ima-evm-utils-1.6.2-7.fc44

List of Findings

Error: GCC_ANALYZER_WARNING (CWE-401): [#def1]
ima-evm-utils-1.6.2/src/evmctl.c:273:26: warning[-Wanalyzer-malloc-leak]: leak of ‘file2bin(keyfile, 0, & keylen)’
ima-evm-utils-1.6.2/src/evmctl.c:1199:12: enter_function: entry to ‘calc_evm_hmac’
ima-evm-utils-1.6.2/src/evmctl.c:1222:15: call_function: calling ‘file2bin’ from ‘calc_evm_hmac’
ima-evm-utils-1.6.2/src/evmctl.c:1222:15: return_function: returning to ‘calc_evm_hmac’ from ‘file2bin’
ima-evm-utils-1.6.2/src/evmctl.c:1223:12: branch_false: following ‘false’ branch...
ima-evm-utils-1.6.2/src/evmctl.c:1228:13: branch_false: ...to here
ima-evm-utils-1.6.2/src/evmctl.c:1228:12: branch_false: following ‘false’ branch...
ima-evm-utils-1.6.2/src/evmctl.c:1234:9: branch_false: ...to here
ima-evm-utils-1.6.2/src/evmctl.c:1235:12: branch_false: following ‘false’ branch...
ima-evm-utils-1.6.2/src/evmctl.c:1238:13: branch_false: ...to here
ima-evm-utils-1.6.2/src/evmctl.c:1238:12: branch_false: following ‘false’ branch...
ima-evm-utils-1.6.2/src/evmctl.c:1243:13: branch_false: ...to here
ima-evm-utils-1.6.2/src/evmctl.c:1265:12: branch_false: following ‘false’ branch (when ‘list_size > 0’)...
ima-evm-utils-1.6.2/src/evmctl.c:1271:16: branch_false: ...to here
ima-evm-utils-1.6.2/src/evmctl.c:1272:12: branch_false: following ‘false’ branch...
ima-evm-utils-1.6.2/src/evmctl.c:1278:16: branch_false: ...to here
ima-evm-utils-1.6.2/src/evmctl.c:1279:12: branch_false: following ‘false’ branch...
ima-evm-utils-1.6.2/src/evmctl.c:1284:15: branch_false: ...to here
ima-evm-utils-1.6.2/src/evmctl.c:1285:12: branch_false: following ‘false’ branch...
ima-evm-utils-1.6.2/src/evmctl.c:1290:14: branch_false: ...to here
ima-evm-utils-1.6.2/src/evmctl.c:1345:12: branch_false: following ‘false’ branch...
ima-evm-utils-1.6.2/src/evmctl.c:1349:14: branch_false: ...to here
ima-evm-utils-1.6.2/src/evmctl.c:1349:12: branch_true: following ‘true’ branch...
ima-evm-utils-1.6.2/src/evmctl.c:1350:23: branch_true: ...to here
ima-evm-utils-1.6.2/src/evmctl.c:1350:23: call_function: calling ‘get_uuid’ from ‘calc_evm_hmac’
#  271|   			return -1;
#  272|   		}
#  273|-> 		*to++ = (hex_to_bin(*uuid_str) << 4) |
#  274|   			(hex_to_bin(*(uuid_str + 1)));
#  275|   		uuid_str += 2;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def2]
ima-evm-utils-1.6.2/src/evmctl.c:274:25: warning[-Wanalyzer-malloc-leak]: leak of ‘file2bin(keyfile, 0, & keylen)’
ima-evm-utils-1.6.2/src/evmctl.c:1199:12: enter_function: entry to ‘calc_evm_hmac’
ima-evm-utils-1.6.2/src/evmctl.c:1222:15: call_function: calling ‘file2bin’ from ‘calc_evm_hmac’
ima-evm-utils-1.6.2/src/evmctl.c:1222:15: return_function: returning to ‘calc_evm_hmac’ from ‘file2bin’
ima-evm-utils-1.6.2/src/evmctl.c:1223:12: branch_false: following ‘false’ branch...
ima-evm-utils-1.6.2/src/evmctl.c:1228:13: branch_false: ...to here
ima-evm-utils-1.6.2/src/evmctl.c:1228:12: branch_false: following ‘false’ branch...
ima-evm-utils-1.6.2/src/evmctl.c:1234:9: branch_false: ...to here
ima-evm-utils-1.6.2/src/evmctl.c:1235:12: branch_false: following ‘false’ branch...
ima-evm-utils-1.6.2/src/evmctl.c:1238:13: branch_false: ...to here
ima-evm-utils-1.6.2/src/evmctl.c:1238:12: branch_false: following ‘false’ branch...
ima-evm-utils-1.6.2/src/evmctl.c:1243:13: branch_false: ...to here
ima-evm-utils-1.6.2/src/evmctl.c:1265:12: branch_false: following ‘false’ branch (when ‘list_size > 0’)...
ima-evm-utils-1.6.2/src/evmctl.c:1271:16: branch_false: ...to here
ima-evm-utils-1.6.2/src/evmctl.c:1272:12: branch_false: following ‘false’ branch...
ima-evm-utils-1.6.2/src/evmctl.c:1278:16: branch_false: ...to here
ima-evm-utils-1.6.2/src/evmctl.c:1279:12: branch_false: following ‘false’ branch...
ima-evm-utils-1.6.2/src/evmctl.c:1284:15: branch_false: ...to here
ima-evm-utils-1.6.2/src/evmctl.c:1285:12: branch_false: following ‘false’ branch...
ima-evm-utils-1.6.2/src/evmctl.c:1290:14: branch_false: ...to here
ima-evm-utils-1.6.2/src/evmctl.c:1345:12: branch_false: following ‘false’ branch...
ima-evm-utils-1.6.2/src/evmctl.c:1349:14: branch_false: ...to here
ima-evm-utils-1.6.2/src/evmctl.c:1349:12: branch_true: following ‘true’ branch...
ima-evm-utils-1.6.2/src/evmctl.c:1350:23: branch_true: ...to here
ima-evm-utils-1.6.2/src/evmctl.c:1350:23: call_function: calling ‘get_uuid’ from ‘calc_evm_hmac’
#  272|   		}
#  273|   		*to++ = (hex_to_bin(*uuid_str) << 4) |
#  274|-> 			(hex_to_bin(*(uuid_str + 1)));
#  275|   		uuid_str += 2;
#  276|   		switch (i) {

Error: GCC_ANALYZER_WARNING (CWE-401): [#def3]
ima-evm-utils-1.6.2/src/evmctl.c:318:12: warning[-Wanalyzer-malloc-leak]: leak of ‘popen(&path, "r")’
ima-evm-utils-1.6.2/src/evmctl.c:1199:12: enter_function: entry to ‘calc_evm_hmac’
ima-evm-utils-1.6.2/src/evmctl.c:1222:15: call_function: calling ‘file2bin’ from ‘calc_evm_hmac’
ima-evm-utils-1.6.2/src/evmctl.c:1222:15: return_function: returning to ‘calc_evm_hmac’ from ‘file2bin’
ima-evm-utils-1.6.2/src/evmctl.c:1223:12: branch_false: following ‘false’ branch...
ima-evm-utils-1.6.2/src/evmctl.c:1228:13: branch_false: ...to here
ima-evm-utils-1.6.2/src/evmctl.c:1228:12: branch_false: following ‘false’ branch...
ima-evm-utils-1.6.2/src/evmctl.c:1234:9: branch_false: ...to here
ima-evm-utils-1.6.2/src/evmctl.c:1235:12: branch_false: following ‘false’ branch...
ima-evm-utils-1.6.2/src/evmctl.c:1238:13: branch_false: ...to here
ima-evm-utils-1.6.2/src/evmctl.c:1238:12: branch_false: following ‘false’ branch...
ima-evm-utils-1.6.2/src/evmctl.c:1243:13: branch_false: ...to here
ima-evm-utils-1.6.2/src/evmctl.c:1265:12: branch_false: following ‘false’ branch (when ‘list_size > 0’)...
ima-evm-utils-1.6.2/src/evmctl.c:1271:16: branch_false: ...to here
ima-evm-utils-1.6.2/src/evmctl.c:1272:12: branch_false: following ‘false’ branch...
ima-evm-utils-1.6.2/src/evmctl.c:1278:16: branch_false: ...to here
ima-evm-utils-1.6.2/src/evmctl.c:1279:12: branch_false: following ‘false’ branch...
ima-evm-utils-1.6.2/src/evmctl.c:1284:15: branch_false: ...to here
ima-evm-utils-1.6.2/src/evmctl.c:1285:12: branch_false: following ‘false’ branch...
ima-evm-utils-1.6.2/src/evmctl.c:1290:14: branch_false: ...to here
ima-evm-utils-1.6.2/src/evmctl.c:1345:12: branch_false: following ‘false’ branch...
ima-evm-utils-1.6.2/src/evmctl.c:1349:14: branch_false: ...to here
ima-evm-utils-1.6.2/src/evmctl.c:1349:12: branch_true: following ‘true’ branch...
ima-evm-utils-1.6.2/src/evmctl.c:1350:23: branch_true: ...to here
ima-evm-utils-1.6.2/src/evmctl.c:1350:23: call_function: calling ‘get_uuid’ from ‘calc_evm_hmac’
#  316|   	len = fread(_uuid, 1, sizeof(_uuid), fp);
#  317|   	pclose(fp);
#  318|-> 	if (len != sizeof(_uuid))
#  319|   		goto err;
#  320|   

Error: GCC_ANALYZER_WARNING (CWE-401): [#def4]
ima-evm-utils-1.6.2/src/evmctl.c:1127:17: warning[-Wanalyzer-malloc-leak]: leak of ‘file2bin(inkey, 0, & len)’
ima-evm-utils-1.6.2/src/evmctl.c:1077:12: enter_function: entry to ‘cmd_import’
ima-evm-utils-1.6.2/src/evmctl.c:1117:12: branch_true: following ‘true’ branch...
ima-evm-utils-1.6.2/src/evmctl.c:1118:34: branch_true: ...to here
ima-evm-utils-1.6.2/src/evmctl.c:1120:20: branch_false: following ‘false’ branch...
ima-evm-utils-1.6.2/src/evmctl.c:1122:23: branch_false: ...to here
ima-evm-utils-1.6.2/src/evmctl.c:1122:23: call_function: calling ‘file2bin’ from ‘cmd_import’
ima-evm-utils-1.6.2/src/evmctl.c:1122:23: return_function: returning to ‘cmd_import’ from ‘file2bin’
ima-evm-utils-1.6.2/src/evmctl.c:1123:20: branch_false: following ‘false’ branch...
ima-evm-utils-1.6.2/src/evmctl.c:1127:17: branch_false: ...to here
ima-evm-utils-1.6.2/src/evmctl.c:1127:17: danger: ‘file2bin(inkey, 0, & len)’ leaks here; was allocated at [(16)](sarif:/runs/0/results/3/codeFlows/0/threadFlows/0/locations/15)
# 1125|   			return 1;
# 1126|   		}
# 1127|-> 		calc_keyid_v2((uint32_t *)keyid, name, pkey);
# 1128|   		EVP_PKEY_free(pkey);
# 1129|   	} else {

Error: GCC_ANALYZER_WARNING (CWE-401): [#def5]
ima-evm-utils-1.6.2/src/evmctl.c:1128:17: warning[-Wanalyzer-malloc-leak]: leak of ‘file2bin(inkey, 0, & len)’
ima-evm-utils-1.6.2/src/evmctl.c:1077:12: enter_function: entry to ‘cmd_import’
ima-evm-utils-1.6.2/src/evmctl.c:1117:12: branch_true: following ‘true’ branch...
ima-evm-utils-1.6.2/src/evmctl.c:1118:34: branch_true: ...to here
ima-evm-utils-1.6.2/src/evmctl.c:1120:20: branch_false: following ‘false’ branch...
ima-evm-utils-1.6.2/src/evmctl.c:1122:23: branch_false: ...to here
ima-evm-utils-1.6.2/src/evmctl.c:1122:23: call_function: calling ‘file2bin’ from ‘cmd_import’
ima-evm-utils-1.6.2/src/evmctl.c:1122:23: return_function: returning to ‘cmd_import’ from ‘file2bin’
ima-evm-utils-1.6.2/src/evmctl.c:1123:20: branch_false: following ‘false’ branch...
ima-evm-utils-1.6.2/src/evmctl.c:1127:17: branch_false: ...to here
ima-evm-utils-1.6.2/src/evmctl.c:1128:17: danger: ‘file2bin(inkey, 0, & len)’ leaks here; was allocated at [(16)](sarif:/runs/0/results/4/codeFlows/0/threadFlows/0/locations/15)
# 1126|   		}
# 1127|   		calc_keyid_v2((uint32_t *)keyid, name, pkey);
# 1128|-> 		EVP_PKEY_free(pkey);
# 1129|   	} else {
# 1130|   #if CONFIG_SIGV1

Error: GCC_ANALYZER_WARNING (CWE-401): [#def6]
ima-evm-utils-1.6.2/src/evmctl.c:1146:14: warning[-Wanalyzer-malloc-leak]: leak of ‘file2bin(inkey, 0, & len)’
ima-evm-utils-1.6.2/src/evmctl.c:1077:12: enter_function: entry to ‘cmd_import’
ima-evm-utils-1.6.2/src/evmctl.c:1117:12: branch_true: following ‘true’ branch...
ima-evm-utils-1.6.2/src/evmctl.c:1118:34: branch_true: ...to here
ima-evm-utils-1.6.2/src/evmctl.c:1120:20: branch_false: following ‘false’ branch...
ima-evm-utils-1.6.2/src/evmctl.c:1122:23: branch_false: ...to here
ima-evm-utils-1.6.2/src/evmctl.c:1122:23: call_function: calling ‘file2bin’ from ‘cmd_import’
ima-evm-utils-1.6.2/src/evmctl.c:1122:23: return_function: returning to ‘cmd_import’ from ‘file2bin’
ima-evm-utils-1.6.2/src/evmctl.c:1123:20: branch_false: following ‘false’ branch...
ima-evm-utils-1.6.2/src/evmctl.c:1127:17: branch_false: ...to here
ima-evm-utils-1.6.2/src/evmctl.c:1146:14: branch_true: following ‘true’ branch...
 branch_true: ...to here
ima-evm-utils-1.6.2/src/evmctl.c:1146:14: branch_true: following ‘true’ branch...
ima-evm-utils-1.6.2/src/evmctl.c:1146:14: branch_true: ...to here
ima-evm-utils-1.6.2/src/evmctl.c:1146:14: danger: ‘file2bin(inkey, 0, & len)’ leaks here; was allocated at [(16)](sarif:/runs/0/results/5/codeFlows/0/threadFlows/0/locations/15)
# 1144|   	log_info("Importing public key %s from file %s into keyring %d\n", name, inkey, id);
# 1145|   
# 1146|-> 	id = add_key(use_x509(sigflags) ? "asymmetric" : "user",
# 1147|   		     use_x509(sigflags) ? NULL : name, pub, len, id);
# 1148|   	if (id < 0) {

Error: GCC_ANALYZER_WARNING (CWE-401): [#def7]
ima-evm-utils-1.6.2/src/evmctl.c:1248:26: warning[-Wanalyzer-malloc-leak]: leak of ‘file2bin(keyfile, 0, & keylen)’
ima-evm-utils-1.6.2/src/evmctl.c:1199:12: enter_function: entry to ‘calc_evm_hmac’
ima-evm-utils-1.6.2/src/evmctl.c:1222:15: call_function: calling ‘file2bin’ from ‘calc_evm_hmac’
ima-evm-utils-1.6.2/src/evmctl.c:1222:15: return_function: returning to ‘calc_evm_hmac’ from ‘file2bin’
ima-evm-utils-1.6.2/src/evmctl.c:1223:12: branch_false: following ‘false’ branch...
ima-evm-utils-1.6.2/src/evmctl.c:1228:13: branch_false: ...to here
ima-evm-utils-1.6.2/src/evmctl.c:1228:12: branch_false: following ‘false’ branch...
ima-evm-utils-1.6.2/src/evmctl.c:1234:9: branch_false: ...to here
ima-evm-utils-1.6.2/src/evmctl.c:1235:12: branch_false: following ‘false’ branch...
ima-evm-utils-1.6.2/src/evmctl.c:1238:13: branch_false: ...to here
ima-evm-utils-1.6.2/src/evmctl.c:1238:12: branch_false: following ‘false’ branch...
ima-evm-utils-1.6.2/src/evmctl.c:1243:13: branch_false: ...to here
ima-evm-utils-1.6.2/src/evmctl.c:1243:12: branch_true: following ‘true’ branch...
ima-evm-utils-1.6.2/src/evmctl.c:1248:26: branch_true: ...to here
ima-evm-utils-1.6.2/src/evmctl.c:1248:26: danger: ‘file2bin(keyfile, 0, & keylen)’ leaks here; was allocated at [(12)](sarif:/runs/0/results/6/codeFlows/0/threadFlows/0/locations/11)
# 1246|   		 * kernel API does not support it.
# 1247|   		 */
# 1248|-> 		int fd = open(file, 0);
# 1249|   
# 1250|   		if (fd < 0) {

Error: GCC_ANALYZER_WARNING (CWE-401): [#def8]
ima-evm-utils-1.6.2/src/evmctl.c:1256:25: warning[-Wanalyzer-malloc-leak]: leak of ‘file2bin(keyfile, 0, & keylen)’
ima-evm-utils-1.6.2/src/evmctl.c:1199:12: enter_function: entry to ‘calc_evm_hmac’
ima-evm-utils-1.6.2/src/evmctl.c:1222:15: call_function: calling ‘file2bin’ from ‘calc_evm_hmac’
ima-evm-utils-1.6.2/src/evmctl.c:1222:15: return_function: returning to ‘calc_evm_hmac’ from ‘file2bin’
ima-evm-utils-1.6.2/src/evmctl.c:1223:12: branch_false: following ‘false’ branch...
ima-evm-utils-1.6.2/src/evmctl.c:1228:13: branch_false: ...to here
ima-evm-utils-1.6.2/src/evmctl.c:1228:12: branch_false: following ‘false’ branch...
ima-evm-utils-1.6.2/src/evmctl.c:1234:9: branch_false: ...to here
ima-evm-utils-1.6.2/src/evmctl.c:1235:12: branch_false: following ‘false’ branch...
ima-evm-utils-1.6.2/src/evmctl.c:1238:13: branch_false: ...to here
ima-evm-utils-1.6.2/src/evmctl.c:1238:12: branch_false: following ‘false’ branch...
ima-evm-utils-1.6.2/src/evmctl.c:1243:13: branch_false: ...to here
ima-evm-utils-1.6.2/src/evmctl.c:1243:12: branch_true: following ‘true’ branch...
ima-evm-utils-1.6.2/src/evmctl.c:1248:26: branch_true: ...to here
ima-evm-utils-1.6.2/src/evmctl.c:1250:20: branch_false: following ‘false’ branch...
ima-evm-utils-1.6.2/src/evmctl.c:1254:21: branch_false: ...to here
ima-evm-utils-1.6.2/src/evmctl.c:1254:20: branch_true: following ‘true’ branch...
ima-evm-utils-1.6.2/src/evmctl.c:1255:25: branch_true: ...to here
ima-evm-utils-1.6.2/src/evmctl.c:1256:25: danger: ‘file2bin(keyfile, 0, & keylen)’ leaks here; was allocated at [(12)](sarif:/runs/0/results/7/codeFlows/0/threadFlows/0/locations/11)
# 1254|   		if (ioctl(fd, FS_IOC_GETVERSION, &generation)) {
# 1255|   			log_err("ioctl() failed\n");
# 1256|-> 			close(fd);
# 1257|   			goto out;
# 1258|   		}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def9]
ima-evm-utils-1.6.2/src/evmctl.c:1259:17: warning[-Wanalyzer-malloc-leak]: leak of ‘file2bin(keyfile, 0, & keylen)’
ima-evm-utils-1.6.2/src/evmctl.c:1199:12: enter_function: entry to ‘calc_evm_hmac’
ima-evm-utils-1.6.2/src/evmctl.c:1222:15: call_function: calling ‘file2bin’ from ‘calc_evm_hmac’
ima-evm-utils-1.6.2/src/evmctl.c:1222:15: return_function: returning to ‘calc_evm_hmac’ from ‘file2bin’
ima-evm-utils-1.6.2/src/evmctl.c:1223:12: branch_false: following ‘false’ branch...
ima-evm-utils-1.6.2/src/evmctl.c:1228:13: branch_false: ...to here
ima-evm-utils-1.6.2/src/evmctl.c:1228:12: branch_false: following ‘false’ branch...
ima-evm-utils-1.6.2/src/evmctl.c:1234:9: branch_false: ...to here
ima-evm-utils-1.6.2/src/evmctl.c:1235:12: branch_false: following ‘false’ branch...
ima-evm-utils-1.6.2/src/evmctl.c:1238:13: branch_false: ...to here
ima-evm-utils-1.6.2/src/evmctl.c:1238:12: branch_false: following ‘false’ branch...
ima-evm-utils-1.6.2/src/evmctl.c:1243:13: branch_false: ...to here
ima-evm-utils-1.6.2/src/evmctl.c:1243:12: branch_true: following ‘true’ branch...
ima-evm-utils-1.6.2/src/evmctl.c:1248:26: branch_true: ...to here
ima-evm-utils-1.6.2/src/evmctl.c:1250:20: branch_false: following ‘false’ branch...
ima-evm-utils-1.6.2/src/evmctl.c:1254:21: branch_false: ...to here
ima-evm-utils-1.6.2/src/evmctl.c:1254:20: branch_false: following ‘false’ branch...
ima-evm-utils-1.6.2/src/evmctl.c:1259:17: branch_false: ...to here
ima-evm-utils-1.6.2/src/evmctl.c:1259:17: danger: ‘file2bin(keyfile, 0, & keylen)’ leaks here; was allocated at [(12)](sarif:/runs/0/results/8/codeFlows/0/threadFlows/0/locations/11)
# 1257|   			goto out;
# 1258|   		}
# 1259|-> 		close(fd);
# 1260|   	}
# 1261|   

Error: GCC_ANALYZER_WARNING (CWE-401): [#def10]
ima-evm-utils-1.6.2/src/evmctl.c:1271:16: warning[-Wanalyzer-malloc-leak]: leak of ‘file2bin(keyfile, 0, & keylen)’
ima-evm-utils-1.6.2/src/evmctl.c:1199:12: enter_function: entry to ‘calc_evm_hmac’
ima-evm-utils-1.6.2/src/evmctl.c:1222:15: call_function: calling ‘file2bin’ from ‘calc_evm_hmac’
ima-evm-utils-1.6.2/src/evmctl.c:1222:15: return_function: returning to ‘calc_evm_hmac’ from ‘file2bin’
ima-evm-utils-1.6.2/src/evmctl.c:1223:12: branch_false: following ‘false’ branch...
ima-evm-utils-1.6.2/src/evmctl.c:1228:13: branch_false: ...to here
ima-evm-utils-1.6.2/src/evmctl.c:1228:12: branch_false: following ‘false’ branch...
ima-evm-utils-1.6.2/src/evmctl.c:1234:9: branch_false: ...to here
ima-evm-utils-1.6.2/src/evmctl.c:1235:12: branch_false: following ‘false’ branch...
ima-evm-utils-1.6.2/src/evmctl.c:1238:13: branch_false: ...to here
ima-evm-utils-1.6.2/src/evmctl.c:1238:12: branch_false: following ‘false’ branch...
ima-evm-utils-1.6.2/src/evmctl.c:1243:13: branch_false: ...to here
ima-evm-utils-1.6.2/src/evmctl.c:1265:12: branch_false: following ‘false’ branch (when ‘list_size > 0’)...
ima-evm-utils-1.6.2/src/evmctl.c:1271:16: branch_false: ...to here
ima-evm-utils-1.6.2/src/evmctl.c:1271:16: danger: ‘file2bin(keyfile, 0, & keylen)’ leaks here; was allocated at [(12)](sarif:/runs/0/results/9/codeFlows/0/threadFlows/0/locations/11)
# 1269|   
# 1270|   #if OPENSSL_VERSION_NUMBER >= 0x10100000
# 1271|-> 	pctx = EVP_MD_CTX_new();
# 1272|   	if (!pctx) {
# 1273|   		log_err("EVP_MD_CTX_new failed\n");

Error: GCC_ANALYZER_WARNING (CWE-401): [#def11]
ima-evm-utils-1.6.2/src/evmctl.c:1278:16: warning[-Wanalyzer-malloc-leak]: leak of ‘file2bin(keyfile, 0, & keylen)’
ima-evm-utils-1.6.2/src/evmctl.c:1199:12: enter_function: entry to ‘calc_evm_hmac’
ima-evm-utils-1.6.2/src/evmctl.c:1222:15: call_function: calling ‘file2bin’ from ‘calc_evm_hmac’
ima-evm-utils-1.6.2/src/evmctl.c:1222:15: return_function: returning to ‘calc_evm_hmac’ from ‘file2bin’
ima-evm-utils-1.6.2/src/evmctl.c:1223:12: branch_false: following ‘false’ branch...
ima-evm-utils-1.6.2/src/evmctl.c:1228:13: branch_false: ...to here
ima-evm-utils-1.6.2/src/evmctl.c:1228:12: branch_false: following ‘false’ branch...
ima-evm-utils-1.6.2/src/evmctl.c:1234:9: branch_false: ...to here
ima-evm-utils-1.6.2/src/evmctl.c:1235:12: branch_false: following ‘false’ branch...
ima-evm-utils-1.6.2/src/evmctl.c:1238:13: branch_false: ...to here
ima-evm-utils-1.6.2/src/evmctl.c:1238:12: branch_false: following ‘false’ branch...
ima-evm-utils-1.6.2/src/evmctl.c:1243:13: branch_false: ...to here
ima-evm-utils-1.6.2/src/evmctl.c:1265:12: branch_false: following ‘false’ branch (when ‘list_size > 0’)...
ima-evm-utils-1.6.2/src/evmctl.c:1271:16: branch_false: ...to here
ima-evm-utils-1.6.2/src/evmctl.c:1272:12: branch_false: following ‘false’ branch...
ima-evm-utils-1.6.2/src/evmctl.c:1278:16: branch_false: ...to here
ima-evm-utils-1.6.2/src/evmctl.c:1278:16: danger: ‘file2bin(keyfile, 0, & keylen)’ leaks here; was allocated at [(12)](sarif:/runs/0/results/10/codeFlows/0/threadFlows/0/locations/11)
# 1276|   #endif
# 1277|   
# 1278|-> 	pkey = EVP_PKEY_new_mac_key(EVP_PKEY_HMAC, NULL, evmkey, sizeof(evmkey));
# 1279|   	if (!pkey) {
# 1280|   		log_err("EVP_PKEY_new_mac_key() failed\n");

Error: GCC_ANALYZER_WARNING (CWE-401): [#def12]
ima-evm-utils-1.6.2/src/evmctl.c:1284:15: warning[-Wanalyzer-malloc-leak]: leak of ‘file2bin(keyfile, 0, & keylen)’
ima-evm-utils-1.6.2/src/evmctl.c:1199:12: enter_function: entry to ‘calc_evm_hmac’
ima-evm-utils-1.6.2/src/evmctl.c:1222:15: call_function: calling ‘file2bin’ from ‘calc_evm_hmac’
ima-evm-utils-1.6.2/src/evmctl.c:1222:15: return_function: returning to ‘calc_evm_hmac’ from ‘file2bin’
ima-evm-utils-1.6.2/src/evmctl.c:1223:12: branch_false: following ‘false’ branch...
ima-evm-utils-1.6.2/src/evmctl.c:1228:13: branch_false: ...to here
ima-evm-utils-1.6.2/src/evmctl.c:1228:12: branch_false: following ‘false’ branch...
ima-evm-utils-1.6.2/src/evmctl.c:1234:9: branch_false: ...to here
ima-evm-utils-1.6.2/src/evmctl.c:1235:12: branch_false: following ‘false’ branch...
ima-evm-utils-1.6.2/src/evmctl.c:1238:13: branch_false: ...to here
ima-evm-utils-1.6.2/src/evmctl.c:1238:12: branch_false: following ‘false’ branch...
ima-evm-utils-1.6.2/src/evmctl.c:1243:13: branch_false: ...to here
ima-evm-utils-1.6.2/src/evmctl.c:1265:12: branch_false: following ‘false’ branch (when ‘list_size > 0’)...
ima-evm-utils-1.6.2/src/evmctl.c:1271:16: branch_false: ...to here
ima-evm-utils-1.6.2/src/evmctl.c:1272:12: branch_false: following ‘false’ branch...
ima-evm-utils-1.6.2/src/evmctl.c:1278:16: branch_false: ...to here
ima-evm-utils-1.6.2/src/evmctl.c:1279:12: branch_false: following ‘false’ branch...
ima-evm-utils-1.6.2/src/evmctl.c:1284:15: branch_false: ...to here
ima-evm-utils-1.6.2/src/evmctl.c:1284:15: danger: ‘file2bin(keyfile, 0, & keylen)’ leaks here; was allocated at [(12)](sarif:/runs/0/results/11/codeFlows/0/threadFlows/0/locations/11)
# 1282|   	}
# 1283|   
# 1284|-> 	err = EVP_DigestSignInit(pctx, NULL, EVP_sha1(), NULL, pkey);
# 1285|   	if (err != 1) {
# 1286|   		log_err("EVP_DigestSignInit() failed\n");

Error: GCC_ANALYZER_WARNING (CWE-401): [#def13]
ima-evm-utils-1.6.2/src/evmctl.c:1301:17: warning[-Wanalyzer-malloc-leak]: leak of ‘file2bin(keyfile, 0, & keylen)’
ima-evm-utils-1.6.2/src/evmctl.c:1199:12: enter_function: entry to ‘calc_evm_hmac’
ima-evm-utils-1.6.2/src/evmctl.c:1222:15: call_function: calling ‘file2bin’ from ‘calc_evm_hmac’
ima-evm-utils-1.6.2/src/evmctl.c:1222:15: return_function: returning to ‘calc_evm_hmac’ from ‘file2bin’
ima-evm-utils-1.6.2/src/evmctl.c:1223:12: branch_false: following ‘false’ branch...
ima-evm-utils-1.6.2/src/evmctl.c:1228:13: branch_false: ...to here
ima-evm-utils-1.6.2/src/evmctl.c:1228:12: branch_false: following ‘false’ branch...
ima-evm-utils-1.6.2/src/evmctl.c:1234:9: branch_false: ...to here
ima-evm-utils-1.6.2/src/evmctl.c:1235:12: branch_false: following ‘false’ branch...
ima-evm-utils-1.6.2/src/evmctl.c:1238:13: branch_false: ...to here
ima-evm-utils-1.6.2/src/evmctl.c:1238:12: branch_false: following ‘false’ branch...
ima-evm-utils-1.6.2/src/evmctl.c:1243:13: branch_false: ...to here
ima-evm-utils-1.6.2/src/evmctl.c:1265:12: branch_false: following ‘false’ branch (when ‘list_size > 0’)...
ima-evm-utils-1.6.2/src/evmctl.c:1271:16: branch_false: ...to here
ima-evm-utils-1.6.2/src/evmctl.c:1272:12: branch_false: following ‘false’ branch...
ima-evm-utils-1.6.2/src/evmctl.c:1278:16: branch_false: ...to here
ima-evm-utils-1.6.2/src/evmctl.c:1279:12: branch_false: following ‘false’ branch...
ima-evm-utils-1.6.2/src/evmctl.c:1284:15: branch_false: ...to here
ima-evm-utils-1.6.2/src/evmctl.c:1285:12: branch_false: following ‘false’ branch...
ima-evm-utils-1.6.2/src/evmctl.c:1290:14: branch_false: ...to here
ima-evm-utils-1.6.2/src/evmctl.c:1290:49: branch_true: following ‘true’ branch...
ima-evm-utils-1.6.2/src/evmctl.c:1291:23: branch_true: ...to here
ima-evm-utils-1.6.2/src/evmctl.c:1292:20: branch_false: following ‘false’ branch (when ‘err >= 0’)...
ima-evm-utils-1.6.2/src/evmctl.c:1296:22: branch_false: ...to here
ima-evm-utils-1.6.2/src/evmctl.c:1296:22: call_function: calling ‘find_xattr’ from ‘calc_evm_hmac’
ima-evm-utils-1.6.2/src/evmctl.c:1296:22: return_function: returning to ‘calc_evm_hmac’ from ‘find_xattr’
ima-evm-utils-1.6.2/src/evmctl.c:1296:20: branch_false: following ‘false’ branch...
ima-evm-utils-1.6.2/src/evmctl.c:1300:17: branch_false: ...to here
ima-evm-utils-1.6.2/src/evmctl.c:1301:17: branch_true: following ‘true’ branch...
ima-evm-utils-1.6.2/src/evmctl.c:1301:17: branch_true: ...to here
ima-evm-utils-1.6.2/src/evmctl.c:1301:17: danger: ‘file2bin(keyfile, 0, & keylen)’ leaks here; was allocated at [(12)](sarif:/runs/0/results/13/codeFlows/0/threadFlows/0/locations/11)
# 1299|   		}
# 1300|   		log_info("name: %s, size: %d\n", *xattrname, err);
# 1301|-> 		log_debug_dump(xattr_value, err);
# 1302|   
# 1303|   		err = EVP_DigestSignUpdate(pctx, xattr_value, err);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def14]
ima-evm-utils-1.6.2/src/evmctl.c:1303:23: warning[-Wanalyzer-malloc-leak]: leak of ‘file2bin(keyfile, 0, & keylen)’
ima-evm-utils-1.6.2/src/evmctl.c:1199:12: enter_function: entry to ‘calc_evm_hmac’
ima-evm-utils-1.6.2/src/evmctl.c:1222:15: call_function: calling ‘file2bin’ from ‘calc_evm_hmac’
ima-evm-utils-1.6.2/src/evmctl.c:1222:15: return_function: returning to ‘calc_evm_hmac’ from ‘file2bin’
ima-evm-utils-1.6.2/src/evmctl.c:1223:12: branch_false: following ‘false’ branch...
ima-evm-utils-1.6.2/src/evmctl.c:1228:13: branch_false: ...to here
ima-evm-utils-1.6.2/src/evmctl.c:1228:12: branch_false: following ‘false’ branch...
ima-evm-utils-1.6.2/src/evmctl.c:1234:9: branch_false: ...to here
ima-evm-utils-1.6.2/src/evmctl.c:1235:12: branch_false: following ‘false’ branch...
ima-evm-utils-1.6.2/src/evmctl.c:1238:13: branch_false: ...to here
ima-evm-utils-1.6.2/src/evmctl.c:1238:12: branch_false: following ‘false’ branch...
ima-evm-utils-1.6.2/src/evmctl.c:1243:13: branch_false: ...to here
ima-evm-utils-1.6.2/src/evmctl.c:1265:12: branch_false: following ‘false’ branch (when ‘list_size > 0’)...
ima-evm-utils-1.6.2/src/evmctl.c:1271:16: branch_false: ...to here
ima-evm-utils-1.6.2/src/evmctl.c:1272:12: branch_false: following ‘false’ branch...
ima-evm-utils-1.6.2/src/evmctl.c:1278:16: branch_false: ...to here
ima-evm-utils-1.6.2/src/evmctl.c:1279:12: branch_false: following ‘false’ branch...
ima-evm-utils-1.6.2/src/evmctl.c:1284:15: branch_false: ...to here
ima-evm-utils-1.6.2/src/evmctl.c:1285:12: branch_false: following ‘false’ branch...
ima-evm-utils-1.6.2/src/evmctl.c:1290:14: branch_false: ...to here
ima-evm-utils-1.6.2/src/evmctl.c:1290:49: branch_true: following ‘true’ branch...
ima-evm-utils-1.6.2/src/evmctl.c:1291:23: branch_true: ...to here
ima-evm-utils-1.6.2/src/evmctl.c:1292:20: branch_false: following ‘false’ branch (when ‘err >= 0’)...
ima-evm-utils-1.6.2/src/evmctl.c:1296:22: branch_false: ...to here
ima-evm-utils-1.6.2/src/evmctl.c:1296:22: call_function: calling ‘find_xattr’ from ‘calc_evm_hmac’
ima-evm-utils-1.6.2/src/evmctl.c:1296:22: return_function: returning to ‘calc_evm_hmac’ from ‘find_xattr’
ima-evm-utils-1.6.2/src/evmctl.c:1296:20: branch_false: following ‘false’ branch...
ima-evm-utils-1.6.2/src/evmctl.c:1300:17: branch_false: ...to here
ima-evm-utils-1.6.2/src/evmctl.c:1303:23: danger: ‘file2bin(keyfile, 0, & keylen)’ leaks here; was allocated at [(12)](sarif:/runs/0/results/14/codeFlows/0/threadFlows/0/locations/11)
# 1301|   		log_debug_dump(xattr_value, err);
# 1302|   
# 1303|-> 		err = EVP_DigestSignUpdate(pctx, xattr_value, err);
# 1304|   		if (err != 1) {
# 1305|   			log_err("EVP_DigestSignUpdate() failed\n");

Error: GCC_ANALYZER_WARNING (CWE-401): [#def15]
ima-evm-utils-1.6.2/src/evmctl.c:1342:9: warning[-Wanalyzer-malloc-leak]: leak of ‘file2bin(keyfile, 0, & keylen)’
ima-evm-utils-1.6.2/src/evmctl.c:1199:12: enter_function: entry to ‘calc_evm_hmac’
ima-evm-utils-1.6.2/src/evmctl.c:1222:15: call_function: calling ‘file2bin’ from ‘calc_evm_hmac’
ima-evm-utils-1.6.2/src/evmctl.c:1222:15: return_function: returning to ‘calc_evm_hmac’ from ‘file2bin’
ima-evm-utils-1.6.2/src/evmctl.c:1223:12: branch_false: following ‘false’ branch...
ima-evm-utils-1.6.2/src/evmctl.c:1228:13: branch_false: ...to here
ima-evm-utils-1.6.2/src/evmctl.c:1228:12: branch_false: following ‘false’ branch...
ima-evm-utils-1.6.2/src/evmctl.c:1234:9: branch_false: ...to here
ima-evm-utils-1.6.2/src/evmctl.c:1235:12: branch_false: following ‘false’ branch...
ima-evm-utils-1.6.2/src/evmctl.c:1238:13: branch_false: ...to here
ima-evm-utils-1.6.2/src/evmctl.c:1238:12: branch_false: following ‘false’ branch...
ima-evm-utils-1.6.2/src/evmctl.c:1243:13: branch_false: ...to here
ima-evm-utils-1.6.2/src/evmctl.c:1265:12: branch_false: following ‘false’ branch (when ‘list_size > 0’)...
ima-evm-utils-1.6.2/src/evmctl.c:1271:16: branch_false: ...to here
ima-evm-utils-1.6.2/src/evmctl.c:1272:12: branch_false: following ‘false’ branch...
ima-evm-utils-1.6.2/src/evmctl.c:1278:16: branch_false: ...to here
ima-evm-utils-1.6.2/src/evmctl.c:1279:12: branch_false: following ‘false’ branch...
ima-evm-utils-1.6.2/src/evmctl.c:1284:15: branch_false: ...to here
ima-evm-utils-1.6.2/src/evmctl.c:1285:12: branch_false: following ‘false’ branch...
ima-evm-utils-1.6.2/src/evmctl.c:1290:14: branch_false: ...to here
ima-evm-utils-1.6.2/src/evmctl.c:1342:9: branch_true: following ‘true’ branch...
ima-evm-utils-1.6.2/src/evmctl.c:1342:9: branch_true: ...to here
ima-evm-utils-1.6.2/src/evmctl.c:1342:9: danger: ‘file2bin(keyfile, 0, & keylen)’ leaks here; was allocated at [(12)](sarif:/runs/0/results/15/codeFlows/0/threadFlows/0/locations/11)
# 1340|   
# 1341|   	log_debug("hmac_misc (%d): ", hmac_size);
# 1342|-> 	log_debug_dump(&hmac_misc, hmac_size);
# 1343|   
# 1344|   	err = EVP_DigestSignUpdate(pctx, &hmac_misc, hmac_size);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def16]
ima-evm-utils-1.6.2/src/evmctl.c:1344:15: warning[-Wanalyzer-malloc-leak]: leak of ‘file2bin(keyfile, 0, & keylen)’
ima-evm-utils-1.6.2/src/evmctl.c:1199:12: enter_function: entry to ‘calc_evm_hmac’
ima-evm-utils-1.6.2/src/evmctl.c:1222:15: call_function: calling ‘file2bin’ from ‘calc_evm_hmac’
ima-evm-utils-1.6.2/src/evmctl.c:1222:15: return_function: returning to ‘calc_evm_hmac’ from ‘file2bin’
ima-evm-utils-1.6.2/src/evmctl.c:1223:12: branch_false: following ‘false’ branch...
ima-evm-utils-1.6.2/src/evmctl.c:1228:13: branch_false: ...to here
ima-evm-utils-1.6.2/src/evmctl.c:1228:12: branch_false: following ‘false’ branch...
ima-evm-utils-1.6.2/src/evmctl.c:1234:9: branch_false: ...to here
ima-evm-utils-1.6.2/src/evmctl.c:1235:12: branch_false: following ‘false’ branch...
ima-evm-utils-1.6.2/src/evmctl.c:1238:13: branch_false: ...to here
ima-evm-utils-1.6.2/src/evmctl.c:1238:12: branch_false: following ‘false’ branch...
ima-evm-utils-1.6.2/src/evmctl.c:1243:13: branch_false: ...to here
ima-evm-utils-1.6.2/src/evmctl.c:1265:12: branch_false: following ‘false’ branch (when ‘list_size > 0’)...
ima-evm-utils-1.6.2/src/evmctl.c:1271:16: branch_false: ...to here
ima-evm-utils-1.6.2/src/evmctl.c:1272:12: branch_false: following ‘false’ branch...
ima-evm-utils-1.6.2/src/evmctl.c:1278:16: branch_false: ...to here
ima-evm-utils-1.6.2/src/evmctl.c:1279:12: branch_false: following ‘false’ branch...
ima-evm-utils-1.6.2/src/evmctl.c:1284:15: branch_false: ...to here
ima-evm-utils-1.6.2/src/evmctl.c:1285:12: branch_false: following ‘false’ branch...
ima-evm-utils-1.6.2/src/evmctl.c:1290:14: branch_false: ...to here
ima-evm-utils-1.6.2/src/evmctl.c:1344:15: danger: ‘file2bin(keyfile, 0, & keylen)’ leaks here; was allocated at [(12)](sarif:/runs/0/results/16/codeFlows/0/threadFlows/0/locations/11)
# 1342|   	log_debug_dump(&hmac_misc, hmac_size);
# 1343|   
# 1344|-> 	err = EVP_DigestSignUpdate(pctx, &hmac_misc, hmac_size);
# 1345|   	if (err != 1) {
# 1346|   		log_err("EVP_DigestSignUpdate() failed\n");

Error: GCC_ANALYZER_WARNING (CWE-401): [#def17]
ima-evm-utils-1.6.2/src/evmctl.c:1361:15: warning[-Wanalyzer-malloc-leak]: leak of ‘file2bin(keyfile, 0, & keylen)’
ima-evm-utils-1.6.2/src/evmctl.c:1199:12: enter_function: entry to ‘calc_evm_hmac’
ima-evm-utils-1.6.2/src/evmctl.c:1222:15: call_function: calling ‘file2bin’ from ‘calc_evm_hmac’
ima-evm-utils-1.6.2/src/evmctl.c:1222:15: return_function: returning to ‘calc_evm_hmac’ from ‘file2bin’
ima-evm-utils-1.6.2/src/evmctl.c:1223:12: branch_false: following ‘false’ branch...
ima-evm-utils-1.6.2/src/evmctl.c:1228:13: branch_false: ...to here
ima-evm-utils-1.6.2/src/evmctl.c:1228:12: branch_false: following ‘false’ branch...
ima-evm-utils-1.6.2/src/evmctl.c:1234:9: branch_false: ...to here
ima-evm-utils-1.6.2/src/evmctl.c:1235:12: branch_false: following ‘false’ branch...
ima-evm-utils-1.6.2/src/evmctl.c:1238:13: branch_false: ...to here
ima-evm-utils-1.6.2/src/evmctl.c:1238:12: branch_false: following ‘false’ branch...
ima-evm-utils-1.6.2/src/evmctl.c:1243:13: branch_false: ...to here
ima-evm-utils-1.6.2/src/evmctl.c:1265:12: branch_false: following ‘false’ branch (when ‘list_size > 0’)...
ima-evm-utils-1.6.2/src/evmctl.c:1271:16: branch_false: ...to here
ima-evm-utils-1.6.2/src/evmctl.c:1272:12: branch_false: following ‘false’ branch...
ima-evm-utils-1.6.2/src/evmctl.c:1278:16: branch_false: ...to here
ima-evm-utils-1.6.2/src/evmctl.c:1279:12: branch_false: following ‘false’ branch...
ima-evm-utils-1.6.2/src/evmctl.c:1284:15: branch_false: ...to here
ima-evm-utils-1.6.2/src/evmctl.c:1285:12: branch_false: following ‘false’ branch...
ima-evm-utils-1.6.2/src/evmctl.c:1290:14: branch_false: ...to here
ima-evm-utils-1.6.2/src/evmctl.c:1345:12: branch_false: following ‘false’ branch...
ima-evm-utils-1.6.2/src/evmctl.c:1349:14: branch_false: ...to here
ima-evm-utils-1.6.2/src/evmctl.c:1349:12: branch_false: following ‘false’ branch...
ima-evm-utils-1.6.2/src/evmctl.c:1361:15: branch_false: ...to here
ima-evm-utils-1.6.2/src/evmctl.c:1361:15: danger: ‘file2bin(keyfile, 0, & keylen)’ leaks here; was allocated at [(12)](sarif:/runs/0/results/17/codeFlows/0/threadFlows/0/locations/11)
# 1359|   		}
# 1360|   	}
# 1361|-> 	err = EVP_DigestSignFinal(pctx, sig, &siglen);
# 1362|   	if (err != 1)
# 1363|   		log_err("EVP_DigestSignFinal() failed\n");

Error: GCC_ANALYZER_WARNING (CWE-401): [#def18]
ima-evm-utils-1.6.2/src/evmctl.c:1365:9: warning[-Wanalyzer-malloc-leak]: leak of ‘file2bin(keyfile, 0, & keylen)’
ima-evm-utils-1.6.2/src/evmctl.c:1199:12: enter_function: entry to ‘calc_evm_hmac’
ima-evm-utils-1.6.2/src/evmctl.c:1222:15: call_function: calling ‘file2bin’ from ‘calc_evm_hmac’
ima-evm-utils-1.6.2/src/evmctl.c:1222:15: return_function: returning to ‘calc_evm_hmac’ from ‘file2bin’
ima-evm-utils-1.6.2/src/evmctl.c:1223:12: branch_false: following ‘false’ branch...
ima-evm-utils-1.6.2/src/evmctl.c:1228:13: branch_false: ...to here
ima-evm-utils-1.6.2/src/evmctl.c:1228:12: branch_false: following ‘false’ branch...
ima-evm-utils-1.6.2/src/evmctl.c:1234:9: branch_false: ...to here
ima-evm-utils-1.6.2/src/evmctl.c:1235:12: branch_false: following ‘false’ branch...
ima-evm-utils-1.6.2/src/evmctl.c:1238:13: branch_false: ...to here
ima-evm-utils-1.6.2/src/evmctl.c:1238:12: branch_false: following ‘false’ branch...
ima-evm-utils-1.6.2/src/evmctl.c:1243:13: branch_false: ...to here
ima-evm-utils-1.6.2/src/evmctl.c:1265:12: branch_false: following ‘false’ branch (when ‘list_size > 0’)...
ima-evm-utils-1.6.2/src/evmctl.c:1271:16: branch_false: ...to here
ima-evm-utils-1.6.2/src/evmctl.c:1272:12: branch_false: following ‘false’ branch...
ima-evm-utils-1.6.2/src/evmctl.c:1278:16: branch_false: ...to here
ima-evm-utils-1.6.2/src/evmctl.c:1279:12: branch_false: following ‘false’ branch...
ima-evm-utils-1.6.2/src/evmctl.c:1284:15: branch_false: ...to here
ima-evm-utils-1.6.2/src/evmctl.c:1285:12: branch_false: following ‘false’ branch...
ima-evm-utils-1.6.2/src/evmctl.c:1290:14: branch_false: ...to here
ima-evm-utils-1.6.2/src/evmctl.c:1365:9: danger: ‘file2bin(keyfile, 0, & keylen)’ leaks here; was allocated at [(12)](sarif:/runs/0/results/18/codeFlows/0/threadFlows/0/locations/11)
# 1363|   		log_err("EVP_DigestSignFinal() failed\n");
# 1364|   out_ctx_cleanup:
# 1365|-> 	EVP_PKEY_free(pkey);
# 1366|   #if OPENSSL_VERSION_NUMBER >= 0x10100000
# 1367|   	EVP_MD_CTX_free(pctx);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def19]
ima-evm-utils-1.6.2/src/evmctl.c:1367:9: warning[-Wanalyzer-malloc-leak]: leak of ‘file2bin(keyfile, 0, & keylen)’
ima-evm-utils-1.6.2/src/evmctl.c:1199:12: enter_function: entry to ‘calc_evm_hmac’
ima-evm-utils-1.6.2/src/evmctl.c:1222:15: call_function: calling ‘file2bin’ from ‘calc_evm_hmac’
ima-evm-utils-1.6.2/src/evmctl.c:1222:15: return_function: returning to ‘calc_evm_hmac’ from ‘file2bin’
ima-evm-utils-1.6.2/src/evmctl.c:1223:12: branch_false: following ‘false’ branch...
ima-evm-utils-1.6.2/src/evmctl.c:1228:13: branch_false: ...to here
ima-evm-utils-1.6.2/src/evmctl.c:1228:12: branch_false: following ‘false’ branch...
ima-evm-utils-1.6.2/src/evmctl.c:1234:9: branch_false: ...to here
ima-evm-utils-1.6.2/src/evmctl.c:1235:12: branch_false: following ‘false’ branch...
ima-evm-utils-1.6.2/src/evmctl.c:1238:13: branch_false: ...to here
ima-evm-utils-1.6.2/src/evmctl.c:1238:12: branch_false: following ‘false’ branch...
ima-evm-utils-1.6.2/src/evmctl.c:1243:13: branch_false: ...to here
ima-evm-utils-1.6.2/src/evmctl.c:1265:12: branch_false: following ‘false’ branch (when ‘list_size > 0’)...
ima-evm-utils-1.6.2/src/evmctl.c:1271:16: branch_false: ...to here
ima-evm-utils-1.6.2/src/evmctl.c:1272:12: branch_false: following ‘false’ branch...
ima-evm-utils-1.6.2/src/evmctl.c:1278:16: branch_false: ...to here
ima-evm-utils-1.6.2/src/evmctl.c:1279:12: branch_false: following ‘false’ branch...
ima-evm-utils-1.6.2/src/evmctl.c:1284:15: branch_false: ...to here
ima-evm-utils-1.6.2/src/evmctl.c:1285:12: branch_false: following ‘false’ branch...
ima-evm-utils-1.6.2/src/evmctl.c:1290:14: branch_false: ...to here
ima-evm-utils-1.6.2/src/evmctl.c:1367:9: danger: ‘file2bin(keyfile, 0, & keylen)’ leaks here; was allocated at [(12)](sarif:/runs/0/results/19/codeFlows/0/threadFlows/0/locations/11)
# 1365|   	EVP_PKEY_free(pkey);
# 1366|   #if OPENSSL_VERSION_NUMBER >= 0x10100000
# 1367|-> 	EVP_MD_CTX_free(pctx);
# 1368|   #endif
# 1369|   out:

Error: GCC_ANALYZER_WARNING (CWE-775): [#def20]
ima-evm-utils-1.6.2/src/evmctl.c:1468:9: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘open(path, 0)’
ima-evm-utils-1.6.2/src/evmctl.c:1462:14: acquire_resource: opened here
ima-evm-utils-1.6.2/src/evmctl.c:1463:12: branch_false: following ‘false’ branch...
ima-evm-utils-1.6.2/src/evmctl.c:1468:9: branch_false: ...to here
ima-evm-utils-1.6.2/src/evmctl.c:1468:9: danger: ‘open(path, 0)’ leaks here; was opened at [(1)](sarif:/runs/0/results/20/codeFlows/0/threadFlows/0/locations/0)
# 1466|   	}
# 1467|   
# 1468|-> 	close(fd);
# 1469|   
# 1470|   	return 0;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def21]
ima-evm-utils-1.6.2/src/evmctl.c:1774:14: warning[-Wanalyzer-malloc-leak]: leak of ‘banks’
ima-evm-utils-1.6.2/src/evmctl.c:1782:30: enter_function: entry to ‘init_tpm_banks’
ima-evm-utils-1.6.2/src/evmctl.c:1789:17: acquire_memory: allocated here
ima-evm-utils-1.6.2/src/evmctl.c:1790:12: branch_false: following ‘false’ branch (when ‘banks’ is non-NULL)...
ima-evm-utils-1.6.2/src/evmctl.c:1796:9: branch_false: ...to here
ima-evm-utils-1.6.2/src/evmctl.c:1797:21: branch_true: following ‘true’ branch (when ‘i <= 1’)...
 branch_true: ...to here
ima-evm-utils-1.6.2/src/evmctl.c:1798:29: branch_true: following ‘true’ branch (when ‘j <= 17’)...
ima-evm-utils-1.6.2/src/evmctl.c:1799:55: branch_true: ...to here
ima-evm-utils-1.6.2/src/evmctl.c:1799:28: branch_true: following ‘true’ branch (when the strings are equal)...
ima-evm-utils-1.6.2/src/evmctl.c:1800:53: branch_true: ...to here
ima-evm-utils-1.6.2/src/evmctl.c:1800:33: call_function: calling ‘set_bank_info’ from ‘init_tpm_banks’
# 1772|   
# 1773|   	bank->algo_name = algo_name;
# 1774|-> 	md = EVP_get_digestbyname(bank->algo_name);
# 1775|   	if (!md)
# 1776|   		return;

Error: GCC_ANALYZER_WARNING (CWE-775): [#def22]
ima-evm-utils-1.6.2/src/evmctl.c:2016:25: warning[-Wanalyzer-file-leak]: leak of FILE ‘fp’
ima-evm-utils-1.6.2/src/evmctl.c:2026:12: enter_function: entry to ‘read_sysfs_pcrs’
ima-evm-utils-1.6.2/src/evmctl.c:2031:14: acquire_resource: opened here
ima-evm-utils-1.6.2/src/evmctl.c:2032:12: branch_false: following ‘false’ branch...
ima-evm-utils-1.6.2/src/evmctl.c:2039:18: branch_false: ...to here
ima-evm-utils-1.6.2/src/evmctl.c:2039:18: call_function: calling ‘read_one_bank’ from ‘read_sysfs_pcrs’
# 2014|   		sprintf(pcr_str, "PCR-%2.2d", i);
# 2015|   		if (!strncmp(p, pcr_str, 6))
# 2016|-> 			hex2bin(tpm_bank->pcr[i++], p + 7, tpm_bank->digest_size);
# 2017|   		result = 0;
# 2018|   	}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def23]
ima-evm-utils-1.6.2/src/evmctl.c:2016:25: warning[-Wanalyzer-malloc-leak]: leak of ‘fp’
ima-evm-utils-1.6.2/src/evmctl.c:2026:12: enter_function: entry to ‘read_sysfs_pcrs’
ima-evm-utils-1.6.2/src/evmctl.c:2031:14: acquire_memory: allocated here
ima-evm-utils-1.6.2/src/evmctl.c:2032:12: branch_false: following ‘false’ branch...
ima-evm-utils-1.6.2/src/evmctl.c:2039:18: branch_false: ...to here
ima-evm-utils-1.6.2/src/evmctl.c:2039:18: call_function: calling ‘read_one_bank’ from ‘read_sysfs_pcrs’
# 2014|   		sprintf(pcr_str, "PCR-%2.2d", i);
# 2015|   		if (!strncmp(p, pcr_str, 6))
# 2016|-> 			hex2bin(tpm_bank->pcr[i++], p + 7, tpm_bank->digest_size);
# 2017|   		result = 0;
# 2018|   	}

Error: GCC_ANALYZER_WARNING (CWE-775): [#def24]
ima-evm-utils-1.6.2/src/evmctl.c:2073:17: warning[-Wanalyzer-file-leak]: leak of FILE ‘fopen(&file_name, "r")’
ima-evm-utils-1.6.2/src/evmctl.c:2057:21: branch_true: following ‘true’ branch (when ‘i <= 23’)...
ima-evm-utils-1.6.2/src/evmctl.c:2058:17: branch_true: ...to here
ima-evm-utils-1.6.2/src/evmctl.c:2060:22: acquire_resource: opened here
ima-evm-utils-1.6.2/src/evmctl.c:2061:20: branch_false: following ‘false’ branch...
ima-evm-utils-1.6.2/src/evmctl.c:2067:35: branch_false: ...to here
ima-evm-utils-1.6.2/src/evmctl.c:2068:20: branch_false: following ‘false’ branch...
ima-evm-utils-1.6.2/src/evmctl.c:2073:51: branch_false: ...to here
ima-evm-utils-1.6.2/src/evmctl.c:2073:17: danger: ‘fopen(&file_name, "r")’ leaks here; was opened at [(3)](sarif:/runs/0/results/24/codeFlows/0/threadFlows/0/locations/2)
# 2071|   		}
# 2072|   
# 2073|-> 		hex2bin(tpm_bank->pcr[i], digest, tpm_bank->digest_size);
# 2074|   		fclose(fp);
# 2075|   	}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def25]
ima-evm-utils-1.6.2/src/evmctl.c:2073:17: warning[-Wanalyzer-malloc-leak]: leak of ‘fopen(&file_name, "r")’
ima-evm-utils-1.6.2/src/evmctl.c:2057:21: branch_true: following ‘true’ branch (when ‘i <= 23’)...
ima-evm-utils-1.6.2/src/evmctl.c:2058:17: branch_true: ...to here
ima-evm-utils-1.6.2/src/evmctl.c:2060:22: acquire_memory: allocated here
ima-evm-utils-1.6.2/src/evmctl.c:2061:20: branch_false: following ‘false’ branch...
ima-evm-utils-1.6.2/src/evmctl.c:2067:35: branch_false: ...to here
ima-evm-utils-1.6.2/src/evmctl.c:2068:20: branch_false: following ‘false’ branch...
ima-evm-utils-1.6.2/src/evmctl.c:2073:51: branch_false: ...to here
ima-evm-utils-1.6.2/src/evmctl.c:2073:17: danger: ‘fopen(&file_name, "r")’ leaks here; was allocated at [(3)](sarif:/runs/0/results/25/codeFlows/0/threadFlows/0/locations/2)
# 2071|   		}
# 2072|   
# 2073|-> 		hex2bin(tpm_bank->pcr[i], digest, tpm_bank->digest_size);
# 2074|   		fclose(fp);
# 2075|   	}

Error: GCC_ANALYZER_WARNING (CWE-775): [#def26]
ima-evm-utils-1.6.2/src/evmctl.c:2159:20: warning[-Wanalyzer-file-leak]: leak of FILE ‘fopen(path, "r")’
ima-evm-utils-1.6.2/src/evmctl.c:2107:12: enter_function: entry to ‘read_file_pcrs’
ima-evm-utils-1.6.2/src/evmctl.c:2118:21: branch_true: following ‘true’ branch...
ima-evm-utils-1.6.2/src/evmctl.c:2119:28: branch_true: ...to here
ima-evm-utils-1.6.2/src/evmctl.c:2120:20: branch_false: following ‘false’ branch (when ‘p’ is NULL)...
ima-evm-utils-1.6.2/src/evmctl.c:2130:17: branch_false: ...to here
ima-evm-utils-1.6.2/src/evmctl.c:2136:20: branch_false: following ‘false’ branch (when ‘bank >= 0’)...
ima-evm-utils-1.6.2/src/evmctl.c:2141:21: branch_false: ...to here
ima-evm-utils-1.6.2/src/evmctl.c:2141:20: branch_false: following ‘false’ branch...
ima-evm-utils-1.6.2/src/evmctl.c:2146:22: branch_false: ...to here
ima-evm-utils-1.6.2/src/evmctl.c:2146:20: branch_false: following ‘false’ branch...
ima-evm-utils-1.6.2/src/evmctl.c:2151:22: branch_false: ...to here
ima-evm-utils-1.6.2/src/evmctl.c:2151:22: acquire_resource: opened here
ima-evm-utils-1.6.2/src/evmctl.c:2152:20: branch_false: following ‘false’ branch...
ima-evm-utils-1.6.2/src/evmctl.c:2157:50: branch_false: ...to here
ima-evm-utils-1.6.2/src/evmctl.c:2157:26: call_function: calling ‘read_one_bank’ from ‘read_file_pcrs’
# 2157|   		result = read_one_bank(&tpm_banks[bank], fp);
# 2158|   		fclose(fp);
# 2159|-> 		if (result < 0)
# 2160|   			return result;
# 2161|   		tpm_banks[bank].supported = 1;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def27]
ima-evm-utils-1.6.2/src/evmctl.c:2159:20: warning[-Wanalyzer-malloc-leak]: leak of ‘fopen(path, "r")’
ima-evm-utils-1.6.2/src/evmctl.c:2107:12: enter_function: entry to ‘read_file_pcrs’
ima-evm-utils-1.6.2/src/evmctl.c:2118:21: branch_true: following ‘true’ branch...
ima-evm-utils-1.6.2/src/evmctl.c:2119:28: branch_true: ...to here
ima-evm-utils-1.6.2/src/evmctl.c:2120:20: branch_false: following ‘false’ branch (when ‘p’ is NULL)...
ima-evm-utils-1.6.2/src/evmctl.c:2130:17: branch_false: ...to here
ima-evm-utils-1.6.2/src/evmctl.c:2136:20: branch_false: following ‘false’ branch (when ‘bank >= 0’)...
ima-evm-utils-1.6.2/src/evmctl.c:2141:21: branch_false: ...to here
ima-evm-utils-1.6.2/src/evmctl.c:2141:20: branch_false: following ‘false’ branch...
ima-evm-utils-1.6.2/src/evmctl.c:2146:22: branch_false: ...to here
ima-evm-utils-1.6.2/src/evmctl.c:2146:20: branch_false: following ‘false’ branch...
ima-evm-utils-1.6.2/src/evmctl.c:2151:22: branch_false: ...to here
ima-evm-utils-1.6.2/src/evmctl.c:2151:22: acquire_memory: allocated here
ima-evm-utils-1.6.2/src/evmctl.c:2152:20: branch_false: following ‘false’ branch...
ima-evm-utils-1.6.2/src/evmctl.c:2157:50: branch_false: ...to here
ima-evm-utils-1.6.2/src/evmctl.c:2157:26: call_function: calling ‘read_one_bank’ from ‘read_file_pcrs’
# 2157|   		result = read_one_bank(&tpm_banks[bank], fp);
# 2158|   		fclose(fp);
# 2159|-> 		if (result < 0)
# 2160|   			return result;
# 2161|   		tpm_banks[bank].supported = 1;

Error: GCC_ANALYZER_WARNING (CWE-775): [#def28]
ima-evm-utils-1.6.2/src/evmctl.c:2544:14: warning[-Wanalyzer-file-leak]: leak of FILE ‘fopen(file, "r")’
ima-evm-utils-1.6.2/src/evmctl.c:2529:12: branch_false: following ‘false’ branch...
ima-evm-utils-1.6.2/src/evmctl.c:2532:14: branch_false: ...to here
ima-evm-utils-1.6.2/src/evmctl.c:2532:12: branch_false: following ‘false’ branch...
ima-evm-utils-1.6.2/src/evmctl.c:2537:14: branch_false: ...to here
ima-evm-utils-1.6.2/src/evmctl.c:2537:14: acquire_resource: opened here
ima-evm-utils-1.6.2/src/evmctl.c:2538:12: branch_false: following ‘false’ branch...
ima-evm-utils-1.6.2/src/evmctl.c:2541:13: branch_false: ...to here
ima-evm-utils-1.6.2/src/evmctl.c:2544:14: danger: ‘fopen(file, "r")’ leaks here; was opened at [(5)](sarif:/runs/0/results/28/codeFlows/0/threadFlows/0/locations/4)
# 2542|   		log_info("Reading the TPM 1.2 event log (%s)\n", file);
# 2543|   
# 2544|-> 	md = EVP_get_digestbyname(bank->algo_name);
# 2545|   	if (!md) {
# 2546|   		log_err("Unknown message digest %s\n", bank->algo_name);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def29]
ima-evm-utils-1.6.2/src/evmctl.c:2544:14: warning[-Wanalyzer-malloc-leak]: leak of ‘fopen(file, "r")’
ima-evm-utils-1.6.2/src/evmctl.c:2529:12: branch_false: following ‘false’ branch...
ima-evm-utils-1.6.2/src/evmctl.c:2532:14: branch_false: ...to here
ima-evm-utils-1.6.2/src/evmctl.c:2532:12: branch_false: following ‘false’ branch...
ima-evm-utils-1.6.2/src/evmctl.c:2537:14: branch_false: ...to here
ima-evm-utils-1.6.2/src/evmctl.c:2537:14: acquire_memory: allocated here
ima-evm-utils-1.6.2/src/evmctl.c:2538:12: branch_false: following ‘false’ branch...
ima-evm-utils-1.6.2/src/evmctl.c:2541:13: branch_false: ...to here
ima-evm-utils-1.6.2/src/evmctl.c:2544:14: danger: ‘fopen(file, "r")’ leaks here; was allocated at [(5)](sarif:/runs/0/results/29/codeFlows/0/threadFlows/0/locations/4)
# 2542|   		log_info("Reading the TPM 1.2 event log (%s)\n", file);
# 2543|   
# 2544|-> 	md = EVP_get_digestbyname(bank->algo_name);
# 2545|   	if (!md) {
# 2546|   		log_err("Unknown message digest %s\n", bank->algo_name);

Error: GCC_ANALYZER_WARNING (CWE-775): [#def30]
ima-evm-utils-1.6.2/src/evmctl.c:2552:17: warning[-Wanalyzer-file-leak]: leak of FILE ‘fopen(file, "r")’
ima-evm-utils-1.6.2/src/evmctl.c:2529:12: branch_false: following ‘false’ branch...
ima-evm-utils-1.6.2/src/evmctl.c:2532:14: branch_false: ...to here
ima-evm-utils-1.6.2/src/evmctl.c:2532:12: branch_false: following ‘false’ branch...
ima-evm-utils-1.6.2/src/evmctl.c:2537:14: branch_false: ...to here
ima-evm-utils-1.6.2/src/evmctl.c:2537:14: acquire_resource: opened here
ima-evm-utils-1.6.2/src/evmctl.c:2538:12: branch_false: following ‘false’ branch...
ima-evm-utils-1.6.2/src/evmctl.c:2541:13: branch_false: ...to here
ima-evm-utils-1.6.2/src/evmctl.c:2545:12: branch_false: following ‘false’ branch...
ima-evm-utils-1.6.2/src/evmctl.c:2552:17: branch_false: ...to here
ima-evm-utils-1.6.2/src/evmctl.c:2552:17: danger: ‘fopen(file, "r")’ leaks here; was opened at [(5)](sarif:/runs/0/results/30/codeFlows/0/threadFlows/0/locations/4)
# 2550|   
# 2551|   #if OPENSSL_VERSION_NUMBER >= 0x10100000
# 2552|-> 	mdctx = EVP_MD_CTX_new();
# 2553|   	if (!mdctx) {
# 2554|   		log_err("EVP_MD_CTX_new failed\n");

Error: GCC_ANALYZER_WARNING (CWE-401): [#def31]
ima-evm-utils-1.6.2/src/evmctl.c:2552:17: warning[-Wanalyzer-malloc-leak]: leak of ‘fopen(file, "r")’
ima-evm-utils-1.6.2/src/evmctl.c:2529:12: branch_false: following ‘false’ branch...
ima-evm-utils-1.6.2/src/evmctl.c:2532:14: branch_false: ...to here
ima-evm-utils-1.6.2/src/evmctl.c:2532:12: branch_false: following ‘false’ branch...
ima-evm-utils-1.6.2/src/evmctl.c:2537:14: branch_false: ...to here
ima-evm-utils-1.6.2/src/evmctl.c:2537:14: acquire_memory: allocated here
ima-evm-utils-1.6.2/src/evmctl.c:2538:12: branch_false: following ‘false’ branch...
ima-evm-utils-1.6.2/src/evmctl.c:2541:13: branch_false: ...to here
ima-evm-utils-1.6.2/src/evmctl.c:2545:12: branch_false: following ‘false’ branch...
ima-evm-utils-1.6.2/src/evmctl.c:2552:17: branch_false: ...to here
ima-evm-utils-1.6.2/src/evmctl.c:2552:17: danger: ‘fopen(file, "r")’ leaks here; was allocated at [(5)](sarif:/runs/0/results/31/codeFlows/0/threadFlows/0/locations/4)
# 2550|   
# 2551|   #if OPENSSL_VERSION_NUMBER >= 0x10100000
# 2552|-> 	mdctx = EVP_MD_CTX_new();
# 2553|   	if (!mdctx) {
# 2554|   		log_err("EVP_MD_CTX_new failed\n");

Error: GCC_ANALYZER_WARNING (CWE-775): [#def32]
ima-evm-utils-1.6.2/src/evmctl.c:2564:25: warning[-Wanalyzer-file-leak]: leak of FILE ‘fopen(file, "r")’
ima-evm-utils-1.6.2/src/evmctl.c:2529:12: branch_false: following ‘false’ branch...
ima-evm-utils-1.6.2/src/evmctl.c:2532:14: branch_false: ...to here
ima-evm-utils-1.6.2/src/evmctl.c:2532:12: branch_false: following ‘false’ branch...
ima-evm-utils-1.6.2/src/evmctl.c:2537:14: branch_false: ...to here
ima-evm-utils-1.6.2/src/evmctl.c:2537:14: acquire_resource: opened here
ima-evm-utils-1.6.2/src/evmctl.c:2538:12: branch_false: following ‘false’ branch...
ima-evm-utils-1.6.2/src/evmctl.c:2541:13: branch_false: ...to here
ima-evm-utils-1.6.2/src/evmctl.c:2545:12: branch_false: following ‘false’ branch...
ima-evm-utils-1.6.2/src/evmctl.c:2552:17: branch_false: ...to here
ima-evm-utils-1.6.2/src/evmctl.c:2553:12: branch_false: following ‘false’ branch...
 branch_false: ...to here
ima-evm-utils-1.6.2/src/evmctl.c:2561:16: branch_true: following ‘true’ branch...
ima-evm-utils-1.6.2/src/evmctl.c:2562:21: branch_true: ...to here
ima-evm-utils-1.6.2/src/evmctl.c:2562:20: branch_true: following ‘true’ branch...
ima-evm-utils-1.6.2/src/evmctl.c:2563:25: branch_true: ...to here
ima-evm-utils-1.6.2/src/evmctl.c:2564:25: branch_true: following ‘true’ branch...
ima-evm-utils-1.6.2/src/evmctl.c:2564:25: branch_true: ...to here
ima-evm-utils-1.6.2/src/evmctl.c:2564:25: danger: ‘fopen(file, "r")’ leaks here; was opened at [(5)](sarif:/runs/0/results/32/codeFlows/0/threadFlows/0/locations/4)
# 2562|   		if (imaevm_params.verbose > LOG_INFO) {
# 2563|   			log_info("%02u ", event.header.pcr);
# 2564|-> 			log_dump(event.header.digest, SHA_DIGEST_LENGTH);
# 2565|   		}
# 2566|   		if (event.header.pcr >= NUM_PCRS) {

Error: GCC_ANALYZER_WARNING (CWE-401): [#def33]
ima-evm-utils-1.6.2/src/evmctl.c:2564:25: warning[-Wanalyzer-malloc-leak]: leak of ‘fopen(file, "r")’
ima-evm-utils-1.6.2/src/evmctl.c:2529:12: branch_false: following ‘false’ branch...
ima-evm-utils-1.6.2/src/evmctl.c:2532:14: branch_false: ...to here
ima-evm-utils-1.6.2/src/evmctl.c:2532:12: branch_false: following ‘false’ branch...
ima-evm-utils-1.6.2/src/evmctl.c:2537:14: branch_false: ...to here
ima-evm-utils-1.6.2/src/evmctl.c:2537:14: acquire_memory: allocated here
ima-evm-utils-1.6.2/src/evmctl.c:2538:12: branch_false: following ‘false’ branch...
ima-evm-utils-1.6.2/src/evmctl.c:2541:13: branch_false: ...to here
ima-evm-utils-1.6.2/src/evmctl.c:2545:12: branch_false: following ‘false’ branch...
ima-evm-utils-1.6.2/src/evmctl.c:2552:17: branch_false: ...to here
ima-evm-utils-1.6.2/src/evmctl.c:2553:12: branch_false: following ‘false’ branch...
 branch_false: ...to here
ima-evm-utils-1.6.2/src/evmctl.c:2561:16: branch_true: following ‘true’ branch...
ima-evm-utils-1.6.2/src/evmctl.c:2562:21: branch_true: ...to here
ima-evm-utils-1.6.2/src/evmctl.c:2562:20: branch_true: following ‘true’ branch...
ima-evm-utils-1.6.2/src/evmctl.c:2563:25: branch_true: ...to here
ima-evm-utils-1.6.2/src/evmctl.c:2564:25: branch_true: following ‘true’ branch...
ima-evm-utils-1.6.2/src/evmctl.c:2564:25: branch_true: ...to here
ima-evm-utils-1.6.2/src/evmctl.c:2564:25: danger: ‘fopen(file, "r")’ leaks here; was allocated at [(5)](sarif:/runs/0/results/33/codeFlows/0/threadFlows/0/locations/4)
# 2562|   		if (imaevm_params.verbose > LOG_INFO) {
# 2563|   			log_info("%02u ", event.header.pcr);
# 2564|-> 			log_dump(event.header.digest, SHA_DIGEST_LENGTH);
# 2565|   		}
# 2566|   		if (event.header.pcr >= NUM_PCRS) {

Error: GCC_ANALYZER_WARNING (CWE-775): [#def34]
ima-evm-utils-1.6.2/src/evmctl.c:2571:27: warning[-Wanalyzer-file-leak]: leak of FILE ‘fopen(file, "r")’
ima-evm-utils-1.6.2/src/evmctl.c:2529:12: branch_false: following ‘false’ branch...
ima-evm-utils-1.6.2/src/evmctl.c:2532:14: branch_false: ...to here
ima-evm-utils-1.6.2/src/evmctl.c:2532:12: branch_false: following ‘false’ branch...
ima-evm-utils-1.6.2/src/evmctl.c:2537:14: branch_false: ...to here
ima-evm-utils-1.6.2/src/evmctl.c:2537:14: acquire_resource: opened here
ima-evm-utils-1.6.2/src/evmctl.c:2538:12: branch_false: following ‘false’ branch...
ima-evm-utils-1.6.2/src/evmctl.c:2541:13: branch_false: ...to here
ima-evm-utils-1.6.2/src/evmctl.c:2545:12: branch_false: following ‘false’ branch...
ima-evm-utils-1.6.2/src/evmctl.c:2552:17: branch_false: ...to here
ima-evm-utils-1.6.2/src/evmctl.c:2553:12: branch_false: following ‘false’ branch...
 branch_false: ...to here
ima-evm-utils-1.6.2/src/evmctl.c:2561:16: branch_true: following ‘true’ branch...
ima-evm-utils-1.6.2/src/evmctl.c:2562:21: branch_true: ...to here
ima-evm-utils-1.6.2/src/evmctl.c:2566:20: branch_false: following ‘false’ branch...
ima-evm-utils-1.6.2/src/evmctl.c:2571:27: branch_false: ...to here
ima-evm-utils-1.6.2/src/evmctl.c:2571:27: danger: ‘fopen(file, "r")’ leaks here; was opened at [(5)](sarif:/runs/0/results/34/codeFlows/0/threadFlows/0/locations/4)
# 2569|   		}
# 2570|   
# 2571|-> 		evp_err = EVP_DigestInit(mdctx, md);
# 2572|   		if (evp_err == 0) {
# 2573|   			log_err("EVP_DigestInit() failed\n");

Error: GCC_ANALYZER_WARNING (CWE-401): [#def35]
ima-evm-utils-1.6.2/src/evmctl.c:2571:27: warning[-Wanalyzer-malloc-leak]: leak of ‘fopen(file, "r")’
ima-evm-utils-1.6.2/src/evmctl.c:2529:12: branch_false: following ‘false’ branch...
ima-evm-utils-1.6.2/src/evmctl.c:2532:14: branch_false: ...to here
ima-evm-utils-1.6.2/src/evmctl.c:2532:12: branch_false: following ‘false’ branch...
ima-evm-utils-1.6.2/src/evmctl.c:2537:14: branch_false: ...to here
ima-evm-utils-1.6.2/src/evmctl.c:2537:14: acquire_memory: allocated here
ima-evm-utils-1.6.2/src/evmctl.c:2538:12: branch_false: following ‘false’ branch...
ima-evm-utils-1.6.2/src/evmctl.c:2541:13: branch_false: ...to here
ima-evm-utils-1.6.2/src/evmctl.c:2545:12: branch_false: following ‘false’ branch...
ima-evm-utils-1.6.2/src/evmctl.c:2552:17: branch_false: ...to here
ima-evm-utils-1.6.2/src/evmctl.c:2553:12: branch_false: following ‘false’ branch...
 branch_false: ...to here
ima-evm-utils-1.6.2/src/evmctl.c:2561:16: branch_true: following ‘true’ branch...
ima-evm-utils-1.6.2/src/evmctl.c:2562:21: branch_true: ...to here
ima-evm-utils-1.6.2/src/evmctl.c:2566:20: branch_false: following ‘false’ branch...
ima-evm-utils-1.6.2/src/evmctl.c:2571:27: branch_false: ...to here
ima-evm-utils-1.6.2/src/evmctl.c:2571:27: danger: ‘fopen(file, "r")’ leaks here; was allocated at [(5)](sarif:/runs/0/results/35/codeFlows/0/threadFlows/0/locations/4)
# 2569|   		}
# 2570|   
# 2571|-> 		evp_err = EVP_DigestInit(mdctx, md);
# 2572|   		if (evp_err == 0) {
# 2573|   			log_err("EVP_DigestInit() failed\n");

Error: GCC_ANALYZER_WARNING (CWE-775): [#def36]
ima-evm-utils-1.6.2/src/evmctl.c:2577:27: warning[-Wanalyzer-file-leak]: leak of FILE ‘fopen(file, "r")’
ima-evm-utils-1.6.2/src/evmctl.c:2529:12: branch_false: following ‘false’ branch...
ima-evm-utils-1.6.2/src/evmctl.c:2532:14: branch_false: ...to here
ima-evm-utils-1.6.2/src/evmctl.c:2532:12: branch_false: following ‘false’ branch...
ima-evm-utils-1.6.2/src/evmctl.c:2537:14: branch_false: ...to here
ima-evm-utils-1.6.2/src/evmctl.c:2537:14: acquire_resource: opened here
ima-evm-utils-1.6.2/src/evmctl.c:2538:12: branch_false: following ‘false’ branch...
ima-evm-utils-1.6.2/src/evmctl.c:2541:13: branch_false: ...to here
ima-evm-utils-1.6.2/src/evmctl.c:2545:12: branch_false: following ‘false’ branch...
ima-evm-utils-1.6.2/src/evmctl.c:2552:17: branch_false: ...to here
ima-evm-utils-1.6.2/src/evmctl.c:2553:12: branch_false: following ‘false’ branch...
 branch_false: ...to here
ima-evm-utils-1.6.2/src/evmctl.c:2561:16: branch_true: following ‘true’ branch...
ima-evm-utils-1.6.2/src/evmctl.c:2562:21: branch_true: ...to here
ima-evm-utils-1.6.2/src/evmctl.c:2566:20: branch_false: following ‘false’ branch...
ima-evm-utils-1.6.2/src/evmctl.c:2571:27: branch_false: ...to here
ima-evm-utils-1.6.2/src/evmctl.c:2572:20: branch_false: following ‘false’ branch...
ima-evm-utils-1.6.2/src/evmctl.c:2577:61: branch_false: ...to here
ima-evm-utils-1.6.2/src/evmctl.c:2577:27: danger: ‘fopen(file, "r")’ leaks here; was opened at [(5)](sarif:/runs/0/results/36/codeFlows/0/threadFlows/0/locations/4)
# 2575|   		}
# 2576|   
# 2577|-> 		evp_err = EVP_DigestUpdate(mdctx, bank->pcr[event.header.pcr], 20);
# 2578|   		if (evp_err == 0) {
# 2579|   			log_err("EVP_DigestUpdate() failed\n");

Error: GCC_ANALYZER_WARNING (CWE-401): [#def37]
ima-evm-utils-1.6.2/src/evmctl.c:2577:27: warning[-Wanalyzer-malloc-leak]: leak of ‘fopen(file, "r")’
ima-evm-utils-1.6.2/src/evmctl.c:2529:12: branch_false: following ‘false’ branch...
ima-evm-utils-1.6.2/src/evmctl.c:2532:14: branch_false: ...to here
ima-evm-utils-1.6.2/src/evmctl.c:2532:12: branch_false: following ‘false’ branch...
ima-evm-utils-1.6.2/src/evmctl.c:2537:14: branch_false: ...to here
ima-evm-utils-1.6.2/src/evmctl.c:2537:14: acquire_memory: allocated here
ima-evm-utils-1.6.2/src/evmctl.c:2538:12: branch_false: following ‘false’ branch...
ima-evm-utils-1.6.2/src/evmctl.c:2541:13: branch_false: ...to here
ima-evm-utils-1.6.2/src/evmctl.c:2545:12: branch_false: following ‘false’ branch...
ima-evm-utils-1.6.2/src/evmctl.c:2552:17: branch_false: ...to here
ima-evm-utils-1.6.2/src/evmctl.c:2553:12: branch_false: following ‘false’ branch...
 branch_false: ...to here
ima-evm-utils-1.6.2/src/evmctl.c:2561:16: branch_true: following ‘true’ branch...
ima-evm-utils-1.6.2/src/evmctl.c:2562:21: branch_true: ...to here
ima-evm-utils-1.6.2/src/evmctl.c:2566:20: branch_false: following ‘false’ branch...
ima-evm-utils-1.6.2/src/evmctl.c:2571:27: branch_false: ...to here
ima-evm-utils-1.6.2/src/evmctl.c:2572:20: branch_false: following ‘false’ branch...
ima-evm-utils-1.6.2/src/evmctl.c:2577:61: branch_false: ...to here
ima-evm-utils-1.6.2/src/evmctl.c:2577:27: danger: ‘fopen(file, "r")’ leaks here; was allocated at [(5)](sarif:/runs/0/results/37/codeFlows/0/threadFlows/0/locations/4)
# 2575|   		}
# 2576|   
# 2577|-> 		evp_err = EVP_DigestUpdate(mdctx, bank->pcr[event.header.pcr], 20);
# 2578|   		if (evp_err == 0) {
# 2579|   			log_err("EVP_DigestUpdate() failed\n");

Error: GCC_ANALYZER_WARNING (CWE-775): [#def38]
ima-evm-utils-1.6.2/src/evmctl.c:2582:27: warning[-Wanalyzer-file-leak]: leak of FILE ‘fopen(file, "r")’
ima-evm-utils-1.6.2/src/evmctl.c:2529:12: branch_false: following ‘false’ branch...
ima-evm-utils-1.6.2/src/evmctl.c:2532:14: branch_false: ...to here
ima-evm-utils-1.6.2/src/evmctl.c:2532:12: branch_false: following ‘false’ branch...
ima-evm-utils-1.6.2/src/evmctl.c:2537:14: branch_false: ...to here
ima-evm-utils-1.6.2/src/evmctl.c:2537:14: acquire_resource: opened here
ima-evm-utils-1.6.2/src/evmctl.c:2538:12: branch_false: following ‘false’ branch...
ima-evm-utils-1.6.2/src/evmctl.c:2541:13: branch_false: ...to here
ima-evm-utils-1.6.2/src/evmctl.c:2545:12: branch_false: following ‘false’ branch...
ima-evm-utils-1.6.2/src/evmctl.c:2552:17: branch_false: ...to here
ima-evm-utils-1.6.2/src/evmctl.c:2553:12: branch_false: following ‘false’ branch...
 branch_false: ...to here
ima-evm-utils-1.6.2/src/evmctl.c:2561:16: branch_true: following ‘true’ branch...
ima-evm-utils-1.6.2/src/evmctl.c:2562:21: branch_true: ...to here
ima-evm-utils-1.6.2/src/evmctl.c:2566:20: branch_false: following ‘false’ branch...
ima-evm-utils-1.6.2/src/evmctl.c:2571:27: branch_false: ...to here
ima-evm-utils-1.6.2/src/evmctl.c:2572:20: branch_false: following ‘false’ branch...
ima-evm-utils-1.6.2/src/evmctl.c:2577:61: branch_false: ...to here
ima-evm-utils-1.6.2/src/evmctl.c:2578:20: branch_false: following ‘false’ branch...
ima-evm-utils-1.6.2/src/evmctl.c:2582:27: branch_false: ...to here
ima-evm-utils-1.6.2/src/evmctl.c:2582:27: danger: ‘fopen(file, "r")’ leaks here; was opened at [(5)](sarif:/runs/0/results/38/codeFlows/0/threadFlows/0/locations/4)
# 2580|   			break;
# 2581|   		}
# 2582|-> 		evp_err = EVP_DigestUpdate(mdctx, event.header.digest, 20);
# 2583|   		if (evp_err == 0) {
# 2584|   			log_err("EVP_DigestUpdate() failed\n");

Error: GCC_ANALYZER_WARNING (CWE-401): [#def39]
ima-evm-utils-1.6.2/src/evmctl.c:2582:27: warning[-Wanalyzer-malloc-leak]: leak of ‘fopen(file, "r")’
ima-evm-utils-1.6.2/src/evmctl.c:2529:12: branch_false: following ‘false’ branch...
ima-evm-utils-1.6.2/src/evmctl.c:2532:14: branch_false: ...to here
ima-evm-utils-1.6.2/src/evmctl.c:2532:12: branch_false: following ‘false’ branch...
ima-evm-utils-1.6.2/src/evmctl.c:2537:14: branch_false: ...to here
ima-evm-utils-1.6.2/src/evmctl.c:2537:14: acquire_memory: allocated here
ima-evm-utils-1.6.2/src/evmctl.c:2538:12: branch_false: following ‘false’ branch...
ima-evm-utils-1.6.2/src/evmctl.c:2541:13: branch_false: ...to here
ima-evm-utils-1.6.2/src/evmctl.c:2545:12: branch_false: following ‘false’ branch...
ima-evm-utils-1.6.2/src/evmctl.c:2552:17: branch_false: ...to here
ima-evm-utils-1.6.2/src/evmctl.c:2553:12: branch_false: following ‘false’ branch...
 branch_false: ...to here
ima-evm-utils-1.6.2/src/evmctl.c:2561:16: branch_true: following ‘true’ branch...
ima-evm-utils-1.6.2/src/evmctl.c:2562:21: branch_true: ...to here
ima-evm-utils-1.6.2/src/evmctl.c:2566:20: branch_false: following ‘false’ branch...
ima-evm-utils-1.6.2/src/evmctl.c:2571:27: branch_false: ...to here
ima-evm-utils-1.6.2/src/evmctl.c:2572:20: branch_false: following ‘false’ branch...
ima-evm-utils-1.6.2/src/evmctl.c:2577:61: branch_false: ...to here
ima-evm-utils-1.6.2/src/evmctl.c:2578:20: branch_false: following ‘false’ branch...
ima-evm-utils-1.6.2/src/evmctl.c:2582:27: branch_false: ...to here
ima-evm-utils-1.6.2/src/evmctl.c:2582:27: danger: ‘fopen(file, "r")’ leaks here; was allocated at [(5)](sarif:/runs/0/results/39/codeFlows/0/threadFlows/0/locations/4)
# 2580|   			break;
# 2581|   		}
# 2582|-> 		evp_err = EVP_DigestUpdate(mdctx, event.header.digest, 20);
# 2583|   		if (evp_err == 0) {
# 2584|   			log_err("EVP_DigestUpdate() failed\n");

Error: GCC_ANALYZER_WARNING (CWE-775): [#def40]
ima-evm-utils-1.6.2/src/evmctl.c:2587:27: warning[-Wanalyzer-file-leak]: leak of FILE ‘fopen(file, "r")’
ima-evm-utils-1.6.2/src/evmctl.c:2529:12: branch_false: following ‘false’ branch...
ima-evm-utils-1.6.2/src/evmctl.c:2532:14: branch_false: ...to here
ima-evm-utils-1.6.2/src/evmctl.c:2532:12: branch_false: following ‘false’ branch...
ima-evm-utils-1.6.2/src/evmctl.c:2537:14: branch_false: ...to here
ima-evm-utils-1.6.2/src/evmctl.c:2537:14: acquire_resource: opened here
ima-evm-utils-1.6.2/src/evmctl.c:2538:12: branch_false: following ‘false’ branch...
ima-evm-utils-1.6.2/src/evmctl.c:2541:13: branch_false: ...to here
ima-evm-utils-1.6.2/src/evmctl.c:2545:12: branch_false: following ‘false’ branch...
ima-evm-utils-1.6.2/src/evmctl.c:2552:17: branch_false: ...to here
ima-evm-utils-1.6.2/src/evmctl.c:2553:12: branch_false: following ‘false’ branch...
 branch_false: ...to here
ima-evm-utils-1.6.2/src/evmctl.c:2561:16: branch_true: following ‘true’ branch...
ima-evm-utils-1.6.2/src/evmctl.c:2562:21: branch_true: ...to here
ima-evm-utils-1.6.2/src/evmctl.c:2566:20: branch_false: following ‘false’ branch...
ima-evm-utils-1.6.2/src/evmctl.c:2571:27: branch_false: ...to here
ima-evm-utils-1.6.2/src/evmctl.c:2572:20: branch_false: following ‘false’ branch...
ima-evm-utils-1.6.2/src/evmctl.c:2577:61: branch_false: ...to here
ima-evm-utils-1.6.2/src/evmctl.c:2578:20: branch_false: following ‘false’ branch...
ima-evm-utils-1.6.2/src/evmctl.c:2582:27: branch_false: ...to here
ima-evm-utils-1.6.2/src/evmctl.c:2583:20: branch_false: following ‘false’ branch...
ima-evm-utils-1.6.2/src/evmctl.c:2587:60: branch_false: ...to here
ima-evm-utils-1.6.2/src/evmctl.c:2587:27: danger: ‘fopen(file, "r")’ leaks here; was opened at [(5)](sarif:/runs/0/results/40/codeFlows/0/threadFlows/0/locations/4)
# 2585|   			break;
# 2586|   		}
# 2587|-> 		evp_err = EVP_DigestFinal(mdctx, bank->pcr[event.header.pcr], &mdlen);
# 2588|   		if (evp_err == 0) {
# 2589|   			log_err("EVP_DigestFinal() failed\n");

Error: GCC_ANALYZER_WARNING (CWE-401): [#def41]
ima-evm-utils-1.6.2/src/evmctl.c:2587:27: warning[-Wanalyzer-malloc-leak]: leak of ‘fopen(file, "r")’
ima-evm-utils-1.6.2/src/evmctl.c:2529:12: branch_false: following ‘false’ branch...
ima-evm-utils-1.6.2/src/evmctl.c:2532:14: branch_false: ...to here
ima-evm-utils-1.6.2/src/evmctl.c:2532:12: branch_false: following ‘false’ branch...
ima-evm-utils-1.6.2/src/evmctl.c:2537:14: branch_false: ...to here
ima-evm-utils-1.6.2/src/evmctl.c:2537:14: acquire_memory: allocated here
ima-evm-utils-1.6.2/src/evmctl.c:2538:12: branch_false: following ‘false’ branch...
ima-evm-utils-1.6.2/src/evmctl.c:2541:13: branch_false: ...to here
ima-evm-utils-1.6.2/src/evmctl.c:2545:12: branch_false: following ‘false’ branch...
ima-evm-utils-1.6.2/src/evmctl.c:2552:17: branch_false: ...to here
ima-evm-utils-1.6.2/src/evmctl.c:2553:12: branch_false: following ‘false’ branch...
 branch_false: ...to here
ima-evm-utils-1.6.2/src/evmctl.c:2561:16: branch_true: following ‘true’ branch...
ima-evm-utils-1.6.2/src/evmctl.c:2562:21: branch_true: ...to here
ima-evm-utils-1.6.2/src/evmctl.c:2566:20: branch_false: following ‘false’ branch...
ima-evm-utils-1.6.2/src/evmctl.c:2571:27: branch_false: ...to here
ima-evm-utils-1.6.2/src/evmctl.c:2572:20: branch_false: following ‘false’ branch...
ima-evm-utils-1.6.2/src/evmctl.c:2577:61: branch_false: ...to here
ima-evm-utils-1.6.2/src/evmctl.c:2578:20: branch_false: following ‘false’ branch...
ima-evm-utils-1.6.2/src/evmctl.c:2582:27: branch_false: ...to here
ima-evm-utils-1.6.2/src/evmctl.c:2583:20: branch_false: following ‘false’ branch...
ima-evm-utils-1.6.2/src/evmctl.c:2587:60: branch_false: ...to here
ima-evm-utils-1.6.2/src/evmctl.c:2587:27: danger: ‘fopen(file, "r")’ leaks here; was allocated at [(5)](sarif:/runs/0/results/41/codeFlows/0/threadFlows/0/locations/4)
# 2585|   			break;
# 2586|   		}
# 2587|-> 		evp_err = EVP_DigestFinal(mdctx, bank->pcr[event.header.pcr], &mdlen);
# 2588|   		if (evp_err == 0) {
# 2589|   			log_err("EVP_DigestFinal() failed\n");

Error: GCC_ANALYZER_WARNING (CWE-401): [#def42]
ima-evm-utils-1.6.2/src/evmctl.c:3002:17: warning[-Wanalyzer-malloc-leak]: leak of ‘password’
ima-evm-utils-1.6.2/src/evmctl.c:2990:20: acquire_memory: allocated here
ima-evm-utils-1.6.2/src/evmctl.c:2991:12: branch_false: following ‘false’ branch (when ‘password’ is non-NULL)...
ima-evm-utils-1.6.2/src/evmctl.c:2996:9: branch_false: ...to here
ima-evm-utils-1.6.2/src/evmctl.c:3001:12: branch_true: following ‘true’ branch...
ima-evm-utils-1.6.2/src/evmctl.c:3002:17: branch_true: ...to here
ima-evm-utils-1.6.2/src/evmctl.c:3002:17: danger: ‘password’ leaks here; was allocated at [(1)](sarif:/runs/0/results/42/codeFlows/0/threadFlows/0/locations/0)
# 3000|   
# 3001|   	if (tcsetattr(fileno(stdin), TCSANOW, &tmp_flags) != 0) {
# 3002|-> 		perror("tcsetattr");
# 3003|   		free(password);
# 3004|   		return NULL;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def43]
ima-evm-utils-1.6.2/src/evmctl.c:3012:17: warning[-Wanalyzer-malloc-leak]: leak of ‘password’
ima-evm-utils-1.6.2/src/evmctl.c:2990:20: acquire_memory: allocated here
ima-evm-utils-1.6.2/src/evmctl.c:2991:12: branch_false: following ‘false’ branch (when ‘password’ is non-NULL)...
ima-evm-utils-1.6.2/src/evmctl.c:2996:9: branch_false: ...to here
ima-evm-utils-1.6.2/src/evmctl.c:3001:12: branch_false: following ‘false’ branch...
ima-evm-utils-1.6.2/src/evmctl.c:3007:9: branch_false: ...to here
ima-evm-utils-1.6.2/src/evmctl.c:3011:12: branch_true: following ‘true’ branch...
ima-evm-utils-1.6.2/src/evmctl.c:3012:17: branch_true: ...to here
ima-evm-utils-1.6.2/src/evmctl.c:3012:17: danger: ‘password’ leaks here; was allocated at [(1)](sarif:/runs/0/results/43/codeFlows/0/threadFlows/0/locations/0)
# 3010|   	/* restore terminal */
# 3011|   	if (tcsetattr(fileno(stdin), TCSANOW, &flags) != 0) {
# 3012|-> 		perror("tcsetattr");
# 3013|   		free(password);
# 3014|   		return NULL;

Error: GCC_ANALYZER_WARNING (CWE-775): [#def44]
ima-evm-utils-1.6.2/src/libimaevm.c:159:22: warning[-Wanalyzer-file-leak]: leak of FILE 'fopen(file, "r")'
ima-evm-utils-1.6.2/src/libimaevm.c:770:5: enter_function: entry to 'ima_verify_signature2'
ima-evm-utils-1.6.2/src/libimaevm.c:778:12: branch_false: following 'false' branch...
ima-evm-utils-1.6.2/src/libimaevm.c:783:12: branch_false: ...to here
ima-evm-utils-1.6.2/src/libimaevm.c:789:12: branch_false: following 'false' branch...
ima-evm-utils-1.6.2/src/libimaevm.c:794:21: branch_false: ...to here
ima-evm-utils-1.6.2/src/libimaevm.c:794:21: call_function: calling 'imaevm_hash_algo_by_id' from 'ima_verify_signature2'
ima-evm-utils-1.6.2/src/libimaevm.c:794:21: return_function: returning to 'ima_verify_signature2' from 'imaevm_hash_algo_by_id'
ima-evm-utils-1.6.2/src/libimaevm.c:800:12: branch_false: following 'false' branch...
ima-evm-utils-1.6.2/src/libimaevm.c:805:19: branch_false: ...to here
ima-evm-utils-1.6.2/src/libimaevm.c:805:19: call_function: calling 'ima_calc_hash2' from 'ima_verify_signature2'
#  157|   			break;
#  158|   		}
#  159|-> 		if (!EVP_DigestUpdate(ctx, data, len)) {
#  160|   			log_err("EVP_DigestUpdate() failed\n");
#  161|   			err = 1;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def45]
ima-evm-utils-1.6.2/src/libimaevm.c:159:22: warning[-Wanalyzer-malloc-leak]: leak of 'data'
ima-evm-utils-1.6.2/src/libimaevm.c:770:5: enter_function: entry to 'ima_verify_signature2'
ima-evm-utils-1.6.2/src/libimaevm.c:778:12: branch_false: following 'false' branch...
ima-evm-utils-1.6.2/src/libimaevm.c:783:12: branch_false: ...to here
ima-evm-utils-1.6.2/src/libimaevm.c:789:12: branch_false: following 'false' branch...
ima-evm-utils-1.6.2/src/libimaevm.c:794:21: branch_false: ...to here
ima-evm-utils-1.6.2/src/libimaevm.c:794:21: call_function: calling 'imaevm_hash_algo_by_id' from 'ima_verify_signature2'
ima-evm-utils-1.6.2/src/libimaevm.c:794:21: return_function: returning to 'ima_verify_signature2' from 'imaevm_hash_algo_by_id'
ima-evm-utils-1.6.2/src/libimaevm.c:800:12: branch_false: following 'false' branch...
ima-evm-utils-1.6.2/src/libimaevm.c:805:19: branch_false: ...to here
ima-evm-utils-1.6.2/src/libimaevm.c:805:19: call_function: calling 'ima_calc_hash2' from 'ima_verify_signature2'
#  157|   			break;
#  158|   		}
#  159|-> 		if (!EVP_DigestUpdate(ctx, data, len)) {
#  160|   			log_err("EVP_DigestUpdate() failed\n");
#  161|   			err = 1;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def46]
ima-evm-utils-1.6.2/src/libimaevm.c:159:22: warning[-Wanalyzer-malloc-leak]: leak of 'fopen(file, "r")'
ima-evm-utils-1.6.2/src/libimaevm.c:770:5: enter_function: entry to 'ima_verify_signature2'
ima-evm-utils-1.6.2/src/libimaevm.c:778:12: branch_false: following 'false' branch...
ima-evm-utils-1.6.2/src/libimaevm.c:783:12: branch_false: ...to here
ima-evm-utils-1.6.2/src/libimaevm.c:789:12: branch_false: following 'false' branch...
ima-evm-utils-1.6.2/src/libimaevm.c:794:21: branch_false: ...to here
ima-evm-utils-1.6.2/src/libimaevm.c:794:21: call_function: calling 'imaevm_hash_algo_by_id' from 'ima_verify_signature2'
ima-evm-utils-1.6.2/src/libimaevm.c:794:21: return_function: returning to 'ima_verify_signature2' from 'imaevm_hash_algo_by_id'
ima-evm-utils-1.6.2/src/libimaevm.c:800:12: branch_false: following 'false' branch...
ima-evm-utils-1.6.2/src/libimaevm.c:805:19: branch_false: ...to here
ima-evm-utils-1.6.2/src/libimaevm.c:805:19: call_function: calling 'ima_calc_hash2' from 'ima_verify_signature2'
#  157|   			break;
#  158|   		}
#  159|-> 		if (!EVP_DigestUpdate(ctx, data, len)) {
#  160|   			log_err("EVP_DigestUpdate() failed\n");
#  161|   			err = 1;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def47]
ima-evm-utils-1.6.2/src/libimaevm.c:392:9: warning[-Wanalyzer-malloc-leak]: leak of 'entry'
ima-evm-utils-1.6.2/src/libimaevm.c:733:5: enter_function: entry to 'imaevm_verify_hash'
ima-evm-utils-1.6.2/src/libimaevm.c:738:12: branch_false: following 'false' branch...
ima-evm-utils-1.6.2/src/libimaevm.c:753:19: branch_false: ...to here
ima-evm-utils-1.6.2/src/libimaevm.c:753:19: branch_true: following 'true' branch...
ima-evm-utils-1.6.2/src/libimaevm.c:754:24: branch_true: ...to here
ima-evm-utils-1.6.2/src/libimaevm.c:754:24: call_function: calling 'verify_hash_v2' from 'imaevm_verify_hash'
#  390|   	else
#  391|   		public_keys = entry;
#  392|-> 	log_err("key %d: %x (unknown keyid)\n", i, __be32_to_cpup(&keyid));
#  393|   	return 0;
#  394|   }

Error: GCC_ANALYZER_WARNING (CWE-775): [#def48]
ima-evm-utils-1.6.2/src/libimaevm.c:961:14: warning[-Wanalyzer-file-leak]: leak of FILE 'fopen(certfile, "r")'
ima-evm-utils-1.6.2/src/libimaevm.c:957:20: acquire_resource: opened here
ima-evm-utils-1.6.2/src/libimaevm.c:957:12: branch_false: following 'false' branch...
ima-evm-utils-1.6.2/src/libimaevm.c:961:14: branch_false: ...to here
ima-evm-utils-1.6.2/src/libimaevm.c:961:14: danger: 'fopen(certfile, "r")' leaks here; was opened at [(1)](sarif:/runs/0/results/4/codeFlows/0/threadFlows/0/locations/0)
#  959|   		return -1;
#  960|   	}
#  961|-> 	if (!PEM_read_X509(fp, &x, NULL, NULL)) {
#  962|   		if (ERR_GET_REASON(ERR_peek_last_error()) == PEM_R_NO_START_LINE) {
#  963|   			ERR_clear_error();

Error: GCC_ANALYZER_WARNING (CWE-401): [#def49]
ima-evm-utils-1.6.2/src/libimaevm.c:961:14: warning[-Wanalyzer-malloc-leak]: leak of 'fopen(certfile, "r")'
ima-evm-utils-1.6.2/src/libimaevm.c:957:20: acquire_memory: allocated here
ima-evm-utils-1.6.2/src/libimaevm.c:957:12: branch_false: following 'false' branch...
ima-evm-utils-1.6.2/src/libimaevm.c:961:14: branch_false: ...to here
ima-evm-utils-1.6.2/src/libimaevm.c:961:14: danger: 'fopen(certfile, "r")' leaks here; was allocated at [(1)](sarif:/runs/0/results/5/codeFlows/0/threadFlows/0/locations/0)
#  959|   		return -1;
#  960|   	}
#  961|-> 	if (!PEM_read_X509(fp, &x, NULL, NULL)) {
#  962|   		if (ERR_GET_REASON(ERR_peek_last_error()) == PEM_R_NO_START_LINE) {
#  963|   			ERR_clear_error();

Error: GCC_ANALYZER_WARNING (CWE-775): [#def50]
ima-evm-utils-1.6.2/src/libimaevm.c:1150:24: warning[-Wanalyzer-file-leak]: leak of FILE 'fopen(keyfile, "r")'
ima-evm-utils-1.6.2/src/libimaevm.c:1128:12: branch_false: following 'false' branch...
ima-evm-utils-1.6.2/src/libimaevm.c:1145:22: branch_false: ...to here
ima-evm-utils-1.6.2/src/libimaevm.c:1145:22: acquire_resource: opened here
ima-evm-utils-1.6.2/src/libimaevm.c:1146:20: branch_false: following 'false' branch...
ima-evm-utils-1.6.2/src/libimaevm.c:1150:24: branch_false: ...to here
ima-evm-utils-1.6.2/src/libimaevm.c:1150:24: danger: 'fopen(keyfile, "r")' leaks here; was opened at [(3)](sarif:/runs/0/results/6/codeFlows/0/threadFlows/0/locations/2)
# 1148|   			return NULL;
# 1149|   		}
# 1150|-> 		pkey = PEM_read_PrivateKey(fp, NULL, NULL, (void *)keypass);
# 1151|   		if (!pkey) {
# 1152|   			log_err("Failed to PEM_read_PrivateKey key file: %s\n",

Error: GCC_ANALYZER_WARNING (CWE-401): [#def51]
ima-evm-utils-1.6.2/src/libimaevm.c:1150:24: warning[-Wanalyzer-malloc-leak]: leak of 'fopen(keyfile, "r")'
ima-evm-utils-1.6.2/src/libimaevm.c:1128:12: branch_false: following 'false' branch...
ima-evm-utils-1.6.2/src/libimaevm.c:1145:22: branch_false: ...to here
ima-evm-utils-1.6.2/src/libimaevm.c:1145:22: acquire_memory: allocated here
ima-evm-utils-1.6.2/src/libimaevm.c:1146:20: branch_false: following 'false' branch...
ima-evm-utils-1.6.2/src/libimaevm.c:1150:24: branch_false: ...to here
ima-evm-utils-1.6.2/src/libimaevm.c:1150:24: danger: 'fopen(keyfile, "r")' leaks here; was allocated at [(3)](sarif:/runs/0/results/7/codeFlows/0/threadFlows/0/locations/2)
# 1148|   			return NULL;
# 1149|   		}
# 1150|-> 		pkey = PEM_read_PrivateKey(fp, NULL, NULL, (void *)keypass);
# 1151|   		if (!pkey) {
# 1152|   			log_err("Failed to PEM_read_PrivateKey key file: %s\n",

Scan Properties

analyzer-version-clippy1.90.0
analyzer-version-cppcheck2.18.3
analyzer-version-gcc15.2.1
analyzer-version-gcc-analyzer16.0.0
analyzer-version-shellcheck0.11.0
analyzer-version-unicontrol0.0.2
enabled-pluginsclippy, cppcheck, gcc, shellcheck, unicontrol
exit-code0
hostip-172-16-1-42.us-west-2.compute.internal
known-false-positives/usr/share/csmock/known-false-positives.js
known-false-positives-rpmknown-false-positives-0.0.0.20250521.132812.g8eff701.main-1.el9.noarch
mock-configfedora-rawhide-gcc-latest-x86_64
project-nameima-evm-utils-1.6.2-7.fc44
store-results-to/tmp/tmpe2wqe3ga/ima-evm-utils-1.6.2-7.fc44.tar.xz
time-created2025-10-28 18:16:41
time-finished2025-10-28 18:18:18
toolcsmock
tool-args'/usr/bin/csmock' '-r' 'fedora-rawhide-gcc-latest-x86_64' '-t' 'gcc,cppcheck,shellcheck,clippy,unicontrol' '-o' '/tmp/tmpe2wqe3ga/ima-evm-utils-1.6.2-7.fc44.tar.xz' '--gcc-analyze' '--unicontrol-notests' '--unicontrol-bidi-only' '--install' 'pam' '--install=gcc-latest' '--gcc-analyzer-bin=/opt/gcc-latest/bin/gcc' '/tmp/tmpe2wqe3ga/ima-evm-utils-1.6.2-7.fc44.src.rpm'
tool-versioncsmock-3.8.3.20251027.143044.ge6b947b-1.el9