALYZER_WARNING (CWE-775): [#def19] expat-2.7.2/xmlwf/xmlwf.c:1262:7: warning[-Wanalyzer-file-leak]: leak of FILE ‘userData.fp’ expat-2.7.2/xmlwf/xmlwf.c:1004:10: branch_true: following ‘true’ branch (when ‘i < argc’)... expat-2.7.2/xmlwf/xmlwf.c:1005:8: branch_true: ...to here expat-2.7.2/xmlwf/xmlwf.c:1005:8: branch_true: following ‘true’ branch (when ‘j == 0’)... expat-2.7.2/xmlwf/xmlwf.c:1006:15: branch_true: ...to here expat-2.7.2/xmlwf/xmlwf.c:1006:10: branch_false: following ‘false’ branch... expat-2.7.2/xmlwf/xmlwf.c:1008:11: branch_false: ...to here expat-2.7.2/xmlwf/xmlwf.c:1166:10: branch_true: following ‘true’ branch (when ‘i < argc’)... expat-2.7.2/xmlwf/xmlwf.c:1170:8: branch_true: ...to here expat-2.7.2/xmlwf/xmlwf.c:1175:8: branch_false: following ‘false’ branch (when ‘parser’ is non-NULL)... expat-2.7.2/xmlwf/xmlwf.c:1180:8: branch_false: ...to here expat-2.7.2/xmlwf/xmlwf.c:1188:8: branch_false: following ‘false’ branch (when ‘attackThresholdGiven == 0’)... expat-2.7.2/xmlwf/xmlwf.c:1198:8: branch_false: ...to here expat-2.7.2/xmlwf/xmlwf.c:1211:8: branch_false: following ‘false’ branch (when ‘outputType != 116’)... expat-2.7.2/xmlwf/xmlwf.c:1218:15: branch_false: ...to here expat-2.7.2/xmlwf/xmlwf.c:1218:15: branch_true: following ‘true’ branch (when ‘outputDir’ is non-NULL)... expat-2.7.2/xmlwf/xmlwf.c:1220:30: branch_true: ...to here expat-2.7.2/xmlwf/xmlwf.c:1239:10: branch_false: following ‘false’ branch (when ‘outName’ is non-NULL)... expat-2.7.2/xmlwf/xmlwf.c:1243:7: branch_false: ...to here expat-2.7.2/xmlwf/xmlwf.c:1246:21: acquire_resource: opened here expat-2.7.2/xmlwf/xmlwf.c:1247:10: branch_false: following ‘false’ branch... expat-2.7.2/xmlwf/xmlwf.c:1258:7: branch_false: ...to here expat-2.7.2/xmlwf/xmlwf.c:1262:7: danger: ‘userData.fp’ leaks here; was opened at [(19)](sarif:/runs/0/results/2/codeFlows/0/threadFlows/0/locations/18) # 1260| puttc(0xFEFF, userData.fp); # 1261| #endif # 1262|-> XML_SetUserData(parser, &userData); # 1263| switch (outputType) { # 1264| case 'm': Error: GCC_ANALYZER_WARNING (CWE-401): [#def20] expat-2.7.2/xmlwf/xmlwf.c:1262:7: warning[-Wanalyzer-malloc-leak]: leak of ‘outName’ expat-2.7.2/xmlwf/xmlwf.c:1004:10: branch_true: following ‘true’ branch (when ‘i < argc’)... expat-2.7.2/xmlwf/xmlwf.c:1005:8: branch_true: ...to here expat-2.7.2/xmlwf/xmlwf.c:1005:8: branch_true: following ‘true’ branch (when ‘j == 0’)... expat-2.7.2/xmlwf/xmlwf.c:1006:15: branch_true: ...to here expat-2.7.2/xmlwf/xmlwf.c:1006:10: branch_false: following ‘false’ branch... expat-2.7.2/xmlwf/xmlwf.c:1008:11: branch_false: ...to here expat-2.7.2/xmlwf/xmlwf.c:1166:10: branch_true: following ‘true’ branch (when ‘i < argc’)... expat-2.7.2/xmlwf/xmlwf.c:1170:8: branch_true: ...to here expat-2.7.2/xmlwf/xmlwf.c:1175:8: branch_false: following ‘false’ branch (when ‘parser’ is non-NULL)... expat-2.7.2/xmlwf/xmlwf.c:1180:8: branch_false: ...to here expat-2.7.2/xmlwf/xmlwf.c:1188:8: branch_false: following ‘false’ branch (when ‘attackThresholdGiven == 0’)... expat-2.7.2/xmlwf/xmlwf.c:1198:8: branch_false: ...to here expat-2.7.2/xmlwf/xmlwf.c:1211:8: branch_false: following ‘false’ branch (when ‘outputType != 116’)... expat-2.7.2/xmlwf/xmlwf.c:1218:15: branch_false: ...to here expat-2.7.2/xmlwf/xmlwf.c:1218:15: branch_true: following ‘true’ branch (when ‘outputDir’ is non-NULL)... expat-2.7.2/xmlwf/xmlwf.c:1220:30: branch_true: ...to here expat-2.7.2/xmlwf/xmlwf.c:1237:29: acquire_memory: allocated here expat-2.7.2/xmlwf/xmlwf.c:1239:10: branch_false: following ‘false’ branch (when ‘outName’ is non-NULL)... expat-2.7.2/xmlwf/xmlwf.c:1243:7: branch_false: ...to here expat-2.7.2/xmlwf/xmlwf.c:1247:10: branch_false: following ‘false’ branch... expat-2.7.2/xmlwf/xmlwf.c:1258:7: branch_false: ...to here expat-2.7.2/xmlwf/xmlwf.c:1262:7: danger: ‘outName’ leaks here; was allocated at [(17)](sarif:/runs/0/results/3/codeFlows/0/threadFlows/0/locations/16) # 1260| puttc(0xFEFF, userData.fp); # 1261| #endif # 1262|-> XML_SetUserData(parser, &userData); # 1263| switch (outputType) { # 1264| case 'm': Error: GCC_ANALYZER_WARNING (CWE-401): [#def21] expat-2.7.2/xmlwf/xmlwf.c:1262:7: warning[-Wanalyzer-malloc-leak]: leak of ‘userData.fp’ expat-2.7.2/xmlwf/xmlwf.c:1004:10: branch_true: following ‘true’ branch (when ‘i < argc’)... expat-2.7.2/xmlwf/xmlwf.c:1005:8: branch_true: ...to here expat-2.7.2/xmlwf/xmlwf.c:1005:8: branch_true: following ‘true’ branch (when ‘j == 0’)... expat-2.7.2/xmlwf/xmlwf.c:1006:15: branch_true: ...to here expat-2.7.2/xmlwf/xmlwf.c:1006:10: branch_false: following ‘false’ branch... expat-2.7.2/xmlwf/xmlwf.c:1008:11: branch_false: ...to here expat-2.7.2/xmlwf/xmlwf.c:1166:10: branch_true: following ‘true’ branch (when ‘i < argc’)... expat-2.7.2/xmlwf/xmlwf.c:1170:8: branch_true: ...to here expat-2.7.2/xmlwf/xmlwf.c:1175:8: branch_false: following ‘false’ branch (when ‘parser’ is non-NULL)... expat-2.7.2/xmlwf/xmlwf.c:1180:8: branch_false: ...to here expat-2.7.2/xmlwf/xmlwf.c:1188:8: branch_false: following ‘false’ branch (when ‘attackThresholdGiven == 0’)... expat-2.7.2/xmlwf/xmlwf.c:1198:8: branch_false: ...to here expat-2.7.2/xmlwf/xmlwf.c:1211:8: branch_false: following ‘false’ branch (when ‘outputType != 116’)... expat-2.7.2/xmlwf/xmlwf.c:1218:15: branch_false: ...to here expat-2.7.2/xmlwf/xmlwf.c:1218:15: branch_true: following ‘true’ branch (when ‘outputDir’ is non-NULL)... expat-2.7.2/xmlwf/xmlwf.c:1220:30: branch_true: ...to here expat-2.7.2/xmlwf/xmlwf.c:1239:10: branch_false: following ‘false’ branch (when ‘outName’ is non-NULL)... expat-2.7.2/xmlwf/xmlwf.c:1243:7: branch_false: ...to here expat-2.7.2/xmlwf/xmlwf.c:1246:21: acquire_memory: allocated here expat-2.7.2/xmlwf/xmlwf.c:1247:10: branch_false: following ‘false’ branch... expat-2.7.2/xmlwf/xmlwf.c:1258:7: branch_false: ...to here expat-2.7.2/xmlwf/xmlwf.c:1262:7: danger: ‘userData.fp’ leaks here; was allocated at [(19)](sarif:/runs/0/results/4/codeFlows/0/threadFlows/0/locations/18) # 1260| puttc(0xFEFF, userData.fp); # 1261| #endif # 1262|-> XML_SetUserData(parser, &userData); # 1263| switch (outputType) { # 1264| case 'm': Error: GCC_ANALYZER_WARNING (CWE-401): [#def22] expat-2.7.2/xmlwf/xmlwf.c:1292:11: warning[-Wanalyzer-malloc-leak]: leak of ‘outName’ expat-2.7.2/xmlwf/xmlwf.c:1004:10: branch_true: following ‘true’ branch (when ‘i < argc’)... expat-2.7.2/xmlwf/xmlwf.c:1005:8: branch_true: ...to here expat-2.7.2/xmlwf/xmlwf.c:1005:8: branch_true: following ‘true’ branch (when ‘j == 0’)... expat-2.7.2/xmlwf/xmlwf.c:1006:15: branch_true: ...to here expat-2.7.2/xmlwf/xmlwf.c:1006:10: branch_false: following ‘false’ branch... expat-2.7.2/xmlwf/xmlwf.c:1008:11: branch_false: ...to here expat-2.7.2/xmlwf/xmlwf.c:1166:10: branch_true: following ‘true’ branch (when ‘i < argc’)... expat-2.7.2/xmlwf/xmlwf.c:1170:8: branch_true: ...to here expat-2.7.2/xmlwf/xmlwf.c:1175:8: branch_false: following ‘false’ branch (when ‘parser’ is non-NULL)... expat-2.7.2/xmlwf/xmlwf.c:1180:8: branch_false: ...to here expat-2.7.2/xmlwf/xmlwf.c:1188:8: branch_false: following ‘false’ branch (when ‘attackThresholdGiven == 0’)... expat-2.7.2/xmlwf/xmlwf.c:1198:8: branch_false: ...to here expat-2.7.2/xmlwf/xmlwf.c:1211:8: branch_false: following ‘false’ branch (when ‘outputType != 116’)... expat-2.7.2/xmlwf/xmlwf.c:1218:15: branch_false: ...to here expat-2.7.2/xmlwf/xmlwf.c:1218:15: branch_true: following ‘true’ branch (when ‘outputDir’ is non-NULL)... expat-2.7.2/xmlwf/xmlwf.c:1220:30: branch_true: ...to here expat-2.7.2/xmlwf/xmlwf.c:1237:29: acquire_memory: allocated here expat-2.7.2/xmlwf/xmlwf.c:1239:10: branch_false: following ‘false’ branch (when ‘outName’ is non-NULL)... expat-2.7.2/xmlwf/xmlwf.c:1243:7: branch_false: ...to here expat-2.7.2/xmlwf/xmlwf.c:1247:10: branch_false: following ‘false’ branch... expat-2.7.2/xmlwf/xmlwf.c:1258:7: branch_false: ...to here expat-2.7.2/xmlwf/xmlwf.c:1289:12: branch_false: following ‘false’ branch (when ‘useNamespaces == 0’)... expat-2.7.2/xmlwf/xmlwf.c:1292:11: branch_false: ...to here expat-2.7.2/xmlwf/xmlwf.c:1292:11: danger: ‘outName’ leaks here; was allocated at [(17)](sarif:/runs/0/results/5/codeFlows/0/threadFlows/0/locations/16) # 1290| XML_SetElementHandler(parser, startElementNS, endElementNS); # 1291| else # 1292|-> XML_SetElementHandler(parser, startElement, endElement); # 1293| XML_SetCharacterDataHandler(parser, characterData); # 1294| #ifndef W3C14N Error: GCC_ANALYZER_WARNING (CWE-401): [#def23] expat-2.7.2/xmlwf/xmlwf.c:1293:9: warning[-Wanalyzer-malloc-leak]: leak of ‘outName’ expat-2.7.2/xmlwf/xmlwf.c:1004:10: branch_true: following ‘true’ branch (when ‘i < argc’)... expat-2.7.2/xmlwf/xmlwf.c:1005:8: branch_true: ...to here expat-2.7.2/xmlwf/xmlwf.c:1005:8: branch_true: following ‘true’ branch (when ‘j == 0’)... expat-2.7.2/xmlwf/xmlwf.c:1006:15: branch_true: ...to here expat-2.7.2/xmlwf/xmlwf.c:1006:10: branch_false: following ‘false’ branch... expat-2.7.2/xmlwf/xmlwf.c:1008:11: branch_false: ...to here expat-2.7.2/xmlwf/xmlwf.c:1166:10: branch_true: following ‘true’ branch (when ‘i < argc’)... expat-2.7.2/xmlwf/xmlwf.c:1170:8: branch_true: ...to here expat-2.7.2/xmlwf/xmlwf.c:1175:8: branch_false: following ‘false’ branch (when ‘parser’ is non-NULL)... expat-2.7.2/xmlwf/xmlwf.c:1180:8: branch_false: ...to here expat-2.7.2/xmlwf/xmlwf.c:1188:8: branch_false: following ‘false’ branch (when ‘attackThresholdGiven == 0’)... expat-2.7.2/xmlwf/xmlwf.c:1198:8: branch_false: ...to here expat-2.7.2/xmlwf/xmlwf.c:1211:8: branch_false: following ‘false’ branch (when ‘outputType != 116’)... expat-2.7.2/xmlwf/xmlwf.c:1218:15: branch_false: ...to here expat-2.7.2/xmlwf/xmlwf.c:1218:15: branch_true: following ‘true’ branch (when ‘outputDir’ is non-NULL)... expat-2.7.2/xmlwf/xmlwf.c:1220:30: branch_true: ...to here expat-2.7.2/xmlwf/xmlwf.c:1237:29: acquire_memory: allocated here expat-2.7.2/xmlwf/xmlwf.c:1239:10: branch_false: following ‘false’ branch (when ‘outName’ is non-NULL)... expat-2.7.2/xmlwf/xmlwf.c:1243:7: branch_false: ...to here expat-2.7.2/xmlwf/xmlwf.c:1247:10: branch_false: following ‘false’ branch... expat-2.7.2/xmlwf/xmlwf.c:1258:7: branch_false: ...to here expat-2.7.2/xmlwf/xmlwf.c:1289:12: branch_false: following ‘false’ branch (when ‘useNamespaces == 0’)... expat-2.7.2/xmlwf/xmlwf.c:1292:11: branch_false: ...to here expat-2.7.2/xmlwf/xmlwf.c:1293:9: danger: ‘outName’ leaks here; was allocated at [(17)](sarif:/runs/0/results/6/codeFlows/0/threadFlows/0/locations/16) # 1291| else # 1292| XML_SetElementHandler(parser, startElement, endElement); # 1293|-> XML_SetCharacterDataHandler(parser, characterData); # 1294| #ifndef W3C14N # 1295| XML_SetProcessingInstructionHandler(parser, processingInstruction); Error: GCC_ANALYZER_WARNING (CWE-401): [#def24] expat-2.7.2/xmlwf/xmlwf.c:1295:9: warning[-Wanalyzer-malloc-leak]: leak of ‘outName’ expat-2.7.2/xmlwf/xmlwf.c:1004:10: branch_true: following ‘true’ branch (when ‘i < argc’)... expat-2.7.2/xmlwf/xmlwf.c:1005:8: branch_true: ...to here expat-2.7.2/xmlwf/xmlwf.c:1005:8: branch_true: following ‘true’ branch (when ‘j == 0’)... expat-2.7.2/xmlwf/xmlwf.c:1006:15: branch_true: ...to here expat-2.7.2/xmlwf/xmlwf.c:1006:10: branch_false: following ‘false’ branch... expat-2.7.2/xmlwf/xmlwf.c:1008:11: branch_false: ...to here expat-2.7.2/xmlwf/xmlwf.c:1166:10: branch_true: following ‘true’ branch (when ‘i < argc’)... expat-2.7.2/xmlwf/xmlwf.c:1170:8: branch_true: ...to here expat-2.7.2/xmlwf/xmlwf.c:1175:8: branch_false: following ‘false’ branch (when ‘parser’ is non-NULL)... expat-2.7.2/xmlwf/xmlwf.c:1180:8: branch_false: ...to here expat-2.7.2/xmlwf/xmlwf.c:1188:8: branch_false: following ‘false’ branch (when ‘attackThresholdGiven == 0’)... expat-2.7.2/xmlwf/xmlwf.c:1198:8: branch_false: ...to here expat-2.7.2/xmlwf/xmlwf.c:1211:8: branch_false: following ‘false’ branch (when ‘outputType != 116’)... expat-2.7.2/xmlwf/xmlwf.c:1218:15: branch_false: ...to here expat-2.7.2/xmlwf/xmlwf.c:1218:15: branch_true: following ‘true’ branch (when ‘outputDir’ is non-NULL)... expat-2.7.2/xmlwf/xmlwf.c:1220:30: branch_true: ...to here expat-2.7.2/xmlwf/xmlwf.c:1237:29: acquire_memory: allocated here expat-2.7.2/xmlwf/xmlwf.c:1239:10: branch_false: following ‘false’ branch (when ‘outName’ is non-NULL)... expat-2.7.2/xmlwf/xmlwf.c:1243:7: branch_false: ...to here expat-2.7.2/xmlwf/xmlwf.c:1247:10: branch_false: following ‘false’ branch... expat-2.7.2/xmlwf/xmlwf.c:1258:7: branch_false: ...to here expat-2.7.2/xmlwf/xmlwf.c:1289:12: branch_false: following ‘false’ branch (when ‘useNamespaces == 0’)... expat-2.7.2/xmlwf/xmlwf.c:1292:11: branch_false: ...to here expat-2.7.2/xmlwf/xmlwf.c:1295:9: danger: ‘outName’ leaks here; was allocated at [(17)](sarif:/runs/0/results/7/codeFlows/0/threadFlows/0/locations/16) # 1293| XML_SetCharacterDataHandler(parser, characterData); # 1294| #ifndef W3C14N # 1295|-> XML_SetProcessingInstructionHandler(parser, processingInstruction); # 1296| if (requiresNotations) { # 1297| XML_SetDoctypeDeclHandler(parser, startDoctypeDecl, endDoctypeDecl);
| analyzer-version-clippy | 1.90.0 |
| analyzer-version-cppcheck | 2.18.3 |
| analyzer-version-gcc | 15.2.1 |
| analyzer-version-gcc-analyzer | 16.0.0 |
| analyzer-version-shellcheck | 0.11.0 |
| analyzer-version-unicontrol | 0.0.2 |
| enabled-plugins | clippy, cppcheck, gcc, shellcheck, unicontrol |
| exit-code | 0 |
| host | ip-172-16-1-248.us-west-2.compute.internal |
| known-false-positives | /usr/share/csmock/known-false-positives.js |
| known-false-positives-rpm | known-false-positives-0.0.0.20250521.132812.g8eff701.main-1.el9.noarch |
| mock-config | fedora-rawhide-gcc-latest-x86_64 |
| project-name | expat-2.7.2-1.fc44 |
| store-results-to | /tmp/tmpv3b085qp/expat-2.7.2-1.fc44.tar.xz |
| time-created | 2025-10-28 17:49:13 |
| time-finished | 2025-10-28 17:51:23 |
| tool | csmock |
| tool-args | '/usr/bin/csmock' '-r' 'fedora-rawhide-gcc-latest-x86_64' '-t' 'gcc,cppcheck,shellcheck,clippy,unicontrol' '-o' '/tmp/tmpv3b085qp/expat-2.7.2-1.fc44.tar.xz' '--gcc-analyze' '--unicontrol-notests' '--unicontrol-bidi-only' '--install' 'pam' '--install=gcc-latest' '--gcc-analyzer-bin=/opt/gcc-latest/bin/gcc' '/tmp/tmpv3b085qp/expat-2.7.2-1.fc44.src.rpm' |
| tool-version | csmock-3.8.3.20251027.143044.ge6b947b-1.el9 |