pacman-7.0.0-5.fc44

List of Findings

Error: SHELLCHECK_WARNING (CWE-571): [#def1]
/usr/bin/makepkg:144:10: warning[SC2155]: Declare and assign separately to avoid masking return values.
#  142|   		rm -rf "$pkgdirbase" "$srcdir"
#  143|   		if [[ -n $pkgbase ]]; then
#  144|-> 			local fullver=$(get_full_version)
#  145|   			# Can't do this unless the BUILDSCRIPT has been sourced.
#  146|   			if (( PKGVERFUNC )); then

Error: SHELLCHECK_WARNING (CWE-88): [#def2]
/usr/bin/makepkg:164:16: error[SC2068]: Double quote array expansions to avoid re-splitting elements.
#  162|   				rm -f "${pkgbase}-${fullver}-${CARCH}-package.log"*
#  163|   			elif (( SPLITPKG )); then
#  164|-> 				for pkg in ${pkgname[@]}; do
#  165|   					rm -f "${pkgbase}-${fullver}-${CARCH}-package_${pkg}.log"*
#  166|   				done

Error: SHELLCHECK_WARNING (CWE-88): [#def3]
/usr/bin/makepkg:170:15: error[SC2068]: Double quote array expansions to avoid re-splitting elements.
#  168|   
#  169|   			# clean up dangling symlinks to packages
#  170|-> 			for pkg in ${pkgname[@]}; do
#  171|   				for file in ${pkg}-*-*-*{${PKGEXT},${SRCEXT}}; do
#  172|   					if [[ -h $file && ! -e $file ]]; then

Error: SHELLCHECK_WARNING (CWE-457): [#def4]
/usr/bin/makepkg:205:40: warning[SC2154]: pkgver is referenced but not assigned.
#  203|   	fi
#  204|   
#  205|-> 	if [[ -n $newpkgver && $newpkgver != "$pkgver" ]]; then
#  206|   		if [[ -w $BUILDFILE ]]; then
#  207|   			mapfile -t buildfile < "$BUILDFILE"

Error: SHELLCHECK_WARNING (CWE-571): [#def5]
/usr/bin/makepkg:216:10: warning[SC2155]: Declare and assign separately to avoid masking return values.
#  214|   			fi
#  215|   			source_safe "$BUILDFILE"
#  216|-> 			local fullver=$(get_full_version)
#  217|   			msg "$(gettext "Updated version: %s")" "$pkgbase $fullver"
#  218|   		else

Error: SHELLCHECK_WARNING (CWE-571): [#def6]
/usr/bin/makepkg:250:9: warning[SC2155]: Declare and assign separately to avoid masking return values.
#  248|   			cmd=(su root -c "$cmdescape")
#  249|   		fi
#  250|-> 		local lockfile="$(pacman-conf DBPath)/db.lck"
#  251|   		while [[ -f $lockfile ]]; do
#  252|   			local timer=0

Error: SHELLCHECK_WARNING (CWE-571): [#def7]
/usr/bin/makepkg:303:8: warning[SC2155]: Declare and assign separately to avoid masking return values.
#  301|   	# we might need the new system environment
#  302|   	# save our shell options and turn off extglob
#  303|-> 	local shellopts=$(shopt -p extglob)
#  304|   	shopt -u extglob
#  305|   	source /etc/profile &>/dev/null

Error: SHELLCHECK_WARNING (CWE-140): [#def8]
/usr/bin/makepkg:322:11: warning[SC2207]: Prefer mapfile or read -a to split command output (or quote to avoid splitting).
#  320|   	# Otherwise, the return value will depend on the assignment.
#  321|   	local deplist
#  322|-> 	deplist=($(check_deps "$@")) || exit $E_INSTALL_DEPS_FAILED
#  323|   	[[ -z $deplist ]] && return $R_DEPS_SATISFIED
#  324|   

Error: SHELLCHECK_WARNING (CWE-670): [#def9]
/usr/bin/makepkg:323:8: warning[SC2128]: Expanding an array without an index only gives the first element.
#  321|   	local deplist
#  322|   	deplist=($(check_deps "$@")) || exit $E_INSTALL_DEPS_FAILED
#  323|-> 	[[ -z $deplist ]] && return $R_DEPS_SATISFIED
#  324|   
#  325|   	if handle_deps "${deplist[@]}"; then

Error: SHELLCHECK_WARNING (CWE-88): [#def10]
/usr/bin/makepkg:333:13: error[SC2068]: Double quote array expansions to avoid re-splitting elements.
#  331|   	msg "$(gettext "Missing dependencies:")"
#  332|   	local dep
#  333|-> 	for dep in ${deplist[@]}; do
#  334|   		msg2 "$dep"
#  335|   	done

Error: SHELLCHECK_WARNING (CWE-140): [#def11]
/usr/bin/makepkg:352:11: warning[SC2207]: Prefer mapfile or read -a to split command output (or quote to avoid splitting).
#  350|   
#  351|   	local deplist
#  352|-> 	deplist=($(grep -xvFf <(printf "%s\n" "${original_pkglist[@]}") \
#  353|   			<(printf "%s\n" "${current_pkglist[@]}")))
#  354|   	if [[ -z $deplist ]]; then

Error: SHELLCHECK_WARNING (CWE-670): [#def12]
/usr/bin/makepkg:354:11: warning[SC2128]: Expanding an array without an index only gives the first element.
#  352|   	deplist=($(grep -xvFf <(printf "%s\n" "${original_pkglist[@]}") \
#  353|   			<(printf "%s\n" "${current_pkglist[@]}")))
#  354|-> 	if [[ -z $deplist ]]; then
#  355|   		return 0
#  356|   	fi

Error: SHELLCHECK_WARNING (CWE-88): [#def13]
/usr/bin/makepkg:360:23: error[SC2068]: Double quote array expansions to avoid re-splitting elements.
#  358|   	msg "Removing installed dependencies..."
#  359|   	# exit cleanly on failure to remove deps as package has been built successfully
#  360|-> 	if ! run_pacman -Rnu ${deplist[@]}; then
#  361|   		warning "$(gettext "Failed to remove installed dependencies.")"
#  362|   		return $E_REMOVE_DEPS_FAILED

Error: SHELLCHECK_WARNING (CWE-398): [#def14]
/usr/bin/makepkg:381:30: error[SC1087]: Use braces when expanding arrays, e.g. ${array[idx]} (or ${var}[.. to quiet).
#  379|   
#  380|   	for attr in "${supported_attrs[@]}"; do
#  381|-> 		eval "$attr+=(\"\${${attr}_$CARCH[@]}\")"
#  382|   	done
#  383|   

Error: SHELLCHECK_WARNING (CWE-569): [#def15]
/usr/bin/makepkg:404:24: warning[SC2064]: Use single quotes, otherwise this expands now rather than when signalled.
#  402|   
#  403|   	restoretrap=$(trap -p ERR)
#  404|-> 	trap "error_function '$1'" ERR
#  405|   
#  406|   	run_function "$1" "$2"

Error: SHELLCHECK_WARNING (CWE-571): [#def16]
/usr/bin/makepkg:427:9: warning[SC2155]: Declare and assign separately to avoid masking return values.
#  425|   	local ret=0
#  426|   	if (( LOGGING )); then
#  427|-> 		local fullver=$(get_full_version)
#  428|   		local BUILDLOG="$LOGDEST/${pkgbase}-${fullver}-${CARCH}-$pkgfunc.log"
#  429|   		if [[ -f $BUILDLOG ]]; then

Error: SHELLCHECK_WARNING (CWE-571): [#def17]
/usr/bin/makepkg:490:8: warning[SC2155]: Declare and assign separately to avoid masking return values.
#  488|   
#  489|   write_pkginfo() {
#  490|-> 	local size=$(dirsize)
#  491|   
#  492|   	merge_arch_attrs

Error: SHELLCHECK_WARNING (CWE-571): [#def18]
/usr/bin/makepkg:502:8: warning[SC2155]: Declare and assign separately to avoid masking return values.
#  500|   	write_kv_pair "xdata" "pkgtype=$pkgtype"
#  501|   
#  502|-> 	local fullver=$(get_full_version)
#  503|   	write_kv_pair "pkgver" "$fullver"
#  504|   

Error: SHELLCHECK_WARNING (CWE-670): [#def19]
/usr/bin/makepkg:510:27: warning[SC2128]: Expanding an array without an index only gives the first element.
#  508|   	spd=("${spd[@]%[[:space:]]}")
#  509|   
#  510|-> 	write_kv_pair "pkgdesc" "$spd"
#  511|   	write_kv_pair "url" "$url"
#  512|   	write_kv_pair "builddate" "$SOURCE_DATE_EPOCH"

Error: SHELLCHECK_WARNING (CWE-457): [#def20]
/usr/bin/makepkg:511:23: warning[SC2154]: url is referenced but not assigned.
#  509|   
#  510|   	write_kv_pair "pkgdesc" "$spd"
#  511|-> 	write_kv_pair "url" "$url"
#  512|   	write_kv_pair "builddate" "$SOURCE_DATE_EPOCH"
#  513|   	write_kv_pair "packager" "$PACKAGER"

Error: SHELLCHECK_WARNING (CWE-457): [#def21]
/usr/bin/makepkg:517:31: warning[SC2154]: license is referenced but not assigned.
#  515|   	write_kv_pair "arch" "$pkgarch"
#  516|   
#  517|-> 	write_kv_pair "license"     "${license[@]}"
#  518|   	write_kv_pair "replaces"    "${replaces[@]}"
#  519|   	write_kv_pair "group"       "${groups[@]}"

Error: SHELLCHECK_WARNING (CWE-457): [#def22]
/usr/bin/makepkg:518:31: warning[SC2154]: replaces is referenced but not assigned.
#  516|   
#  517|   	write_kv_pair "license"     "${license[@]}"
#  518|-> 	write_kv_pair "replaces"    "${replaces[@]}"
#  519|   	write_kv_pair "group"       "${groups[@]}"
#  520|   	write_kv_pair "conflict"    "${conflicts[@]}"

Error: SHELLCHECK_WARNING (CWE-457): [#def23]
/usr/bin/makepkg:519:31: warning[SC2154]: groups is referenced but not assigned.
#  517|   	write_kv_pair "license"     "${license[@]}"
#  518|   	write_kv_pair "replaces"    "${replaces[@]}"
#  519|-> 	write_kv_pair "group"       "${groups[@]}"
#  520|   	write_kv_pair "conflict"    "${conflicts[@]}"
#  521|   	write_kv_pair "provides"    "${provides[@]}"

Error: SHELLCHECK_WARNING (CWE-457): [#def24]
/usr/bin/makepkg:520:31: warning[SC2154]: conflicts is referenced but not assigned.
#  518|   	write_kv_pair "replaces"    "${replaces[@]}"
#  519|   	write_kv_pair "group"       "${groups[@]}"
#  520|-> 	write_kv_pair "conflict"    "${conflicts[@]}"
#  521|   	write_kv_pair "provides"    "${provides[@]}"
#  522|   	write_kv_pair "backup"      "${backup[@]}"

Error: SHELLCHECK_WARNING (CWE-457): [#def25]
/usr/bin/makepkg:522:31: warning[SC2154]: backup is referenced but not assigned.
#  520|   	write_kv_pair "conflict"    "${conflicts[@]}"
#  521|   	write_kv_pair "provides"    "${provides[@]}"
#  522|-> 	write_kv_pair "backup"      "${backup[@]}"
#  523|   	write_kv_pair "depend"      "${depends[@]}"
#  524|   	write_kv_pair "optdepend"   "${optdepends[@]//+([[:space:]])/ }"

Error: SHELLCHECK_WARNING (CWE-457): [#def26]
/usr/bin/makepkg:523:31: warning[SC2154]: depends is referenced but not assigned.
#  521|   	write_kv_pair "provides"    "${provides[@]}"
#  522|   	write_kv_pair "backup"      "${backup[@]}"
#  523|-> 	write_kv_pair "depend"      "${depends[@]}"
#  524|   	write_kv_pair "optdepend"   "${optdepends[@]//+([[:space:]])/ }"
#  525|   	write_kv_pair "makedepend"  "${makedepends[@]}"

Error: SHELLCHECK_WARNING (CWE-457): [#def27]
/usr/bin/makepkg:524:31: warning[SC2154]: optdepends is referenced but not assigned.
#  522|   	write_kv_pair "backup"      "${backup[@]}"
#  523|   	write_kv_pair "depend"      "${depends[@]}"
#  524|-> 	write_kv_pair "optdepend"   "${optdepends[@]//+([[:space:]])/ }"
#  525|   	write_kv_pair "makedepend"  "${makedepends[@]}"
#  526|   	write_kv_pair "checkdepend" "${checkdepends[@]}"

Error: SHELLCHECK_WARNING (CWE-457): [#def28]
/usr/bin/makepkg:525:31: warning[SC2154]: makedepends is referenced but not assigned.
#  523|   	write_kv_pair "depend"      "${depends[@]}"
#  524|   	write_kv_pair "optdepend"   "${optdepends[@]//+([[:space:]])/ }"
#  525|-> 	write_kv_pair "makedepend"  "${makedepends[@]}"
#  526|   	write_kv_pair "checkdepend" "${checkdepends[@]}"
#  527|   }

Error: SHELLCHECK_WARNING (CWE-457): [#def29]
/usr/bin/makepkg:526:31: warning[SC2154]: checkdepends is referenced but not assigned.
#  524|   	write_kv_pair "optdepend"   "${optdepends[@]//+([[:space:]])/ }"
#  525|   	write_kv_pair "makedepend"  "${makedepends[@]}"
#  526|-> 	write_kv_pair "checkdepend" "${checkdepends[@]}"
#  527|   }
#  528|   

Error: SHELLCHECK_WARNING (CWE-571): [#def30]
/usr/bin/makepkg:535:8: warning[SC2155]: Declare and assign separately to avoid masking return values.
#  533|   	write_kv_pair "pkgbase" "$pkgbase"
#  534|   
#  535|-> 	local fullver=$(get_full_version)
#  536|   	write_kv_pair "pkgver" "$fullver"
#  537|   

Error: SHELLCHECK_WARNING (CWE-571): [#def31]
/usr/bin/makepkg:540:8: warning[SC2155]: Declare and assign separately to avoid masking return values.
#  538|   	write_kv_pair "pkgarch" "$pkgarch"
#  539|   
#  540|-> 	local sum="$(sha256sum "${BUILDFILE}")"
#  541|   	sum=${sum%% *}
#  542|   	write_kv_pair "pkgbuild_sha256sum" $sum

Error: SHELLCHECK_WARNING (CWE-140): [#def32]
/usr/bin/makepkg:553:25: warning[SC2207]: Prefer mapfile or read -a to split command output (or quote to avoid splitting).
#  551|   	write_kv_pair "options" "${OPTIONS[@]}"
#  552|   
#  553|-> 	local pkginfos_parsed=($(LC_ALL=C run_pacman -Qi | awk -F': ' '\
#  554|   		/^Name .*/ {printf "%s", $2} \
#  555|   		/^Version .*/ {printf "-%s", $2} \

Error: SHELLCHECK_WARNING (CWE-571): [#def33]
/usr/bin/makepkg:610:8: warning[SC2155]: Declare and assign separately to avoid masking return values.
#  608|   
#  609|   	# tar it up
#  610|-> 	local fullver=$(get_full_version)
#  611|   	local pkg_file="$PKGDEST/${pkgname}-${fullver}-${pkgarch}${PKGEXT}"
#  612|   	local ret=0

Error: SHELLCHECK_WARNING (CWE-88): [#def34]
/usr/bin/makepkg:656:13: error[SC2068]: Double quote array expansions to avoid re-splitting elements.
#  654|   
#  655|   	local pkg
#  656|-> 	for pkg in ${pkgname[@]}; do
#  657|   		if [[ $pkg != $pkgbase ]]; then
#  658|   			provides+=("$pkg-debug")

Error: SHELLCHECK_WARNING (CWE-153): [#def35]
/usr/bin/makepkg:657:17: warning[SC2053]: Quote the right-hand side of != in [[ ]] to prevent glob matching.
#  655|   	local pkg
#  656|   	for pkg in ${pkgname[@]}; do
#  657|-> 		if [[ $pkg != $pkgbase ]]; then
#  658|   			provides+=("$pkg-debug")
#  659|   		fi

Error: SHELLCHECK_WARNING (CWE-571): [#def36]
/usr/bin/makepkg:672:8: warning[SC2155]: Declare and assign separately to avoid masking return values.
#  670|   	local ret=0
#  671|   	msg "$(gettext "Creating source package...")"
#  672|-> 	local srclinks="$(mktemp -d "$startdir"/srclinks.XXXXXXXXX)"
#  673|   	mkdir "${srclinks}"/${pkgbase}
#  674|   

Error: SHELLCHECK_WARNING (CWE-140): [#def37]
/usr/bin/makepkg:697:24: warning[SC2206]: Quote to prevent word splitting/globbing, or split robustly with mapfile or read -a.
#  695|   	# set pkgname the same way we do for running package(), this way we get
#  696|   	# the right value in extract_function_variable
#  697|-> 	local pkgname_backup=(${pkgname[@]})
#  698|   	local i pkgname
#  699|   	for i in 'changelog' 'install'; do

Error: SHELLCHECK_WARNING (CWE-140): [#def38]
/usr/bin/makepkg:716:11: warning[SC2206]: Quote to prevent word splitting/globbing, or split robustly with mapfile or read -a.
#  714|   		done
#  715|   	done
#  716|-> 	pkgname=(${pkgname_backup[@]})
#  717|   
#  718|   	# add a copy of source PGP signing public keys if available in keys/pgp/<fingerprint>.asc

Error: SHELLCHECK_WARNING (CWE-88): [#def39]
/usr/bin/makepkg:720:13: error[SC2068]: Double quote array expansions to avoid re-splitting elements.
#  718|   	# add a copy of source PGP signing public keys if available in keys/pgp/<fingerprint>.asc
#  719|   	local key
#  720|-> 	for key in ${validpgpkeys[@]}; do
#  721|   		if [[ -f keys/pgp/$key.asc ]]; then
#  722|   			mkdir -p "${srclinks}/${pkgbase}/keys/pgp/"

Error: SHELLCHECK_WARNING (CWE-457): [#def40]
/usr/bin/makepkg:720:13: warning[SC2154]: validpgpkeys is referenced but not assigned.
#  718|   	# add a copy of source PGP signing public keys if available in keys/pgp/<fingerprint>.asc
#  719|   	local key
#  720|-> 	for key in ${validpgpkeys[@]}; do
#  721|   		if [[ -f keys/pgp/$key.asc ]]; then
#  722|   			mkdir -p "${srclinks}/${pkgbase}/keys/pgp/"

Error: SHELLCHECK_WARNING (CWE-571): [#def41]
/usr/bin/makepkg:728:8: warning[SC2155]: Declare and assign separately to avoid masking return values.
#  726|   
#  727|   
#  728|-> 	local fullver=$(get_full_version)
#  729|   	local pkg_file="$SRCPKGDEST/${pkgbase}-${fullver}${SRCEXT}"
#  730|   

Error: SHELLCHECK_WARNING (CWE-670): [#def42]
/usr/bin/makepkg:757:56: warning[SC2128]: Expanding an array without an index only gives the first element.
#  755|   
#  756|   	if (( ! SPLITPKG )); then
#  757|-> 		msg "$(gettext "Installing package %s with %s...")" "$pkgname" "$PACMAN -U"
#  758|   	else
#  759|   		msg "$(gettext "Installing %s package group with %s...")" "$pkgbase" "$PACMAN -U"

Error: SHELLCHECK_WARNING (CWE-88): [#def43]
/usr/bin/makepkg:766:13: error[SC2068]: Double quote array expansions to avoid re-splitting elements.
#  764|   	(( NEEDED )) && pkglist+=('--needed')
#  765|   
#  766|-> 	for pkg in ${pkgname[@]}; do
#  767|   		fullver=$(get_full_version)
#  768|   		pkgarch=$(get_pkg_arch $pkg)

Error: SHELLCHECK_WARNING (CWE-670): [#def44]
/usr/bin/makepkg:787:21: warning[SC2128]: Expanding an array without an index only gives the first element.
#  785|   		fullver=$(get_full_version)
#  786|   		pkgarch=$(get_pkg_arch)
#  787|-> 		if [[ -f $PKGDEST/${pkgname}-${fullver}-${pkgarch}${PKGEXT} ]] \
#  788|   				 && ! (( FORCE || SOURCEONLY || NOBUILD || NOARCHIVE)); then
#  789|   			if (( INSTALL )); then

Error: SHELLCHECK_WARNING (CWE-88): [#def45]
/usr/bin/makepkg:801:14: error[SC2068]: Double quote array expansions to avoid re-splitting elements.
#  799|   		allpkgbuilt=1
#  800|   		somepkgbuilt=0
#  801|-> 		for pkg in ${pkgname[@]}; do
#  802|   			fullver=$(get_full_version)
#  803|   			pkgarch=$(get_pkg_arch $pkg)

Error: SHELLCHECK_WARNING (CWE-88): [#def46]
/usr/bin/makepkg:831:13: error[SC2068]: Double quote array expansions to avoid re-splitting elements.
#  829|   backup_package_variables() {
#  830|   	local var
#  831|-> 	for var in ${pkgbuild_schema_package_overrides[@]}; do
#  832|   		local indirect="${var}_backup"
#  833|   		eval "${indirect}=(\"\${$var[@]}\")"

Error: SHELLCHECK_WARNING (CWE-457): [#def47]
/usr/bin/makepkg:831:13: warning[SC2154]: pkgbuild_schema_package_overrides is referenced but not assigned.
#  829|   backup_package_variables() {
#  830|   	local var
#  831|-> 	for var in ${pkgbuild_schema_package_overrides[@]}; do
#  832|   		local indirect="${var}_backup"
#  833|   		eval "${indirect}=(\"\${$var[@]}\")"

Error: SHELLCHECK_WARNING (CWE-398): [#def48]
/usr/bin/makepkg:833:27: error[SC1087]: Use braces when expanding arrays, e.g. ${array[idx]} (or ${var}[.. to quiet).
#  831|   	for var in ${pkgbuild_schema_package_overrides[@]}; do
#  832|   		local indirect="${var}_backup"
#  833|-> 		eval "${indirect}=(\"\${$var[@]}\")"
#  834|   	done
#  835|   }

Error: SHELLCHECK_WARNING (CWE-88): [#def49]
/usr/bin/makepkg:839:13: error[SC2068]: Double quote array expansions to avoid re-splitting elements.
#  837|   restore_package_variables() {
#  838|   	local var
#  839|-> 	for var in ${pkgbuild_schema_package_overrides[@]}; do
#  840|   		local indirect="${var}_backup"
#  841|   		if [[ -n ${!indirect} ]]; then

Error: SHELLCHECK_WARNING (CWE-398): [#def50]
/usr/bin/makepkg:842:23: error[SC1087]: Use braces when expanding arrays, e.g. ${array[idx]} (or ${var}[.. to quiet).
#  840|   		local indirect="${var}_backup"
#  841|   		if [[ -n ${!indirect} ]]; then
#  842|-> 			eval "${var}=(\"\${$indirect[@]}\")"
#  843|   		else
#  844|   			unset ${var}

Error: SHELLCHECK_WARNING (CWE-670): [#def51]
/usr/bin/makepkg:850:28: warning[SC2128]: Expanding an array without an index only gives the first element.
#  848|   
#  849|   run_single_packaging() {
#  850|-> 	local pkgdir="$pkgdirbase/$pkgname"
#  851|   	mkdir "$pkgdir"
#  852|   	if [[ -n $1 ]] || (( PKGFUNC )); then

Error: SHELLCHECK_WARNING (CWE-456): [#def52]
/usr/bin/makepkg:864:30: warning[SC2209]: Use var=$(command) to assign output (or quote to assign string).
#  862|   	# We might run this function when we only have package_pkgname
#  863|   	# and we don't want that marked as a split package
#  864|-> 	(( ${#pkgname[@]} > 1 )) && pkgtype=split
#  865|   	backup_package_variables
#  866|   	for pkgname in ${pkgname_backup[@]}; do

Error: SHELLCHECK_WARNING (CWE-88): [#def53]
/usr/bin/makepkg:866:17: error[SC2068]: Double quote array expansions to avoid re-splitting elements.
#  864|   	(( ${#pkgname[@]} > 1 )) && pkgtype=split
#  865|   	backup_package_variables
#  866|-> 	for pkgname in ${pkgname_backup[@]}; do
#  867|   		run_single_packaging $pkgname
#  868|   		restore_package_variables

Error: SHELLCHECK_WARNING (CWE-563): [#def54]
/usr/bin/makepkg:983:28: warning[SC2034]: MAKEPKG_CONF appears unused. Verify use (or export if used externally).
#  981|   		-C|--cleanbuild)  CLEANBUILD=1 ;;
#  982|   		--check)          RUN_CHECK='y' ;;
#  983|-> 		--config)         shift; MAKEPKG_CONF=$1 ;;
#  984|   		-d|--nodeps)      NODEPS=1 ;;
#  985|   		-D|--dir)         shift; CHDIR=$1 ;;

Error: SHELLCHECK_WARNING (CWE-563): [#def55]
/usr/bin/makepkg:991:21: warning[SC2034]: HOLDVER appears unused. Verify use (or export if used externally).
#  989|   		# generating integrity checks does not depend on architecture
#  990|   		-g|--geninteg)    BUILDPKG=0 GENINTEG=1 IGNOREARCH=1;;
#  991|-> 		--holdver)        HOLDVER=1 ;;
#  992|   		-i|--install)     INSTALL=1 ;;
#  993|   		--key)            shift; GPGKEY=$1 ;;

Error: SHELLCHECK_WARNING (CWE-571): [#def56]
/usr/bin/makepkg:1037:12: warning[SC2155]: Declare and assign separately to avoid masking return values.
# 1035|   fi
# 1036|   
# 1037|-> declare -r startdir="$(pwd -P)"
# 1038|   
# 1039|   # setup signal traps

Error: SHELLCHECK_WARNING (CWE-569): [#def57]
/usr/bin/makepkg:1042:18: warning[SC2064]: Use single quotes, otherwise this expands now rather than when signalled.
# 1040|   trap 'clean_up' 0
# 1041|   for signal in TERM HUP QUIT; do
# 1042|-> 	trap "trap_exit $signal \"$(gettext "%s signal caught. Exiting...")\" \"$signal\"" "$signal"
# 1043|   done
# 1044|   trap 'trap_exit INT "$(gettext "Aborted by user! Exiting...")"' INT

Error: SHELLCHECK_WARNING (CWE-569): [#def58]
/usr/bin/makepkg:1042:28: warning[SC2064]: Use single quotes, otherwise this expands now rather than when signalled.
# 1040|   trap 'clean_up' 0
# 1041|   for signal in TERM HUP QUIT; do
# 1042|-> 	trap "trap_exit $signal \"$(gettext "%s signal caught. Exiting...")\" \"$signal\"" "$signal"
# 1043|   done
# 1044|   trap 'trap_exit INT "$(gettext "Aborted by user! Exiting...")"' INT

Error: SHELLCHECK_WARNING (CWE-569): [#def59]
/usr/bin/makepkg:1042:74: warning[SC2064]: Use single quotes, otherwise this expands now rather than when signalled.
# 1040|   trap 'clean_up' 0
# 1041|   for signal in TERM HUP QUIT; do
# 1042|-> 	trap "trap_exit $signal \"$(gettext "%s signal caught. Exiting...")\" \"$signal\"" "$signal"
# 1043|   done
# 1044|   trap 'trap_exit INT "$(gettext "Aborted by user! Exiting...")"' INT

Error: SHELLCHECK_WARNING (CWE-563): [#def60]
/usr/bin/makepkg:1102:2: warning[SC2034]: IGNOREARCH appears unused. Verify use (or export if used externally).
# 1100|   	# If we're only making a source tarball, then we need to ignore architecture-
# 1101|   	# dependent behavior.
# 1102|-> 	IGNOREARCH=1
# 1103|   fi
# 1104|   

Error: SHELLCHECK_WARNING (CWE-457): [#def61]
/usr/bin/makepkg:1123:16: warning[SC2154]: pkgbuild_schema_strings is referenced but not assigned.
# 1121|   fi
# 1122|   
# 1123|-> unset pkgname "${pkgbuild_schema_strings[@]}" "${pkgbuild_schema_arrays[@]}"
# 1124|   unset "${known_hash_algos[@]/%/sums}"
# 1125|   unset -f pkgver verify prepare build check package "${!package_@}"

Error: SHELLCHECK_WARNING (CWE-457): [#def62]
/usr/bin/makepkg:1123:48: warning[SC2154]: pkgbuild_schema_arrays is referenced but not assigned.
# 1121|   fi
# 1122|   
# 1123|-> unset pkgname "${pkgbuild_schema_strings[@]}" "${pkgbuild_schema_arrays[@]}"
# 1124|   unset "${known_hash_algos[@]/%/sums}"
# 1125|   unset -f pkgver verify prepare build check package "${!package_@}"

Error: SHELLCHECK_WARNING (CWE-457): [#def63]
/usr/bin/makepkg:1124:8: warning[SC2154]: known_hash_algos is referenced but not assigned.
# 1122|   
# 1123|   unset pkgname "${pkgbuild_schema_strings[@]}" "${pkgbuild_schema_arrays[@]}"
# 1124|-> unset "${known_hash_algos[@]/%/sums}"
# 1125|   unset -f pkgver verify prepare build check package "${!package_@}"
# 1126|   unset "${!makedepends_@}" "${!depends_@}" "${!source_@}" "${!checkdepends_@}"

Error: SHELLCHECK_WARNING (CWE-670): [#def64]
/usr/bin/makepkg:1191:54: warning[SC2128]: Expanding an array without an index only gives the first element.
# 1189|   fi
# 1190|   
# 1191|-> if (( ${#pkgname[@]} > 1 )) || have_function package_${pkgname}; then
# 1192|   	SPLITPKG=1
# 1193|   fi

Error: SHELLCHECK_WARNING (CWE-140): [#def65]
/usr/bin/makepkg:1314:21: warning[SC2207]: Prefer mapfile or read -a to split command output (or quote to avoid splitting).
# 1312|   else
# 1313|   	if (( RMDEPS && ! INSTALL )); then
# 1314|-> 		original_pkglist=($(run_pacman -Qq))    # required by remove_dep
# 1315|   	fi
# 1316|   	deperr=0

Error: SHELLCHECK_WARNING (CWE-88): [#def66]
/usr/bin/makepkg:1319:15: error[SC2068]: Double quote array expansions to avoid re-splitting elements.
# 1317|   
# 1318|   	msg "$(gettext "Checking runtime dependencies...")"
# 1319|-> 	resolve_deps ${depends[@]} || deperr=1
# 1320|   
# 1321|   	if (( RMDEPS && INSTALL )); then

Error: SHELLCHECK_WARNING (CWE-140): [#def67]
/usr/bin/makepkg:1322:21: warning[SC2207]: Prefer mapfile or read -a to split command output (or quote to avoid splitting).
# 1320|   
# 1321|   	if (( RMDEPS && INSTALL )); then
# 1322|-> 		original_pkglist=($(run_pacman -Qq))    # required by remove_dep
# 1323|   	fi
# 1324|   

Error: SHELLCHECK_WARNING (CWE-140): [#def68]
/usr/bin/makepkg:1333:20: warning[SC2207]: Prefer mapfile or read -a to split command output (or quote to avoid splitting).
# 1331|   
# 1332|   	if (( RMDEPS )); then
# 1333|-> 		current_pkglist=($(run_pacman -Qq))    # required by remove_deps
# 1334|   	fi
# 1335|   

Error: SHELLCHECK_WARNING (CWE-571): [#def69]
/usr/bin/pacman-db-upgrade:73:8: warning[SC2155]: Declare and assign separately to avoid masking return values.
#   71|   
#   72|   resolve_dir() {
#   73|-> 	local d="$(cd "$1"; pwd -P)"
#   74|   	[[ $d == */ ]] || d+=/
#   75|   	printf "%s" "$d"

Error: SHELLCHECK_WARNING (CWE-156): [#def70]
/usr/bin/pacman-key:58:69: warning[SC2046]: Quote this to prevent word splitting.
#   56|   	printf "pacman-key (pacman) %s\n" ${myver}
#   57|   	echo
#   58|-> 	printf -- "$(gettext "Usage: %s [options] operation [targets]")\n" $(basename $0)
#   59|   	echo
#   60|   	printf -- "$(gettext "Manage pacman's list of trusted keys")\n"

Error: SHELLCHECK_WARNING (CWE-563): [#def71]
/usr/bin/pacman-key:222:17: warning[SC2034]: keyserv appears unused. Verify use (or export if used externally).
#  220|   
#  221|   initialize() {
#  222|-> 	local conffile keyserv
#  223|   	# Check for simple existence rather than for a directory as someone
#  224|   	# may want to use a symlink here

Error: SHELLCHECK_WARNING (CWE-277): [#def72]
/usr/bin/pacman-key:225:45: warning[SC2174]: When used with -p, -m only applies to the deepest directory.
#  223|   	# Check for simple existence rather than for a directory as someone
#  224|   	# may want to use a symlink here
#  225|-> 	[[ -e ${PACMAN_KEYRING_DIR} ]] || mkdir -p -m 755 "${PACMAN_KEYRING_DIR}"
#  226|   
#  227|   	# keyring files

Error: SHELLCHECK_WARNING (CWE-571): [#def73]
/usr/bin/pacman-key:243:8: warning[SC2155]: Declare and assign separately to avoid masking return values.
#  241|   	add_gpg_conf_option "$conffile" 'keyserver-options' 'import-clean'
#  242|   
#  243|-> 	local gpg_ver=$(gpg --version | awk '{print $3; exit}')
#  244|   	if (( $(vercmp "$gpg_ver" 2.2.17) >= 0 )); then
#  245|   		add_gpg_conf_option "$conffile" 'keyserver-options' 'no-self-sigs-only'

Error: SHELLCHECK_WARNING (CWE-563): [#def74]
/usr/bin/pacman-key:313:8: warning[SC2034]: keys appears unused. Verify use (or export if used externally).
#  311|   
#  312|   	# Variable used for iterating on keyrings
#  313|-> 	local keys key_id
#  314|   
#  315|   	# Add keys from requested keyrings

Error: SHELLCHECK_WARNING (CWE-563): [#def75]
/usr/bin/repo-add:28:12: warning[SC2034]: confdir appears unused. Verify use (or export if used externally).
#   26|   
#   27|   declare -r myver='7.0.0'
#   28|-> declare -r confdir='/etc'
#   29|   
#   30|   MAKEPKG_LIBRARY=${MAKEPKG_LIBRARY:-'/usr/share/makepkg'}

Error: SHELLCHECK_WARNING (CWE-563): [#def76]
/usr/bin/repo-add:196:8: warning[SC2034]: junk appears unused. Verify use (or export if used externally).
#  194|   
#  195|   verify_repo_extension() {
#  196|-> 	local junk=()
#  197|   	if [[ $1 = *.db.tar* ]] && get_compression_command "$1" junk; then
#  198|   		return 0

Error: SHELLCHECK_WARNING (CWE-457): [#def77]
/usr/bin/repo-add:224:22: warning[SC2154]: group is referenced but not assigned.
#  222|   		declare "$var=${val//+([[:space:]])/ }"
#  223|   		case $var in
#  224|-> 			group) _groups+=("$group") ;;
#  225|   			license) _licenses+=("$license") ;;
#  226|   			replaces) _replaces+=("$replaces") ;;

Error: SHELLCHECK_WARNING (CWE-457): [#def78]
/usr/bin/repo-add:225:26: warning[SC2154]: license is referenced but not assigned (did you mean '_licenses'?).
#  223|   		case $var in
#  224|   			group) _groups+=("$group") ;;
#  225|-> 			license) _licenses+=("$license") ;;
#  226|   			replaces) _replaces+=("$replaces") ;;
#  227|   			depend) _depends+=("$depend") ;;

Error: SHELLCHECK_WARNING (CWE-457): [#def79]
/usr/bin/repo-add:226:27: warning[SC2154]: replaces is referenced but not assigned (did you mean '_replaces'?).
#  224|   			group) _groups+=("$group") ;;
#  225|   			license) _licenses+=("$license") ;;
#  226|-> 			replaces) _replaces+=("$replaces") ;;
#  227|   			depend) _depends+=("$depend") ;;
#  228|   			conflict) _conflicts+=("$conflict") ;;

Error: SHELLCHECK_WARNING (CWE-457): [#def80]
/usr/bin/repo-add:227:24: warning[SC2154]: depend is referenced but not assigned (did you mean '_depends'?).
#  225|   			license) _licenses+=("$license") ;;
#  226|   			replaces) _replaces+=("$replaces") ;;
#  227|-> 			depend) _depends+=("$depend") ;;
#  228|   			conflict) _conflicts+=("$conflict") ;;
#  229|   			provides) _provides+=("$provides") ;;

Error: SHELLCHECK_WARNING (CWE-457): [#def81]
/usr/bin/repo-add:228:28: warning[SC2154]: conflict is referenced but not assigned (did you mean '_conflicts'?).
#  226|   			replaces) _replaces+=("$replaces") ;;
#  227|   			depend) _depends+=("$depend") ;;
#  228|-> 			conflict) _conflicts+=("$conflict") ;;
#  229|   			provides) _provides+=("$provides") ;;
#  230|   			optdepend) _optdepends+=("$optdepend") ;;

Error: SHELLCHECK_WARNING (CWE-457): [#def82]
/usr/bin/repo-add:229:27: warning[SC2154]: provides is referenced but not assigned (did you mean '_provides'?).
#  227|   			depend) _depends+=("$depend") ;;
#  228|   			conflict) _conflicts+=("$conflict") ;;
#  229|-> 			provides) _provides+=("$provides") ;;
#  230|   			optdepend) _optdepends+=("$optdepend") ;;
#  231|   			makedepend) _makedepends+=("$makedepend") ;;

Error: SHELLCHECK_WARNING (CWE-457): [#def83]
/usr/bin/repo-add:230:30: warning[SC2154]: optdepend is referenced but not assigned (did you mean '_optdepends'?).
#  228|   			conflict) _conflicts+=("$conflict") ;;
#  229|   			provides) _provides+=("$provides") ;;
#  230|-> 			optdepend) _optdepends+=("$optdepend") ;;
#  231|   			makedepend) _makedepends+=("$makedepend") ;;
#  232|   			checkdepend) _checkdepends+=("$checkdepend") ;;

Error: SHELLCHECK_WARNING (CWE-457): [#def84]
/usr/bin/repo-add:231:32: warning[SC2154]: makedepend is referenced but not assigned (did you mean '_makedepends'?).
#  229|   			provides) _provides+=("$provides") ;;
#  230|   			optdepend) _optdepends+=("$optdepend") ;;
#  231|-> 			makedepend) _makedepends+=("$makedepend") ;;
#  232|   			checkdepend) _checkdepends+=("$checkdepend") ;;
#  233|   		esac

Error: SHELLCHECK_WARNING (CWE-457): [#def85]
/usr/bin/repo-add:232:34: warning[SC2154]: checkdepend is referenced but not assigned (did you mean '_checkdepends'?).
#  230|   			optdepend) _optdepends+=("$optdepend") ;;
#  231|   			makedepend) _makedepends+=("$makedepend") ;;
#  232|-> 			checkdepend) _checkdepends+=("$checkdepend") ;;
#  233|   		esac
#  234|   	done< <(bsdtar -xOqf "$pkgfile" .PKGINFO)

Error: SHELLCHECK_WARNING (CWE-571): [#def86]
/usr/bin/repo-add:251:10: warning[SC2155]: Declare and assign separately to avoid masking return values.
#  249|   		if [[ -n $pkgentry ]]; then
#  250|   
#  251|-> 			local version=$(sed -n '/^%VERSION%$/ {n;p;q}' "$pkgentry/desc")
#  252|   			if (( $(vercmp "$version" "$pkgver") > 0 )); then
#  253|   				warning "$(gettext "A newer version for '%s' is already present in database")" "$pkgname"

Error: SHELLCHECK_WARNING (CWE-571): [#def87]
/usr/bin/repo-add:259:11: warning[SC2155]: Declare and assign separately to avoid masking return values.
#  257|   			fi
#  258|   			if (( RMEXISTING )); then
#  259|-> 				local oldfilename="$(sed -n '/^%FILENAME%$/ {n;p;q;}' "$pkgentry/desc")"
#  260|   				local oldfile="$(dirname "$1")/$oldfilename"
#  261|   			fi

Error: SHELLCHECK_WARNING (CWE-571): [#def88]
/usr/bin/repo-add:260:11: warning[SC2155]: Declare and assign separately to avoid masking return values.
#  258|   			if (( RMEXISTING )); then
#  259|   				local oldfilename="$(sed -n '/^%FILENAME%$/ {n;p;q;}' "$pkgentry/desc")"
#  260|-> 				local oldfile="$(dirname "$1")/$oldfilename"
#  261|   			fi
#  262|   		fi

Error: SHELLCHECK_WARNING (CWE-252): [#def89]
/usr/bin/repo-add:291:2: warning[SC2164]: Use 'pushd ... || exit' or 'pushd ... || return' in case pushd fails.
#  289|   
#  290|   	# create package directory
#  291|-> 	pushd "$tmpdir/db" >/dev/null
#  292|   	mkdir "$pkgname-$pkgver"
#  293|   	pushd "$pkgname-$pkgver" >/dev/null

Error: SHELLCHECK_WARNING (CWE-252): [#def90]
/usr/bin/repo-add:293:2: warning[SC2164]: Use 'pushd ... || exit' or 'pushd ... || return' in case pushd fails.
#  291|   	pushd "$tmpdir/db" >/dev/null
#  292|   	mkdir "$pkgname-$pkgver"
#  293|-> 	pushd "$pkgname-$pkgver" >/dev/null
#  294|   
#  295|   	# create desc entry

Error: SHELLCHECK_WARNING (CWE-252): [#def91]
/usr/bin/repo-add:328:2: warning[SC2164]: Use 'popd ... || exit' or 'popd ... || return' in case popd fails.
#  326|   	} >'desc'
#  327|   
#  328|-> 	popd >/dev/null
#  329|   	popd >/dev/null
#  330|   

Error: SHELLCHECK_WARNING (CWE-252): [#def92]
/usr/bin/repo-add:329:2: warning[SC2164]: Use 'popd ... || exit' or 'popd ... || return' in case popd fails.
#  327|   
#  328|   	popd >/dev/null
#  329|-> 	popd >/dev/null
#  330|   
#  331|   	# copy updated package entry into "files" database

Error: SHELLCHECK_WARNING (CWE-571): [#def93]
/usr/bin/repo-add:355:8: warning[SC2155]: Declare and assign separately to avoid masking return values.
#  353|   	local pkgname=$1
#  354|   	local notfound=1
#  355|-> 	local pkgentry=$(find_pkgentry "$pkgname")
#  356|   	while [[ -n $pkgentry ]]; do
#  357|   		notfound=0

Error: SHELLCHECK_WARNING (CWE-571): [#def94]
/usr/bin/repo-add:364:9: warning[SC2155]: Declare and assign separately to avoid masking return values.
#  362|   
#  363|   		# remove entries in "files" database
#  364|-> 		local filesentry=$(echo "$pkgentry" | sed 's/\(.*\)\/db\//\1\/files\//')
#  365|   		rm -rf "$filesentry"
#  366|   

Error: SHELLCHECK_WARNING (CWE-252): [#def95]
/usr/bin/repo-add:480:2: warning[SC2164]: Use 'pushd ... || exit' or 'pushd ... || return' in case pushd fails.
#  478|   	dirname=${LOCKFILE%/*}
#  479|   
#  480|-> 	pushd "$dirname" >/dev/null
#  481|   
#  482|   	for repo in "db" "files"; do

Error: SHELLCHECK_WARNING (CWE-252): [#def96]
/usr/bin/repo-add:518:2: warning[SC2164]: Use 'popd ... || exit' or 'popd ... || return' in case popd fails.
#  516|   	done
#  517|   
#  518|-> 	popd >/dev/null
#  519|   }
#  520|   

Error: SHELLCHECK_WARNING (CWE-252): [#def97]
/usr/bin/repo-add:530:3: warning[SC2164]: Use 'pushd ... || exit' or 'pushd ... || return' in case pushd fails.
#  528|   		tempname=$dirname/.tmp.$filename
#  529|   
#  530|-> 		pushd "$tmpdir/$repo" >/dev/null
#  531|   		local files=(*)
#  532|   		if [[ ${files[*]} = '*' ]]; then

Error: SHELLCHECK_WARNING (CWE-252): [#def98]
/usr/bin/repo-add:538:3: warning[SC2164]: Use 'popd ... || exit' or 'popd ... || return' in case popd fails.
#  536|   		fi
#  537|   		bsdtar -cf - "${files[@]}" | compress_as "$filename" > "$tempname"
#  538|-> 		popd >/dev/null
#  539|   
#  540|   		create_signature "$tempname"

Error: SHELLCHECK_WARNING (CWE-569): [#def99]
/usr/bin/repo-add:602:20: warning[SC2064]: Use single quotes, otherwise this expands now rather than when signalled.
#  600|   trap 'clean_up' EXIT
#  601|   for signal in TERM HUP QUIT; do
#  602|-> 	trap "trap_exit \"$(gettext "%s signal caught. Exiting...")\" \"$signal\"" "$signal"
#  603|   done
#  604|   trap 'trap_exit "$(gettext "Aborted by user! Exiting...")"' INT

Error: SHELLCHECK_WARNING (CWE-569): [#def100]
/usr/bin/repo-add:602:66: warning[SC2064]: Use single quotes, otherwise this expands now rather than when signalled.
#  600|   trap 'clean_up' EXIT
#  601|   for signal in TERM HUP QUIT; do
#  602|-> 	trap "trap_exit \"$(gettext "%s signal caught. Exiting...")\" \"$signal\"" "$signal"
#  603|   done
#  604|   trap 'trap_exit "$(gettext "Aborted by user! Exiting...")"' INT

Error: SHELLCHECK_WARNING (CWE-563): [#def101]
/usr/bin/repo-add:621:15: warning[SC2034]: QUIET appears unused. Verify use (or export if used externally).
#  619|   while true; do
#  620|   	case $1 in
#  621|-> 		-q|--quiet) QUIET=1;;
#  622|   		-n|--new) ONLYADDNEW=1;;
#  623|   		-R|--remove) RMEXISTING=1;;

Error: SHELLCHECK_WARNING (CWE-88): [#def102]
/usr/share/makepkg/autodep.sh:35:14: error[SC2068]: Double quote array expansions to avoid re-splitting elements.
#   33|   
#   34|   generate_autodeps() {
#   35|-> 	for func in ${autodep_functions[@]}; do
#   36|   		$func
#   37|   	done

Error: SHELLCHECK_WARNING (CWE-563): [#def103]
/usr/share/makepkg/autodep/library_depends.sh:30:9: warning[SC2034]: dep appears unused. Verify use (or export if used externally).
#   28|   library_depends() {
#   29|   	if check_option "autodeps" "y"; then
#   30|-> 		local dep filename libdeps libdir libpath prefix sofile
#   31|   		declare -a libdeps
#   32|   

Error: SHELLCHECK_WARNING (CWE-88): [#def104]
/usr/share/makepkg/autodep/library_depends.sh:53:19: error[SC2068]: Double quote array expansions to avoid re-splitting elements.
#   51|   
#   52|   				unset prefix
#   53|-> 				for libdir in ${LIB_DIRS[@]}; do
#   54|   					if [[ ${libdir/*:} == ${libpath} ]]; then
#   55|   						prefix=${libdir/:*}

Error: SHELLCHECK_WARNING (CWE-153): [#def105]
/usr/share/makepkg/autodep/library_depends.sh:54:28: warning[SC2053]: Quote the right-hand side of == in [[ ]] to prevent glob matching.
#   52|   				unset prefix
#   53|   				for libdir in ${LIB_DIRS[@]}; do
#   54|-> 					if [[ ${libdir/*:} == ${libpath} ]]; then
#   55|   						prefix=${libdir/:*}
#   56|   					fi

Error: SHELLCHECK_WARNING (CWE-457): [#def106]
/usr/share/makepkg/autodep/library_depends.sh:71:18: warning[SC2154]: pkgdir is referenced but not assigned.
#   69|   			done
#   70|   
#   71|-> 		done < <(find "$pkgdir" -type f -perm -u+x -print0)
#   72|   
#   73|   		depends+=($(printf '%s\n' "${libdeps[@]}" | LC_ALL=C sort -u))

Error: SHELLCHECK_WARNING (CWE-140): [#def107]
/usr/share/makepkg/autodep/library_depends.sh:73:13: warning[SC2207]: Prefer mapfile or read -a to split command output (or quote to avoid splitting).
#   71|   		done < <(find "$pkgdir" -type f -perm -u+x -print0)
#   72|   
#   73|-> 		depends+=($(printf '%s\n' "${libdeps[@]}" | LC_ALL=C sort -u))
#   74|   	fi
#   75|   }

Error: SHELLCHECK_WARNING (CWE-88): [#def108]
/usr/share/makepkg/autodep/library_provides.sh:30:14: error[SC2068]: Double quote array expansions to avoid re-splitting elements.
#   28|   library_provides() {
#   29|   	if check_option "autodeps" "y"; then
#   30|-> 		for lib in ${LIB_DIRS[@]}; do
#   31|   			dir=${lib/*:}
#   32|   			prefix=${lib/:*}

Error: SHELLCHECK_WARNING (CWE-457): [#def109]
/usr/share/makepkg/autodep/library_provides.sh:34:16: warning[SC2154]: pkgdir is referenced but not assigned.
#   32|   			prefix=${lib/:*}
#   33|   
#   34|-> 			if [[ ! -d "$pkgdir/$dir" ]]; then
#   35|   				continue;
#   36|   			fi

Error: SHELLCHECK_WARNING (CWE-571): [#def110]
/usr/share/makepkg/autodep/library_provides.sh:44:12: warning[SC2155]: Declare and assign separately to avoid masking return values.
#   42|   				if LC_ALL=C readelf -h "$fn" 2>/dev/null | grep -q '.*Type:.*DYN (Shared object file).*'; then
#   43|   					# extract library soname
#   44|-> 					local sofile=$(LC_ALL=C readelf -d "$fn" 2>/dev/null | sed -n 's/.*Library soname: \[\(.*\)\].*/\1/p')
#   45|   
#   46|   					if [[ -z "$sofile" ]]; then

Error: SHELLCHECK_WARNING (CWE-563): [#def111]
/usr/share/makepkg/buildenv.sh:34:46: warning[SC2034]: build_options appears unused. Verify use (or export if used externally).
#   32|   done
#   33|   
#   34|-> readonly -a buildenv_functions buildenv_vars build_options
#   35|   
#   36|   prepare_buildenv() {

Error: SHELLCHECK_WARNING (CWE-88): [#def112]
/usr/share/makepkg/buildenv.sh:40:14: error[SC2068]: Double quote array expansions to avoid re-splitting elements.
#   38|   	buildenv_buildflags
#   39|   
#   40|-> 	for func in ${buildenv_functions[@]}; do
#   41|   		$func
#   42|   	done

Error: SHELLCHECK_WARNING (CWE-88): [#def113]
/usr/share/makepkg/buildenv.sh:45:9: error[SC2068]: Double quote array expansions to avoid re-splitting elements.
#   43|   
#   44|   	# ensure all necessary build variables are exported
#   45|-> 	export ${buildenv_vars[@]} CHOST MAKEFLAGS
#   46|   }

Error: SHELLCHECK_WARNING (CWE-88): [#def114]
/usr/share/makepkg/buildenv/buildflags.sh:32:9: error[SC2068]: Double quote array expansions to avoid re-splitting elements.
#   30|   buildenv_buildflags() {
#   31|   	if check_option "buildflags" "n"; then
#   32|-> 		unset ${buildenv_vars[@]}
#   33|   	fi
#   34|   }

Error: SHELLCHECK_WARNING (CWE-457): [#def115]
/usr/share/makepkg/buildenv/buildflags.sh:32:9: warning[SC2154]: buildenv_vars is referenced but not assigned.
#   30|   buildenv_buildflags() {
#   31|   	if check_option "buildflags" "n"; then
#   32|-> 		unset ${buildenv_vars[@]}
#   33|   	fi
#   34|   }

Error: SHELLCHECK_WARNING (CWE-457): [#def116]
/usr/share/makepkg/buildenv/compiler.sh:50:27: warning[SC2154]: srcdir is referenced but not assigned.
#   48|   				export CCACHE_PREFIX="${CCACHE_PREFIX:+$CCACHE_PREFIX }distcc"
#   49|   			fi
#   50|-> 			export CCACHE_BASEDIR="$srcdir"
#   51|   		elif [[ -d /usr/lib/distcc/bin ]]; then
#   52|   			export PATH="/usr/lib/distcc/bin:$PATH"

Error: SHELLCHECK_WARNING (CWE-457): [#def117]
/usr/share/makepkg/buildenv/debugflags.sh:34:47: warning[SC2154]: srcdir is referenced but not assigned.
#   32|   buildenv_debugflags() {
#   33|   	if check_option "debug" "y" && ! check_option "buildflags" "n"; then
#   34|-> 		append_once DEBUG_CFLAGS "-ffile-prefix-map=$srcdir=${DBGSRCDIR:-/usr/src/debug}/${pkgbase}"
#   35|   		append_once DEBUG_CXXFLAGS "-ffile-prefix-map=$srcdir=${DBGSRCDIR:-/usr/src/debug}/${pkgbase}"
#   36|   		append_once CFLAGS "$DEBUG_CFLAGS"

Error: SHELLCHECK_WARNING (CWE-457): [#def118]
/usr/share/makepkg/buildenv/debugflags.sh:34:84: warning[SC2154]: pkgbase is referenced but not assigned.
#   32|   buildenv_debugflags() {
#   33|   	if check_option "debug" "y" && ! check_option "buildflags" "n"; then
#   34|-> 		append_once DEBUG_CFLAGS "-ffile-prefix-map=$srcdir=${DBGSRCDIR:-/usr/src/debug}/${pkgbase}"
#   35|   		append_once DEBUG_CXXFLAGS "-ffile-prefix-map=$srcdir=${DBGSRCDIR:-/usr/src/debug}/${pkgbase}"
#   36|   		append_once CFLAGS "$DEBUG_CFLAGS"

Error: SHELLCHECK_WARNING (CWE-457): [#def119]
/usr/share/makepkg/buildenv/fortran.sh:34:47: warning[SC2154]: srcdir is referenced but not assigned.
#   32|   buildenv_fortran() {
#   33|   	if check_option "debug" "y" && ! check_option "buildflags" "n"; then
#   34|-> 		append_once DEBUG_FFLAGS "-ffile-prefix-map=$srcdir=${DBGSRCDIR:-/usr/src/debug}/${pkgbase}"
#   35|   		append_once FFLAGS "$DEBUG_FFLAGS"
#   36|   		append_once FCFLAGS "$DEBUG_FFLAGS"

Error: SHELLCHECK_WARNING (CWE-457): [#def120]
/usr/share/makepkg/buildenv/fortran.sh:34:84: warning[SC2154]: pkgbase is referenced but not assigned.
#   32|   buildenv_fortran() {
#   33|   	if check_option "debug" "y" && ! check_option "buildflags" "n"; then
#   34|-> 		append_once DEBUG_FFLAGS "-ffile-prefix-map=$srcdir=${DBGSRCDIR:-/usr/src/debug}/${pkgbase}"
#   35|   		append_once FFLAGS "$DEBUG_FFLAGS"
#   36|   		append_once FCFLAGS "$DEBUG_FFLAGS"

Error: SHELLCHECK_WARNING (CWE-457): [#def121]
/usr/share/makepkg/buildenv/rust.sh:34:52: warning[SC2154]: srcdir is referenced but not assigned.
#   32|   buildenv_rust() {
#   33|   	if check_option "debug" "y" && ! check_option "buildflags" "n"; then
#   34|-> 		append_once DEBUG_RUSTFLAGS "--remap-path-prefix=$srcdir=${DBGSRCDIR:-/usr/src/debug}/${pkgbase}"
#   35|   		append_once RUSTFLAGS "$DEBUG_RUSTFLAGS"
#   36|   	fi

Error: SHELLCHECK_WARNING (CWE-457): [#def122]
/usr/share/makepkg/buildenv/rust.sh:34:89: warning[SC2154]: pkgbase is referenced but not assigned.
#   32|   buildenv_rust() {
#   33|   	if check_option "debug" "y" && ! check_option "buildflags" "n"; then
#   34|-> 		append_once DEBUG_RUSTFLAGS "--remap-path-prefix=$srcdir=${DBGSRCDIR:-/usr/src/debug}/${pkgbase}"
#   35|   		append_once RUSTFLAGS "$DEBUG_RUSTFLAGS"
#   36|   	fi

Error: SHELLCHECK_WARNING (CWE-88): [#def123]
/usr/share/makepkg/executable.sh:37:14: error[SC2068]: Double quote array expansions to avoid re-splitting elements.
#   35|   	local ret=0
#   36|   
#   37|-> 	for func in ${executable_functions[@]}; do
#   38|   		$func || ret=1
#   39|   	done

Error: SHELLCHECK_WARNING (CWE-457): [#def124]
/usr/share/makepkg/executable/vcs.sh:68:27: warning[SC2154]: pkg is referenced but not assigned.
#   66|   	# we currently only use global depends/makedepends arrays for --syncdeps
#   67|   	for attr in depends makedepends; do
#   68|-> 		get_pkgbuild_attribute "$pkg" "$attr" 1 'deps'
#   69|   		all_deps+=("${deps[@]}")
#   70|   

Error: SHELLCHECK_WARNING (CWE-88): [#def125]
/usr/share/makepkg/executable/vcs.sh:76:17: error[SC2068]: Double quote array expansions to avoid re-splitting elements.
#   74|   
#   75|   	get_all_sources_for_arch 'all_sources'
#   76|-> 	for netfile in ${all_sources[@]}; do
#   77|   		local proto=$(get_protocol "$netfile")
#   78|   

Error: SHELLCHECK_WARNING (CWE-571): [#def126]
/usr/share/makepkg/executable/vcs.sh:77:9: warning[SC2155]: Declare and assign separately to avoid masking return values.
#   75|   	get_all_sources_for_arch 'all_sources'
#   76|   	for netfile in ${all_sources[@]}; do
#   77|-> 		local proto=$(get_protocol "$netfile")
#   78|   
#   79|   		case $proto in

Error: SHELLCHECK_WARNING (CWE-88): [#def127]
/usr/share/makepkg/executable/vcs.sh:89:31: error[SC2068]: Double quote array expansions to avoid re-splitting elements.
#   87|   					# if not installed, check presence in depends or makedepends
#   88|   					if [[ -n "$uninstalled" ]] && (( ! NODEPS || ( VERIFYSOURCE && !DEP_BIN ) )); then
#   89|-> 						if ! in_array "$client" ${all_deps[@]}; then
#   90|   							error "$(gettext "Cannot find the %s package needed to handle %s sources.")" \
#   91|   									"$client" "${proto%%+*}"

Error: SHELLCHECK_WARNING (CWE-457): [#def128]
/usr/share/makepkg/integrity/generate_checksum.sh:103:27: warning[SC2154]: known_hash_algos is referenced but not assigned.
#  101|   	local integ
#  102|   	for integ in "${integlist[@]}"; do
#  103|-> 		if ! in_array "$integ" "${known_hash_algos[@]}"; then
#  104|   			error "$(gettext "Invalid integrity algorithm '%s' specified.")" "$integ"
#  105|   			exit 1 # $E_CONFIG_ERROR

Error: SHELLCHECK_WARNING (CWE-571): [#def129]
/usr/share/makepkg/integrity/generate_signature.sh:56:8: warning[SC2155]: Declare and assign separately to avoid masking return values.
#   54|   	fi
#   55|   	local pkg pkgarch pkg_file
#   56|-> 	local fullver=$(get_full_version)
#   57|   
#   58|   	msg "$(gettext "Signing package(s)...")"

Error: SHELLCHECK_WARNING (CWE-457): [#def130]
/usr/share/makepkg/integrity/generate_signature.sh:60:14: warning[SC2154]: pkgname is referenced but not assigned.
#   58|   	msg "$(gettext "Signing package(s)...")"
#   59|   
#   60|-> 	for pkg in "${pkgname[@]}"; do
#   61|   		pkgarch=$(get_pkg_arch $pkg)
#   62|   		pkg_file="$PKGDEST/${pkg}-${fullver}-${pkgarch}${PKGEXT}"

Error: SHELLCHECK_WARNING (CWE-457): [#def131]
/usr/share/makepkg/integrity/generate_signature.sh:69:7: warning[SC2154]: pkgbase is referenced but not assigned.
#   67|   	# check if debug package needs a signature
#   68|   	if check_option "debug" "y" && check_option "strip" "y"; then
#   69|-> 		pkg=$pkgbase-debug
#   70|   		pkgarch=$(get_pkg_arch)
#   71|   		pkg_file="$PKGDEST/${pkg}-${fullver}-${pkgarch}${PKGEXT}"

Error: SHELLCHECK_WARNING (CWE-563): [#def132]
/usr/share/makepkg/integrity/verify_checksum.sh:22:1: warning[SC2034]: LIBMAKEPKG_INTEGRITY_CHECKSUM_SH appears unused. Verify use (or export if used externally).
#   20|   
#   21|   [[ -n "$LIBMAKEPKG_INTEGRITY_VERIFY_CHECKSUM_SH" ]] && return
#   22|-> LIBMAKEPKG_INTEGRITY_CHECKSUM_SH=1
#   23|   
#   24|   MAKEPKG_LIBRARY=${MAKEPKG_LIBRARY:-'/usr/share/makepkg'}

Error: SHELLCHECK_WARNING (CWE-457): [#def133]
/usr/share/makepkg/integrity/verify_checksum.sh:38:5: warning[SC2154]: source is referenced but not assigned (did you mean 'sources'?).
#   36|   	# Initialize a map which we'll use to verify that every source array has at
#   37|   	# least some kind of checksum array associated with it.
#   38|-> 	(( ${#source[*]} )) && correlation['source']=1
#   39|   	case $1 in
#   40|   		all)

Error: SHELLCHECK_WARNING (CWE-457): [#def134]
/usr/share/makepkg/integrity/verify_checksum.sh:50:16: warning[SC2154]: known_hash_algos is referenced but not assigned.
#   48|   	esac
#   49|   
#   50|-> 	for integ in "${known_hash_algos[@]}"; do
#   51|   		verify_integrity_sums "$integ" && unset "correlation[source]"
#   52|   

Error: SHELLCHECK_WARNING (CWE-571): [#def135]
/usr/share/makepkg/integrity/verify_signature.sh:44:8: warning[SC2155]: Declare and assign separately to avoid masking return values.
#   42|   	local warnings=0
#   43|   	local errors=0
#   44|-> 	local statusfile_raw="$(mktemp)"
#   45|   	local statusfile=$(mktemp)
#   46|   	local all_sources

Error: SHELLCHECK_WARNING (CWE-571): [#def136]
/usr/share/makepkg/integrity/verify_signature.sh:45:8: warning[SC2155]: Declare and assign separately to avoid masking return values.
#   43|   	local errors=0
#   44|   	local statusfile_raw="$(mktemp)"
#   45|-> 	local statusfile=$(mktemp)
#   46|   	local all_sources
#   47|   

Error: SHELLCHECK_WARNING (CWE-457): [#def137]
/usr/share/makepkg/integrity/verify_signature.sh:90:10: warning[SC2154]: validpgpkeys is referenced but not assigned.
#   88|   			errors=1
#   89|   		else
#   90|-> 			if (( ${#validpgpkeys[@]} == 0 && !trusted )); then
#   91|   				printf "%s ($(gettext "the public key %s is not trusted"))" $(gettext "FAILED") "$fingerprint" >&2
#   92|   				errors=1

Error: SHELLCHECK_WARNING (CWE-156): [#def138]
/usr/share/makepkg/integrity/verify_signature.sh:91:65: warning[SC2046]: Quote this to prevent word splitting.
#   89|   		else
#   90|   			if (( ${#validpgpkeys[@]} == 0 && !trusted )); then
#   91|-> 				printf "%s ($(gettext "the public key %s is not trusted"))" $(gettext "FAILED") "$fingerprint" >&2
#   92|   				errors=1
#   93|   			elif (( ${#validpgpkeys[@]} > 0 )) && ! in_array "$fingerprint" "${validpgpkeys[@]}"; then

Error: SHELLCHECK_WARNING (CWE-88): [#def139]
/usr/share/makepkg/lint_config.sh:42:14: error[SC2068]: Double quote array expansions to avoid re-splitting elements.
#   40|   	local ret=0
#   41|   
#   42|-> 	for func in ${lint_config_functions[@]}; do
#   43|   		$func || ret=1
#   44|   	done

Error: SHELLCHECK_WARNING (CWE-88): [#def140]
/usr/share/makepkg/lint_config/paths.sh:37:11: error[SC2068]: Double quote array expansions to avoid re-splitting elements.
#   35|   	local i ret=0
#   36|   
#   37|-> 	for i in ${pathvars[@]}; do
#   38|   		if [[ ${!i} = *$'\n'* ]]; then
#   39|   			error "$(gettext "%s contains invalid characters: '%s'")" \

Error: SHELLCHECK_WARNING (CWE-88): [#def141]
/usr/share/makepkg/lint_config/variable.sh:43:11: error[SC2068]: Double quote array expansions to avoid re-splitting elements.
#   41|   
#   42|   	# global variables
#   43|-> 	for i in ${array[@]}; do
#   44|   		eval "keys=(\"\${!$i[@]}\")"
#   45|   		if (( ${#keys[*]} > 0 )); then

Error: SHELLCHECK_WARNING (CWE-398): [#def142]
/usr/share/makepkg/lint_config/variable.sh:44:21: error[SC1087]: Use braces when expanding arrays, e.g. ${array[idx]} (or ${var}[.. to quiet).
#   42|   	# global variables
#   43|   	for i in ${array[@]}; do
#   44|-> 		eval "keys=(\"\${!$i[@]}\")"
#   45|   		if (( ${#keys[*]} > 0 )); then
#   46|   			if ! is_array $i; then

Error: SHELLCHECK_WARNING (CWE-88): [#def143]
/usr/share/makepkg/lint_config/variable.sh:53:11: error[SC2068]: Double quote array expansions to avoid re-splitting elements.
#   51|   	done
#   52|   
#   53|-> 	for i in ${string[@]}; do
#   54|   		eval "keys=(\"\${!$i[@]}\")"
#   55|   		if (( ${#keys[*]} > 0 )); then

Error: SHELLCHECK_WARNING (CWE-398): [#def144]
/usr/share/makepkg/lint_config/variable.sh:54:21: error[SC1087]: Use braces when expanding arrays, e.g. ${array[idx]} (or ${var}[.. to quiet).
#   52|   
#   53|   	for i in ${string[@]}; do
#   54|-> 		eval "keys=(\"\${!$i[@]}\")"
#   55|   		if (( ${#keys[*]} > 0 )); then
#   56|   			if is_array $i; then

Error: SHELLCHECK_WARNING (CWE-457): [#def145]
/usr/share/makepkg/lint_package.sh:40:11: warning[SC2154]: pkgdir is referenced but not assigned.
#   38|   
#   39|   lint_package() {
#   40|-> 	cd_safe "$pkgdir"
#   41|   	msg "$(gettext "Checking for packaging issues...")"
#   42|   

Error: SHELLCHECK_WARNING (CWE-88): [#def146]
/usr/share/makepkg/lint_package.sh:44:14: error[SC2068]: Double quote array expansions to avoid re-splitting elements.
#   42|   
#   43|   	local ret=0
#   44|-> 	for func in ${lint_package_functions[@]}; do
#   45|   		$func || ret=1
#   46|   	done

Error: SHELLCHECK_WARNING (CWE-457): [#def147]
/usr/share/makepkg/lint_package/build_references.sh:34:29: warning[SC2154]: pkgdir is referenced but not assigned.
#   32|   
#   33|   	for var in srcdir pkgdir; do
#   34|-> 		mapfile -t refs < <(find "$pkgdir" -type f -exec grep -l "${!var}" {} +)
#   35|   		if  (( ${#refs} > 0 )); then
#   36|   			warning "$(gettext 'Package contains reference to %s')" "\$$var"

Error: SHELLCHECK_WARNING (CWE-571): [#def148]
/usr/share/makepkg/lint_package/dotfiles.sh:33:8: warning[SC2155]: Declare and assign separately to avoid masking return values.
#   31|   	local ret=0
#   32|   
#   33|-> 	local shellopts=$(shopt -p nullglob)
#   34|   	shopt -s nullglob
#   35|   

Error: SHELLCHECK_WARNING (CWE-457): [#def149]
/usr/share/makepkg/lint_package/dotfiles.sh:36:12: warning[SC2154]: pkgdir is referenced but not assigned.
#   34|   	shopt -s nullglob
#   35|   
#   36|-> 	for f in "$pkgdir"/.*; do
#   37|   		[[ ${f##*/} == . || ${f##*/} == .. ]] && continue
#   38|   		error "$(gettext "Dotfile found in package root '%s'")" "$f"

Error: SHELLCHECK_WARNING (CWE-457): [#def150]
/usr/share/makepkg/lint_package/file_names.sh:34:29: warning[SC2154]: pkgdir is referenced but not assigned.
#   32|   
#   33|   	# alpm's local database format does not support newlines in paths
#   34|-> 	mapfile -t paths < <(find "$pkgdir" -name \*$'\n'\*)
#   35|   	if  (( ${#paths} > 0 )); then
#   36|   		error "$(gettext 'Package contains paths with newlines')"

Error: SHELLCHECK_WARNING (CWE-457): [#def151]
/usr/share/makepkg/lint_package/missing_backup.sh:33:15: warning[SC2154]: backup is referenced but not assigned.
#   31|   warn_missing_backup() {
#   32|   	local file
#   33|-> 	for file in "${backup[@]}"; do
#   34|   		if [[ ! -f $file ]]; then
#   35|   			warning "$(gettext "%s entry file not in package : %s")" "backup" "$file"

Error: SHELLCHECK_WARNING (CWE-88): [#def152]
/usr/share/makepkg/lint_pkgbuild.sh:41:14: error[SC2068]: Double quote array expansions to avoid re-splitting elements.
#   39|   	local ret=0
#   40|   
#   41|-> 	for func in ${lint_pkgbuild_functions[@]}; do
#   42|   		$func || ret=1
#   43|   	done

Error: SHELLCHECK_WARNING (CWE-457): [#def153]
/usr/share/makepkg/lint_pkgbuild/arch.sh:36:21: warning[SC2154]: arch is referenced but not assigned.
#   34|   	local a name list ret=0
#   35|   
#   36|-> 	if in_array "any" "${arch[@]}"; then
#   37|   		if (( ${#arch[@]} == 1 )); then
#   38|   			return 0;

Error: SHELLCHECK_WARNING (CWE-457): [#def154]
/usr/share/makepkg/lint_pkgbuild/arch.sh:54:72: warning[SC2154]: pkgbase is referenced but not assigned.
#   52|   
#   53|   	if (( ! IGNOREARCH )) && ! in_array "$CARCH" "${arch[@]}"; then
#   54|-> 		error "$(gettext "%s is not available for the '%s' architecture.")" "$pkgbase" "$CARCH"
#   55|   		return 1
#   56|   	fi

Error: SHELLCHECK_WARNING (CWE-457): [#def155]
/usr/share/makepkg/lint_pkgbuild/arch.sh:58:15: warning[SC2154]: pkgname is referenced but not assigned.
#   56|   	fi
#   57|   
#   58|-> 	for name in "${pkgname[@]}"; do
#   59|   		get_pkgbuild_attribute "$name" 'arch' 1 list
#   60|   		if [[ $list && $list != 'any' ]] && ! in_array $CARCH "${list[@]}"; then

Error: SHELLCHECK_WARNING (CWE-88): [#def156]
/usr/share/makepkg/lint_pkgbuild/arch_specific.sh:39:11: error[SC2068]: Double quote array expansions to avoid re-splitting elements.
#   37|   
#   38|   	# global variables
#   39|-> 	for a in ${arch[@]}; do
#   40|   		if [[ $a == "any" ]]; then
#   41|   			for i in ${pkgbuild_schema_arch_arrays[@]}; do

Error: SHELLCHECK_WARNING (CWE-457): [#def157]
/usr/share/makepkg/lint_pkgbuild/arch_specific.sh:39:11: warning[SC2154]: arch is referenced but not assigned.
#   37|   
#   38|   	# global variables
#   39|-> 	for a in ${arch[@]}; do
#   40|   		if [[ $a == "any" ]]; then
#   41|   			for i in ${pkgbuild_schema_arch_arrays[@]}; do

Error: SHELLCHECK_WARNING (CWE-88): [#def158]
/usr/share/makepkg/lint_pkgbuild/arch_specific.sh:41:13: error[SC2068]: Double quote array expansions to avoid re-splitting elements.
#   39|   	for a in ${arch[@]}; do
#   40|   		if [[ $a == "any" ]]; then
#   41|-> 			for i in ${pkgbuild_schema_arch_arrays[@]}; do
#   42|   				if declare -p "${i}_${a}" > /dev/null 2>&1; then
#   43|   					error "$(gettext "Can not provide architecture specific variables for the '%s' architecture: %s")" "any" "${i}_${a}"

Error: SHELLCHECK_WARNING (CWE-457): [#def159]
/usr/share/makepkg/lint_pkgbuild/arch_specific.sh:41:13: warning[SC2154]: pkgbuild_schema_arch_arrays is referenced but not assigned.
#   39|   	for a in ${arch[@]}; do
#   40|   		if [[ $a == "any" ]]; then
#   41|-> 			for i in ${pkgbuild_schema_arch_arrays[@]}; do
#   42|   				if declare -p "${i}_${a}" > /dev/null 2>&1; then
#   43|   					error "$(gettext "Can not provide architecture specific variables for the '%s' architecture: %s")" "any" "${i}_${a}"

Error: SHELLCHECK_WARNING (CWE-88): [#def160]
/usr/share/makepkg/lint_pkgbuild/arch_specific.sh:49:12: error[SC2068]: Double quote array expansions to avoid re-splitting elements.
#   47|   		fi
#   48|   
#   49|-> 		for i in ${pkgbuild_schema_arrays[@]} ${pkgbuild_schema_strings[@]}; do
#   50|   			in_array "$i" ${pkgbuild_schema_arch_arrays[@]} && continue
#   51|   			v="${i}_${a}"

Error: SHELLCHECK_WARNING (CWE-457): [#def161]
/usr/share/makepkg/lint_pkgbuild/arch_specific.sh:49:12: warning[SC2154]: pkgbuild_schema_arrays is referenced but not assigned.
#   47|   		fi
#   48|   
#   49|-> 		for i in ${pkgbuild_schema_arrays[@]} ${pkgbuild_schema_strings[@]}; do
#   50|   			in_array "$i" ${pkgbuild_schema_arch_arrays[@]} && continue
#   51|   			v="${i}_${a}"

Error: SHELLCHECK_WARNING (CWE-88): [#def162]
/usr/share/makepkg/lint_pkgbuild/arch_specific.sh:49:41: error[SC2068]: Double quote array expansions to avoid re-splitting elements.
#   47|   		fi
#   48|   
#   49|-> 		for i in ${pkgbuild_schema_arrays[@]} ${pkgbuild_schema_strings[@]}; do
#   50|   			in_array "$i" ${pkgbuild_schema_arch_arrays[@]} && continue
#   51|   			v="${i}_${a}"

Error: SHELLCHECK_WARNING (CWE-457): [#def163]
/usr/share/makepkg/lint_pkgbuild/arch_specific.sh:49:41: warning[SC2154]: pkgbuild_schema_strings is referenced but not assigned.
#   47|   		fi
#   48|   
#   49|-> 		for i in ${pkgbuild_schema_arrays[@]} ${pkgbuild_schema_strings[@]}; do
#   50|   			in_array "$i" ${pkgbuild_schema_arch_arrays[@]} && continue
#   51|   			v="${i}_${a}"

Error: SHELLCHECK_WARNING (CWE-88): [#def164]
/usr/share/makepkg/lint_pkgbuild/arch_specific.sh:50:18: error[SC2068]: Double quote array expansions to avoid re-splitting elements.
#   48|   
#   49|   		for i in ${pkgbuild_schema_arrays[@]} ${pkgbuild_schema_strings[@]}; do
#   50|-> 			in_array "$i" ${pkgbuild_schema_arch_arrays[@]} && continue
#   51|   			v="${i}_${a}"
#   52|   			if declare -p "$v" > /dev/null 2>&1; then

Error: SHELLCHECK_WARNING (CWE-88): [#def165]
/usr/share/makepkg/lint_pkgbuild/arch_specific.sh:60:13: error[SC2068]: Double quote array expansions to avoid re-splitting elements.
#   58|   
#   59|   	# package function variables
#   60|-> 	for pkg in ${pkgname[@]}; do
#   61|   		for a in ${arch[@]}; do
#   62|   			if [[ $a == "any" ]]; then

Error: SHELLCHECK_WARNING (CWE-457): [#def166]
/usr/share/makepkg/lint_pkgbuild/arch_specific.sh:60:13: warning[SC2154]: pkgname is referenced but not assigned.
#   58|   
#   59|   	# package function variables
#   60|-> 	for pkg in ${pkgname[@]}; do
#   61|   		for a in ${arch[@]}; do
#   62|   			if [[ $a == "any" ]]; then

Error: SHELLCHECK_WARNING (CWE-88): [#def167]
/usr/share/makepkg/lint_pkgbuild/arch_specific.sh:61:12: error[SC2068]: Double quote array expansions to avoid re-splitting elements.
#   59|   	# package function variables
#   60|   	for pkg in ${pkgname[@]}; do
#   61|-> 		for a in ${arch[@]}; do
#   62|   			if [[ $a == "any" ]]; then
#   63|   				for i in ${pkgbuild_schema_arch_arrays[@]}; do

Error: SHELLCHECK_WARNING (CWE-88): [#def168]
/usr/share/makepkg/lint_pkgbuild/arch_specific.sh:63:14: error[SC2068]: Double quote array expansions to avoid re-splitting elements.
#   61|   		for a in ${arch[@]}; do
#   62|   			if [[ $a == "any" ]]; then
#   63|-> 				for i in ${pkgbuild_schema_arch_arrays[@]}; do
#   64|   					if exists_function_variable "package_$pkg" "${i}_${a}"; then
#   65|   						error "$(gettext "Can not provide architecture specific variables for the '%s' architecture: %s")" "any" "${i}_${a}"

Error: SHELLCHECK_WARNING (CWE-88): [#def169]
/usr/share/makepkg/lint_pkgbuild/arch_specific.sh:71:13: error[SC2068]: Double quote array expansions to avoid re-splitting elements.
#   69|   			fi
#   70|   
#   71|-> 			for i in ${pkgbuild_schema_arrays[@]} ${pkgbuild_schema_strings[@]}; do
#   72|   				in_array "$i" ${pkgbuild_schema_arch_arrays[@]} && continue
#   73|   				if exists_function_variable "package_$pkg" "${i}_${a}"; then

Error: SHELLCHECK_WARNING (CWE-88): [#def170]
/usr/share/makepkg/lint_pkgbuild/arch_specific.sh:71:42: error[SC2068]: Double quote array expansions to avoid re-splitting elements.
#   69|   			fi
#   70|   
#   71|-> 			for i in ${pkgbuild_schema_arrays[@]} ${pkgbuild_schema_strings[@]}; do
#   72|   				in_array "$i" ${pkgbuild_schema_arch_arrays[@]} && continue
#   73|   				if exists_function_variable "package_$pkg" "${i}_${a}"; then

Error: SHELLCHECK_WARNING (CWE-88): [#def171]
/usr/share/makepkg/lint_pkgbuild/arch_specific.sh:72:19: error[SC2068]: Double quote array expansions to avoid re-splitting elements.
#   70|   
#   71|   			for i in ${pkgbuild_schema_arrays[@]} ${pkgbuild_schema_strings[@]}; do
#   72|-> 				in_array "$i" ${pkgbuild_schema_arch_arrays[@]} && continue
#   73|   				if exists_function_variable "package_$pkg" "${i}_${a}"; then
#   74|   					error "$(gettext "%s can not be architecture specific: %s")" "$i" "${i}_${a}"

Error: SHELLCHECK_WARNING (CWE-457): [#def172]
/usr/share/makepkg/lint_pkgbuild/backup.sh:36:16: warning[SC2154]: backup is referenced but not assigned.
#   34|   	local list name backup_list ret=0
#   35|   
#   36|-> 	backup_list=("${backup[@]}")
#   37|   	for name in "${pkgname[@]}"; do
#   38|   		if extract_function_variable "package_$name" backup 1 list; then

Error: SHELLCHECK_WARNING (CWE-457): [#def173]
/usr/share/makepkg/lint_pkgbuild/backup.sh:37:15: warning[SC2154]: pkgname is referenced but not assigned.
#   35|   
#   36|   	backup_list=("${backup[@]}")
#   37|-> 	for name in "${pkgname[@]}"; do
#   38|   		if extract_function_variable "package_$name" backup 1 list; then
#   39|   			backup_list+=("${list[@]}")

Error: SHELLCHECK_WARNING (CWE-457): [#def174]
/usr/share/makepkg/lint_pkgbuild/changelog.sh:37:19: warning[SC2154]: changelog is referenced but not assigned.
#   35|   	local file changelog_list
#   36|   
#   37|-> 	changelog_list=("${changelog[@]}")
#   38|   	# set pkgname the same way we do for running package(), this way we get
#   39|   	# the right value in extract_function_variable

Error: SHELLCHECK_WARNING (CWE-140): [#def175]
/usr/share/makepkg/lint_pkgbuild/changelog.sh:40:24: warning[SC2206]: Quote to prevent word splitting/globbing, or split robustly with mapfile or read -a.
#   38|   	# set pkgname the same way we do for running package(), this way we get
#   39|   	# the right value in extract_function_variable
#   40|-> 	local pkgname_backup=(${pkgname[@]})
#   41|   	local pkgname
#   42|   	for pkgname in "${pkgname_backup[@]}"; do

Error: SHELLCHECK_WARNING (CWE-571): [#def176]
/usr/share/makepkg/lint_pkgbuild/checkdepends.sh:41:8: warning[SC2155]: Declare and assign separately to avoid masking return values.
#   39|   
#   40|   	# this function requires extglob - save current status to restore later
#   41|-> 	local shellopts=$(shopt -p extglob)
#   42|   	shopt -s extglob
#   43|   

Error: SHELLCHECK_WARNING (CWE-571): [#def177]
/usr/share/makepkg/lint_pkgbuild/conflicts.sh:41:8: warning[SC2155]: Declare and assign separately to avoid masking return values.
#   39|   
#   40|   	# this function requires extglob - save current status to restore later
#   41|-> 	local shellopts=$(shopt -p extglob)
#   42|   	shopt -s extglob
#   43|   

Error: SHELLCHECK_WARNING (CWE-571): [#def178]
/usr/share/makepkg/lint_pkgbuild/depends.sh:41:8: warning[SC2155]: Declare and assign separately to avoid masking return values.
#   39|   
#   40|   	# this function requires extglob - save current status to restore later
#   41|-> 	local shellopts=$(shopt -p extglob)
#   42|   	shopt -s extglob
#   43|   

Error: SHELLCHECK_WARNING (CWE-563): [#def179]
/usr/share/makepkg/lint_pkgbuild/install.sh:35:8: warning[SC2034]: list appears unused. Verify use (or export if used externally).
#   33|   
#   34|   lint_install() {
#   35|-> 	local list file install_list ret=0
#   36|   
#   37|   	install_list=("${install[@]}")

Error: SHELLCHECK_WARNING (CWE-457): [#def180]
/usr/share/makepkg/lint_pkgbuild/install.sh:37:17: warning[SC2154]: install is referenced but not assigned.
#   35|   	local list file install_list ret=0
#   36|   
#   37|-> 	install_list=("${install[@]}")
#   38|   	# set pkgname the same way we do for running package(), this way we get
#   39|   	# the right value in extract_function_variable

Error: SHELLCHECK_WARNING (CWE-140): [#def181]
/usr/share/makepkg/lint_pkgbuild/install.sh:40:24: warning[SC2206]: Quote to prevent word splitting/globbing, or split robustly with mapfile or read -a.
#   38|   	# set pkgname the same way we do for running package(), this way we get
#   39|   	# the right value in extract_function_variable
#   40|-> 	local pkgname_backup=(${pkgname[@]})
#   41|   	local pkgname
#   42|   	for pkgname in "${pkgname_backup[@]}"; do

Error: SHELLCHECK_WARNING (CWE-571): [#def182]
/usr/share/makepkg/lint_pkgbuild/makedepends.sh:41:8: warning[SC2155]: Declare and assign separately to avoid masking return values.
#   39|   
#   40|   	# this function requires extglob - save current status to restore later
#   41|-> 	local shellopts=$(shopt -p extglob)
#   42|   	shopt -s extglob
#   43|   

Error: SHELLCHECK_WARNING (CWE-563): [#def183]
/usr/share/makepkg/lint_pkgbuild/optdepends.sh:41:8: warning[SC2034]: shellopts appears unused. Verify use (or export if used externally).
#   39|   
#   40|   	# this function requires extglob - save current status to restore later
#   41|-> 	local shellopts=$(shopt -p extglob)
#   42|   	shopt -s extglob
#   43|   

Error: SHELLCHECK_WARNING (CWE-571): [#def184]
/usr/share/makepkg/lint_pkgbuild/optdepends.sh:41:8: warning[SC2155]: Declare and assign separately to avoid masking return values.
#   39|   
#   40|   	# this function requires extglob - save current status to restore later
#   41|-> 	local shellopts=$(shopt -p extglob)
#   42|   	shopt -s extglob
#   43|   

Error: SHELLCHECK_WARNING (CWE-457): [#def185]
/usr/share/makepkg/lint_pkgbuild/options.sh:36:17: warning[SC2154]: options is referenced but not assigned.
#   34|   	local ret=0 list name kopt options_list
#   35|   
#   36|-> 	options_list=("${options[@]}")
#   37|   	for name in "${pkgname[@]}"; do
#   38|   		if extract_function_variable "package_$name" options 1 list; then

Error: SHELLCHECK_WARNING (CWE-457): [#def186]
/usr/share/makepkg/lint_pkgbuild/options.sh:37:15: warning[SC2154]: pkgname is referenced but not assigned.
#   35|   
#   36|   	options_list=("${options[@]}")
#   37|-> 	for name in "${pkgname[@]}"; do
#   38|   		if extract_function_variable "package_$name" options 1 list; then
#   39|   			options_list+=("${list[@]}")

Error: SHELLCHECK_WARNING (CWE-457): [#def187]
/usr/share/makepkg/lint_pkgbuild/options.sh:45:16: warning[SC2154]: packaging_options is referenced but not assigned.
#   43|   	for i in "${options_list[@]}"; do
#   44|   		# check if option matches a known option or its inverse
#   45|-> 		for kopt in "${packaging_options[@]}" "${build_options[@]}"; do
#   46|   			if [[ $i = "$kopt" || $i = "!$kopt" ]]; then
#   47|   				# continue to the next $i

Error: SHELLCHECK_WARNING (CWE-457): [#def188]
/usr/share/makepkg/lint_pkgbuild/options.sh:45:42: warning[SC2154]: build_options is referenced but not assigned.
#   43|   	for i in "${options_list[@]}"; do
#   44|   		# check if option matches a known option or its inverse
#   45|-> 		for kopt in "${packaging_options[@]}" "${build_options[@]}"; do
#   46|   			if [[ $i = "$kopt" || $i = "!$kopt" ]]; then
#   47|   				# continue to the next $i

Error: SHELLCHECK_WARNING (CWE-457): [#def189]
/usr/share/makepkg/lint_pkgbuild/package_function.sh:36:8: warning[SC2154]: pkgname is referenced but not assigned.
#   34|   	local i ret=0
#   35|   
#   36|-> 	if (( ${#pkgname[@]} == 1 )); then
#   37|   		if have_function 'package' && have_function "package_$pkgname"; then
#   38|   			error "$(gettext "Conflicting %s and %s functions in %s")" "package()" "package_$pkgname()" "$BUILDFILE"

Error: SHELLCHECK_WARNING (CWE-457): [#def190]
/usr/share/makepkg/lint_pkgbuild/package_function.sh:46:79: warning[SC2154]: pkgbase is referenced but not assigned.
#   44|   	else
#   45|   		if have_function "package"; then
#   46|-> 			error "$(gettext "Extra %s function for split package '%s'")" "package()" "$pkgbase"
#   47|   			ret=1
#   48|   		fi

Error: SHELLCHECK_WARNING (CWE-88): [#def191]
/usr/share/makepkg/lint_pkgbuild/package_function_variable.sh:39:13: error[SC2068]: Double quote array expansions to avoid re-splitting elements.
#   37|   
#   38|   	# package function variables
#   39|-> 	for pkg in ${pkgname[@]}; do
#   40|   		for a in ${arch[@]}; do
#   41|   			[[ $a == "any" ]] && continue

Error: SHELLCHECK_WARNING (CWE-457): [#def192]
/usr/share/makepkg/lint_pkgbuild/package_function_variable.sh:39:13: warning[SC2154]: pkgname is referenced but not assigned.
#   37|   
#   38|   	# package function variables
#   39|-> 	for pkg in ${pkgname[@]}; do
#   40|   		for a in ${arch[@]}; do
#   41|   			[[ $a == "any" ]] && continue

Error: SHELLCHECK_WARNING (CWE-88): [#def193]
/usr/share/makepkg/lint_pkgbuild/package_function_variable.sh:40:12: error[SC2068]: Double quote array expansions to avoid re-splitting elements.
#   38|   	# package function variables
#   39|   	for pkg in ${pkgname[@]}; do
#   40|-> 		for a in ${arch[@]}; do
#   41|   			[[ $a == "any" ]] && continue
#   42|   

Error: SHELLCHECK_WARNING (CWE-457): [#def194]
/usr/share/makepkg/lint_pkgbuild/package_function_variable.sh:40:12: warning[SC2154]: arch is referenced but not assigned.
#   38|   	# package function variables
#   39|   	for pkg in ${pkgname[@]}; do
#   40|-> 		for a in ${arch[@]}; do
#   41|   			[[ $a == "any" ]] && continue
#   42|   

Error: SHELLCHECK_WARNING (CWE-88): [#def195]
/usr/share/makepkg/lint_pkgbuild/package_function_variable.sh:43:13: error[SC2068]: Double quote array expansions to avoid re-splitting elements.
#   41|   			[[ $a == "any" ]] && continue
#   42|   
#   43|-> 			for i in ${pkgbuild_schema_arrays[@]} ${pkgbuild_schema_strings[@]}; do
#   44|   				in_array "$i" ${pkgbuild_schema_package_overrides[@]} && continue
#   45|   				if exists_function_variable "package_$pkg" "${i}_${a}"; then

Error: SHELLCHECK_WARNING (CWE-457): [#def196]
/usr/share/makepkg/lint_pkgbuild/package_function_variable.sh:43:13: warning[SC2154]: pkgbuild_schema_arrays is referenced but not assigned.
#   41|   			[[ $a == "any" ]] && continue
#   42|   
#   43|-> 			for i in ${pkgbuild_schema_arrays[@]} ${pkgbuild_schema_strings[@]}; do
#   44|   				in_array "$i" ${pkgbuild_schema_package_overrides[@]} && continue
#   45|   				if exists_function_variable "package_$pkg" "${i}_${a}"; then

Error: SHELLCHECK_WARNING (CWE-88): [#def197]
/usr/share/makepkg/lint_pkgbuild/package_function_variable.sh:43:42: error[SC2068]: Double quote array expansions to avoid re-splitting elements.
#   41|   			[[ $a == "any" ]] && continue
#   42|   
#   43|-> 			for i in ${pkgbuild_schema_arrays[@]} ${pkgbuild_schema_strings[@]}; do
#   44|   				in_array "$i" ${pkgbuild_schema_package_overrides[@]} && continue
#   45|   				if exists_function_variable "package_$pkg" "${i}_${a}"; then

Error: SHELLCHECK_WARNING (CWE-457): [#def198]
/usr/share/makepkg/lint_pkgbuild/package_function_variable.sh:43:42: warning[SC2154]: pkgbuild_schema_strings is referenced but not assigned.
#   41|   			[[ $a == "any" ]] && continue
#   42|   
#   43|-> 			for i in ${pkgbuild_schema_arrays[@]} ${pkgbuild_schema_strings[@]}; do
#   44|   				in_array "$i" ${pkgbuild_schema_package_overrides[@]} && continue
#   45|   				if exists_function_variable "package_$pkg" "${i}_${a}"; then

Error: SHELLCHECK_WARNING (CWE-88): [#def199]
/usr/share/makepkg/lint_pkgbuild/package_function_variable.sh:44:19: error[SC2068]: Double quote array expansions to avoid re-splitting elements.
#   42|   
#   43|   			for i in ${pkgbuild_schema_arrays[@]} ${pkgbuild_schema_strings[@]}; do
#   44|-> 				in_array "$i" ${pkgbuild_schema_package_overrides[@]} && continue
#   45|   				if exists_function_variable "package_$pkg" "${i}_${a}"; then
#   46|   					error "$(gettext "%s can not be set inside a package function")" "${i}_${a}"

Error: SHELLCHECK_WARNING (CWE-457): [#def200]
/usr/share/makepkg/lint_pkgbuild/package_function_variable.sh:44:19: warning[SC2154]: pkgbuild_schema_package_overrides is referenced but not assigned.
#   42|   
#   43|   			for i in ${pkgbuild_schema_arrays[@]} ${pkgbuild_schema_strings[@]}; do
#   44|-> 				in_array "$i" ${pkgbuild_schema_package_overrides[@]} && continue
#   45|   				if exists_function_variable "package_$pkg" "${i}_${a}"; then
#   46|   					error "$(gettext "%s can not be set inside a package function")" "${i}_${a}"

Error: SHELLCHECK_WARNING (CWE-88): [#def201]
/usr/share/makepkg/lint_pkgbuild/package_function_variable.sh:52:12: error[SC2068]: Double quote array expansions to avoid re-splitting elements.
#   50|   		done
#   51|   
#   52|-> 		for i in ${pkgbuild_schema_arrays[@]} ${pkgbuild_schema_strings[@]}; do
#   53|   			in_array "$i" ${pkgbuild_schema_package_overrides[@]} && continue
#   54|   			if exists_function_variable "package_$pkg" "$i"; then

Error: SHELLCHECK_WARNING (CWE-88): [#def202]
/usr/share/makepkg/lint_pkgbuild/package_function_variable.sh:52:41: error[SC2068]: Double quote array expansions to avoid re-splitting elements.
#   50|   		done
#   51|   
#   52|-> 		for i in ${pkgbuild_schema_arrays[@]} ${pkgbuild_schema_strings[@]}; do
#   53|   			in_array "$i" ${pkgbuild_schema_package_overrides[@]} && continue
#   54|   			if exists_function_variable "package_$pkg" "$i"; then

Error: SHELLCHECK_WARNING (CWE-88): [#def203]
/usr/share/makepkg/lint_pkgbuild/package_function_variable.sh:53:18: error[SC2068]: Double quote array expansions to avoid re-splitting elements.
#   51|   
#   52|   		for i in ${pkgbuild_schema_arrays[@]} ${pkgbuild_schema_strings[@]}; do
#   53|-> 			in_array "$i" ${pkgbuild_schema_package_overrides[@]} && continue
#   54|   			if exists_function_variable "package_$pkg" "$i"; then
#   55|   				error "$(gettext "%s can not be set inside a package function")" "$i"

Error: SHELLCHECK_WARNING (CWE-457): [#def204]
/usr/share/makepkg/lint_pkgbuild/pkglist.sh:37:23: warning[SC2154]: pkgname is referenced but not assigned.
#   35|   
#   36|   	for i in "${PKGLIST[@]}"; do
#   37|-> 		if ! in_array "$i" "${pkgname[@]}"; then
#   38|   			error "$(gettext "Requested package %s is not provided in %s")" "$i" "$BUILDFILE"
#   39|   			ret=1

Error: SHELLCHECK_WARNING (CWE-398): [#def205]
/usr/share/makepkg/lint_pkgbuild/pkgname.sh:64:11: error[SC2199]: Arrays implicitly concatenate in [[ ]]. Use a loop (or explicit * instead of @).
#   62|   	local ret=0 i
#   63|   
#   64|-> 	if [[ -z ${pkgname[@]} ]]; then
#   65|   		error "$(gettext "%s is not allowed to be empty.")" "pkgname"
#   66|   		ret=1

Error: SHELLCHECK_WARNING (CWE-457): [#def206]
/usr/share/makepkg/lint_pkgbuild/pkgrel.sh:46:16: warning[SC2154]: pkgrel is referenced but not assigned.
#   44|   
#   45|   lint_pkgrel() {
#   46|-> 	check_pkgrel "$pkgrel"
#   47|   }

Error: SHELLCHECK_WARNING (CWE-457): [#def207]
/usr/share/makepkg/lint_pkgbuild/pkgver.sh:52:16: warning[SC2154]: pkgver is referenced but not assigned.
#   50|   
#   51|   lint_pkgver() {
#   52|-> 	check_pkgver "$pkgver"
#   53|   }

Error: SHELLCHECK_WARNING (CWE-571): [#def208]
/usr/share/makepkg/lint_pkgbuild/provides.sh:41:8: warning[SC2155]: Declare and assign separately to avoid masking return values.
#   39|   
#   40|   	# this function requires extglob - save current status to restore later
#   41|-> 	local shellopts=$(shopt -p extglob)
#   42|   	shopt -s extglob
#   43|   

Error: SHELLCHECK_WARNING (CWE-457): [#def209]
/usr/share/makepkg/lint_pkgbuild/source.sh:33:14: warning[SC2154]: source is referenced but not assigned.
#   31|   
#   32|   lint_source() {
#   33|-> 	local idx=("${!source[@]}")
#   34|   
#   35|   	if (( ${#source[*]} > 0 && (${idx[@]: -1} + 1) != ${#source[*]} )); then

Error: SHELLCHECK_WARNING (CWE-563): [#def210]
/usr/share/makepkg/lint_pkgbuild/variable.sh:34:16: warning[SC2034]: out appears unused. Verify use (or export if used externally).
#   32|   
#   33|   lint_variable() {
#   34|-> 	local i a pkg out bad ret=0
#   35|   
#   36|   	# global variables

Error: SHELLCHECK_WARNING (CWE-563): [#def211]
/usr/share/makepkg/lint_pkgbuild/variable.sh:34:20: warning[SC2034]: bad appears unused. Verify use (or export if used externally).
#   32|   
#   33|   lint_variable() {
#   34|-> 	local i a pkg out bad ret=0
#   35|   
#   36|   	# global variables

Error: SHELLCHECK_WARNING (CWE-88): [#def212]
/usr/share/makepkg/lint_pkgbuild/variable.sh:37:11: error[SC2068]: Double quote array expansions to avoid re-splitting elements.
#   35|   
#   36|   	# global variables
#   37|-> 	for i in ${pkgbuild_schema_arrays[@]}; do
#   38|   		if declare -p $i > /dev/null 2>&1; then
#   39|   			if ! is_array $i; then

Error: SHELLCHECK_WARNING (CWE-457): [#def213]
/usr/share/makepkg/lint_pkgbuild/variable.sh:37:11: warning[SC2154]: pkgbuild_schema_arrays is referenced but not assigned.
#   35|   
#   36|   	# global variables
#   37|-> 	for i in ${pkgbuild_schema_arrays[@]}; do
#   38|   		if declare -p $i > /dev/null 2>&1; then
#   39|   			if ! is_array $i; then

Error: SHELLCHECK_WARNING (CWE-88): [#def214]
/usr/share/makepkg/lint_pkgbuild/variable.sh:46:11: error[SC2068]: Double quote array expansions to avoid re-splitting elements.
#   44|   	done
#   45|   
#   46|-> 	for a in ${arch[@]}; do
#   47|   		[[ $a == "any" ]] && continue
#   48|   

Error: SHELLCHECK_WARNING (CWE-457): [#def215]
/usr/share/makepkg/lint_pkgbuild/variable.sh:46:11: warning[SC2154]: arch is referenced but not assigned.
#   44|   	done
#   45|   
#   46|-> 	for a in ${arch[@]}; do
#   47|   		[[ $a == "any" ]] && continue
#   48|   

Error: SHELLCHECK_WARNING (CWE-88): [#def216]
/usr/share/makepkg/lint_pkgbuild/variable.sh:49:12: error[SC2068]: Double quote array expansions to avoid re-splitting elements.
#   47|   		[[ $a == "any" ]] && continue
#   48|   
#   49|-> 		for i in ${pkgbuild_schema_arch_arrays[@]}; do
#   50|   			if declare -p "${i}_${a}" > /dev/null 2>&1; then
#   51|   				if ! is_array ${i}_${a}; then

Error: SHELLCHECK_WARNING (CWE-457): [#def217]
/usr/share/makepkg/lint_pkgbuild/variable.sh:49:12: warning[SC2154]: pkgbuild_schema_arch_arrays is referenced but not assigned.
#   47|   		[[ $a == "any" ]] && continue
#   48|   
#   49|-> 		for i in ${pkgbuild_schema_arch_arrays[@]}; do
#   50|   			if declare -p "${i}_${a}" > /dev/null 2>&1; then
#   51|   				if ! is_array ${i}_${a}; then

Error: SHELLCHECK_WARNING (CWE-88): [#def218]
/usr/share/makepkg/lint_pkgbuild/variable.sh:59:11: error[SC2068]: Double quote array expansions to avoid re-splitting elements.
#   57|   	done
#   58|   
#   59|-> 	for i in ${pkgbuild_schema_strings[@]}; do
#   60|   		if declare -p "$i" > /dev/null 2>&1; then
#   61|   			if is_array $i; then

Error: SHELLCHECK_WARNING (CWE-457): [#def219]
/usr/share/makepkg/lint_pkgbuild/variable.sh:59:11: warning[SC2154]: pkgbuild_schema_strings is referenced but not assigned.
#   57|   	done
#   58|   
#   59|-> 	for i in ${pkgbuild_schema_strings[@]}; do
#   60|   		if declare -p "$i" > /dev/null 2>&1; then
#   61|   			if is_array $i; then

Error: SHELLCHECK_WARNING (CWE-88): [#def220]
/usr/share/makepkg/lint_pkgbuild/variable.sh:69:13: error[SC2068]: Double quote array expansions to avoid re-splitting elements.
#   67|   
#   68|   	# package function variables
#   69|-> 	for pkg in ${pkgname[@]}; do
#   70|   		for i in ${pkgbuild_schema_arrays[@]}; do
#   71|   			if extract_function_variable "package_$pkg" $i 0 out; then

Error: SHELLCHECK_WARNING (CWE-457): [#def221]
/usr/share/makepkg/lint_pkgbuild/variable.sh:69:13: warning[SC2154]: pkgname is referenced but not assigned.
#   67|   
#   68|   	# package function variables
#   69|-> 	for pkg in ${pkgname[@]}; do
#   70|   		for i in ${pkgbuild_schema_arrays[@]}; do
#   71|   			if extract_function_variable "package_$pkg" $i 0 out; then

Error: SHELLCHECK_WARNING (CWE-88): [#def222]
/usr/share/makepkg/lint_pkgbuild/variable.sh:70:12: error[SC2068]: Double quote array expansions to avoid re-splitting elements.
#   68|   	# package function variables
#   69|   	for pkg in ${pkgname[@]}; do
#   70|-> 		for i in ${pkgbuild_schema_arrays[@]}; do
#   71|   			if extract_function_variable "package_$pkg" $i 0 out; then
#   72|   				error "$(gettext "%s should be an array")" "$i"

Error: SHELLCHECK_WARNING (CWE-88): [#def223]
/usr/share/makepkg/lint_pkgbuild/variable.sh:77:12: error[SC2068]: Double quote array expansions to avoid re-splitting elements.
#   75|   		done
#   76|   
#   77|-> 		for a in ${arch[@]}; do
#   78|   			[[ $a == "any" ]] && continue
#   79|   

Error: SHELLCHECK_WARNING (CWE-88): [#def224]
/usr/share/makepkg/lint_pkgbuild/variable.sh:80:13: error[SC2068]: Double quote array expansions to avoid re-splitting elements.
#   78|   			[[ $a == "any" ]] && continue
#   79|   
#   80|-> 			for i in ${pkgbuild_schema_arch_arrays[@]}; do
#   81|   				if extract_function_variable "package_$pkg" "${i}_${a}" 0 out; then
#   82|   					error "$(gettext "%s should be an array")" "${i}_${a}"

Error: SHELLCHECK_WARNING (CWE-88): [#def225]
/usr/share/makepkg/lint_pkgbuild/variable.sh:88:12: error[SC2068]: Double quote array expansions to avoid re-splitting elements.
#   86|   		done
#   87|   
#   88|-> 		for i in ${pkgbuild_schema_strings[@]}; do
#   89|   			if extract_function_variable "package_$pkg" $i 1 out; then
#   90|   				error "$(gettext "%s should not be an array")" "$i"

Error: SHELLCHECK_WARNING (CWE-88): [#def226]
/usr/share/makepkg/lint_pkgbuild/variable.sh:102:11: error[SC2068]: Double quote array expansions to avoid re-splitting elements.
#  100|   	local i var ret=0
#  101|   
#  102|-> 	for i in ${pkgbuild_schema_arrays[@]}; do
#  103|   		local l=()
#  104|   		get_pkgbuild_all_split_attributes $i l

Error: SHELLCHECK_WARNING (CWE-563): [#def227]
/usr/share/makepkg/source.sh:48:5: warning[SC2034]: get_vcs appears unused. Verify use (or export if used externally).
#   46|   				;;
#   47|   			novcs)
#   48|-> 				get_vcs=0
#   49|   				;;
#   50|   			*)

Error: SHELLCHECK_WARNING (CWE-252): [#def228]
/usr/share/makepkg/source.sh:59:3: warning[SC2164]: Use 'pushd ... || exit' or 'pushd ... || return' in case pushd fails.
#   57|   	"$get_source_fn" 'all_sources'
#   58|   	for netfile in "${all_sources[@]}"; do
#   59|-> 		pushd "$SRCDEST" &>/dev/null
#   60|   
#   61|   		local proto=$(get_protocol "$netfile")

Error: SHELLCHECK_WARNING (CWE-571): [#def229]
/usr/share/makepkg/source.sh:61:9: warning[SC2155]: Declare and assign separately to avoid masking return values.
#   59|   		pushd "$SRCDEST" &>/dev/null
#   60|   
#   61|-> 		local proto=$(get_protocol "$netfile")
#   62|   		if declare -f download_$proto > /dev/null; then
#   63|   			download_$proto "$netfile"

Error: SHELLCHECK_WARNING (CWE-252): [#def230]
/usr/share/makepkg/source.sh:68:3: warning[SC2164]: Use 'popd ... || exit' or 'popd ... || return' in case popd fails.
#   66|   		fi
#   67|   
#   68|-> 		popd &>/dev/null
#   69|   	done
#   70|   }

Error: SHELLCHECK_WARNING (CWE-571): [#def231]
/usr/share/makepkg/source.sh:78:9: warning[SC2155]: Declare and assign separately to avoid masking return values.
#   76|   	get_all_sources_for_arch 'all_sources'
#   77|   	for netfile in "${all_sources[@]}"; do
#   78|-> 		local proto=$(get_protocol "$netfile")
#   79|   		if declare -f extract_$proto > /dev/null; then
#   80|   			extract_$proto "$netfile"

Error: SHELLCHECK_WARNING (CWE-457): [#def232]
/usr/share/makepkg/source/bzr.sh:33:16: warning[SC2154]: get_vcs is referenced but not assigned.
#   31|   download_bzr() {
#   32|   	# abort early if parent says not to fetch
#   33|-> 	if declare -p get_vcs > /dev/null 2>&1; then
#   34|   		(( get_vcs )) || return
#   35|   	fi

Error: SHELLCHECK_WARNING (CWE-571): [#def233]
/usr/share/makepkg/source/bzr.sh:39:8: warning[SC2155]: Declare and assign separately to avoid masking return values.
#   37|   	local netfile=$1
#   38|   
#   39|-> 	local url=$(get_url "$netfile")
#   40|   	if [[ $url != bzr+ssh* ]]; then
#   41|   		url=${url#bzr+}

Error: SHELLCHECK_WARNING (CWE-571): [#def234]
/usr/share/makepkg/source/bzr.sh:45:8: warning[SC2155]: Declare and assign separately to avoid masking return values.
#   43|   	url=${url%%#*}
#   44|   
#   45|-> 	local repo=$(get_filename "$netfile")
#   46|   	local displaylocation="$url"
#   47|   

Error: SHELLCHECK_WARNING (CWE-571): [#def235]
/usr/share/makepkg/source/bzr.sh:48:8: warning[SC2155]: Declare and assign separately to avoid masking return values.
#   46|   	local displaylocation="$url"
#   47|   
#   48|-> 	local dir=$(get_filepath "$netfile")
#   49|   	[[ -z "$dir" ]] && dir="$SRCDEST/$(get_filename "$netfile")"
#   50|   

Error: SHELLCHECK_WARNING (CWE-571): [#def236]
/usr/share/makepkg/source/bzr.sh:71:8: warning[SC2155]: Declare and assign separately to avoid masking return values.
#   69|   	local netfile=$1
#   70|   
#   71|-> 	local repo=$(get_filename "$netfile")
#   72|   	local fragment=${netfile#*#}
#   73|   	if [[ $fragment = "$netfile" ]]; then

Error: SHELLCHECK_WARNING (CWE-571): [#def237]
/usr/share/makepkg/source/bzr.sh:91:8: warning[SC2155]: Declare and assign separately to avoid masking return values.
#   89|   	fi
#   90|   
#   91|-> 	local dir=$(get_filepath "$netfile")
#   92|   	[[ -z "$dir" ]] && dir="$SRCDEST/$(get_filename "$netfile")"
#   93|   

Error: SHELLCHECK_WARNING (CWE-252): [#def238]
/usr/share/makepkg/source/bzr.sh:95:2: warning[SC2164]: Use 'pushd ... || exit' or 'pushd ... || return' in case pushd fails.
#   93|   
#   94|   	msg2 "$(gettext "Creating working copy of %s %s repo...")" "${repo}" "bzr"
#   95|-> 	pushd "$srcdir" &>/dev/null
#   96|   
#   97|   	if [[ -d "${dir##*/}" ]]; then

Error: SHELLCHECK_WARNING (CWE-457): [#def239]
/usr/share/makepkg/source/bzr.sh:95:9: warning[SC2154]: srcdir is referenced but not assigned.
#   93|   
#   94|   	msg2 "$(gettext "Creating working copy of %s %s repo...")" "${repo}" "bzr"
#   95|-> 	pushd "$srcdir" &>/dev/null
#   96|   
#   97|   	if [[ -d "${dir##*/}" ]]; then

Error: SHELLCHECK_WARNING (CWE-252): [#def240]
/usr/share/makepkg/source/bzr.sh:110:2: warning[SC2164]: Use 'popd ... || exit' or 'popd ... || return' in case popd fails.
#  108|   	fi
#  109|   
#  110|-> 	popd &>/dev/null
#  111|   }
#  112|   

Error: SHELLCHECK_WARNING (CWE-571): [#def241]
/usr/share/makepkg/source/file.sh:34:8: warning[SC2155]: Declare and assign separately to avoid masking return values.
#   32|   	local netfile=$1
#   33|   
#   34|-> 	local filepath=$(get_filepath "$netfile")
#   35|   	if [[ -n "$filepath" ]]; then
#   36|   		msg2 "$(gettext "Found %s")" "${filepath##*/}"

Error: SHELLCHECK_WARNING (CWE-571): [#def242]
/usr/share/makepkg/source/file.sh:40:8: warning[SC2155]: Declare and assign separately to avoid masking return values.
#   38|   	fi
#   39|   
#   40|-> 	local proto=$(get_protocol "$netfile")
#   41|   
#   42|   	# find the client we should use for this URL

Error: SHELLCHECK_WARNING (CWE-571): [#def243]
/usr/share/makepkg/source/file.sh:47:8: warning[SC2155]: Declare and assign separately to avoid masking return values.
#   45|   	wait $! || exit
#   46|   
#   47|-> 	local filename=$(get_filename "$netfile")
#   48|   	local url=$(get_url "$netfile")
#   49|   

Error: SHELLCHECK_WARNING (CWE-571): [#def244]
/usr/share/makepkg/source/file.sh:48:8: warning[SC2155]: Declare and assign separately to avoid masking return values.
#   46|   
#   47|   	local filename=$(get_filename "$netfile")
#   48|-> 	local url=$(get_url "$netfile")
#   49|   
#   50|   	if [[ $proto = "scp" ]]; then

Error: SHELLCHECK_WARNING (CWE-571): [#def245]
/usr/share/makepkg/source/file.sh:88:8: warning[SC2155]: Declare and assign separately to avoid masking return values.
#   86|   	local netfile=$1
#   87|   
#   88|-> 	local file=$(get_filename "$netfile")
#   89|   	local filepath=$(get_filepath "$file")
#   90|   	rm -f "$srcdir/${file}"

Error: SHELLCHECK_WARNING (CWE-571): [#def246]
/usr/share/makepkg/source/file.sh:89:8: warning[SC2155]: Declare and assign separately to avoid masking return values.
#   87|   
#   88|   	local file=$(get_filename "$netfile")
#   89|-> 	local filepath=$(get_filepath "$file")
#   90|   	rm -f "$srcdir/${file}"
#   91|   	ln -s "$filepath" "$srcdir/"

Error: SHELLCHECK_WARNING (CWE-457): [#def247]
/usr/share/makepkg/source/file.sh:90:9: warning[SC2154]: srcdir is referenced but not assigned.
#   88|   	local file=$(get_filename "$netfile")
#   89|   	local filepath=$(get_filepath "$file")
#   90|-> 	rm -f "$srcdir/${file}"
#   91|   	ln -s "$filepath" "$srcdir/"
#   92|   

Error: SHELLCHECK_WARNING (CWE-457): [#def248]
/usr/share/makepkg/source/file.sh:93:23: warning[SC2154]: noextract is referenced but not assigned.
#   91|   	ln -s "$filepath" "$srcdir/"
#   92|   
#   93|-> 	if in_array "$file" "${noextract[@]}"; then
#   94|   		# skip source files in the noextract=() array
#   95|   		# these are marked explicitly to NOT be extracted

Error: SHELLCHECK_WARNING (CWE-571): [#def249]
/usr/share/makepkg/source/file.sh:100:8: warning[SC2155]: Declare and assign separately to avoid masking return values.
#   98|   
#   99|   	# do not rely on extension for file type
#  100|-> 	local file_type=$(file -S -bizL -- "$file")
#  101|   	local ext=${file##*.}
#  102|   	local cmd=''

Error: SHELLCHECK_WARNING (CWE-457): [#def250]
/usr/share/makepkg/source/fossil.sh:33:16: warning[SC2154]: get_vcs is referenced but not assigned.
#   31|   download_fossil() {
#   32|   	# abort early if parent says not to fetch
#   33|-> 	if declare -p get_vcs > /dev/null 2>&1; then
#   34|   		(( get_vcs )) || return
#   35|   	fi

Error: SHELLCHECK_WARNING (CWE-571): [#def251]
/usr/share/makepkg/source/fossil.sh:39:8: warning[SC2155]: Declare and assign separately to avoid masking return values.
#   37|   	local netfile=$1
#   38|   
#   39|-> 	local db=$(get_filepath "$netfile")
#   40|   	[[ -z "$db" ]] && db="$SRCDEST/$(get_filename "$netfile")"
#   41|   

Error: SHELLCHECK_WARNING (CWE-571): [#def252]
/usr/share/makepkg/source/fossil.sh:44:8: warning[SC2155]: Declare and assign separately to avoid masking return values.
#   42|   	local repo=$db
#   43|   
#   44|-> 	local url=$(get_url "$netfile")
#   45|   	url=${url#fossil+}
#   46|   	url=${url%%#*}

Error: SHELLCHECK_WARNING (CWE-563): [#def253]
/usr/share/makepkg/source/fossil.sh:72:19: warning[SC2034]: tagname appears unused. Verify use (or export if used externally).
#   70|   
#   71|   extract_fossil() {
#   72|-> 	local netfile=$1 tagname
#   73|   
#   74|   	local fragment=$(get_uri_fragment "$netfile")

Error: SHELLCHECK_WARNING (CWE-571): [#def254]
/usr/share/makepkg/source/fossil.sh:74:8: warning[SC2155]: Declare and assign separately to avoid masking return values.
#   72|   	local netfile=$1 tagname
#   73|   
#   74|-> 	local fragment=$(get_uri_fragment "$netfile")
#   75|   	local repo=$(get_filename "$netfile")
#   76|   

Error: SHELLCHECK_WARNING (CWE-571): [#def255]
/usr/share/makepkg/source/fossil.sh:75:8: warning[SC2155]: Declare and assign separately to avoid masking return values.
#   73|   
#   74|   	local fragment=$(get_uri_fragment "$netfile")
#   75|-> 	local repo=$(get_filename "$netfile")
#   76|   
#   77|   	local db=$(get_filepath "$netfile")

Error: SHELLCHECK_WARNING (CWE-571): [#def256]
/usr/share/makepkg/source/fossil.sh:77:8: warning[SC2155]: Declare and assign separately to avoid masking return values.
#   75|   	local repo=$(get_filename "$netfile")
#   76|   
#   77|-> 	local db=$(get_filepath "$netfile")
#   78|   	[[ -z "$db" ]] && db="$SRCDEST/$(get_filename "$netfile")"
#   79|   	local dir=${db%%.fossil}

Error: SHELLCHECK_WARNING (CWE-252): [#def257]
/usr/share/makepkg/source/fossil.sh:83:2: warning[SC2164]: Use 'pushd ... || exit' or 'pushd ... || return' in case pushd fails.
#   81|   
#   82|   	msg2 "$(gettext "Creating working copy of %s %s repo...")" "${repo}" "fossil"
#   83|-> 	pushd "$srcdir" &>/dev/null
#   84|   
#   85|   	if [[ -d "$dir" ]]; then

Error: SHELLCHECK_WARNING (CWE-457): [#def258]
/usr/share/makepkg/source/fossil.sh:83:9: warning[SC2154]: srcdir is referenced but not assigned.
#   81|   
#   82|   	msg2 "$(gettext "Creating working copy of %s %s repo...")" "${repo}" "fossil"
#   83|-> 	pushd "$srcdir" &>/dev/null
#   84|   
#   85|   	if [[ -d "$dir" ]]; then

Error: SHELLCHECK_WARNING (CWE-252): [#def259]
/usr/share/makepkg/source/fossil.sh:126:2: warning[SC2164]: Use 'popd ... || exit' or 'popd ... || return' in case popd fails.
#  124|   	fi
#  125|   
#  126|-> 	popd &>/dev/null
#  127|   }

Error: SHELLCHECK_WARNING (CWE-457): [#def260]
/usr/share/makepkg/source/git.sh:34:16: warning[SC2154]: get_vcs is referenced but not assigned.
#   32|   download_git() {
#   33|   	# abort early if parent says not to fetch
#   34|-> 	if declare -p get_vcs > /dev/null 2>&1; then
#   35|   		(( get_vcs )) || return
#   36|   	fi

Error: SHELLCHECK_WARNING (CWE-571): [#def261]
/usr/share/makepkg/source/git.sh:40:8: warning[SC2155]: Declare and assign separately to avoid masking return values.
#   38|   	local netfile=$1
#   39|   
#   40|-> 	local dir=$(get_filepath "$netfile")
#   41|   	[[ -z "$dir" ]] && dir="$SRCDEST/$(get_filename "$netfile")"
#   42|   

Error: SHELLCHECK_WARNING (CWE-571): [#def262]
/usr/share/makepkg/source/git.sh:43:8: warning[SC2155]: Declare and assign separately to avoid masking return values.
#   41|   	[[ -z "$dir" ]] && dir="$SRCDEST/$(get_filename "$netfile")"
#   42|   
#   43|-> 	local repo=$(get_filename "$netfile")
#   44|   
#   45|   	local url=$(get_url "$netfile")

Error: SHELLCHECK_WARNING (CWE-571): [#def263]
/usr/share/makepkg/source/git.sh:45:8: warning[SC2155]: Declare and assign separately to avoid masking return values.
#   43|   	local repo=$(get_filename "$netfile")
#   44|   
#   45|-> 	local url=$(get_url "$netfile")
#   46|   	url=${url#git+}
#   47|   	url=${url%%#*}

Error: SHELLCHECK_WARNING (CWE-571): [#def264]
/usr/share/makepkg/source/git.sh:63:9: warning[SC2155]: Declare and assign separately to avoid masking return values.
#   61|   
#   62|   		# Make sure we are fetching the right repo
#   63|-> 		local remote_url="$(git -c safe.bareRepository=all config --get remote.origin.url)"
#   64|   		if [[ "${url%%.git}" != "${remote_url%%.git}" ]] ; then
#   65|   			error "$(gettext "%s is not a clone of %s")" "$dir" "$url"

Error: SHELLCHECK_WARNING (CWE-571): [#def265]
/usr/share/makepkg/source/git.sh:79:8: warning[SC2155]: Declare and assign separately to avoid masking return values.
#   77|   	# $GIT_DIR/info/attributes overrides .gitattributes, and thus no files in the repository
#   78|   	# can be altered by git features like export-subst or export-ignore
#   79|-> 	local MAKEPKG_GIT_DIR="$(git -c safe.bareRepository=all -C "$dir" rev-parse --absolute-git-dir)"
#   80|   	mkdir -p "$MAKEPKG_GIT_DIR/info"
#   81|   	echo "* -export-subst -export-ignore" > "$MAKEPKG_GIT_DIR/info/attributes"

Error: SHELLCHECK_WARNING (CWE-571): [#def266]
/usr/share/makepkg/source/git.sh:87:8: warning[SC2155]: Declare and assign separately to avoid masking return values.
#   85|   	local netfile=$1 tagname
#   86|   
#   87|-> 	local fragment=$(get_uri_fragment "$netfile")
#   88|   	local repo=$(get_filename "$netfile")
#   89|   

Error: SHELLCHECK_WARNING (CWE-571): [#def267]
/usr/share/makepkg/source/git.sh:88:8: warning[SC2155]: Declare and assign separately to avoid masking return values.
#   86|   
#   87|   	local fragment=$(get_uri_fragment "$netfile")
#   88|-> 	local repo=$(get_filename "$netfile")
#   89|   
#   90|   	local dir=$(get_filepath "$netfile")

Error: SHELLCHECK_WARNING (CWE-571): [#def268]
/usr/share/makepkg/source/git.sh:90:8: warning[SC2155]: Declare and assign separately to avoid masking return values.
#   88|   	local repo=$(get_filename "$netfile")
#   89|   
#   90|-> 	local dir=$(get_filepath "$netfile")
#   91|   	[[ -z "$dir" ]] && dir="$SRCDEST/$(get_filename "$netfile")"
#   92|   

Error: SHELLCHECK_WARNING (CWE-252): [#def269]
/usr/share/makepkg/source/git.sh:94:2: warning[SC2164]: Use 'pushd ... || exit' or 'pushd ... || return' in case pushd fails.
#   92|   
#   93|   	msg2 "$(gettext "Creating working copy of %s %s repo...")" "${repo}" "git"
#   94|-> 	pushd "$srcdir" &>/dev/null
#   95|   
#   96|   	local updating=0

Error: SHELLCHECK_WARNING (CWE-457): [#def270]
/usr/share/makepkg/source/git.sh:94:9: warning[SC2154]: srcdir is referenced but not assigned.
#   92|   
#   93|   	msg2 "$(gettext "Creating working copy of %s %s repo...")" "${repo}" "git"
#   94|-> 	pushd "$srcdir" &>/dev/null
#   95|   
#   96|   	local updating=0

Error: SHELLCHECK_WARNING (CWE-252): [#def271]
/usr/share/makepkg/source/git.sh:147:2: warning[SC2164]: Use 'popd ... || exit' or 'popd ... || return' in case popd fails.
#  145|   	fi
#  146|   
#  147|-> 	popd &>/dev/null
#  148|   }
#  149|   

Error: SHELLCHECK_WARNING (CWE-457): [#def272]
/usr/share/makepkg/source/hg.sh:33:16: warning[SC2154]: get_vcs is referenced but not assigned.
#   31|   download_hg() {
#   32|   	# abort early if parent says not to fetch
#   33|-> 	if declare -p get_vcs > /dev/null 2>&1; then
#   34|   		(( get_vcs )) || return
#   35|   	fi

Error: SHELLCHECK_WARNING (CWE-571): [#def273]
/usr/share/makepkg/source/hg.sh:39:8: warning[SC2155]: Declare and assign separately to avoid masking return values.
#   37|   	local netfile=$1
#   38|   
#   39|-> 	local dir=$(get_filepath "$netfile")
#   40|   	[[ -z "$dir" ]] && dir="$SRCDEST/$(get_filename "$netfile")"
#   41|   

Error: SHELLCHECK_WARNING (CWE-571): [#def274]
/usr/share/makepkg/source/hg.sh:42:8: warning[SC2155]: Declare and assign separately to avoid masking return values.
#   40|   	[[ -z "$dir" ]] && dir="$SRCDEST/$(get_filename "$netfile")"
#   41|   
#   42|-> 	local repo=$(get_filename "$netfile")
#   43|   
#   44|   	local url=$(get_url "$netfile")

Error: SHELLCHECK_WARNING (CWE-571): [#def275]
/usr/share/makepkg/source/hg.sh:44:8: warning[SC2155]: Declare and assign separately to avoid masking return values.
#   42|   	local repo=$(get_filename "$netfile")
#   43|   
#   44|-> 	local url=$(get_url "$netfile")
#   45|   	url=${url#hg+}
#   46|   	url=${url%%#*}

Error: SHELLCHECK_WARNING (CWE-571): [#def276]
/usr/share/makepkg/source/hg.sh:73:8: warning[SC2155]: Declare and assign separately to avoid masking return values.
#   71|   	fi
#   72|   
#   73|-> 	local dir=$(get_filepath "$netfile")
#   74|   	[[ -z "$dir" ]] && dir="$SRCDEST/$(get_filename "$netfile")"
#   75|   

Error: SHELLCHECK_WARNING (CWE-252): [#def277]
/usr/share/makepkg/source/hg.sh:80:2: warning[SC2164]: Use 'pushd ... || exit' or 'pushd ... || return' in case pushd fails.
#   78|   
#   79|   	msg2 "$(gettext "Creating working copy of %s %s repo...")" "${repo}" "hg"
#   80|-> 	pushd "$srcdir" &>/dev/null
#   81|   
#   82|   	local ref=default

Error: SHELLCHECK_WARNING (CWE-457): [#def278]
/usr/share/makepkg/source/hg.sh:80:9: warning[SC2154]: srcdir is referenced but not assigned.
#   78|   
#   79|   	msg2 "$(gettext "Creating working copy of %s %s repo...")" "${repo}" "hg"
#   80|-> 	pushd "$srcdir" &>/dev/null
#   81|   
#   82|   	local ref=default

Error: SHELLCHECK_WARNING (CWE-252): [#def279]
/usr/share/makepkg/source/hg.sh:112:2: warning[SC2164]: Use 'popd ... || exit' or 'popd ... || return' in case popd fails.
#  110|   	fi
#  111|   
#  112|-> 	popd &>/dev/null
#  113|   }
#  114|   

Error: SHELLCHECK_WARNING (CWE-571): [#def280]
/usr/share/makepkg/source/local.sh:33:8: warning[SC2155]: Declare and assign separately to avoid masking return values.
#   31|   download_local() {
#   32|   	local netfile=$1
#   33|-> 	local filepath=$(get_filepath "$netfile")
#   34|   
#   35|   	if [[ -n "$filepath" ]]; then

Error: SHELLCHECK_WARNING (CWE-571): [#def281]
/usr/share/makepkg/source/local.sh:38:9: warning[SC2155]: Declare and assign separately to avoid masking return values.
#   36|   		msg2 "$(gettext "Found %s")" "${filepath##*/}"
#   37|   	else
#   38|-> 		local filename=$(get_filename "$netfile")
#   39|   		error "$(gettext "%s was not found in the build directory and is not a URL.")" "$filename"
#   40|   		exit 1 # $E_MISSING_FILE

Error: SHELLCHECK_WARNING (CWE-457): [#def282]
/usr/share/makepkg/source/svn.sh:33:16: warning[SC2154]: get_vcs is referenced but not assigned.
#   31|   download_svn() {
#   32|   	# abort early if parent says not to fetch
#   33|-> 	if declare -p get_vcs > /dev/null 2>&1; then
#   34|   		(( get_vcs )) || return
#   35|   	fi

Error: SHELLCHECK_WARNING (CWE-571): [#def283]
/usr/share/makepkg/source/svn.sh:44:8: warning[SC2155]: Declare and assign separately to avoid masking return values.
#   42|   	fi
#   43|   
#   44|-> 	local dir=$(get_filepath "$netfile")
#   45|   	[[ -z "$dir" ]] && dir="$SRCDEST/$(get_filename "$netfile")"
#   46|   

Error: SHELLCHECK_WARNING (CWE-571): [#def284]
/usr/share/makepkg/source/svn.sh:47:8: warning[SC2155]: Declare and assign separately to avoid masking return values.
#   45|   	[[ -z "$dir" ]] && dir="$SRCDEST/$(get_filename "$netfile")"
#   46|   
#   47|-> 	local repo=$(get_filename "$netfile")
#   48|   
#   49|   	local url=$(get_url "$netfile")

Error: SHELLCHECK_WARNING (CWE-571): [#def285]
/usr/share/makepkg/source/svn.sh:49:8: warning[SC2155]: Declare and assign separately to avoid masking return values.
#   47|   	local repo=$(get_filename "$netfile")
#   48|   
#   49|-> 	local url=$(get_url "$netfile")
#   50|   	if [[ $url != svn+ssh* ]]; then
#   51|   		url=${url#svn+}

Error: SHELLCHECK_WARNING (CWE-571): [#def286]
/usr/share/makepkg/source/svn.sh:89:8: warning[SC2155]: Declare and assign separately to avoid masking return values.
#   87|   	local netfile=$1
#   88|   
#   89|-> 	local dir=$(get_filepath "$netfile")
#   90|   	[[ -z "$dir" ]] && dir="$SRCDEST/$(get_filename "$netfile")"
#   91|   

Error: SHELLCHECK_WARNING (CWE-457): [#def287]
/usr/share/makepkg/source/svn.sh:97:17: warning[SC2154]: srcdir is referenced but not assigned.
#   95|   	msg2 "$(gettext "Creating working copy of %s %s repo...")" "${repo}" "svn"
#   96|   
#   97|-> 	cp -au "$dir" "$srcdir"
#   98|   }

Error: SHELLCHECK_WARNING (CWE-571): [#def288]
/usr/share/makepkg/srcinfo.sh:44:8: warning[SC2155]: Declare and assign separately to avoid masking return values.
#   42|   
#   43|   	# this function requires extglob - save current status to restore later
#   44|-> 	local shellopts=$(shopt -p extglob)
#   45|   	shopt -s extglob
#   46|   

Error: SHELLCHECK_WARNING (CWE-457): [#def289]
/usr/share/makepkg/srcinfo.sh:73:33: warning[SC2154]: known_hash_algos is referenced but not assigned.
#   71|   	local multivalued_arch_attrs=(source provides conflicts depends replaces
#   72|   	                              optdepends makedepends checkdepends
#   73|-> 	                              "${known_hash_algos[@]/%/sums}")
#   74|   
#   75|   	for attr in "${singlevalued[@]}"; do

Error: SHELLCHECK_WARNING (CWE-457): [#def290]
/usr/share/makepkg/srcinfo.sh:115:40: warning[SC2154]: makepkg_version is referenced but not assigned.
#  113|   
#  114|   write_srcinfo_header() {
#  115|-> 	printf "# Generated by makepkg %s\n" "$makepkg_version"
#  116|   	printf "# %s\n" "$(LC_ALL=C date -u)"
#  117|   }

Error: SHELLCHECK_WARNING (CWE-563): [#def291]
/usr/share/makepkg/tidy.sh:36:13: warning[SC2034]: packaging_options appears unused. Verify use (or export if used externally).
#   34|   done
#   35|   
#   36|-> readonly -a packaging_options tidy_remove tidy_modify
#   37|   
#   38|   

Error: SHELLCHECK_WARNING (CWE-457): [#def292]
/usr/share/makepkg/tidy.sh:40:11: warning[SC2154]: pkgdir is referenced but not assigned.
#   38|   
#   39|   tidy_install() {
#   40|-> 	cd_safe "$pkgdir"
#   41|   	msg "$(gettext "Tidying install...")"
#   42|   

Error: SHELLCHECK_WARNING (CWE-88): [#def293]
/usr/share/makepkg/tidy.sh:44:14: error[SC2068]: Double quote array expansions to avoid re-splitting elements.
#   42|   
#   43|   	# options that remove unwanted files
#   44|-> 	for func in ${tidy_remove[@]}; do
#   45|   		$func
#   46|   	done

Error: SHELLCHECK_WARNING (CWE-88): [#def294]
/usr/share/makepkg/tidy.sh:49:14: error[SC2068]: Double quote array expansions to avoid re-splitting elements.
#   47|   
#   48|   	# options that modify files
#   49|-> 	for func in ${tidy_modify[@]}; do
#   50|   		$func
#   51|   	done

Error: SHELLCHECK_WARNING (CWE-88): [#def295]
/usr/share/makepkg/tidy/docs.sh:35:13: error[SC2068]: Double quote array expansions to avoid re-splitting elements.
#   33|   	if check_option "docs" "n" && [[ -n ${DOC_DIRS[*]} ]]; then
#   34|   		msg2 "$(gettext "Removing doc files...")"
#   35|-> 		rm -rf -- ${DOC_DIRS[@]}
#   36|   	fi
#   37|   }

Error: SHELLCHECK_WARNING (CWE-149): [#def296]
/usr/share/makepkg/tidy/libtool.sh:35:30: warning[SC2140]: Word is of the form "A"B"C" (B indicated). Did you mean "ABC" or "A\"B\"C"?
#   33|   tidy_libtool() {
#   34|   	if check_option "libtool" "n"; then
#   35|-> 		msg2 "$(gettext "Removing "%s" files...")" "libtool"
#   36|   		find . ! -type d -name "*.la" -exec rm -f -- '{}' +
#   37|   	fi

Error: SHELLCHECK_WARNING (CWE-457): [#def297]
/usr/share/makepkg/tidy/strip.sh:49:15: warning[SC2154]: srcdir is referenced but not assigned.
#   47|   
#   48|   	LANG=C debugedit --no-recompute-build-id \
#   49|-> 		--base-dir "${srcdir}" \
#   50|   		--dest-dir "${dbgsrcdir}" \
#   51|   		--list-file /dev/stdout "$1" \

Error: SHELLCHECK_WARNING (CWE-571): [#def298]
/usr/share/makepkg/tidy/strip.sh:73:9: warning[SC2155]: Declare and assign separately to avoid masking return values.
#   71|   
#   72|   	if check_option "debug" "y"; then
#   73|-> 		local bid=$(build_id "$binary")
#   74|   
#   75|   		# has this file already been stripped

Error: SHELLCHECK_WARNING (CWE-571): [#def299]
/usr/share/makepkg/tidy/strip.sh:95:9: warning[SC2155]: Declare and assign separately to avoid masking return values.
#   93|   		fi
#   94|   
#   95|-> 		local tempfile=$(mktemp "$binary.XXXXXX")
#   96|   		objcopy --add-gnu-debuglink="$dbgdir/${binary#/}.debug" "$binary" "$tempfile"
#   97|   		cat "$tempfile" > "$binary"

Error: SHELLCHECK_WARNING (CWE-571): [#def300]
/usr/share/makepkg/tidy/strip.sh:125:8: warning[SC2155]: Declare and assign separately to avoid masking return values.
#  123|   strip_file(){
#  124|   	local binary=$1; shift
#  125|-> 	local tempfile=$(mktemp "$binary.XXXXXX")
#  126|   	if strip "$@" "$binary" -o "$tempfile"; then
#  127|   		cat "$tempfile" > "$binary"

Error: SHELLCHECK_WARNING (CWE-571): [#def301]
/usr/share/makepkg/tidy/strip.sh:135:8: warning[SC2155]: Declare and assign separately to avoid masking return values.
#  133|   	local binary=$1;
#  134|   
#  135|-> 	local tempfile=$(mktemp "$binary.XXXXXX")
#  136|   	if strip -R .gnu.lto_* -R .gnu.debuglto_* -N __gnu_lto_v1 "$binary" -o "$tempfile"; then
#  137|   		cat "$tempfile" > "$binary"

Error: SHELLCHECK_WARNING (CWE-457): [#def302]
/usr/share/makepkg/tidy/strip.sh:151:12: warning[SC2154]: pkgdirbase is referenced but not assigned.
#  149|   
#  150|   		if check_option "debug" "y"; then
#  151|-> 			dbgdir="$pkgdirbase/$pkgbase-debug/usr/lib/debug"
#  152|   			dbgsrcdir="${DBGSRCDIR:-/usr/src/debug}/${pkgbase}"
#  153|   			dbgsrc="$pkgdirbase/$pkgbase-debug$dbgsrcdir"

Error: SHELLCHECK_WARNING (CWE-457): [#def303]
/usr/share/makepkg/tidy/strip.sh:151:24: warning[SC2154]: pkgbase is referenced but not assigned.
#  149|   
#  150|   		if check_option "debug" "y"; then
#  151|-> 			dbgdir="$pkgdirbase/$pkgbase-debug/usr/lib/debug"
#  152|   			dbgsrcdir="${DBGSRCDIR:-/usr/src/debug}/${pkgbase}"
#  153|   			dbgsrc="$pkgdirbase/$pkgbase-debug$dbgsrcdir"

Error: SHELLCHECK_WARNING (CWE-571): [#def304]
/usr/share/makepkg/util/config.sh:71:8: warning[SC2155]: Declare and assign separately to avoid masking return values.
#   69|   
#   70|   	# preserve environment variables to override makepkg.conf
#   71|-> 	local restore_envvars=$(
#   72|   		for var in PKGDEST SRCDEST SRCPKGDEST LOGDEST BUILDDIR PKGEXT SRCEXT GPGKEY PACKAGER CARCH; do
#   73|   			# the output of 'declare -p' results in locally scoped values when used within a function

Error: SHELLCHECK_WARNING (CWE-563): [#def305]
/usr/share/makepkg/util/config.sh:81:14: warning[SC2034]: BUILDENV appears unused. Verify use (or export if used externally).
#   79|   
#   80|   	# prevent PKGBUILDs altering this directly
#   81|-> 	readonly -a BUILDENV
#   82|   
#   83|   	eval "$restore_envvars"

Error: SHELLCHECK_WARNING (CWE-563): [#def306]
/usr/share/makepkg/util/error.sh:25:1: warning[SC2034]: E_OK appears unused. Verify use (or export if used externally).
#   23|   LIBMAKEPKG_UTIL_ERROR_SH=1
#   24|   
#   25|-> E_OK=0
#   26|   E_FAIL=1 # Generic error
#   27|   E_CONFIG_ERROR=2

Error: SHELLCHECK_WARNING (CWE-563): [#def307]
/usr/share/makepkg/util/error.sh:26:1: warning[SC2034]: E_FAIL appears unused. Verify use (or export if used externally).
#   24|   
#   25|   E_OK=0
#   26|-> E_FAIL=1 # Generic error
#   27|   E_CONFIG_ERROR=2
#   28|   E_INVALID_OPTION=3

Error: SHELLCHECK_WARNING (CWE-563): [#def308]
/usr/share/makepkg/util/error.sh:27:1: warning[SC2034]: E_CONFIG_ERROR appears unused. Verify use (or export if used externally).
#   25|   E_OK=0
#   26|   E_FAIL=1 # Generic error
#   27|-> E_CONFIG_ERROR=2
#   28|   E_INVALID_OPTION=3
#   29|   E_USER_FUNCTION_FAILED=4

Error: SHELLCHECK_WARNING (CWE-563): [#def309]
/usr/share/makepkg/util/error.sh:28:1: warning[SC2034]: E_INVALID_OPTION appears unused. Verify use (or export if used externally).
#   26|   E_FAIL=1 # Generic error
#   27|   E_CONFIG_ERROR=2
#   28|-> E_INVALID_OPTION=3
#   29|   E_USER_FUNCTION_FAILED=4
#   30|   E_PACKAGE_FAILED=5

Error: SHELLCHECK_WARNING (CWE-563): [#def310]
/usr/share/makepkg/util/error.sh:29:1: warning[SC2034]: E_USER_FUNCTION_FAILED appears unused. Verify use (or export if used externally).
#   27|   E_CONFIG_ERROR=2
#   28|   E_INVALID_OPTION=3
#   29|-> E_USER_FUNCTION_FAILED=4
#   30|   E_PACKAGE_FAILED=5
#   31|   E_MISSING_FILE=6

Error: SHELLCHECK_WARNING (CWE-563): [#def311]
/usr/share/makepkg/util/error.sh:30:1: warning[SC2034]: E_PACKAGE_FAILED appears unused. Verify use (or export if used externally).
#   28|   E_INVALID_OPTION=3
#   29|   E_USER_FUNCTION_FAILED=4
#   30|-> E_PACKAGE_FAILED=5
#   31|   E_MISSING_FILE=6
#   32|   E_MISSING_PKGDIR=7

Error: SHELLCHECK_WARNING (CWE-563): [#def312]
/usr/share/makepkg/util/error.sh:31:1: warning[SC2034]: E_MISSING_FILE appears unused. Verify use (or export if used externally).
#   29|   E_USER_FUNCTION_FAILED=4
#   30|   E_PACKAGE_FAILED=5
#   31|-> E_MISSING_FILE=6
#   32|   E_MISSING_PKGDIR=7
#   33|   E_INSTALL_DEPS_FAILED=8

Error: SHELLCHECK_WARNING (CWE-563): [#def313]
/usr/share/makepkg/util/error.sh:32:1: warning[SC2034]: E_MISSING_PKGDIR appears unused. Verify use (or export if used externally).
#   30|   E_PACKAGE_FAILED=5
#   31|   E_MISSING_FILE=6
#   32|-> E_MISSING_PKGDIR=7
#   33|   E_INSTALL_DEPS_FAILED=8
#   34|   E_REMOVE_DEPS_FAILED=9

Error: SHELLCHECK_WARNING (CWE-563): [#def314]
/usr/share/makepkg/util/error.sh:33:1: warning[SC2034]: E_INSTALL_DEPS_FAILED appears unused. Verify use (or export if used externally).
#   31|   E_MISSING_FILE=6
#   32|   E_MISSING_PKGDIR=7
#   33|-> E_INSTALL_DEPS_FAILED=8
#   34|   E_REMOVE_DEPS_FAILED=9
#   35|   E_ROOT=10

Error: SHELLCHECK_WARNING (CWE-563): [#def315]
/usr/share/makepkg/util/error.sh:34:1: warning[SC2034]: E_REMOVE_DEPS_FAILED appears unused. Verify use (or export if used externally).
#   32|   E_MISSING_PKGDIR=7
#   33|   E_INSTALL_DEPS_FAILED=8
#   34|-> E_REMOVE_DEPS_FAILED=9
#   35|   E_ROOT=10
#   36|   E_FS_PERMISSIONS=11

Error: SHELLCHECK_WARNING (CWE-563): [#def316]
/usr/share/makepkg/util/error.sh:35:1: warning[SC2034]: E_ROOT appears unused. Verify use (or export if used externally).
#   33|   E_INSTALL_DEPS_FAILED=8
#   34|   E_REMOVE_DEPS_FAILED=9
#   35|-> E_ROOT=10
#   36|   E_FS_PERMISSIONS=11
#   37|   E_PKGBUILD_ERROR=12

Error: SHELLCHECK_WARNING (CWE-563): [#def317]
/usr/share/makepkg/util/error.sh:36:1: warning[SC2034]: E_FS_PERMISSIONS appears unused. Verify use (or export if used externally).
#   34|   E_REMOVE_DEPS_FAILED=9
#   35|   E_ROOT=10
#   36|-> E_FS_PERMISSIONS=11
#   37|   E_PKGBUILD_ERROR=12
#   38|   E_ALREADY_BUILT=13

Error: SHELLCHECK_WARNING (CWE-563): [#def318]
/usr/share/makepkg/util/error.sh:37:1: warning[SC2034]: E_PKGBUILD_ERROR appears unused. Verify use (or export if used externally).
#   35|   E_ROOT=10
#   36|   E_FS_PERMISSIONS=11
#   37|-> E_PKGBUILD_ERROR=12
#   38|   E_ALREADY_BUILT=13
#   39|   E_INSTALL_FAILED=14

Error: SHELLCHECK_WARNING (CWE-563): [#def319]
/usr/share/makepkg/util/error.sh:38:1: warning[SC2034]: E_ALREADY_BUILT appears unused. Verify use (or export if used externally).
#   36|   E_FS_PERMISSIONS=11
#   37|   E_PKGBUILD_ERROR=12
#   38|-> E_ALREADY_BUILT=13
#   39|   E_INSTALL_FAILED=14
#   40|   E_MISSING_MAKEPKG_DEPS=15

Error: SHELLCHECK_WARNING (CWE-563): [#def320]
/usr/share/makepkg/util/error.sh:39:1: warning[SC2034]: E_INSTALL_FAILED appears unused. Verify use (or export if used externally).
#   37|   E_PKGBUILD_ERROR=12
#   38|   E_ALREADY_BUILT=13
#   39|-> E_INSTALL_FAILED=14
#   40|   E_MISSING_MAKEPKG_DEPS=15
#   41|   E_PRETTY_BAD_PRIVACY=16

Error: SHELLCHECK_WARNING (CWE-563): [#def321]
/usr/share/makepkg/util/error.sh:40:1: warning[SC2034]: E_MISSING_MAKEPKG_DEPS appears unused. Verify use (or export if used externally).
#   38|   E_ALREADY_BUILT=13
#   39|   E_INSTALL_FAILED=14
#   40|-> E_MISSING_MAKEPKG_DEPS=15
#   41|   E_PRETTY_BAD_PRIVACY=16
#   42|   E_NOT_A_CLONE_OF=17

Error: SHELLCHECK_WARNING (CWE-563): [#def322]
/usr/share/makepkg/util/error.sh:41:1: warning[SC2034]: E_PRETTY_BAD_PRIVACY appears unused. Verify use (or export if used externally).
#   39|   E_INSTALL_FAILED=14
#   40|   E_MISSING_MAKEPKG_DEPS=15
#   41|-> E_PRETTY_BAD_PRIVACY=16
#   42|   E_NOT_A_CLONE_OF=17

Error: SHELLCHECK_WARNING (CWE-563): [#def323]
/usr/share/makepkg/util/error.sh:42:1: warning[SC2034]: E_NOT_A_CLONE_OF appears unused. Verify use (or export if used externally).
#   40|   E_MISSING_MAKEPKG_DEPS=15
#   41|   E_PRETTY_BAD_PRIVACY=16
#   42|-> E_NOT_A_CLONE_OF=17

Error: SHELLCHECK_WARNING (CWE-457): [#def324]
/usr/share/makepkg/util/option.sh:85:40: warning[SC2154]: options is referenced but not assigned (did you mean 'option'?).
#   83|   ##
#   84|   check_option() {
#   85|-> 	check_opt_array "$@" "${OPTIONS[@]}" "${options[@]}"
#   86|   }
#   87|   

Error: SHELLCHECK_WARNING (CWE-480): [#def325]
/usr/share/makepkg/util/parseopts.sh:46:12: warning[SC1007]: Remove space after = if trying to assign a value (for empty string, use var='' ... ).
#   44|   #   1: parse failure (error message supplied)
#   45|   parseopts() {
#   46|-> 	local opt= optarg= i= shortopts=$1
#   47|   	local -a longopts=() unused_argv=()
#   48|   

Error: SHELLCHECK_WARNING (CWE-480): [#def326]
/usr/share/makepkg/util/parseopts.sh:46:20: warning[SC1007]: Remove space after = if trying to assign a value (for empty string, use var='' ... ).
#   44|   #   1: parse failure (error message supplied)
#   45|   parseopts() {
#   46|-> 	local opt= optarg= i= shortopts=$1
#   47|   	local -a longopts=() unused_argv=()
#   48|   

Error: SHELLCHECK_WARNING (CWE-480): [#def327]
/usr/share/makepkg/util/parseopts.sh:46:23: warning[SC1007]: Remove space after = if trying to assign a value (for empty string, use var='' ... ).
#   44|   #   1: parse failure (error message supplied)
#   45|   parseopts() {
#   46|-> 	local opt= optarg= i= shortopts=$1
#   47|   	local -a longopts=() unused_argv=()
#   48|   

Error: SHELLCHECK_WARNING (CWE-670): [#def328]
/usr/share/makepkg/util/parseopts.sh:70:10: warning[SC2128]: Expanding an array without an index only gives the first element.
#   68|   				# success, override with opt and return arg req (0 == none, 1 == required, 2 == optional)
#   69|   				opt=${longmatch%[:?]}
#   70|-> 				case $longmatch in
#   71|   					*:)  return 1 ;;
#   72|   					*\?) return 2 ;;

Error: SHELLCHECK_WARNING (CWE-398): [#def329]
/usr/share/makepkg/util/pkgbuild.sh:52:24: error[SC1087]: Use braces when expanding arrays, e.g. ${array[idx]} (or ${var}[.. to quiet).
#   50|   	# for associative arrays, sparse arrays, and empty strings as elements.
#   51|   	for i in "${keys[@]}"; do
#   52|-> 		values+=("printf -v '$dest[$i]' %s \"\${$src[$i]}\";")
#   53|   	done
#   54|   

Error: SHELLCHECK_WARNING (CWE-398): [#def330]
/usr/share/makepkg/util/pkgbuild.sh:52:43: error[SC1087]: Use braces when expanding arrays, e.g. ${array[idx]} (or ${var}[.. to quiet).
#   50|   	# for associative arrays, sparse arrays, and empty strings as elements.
#   51|   	for i in "${keys[@]}"; do
#   52|-> 		values+=("printf -v '$dest[$i]' %s \"\${$src[$i]}\";")
#   53|   	done
#   54|   

Error: SHELLCHECK_WARNING (CWE-480): [#def331]
/usr/share/makepkg/util/pkgbuild.sh:79:63: warning[SC1007]: Remove space after = if trying to assign a value (for empty string, use var='' ... ).
#   77|   	# $4: name of output var
#   78|   
#   79|-> 	local funcname=$1 attr=$2 isarray=$3 outputvar=$4 attr_regex= decl= r=1
#   80|   
#   81|   	if (( isarray )); then

Error: SHELLCHECK_WARNING (CWE-480): [#def332]
/usr/share/makepkg/util/pkgbuild.sh:79:69: warning[SC1007]: Remove space after = if trying to assign a value (for empty string, use var='' ... ).
#   77|   	# $4: name of output var
#   78|   
#   79|-> 	local funcname=$1 attr=$2 isarray=$3 outputvar=$4 attr_regex= decl= r=1
#   80|   
#   81|   	if (( isarray )); then

Error: SHELLCHECK_WARNING (CWE-571): [#def333]
/usr/share/makepkg/util/pkgbuild.sh:88:8: warning[SC2155]: Declare and assign separately to avoid masking return values.
#   86|   
#   87|   	# this function requires extglob - save current status to restore later
#   88|-> 	local shellopts=$(shopt -p extglob)
#   89|   	shopt -s extglob
#   90|   

Error: SHELLCHECK_WARNING (CWE-563): [#def334]
/usr/share/makepkg/util/pkgbuild.sh:109:28: warning[SC2034]: out appears unused. Verify use (or export if used externally).
#  107|   	# $2: variable name
#  108|   
#  109|-> 	local funcname=$1 attr=$2 out
#  110|   	extract_function_variable "$funcname" "$attr" 0 out ||
#  111|   		extract_function_variable "$funcname" "$attr" 1 out

Error: SHELLCHECK_WARNING (CWE-457): [#def335]
/usr/share/makepkg/util/pkgbuild.sh:142:12: warning[SC2154]: arch is referenced but not assigned.
#  140|   		all_list+=("${list[@]}")
#  141|   	fi
#  142|-> 	for a in "${arch[@]}"; do
#  143|   		if extract_global_variable "${attrname}_$a" 1 list; then
#  144|   			all_list+=("${list[@]}")

Error: SHELLCHECK_WARNING (CWE-457): [#def336]
/usr/share/makepkg/util/pkgbuild.sh:168:8: warning[SC2154]: epoch is referenced but not assigned.
#  166|   ##
#  167|   get_full_version() {
#  168|-> 	if (( epoch > 0 )); then
#  169|   		printf "%s\n" "$epoch:$pkgver-$pkgrel"
#  170|   	else

Error: SHELLCHECK_WARNING (CWE-457): [#def337]
/usr/share/makepkg/util/pkgbuild.sh:169:25: warning[SC2154]: pkgver is referenced but not assigned.
#  167|   get_full_version() {
#  168|   	if (( epoch > 0 )); then
#  169|-> 		printf "%s\n" "$epoch:$pkgver-$pkgrel"
#  170|   	else
#  171|   		printf "%s\n" "$pkgver-$pkgrel"

Error: SHELLCHECK_WARNING (CWE-457): [#def338]
/usr/share/makepkg/util/pkgbuild.sh:169:33: warning[SC2154]: pkgrel is referenced but not assigned.
#  167|   get_full_version() {
#  168|   	if (( epoch > 0 )); then
#  169|-> 		printf "%s\n" "$epoch:$pkgver-$pkgrel"
#  170|   	else
#  171|   		printf "%s\n" "$pkgver-$pkgrel"

Error: SHELLCHECK_WARNING (CWE-670): [#def339]
/usr/share/makepkg/util/pkgbuild.sh:190:9: warning[SC2128]: Expanding an array without an index only gives the first element.
#  188|   		get_pkgbuild_attribute "$1" arch 1 arch_override
#  189|   		(( ${#arch_override[@]} == 0 )) && arch_override=("${arch[@]}")
#  190|-> 		if [[ $arch_override = "any" ]]; then
#  191|   			printf "%s\n" "any"
#  192|   		else

Error: SHELLCHECK_WARNING (CWE-571): [#def340]
/usr/share/makepkg/util/pkgbuild.sh:199:8: warning[SC2155]: Declare and assign separately to avoid masking return values.
#  197|   
#  198|   print_all_package_names() {
#  199|-> 	local version=$(get_full_version)
#  200|   	local architecture pkg opts a
#  201|   	for pkg in ${pkgname[@]}; do

Error: SHELLCHECK_WARNING (CWE-563): [#def341]
/usr/share/makepkg/util/pkgbuild.sh:200:25: warning[SC2034]: opts appears unused. Verify use (or export if used externally).
#  198|   print_all_package_names() {
#  199|   	local version=$(get_full_version)
#  200|-> 	local architecture pkg opts a
#  201|   	for pkg in ${pkgname[@]}; do
#  202|   		architecture=$(get_pkg_arch $pkg)

Error: SHELLCHECK_WARNING (CWE-88): [#def342]
/usr/share/makepkg/util/pkgbuild.sh:201:13: error[SC2068]: Double quote array expansions to avoid re-splitting elements.
#  199|   	local version=$(get_full_version)
#  200|   	local architecture pkg opts a
#  201|-> 	for pkg in ${pkgname[@]}; do
#  202|   		architecture=$(get_pkg_arch $pkg)
#  203|   		printf "%s/%s-%s-%s%s\n" "$PKGDEST" "$pkg" "$version" "$architecture" "$PKGEXT"

Error: SHELLCHECK_WARNING (CWE-457): [#def343]
/usr/share/makepkg/util/pkgbuild.sh:207:43: warning[SC2154]: pkgbase is referenced but not assigned.
#  205|   	if check_option "debug" "y" && check_option "strip" "y"; then
#  206|   		architecture=$(get_pkg_arch)
#  207|-> 		printf "%s/%s-%s-%s-%s%s\n" "$PKGDEST" "$pkgbase" "debug" "$version" "$architecture" "$PKGEXT"
#  208|   	fi
#  209|   }

Error: SHELLCHECK_WARNING (CWE-457): [#def344]
/usr/share/makepkg/util/pkgbuild.sh:245:16: warning[SC2154]: known_hash_algos is referenced but not assigned.
#  243|   	local integlist=()
#  244|   
#  245|-> 	for integ in "${known_hash_algos[@]}"; do
#  246|   		# check for e.g. "sha256sums"
#  247|   		local sumname="${integ}sums[@]"

Error: SHELLCHECK_WARNING (CWE-563): [#def345]
/usr/share/makepkg/util/schema.sh:47:30: warning[SC2034]: pkgbuild_schema_arrays appears unused. Verify use (or export if used externally).
#   45|                                      backup options install changelog)
#   46|   
#   47|-> readonly -a known_hash_algos pkgbuild_schema_arrays \
#   48|   	pkgbuild_schema_strings pkgbuild_schema_arch_arrays \
#   49|   	pkgbuild_schema_package_overrides

Error: SHELLCHECK_WARNING (CWE-563): [#def346]
/usr/share/makepkg/util/schema.sh:48:2: warning[SC2034]: pkgbuild_schema_strings appears unused. Verify use (or export if used externally).
#   46|   
#   47|   readonly -a known_hash_algos pkgbuild_schema_arrays \
#   48|-> 	pkgbuild_schema_strings pkgbuild_schema_arch_arrays \
#   49|   	pkgbuild_schema_package_overrides

Error: SHELLCHECK_WARNING (CWE-563): [#def347]
/usr/share/makepkg/util/schema.sh:48:26: warning[SC2034]: pkgbuild_schema_arch_arrays appears unused. Verify use (or export if used externally).
#   46|   
#   47|   readonly -a known_hash_algos pkgbuild_schema_arrays \
#   48|-> 	pkgbuild_schema_strings pkgbuild_schema_arch_arrays \
#   49|   	pkgbuild_schema_package_overrides

Error: SHELLCHECK_WARNING (CWE-563): [#def348]
/usr/share/makepkg/util/schema.sh:49:2: warning[SC2034]: pkgbuild_schema_package_overrides appears unused. Verify use (or export if used externally).
#   47|   readonly -a known_hash_algos pkgbuild_schema_arrays \
#   48|   	pkgbuild_schema_strings pkgbuild_schema_arch_arrays \
#   49|-> 	pkgbuild_schema_package_overrides

Error: SHELLCHECK_WARNING (CWE-571): [#def349]
/usr/share/makepkg/util/source.sh:65:8: warning[SC2155]: Declare and assign separately to avoid masking return values.
#   63|   	fi
#   64|   
#   65|-> 	local proto=$(get_protocol "$netfile")
#   66|   
#   67|   	case $proto in

Error: SHELLCHECK_WARNING (CWE-571): [#def350]
/usr/share/makepkg/util/source.sh:93:8: warning[SC2155]: Declare and assign separately to avoid masking return values.
#   91|   # Return the absolute filename of a source entry
#   92|   get_filepath() {
#   93|-> 	local file="$(get_filename "$1")"
#   94|   	local proto="$(get_protocol "$1")"
#   95|   

Error: SHELLCHECK_WARNING (CWE-571): [#def351]
/usr/share/makepkg/util/source.sh:94:8: warning[SC2155]: Declare and assign separately to avoid masking return values.
#   92|   get_filepath() {
#   93|   	local file="$(get_filename "$1")"
#   94|-> 	local proto="$(get_protocol "$1")"
#   95|   
#   96|   	case $proto in

Error: SHELLCHECK_WARNING (CWE-457): [#def352]
/usr/share/makepkg/util/source.sh:98:14: warning[SC2154]: startdir is referenced but not assigned.
#   96|   	case $proto in
#   97|   		bzr|git|hg|svn)
#   98|-> 			if [[ -d "$startdir/$file" ]]; then
#   99|   				file="$startdir/$file"
#  100|   			elif [[ -d "$SRCDEST/$file" ]]; then

Error: SHELLCHECK_WARNING (CWE-563): [#def353]
/usr/share/makepkg/util/util.sh:46:8: warning[SC2034]: v appears unused. Verify use (or export if used externally).
#   44|   # tests if a variable is an array
#   45|   is_array() {
#   46|-> 	local v=$1
#   47|   	local ret=1
#   48|   

Error: SHELLCHECK_WARNING (CWE-571): [#def354]
/usr/share/makepkg/util/util.sh:105:8: warning[SC2155]: Declare and assign separately to avoid masking return values.
#  103|   # source a file and fail if it does not succeed
#  104|   source_safe() {
#  105|-> 	local shellopts=$(shopt -p extglob)
#  106|   	shopt -u extglob
#  107|   

Error: GCC_ANALYZER_WARNING (CWE-775): [#def355]
pacman-v7.0.0/lib/libalpm/add.c:510:17: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘<unknown>’
pacman-v7.0.0/lib/libalpm/add.c:432:9: branch_false: following ‘false’ branch (when ‘trans’ is non-NULL)...
pacman-v7.0.0/lib/libalpm/add.c:435:42: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/add.c:461:9: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/add.c:463:9: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/add.c:483:11: branch_false: following ‘false’ branch (when ‘oldpkg’ is NULL)...
pacman-v7.0.0/lib/libalpm/add.c:493:12: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/add.c:493:11: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/add.c:501:14: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/add.c:503:11: branch_false: following ‘false’ branch...
 branch_false: ...to here
pacman-v7.0.0/lib/libalpm/add.c:508:9: acquire_resource: opened here
pacman-v7.0.0/lib/libalpm/add.c:509:11: branch_true: following ‘true’ branch...
pacman-v7.0.0/lib/libalpm/add.c:510:51: branch_true: ...to here
pacman-v7.0.0/lib/libalpm/add.c:510:17: danger: ‘<unknown>’ leaks here; was opened at [(11)](sarif:/runs/0/results/3/codeFlows/0/threadFlows/0/locations/10)
#  508|   	OPEN(cwdfd, ".", O_RDONLY | O_CLOEXEC);
#  509|   	if(cwdfd < 0) {
#  510|-> 		_alpm_log(handle, ALPM_LOG_ERROR, _("could not get current working directory\n"));
#  511|   	}
#  512|   

Error: GCC_ANALYZER_WARNING (CWE-775): [#def356]
pacman-v7.0.0/lib/libalpm/add.c:515:17: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘<unknown>’
pacman-v7.0.0/lib/libalpm/add.c:432:9: branch_false: following ‘false’ branch (when ‘trans’ is non-NULL)...
pacman-v7.0.0/lib/libalpm/add.c:435:42: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/add.c:461:9: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/add.c:463:9: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/add.c:483:11: branch_false: following ‘false’ branch (when ‘oldpkg’ is NULL)...
pacman-v7.0.0/lib/libalpm/add.c:493:12: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/add.c:493:11: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/add.c:501:14: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/add.c:503:11: branch_false: following ‘false’ branch...
 branch_false: ...to here
pacman-v7.0.0/lib/libalpm/add.c:508:9: acquire_resource: opened here
pacman-v7.0.0/lib/libalpm/add.c:514:11: branch_true: following ‘true’ branch...
pacman-v7.0.0/lib/libalpm/add.c:516:56: branch_true: ...to here
pacman-v7.0.0/lib/libalpm/add.c:515:17: danger: ‘<unknown>’ leaks here; was opened at [(11)](sarif:/runs/0/results/4/codeFlows/0/threadFlows/0/locations/10)
#  513|   	/* libarchive requires this for extracting hard links */
#  514|   	if(chdir(handle->root) != 0) {
#  515|-> 		_alpm_log(handle, ALPM_LOG_ERROR, _("could not change directory to %s (%s)\n"),
#  516|   				handle->root, strerror(errno));
#  517|   		_alpm_archive_read_free(archive);

Error: GCC_ANALYZER_WARNING (CWE-775): [#def357]
pacman-v7.0.0/lib/libalpm/add.c:518:19: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘<unknown>’
pacman-v7.0.0/lib/libalpm/add.c:432:9: branch_false: following ‘false’ branch (when ‘trans’ is non-NULL)...
pacman-v7.0.0/lib/libalpm/add.c:435:42: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/add.c:461:9: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/add.c:463:9: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/add.c:483:11: branch_false: following ‘false’ branch (when ‘oldpkg’ is NULL)...
pacman-v7.0.0/lib/libalpm/add.c:493:12: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/add.c:493:11: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/add.c:501:14: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/add.c:503:11: branch_false: following ‘false’ branch...
 branch_false: ...to here
pacman-v7.0.0/lib/libalpm/add.c:508:9: acquire_resource: opened here
pacman-v7.0.0/lib/libalpm/add.c:514:11: branch_true: following ‘true’ branch...
pacman-v7.0.0/lib/libalpm/add.c:516:56: branch_true: ...to here
pacman-v7.0.0/lib/libalpm/add.c:518:19: danger: ‘<unknown>’ leaks here; was opened at [(11)](sarif:/runs/0/results/5/codeFlows/0/threadFlows/0/locations/10)
#  516|   				handle->root, strerror(errno));
#  517|   		_alpm_archive_read_free(archive);
#  518|-> 		if(cwdfd >= 0) {
#  519|   			close(cwdfd);
#  520|   		}

Error: GCC_ANALYZER_WARNING (CWE-775): [#def358]
pacman-v7.0.0/lib/libalpm/add.c:519:25: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘<unknown>’
pacman-v7.0.0/lib/libalpm/add.c:432:9: branch_false: following ‘false’ branch (when ‘trans’ is non-NULL)...
pacman-v7.0.0/lib/libalpm/add.c:435:42: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/add.c:461:9: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/add.c:463:9: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/add.c:483:11: branch_false: following ‘false’ branch (when ‘oldpkg’ is NULL)...
pacman-v7.0.0/lib/libalpm/add.c:493:12: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/add.c:493:11: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/add.c:501:14: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/add.c:503:11: branch_false: following ‘false’ branch...
 branch_false: ...to here
pacman-v7.0.0/lib/libalpm/add.c:508:9: acquire_resource: opened here
pacman-v7.0.0/lib/libalpm/add.c:514:11: branch_true: following ‘true’ branch...
pacman-v7.0.0/lib/libalpm/add.c:516:56: branch_true: ...to here
pacman-v7.0.0/lib/libalpm/add.c:518:19: branch_true: following ‘true’ branch...
pacman-v7.0.0/lib/libalpm/add.c:519:25: branch_true: ...to here
pacman-v7.0.0/lib/libalpm/add.c:519:25: danger: ‘<unknown>’ leaks here; was opened at [(11)](sarif:/runs/0/results/6/codeFlows/0/threadFlows/0/locations/10)
#  517|   		_alpm_archive_read_free(archive);
#  518|   		if(cwdfd >= 0) {
#  519|-> 			close(cwdfd);
#  520|   		}
#  521|   		close(fd);

Error: GCC_ANALYZER_WARNING (CWE-775): [#def359]
pacman-v7.0.0/lib/libalpm/add.c:526:17: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘<unknown>’
pacman-v7.0.0/lib/libalpm/add.c:432:9: branch_false: following ‘false’ branch (when ‘trans’ is non-NULL)...
pacman-v7.0.0/lib/libalpm/add.c:435:42: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/add.c:461:9: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/add.c:463:9: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/add.c:483:11: branch_false: following ‘false’ branch (when ‘oldpkg’ is NULL)...
pacman-v7.0.0/lib/libalpm/add.c:493:12: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/add.c:493:11: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/add.c:501:14: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/add.c:503:11: branch_false: following ‘false’ branch...
 branch_false: ...to here
pacman-v7.0.0/lib/libalpm/add.c:508:9: acquire_resource: opened here
pacman-v7.0.0/lib/libalpm/add.c:514:11: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/add.c:525:12: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/add.c:525:11: branch_true: following ‘true’ branch...
pacman-v7.0.0/lib/libalpm/add.c:526:17: branch_true: ...to here
pacman-v7.0.0/lib/libalpm/add.c:526:17: danger: ‘<unknown>’ leaks here; was opened at [(11)](sarif:/runs/0/results/7/codeFlows/0/threadFlows/0/locations/10)
#  524|   
#  525|   	if(trans->flags & ALPM_TRANS_FLAG_DBONLY) {
#  526|-> 		_alpm_log(handle, ALPM_LOG_DEBUG, "extracting db files\n");
#  527|   		while(archive_read_next_header(archive, &entry) == ARCHIVE_OK) {
#  528|   			const char *entryname = archive_entry_pathname(entry);

Error: GCC_ANALYZER_WARNING (CWE-775): [#def360]
pacman-v7.0.0/lib/libalpm/add.c:527:23: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘<unknown>’
pacman-v7.0.0/lib/libalpm/add.c:432:9: branch_false: following ‘false’ branch (when ‘trans’ is non-NULL)...
pacman-v7.0.0/lib/libalpm/add.c:435:42: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/add.c:461:9: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/add.c:463:9: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/add.c:483:11: branch_false: following ‘false’ branch (when ‘oldpkg’ is NULL)...
pacman-v7.0.0/lib/libalpm/add.c:493:12: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/add.c:493:11: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/add.c:501:14: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/add.c:503:11: branch_false: following ‘false’ branch...
 branch_false: ...to here
pacman-v7.0.0/lib/libalpm/add.c:508:9: acquire_resource: opened here
pacman-v7.0.0/lib/libalpm/add.c:514:11: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/add.c:525:12: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/add.c:525:11: branch_true: following ‘true’ branch...
pacman-v7.0.0/lib/libalpm/add.c:526:17: branch_true: ...to here
pacman-v7.0.0/lib/libalpm/add.c:527:23: danger: ‘<unknown>’ leaks here; was opened at [(11)](sarif:/runs/0/results/8/codeFlows/0/threadFlows/0/locations/10)
#  525|   	if(trans->flags & ALPM_TRANS_FLAG_DBONLY) {
#  526|   		_alpm_log(handle, ALPM_LOG_DEBUG, "extracting db files\n");
#  527|-> 		while(archive_read_next_header(archive, &entry) == ARCHIVE_OK) {
#  528|   			const char *entryname = archive_entry_pathname(entry);
#  529|   			if(entryname[0] == '.') {

Error: GCC_ANALYZER_WARNING (CWE-775): [#def361]
pacman-v7.0.0/lib/libalpm/add.c:528:49: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘<unknown>’
pacman-v7.0.0/lib/libalpm/add.c:432:9: branch_false: following ‘false’ branch (when ‘trans’ is non-NULL)...
pacman-v7.0.0/lib/libalpm/add.c:435:42: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/add.c:461:9: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/add.c:463:9: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/add.c:483:11: branch_false: following ‘false’ branch (when ‘oldpkg’ is NULL)...
pacman-v7.0.0/lib/libalpm/add.c:493:12: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/add.c:493:11: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/add.c:501:14: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/add.c:503:11: branch_false: following ‘false’ branch...
 branch_false: ...to here
pacman-v7.0.0/lib/libalpm/add.c:508:9: acquire_resource: opened here
pacman-v7.0.0/lib/libalpm/add.c:514:11: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/add.c:525:12: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/add.c:525:11: branch_true: following ‘true’ branch...
pacman-v7.0.0/lib/libalpm/add.c:526:17: branch_true: ...to here
pacman-v7.0.0/lib/libalpm/add.c:527:23: branch_true: following ‘true’ branch...
pacman-v7.0.0/lib/libalpm/add.c:528:49: branch_true: ...to here
pacman-v7.0.0/lib/libalpm/add.c:528:49: danger: ‘<unknown>’ leaks here; was opened at [(11)](sarif:/runs/0/results/9/codeFlows/0/threadFlows/0/locations/10)
#  526|   		_alpm_log(handle, ALPM_LOG_DEBUG, "extracting db files\n");
#  527|   		while(archive_read_next_header(archive, &entry) == ARCHIVE_OK) {
#  528|-> 			const char *entryname = archive_entry_pathname(entry);
#  529|   			if(entryname[0] == '.') {
#  530|   				errors += extract_db_file(handle, archive, entry, newpkg, entryname);

Error: GCC_ANALYZER_WARNING (CWE-775): [#def362]
pacman-v7.0.0/lib/libalpm/add.c:532:33: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘<unknown>’
pacman-v7.0.0/lib/libalpm/add.c:432:9: branch_false: following ‘false’ branch (when ‘trans’ is non-NULL)...
pacman-v7.0.0/lib/libalpm/add.c:435:42: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/add.c:461:9: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/add.c:463:9: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/add.c:483:11: branch_false: following ‘false’ branch (when ‘oldpkg’ is NULL)...
pacman-v7.0.0/lib/libalpm/add.c:493:12: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/add.c:493:11: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/add.c:501:14: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/add.c:503:11: branch_false: following ‘false’ branch...
 branch_false: ...to here
pacman-v7.0.0/lib/libalpm/add.c:508:9: acquire_resource: opened here
pacman-v7.0.0/lib/libalpm/add.c:514:11: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/add.c:525:12: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/add.c:525:11: branch_true: following ‘true’ branch...
pacman-v7.0.0/lib/libalpm/add.c:526:17: branch_true: ...to here
pacman-v7.0.0/lib/libalpm/add.c:527:23: branch_true: following ‘true’ branch...
pacman-v7.0.0/lib/libalpm/add.c:528:49: branch_true: ...to here
pacman-v7.0.0/lib/libalpm/add.c:529:27: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/add.c:532:33: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/add.c:532:33: danger: ‘<unknown>’ leaks here; was opened at [(11)](sarif:/runs/0/results/10/codeFlows/0/threadFlows/0/locations/10)
#  530|   				errors += extract_db_file(handle, archive, entry, newpkg, entryname);
#  531|   			} else {
#  532|-> 				archive_read_data_skip(archive);
#  533|   			}
#  534|   		}

Error: GCC_ANALYZER_WARNING (CWE-775): [#def363]
pacman-v7.0.0/lib/libalpm/add.c:536:17: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘<unknown>’
pacman-v7.0.0/lib/libalpm/add.c:432:9: branch_false: following ‘false’ branch (when ‘trans’ is non-NULL)...
pacman-v7.0.0/lib/libalpm/add.c:435:42: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/add.c:461:9: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/add.c:463:9: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/add.c:483:11: branch_false: following ‘false’ branch (when ‘oldpkg’ is NULL)...
pacman-v7.0.0/lib/libalpm/add.c:493:12: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/add.c:493:11: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/add.c:501:14: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/add.c:503:11: branch_false: following ‘false’ branch...
 branch_false: ...to here
pacman-v7.0.0/lib/libalpm/add.c:508:9: acquire_resource: opened here
pacman-v7.0.0/lib/libalpm/add.c:514:11: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/add.c:525:12: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/add.c:525:11: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/add.c:536:17: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/add.c:536:17: danger: ‘<unknown>’ leaks here; was opened at [(11)](sarif:/runs/0/results/11/codeFlows/0/threadFlows/0/locations/10)
#  534|   		}
#  535|   	} else {
#  536|-> 		_alpm_log(handle, ALPM_LOG_DEBUG, "extracting files\n");
#  537|   
#  538|   		/* call PROGRESS once with 0 percent, as we sort-of skip that here */

Error: GCC_ANALYZER_WARNING (CWE-775): [#def364]
pacman-v7.0.0/lib/libalpm/add.c:539:17: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘<unknown>’
pacman-v7.0.0/lib/libalpm/add.c:432:9: branch_false: following ‘false’ branch (when ‘trans’ is non-NULL)...
pacman-v7.0.0/lib/libalpm/add.c:435:42: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/add.c:461:9: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/add.c:463:9: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/add.c:483:11: branch_false: following ‘false’ branch (when ‘oldpkg’ is NULL)...
pacman-v7.0.0/lib/libalpm/add.c:493:12: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/add.c:493:11: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/add.c:501:14: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/add.c:503:11: branch_false: following ‘false’ branch...
 branch_false: ...to here
pacman-v7.0.0/lib/libalpm/add.c:508:9: acquire_resource: opened here
pacman-v7.0.0/lib/libalpm/add.c:514:11: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/add.c:525:12: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/add.c:525:11: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/add.c:536:17: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/add.c:539:17: branch_true: following ‘true’ branch...
pacman-v7.0.0/lib/libalpm/add.c:539:17: branch_true: ...to here
pacman-v7.0.0/lib/libalpm/add.c:539:17: danger: ‘<unknown>’ leaks here; was opened at [(11)](sarif:/runs/0/results/12/codeFlows/0/threadFlows/0/locations/10)
#  537|   
#  538|   		/* call PROGRESS once with 0 percent, as we sort-of skip that here */
#  539|-> 		PROGRESS(handle, progress, newpkg->name, 0, pkg_count, pkg_current);
#  540|   
#  541|   		while(archive_read_next_header(archive, &entry) == ARCHIVE_OK) {

Error: GCC_ANALYZER_WARNING (CWE-775): [#def365]
pacman-v7.0.0/lib/libalpm/add.c:541:23: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘<unknown>’
pacman-v7.0.0/lib/libalpm/add.c:432:9: branch_false: following ‘false’ branch (when ‘trans’ is non-NULL)...
pacman-v7.0.0/lib/libalpm/add.c:435:42: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/add.c:461:9: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/add.c:463:9: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/add.c:483:11: branch_false: following ‘false’ branch (when ‘oldpkg’ is NULL)...
pacman-v7.0.0/lib/libalpm/add.c:493:12: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/add.c:493:11: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/add.c:501:14: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/add.c:503:11: branch_false: following ‘false’ branch...
 branch_false: ...to here
pacman-v7.0.0/lib/libalpm/add.c:508:9: acquire_resource: opened here
pacman-v7.0.0/lib/libalpm/add.c:514:11: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/add.c:525:12: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/add.c:525:11: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/add.c:536:17: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/add.c:541:23: danger: ‘<unknown>’ leaks here; was opened at [(11)](sarif:/runs/0/results/13/codeFlows/0/threadFlows/0/locations/10)
#  539|   		PROGRESS(handle, progress, newpkg->name, 0, pkg_count, pkg_current);
#  540|   
#  541|-> 		while(archive_read_next_header(archive, &entry) == ARCHIVE_OK) {
#  542|   			int percent;
#  543|   

Error: GCC_ANALYZER_WARNING (CWE-775): [#def366]
pacman-v7.0.0/lib/libalpm/add.c:557:25: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘<unknown>’
pacman-v7.0.0/lib/libalpm/add.c:432:9: branch_false: following ‘false’ branch (when ‘trans’ is non-NULL)...
pacman-v7.0.0/lib/libalpm/add.c:435:42: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/add.c:461:9: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/add.c:463:9: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/add.c:483:11: branch_false: following ‘false’ branch (when ‘oldpkg’ is NULL)...
pacman-v7.0.0/lib/libalpm/add.c:493:12: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/add.c:493:11: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/add.c:501:14: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/add.c:503:11: branch_false: following ‘false’ branch...
 branch_false: ...to here
pacman-v7.0.0/lib/libalpm/add.c:508:9: acquire_resource: opened here
pacman-v7.0.0/lib/libalpm/add.c:514:11: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/add.c:525:12: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/add.c:525:11: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/add.c:536:17: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/add.c:541:23: branch_true: following ‘true’ branch...
pacman-v7.0.0/lib/libalpm/add.c:544:28: branch_true: ...to here
pacman-v7.0.0/lib/libalpm/add.c:557:25: branch_true: following ‘true’ branch...
pacman-v7.0.0/lib/libalpm/add.c:557:25: branch_true: ...to here
pacman-v7.0.0/lib/libalpm/add.c:557:25: danger: ‘<unknown>’ leaks here; was opened at [(11)](sarif:/runs/0/results/14/codeFlows/0/threadFlows/0/locations/10)
#  555|   			}
#  556|   
#  557|-> 			PROGRESS(handle, progress, newpkg->name, percent, pkg_count, pkg_current);
#  558|   
#  559|   			/* extract the next file from the archive */

Error: GCC_ANALYZER_WARNING (CWE-775): [#def367]
pacman-v7.0.0/lib/libalpm/add.c:565:9: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘<unknown>’
pacman-v7.0.0/lib/libalpm/add.c:655:5: enter_function: entry to ‘_alpm_upgrade_packages’
pacman-v7.0.0/lib/libalpm/add.c:662:11: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/add.c:666:21: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/add.c:670:32: branch_true: following ‘true’ branch (when ‘targ’ is non-NULL)...
pacman-v7.0.0/lib/libalpm/add.c:671:29: branch_true: ...to here
pacman-v7.0.0/lib/libalpm/add.c:673:19: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/add.c:677:20: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/add.c:677:20: call_function: calling ‘commit_single_pkg’ from ‘_alpm_upgrade_packages’
#  563|   
#  564|   	_alpm_archive_read_free(archive);
#  565|-> 	close(fd);
#  566|   
#  567|   	/* restore the old cwd if we have it */

Error: GCC_ANALYZER_WARNING (CWE-775): [#def368]
pacman-v7.0.0/lib/libalpm/add.c:568:11: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘<unknown>’
pacman-v7.0.0/lib/libalpm/add.c:655:5: enter_function: entry to ‘_alpm_upgrade_packages’
pacman-v7.0.0/lib/libalpm/add.c:662:11: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/add.c:666:21: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/add.c:670:32: branch_true: following ‘true’ branch (when ‘targ’ is non-NULL)...
pacman-v7.0.0/lib/libalpm/add.c:671:29: branch_true: ...to here
pacman-v7.0.0/lib/libalpm/add.c:673:19: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/add.c:677:20: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/add.c:677:20: call_function: calling ‘commit_single_pkg’ from ‘_alpm_upgrade_packages’
#  566|   
#  567|   	/* restore the old cwd if we have it */
#  568|-> 	if(cwdfd >= 0) {
#  569|   		if(fchdir(cwdfd) != 0) {
#  570|   			_alpm_log(handle, ALPM_LOG_ERROR,

Error: GCC_ANALYZER_WARNING (CWE-476): [#def369]
pacman-v7.0.0/lib/libalpm/add.c:622:25: warning[-Wanalyzer-null-dereference]: dereference of NULL ‘oldpkg’
pacman-v7.0.0/lib/libalpm/add.c:655:5: enter_function: entry to ‘_alpm_upgrade_packages’
pacman-v7.0.0/lib/libalpm/add.c:662:11: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/add.c:666:21: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/add.c:670:32: branch_true: following ‘true’ branch (when ‘targ’ is non-NULL)...
pacman-v7.0.0/lib/libalpm/add.c:671:29: branch_true: ...to here
pacman-v7.0.0/lib/libalpm/add.c:673:19: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/add.c:677:20: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/add.c:677:20: call_function: calling ‘commit_single_pkg’ from ‘_alpm_upgrade_packages’
#  620|   			break;
#  621|   		case ALPM_PACKAGE_DOWNGRADE:
#  622|-> 			alpm_logaction(handle, ALPM_CALLER_PREFIX, "downgraded %s (%s -> %s)\n",
#  623|   					newpkg->name, oldpkg->version, newpkg->version);
#  624|   			break;

Error: GCC_ANALYZER_WARNING (CWE-476): [#def370]
pacman-v7.0.0/lib/libalpm/add.c:630:25: warning[-Wanalyzer-null-dereference]: dereference of NULL ‘oldpkg’
pacman-v7.0.0/lib/libalpm/add.c:655:5: enter_function: entry to ‘_alpm_upgrade_packages’
pacman-v7.0.0/lib/libalpm/add.c:662:11: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/add.c:666:21: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/add.c:670:32: branch_true: following ‘true’ branch (when ‘targ’ is non-NULL)...
pacman-v7.0.0/lib/libalpm/add.c:671:29: branch_true: ...to here
pacman-v7.0.0/lib/libalpm/add.c:673:19: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/add.c:677:20: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/add.c:677:20: call_function: calling ‘commit_single_pkg’ from ‘_alpm_upgrade_packages’
#  628|   			break;
#  629|   		case ALPM_PACKAGE_UPGRADE:
#  630|-> 			alpm_logaction(handle, ALPM_CALLER_PREFIX, "upgraded %s (%s -> %s)\n",
#  631|   					newpkg->name, oldpkg->version, newpkg->version);
#  632|   			break;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def371]
pacman-v7.0.0/lib/libalpm/alpm_list.c:188:12: warning[-Wanalyzer-malloc-leak]: leak of ‘right’
pacman-v7.0.0/lib/libalpm/alpm_list.c:613:24: enter_function: entry to ‘alpm_list_diff’
pacman-v7.0.0/lib/libalpm/alpm_list.c:619:16: call_function: calling ‘alpm_list_copy’ from ‘alpm_list_diff’
pacman-v7.0.0/lib/libalpm/alpm_list.c:619:16: return_function: returning to ‘alpm_list_diff’ from ‘alpm_list_copy’
pacman-v7.0.0/lib/libalpm/alpm_list.c:620:16: call_function: calling ‘alpm_list_count’ from ‘alpm_list_diff’
pacman-v7.0.0/lib/libalpm/alpm_list.c:620:16: return_function: returning to ‘alpm_list_diff’ from ‘alpm_list_count’
pacman-v7.0.0/lib/libalpm/alpm_list.c:620:16: call_function: calling ‘alpm_list_msort’ from ‘alpm_list_diff’
#  186|   	right_tail_ptr = right->prev;
#  187|   
#  188|-> 	if(fn(left->data, right->data) <= 0) {
#  189|   		newlist = left;
#  190|   		left = left->next;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def372]
pacman-v7.0.0/lib/libalpm/alpm_list.c:621:17: warning[-Wanalyzer-malloc-leak]: leak of ‘alpm_list_copy(lhs)’
pacman-v7.0.0/lib/libalpm/alpm_list.c:613:24: enter_function: entry to ‘alpm_list_diff’
pacman-v7.0.0/lib/libalpm/alpm_list.c:619:16: call_function: calling ‘alpm_list_copy’ from ‘alpm_list_diff’
pacman-v7.0.0/lib/libalpm/alpm_list.c:619:16: return_function: returning to ‘alpm_list_diff’ from ‘alpm_list_copy’
pacman-v7.0.0/lib/libalpm/alpm_list.c:620:16: call_function: calling ‘alpm_list_count’ from ‘alpm_list_diff’
pacman-v7.0.0/lib/libalpm/alpm_list.c:620:16: return_function: returning to ‘alpm_list_diff’ from ‘alpm_list_count’
pacman-v7.0.0/lib/libalpm/alpm_list.c:620:16: call_function: calling ‘alpm_list_msort’ from ‘alpm_list_diff’
#  619|   	left = alpm_list_copy(lhs);
#  620|   	left = alpm_list_msort(left, alpm_list_count(left), fn);
#  621|-> 	right = alpm_list_copy(rhs);
#  622|   	right = alpm_list_msort(right, alpm_list_count(right), fn);
#  623|   

Error: GCC_ANALYZER_WARNING (CWE-401): [#def373]
pacman-v7.0.0/lib/libalpm/alpm_list.c:624:9: warning[-Wanalyzer-malloc-leak]: leak of ‘alpm_list_copy(rhs)’
pacman-v7.0.0/lib/libalpm/alpm_list.c:613:24: enter_function: entry to ‘alpm_list_diff’
pacman-v7.0.0/lib/libalpm/alpm_list.c:619:16: call_function: calling ‘alpm_list_copy’ from ‘alpm_list_diff’
pacman-v7.0.0/lib/libalpm/alpm_list.c:619:16: return_function: returning to ‘alpm_list_diff’ from ‘alpm_list_copy’
pacman-v7.0.0/lib/libalpm/alpm_list.c:620:16: call_function: calling ‘alpm_list_count’ from ‘alpm_list_diff’
pacman-v7.0.0/lib/libalpm/alpm_list.c:620:16: return_function: returning to ‘alpm_list_diff’ from ‘alpm_list_count’
pacman-v7.0.0/lib/libalpm/alpm_list.c:620:16: call_function: calling ‘alpm_list_msort’ from ‘alpm_list_diff’
pacman-v7.0.0/lib/libalpm/alpm_list.c:620:16: return_function: returning to ‘alpm_list_diff’ from ‘alpm_list_msort’
pacman-v7.0.0/lib/libalpm/alpm_list.c:621:17: call_function: calling ‘alpm_list_copy’ from ‘alpm_list_diff’
pacman-v7.0.0/lib/libalpm/alpm_list.c:621:17: return_function: returning to ‘alpm_list_diff’ from ‘alpm_list_copy’
pacman-v7.0.0/lib/libalpm/alpm_list.c:622:17: call_function: calling ‘alpm_list_count’ from ‘alpm_list_diff’
pacman-v7.0.0/lib/libalpm/alpm_list.c:622:17: return_function: returning to ‘alpm_list_diff’ from ‘alpm_list_count’
pacman-v7.0.0/lib/libalpm/alpm_list.c:622:17: call_function: calling ‘alpm_list_msort’ from ‘alpm_list_diff’
#  622|   	right = alpm_list_msort(right, alpm_list_count(right), fn);
#  623|   
#  624|-> 	alpm_list_diff_sorted(left, right, fn, &ret, NULL);
#  625|   
#  626|   	alpm_list_free(left);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def374]
pacman-v7.0.0/lib/libalpm/backup.c:50:9: warning[-Wanalyzer-malloc-leak]: leak of ‘str’
pacman-v7.0.0/lib/libalpm/backup.c:38:9: branch_true: following ‘true’ branch (when ‘string’ is non-NULL)...
pacman-v7.0.0/lib/libalpm/backup.c:38:9: branch_true: ...to here
pacman-v7.0.0/lib/libalpm/backup.c:38:9: acquire_memory: allocated here
pacman-v7.0.0/lib/libalpm/backup.c:38:9: branch_false: following ‘false’ branch (when ‘str’ is non-NULL)...
pacman-v7.0.0/lib/libalpm/backup.c:41:21: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/backup.c:42:11: branch_false: following ‘false’ branch (when ‘ptr’ is non-NULL)...
pacman-v7.0.0/lib/libalpm/backup.c:47:9: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/backup.c:50:9: branch_true: following ‘true’ branch...
pacman-v7.0.0/lib/libalpm/backup.c:50:9: branch_true: ...to here
pacman-v7.0.0/lib/libalpm/backup.c:50:9: danger: ‘str’ leaks here; was allocated at [(3)](sarif:/runs/0/results/0/codeFlows/0/threadFlows/0/locations/2)
#   48|   	ptr++;
#   49|   	/* now str points to the filename and ptr points to the hash */
#   50|-> 	STRDUP((*backup)->name, str, FREE(str); return -1);
#   51|   	STRDUP((*backup)->hash, ptr, FREE((*backup)->name); FREE(str); return -1);
#   52|   	FREE(str);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def375]
pacman-v7.0.0/lib/libalpm/backup.c:51:9: warning[-Wanalyzer-malloc-leak]: leak of ‘str’
pacman-v7.0.0/lib/libalpm/backup.c:38:9: branch_true: following ‘true’ branch (when ‘string’ is non-NULL)...
pacman-v7.0.0/lib/libalpm/backup.c:38:9: branch_true: ...to here
pacman-v7.0.0/lib/libalpm/backup.c:38:9: acquire_memory: allocated here
pacman-v7.0.0/lib/libalpm/backup.c:38:9: branch_false: following ‘false’ branch (when ‘str’ is non-NULL)...
pacman-v7.0.0/lib/libalpm/backup.c:41:21: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/backup.c:42:11: branch_false: following ‘false’ branch (when ‘ptr’ is non-NULL)...
pacman-v7.0.0/lib/libalpm/backup.c:47:9: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/backup.c:50:9: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/backup.c:51:9: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/backup.c:51:9: branch_true: following ‘true’ branch...
pacman-v7.0.0/lib/libalpm/backup.c:51:9: branch_true: ...to here
pacman-v7.0.0/lib/libalpm/backup.c:51:9: danger: ‘str’ leaks here; was allocated at [(3)](sarif:/runs/0/results/1/codeFlows/0/threadFlows/0/locations/2)
#   49|   	/* now str points to the filename and ptr points to the hash */
#   50|   	STRDUP((*backup)->name, str, FREE(str); return -1);
#   51|-> 	STRDUP((*backup)->hash, ptr, FREE((*backup)->name); FREE(str); return -1);
#   52|   	FREE(str);
#   53|   	return 0;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def376]
pacman-v7.0.0/lib/libalpm/backup.c:91:9: warning[-Wanalyzer-malloc-leak]: leak of ‘newbackup’
pacman-v7.0.0/lib/libalpm/backup.c:89:9: acquire_memory: allocated here
pacman-v7.0.0/lib/libalpm/backup.c:89:9: branch_false: following ‘false’ branch (when ‘newbackup’ is non-NULL)...
pacman-v7.0.0/lib/libalpm/backup.c:91:9: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/backup.c:91:9: branch_true: following ‘true’ branch...
pacman-v7.0.0/lib/libalpm/backup.c:91:9: danger: ‘newbackup’ leaks here; was allocated at [(1)](sarif:/runs/0/results/2/codeFlows/0/threadFlows/0/locations/0)
#   89|   	CALLOC(newbackup, 1, sizeof(alpm_backup_t), return NULL);
#   90|   
#   91|-> 	STRDUP(newbackup->name, backup->name, goto error);
#   92|   	STRDUP(newbackup->hash, backup->hash, goto error);
#   93|   

Error: GCC_ANALYZER_WARNING (CWE-401): [#def377]
pacman-v7.0.0/lib/libalpm/backup.c:92:9: warning[-Wanalyzer-malloc-leak]: leak of ‘<unknown>’
pacman-v7.0.0/lib/libalpm/backup.c:89:9: branch_false: following ‘false’ branch (when ‘newbackup’ is non-NULL)...
pacman-v7.0.0/lib/libalpm/backup.c:91:9: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/backup.c:91:9: branch_true: following ‘true’ branch...
pacman-v7.0.0/lib/libalpm/backup.c:91:9: branch_true: ...to here
pacman-v7.0.0/lib/libalpm/backup.c:91:9: acquire_memory: allocated here
pacman-v7.0.0/lib/libalpm/backup.c:91:9: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/backup.c:92:9: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/backup.c:92:9: branch_true: following ‘true’ branch...
pacman-v7.0.0/lib/libalpm/backup.c:92:9: danger: ‘<unknown>’ leaks here; was allocated at [(5)](sarif:/runs/0/results/3/codeFlows/0/threadFlows/0/locations/4)
#   90|   
#   91|   	STRDUP(newbackup->name, backup->name, goto error);
#   92|-> 	STRDUP(newbackup->hash, backup->hash, goto error);
#   93|   
#   94|   	return newbackup;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def378]
pacman-v7.0.0/lib/libalpm/backup.c:92:9: warning[-Wanalyzer-malloc-leak]: leak of ‘newbackup’
pacman-v7.0.0/lib/libalpm/backup.c:89:9: acquire_memory: allocated here
pacman-v7.0.0/lib/libalpm/backup.c:89:9: branch_false: following ‘false’ branch (when ‘newbackup’ is non-NULL)...
pacman-v7.0.0/lib/libalpm/backup.c:91:9: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/backup.c:91:9: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/backup.c:92:9: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/backup.c:92:9: branch_true: following ‘true’ branch...
pacman-v7.0.0/lib/libalpm/backup.c:92:9: danger: ‘newbackup’ leaks here; was allocated at [(1)](sarif:/runs/0/results/4/codeFlows/0/threadFlows/0/locations/0)
#   90|   
#   91|   	STRDUP(newbackup->name, backup->name, goto error);
#   92|-> 	STRDUP(newbackup->hash, backup->hash, goto error);
#   93|   
#   94|   	return newbackup;

Error: GCC_ANALYZER_WARNING (CWE-457): [#def379]
pacman-v7.0.0/lib/libalpm/be_local.c:214:19: warning[-Wanalyzer-use-of-uninitialized-value]: use of uninitialized value ‘*<unknown>’
pacman-v7.0.0/lib/libalpm/be_local.c:210:14: enter_function: entry to ‘_cache_changelog_open’
pacman-v7.0.0/lib/libalpm/be_local.c:213:24: call_function: calling ‘_alpm_local_db_pkgpath’ from ‘_cache_changelog_open’
pacman-v7.0.0/lib/libalpm/be_local.c:213:24: return_function: returning to ‘_cache_changelog_open’ from ‘_alpm_local_db_pkgpath’
pacman-v7.0.0/lib/libalpm/be_local.c:214:19: danger: use of uninitialized value ‘*<unknown>’ here
#  212|   	alpm_db_t *db = alpm_pkg_get_db(pkg);
#  213|   	char *clfile = _alpm_local_db_pkgpath(db, pkg, "changelog");
#  214|-> 	FILE *f = fopen(clfile, "r");
#  215|   	free(clfile);
#  216|   	return f;

Error: GCC_ANALYZER_WARNING (CWE-688): [#def380]
pacman-v7.0.0/lib/libalpm/be_local.c:258:12: warning[-Wanalyzer-null-argument]: use of NULL ‘_alpm_local_db_pkgpath(alpm_pkg_get_db(pkg), pkg, "mtree")’ where non-null expected
pacman-v7.0.0/lib/libalpm/be_local.c:251:24: enter_function: entry to ‘_cache_mtree_open’
pacman-v7.0.0/lib/libalpm/be_local.c:256:24: call_function: calling ‘_alpm_local_db_pkgpath’ from ‘_cache_mtree_open’
pacman-v7.0.0/lib/libalpm/be_local.c:256:24: return_function: returning to ‘_cache_mtree_open’ from ‘_alpm_local_db_pkgpath’
pacman-v7.0.0/lib/libalpm/be_local.c:258:12: danger: argument 1 (‘_alpm_local_db_pkgpath(alpm_pkg_get_db(pkg), pkg, "mtree")’) NULL where non-null expected
#  256|   	char *mtfile = _alpm_local_db_pkgpath(db, pkg, "mtree");
#  257|   
#  258|-> 	if(access(mtfile, F_OK) != 0) {
#  259|   		/* there is no mtree file for this package */
#  260|   		goto error;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def381]
pacman-v7.0.0/lib/libalpm/be_local.c:493:30: warning[-Wanalyzer-malloc-leak]: leak of ‘opendir(_alpm_db_path(db))’
pacman-v7.0.0/lib/libalpm/be_local.c:454:11: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/be_local.c:457:12: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/be_local.c:457:11: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/be_local.c:461:18: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/be_local.c:462:11: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/be_local.c:466:17: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/be_local.c:466:17: acquire_memory: allocated here
pacman-v7.0.0/lib/libalpm/be_local.c:467:11: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/be_local.c:486:9: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/be_local.c:491:11: branch_true: following ‘true’ branch...
 branch_true: ...to here
pacman-v7.0.0/lib/libalpm/be_local.c:493:30: danger: ‘opendir(_alpm_db_path(db))’ leaks here; was allocated at [(7)](sarif:/runs/0/results/2/codeFlows/0/threadFlows/0/locations/6)
#  491|   	if((dbverfile = fopen(dbverpath, "r")) == NULL) {
#  492|   		/* create dbverfile if local database is empty - otherwise version error */
#  493|-> 		while((ent = readdir(dbdir)) != NULL) {
#  494|   			const char *name = ent->d_name;
#  495|   			if(strcmp(name, ".") == 0 || strcmp(name, "..") == 0) {

Error: GCC_ANALYZER_WARNING (CWE-401): [#def382]
pacman-v7.0.0/lib/libalpm/be_local.c:521:9: warning[-Wanalyzer-malloc-leak]: leak of ‘opendir(_alpm_db_path(db))’
pacman-v7.0.0/lib/libalpm/be_local.c:454:11: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/be_local.c:457:12: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/be_local.c:457:11: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/be_local.c:461:18: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/be_local.c:462:11: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/be_local.c:466:17: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/be_local.c:466:17: acquire_memory: allocated here
pacman-v7.0.0/lib/libalpm/be_local.c:467:11: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/be_local.c:486:9: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/be_local.c:491:11: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/be_local.c:508:13: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/be_local.c:511:11: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/be_local.c:515:12: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/be_local.c:515:11: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/be_local.c:519:1: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/be_local.c:521:9: danger: ‘opendir(_alpm_db_path(db))’ leaks here; was allocated at [(7)](sarif:/runs/0/results/3/codeFlows/0/threadFlows/0/locations/6)
#  519|   version_latest:
#  520|   	closedir(dbdir);
#  521|-> 	db->status |= DB_STATUS_VALID;
#  522|   	db->status &= ~DB_STATUS_INVALID;
#  523|   	return 0;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def383]
pacman-v7.0.0/lib/libalpm/be_local.c:527:9: warning[-Wanalyzer-malloc-leak]: leak of ‘opendir(_alpm_db_path(db))’
pacman-v7.0.0/lib/libalpm/be_local.c:454:11: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/be_local.c:457:12: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/be_local.c:457:11: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/be_local.c:461:18: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/be_local.c:462:11: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/be_local.c:466:17: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/be_local.c:466:17: acquire_memory: allocated here
pacman-v7.0.0/lib/libalpm/be_local.c:467:11: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/be_local.c:486:9: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/be_local.c:491:11: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/be_local.c:508:13: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/be_local.c:527:9: danger: ‘opendir(_alpm_db_path(db))’ leaks here; was allocated at [(7)](sarif:/runs/0/results/4/codeFlows/0/threadFlows/0/locations/6)
#  525|   version_error:
#  526|   	closedir(dbdir);
#  527|-> 	db->status &= ~DB_STATUS_VALID;
#  528|   	db->status |= DB_STATUS_INVALID;
#  529|   	db->handle->pm_errno = ALPM_ERR_DB_VERSION;

Error: GCC_ANALYZER_WARNING (CWE-775): [#def384]
pacman-v7.0.0/lib/libalpm/be_local.c:749:28: warning[-Wanalyzer-file-leak]: leak of FILE ‘fopen(_alpm_local_db_pkgpath(db,  info, "desc"), "r")’
pacman-v7.0.0/lib/libalpm/be_local.c:713:12: enter_function: entry to ‘local_db_read’
pacman-v7.0.0/lib/libalpm/be_local.c:724:11: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/be_local.c:729:12: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/be_local.c:729:11: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/be_local.c:735:9: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/be_local.c:740:11: branch_true: following ‘true’ branch...
pacman-v7.0.0/lib/libalpm/be_local.c:741:30: call_function: calling ‘_alpm_local_db_pkgpath’ from ‘local_db_read’
pacman-v7.0.0/lib/libalpm/be_local.c:741:30: return_function: returning to ‘local_db_read’ from ‘_alpm_local_db_pkgpath’
pacman-v7.0.0/lib/libalpm/be_local.c:742:19: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/be_local.c:742:35: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/be_local.c:742:35: acquire_resource: opened here
pacman-v7.0.0/lib/libalpm/be_local.c:742:20: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/be_local.c:747:17: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/be_local.c:748:23: branch_true: following ‘true’ branch...
pacman-v7.0.0/lib/libalpm/be_local.c:749:28: branch_true: ...to here
pacman-v7.0.0/lib/libalpm/be_local.c:749:28: danger: ‘fopen(_alpm_local_db_pkgpath(db,  info, "desc"), "r")’ leaks here; was opened at [(19)](sarif:/runs/0/results/5/codeFlows/0/threadFlows/0/locations/18)
#  747|   		free(path);
#  748|   		while(!feof(fp)) {
#  749|-> 			if(safe_fgets(line, sizeof(line), fp) == NULL && !feof(fp)) {
#  750|   				goto error;
#  751|   			}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def385]
pacman-v7.0.0/lib/libalpm/be_local.c:749:28: warning[-Wanalyzer-malloc-leak]: leak of ‘fopen(_alpm_local_db_pkgpath(db,  info, "desc"), "r")’
pacman-v7.0.0/lib/libalpm/be_local.c:713:12: enter_function: entry to ‘local_db_read’
pacman-v7.0.0/lib/libalpm/be_local.c:724:11: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/be_local.c:729:12: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/be_local.c:729:11: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/be_local.c:735:9: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/be_local.c:740:11: branch_true: following ‘true’ branch...
pacman-v7.0.0/lib/libalpm/be_local.c:741:30: call_function: calling ‘_alpm_local_db_pkgpath’ from ‘local_db_read’
pacman-v7.0.0/lib/libalpm/be_local.c:741:30: return_function: returning to ‘local_db_read’ from ‘_alpm_local_db_pkgpath’
pacman-v7.0.0/lib/libalpm/be_local.c:742:19: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/be_local.c:742:35: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/be_local.c:742:35: acquire_memory: allocated here
pacman-v7.0.0/lib/libalpm/be_local.c:742:20: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/be_local.c:747:17: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/be_local.c:748:23: branch_true: following ‘true’ branch...
pacman-v7.0.0/lib/libalpm/be_local.c:749:28: branch_true: ...to here
pacman-v7.0.0/lib/libalpm/be_local.c:749:28: danger: ‘fopen(_alpm_local_db_pkgpath(db,  info, "desc"), "r")’ leaks here; was allocated at [(19)](sarif:/runs/0/results/6/codeFlows/0/threadFlows/0/locations/18)
#  747|   		free(path);
#  748|   		while(!feof(fp)) {
#  749|-> 			if(safe_fgets(line, sizeof(line), fp) == NULL && !feof(fp)) {
#  750|   				goto error;
#  751|   			}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def386]
pacman-v7.0.0/lib/libalpm/be_local.c:773:33: warning[-Wanalyzer-malloc-leak]: leak of ‘linedup’
pacman-v7.0.0/lib/libalpm/be_local.c:713:12: enter_function: entry to ‘local_db_read’
pacman-v7.0.0/lib/libalpm/be_local.c:724:11: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/be_local.c:729:12: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/be_local.c:729:11: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/be_local.c:735:9: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/be_local.c:740:11: branch_true: following ‘true’ branch...
pacman-v7.0.0/lib/libalpm/be_local.c:741:30: call_function: calling ‘_alpm_local_db_pkgpath’ from ‘local_db_read’
pacman-v7.0.0/lib/libalpm/be_local.c:741:30: return_function: returning to ‘local_db_read’ from ‘_alpm_local_db_pkgpath’
pacman-v7.0.0/lib/libalpm/be_local.c:742:19: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/be_local.c:747:17: release_memory: state of ‘&HEAP_ALLOCATED_REGION(588)’: ‘start’ -> ‘freed’ (NULL origin)
pacman-v7.0.0/lib/libalpm/be_local.c:748:23: branch_true: following ‘true’ branch...
pacman-v7.0.0/lib/libalpm/be_local.c:749:28: branch_true: ...to here
pacman-v7.0.0/lib/libalpm/be_local.c:752:27: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/be_local.c:756:28: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/be_local.c:756:27: branch_false: following ‘false’ branch (when the strings are non-equal)...
pacman-v7.0.0/lib/libalpm/be_local.c:762:35: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/be_local.c:762:34: branch_false: following ‘false’ branch (when the strings are non-equal)...
pacman-v7.0.0/lib/libalpm/be_local.c:768:35: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/be_local.c:768:34: branch_false: following ‘false’ branch (when the strings are non-equal)...
pacman-v7.0.0/lib/libalpm/be_local.c:770:35: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/be_local.c:770:34: branch_false: following ‘false’ branch (when the strings are non-equal)...
pacman-v7.0.0/lib/libalpm/be_local.c:772:35: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/be_local.c:773:33: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/be_local.c:773:33: acquire_memory: allocated here
pacman-v7.0.0/lib/libalpm/be_local.c:773:33: branch_false: following ‘false’ branch (when ‘linedup’ is non-NULL)...
pacman-v7.0.0/lib/libalpm/be_local.c:773:33: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/be_local.c:773:33: danger: ‘linedup’ leaks here; was allocated at [(36)](sarif:/runs/0/results/7/codeFlows/0/threadFlows/0/locations/35)
#  771|   				READ_AND_STORE(info->desc);
#  772|   			} else if(strcmp(line, "%GROUPS%") == 0) {
#  773|-> 				READ_AND_STORE_ALL(info->groups);
#  774|   			} else if(strcmp(line, "%URL%") == 0) {
#  775|   				READ_AND_STORE(info->url);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def387]
pacman-v7.0.0/lib/libalpm/be_local.c:777:33: warning[-Wanalyzer-malloc-leak]: leak of ‘linedup’
pacman-v7.0.0/lib/libalpm/be_local.c:713:12: enter_function: entry to ‘local_db_read’
pacman-v7.0.0/lib/libalpm/be_local.c:724:11: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/be_local.c:729:12: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/be_local.c:729:11: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/be_local.c:735:9: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/be_local.c:740:11: branch_true: following ‘true’ branch...
pacman-v7.0.0/lib/libalpm/be_local.c:741:30: call_function: calling ‘_alpm_local_db_pkgpath’ from ‘local_db_read’
pacman-v7.0.0/lib/libalpm/be_local.c:741:30: return_function: returning to ‘local_db_read’ from ‘_alpm_local_db_pkgpath’
pacman-v7.0.0/lib/libalpm/be_local.c:742:19: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/be_local.c:747:17: release_memory: state of ‘&HEAP_ALLOCATED_REGION(588)’: ‘start’ -> ‘freed’ (NULL origin)
pacman-v7.0.0/lib/libalpm/be_local.c:748:23: branch_true: following ‘true’ branch...
pacman-v7.0.0/lib/libalpm/be_local.c:749:28: branch_true: ...to here
pacman-v7.0.0/lib/libalpm/be_local.c:752:27: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/be_local.c:756:28: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/be_local.c:756:27: branch_false: following ‘false’ branch (when the strings are non-equal)...
pacman-v7.0.0/lib/libalpm/be_local.c:762:35: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/be_local.c:762:34: branch_false: following ‘false’ branch (when the strings are non-equal)...
pacman-v7.0.0/lib/libalpm/be_local.c:768:35: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/be_local.c:768:34: branch_false: following ‘false’ branch (when the strings are non-equal)...
pacman-v7.0.0/lib/libalpm/be_local.c:770:35: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/be_local.c:770:34: branch_false: following ‘false’ branch (when the strings are non-equal)...
pacman-v7.0.0/lib/libalpm/be_local.c:772:35: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/be_local.c:772:34: branch_false: following ‘false’ branch (when the strings are non-equal)...
pacman-v7.0.0/lib/libalpm/be_local.c:774:35: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/be_local.c:774:34: branch_false: following ‘false’ branch (when the strings are non-equal)...
pacman-v7.0.0/lib/libalpm/be_local.c:776:35: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/be_local.c:777:33: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/be_local.c:777:33: acquire_memory: allocated here
pacman-v7.0.0/lib/libalpm/be_local.c:777:33: branch_false: following ‘false’ branch (when ‘linedup’ is non-NULL)...
pacman-v7.0.0/lib/libalpm/be_local.c:777:33: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/be_local.c:777:33: danger: ‘linedup’ leaks here; was allocated at [(40)](sarif:/runs/0/results/8/codeFlows/0/threadFlows/0/locations/39)
#  775|   				READ_AND_STORE(info->url);
#  776|   			} else if(strcmp(line, "%LICENSE%") == 0) {
#  777|-> 				READ_AND_STORE_ALL(info->licenses);
#  778|   			} else if(strcmp(line, "%ARCH%") == 0) {
#  779|   				READ_AND_STORE(info->arch);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def388]
pacman-v7.0.0/lib/libalpm/be_local.c:793:33: warning[-Wanalyzer-malloc-leak]: leak of ‘linedup’
pacman-v7.0.0/lib/libalpm/be_local.c:713:12: enter_function: entry to ‘local_db_read’
pacman-v7.0.0/lib/libalpm/be_local.c:724:11: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/be_local.c:729:12: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/be_local.c:729:11: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/be_local.c:735:9: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/be_local.c:740:11: branch_true: following ‘true’ branch...
pacman-v7.0.0/lib/libalpm/be_local.c:741:30: call_function: calling ‘_alpm_local_db_pkgpath’ from ‘local_db_read’
pacman-v7.0.0/lib/libalpm/be_local.c:741:30: return_function: returning to ‘local_db_read’ from ‘_alpm_local_db_pkgpath’
pacman-v7.0.0/lib/libalpm/be_local.c:742:19: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/be_local.c:747:17: release_memory: state of ‘&HEAP_ALLOCATED_REGION(588)’: ‘start’ -> ‘freed’ (NULL origin)
pacman-v7.0.0/lib/libalpm/be_local.c:748:23: branch_true: following ‘true’ branch...
pacman-v7.0.0/lib/libalpm/be_local.c:749:28: branch_true: ...to here
pacman-v7.0.0/lib/libalpm/be_local.c:752:27: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/be_local.c:756:28: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/be_local.c:756:27: branch_false: following ‘false’ branch (when the strings are non-equal)...
pacman-v7.0.0/lib/libalpm/be_local.c:762:35: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/be_local.c:762:34: branch_false: following ‘false’ branch (when the strings are non-equal)...
pacman-v7.0.0/lib/libalpm/be_local.c:768:35: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/be_local.c:768:34: branch_false: following ‘false’ branch (when the strings are non-equal)...
pacman-v7.0.0/lib/libalpm/be_local.c:770:35: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/be_local.c:770:34: branch_false: following ‘false’ branch (when the strings are non-equal)...
pacman-v7.0.0/lib/libalpm/be_local.c:772:35: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/be_local.c:772:34: branch_false: following ‘false’ branch (when the strings are non-equal)...
pacman-v7.0.0/lib/libalpm/be_local.c:774:35: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/be_local.c:774:34: branch_false: following ‘false’ branch (when the strings are non-equal)...
pacman-v7.0.0/lib/libalpm/be_local.c:776:35: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/be_local.c:776:34: branch_false: following ‘false’ branch (when the strings are non-equal)...
pacman-v7.0.0/lib/libalpm/be_local.c:778:35: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/be_local.c:778:34: branch_false: following ‘false’ branch (when the strings are non-equal)...
pacman-v7.0.0/lib/libalpm/be_local.c:780:35: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/be_local.c:786:34: branch_false: following ‘false’ branch (when the strings are non-equal)...
pacman-v7.0.0/lib/libalpm/be_local.c:788:35: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/be_local.c:788:34: branch_false: following ‘false’ branch (when the strings are non-equal)...
pacman-v7.0.0/lib/libalpm/be_local.c:791:35: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/be_local.c:791:34: branch_true: following ‘true’ branch (when the strings are equal)...
 branch_true: ...to here
pacman-v7.0.0/lib/libalpm/be_local.c:793:33: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/be_local.c:793:33: acquire_memory: allocated here
pacman-v7.0.0/lib/libalpm/be_local.c:793:33: branch_false: following ‘false’ branch (when ‘linedup’ is non-NULL)...
pacman-v7.0.0/lib/libalpm/be_local.c:793:33: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/be_local.c:793:33: danger: ‘linedup’ leaks here; was allocated at [(50)](sarif:/runs/0/results/9/codeFlows/0/threadFlows/0/locations/49)
#  791|   			} else if(strcmp(line, "%VALIDATION%") == 0) {
#  792|   				alpm_list_t *i, *v = NULL;
#  793|-> 				READ_AND_STORE_ALL(v);
#  794|   				for(i = v; i; i = alpm_list_next(i))
#  795|   				{

Error: GCC_ANALYZER_WARNING (CWE-401): [#def389]
pacman-v7.0.0/lib/libalpm/be_local.c:830:33: warning[-Wanalyzer-malloc-leak]: leak of ‘linedup’
pacman-v7.0.0/lib/libalpm/be_local.c:713:12: enter_function: entry to ‘local_db_read’
pacman-v7.0.0/lib/libalpm/be_local.c:724:11: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/be_local.c:729:12: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/be_local.c:729:11: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/be_local.c:735:9: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/be_local.c:740:11: branch_true: following ‘true’ branch...
pacman-v7.0.0/lib/libalpm/be_local.c:741:30: call_function: calling ‘_alpm_local_db_pkgpath’ from ‘local_db_read’
pacman-v7.0.0/lib/libalpm/be_local.c:741:30: return_function: returning to ‘local_db_read’ from ‘_alpm_local_db_pkgpath’
pacman-v7.0.0/lib/libalpm/be_local.c:742:19: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/be_local.c:747:17: release_memory: state of ‘&HEAP_ALLOCATED_REGION(588)’: ‘start’ -> ‘freed’ (NULL origin)
pacman-v7.0.0/lib/libalpm/be_local.c:748:23: branch_true: following ‘true’ branch...
pacman-v7.0.0/lib/libalpm/be_local.c:749:28: branch_true: ...to here
pacman-v7.0.0/lib/libalpm/be_local.c:752:27: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/be_local.c:756:28: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/be_local.c:756:27: branch_false: following ‘false’ branch (when the strings are non-equal)...
pacman-v7.0.0/lib/libalpm/be_local.c:762:35: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/be_local.c:762:34: branch_false: following ‘false’ branch (when the strings are non-equal)...
pacman-v7.0.0/lib/libalpm/be_local.c:768:35: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/be_local.c:768:34: branch_false: following ‘false’ branch (when the strings are non-equal)...
pacman-v7.0.0/lib/libalpm/be_local.c:770:35: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/be_local.c:770:34: branch_false: following ‘false’ branch (when the strings are non-equal)...
pacman-v7.0.0/lib/libalpm/be_local.c:772:35: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/be_local.c:772:34: branch_false: following ‘false’ branch (when the strings are non-equal)...
pacman-v7.0.0/lib/libalpm/be_local.c:774:35: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/be_local.c:774:34: branch_false: following ‘false’ branch (when the strings are non-equal)...
pacman-v7.0.0/lib/libalpm/be_local.c:776:35: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/be_local.c:776:34: branch_false: following ‘false’ branch (when the strings are non-equal)...
pacman-v7.0.0/lib/libalpm/be_local.c:778:35: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/be_local.c:778:34: branch_false: following ‘false’ branch (when the strings are non-equal)...
pacman-v7.0.0/lib/libalpm/be_local.c:780:35: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/be_local.c:786:34: branch_false: following ‘false’ branch (when the strings are non-equal)...
pacman-v7.0.0/lib/libalpm/be_local.c:788:35: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/be_local.c:788:34: branch_false: following ‘false’ branch (when the strings are non-equal)...
pacman-v7.0.0/lib/libalpm/be_local.c:791:35: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/be_local.c:791:34: branch_false: following ‘false’ branch (when the strings are non-equal)...
pacman-v7.0.0/lib/libalpm/be_local.c:811:35: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/be_local.c:811:34: branch_false: following ‘false’ branch (when the strings are non-equal)...
pacman-v7.0.0/lib/libalpm/be_local.c:814:35: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/be_local.c:814:34: branch_false: following ‘false’ branch (when the strings are non-equal)...
pacman-v7.0.0/lib/libalpm/be_local.c:816:35: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/be_local.c:816:34: branch_false: following ‘false’ branch (when the strings are non-equal)...
pacman-v7.0.0/lib/libalpm/be_local.c:818:35: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/be_local.c:818:34: branch_false: following ‘false’ branch (when the strings are non-equal)...
pacman-v7.0.0/lib/libalpm/be_local.c:820:35: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/be_local.c:820:34: branch_false: following ‘false’ branch (when the strings are non-equal)...
pacman-v7.0.0/lib/libalpm/be_local.c:822:35: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/be_local.c:822:34: branch_false: following ‘false’ branch (when the strings are non-equal)...
pacman-v7.0.0/lib/libalpm/be_local.c:824:35: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/be_local.c:824:34: branch_false: following ‘false’ branch (when the strings are non-equal)...
pacman-v7.0.0/lib/libalpm/be_local.c:826:35: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/be_local.c:826:34: branch_false: following ‘false’ branch (when the strings are non-equal)...
pacman-v7.0.0/lib/libalpm/be_local.c:828:35: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/be_local.c:828:34: branch_true: following ‘true’ branch (when the strings are equal)...
 branch_true: ...to here
pacman-v7.0.0/lib/libalpm/be_local.c:830:33: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/be_local.c:830:33: acquire_memory: allocated here
pacman-v7.0.0/lib/libalpm/be_local.c:830:33: branch_false: following ‘false’ branch (when ‘linedup’ is non-NULL)...
pacman-v7.0.0/lib/libalpm/be_local.c:830:33: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/be_local.c:830:33: danger: ‘linedup’ leaks here; was allocated at [(68)](sarif:/runs/0/results/10/codeFlows/0/threadFlows/0/locations/67)
#  828|   			} else if(strcmp(line, "%XDATA%") == 0) {
#  829|   				alpm_list_t *i, *lines = NULL;
#  830|-> 				READ_AND_STORE_ALL(lines);
#  831|   				for(i = lines; i; i = i->next) {
#  832|   					alpm_pkg_xdata_t *pd = _alpm_pkg_parse_xdata(i->data);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def390]
pacman-v7.0.0/lib/libalpm/be_local.c:843:33: warning[-Wanalyzer-malloc-leak]: leak of ‘linedup’
pacman-v7.0.0/lib/libalpm/be_local.c:713:12: enter_function: entry to ‘local_db_read’
pacman-v7.0.0/lib/libalpm/be_local.c:724:11: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/be_local.c:729:12: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/be_local.c:729:11: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/be_local.c:735:9: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/be_local.c:740:11: branch_true: following ‘true’ branch...
pacman-v7.0.0/lib/libalpm/be_local.c:741:30: call_function: calling ‘_alpm_local_db_pkgpath’ from ‘local_db_read’
pacman-v7.0.0/lib/libalpm/be_local.c:741:30: return_function: returning to ‘local_db_read’ from ‘_alpm_local_db_pkgpath’
pacman-v7.0.0/lib/libalpm/be_local.c:742:19: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/be_local.c:747:17: release_memory: state of ‘&HEAP_ALLOCATED_REGION(588)’: ‘start’ -> ‘freed’ (NULL origin)
pacman-v7.0.0/lib/libalpm/be_local.c:748:23: branch_true: following ‘true’ branch...
pacman-v7.0.0/lib/libalpm/be_local.c:749:28: branch_true: ...to here
pacman-v7.0.0/lib/libalpm/be_local.c:752:27: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/be_local.c:756:28: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/be_local.c:756:27: branch_false: following ‘false’ branch (when the strings are non-equal)...
pacman-v7.0.0/lib/libalpm/be_local.c:762:35: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/be_local.c:762:34: branch_false: following ‘false’ branch (when the strings are non-equal)...
pacman-v7.0.0/lib/libalpm/be_local.c:768:35: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/be_local.c:768:34: branch_false: following ‘false’ branch (when the strings are non-equal)...
pacman-v7.0.0/lib/libalpm/be_local.c:770:35: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/be_local.c:770:34: branch_false: following ‘false’ branch (when the strings are non-equal)...
pacman-v7.0.0/lib/libalpm/be_local.c:772:35: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/be_local.c:772:34: branch_false: following ‘false’ branch (when the strings are non-equal)...
pacman-v7.0.0/lib/libalpm/be_local.c:774:35: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/be_local.c:774:34: branch_false: following ‘false’ branch (when the strings are non-equal)...
pacman-v7.0.0/lib/libalpm/be_local.c:776:35: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/be_local.c:776:34: branch_false: following ‘false’ branch (when the strings are non-equal)...
pacman-v7.0.0/lib/libalpm/be_local.c:778:35: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/be_local.c:778:34: branch_false: following ‘false’ branch (when the strings are non-equal)...
pacman-v7.0.0/lib/libalpm/be_local.c:780:35: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/be_local.c:786:34: branch_false: following ‘false’ branch (when the strings are non-equal)...
pacman-v7.0.0/lib/libalpm/be_local.c:788:35: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/be_local.c:788:34: branch_false: following ‘false’ branch (when the strings are non-equal)...
pacman-v7.0.0/lib/libalpm/be_local.c:791:35: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/be_local.c:791:34: branch_false: following ‘false’ branch (when the strings are non-equal)...
pacman-v7.0.0/lib/libalpm/be_local.c:811:35: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/be_local.c:811:34: branch_false: following ‘false’ branch (when the strings are non-equal)...
pacman-v7.0.0/lib/libalpm/be_local.c:814:35: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/be_local.c:814:34: branch_false: following ‘false’ branch (when the strings are non-equal)...
pacman-v7.0.0/lib/libalpm/be_local.c:816:35: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/be_local.c:816:34: branch_false: following ‘false’ branch (when the strings are non-equal)...
pacman-v7.0.0/lib/libalpm/be_local.c:818:35: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/be_local.c:818:34: branch_false: following ‘false’ branch (when the strings are non-equal)...
pacman-v7.0.0/lib/libalpm/be_local.c:820:35: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/be_local.c:820:34: branch_false: following ‘false’ branch (when the strings are non-equal)...
pacman-v7.0.0/lib/libalpm/be_local.c:822:35: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/be_local.c:822:34: branch_false: following ‘false’ branch (when the strings are non-equal)...
pacman-v7.0.0/lib/libalpm/be_local.c:824:35: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/be_local.c:824:34: branch_false: following ‘false’ branch (when the strings are non-equal)...
pacman-v7.0.0/lib/libalpm/be_local.c:826:35: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/be_local.c:826:34: branch_false: following ‘false’ branch (when the strings are non-equal)...
pacman-v7.0.0/lib/libalpm/be_local.c:828:35: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/be_local.c:828:34: branch_false: following ‘false’ branch (when the strings are non-equal)...
pacman-v7.0.0/lib/libalpm/be_local.c:841:33: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/be_local.c:843:33: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/be_local.c:843:33: acquire_memory: allocated here
pacman-v7.0.0/lib/libalpm/be_local.c:843:33: branch_false: following ‘false’ branch (when ‘linedup’ is non-NULL)...
pacman-v7.0.0/lib/libalpm/be_local.c:843:33: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/be_local.c:843:33: danger: ‘linedup’ leaks here; was allocated at [(68)](sarif:/runs/0/results/11/codeFlows/0/threadFlows/0/locations/67)
#  841|   				_alpm_log(db->handle, ALPM_LOG_WARNING, _("%s: unknown key '%s' in local database\n"), info->name, line);
#  842|   				alpm_list_t *lines = NULL;
#  843|-> 				READ_AND_STORE_ALL(lines);
#  844|   				FREELIST(lines);
#  845|   			}

Error: GCC_ANALYZER_WARNING (CWE-775): [#def391]
pacman-v7.0.0/lib/libalpm/be_local.c:861:23: warning[-Wanalyzer-file-leak]: leak of FILE ‘fopen(_alpm_local_db_pkgpath(db,  info, "files"), "r")’
pacman-v7.0.0/lib/libalpm/be_local.c:192:21: enter_function: entry to ‘_cache_get_backup’
pacman-v7.0.0/lib/libalpm/be_local.c:194:9: branch_true: following ‘true’ branch...
pacman-v7.0.0/lib/libalpm/be_local.c:194:9: branch_true: ...to here
pacman-v7.0.0/lib/libalpm/be_local.c:194:9: call_function: calling ‘local_db_read’ from ‘_cache_get_backup’
#  859|   		}
#  860|   		free(path);
#  861|-> 		while(safe_fgets(line, sizeof(line), fp)) {
#  862|   			_alpm_strip_newline(line, 0);
#  863|   			if(strcmp(line, "%FILES%") == 0) {

Error: GCC_ANALYZER_WARNING (CWE-401): [#def392]
pacman-v7.0.0/lib/libalpm/be_local.c:861:23: warning[-Wanalyzer-malloc-leak]: leak of ‘fopen(_alpm_local_db_pkgpath(db,  info, "files"), "r")’
pacman-v7.0.0/lib/libalpm/be_local.c:192:21: enter_function: entry to ‘_cache_get_backup’
pacman-v7.0.0/lib/libalpm/be_local.c:194:9: branch_true: following ‘true’ branch...
pacman-v7.0.0/lib/libalpm/be_local.c:194:9: branch_true: ...to here
pacman-v7.0.0/lib/libalpm/be_local.c:194:9: call_function: calling ‘local_db_read’ from ‘_cache_get_backup’
#  859|   		}
#  860|   		free(path);
#  861|-> 		while(safe_fgets(line, sizeof(line), fp)) {
#  862|   			_alpm_strip_newline(line, 0);
#  863|   			if(strcmp(line, "%FILES%") == 0) {

Error: GCC_ANALYZER_WARNING (CWE-401): [#def393]
pacman-v7.0.0/lib/libalpm/be_local.c:900:44: warning[-Wanalyzer-malloc-leak]: leak of ‘backup’
pacman-v7.0.0/lib/libalpm/be_local.c:192:21: enter_function: entry to ‘_cache_get_backup’
pacman-v7.0.0/lib/libalpm/be_local.c:194:9: branch_true: following ‘true’ branch...
pacman-v7.0.0/lib/libalpm/be_local.c:194:9: branch_true: ...to here
pacman-v7.0.0/lib/libalpm/be_local.c:194:9: call_function: calling ‘local_db_read’ from ‘_cache_get_backup’
#  898|   					alpm_backup_t *backup;
#  899|   					CALLOC(backup, 1, sizeof(alpm_backup_t), goto error);
#  900|-> 					if(_alpm_split_backup(line, &backup)) {
#  901|   						FREE(backup);
#  902|   						goto error;

Error: GCC_ANALYZER_WARNING (CWE-688): [#def394]
pacman-v7.0.0/lib/libalpm/be_local.c:916:20: warning[-Wanalyzer-null-argument]: use of NULL ‘_alpm_local_db_pkgpath(db,  info, "install")’ where non-null expected
pacman-v7.0.0/lib/libalpm/be_local.c:713:12: enter_function: entry to ‘local_db_read’
pacman-v7.0.0/lib/libalpm/be_local.c:724:11: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/be_local.c:729:12: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/be_local.c:729:11: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/be_local.c:735:9: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/be_local.c:914:11: branch_true: following ‘true’ branch...
pacman-v7.0.0/lib/libalpm/be_local.c:915:30: call_function: calling ‘_alpm_local_db_pkgpath’ from ‘local_db_read’
pacman-v7.0.0/lib/libalpm/be_local.c:915:30: return_function: returning to ‘local_db_read’ from ‘_alpm_local_db_pkgpath’
pacman-v7.0.0/lib/libalpm/be_local.c:916:20: danger: argument 1 (‘_alpm_local_db_pkgpath(db,  info, "install")’) NULL where non-null expected
#  914|   	if(inforeq & INFRQ_SCRIPTLET && !(info->infolevel & INFRQ_SCRIPTLET)) {
#  915|   		char *path = _alpm_local_db_pkgpath(db, info, "install");
#  916|-> 		if(access(path, F_OK) == 0) {
#  917|   			info->scriptlet = 1;
#  918|   		}

Error: GCC_ANALYZER_WARNING (CWE-775): [#def395]
pacman-v7.0.0/lib/libalpm/be_local.c:966:35: warning[-Wanalyzer-file-leak]: leak of FILE ‘fopen(_alpm_local_db_pkgpath(db,  info, "desc"), "w")’
pacman-v7.0.0/lib/libalpm/be_local.c:974:5: enter_function: entry to ‘_alpm_local_db_write’
pacman-v7.0.0/lib/libalpm/be_local.c:981:11: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/be_local.c:989:11: branch_true: following ‘true’ branch...
pacman-v7.0.0/lib/libalpm/be_local.c:991:17: branch_true: ...to here
pacman-v7.0.0/lib/libalpm/be_local.c:994:24: call_function: calling ‘_alpm_local_db_pkgpath’ from ‘_alpm_local_db_write’
pacman-v7.0.0/lib/libalpm/be_local.c:994:24: return_function: returning to ‘_alpm_local_db_write’ from ‘_alpm_local_db_pkgpath’
pacman-v7.0.0/lib/libalpm/be_local.c:995:19: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/be_local.c:995:35: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/be_local.c:995:35: acquire_resource: opened here
pacman-v7.0.0/lib/libalpm/be_local.c:995:20: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/be_local.c:1002:17: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/be_local.c:1075:17: call_function: inlined call to ‘write_deps’ from ‘_alpm_local_db_write’
 branch_false: ...to here
pacman-v7.0.0/lib/libalpm/be_local.c:1075:17: call_function: inlined call to ‘write_deps’ from ‘_alpm_local_db_write’
#  964|   	fputc('\n', fp);
#  965|   	for(lp = deplist; lp; lp = lp->next) {
#  966|-> 		char *depstring = alpm_dep_compute_string(lp->data);
#  967|   		fputs(depstring, fp);
#  968|   		fputc('\n', fp);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def396]
pacman-v7.0.0/lib/libalpm/be_local.c:966:35: warning[-Wanalyzer-malloc-leak]: leak of ‘fopen(_alpm_local_db_pkgpath(db,  info, "desc"), "w")’
pacman-v7.0.0/lib/libalpm/be_local.c:974:5: enter_function: entry to ‘_alpm_local_db_write’
pacman-v7.0.0/lib/libalpm/be_local.c:981:11: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/be_local.c:989:11: branch_true: following ‘true’ branch...
pacman-v7.0.0/lib/libalpm/be_local.c:991:17: branch_true: ...to here
pacman-v7.0.0/lib/libalpm/be_local.c:994:24: call_function: calling ‘_alpm_local_db_pkgpath’ from ‘_alpm_local_db_write’
pacman-v7.0.0/lib/libalpm/be_local.c:994:24: return_function: returning to ‘_alpm_local_db_write’ from ‘_alpm_local_db_pkgpath’
pacman-v7.0.0/lib/libalpm/be_local.c:995:19: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/be_local.c:995:35: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/be_local.c:995:35: acquire_memory: allocated here
pacman-v7.0.0/lib/libalpm/be_local.c:995:20: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/be_local.c:1002:17: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/be_local.c:1075:17: call_function: inlined call to ‘write_deps’ from ‘_alpm_local_db_write’
 branch_false: ...to here
pacman-v7.0.0/lib/libalpm/be_local.c:1075:17: call_function: inlined call to ‘write_deps’ from ‘_alpm_local_db_write’
#  964|   	fputc('\n', fp);
#  965|   	for(lp = deplist; lp; lp = lp->next) {
#  966|-> 		char *depstring = alpm_dep_compute_string(lp->data);
#  967|   		fputs(depstring, fp);
#  968|   		fputc('\n', fp);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def397]
pacman-v7.0.0/lib/libalpm/be_local.c:1160:18: warning[-Wanalyzer-malloc-leak]: leak of ‘opendir(_alpm_local_db_pkgpath(db,  info, 0))’
pacman-v7.0.0/lib/libalpm/be_local.c:1139:5: enter_function: entry to ‘_alpm_local_db_remove’
pacman-v7.0.0/lib/libalpm/be_local.c:1147:19: call_function: calling ‘_alpm_local_db_pkgpath’ from ‘_alpm_local_db_remove’
pacman-v7.0.0/lib/libalpm/be_local.c:1147:19: return_function: returning to ‘_alpm_local_db_remove’ from ‘_alpm_local_db_pkgpath’
pacman-v7.0.0/lib/libalpm/be_local.c:1148:11: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/be_local.c:1151:23: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/be_local.c:1153:16: acquire_memory: allocated here
pacman-v7.0.0/lib/libalpm/be_local.c:1154:11: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/be_local.c:1160:18: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/be_local.c:1160:18: danger: ‘opendir(_alpm_local_db_pkgpath(db,  info, 0))’ leaks here; was allocated at [(13)](sarif:/runs/0/results/18/codeFlows/0/threadFlows/0/locations/12)
# 1158|   	/* go through the local DB entry, removing the files within, which we know
# 1159|   	 * are not nested directories of any kind. */
# 1160|-> 	for(dp = readdir(dirp); dp != NULL; dp = readdir(dirp)) {
# 1161|   		if(strcmp(dp->d_name, "..") != 0 && strcmp(dp->d_name, ".") != 0) {
# 1162|   			char name[PATH_MAX];

Error: GCC_ANALYZER_WARNING (CWE-401): [#def398]
pacman-v7.0.0/lib/libalpm/be_package.c:205:50: warning[-Wanalyzer-malloc-leak]: leak of ‘tmp’
pacman-v7.0.0/lib/libalpm/be_package.c:555:13: enter_function: entry to ‘_alpm_pkg_load_internal’
pacman-v7.0.0/lib/libalpm/be_package.c:567:11: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/be_package.c:572:11: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/be_package.c:583:18: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/be_package.c:584:11: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/be_package.c:587:9: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/be_package.c:587:9: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/be_package.c:588:24: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/be_package.c:595:15: branch_true: following ‘true’ branch...
pacman-v7.0.0/lib/libalpm/be_package.c:596:42: branch_true: ...to here
pacman-v7.0.0/lib/libalpm/be_package.c:598:19: branch_true: following ‘true’ branch (when the strings are equal)...
pacman-v7.0.0/lib/libalpm/be_package.c:600:28: branch_true: ...to here
pacman-v7.0.0/lib/libalpm/be_package.c:600:28: call_function: calling ‘parse_descfile’ from ‘_alpm_pkg_load_internal’
#  203|   				char *tmp = NULL;
#  204|   				STRDUP(tmp, ptr, return -1);
#  205|-> 				newpkg->groups = alpm_list_add(newpkg->groups, tmp);
#  206|   			} else if(strcmp(key, "url") == 0) {
#  207|   				STRDUP(newpkg->url, ptr, return -1);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def399]
pacman-v7.0.0/lib/libalpm/be_package.c:211:52: warning[-Wanalyzer-malloc-leak]: leak of ‘tmp’
pacman-v7.0.0/lib/libalpm/be_package.c:555:13: enter_function: entry to ‘_alpm_pkg_load_internal’
pacman-v7.0.0/lib/libalpm/be_package.c:567:11: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/be_package.c:572:11: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/be_package.c:583:18: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/be_package.c:584:11: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/be_package.c:587:9: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/be_package.c:587:9: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/be_package.c:588:24: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/be_package.c:595:15: branch_true: following ‘true’ branch...
pacman-v7.0.0/lib/libalpm/be_package.c:596:42: branch_true: ...to here
pacman-v7.0.0/lib/libalpm/be_package.c:598:19: branch_true: following ‘true’ branch (when the strings are equal)...
pacman-v7.0.0/lib/libalpm/be_package.c:600:28: branch_true: ...to here
pacman-v7.0.0/lib/libalpm/be_package.c:600:28: call_function: calling ‘parse_descfile’ from ‘_alpm_pkg_load_internal’
#  209|   				char *tmp = NULL;
#  210|   				STRDUP(tmp, ptr, return -1);
#  211|-> 				newpkg->licenses = alpm_list_add(newpkg->licenses, tmp);
#  212|   			} else if(strcmp(key, "builddate") == 0) {
#  213|   				newpkg->builddate = _alpm_parsedate(ptr);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def400]
pacman-v7.0.0/lib/libalpm/be_package.c:245:33: warning[-Wanalyzer-malloc-leak]: leak of ‘backup’
pacman-v7.0.0/lib/libalpm/be_package.c:555:13: enter_function: entry to ‘_alpm_pkg_load_internal’
pacman-v7.0.0/lib/libalpm/be_package.c:567:11: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/be_package.c:572:11: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/be_package.c:583:18: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/be_package.c:584:11: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/be_package.c:587:9: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/be_package.c:587:9: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/be_package.c:588:24: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/be_package.c:595:15: branch_true: following ‘true’ branch...
pacman-v7.0.0/lib/libalpm/be_package.c:596:42: branch_true: ...to here
pacman-v7.0.0/lib/libalpm/be_package.c:598:19: branch_true: following ‘true’ branch (when the strings are equal)...
pacman-v7.0.0/lib/libalpm/be_package.c:600:28: branch_true: ...to here
pacman-v7.0.0/lib/libalpm/be_package.c:600:28: call_function: calling ‘parse_descfile’ from ‘_alpm_pkg_load_internal’
#  243|   				alpm_backup_t *backup;
#  244|   				CALLOC(backup, 1, sizeof(alpm_backup_t), return -1);
#  245|-> 				STRDUP(backup->name, ptr, FREE(backup); return -1);
#  246|   				newpkg->backup = alpm_list_add(newpkg->backup, backup);
#  247|   			} else if(strcmp(key, "xdata") == 0) {

Error: GCC_ANALYZER_WARNING (CWE-401): [#def401]
pacman-v7.0.0/lib/libalpm/be_package.c:246:50: warning[-Wanalyzer-malloc-leak]: leak of ‘<unknown>’
pacman-v7.0.0/lib/libalpm/be_package.c:555:13: enter_function: entry to ‘_alpm_pkg_load_internal’
pacman-v7.0.0/lib/libalpm/be_package.c:567:11: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/be_package.c:572:11: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/be_package.c:583:18: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/be_package.c:584:11: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/be_package.c:587:9: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/be_package.c:587:9: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/be_package.c:588:24: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/be_package.c:595:15: branch_true: following ‘true’ branch...
pacman-v7.0.0/lib/libalpm/be_package.c:596:42: branch_true: ...to here
pacman-v7.0.0/lib/libalpm/be_package.c:598:19: branch_true: following ‘true’ branch (when the strings are equal)...
pacman-v7.0.0/lib/libalpm/be_package.c:600:28: branch_true: ...to here
pacman-v7.0.0/lib/libalpm/be_package.c:600:28: call_function: calling ‘parse_descfile’ from ‘_alpm_pkg_load_internal’
#  244|   				CALLOC(backup, 1, sizeof(alpm_backup_t), return -1);
#  245|   				STRDUP(backup->name, ptr, FREE(backup); return -1);
#  246|-> 				newpkg->backup = alpm_list_add(newpkg->backup, backup);
#  247|   			} else if(strcmp(key, "xdata") == 0) {
#  248|   				alpm_pkg_xdata_t *pd = _alpm_pkg_parse_xdata(ptr);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def402]
pacman-v7.0.0/lib/libalpm/be_package.c:246:50: warning[-Wanalyzer-malloc-leak]: leak of ‘backup’
pacman-v7.0.0/lib/libalpm/be_package.c:555:13: enter_function: entry to ‘_alpm_pkg_load_internal’
pacman-v7.0.0/lib/libalpm/be_package.c:567:11: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/be_package.c:572:11: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/be_package.c:583:18: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/be_package.c:584:11: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/be_package.c:587:9: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/be_package.c:587:9: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/be_package.c:588:24: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/be_package.c:595:15: branch_true: following ‘true’ branch...
pacman-v7.0.0/lib/libalpm/be_package.c:596:42: branch_true: ...to here
pacman-v7.0.0/lib/libalpm/be_package.c:598:19: branch_true: following ‘true’ branch (when the strings are equal)...
pacman-v7.0.0/lib/libalpm/be_package.c:600:28: branch_true: ...to here
pacman-v7.0.0/lib/libalpm/be_package.c:600:28: call_function: calling ‘parse_descfile’ from ‘_alpm_pkg_load_internal’
#  244|   				CALLOC(backup, 1, sizeof(alpm_backup_t), return -1);
#  245|   				STRDUP(backup->name, ptr, FREE(backup); return -1);
#  246|-> 				newpkg->backup = alpm_list_add(newpkg->backup, backup);
#  247|   			} else if(strcmp(key, "xdata") == 0) {
#  248|   				alpm_pkg_xdata_t *pd = _alpm_pkg_parse_xdata(ptr);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def403]
pacman-v7.0.0/lib/libalpm/be_package.c:427:17: warning[-Wanalyzer-malloc-leak]: leak of ‘*current_file.name’
pacman-v7.0.0/lib/libalpm/be_package.c:725:15: enter_function: entry to ‘alpm_pkg_load’
pacman-v7.0.0/lib/libalpm/be_package.c:732:9: branch_false: following ‘false’ branch (when ‘handle’ is non-NULL)...
pacman-v7.0.0/lib/libalpm/be_package.c:732:9: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/be_package.c:733:9: branch_false: following ‘false’ branch (when ‘pkg’ is non-NULL)...
pacman-v7.0.0/lib/libalpm/be_package.c:735:19: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/be_package.c:776:12: call_function: calling ‘_alpm_pkg_validate_internal’ from ‘alpm_pkg_load’
pacman-v7.0.0/lib/libalpm/be_package.c:776:12: return_function: returning to ‘alpm_pkg_load’ from ‘_alpm_pkg_validate_internal’
pacman-v7.0.0/lib/libalpm/be_package.c:776:11: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/be_package.c:781:16: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/be_package.c:781:16: call_function: calling ‘_alpm_pkg_load_internal’ from ‘alpm_pkg_load’
#  425|   		current_file->name = newpath;
#  426|   	} else {
#  427|-> 		STRDUP(current_file->name, path, return -1);
#  428|   	}
#  429|   	current_file->size = archive_entry_size(entry);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def404]
pacman-v7.0.0/lib/libalpm/be_package.c:427:17: warning[-Wanalyzer-malloc-leak]: leak of ‘strdup(path)’
pacman-v7.0.0/lib/libalpm/be_package.c:725:15: enter_function: entry to ‘alpm_pkg_load’
pacman-v7.0.0/lib/libalpm/be_package.c:732:9: branch_false: following ‘false’ branch (when ‘handle’ is non-NULL)...
pacman-v7.0.0/lib/libalpm/be_package.c:732:9: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/be_package.c:733:9: branch_false: following ‘false’ branch (when ‘pkg’ is non-NULL)...
pacman-v7.0.0/lib/libalpm/be_package.c:735:19: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/be_package.c:736:11: branch_true: following ‘true’ branch...
pacman-v7.0.0/lib/libalpm/be_package.c:737:19: branch_true: following ‘true’ branch...
pacman-v7.0.0/lib/libalpm/be_package.c:738:38: branch_true: ...to here
pacman-v7.0.0/lib/libalpm/be_package.c:741:35: call_function: calling ‘read_sigfile’ from ‘alpm_pkg_load’
pacman-v7.0.0/lib/libalpm/be_package.c:741:35: return_function: returning to ‘alpm_pkg_load’ from ‘read_sigfile’
pacman-v7.0.0/lib/libalpm/be_package.c:743:27: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/be_package.c:750:28: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/be_package.c:750:27: branch_true: following ‘true’ branch...
pacman-v7.0.0/lib/libalpm/be_package.c:752:37: branch_true: ...to here
pacman-v7.0.0/lib/libalpm/be_package.c:752:47: branch_true: following ‘true’ branch (when ‘k’ is non-NULL)...
pacman-v7.0.0/lib/libalpm/be_package.c:753:47: branch_true: ...to here
pacman-v7.0.0/lib/libalpm/be_package.c:754:43: branch_true: following ‘true’ branch...
pacman-v7.0.0/lib/libalpm/be_package.c:755:60: branch_true: ...to here
pacman-v7.0.0/lib/libalpm/be_package.c:755:60: call_function: calling ‘_alpm_pkg_load_internal’ from ‘alpm_pkg_load’
#  425|   		current_file->name = newpath;
#  426|   	} else {
#  427|-> 		STRDUP(current_file->name, path, return -1);
#  428|   	}
#  429|   	current_file->size = archive_entry_size(entry);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def405]
pacman-v7.0.0/lib/libalpm/be_package.c:568:17: warning[-Wanalyzer-malloc-leak]: leak of ‘sig’
pacman-v7.0.0/lib/libalpm/be_package.c:725:15: enter_function: entry to ‘alpm_pkg_load’
pacman-v7.0.0/lib/libalpm/be_package.c:732:9: branch_false: following ‘false’ branch (when ‘handle’ is non-NULL)...
pacman-v7.0.0/lib/libalpm/be_package.c:732:9: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/be_package.c:733:9: branch_false: following ‘false’ branch (when ‘pkg’ is non-NULL)...
pacman-v7.0.0/lib/libalpm/be_package.c:735:19: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/be_package.c:736:11: branch_true: following ‘true’ branch...
pacman-v7.0.0/lib/libalpm/be_package.c:737:19: branch_true: following ‘true’ branch...
pacman-v7.0.0/lib/libalpm/be_package.c:738:38: branch_true: ...to here
pacman-v7.0.0/lib/libalpm/be_package.c:741:35: call_function: calling ‘read_sigfile’ from ‘alpm_pkg_load’
pacman-v7.0.0/lib/libalpm/be_package.c:741:35: return_function: returning to ‘alpm_pkg_load’ from ‘read_sigfile’
pacman-v7.0.0/lib/libalpm/be_package.c:743:27: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/be_package.c:750:28: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/be_package.c:750:27: branch_true: following ‘true’ branch...
pacman-v7.0.0/lib/libalpm/be_package.c:752:37: branch_true: ...to here
pacman-v7.0.0/lib/libalpm/be_package.c:752:47: branch_true: following ‘true’ branch (when ‘k’ is non-NULL)...
pacman-v7.0.0/lib/libalpm/be_package.c:753:47: branch_true: ...to here
pacman-v7.0.0/lib/libalpm/be_package.c:754:43: branch_true: following ‘true’ branch...
pacman-v7.0.0/lib/libalpm/be_package.c:755:60: branch_true: ...to here
pacman-v7.0.0/lib/libalpm/be_package.c:755:60: call_function: calling ‘_alpm_pkg_load_internal’ from ‘alpm_pkg_load’
#  566|   
#  567|   	if(pkgfile == NULL || strlen(pkgfile) == 0) {
#  568|-> 		RET_ERR(handle, ALPM_ERR_WRONG_ARGS, NULL);
#  569|   	}
#  570|   

Error: GCC_ANALYZER_WARNING (CWE-401): [#def406]
pacman-v7.0.0/lib/libalpm/be_package.c:571:14: warning[-Wanalyzer-malloc-leak]: leak of ‘sig’
pacman-v7.0.0/lib/libalpm/be_package.c:725:15: enter_function: entry to ‘alpm_pkg_load’
pacman-v7.0.0/lib/libalpm/be_package.c:732:9: branch_false: following ‘false’ branch (when ‘handle’ is non-NULL)...
pacman-v7.0.0/lib/libalpm/be_package.c:732:9: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/be_package.c:733:9: branch_false: following ‘false’ branch (when ‘pkg’ is non-NULL)...
pacman-v7.0.0/lib/libalpm/be_package.c:735:19: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/be_package.c:736:11: branch_true: following ‘true’ branch...
pacman-v7.0.0/lib/libalpm/be_package.c:737:19: branch_true: following ‘true’ branch...
pacman-v7.0.0/lib/libalpm/be_package.c:738:38: branch_true: ...to here
pacman-v7.0.0/lib/libalpm/be_package.c:741:35: call_function: calling ‘read_sigfile’ from ‘alpm_pkg_load’
pacman-v7.0.0/lib/libalpm/be_package.c:741:35: return_function: returning to ‘alpm_pkg_load’ from ‘read_sigfile’
pacman-v7.0.0/lib/libalpm/be_package.c:743:27: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/be_package.c:750:28: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/be_package.c:750:27: branch_true: following ‘true’ branch...
pacman-v7.0.0/lib/libalpm/be_package.c:752:37: branch_true: ...to here
pacman-v7.0.0/lib/libalpm/be_package.c:752:47: branch_true: following ‘true’ branch (when ‘k’ is non-NULL)...
pacman-v7.0.0/lib/libalpm/be_package.c:753:47: branch_true: ...to here
pacman-v7.0.0/lib/libalpm/be_package.c:754:43: branch_true: following ‘true’ branch...
pacman-v7.0.0/lib/libalpm/be_package.c:755:60: branch_true: ...to here
pacman-v7.0.0/lib/libalpm/be_package.c:755:60: call_function: calling ‘_alpm_pkg_load_internal’ from ‘alpm_pkg_load’
#  569|   	}
#  570|   
#  571|-> 	fd = _alpm_open_archive(handle, pkgfile, &st, &archive, ALPM_ERR_PKG_OPEN);
#  572|   	if(fd < 0) {
#  573|   		if(errno == ENOENT) {

Error: GCC_ANALYZER_WARNING (CWE-401): [#def407]
pacman-v7.0.0/lib/libalpm/be_package.c:583:18: warning[-Wanalyzer-malloc-leak]: leak of ‘sig’
pacman-v7.0.0/lib/libalpm/be_package.c:725:15: enter_function: entry to ‘alpm_pkg_load’
pacman-v7.0.0/lib/libalpm/be_package.c:732:9: branch_false: following ‘false’ branch (when ‘handle’ is non-NULL)...
pacman-v7.0.0/lib/libalpm/be_package.c:732:9: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/be_package.c:733:9: branch_false: following ‘false’ branch (when ‘pkg’ is non-NULL)...
pacman-v7.0.0/lib/libalpm/be_package.c:735:19: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/be_package.c:736:11: branch_true: following ‘true’ branch...
pacman-v7.0.0/lib/libalpm/be_package.c:737:19: branch_true: following ‘true’ branch...
pacman-v7.0.0/lib/libalpm/be_package.c:738:38: branch_true: ...to here
pacman-v7.0.0/lib/libalpm/be_package.c:741:35: call_function: calling ‘read_sigfile’ from ‘alpm_pkg_load’
pacman-v7.0.0/lib/libalpm/be_package.c:741:35: return_function: returning to ‘alpm_pkg_load’ from ‘read_sigfile’
pacman-v7.0.0/lib/libalpm/be_package.c:743:27: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/be_package.c:750:28: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/be_package.c:750:27: branch_true: following ‘true’ branch...
pacman-v7.0.0/lib/libalpm/be_package.c:752:37: branch_true: ...to here
pacman-v7.0.0/lib/libalpm/be_package.c:752:47: branch_true: following ‘true’ branch (when ‘k’ is non-NULL)...
pacman-v7.0.0/lib/libalpm/be_package.c:753:47: branch_true: ...to here
pacman-v7.0.0/lib/libalpm/be_package.c:754:43: branch_true: following ‘true’ branch...
pacman-v7.0.0/lib/libalpm/be_package.c:755:60: branch_true: ...to here
pacman-v7.0.0/lib/libalpm/be_package.c:755:60: call_function: calling ‘_alpm_pkg_load_internal’ from ‘alpm_pkg_load’
#  581|   	}
#  582|   
#  583|-> 	newpkg = _alpm_pkg_new();
#  584|   	if(newpkg == NULL) {
#  585|   		GOTO_ERR(handle, ALPM_ERR_MEMORY, error);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def408]
pacman-v7.0.0/lib/libalpm/be_package.c:585:17: warning[-Wanalyzer-malloc-leak]: leak of ‘sig’
pacman-v7.0.0/lib/libalpm/be_package.c:725:15: enter_function: entry to ‘alpm_pkg_load’
pacman-v7.0.0/lib/libalpm/be_package.c:732:9: branch_false: following ‘false’ branch (when ‘handle’ is non-NULL)...
pacman-v7.0.0/lib/libalpm/be_package.c:732:9: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/be_package.c:733:9: branch_false: following ‘false’ branch (when ‘pkg’ is non-NULL)...
pacman-v7.0.0/lib/libalpm/be_package.c:735:19: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/be_package.c:736:11: branch_true: following ‘true’ branch...
pacman-v7.0.0/lib/libalpm/be_package.c:737:19: branch_true: following ‘true’ branch...
pacman-v7.0.0/lib/libalpm/be_package.c:738:38: branch_true: ...to here
pacman-v7.0.0/lib/libalpm/be_package.c:741:35: call_function: calling ‘read_sigfile’ from ‘alpm_pkg_load’
pacman-v7.0.0/lib/libalpm/be_package.c:741:35: return_function: returning to ‘alpm_pkg_load’ from ‘read_sigfile’
pacman-v7.0.0/lib/libalpm/be_package.c:743:27: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/be_package.c:750:28: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/be_package.c:750:27: branch_true: following ‘true’ branch...
pacman-v7.0.0/lib/libalpm/be_package.c:752:37: branch_true: ...to here
pacman-v7.0.0/lib/libalpm/be_package.c:752:47: branch_true: following ‘true’ branch (when ‘k’ is non-NULL)...
pacman-v7.0.0/lib/libalpm/be_package.c:753:47: branch_true: ...to here
pacman-v7.0.0/lib/libalpm/be_package.c:754:43: branch_true: following ‘true’ branch...
pacman-v7.0.0/lib/libalpm/be_package.c:755:60: branch_true: ...to here
pacman-v7.0.0/lib/libalpm/be_package.c:755:60: call_function: calling ‘_alpm_pkg_load_internal’ from ‘alpm_pkg_load’
#  583|   	newpkg = _alpm_pkg_new();
#  584|   	if(newpkg == NULL) {
#  585|-> 		GOTO_ERR(handle, ALPM_ERR_MEMORY, error);
#  586|   	}
#  587|   	STRDUP(newpkg->filename, pkgfile, GOTO_ERR(handle, ALPM_ERR_MEMORY, error));

Error: GCC_ANALYZER_WARNING (CWE-775): [#def409]
pacman-v7.0.0/lib/libalpm/be_package.c:713:9: warning[-Wanalyzer-file-leak]: leak of FILE ‘fopen(sigpath, "rb")’
pacman-v7.0.0/lib/libalpm/be_package.c:704:18: acquire_resource: opened here
pacman-v7.0.0/lib/libalpm/be_package.c:704:11: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/be_package.c:708:12: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/be_package.c:708:11: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/be_package.c:713:9: branch_true: following ‘true’ branch...
pacman-v7.0.0/lib/libalpm/be_package.c:713:9: branch_true: ...to here
pacman-v7.0.0/lib/libalpm/be_package.c:713:9: danger: ‘fopen(sigpath, "rb")’ leaks here; was opened at [(1)](sarif:/runs/0/results/13/codeFlows/0/threadFlows/0/locations/0)
#  711|   	}
#  712|   
#  713|-> 	MALLOC(*sig, st.st_size, fclose(fp); return -1);
#  714|   
#  715|   	if(fread(*sig, st.st_size, 1, fp) != 1) {

Error: GCC_ANALYZER_WARNING (CWE-401): [#def410]
pacman-v7.0.0/lib/libalpm/be_package.c:713:9: warning[-Wanalyzer-malloc-leak]: leak of ‘fopen(sigpath, "rb")’
pacman-v7.0.0/lib/libalpm/be_package.c:704:18: acquire_memory: allocated here
pacman-v7.0.0/lib/libalpm/be_package.c:704:11: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/be_package.c:708:12: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/be_package.c:708:11: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/be_package.c:713:9: branch_true: following ‘true’ branch...
pacman-v7.0.0/lib/libalpm/be_package.c:713:9: branch_true: ...to here
pacman-v7.0.0/lib/libalpm/be_package.c:713:9: danger: ‘fopen(sigpath, "rb")’ leaks here; was allocated at [(1)](sarif:/runs/0/results/14/codeFlows/0/threadFlows/0/locations/0)
#  711|   	}
#  712|   
#  713|-> 	MALLOC(*sig, st.st_size, fclose(fp); return -1);
#  714|   
#  715|   	if(fread(*sig, st.st_size, 1, fp) != 1) {

Error: GCC_ANALYZER_WARNING (CWE-401): [#def411]
pacman-v7.0.0/lib/libalpm/be_package.c:744:33: warning[-Wanalyzer-malloc-leak]: leak of ‘sig’
pacman-v7.0.0/lib/libalpm/be_package.c:725:15: enter_function: entry to ‘alpm_pkg_load’
pacman-v7.0.0/lib/libalpm/be_package.c:732:9: branch_false: following ‘false’ branch (when ‘handle’ is non-NULL)...
pacman-v7.0.0/lib/libalpm/be_package.c:732:9: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/be_package.c:733:9: branch_false: following ‘false’ branch (when ‘pkg’ is non-NULL)...
pacman-v7.0.0/lib/libalpm/be_package.c:735:19: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/be_package.c:736:11: branch_true: following ‘true’ branch...
pacman-v7.0.0/lib/libalpm/be_package.c:737:19: branch_true: following ‘true’ branch...
pacman-v7.0.0/lib/libalpm/be_package.c:738:38: branch_true: ...to here
pacman-v7.0.0/lib/libalpm/be_package.c:741:35: call_function: calling ‘read_sigfile’ from ‘alpm_pkg_load’
pacman-v7.0.0/lib/libalpm/be_package.c:741:35: return_function: returning to ‘alpm_pkg_load’ from ‘read_sigfile’
pacman-v7.0.0/lib/libalpm/be_package.c:743:27: branch_true: following ‘true’ branch...
pacman-v7.0.0/lib/libalpm/be_package.c:745:41: branch_true: ...to here
pacman-v7.0.0/lib/libalpm/be_package.c:744:33: danger: ‘sig’ leaks here; was allocated at [(16)](sarif:/runs/0/results/15/codeFlows/0/threadFlows/0/locations/15)
#  742|   
#  743|   			if(len == -1) {
#  744|-> 				_alpm_log(handle, ALPM_LOG_ERROR,
#  745|   					_("failed to read signature file: %s\n"), sigpath);
#  746|   				free(sigpath);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def412]
pacman-v7.0.0/lib/libalpm/be_package.c:747:40: warning[-Wanalyzer-malloc-leak]: leak of ‘sig’
pacman-v7.0.0/lib/libalpm/be_package.c:725:15: enter_function: entry to ‘alpm_pkg_load’
pacman-v7.0.0/lib/libalpm/be_package.c:732:9: branch_false: following ‘false’ branch (when ‘handle’ is non-NULL)...
pacman-v7.0.0/lib/libalpm/be_package.c:732:9: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/be_package.c:733:9: branch_false: following ‘false’ branch (when ‘pkg’ is non-NULL)...
pacman-v7.0.0/lib/libalpm/be_package.c:735:19: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/be_package.c:736:11: branch_true: following ‘true’ branch...
pacman-v7.0.0/lib/libalpm/be_package.c:737:19: branch_true: following ‘true’ branch...
pacman-v7.0.0/lib/libalpm/be_package.c:738:38: branch_true: ...to here
pacman-v7.0.0/lib/libalpm/be_package.c:741:35: call_function: calling ‘read_sigfile’ from ‘alpm_pkg_load’
pacman-v7.0.0/lib/libalpm/be_package.c:741:35: return_function: returning to ‘alpm_pkg_load’ from ‘read_sigfile’
pacman-v7.0.0/lib/libalpm/be_package.c:743:27: branch_true: following ‘true’ branch...
pacman-v7.0.0/lib/libalpm/be_package.c:745:41: branch_true: ...to here
pacman-v7.0.0/lib/libalpm/be_package.c:747:40: danger: ‘sig’ leaks here; was allocated at [(16)](sarif:/runs/0/results/16/codeFlows/0/threadFlows/0/locations/15)
#  745|   					_("failed to read signature file: %s\n"), sigpath);
#  746|   				free(sigpath);
#  747|-> 				return -1;
#  748|   			}
#  749|   

Error: GCC_ANALYZER_WARNING (CWE-401): [#def413]
pacman-v7.0.0/lib/libalpm/be_package.c:750:28: warning[-Wanalyzer-malloc-leak]: leak of ‘sig’
pacman-v7.0.0/lib/libalpm/be_package.c:725:15: enter_function: entry to ‘alpm_pkg_load’
pacman-v7.0.0/lib/libalpm/be_package.c:732:9: branch_false: following ‘false’ branch (when ‘handle’ is non-NULL)...
pacman-v7.0.0/lib/libalpm/be_package.c:732:9: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/be_package.c:733:9: branch_false: following ‘false’ branch (when ‘pkg’ is non-NULL)...
pacman-v7.0.0/lib/libalpm/be_package.c:735:19: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/be_package.c:736:11: branch_true: following ‘true’ branch...
pacman-v7.0.0/lib/libalpm/be_package.c:737:19: branch_true: following ‘true’ branch...
pacman-v7.0.0/lib/libalpm/be_package.c:738:38: branch_true: ...to here
pacman-v7.0.0/lib/libalpm/be_package.c:741:35: call_function: calling ‘read_sigfile’ from ‘alpm_pkg_load’
pacman-v7.0.0/lib/libalpm/be_package.c:741:35: return_function: returning to ‘alpm_pkg_load’ from ‘read_sigfile’
pacman-v7.0.0/lib/libalpm/be_package.c:743:27: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/be_package.c:750:28: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/be_package.c:750:28: danger: ‘sig’ leaks here; was allocated at [(16)](sarif:/runs/0/results/17/codeFlows/0/threadFlows/0/locations/15)
#  748|   			}
#  749|   
#  750|-> 			if(alpm_extract_keyid(handle, filename, sig, len, &keys) == 0) {
#  751|   				alpm_list_t *k;
#  752|   				for(k = keys; k; k = k->next) {

Error: GCC_ANALYZER_WARNING (CWE-401): [#def414]
pacman-v7.0.0/lib/libalpm/be_package.c:754:44: warning[-Wanalyzer-malloc-leak]: leak of ‘sig’
pacman-v7.0.0/lib/libalpm/be_package.c:725:15: enter_function: entry to ‘alpm_pkg_load’
pacman-v7.0.0/lib/libalpm/be_package.c:732:9: branch_false: following ‘false’ branch (when ‘handle’ is non-NULL)...
pacman-v7.0.0/lib/libalpm/be_package.c:732:9: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/be_package.c:733:9: branch_false: following ‘false’ branch (when ‘pkg’ is non-NULL)...
pacman-v7.0.0/lib/libalpm/be_package.c:735:19: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/be_package.c:736:11: branch_true: following ‘true’ branch...
pacman-v7.0.0/lib/libalpm/be_package.c:737:19: branch_true: following ‘true’ branch...
pacman-v7.0.0/lib/libalpm/be_package.c:738:38: branch_true: ...to here
pacman-v7.0.0/lib/libalpm/be_package.c:741:35: call_function: calling ‘read_sigfile’ from ‘alpm_pkg_load’
pacman-v7.0.0/lib/libalpm/be_package.c:741:35: return_function: returning to ‘alpm_pkg_load’ from ‘read_sigfile’
pacman-v7.0.0/lib/libalpm/be_package.c:743:27: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/be_package.c:750:28: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/be_package.c:750:27: branch_true: following ‘true’ branch...
pacman-v7.0.0/lib/libalpm/be_package.c:752:37: branch_true: ...to here
pacman-v7.0.0/lib/libalpm/be_package.c:752:47: branch_true: following ‘true’ branch (when ‘k’ is non-NULL)...
pacman-v7.0.0/lib/libalpm/be_package.c:753:47: branch_true: ...to here
pacman-v7.0.0/lib/libalpm/be_package.c:754:44: danger: ‘sig’ leaks here; was allocated at [(16)](sarif:/runs/0/results/18/codeFlows/0/threadFlows/0/locations/15)
#  752|   				for(k = keys; k; k = k->next) {
#  753|   					char *key = k->data;
#  754|-> 					if(_alpm_key_in_keychain(handle, key) == 0) {
#  755|   						pkg_temp = _alpm_pkg_load_internal(handle, filename, full);
#  756|   						if(_alpm_key_import(handle, NULL, key) == -1) {

Error: GCC_ANALYZER_WARNING (CWE-401): [#def415]
pacman-v7.0.0/lib/libalpm/be_package.c:756:52: warning[-Wanalyzer-malloc-leak]: leak of ‘sig’
pacman-v7.0.0/lib/libalpm/be_package.c:725:15: enter_function: entry to ‘alpm_pkg_load’
pacman-v7.0.0/lib/libalpm/be_package.c:732:9: branch_false: following ‘false’ branch (when ‘handle’ is non-NULL)...
pacman-v7.0.0/lib/libalpm/be_package.c:732:9: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/be_package.c:733:9: branch_false: following ‘false’ branch (when ‘pkg’ is non-NULL)...
pacman-v7.0.0/lib/libalpm/be_package.c:735:19: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/be_package.c:736:11: branch_true: following ‘true’ branch...
pacman-v7.0.0/lib/libalpm/be_package.c:737:19: branch_true: following ‘true’ branch...
pacman-v7.0.0/lib/libalpm/be_package.c:738:38: branch_true: ...to here
pacman-v7.0.0/lib/libalpm/be_package.c:741:35: call_function: calling ‘read_sigfile’ from ‘alpm_pkg_load’
pacman-v7.0.0/lib/libalpm/be_package.c:741:35: return_function: returning to ‘alpm_pkg_load’ from ‘read_sigfile’
pacman-v7.0.0/lib/libalpm/be_package.c:743:27: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/be_package.c:750:28: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/be_package.c:750:27: branch_true: following ‘true’ branch...
pacman-v7.0.0/lib/libalpm/be_package.c:752:37: branch_true: ...to here
pacman-v7.0.0/lib/libalpm/be_package.c:752:47: branch_true: following ‘true’ branch (when ‘k’ is non-NULL)...
pacman-v7.0.0/lib/libalpm/be_package.c:753:47: branch_true: ...to here
pacman-v7.0.0/lib/libalpm/be_package.c:754:43: branch_true: following ‘true’ branch...
pacman-v7.0.0/lib/libalpm/be_package.c:755:60: branch_true: ...to here
pacman-v7.0.0/lib/libalpm/be_package.c:756:52: danger: ‘sig’ leaks here; was allocated at [(16)](sarif:/runs/0/results/19/codeFlows/0/threadFlows/0/locations/15)
#  754|   					if(_alpm_key_in_keychain(handle, key) == 0) {
#  755|   						pkg_temp = _alpm_pkg_load_internal(handle, filename, full);
#  756|-> 						if(_alpm_key_import(handle, NULL, key) == -1) {
#  757|   							fail = 1;
#  758|   						}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def416]
pacman-v7.0.0/lib/libalpm/be_package.c:762:33: warning[-Wanalyzer-malloc-leak]: leak of ‘sig’
pacman-v7.0.0/lib/libalpm/be_package.c:725:15: enter_function: entry to ‘alpm_pkg_load’
pacman-v7.0.0/lib/libalpm/be_package.c:732:9: branch_false: following ‘false’ branch (when ‘handle’ is non-NULL)...
pacman-v7.0.0/lib/libalpm/be_package.c:732:9: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/be_package.c:733:9: branch_false: following ‘false’ branch (when ‘pkg’ is non-NULL)...
pacman-v7.0.0/lib/libalpm/be_package.c:735:19: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/be_package.c:736:11: branch_true: following ‘true’ branch...
pacman-v7.0.0/lib/libalpm/be_package.c:737:19: branch_true: following ‘true’ branch...
pacman-v7.0.0/lib/libalpm/be_package.c:738:38: branch_true: ...to here
pacman-v7.0.0/lib/libalpm/be_package.c:741:35: call_function: calling ‘read_sigfile’ from ‘alpm_pkg_load’
pacman-v7.0.0/lib/libalpm/be_package.c:741:35: return_function: returning to ‘alpm_pkg_load’ from ‘read_sigfile’
pacman-v7.0.0/lib/libalpm/be_package.c:743:27: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/be_package.c:750:28: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/be_package.c:750:27: branch_true: following ‘true’ branch...
pacman-v7.0.0/lib/libalpm/be_package.c:752:37: branch_true: ...to here
pacman-v7.0.0/lib/libalpm/be_package.c:752:47: branch_false: following ‘false’ branch (when ‘k’ is NULL)...
pacman-v7.0.0/lib/libalpm/be_package.c:762:33: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/be_package.c:762:33: danger: ‘sig’ leaks here; was allocated at [(16)](sarif:/runs/0/results/20/codeFlows/0/threadFlows/0/locations/15)
#  760|   					}
#  761|   				}
#  762|-> 				FREELIST(keys);
#  763|   			}
#  764|   

Error: GCC_ANALYZER_WARNING (CWE-401): [#def417]
pacman-v7.0.0/lib/libalpm/conflict.c:53:9: warning[-Wanalyzer-malloc-leak]: leak of ‘conflict’
pacman-v7.0.0/lib/libalpm/conflict.c:160:13: enter_function: entry to ‘check_conflict’
pacman-v7.0.0/lib/libalpm/conflict.c:169:24: branch_true: following ‘true’ branch (when ‘i’ is non-NULL)...
pacman-v7.0.0/lib/libalpm/conflict.c:170:29: branch_true: ...to here
pacman-v7.0.0/lib/libalpm/conflict.c:173:55: branch_true: following ‘true’ branch (when ‘j’ is non-NULL)...
pacman-v7.0.0/lib/libalpm/conflict.c:174:40: branch_true: ...to here
pacman-v7.0.0/lib/libalpm/conflict.c:177:40: branch_true: following ‘true’ branch (when ‘k’ is non-NULL)...
pacman-v7.0.0/lib/libalpm/conflict.c:178:45: branch_true: ...to here
pacman-v7.0.0/lib/libalpm/conflict.c:186:35: branch_true: following ‘true’ branch...
pacman-v7.0.0/lib/libalpm/conflict.c:187:43: branch_true: ...to here
pacman-v7.0.0/lib/libalpm/conflict.c:187:43: branch_true: following ‘true’ branch (when ‘order >= 0’)...
pacman-v7.0.0/lib/libalpm/conflict.c:188:49: branch_true: ...to here
pacman-v7.0.0/lib/libalpm/conflict.c:188:49: call_function: calling ‘add_conflict’ from ‘check_conflict’
#   51|   	CALLOC(conflict, 1, sizeof(alpm_conflict_t), return NULL);
#   52|   
#   53|-> 	ASSERT(_alpm_pkg_dup(pkg1, &conflict->package1) == 0, goto error);
#   54|   	ASSERT(_alpm_pkg_dup(pkg2, &conflict->package2) == 0, goto error);
#   55|   	conflict->reason = reason;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def418]
pacman-v7.0.0/lib/libalpm/conflict.c:265:9: warning[-Wanalyzer-malloc-leak]: leak of ‘conflict’
pacman-v7.0.0/lib/libalpm/conflict.c:404:14: enter_function: entry to ‘_alpm_db_find_fileconflicts’
pacman-v7.0.0/lib/libalpm/conflict.c:412:11: branch_false: following ‘false’ branch (when ‘upgrade’ is non-NULL)...
pacman-v7.0.0/lib/libalpm/conflict.c:416:26: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/conflict.c:422:39: branch_true: following ‘true’ branch (when ‘i’ is non-NULL)...
pacman-v7.0.0/lib/libalpm/conflict.c:423:29: branch_true: ...to here
pacman-v7.0.0/lib/libalpm/conflict.c:435:34: branch_true: following ‘true’ branch (when ‘j’ is non-NULL)...
pacman-v7.0.0/lib/libalpm/conflict.c:437:37: branch_true: ...to here
pacman-v7.0.0/lib/libalpm/conflict.c:444:27: branch_true: following ‘true’ branch...
 branch_true: ...to here
pacman-v7.0.0/lib/libalpm/conflict.c:447:55: branch_true: following ‘true’ branch (when ‘k’ is non-NULL)...
pacman-v7.0.0/lib/libalpm/conflict.c:448:47: branch_true: ...to here
pacman-v7.0.0/lib/libalpm/conflict.c:464:53: call_function: calling ‘add_fileconflict’ from ‘_alpm_db_find_fileconflicts’
#  263|   	CALLOC(conflict, 1, sizeof(alpm_fileconflict_t), goto error);
#  264|   
#  265|-> 	STRDUP(conflict->target, pkg1->name, goto error);
#  266|   	STRDUP(conflict->file, filestr, goto error);
#  267|   	if(!pkg2) {

Error: GCC_ANALYZER_WARNING (CWE-401): [#def419]
pacman-v7.0.0/lib/libalpm/conflict.c:266:9: warning[-Wanalyzer-malloc-leak]: leak of ‘<unknown>’
pacman-v7.0.0/lib/libalpm/conflict.c:404:14: enter_function: entry to ‘_alpm_db_find_fileconflicts’
pacman-v7.0.0/lib/libalpm/conflict.c:412:11: branch_false: following ‘false’ branch (when ‘upgrade’ is non-NULL)...
pacman-v7.0.0/lib/libalpm/conflict.c:416:26: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/conflict.c:422:39: branch_true: following ‘true’ branch (when ‘i’ is non-NULL)...
pacman-v7.0.0/lib/libalpm/conflict.c:423:29: branch_true: ...to here
pacman-v7.0.0/lib/libalpm/conflict.c:435:34: branch_true: following ‘true’ branch (when ‘j’ is non-NULL)...
pacman-v7.0.0/lib/libalpm/conflict.c:437:37: branch_true: ...to here
pacman-v7.0.0/lib/libalpm/conflict.c:444:27: branch_true: following ‘true’ branch...
 branch_true: ...to here
pacman-v7.0.0/lib/libalpm/conflict.c:447:55: branch_true: following ‘true’ branch (when ‘k’ is non-NULL)...
pacman-v7.0.0/lib/libalpm/conflict.c:448:47: branch_true: ...to here
pacman-v7.0.0/lib/libalpm/conflict.c:464:53: call_function: calling ‘add_fileconflict’ from ‘_alpm_db_find_fileconflicts’
#  264|   
#  265|   	STRDUP(conflict->target, pkg1->name, goto error);
#  266|-> 	STRDUP(conflict->file, filestr, goto error);
#  267|   	if(!pkg2) {
#  268|   		conflict->type = ALPM_FILECONFLICT_FILESYSTEM;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def420]
pacman-v7.0.0/lib/libalpm/conflict.c:266:9: warning[-Wanalyzer-malloc-leak]: leak of ‘conflict’
pacman-v7.0.0/lib/libalpm/conflict.c:404:14: enter_function: entry to ‘_alpm_db_find_fileconflicts’
pacman-v7.0.0/lib/libalpm/conflict.c:412:11: branch_false: following ‘false’ branch (when ‘upgrade’ is non-NULL)...
pacman-v7.0.0/lib/libalpm/conflict.c:416:26: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/conflict.c:422:39: branch_true: following ‘true’ branch (when ‘i’ is non-NULL)...
pacman-v7.0.0/lib/libalpm/conflict.c:423:29: branch_true: ...to here
pacman-v7.0.0/lib/libalpm/conflict.c:435:34: branch_true: following ‘true’ branch (when ‘j’ is non-NULL)...
pacman-v7.0.0/lib/libalpm/conflict.c:437:37: branch_true: ...to here
pacman-v7.0.0/lib/libalpm/conflict.c:444:27: branch_true: following ‘true’ branch...
 branch_true: ...to here
pacman-v7.0.0/lib/libalpm/conflict.c:447:55: branch_true: following ‘true’ branch (when ‘k’ is non-NULL)...
pacman-v7.0.0/lib/libalpm/conflict.c:448:47: branch_true: ...to here
pacman-v7.0.0/lib/libalpm/conflict.c:464:53: call_function: calling ‘add_fileconflict’ from ‘_alpm_db_find_fileconflicts’
#  264|   
#  265|   	STRDUP(conflict->target, pkg1->name, goto error);
#  266|-> 	STRDUP(conflict->file, filestr, goto error);
#  267|   	if(!pkg2) {
#  268|   		conflict->type = ALPM_FILECONFLICT_FILESYSTEM;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def421]
pacman-v7.0.0/lib/libalpm/conflict.c:269:17: warning[-Wanalyzer-malloc-leak]: leak of ‘<unknown>’
pacman-v7.0.0/lib/libalpm/conflict.c:404:14: enter_function: entry to ‘_alpm_db_find_fileconflicts’
pacman-v7.0.0/lib/libalpm/conflict.c:412:11: branch_false: following ‘false’ branch (when ‘upgrade’ is non-NULL)...
pacman-v7.0.0/lib/libalpm/conflict.c:416:26: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/conflict.c:422:39: branch_true: following ‘true’ branch (when ‘i’ is non-NULL)...
pacman-v7.0.0/lib/libalpm/conflict.c:423:29: branch_true: ...to here
pacman-v7.0.0/lib/libalpm/conflict.c:435:34: branch_true: following ‘true’ branch (when ‘j’ is non-NULL)...
pacman-v7.0.0/lib/libalpm/conflict.c:437:37: branch_true: ...to here
pacman-v7.0.0/lib/libalpm/conflict.c:444:27: branch_true: following ‘true’ branch...
 branch_true: ...to here
pacman-v7.0.0/lib/libalpm/conflict.c:447:55: branch_true: following ‘true’ branch (when ‘k’ is non-NULL)...
pacman-v7.0.0/lib/libalpm/conflict.c:448:47: branch_true: ...to here
pacman-v7.0.0/lib/libalpm/conflict.c:464:53: call_function: calling ‘add_fileconflict’ from ‘_alpm_db_find_fileconflicts’
#  267|   	if(!pkg2) {
#  268|   		conflict->type = ALPM_FILECONFLICT_FILESYSTEM;
#  269|-> 		STRDUP(conflict->ctarget, "", goto error);
#  270|   	} else if(pkg2->origin == ALPM_PKG_FROM_LOCALDB) {
#  271|   		conflict->type = ALPM_FILECONFLICT_FILESYSTEM;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def422]
pacman-v7.0.0/lib/libalpm/conflict.c:269:17: warning[-Wanalyzer-malloc-leak]: leak of ‘conflict’
pacman-v7.0.0/lib/libalpm/conflict.c:404:14: enter_function: entry to ‘_alpm_db_find_fileconflicts’
pacman-v7.0.0/lib/libalpm/conflict.c:412:11: branch_false: following ‘false’ branch (when ‘upgrade’ is non-NULL)...
pacman-v7.0.0/lib/libalpm/conflict.c:416:26: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/conflict.c:422:39: branch_true: following ‘true’ branch (when ‘i’ is non-NULL)...
pacman-v7.0.0/lib/libalpm/conflict.c:423:29: branch_true: ...to here
pacman-v7.0.0/lib/libalpm/conflict.c:435:34: branch_true: following ‘true’ branch (when ‘j’ is non-NULL)...
pacman-v7.0.0/lib/libalpm/conflict.c:437:37: branch_true: ...to here
pacman-v7.0.0/lib/libalpm/conflict.c:444:27: branch_true: following ‘true’ branch...
 branch_true: ...to here
pacman-v7.0.0/lib/libalpm/conflict.c:447:55: branch_true: following ‘true’ branch (when ‘k’ is non-NULL)...
pacman-v7.0.0/lib/libalpm/conflict.c:448:47: branch_true: ...to here
pacman-v7.0.0/lib/libalpm/conflict.c:464:53: call_function: calling ‘add_fileconflict’ from ‘_alpm_db_find_fileconflicts’
#  267|   	if(!pkg2) {
#  268|   		conflict->type = ALPM_FILECONFLICT_FILESYSTEM;
#  269|-> 		STRDUP(conflict->ctarget, "", goto error);
#  270|   	} else if(pkg2->origin == ALPM_PKG_FROM_LOCALDB) {
#  271|   		conflict->type = ALPM_FILECONFLICT_FILESYSTEM;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def423]
pacman-v7.0.0/lib/libalpm/conflict.c:272:17: warning[-Wanalyzer-malloc-leak]: leak of ‘<unknown>’
pacman-v7.0.0/lib/libalpm/conflict.c:404:14: enter_function: entry to ‘_alpm_db_find_fileconflicts’
pacman-v7.0.0/lib/libalpm/conflict.c:412:11: branch_false: following ‘false’ branch (when ‘upgrade’ is non-NULL)...
pacman-v7.0.0/lib/libalpm/conflict.c:416:26: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/conflict.c:422:39: branch_true: following ‘true’ branch (when ‘i’ is non-NULL)...
pacman-v7.0.0/lib/libalpm/conflict.c:423:29: branch_true: ...to here
pacman-v7.0.0/lib/libalpm/conflict.c:435:34: branch_true: following ‘true’ branch (when ‘j’ is non-NULL)...
pacman-v7.0.0/lib/libalpm/conflict.c:437:37: branch_true: ...to here
pacman-v7.0.0/lib/libalpm/conflict.c:444:27: branch_true: following ‘true’ branch...
 branch_true: ...to here
pacman-v7.0.0/lib/libalpm/conflict.c:447:55: branch_true: following ‘true’ branch (when ‘k’ is non-NULL)...
pacman-v7.0.0/lib/libalpm/conflict.c:448:47: branch_true: ...to here
pacman-v7.0.0/lib/libalpm/conflict.c:464:53: call_function: calling ‘add_fileconflict’ from ‘_alpm_db_find_fileconflicts’
#  270|   	} else if(pkg2->origin == ALPM_PKG_FROM_LOCALDB) {
#  271|   		conflict->type = ALPM_FILECONFLICT_FILESYSTEM;
#  272|-> 		STRDUP(conflict->ctarget, pkg2->name, goto error);
#  273|   	} else {
#  274|   		conflict->type = ALPM_FILECONFLICT_TARGET;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def424]
pacman-v7.0.0/lib/libalpm/conflict.c:272:17: warning[-Wanalyzer-malloc-leak]: leak of ‘conflict’
pacman-v7.0.0/lib/libalpm/conflict.c:404:14: enter_function: entry to ‘_alpm_db_find_fileconflicts’
pacman-v7.0.0/lib/libalpm/conflict.c:412:11: branch_false: following ‘false’ branch (when ‘upgrade’ is non-NULL)...
pacman-v7.0.0/lib/libalpm/conflict.c:416:26: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/conflict.c:422:39: branch_true: following ‘true’ branch (when ‘i’ is non-NULL)...
pacman-v7.0.0/lib/libalpm/conflict.c:423:29: branch_true: ...to here
pacman-v7.0.0/lib/libalpm/conflict.c:435:34: branch_true: following ‘true’ branch (when ‘j’ is non-NULL)...
pacman-v7.0.0/lib/libalpm/conflict.c:437:37: branch_true: ...to here
pacman-v7.0.0/lib/libalpm/conflict.c:444:27: branch_true: following ‘true’ branch...
 branch_true: ...to here
pacman-v7.0.0/lib/libalpm/conflict.c:447:55: branch_true: following ‘true’ branch (when ‘k’ is non-NULL)...
pacman-v7.0.0/lib/libalpm/conflict.c:448:47: branch_true: ...to here
pacman-v7.0.0/lib/libalpm/conflict.c:464:53: call_function: calling ‘add_fileconflict’ from ‘_alpm_db_find_fileconflicts’
#  270|   	} else if(pkg2->origin == ALPM_PKG_FROM_LOCALDB) {
#  271|   		conflict->type = ALPM_FILECONFLICT_FILESYSTEM;
#  272|-> 		STRDUP(conflict->ctarget, pkg2->name, goto error);
#  273|   	} else {
#  274|   		conflict->type = ALPM_FILECONFLICT_TARGET;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def425]
pacman-v7.0.0/lib/libalpm/conflict.c:275:17: warning[-Wanalyzer-malloc-leak]: leak of ‘<unknown>’
pacman-v7.0.0/lib/libalpm/conflict.c:404:14: enter_function: entry to ‘_alpm_db_find_fileconflicts’
pacman-v7.0.0/lib/libalpm/conflict.c:412:11: branch_false: following ‘false’ branch (when ‘upgrade’ is non-NULL)...
pacman-v7.0.0/lib/libalpm/conflict.c:416:26: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/conflict.c:422:39: branch_true: following ‘true’ branch (when ‘i’ is non-NULL)...
pacman-v7.0.0/lib/libalpm/conflict.c:423:29: branch_true: ...to here
pacman-v7.0.0/lib/libalpm/conflict.c:435:34: branch_true: following ‘true’ branch (when ‘j’ is non-NULL)...
pacman-v7.0.0/lib/libalpm/conflict.c:437:37: branch_true: ...to here
pacman-v7.0.0/lib/libalpm/conflict.c:444:27: branch_true: following ‘true’ branch...
 branch_true: ...to here
pacman-v7.0.0/lib/libalpm/conflict.c:447:55: branch_true: following ‘true’ branch (when ‘k’ is non-NULL)...
pacman-v7.0.0/lib/libalpm/conflict.c:448:47: branch_true: ...to here
pacman-v7.0.0/lib/libalpm/conflict.c:464:53: call_function: calling ‘add_fileconflict’ from ‘_alpm_db_find_fileconflicts’
#  273|   	} else {
#  274|   		conflict->type = ALPM_FILECONFLICT_TARGET;
#  275|-> 		STRDUP(conflict->ctarget, pkg2->name, goto error);
#  276|   	}
#  277|   

Error: GCC_ANALYZER_WARNING (CWE-401): [#def426]
pacman-v7.0.0/lib/libalpm/conflict.c:275:17: warning[-Wanalyzer-malloc-leak]: leak of ‘conflict’
pacman-v7.0.0/lib/libalpm/conflict.c:404:14: enter_function: entry to ‘_alpm_db_find_fileconflicts’
pacman-v7.0.0/lib/libalpm/conflict.c:412:11: branch_false: following ‘false’ branch (when ‘upgrade’ is non-NULL)...
pacman-v7.0.0/lib/libalpm/conflict.c:416:26: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/conflict.c:422:39: branch_true: following ‘true’ branch (when ‘i’ is non-NULL)...
pacman-v7.0.0/lib/libalpm/conflict.c:423:29: branch_true: ...to here
pacman-v7.0.0/lib/libalpm/conflict.c:435:34: branch_true: following ‘true’ branch (when ‘j’ is non-NULL)...
pacman-v7.0.0/lib/libalpm/conflict.c:437:37: branch_true: ...to here
pacman-v7.0.0/lib/libalpm/conflict.c:444:27: branch_true: following ‘true’ branch...
 branch_true: ...to here
pacman-v7.0.0/lib/libalpm/conflict.c:447:55: branch_true: following ‘true’ branch (when ‘k’ is non-NULL)...
pacman-v7.0.0/lib/libalpm/conflict.c:448:47: branch_true: ...to here
pacman-v7.0.0/lib/libalpm/conflict.c:464:53: call_function: calling ‘add_fileconflict’ from ‘_alpm_db_find_fileconflicts’
#  273|   	} else {
#  274|   		conflict->type = ALPM_FILECONFLICT_TARGET;
#  275|-> 		STRDUP(conflict->ctarget, pkg2->name, goto error);
#  276|   	}
#  277|   

Error: GCC_ANALYZER_WARNING (CWE-401): [#def427]
pacman-v7.0.0/lib/libalpm/conflict.c:278:21: warning[-Wanalyzer-malloc-leak]: leak of ‘<unknown>’
pacman-v7.0.0/lib/libalpm/conflict.c:404:14: enter_function: entry to ‘_alpm_db_find_fileconflicts’
pacman-v7.0.0/lib/libalpm/conflict.c:412:11: branch_false: following ‘false’ branch (when ‘upgrade’ is non-NULL)...
pacman-v7.0.0/lib/libalpm/conflict.c:416:26: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/conflict.c:422:39: branch_true: following ‘true’ branch (when ‘i’ is non-NULL)...
pacman-v7.0.0/lib/libalpm/conflict.c:423:29: branch_true: ...to here
pacman-v7.0.0/lib/libalpm/conflict.c:435:34: branch_true: following ‘true’ branch (when ‘j’ is non-NULL)...
pacman-v7.0.0/lib/libalpm/conflict.c:437:37: branch_true: ...to here
pacman-v7.0.0/lib/libalpm/conflict.c:444:27: branch_true: following ‘true’ branch...
 branch_true: ...to here
pacman-v7.0.0/lib/libalpm/conflict.c:447:55: branch_true: following ‘true’ branch (when ‘k’ is non-NULL)...
pacman-v7.0.0/lib/libalpm/conflict.c:448:47: branch_true: ...to here
pacman-v7.0.0/lib/libalpm/conflict.c:464:53: call_function: calling ‘add_fileconflict’ from ‘_alpm_db_find_fileconflicts’
#  276|   	}
#  277|   
#  278|-> 	conflicts = alpm_list_add(conflicts, conflict);
#  279|   	_alpm_log(handle, ALPM_LOG_DEBUG, "found file conflict %s, packages %s and %s\n",
#  280|   	          filestr, pkg1->name, pkg2 ? pkg2->name : "(filesystem)");

Error: GCC_ANALYZER_WARNING (CWE-401): [#def428]
pacman-v7.0.0/lib/libalpm/conflict.c:278:21: warning[-Wanalyzer-malloc-leak]: leak of ‘conflict’
pacman-v7.0.0/lib/libalpm/conflict.c:404:14: enter_function: entry to ‘_alpm_db_find_fileconflicts’
pacman-v7.0.0/lib/libalpm/conflict.c:412:11: branch_false: following ‘false’ branch (when ‘upgrade’ is non-NULL)...
pacman-v7.0.0/lib/libalpm/conflict.c:416:26: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/conflict.c:422:39: branch_true: following ‘true’ branch (when ‘i’ is non-NULL)...
pacman-v7.0.0/lib/libalpm/conflict.c:423:29: branch_true: ...to here
pacman-v7.0.0/lib/libalpm/conflict.c:435:34: branch_true: following ‘true’ branch (when ‘j’ is non-NULL)...
pacman-v7.0.0/lib/libalpm/conflict.c:437:37: branch_true: ...to here
pacman-v7.0.0/lib/libalpm/conflict.c:444:27: branch_true: following ‘true’ branch...
 branch_true: ...to here
pacman-v7.0.0/lib/libalpm/conflict.c:447:55: branch_true: following ‘true’ branch (when ‘k’ is non-NULL)...
pacman-v7.0.0/lib/libalpm/conflict.c:448:47: branch_true: ...to here
pacman-v7.0.0/lib/libalpm/conflict.c:464:53: call_function: calling ‘add_fileconflict’ from ‘_alpm_db_find_fileconflicts’
#  276|   	}
#  277|   
#  278|-> 	conflicts = alpm_list_add(conflicts, conflict);
#  279|   	_alpm_log(handle, ALPM_LOG_DEBUG, "found file conflict %s, packages %s and %s\n",
#  280|   	          filestr, pkg1->name, pkg2 ? pkg2->name : "(filesystem)");

Error: GCC_ANALYZER_WARNING (CWE-401): [#def429]
pacman-v7.0.0/lib/libalpm/conflict.c:321:22: warning[-Wanalyzer-malloc-leak]: leak of ‘opendir(&full_path)’
pacman-v7.0.0/lib/libalpm/conflict.c:316:15: acquire_memory: allocated here
pacman-v7.0.0/lib/libalpm/conflict.c:317:11: branch_false: following ‘false’ branch...
 branch_false: ...to here
pacman-v7.0.0/lib/libalpm/conflict.c:321:22: danger: ‘opendir(&full_path)’ leaks here; was allocated at [(1)](sarif:/runs/0/results/12/codeFlows/0/threadFlows/0/locations/0)
#  319|   	}
#  320|   
#  321|-> 	while((ent = readdir(dir)) != NULL) {
#  322|   		const char *name = ent->d_name;
#  323|   		int owned = 0, is_dir = 0;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def430]
pacman-v7.0.0/lib/libalpm/conflict.c:591:41: warning[-Wanalyzer-malloc-leak]: leak of ‘strdup(relative_path)’
pacman-v7.0.0/lib/libalpm/conflict.c:412:11: branch_false: following ‘false’ branch (when ‘upgrade’ is non-NULL)...
pacman-v7.0.0/lib/libalpm/conflict.c:416:26: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/conflict.c:422:39: branch_true: following ‘true’ branch (when ‘i’ is non-NULL)...
pacman-v7.0.0/lib/libalpm/conflict.c:423:29: branch_true: ...to here
pacman-v7.0.0/lib/libalpm/conflict.c:500:35: branch_true: following ‘true’ branch (when ‘j’ is non-NULL)...
pacman-v7.0.0/lib/libalpm/conflict.c:501:37: branch_true: ...to here
pacman-v7.0.0/lib/libalpm/conflict.c:515:27: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/conflict.c:519:25: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/conflict.c:575:42: branch_true: following ‘true’ branch...
pacman-v7.0.0/lib/libalpm/conflict.c:576:55: branch_true: ...to here
pacman-v7.0.0/lib/libalpm/conflict.c:577:35: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/conflict.c:582:87: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/conflict.c:585:35: branch_true: following ‘true’ branch...
pacman-v7.0.0/lib/libalpm/conflict.c:592:91: acquire_memory: allocated here
pacman-v7.0.0/lib/libalpm/conflict.c:591:41: danger: ‘strdup(relative_path)’ leaks here; was allocated at [(15)](sarif:/runs/0/results/13/codeFlows/0/threadFlows/0/locations/14)
#  589|   					 * package from removing the file when it was already installed
#  590|   					 * by its new owner (whether the file is in backup array or not */
#  591|-> 					handle->trans->skip_remove =
#  592|   						alpm_list_add(handle->trans->skip_remove, strdup(relative_path));
#  593|   					_alpm_log(handle, ALPM_LOG_DEBUG,

Error: CPPCHECK_WARNING (CWE-476): [#def431]
pacman-v7.0.0/lib/libalpm/conflict.c:617: warning[nullPointerOutOfMemory]: If memory allocation fails, then there is a possible null pointer dereference: dir
#  615|   				size_t dir_len = strlen(relative_path) + 2;
#  616|   				char *dir = malloc(dir_len);
#  617|-> 				snprintf(dir, dir_len, "%s/", relative_path);
#  618|   
#  619|   				owners = alpm_db_find_file_owners(handle->db_local, dir);

Error: CPPCHECK_WARNING (CWE-476): [#def432]
pacman-v7.0.0/lib/libalpm/db.c:181: warning[nullPointer]: Possible null pointer dereference: newurl
#  179|   	STRDUP(newurl, url, return NULL);
#  180|   	/* strip the trailing slash if one exists */
#  181|-> 	if(newurl[len - 1] == '/') {
#  182|   		newurl[len - 1] = '\0';
#  183|   	}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def433]
pacman-v7.0.0/lib/libalpm/db.c:199:29: warning[-Wanalyzer-malloc-leak]: leak of ‘sanitize_url(url)’
pacman-v7.0.0/lib/libalpm/db.c:187:15: enter_function: entry to ‘alpm_db_add_cache_server’
pacman-v7.0.0/lib/libalpm/db.c:192:9: branch_false: following ‘false’ branch (when ‘db’ is non-NULL)...
pacman-v7.0.0/lib/libalpm/db.c:193:9: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/db.c:194:9: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/db.c:196:18: call_function: calling ‘sanitize_url’ from ‘alpm_db_add_cache_server’
pacman-v7.0.0/lib/libalpm/db.c:196:18: return_function: returning to ‘alpm_db_add_cache_server’ from ‘sanitize_url’
pacman-v7.0.0/lib/libalpm/db.c:197:9: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/db.c:199:29: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/db.c:199:29: danger: ‘sanitize_url(url)’ leaks here; was allocated at [(8)](sarif:/runs/0/results/0/codeFlows/0/threadFlows/0/locations/7)
#  197|   	ASSERT(newurl != NULL, RET_ERR(db->handle, ALPM_ERR_MEMORY, -1));
#  198|   
#  199|-> 	db->cache_servers = alpm_list_add(db->cache_servers, newurl);
#  200|   	_alpm_log(db->handle, ALPM_LOG_DEBUG, "adding new cache server URL to database '%s': %s\n",
#  201|   			db->treename, newurl);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def434]
pacman-v7.0.0/lib/libalpm/db.c:218:23: warning[-Wanalyzer-malloc-leak]: leak of ‘sanitize_url(url)’
pacman-v7.0.0/lib/libalpm/db.c:206:15: enter_function: entry to ‘alpm_db_add_server’
pacman-v7.0.0/lib/libalpm/db.c:211:9: branch_false: following ‘false’ branch (when ‘db’ is non-NULL)...
pacman-v7.0.0/lib/libalpm/db.c:212:9: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/db.c:213:9: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/db.c:215:18: call_function: calling ‘sanitize_url’ from ‘alpm_db_add_server’
pacman-v7.0.0/lib/libalpm/db.c:215:18: return_function: returning to ‘alpm_db_add_server’ from ‘sanitize_url’
pacman-v7.0.0/lib/libalpm/db.c:216:9: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/db.c:218:23: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/db.c:218:23: danger: ‘sanitize_url(url)’ leaks here; was allocated at [(8)](sarif:/runs/0/results/1/codeFlows/0/threadFlows/0/locations/7)
#  216|   	ASSERT(newurl != NULL, RET_ERR(db->handle, ALPM_ERR_MEMORY, -1));
#  217|   
#  218|-> 	db->servers = alpm_list_add(db->servers, newurl);
#  219|   	_alpm_log(db->handle, ALPM_LOG_DEBUG, "adding new server URL to database '%s': %s\n",
#  220|   			db->treename, newurl);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def435]
pacman-v7.0.0/lib/libalpm/db.c:238:29: warning[-Wanalyzer-malloc-leak]: leak of ‘sanitize_url(url)’
pacman-v7.0.0/lib/libalpm/db.c:225:15: enter_function: entry to ‘alpm_db_remove_cache_server’
pacman-v7.0.0/lib/libalpm/db.c:231:9: branch_false: following ‘false’ branch (when ‘db’ is non-NULL)...
pacman-v7.0.0/lib/libalpm/db.c:232:9: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/db.c:233:9: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/db.c:235:18: call_function: calling ‘sanitize_url’ from ‘alpm_db_remove_cache_server’
pacman-v7.0.0/lib/libalpm/db.c:235:18: return_function: returning to ‘alpm_db_remove_cache_server’ from ‘sanitize_url’
pacman-v7.0.0/lib/libalpm/db.c:236:9: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/db.c:238:29: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/db.c:238:29: danger: ‘sanitize_url(url)’ leaks here; was allocated at [(8)](sarif:/runs/0/results/2/codeFlows/0/threadFlows/0/locations/7)
#  236|   	ASSERT(newurl != NULL, RET_ERR(db->handle, ALPM_ERR_MEMORY, -1));
#  237|   
#  238|-> 	db->cache_servers = alpm_list_remove_str(db->cache_servers, newurl, &vdata);
#  239|   
#  240|   	if(vdata) {

Error: GCC_ANALYZER_WARNING (CWE-401): [#def436]
pacman-v7.0.0/lib/libalpm/db.c:241:17: warning[-Wanalyzer-malloc-leak]: leak of ‘sanitize_url(url)’
pacman-v7.0.0/lib/libalpm/db.c:225:15: enter_function: entry to ‘alpm_db_remove_cache_server’
pacman-v7.0.0/lib/libalpm/db.c:231:9: branch_false: following ‘false’ branch (when ‘db’ is non-NULL)...
pacman-v7.0.0/lib/libalpm/db.c:232:9: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/db.c:233:9: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/db.c:235:18: call_function: calling ‘sanitize_url’ from ‘alpm_db_remove_cache_server’
pacman-v7.0.0/lib/libalpm/db.c:235:18: return_function: returning to ‘alpm_db_remove_cache_server’ from ‘sanitize_url’
pacman-v7.0.0/lib/libalpm/db.c:236:9: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/db.c:238:29: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/db.c:240:11: branch_true: following ‘true’ branch...
pacman-v7.0.0/lib/libalpm/db.c:241:17: branch_true: ...to here
pacman-v7.0.0/lib/libalpm/db.c:241:17: danger: ‘sanitize_url(url)’ leaks here; was allocated at [(8)](sarif:/runs/0/results/3/codeFlows/0/threadFlows/0/locations/7)
#  239|   
#  240|   	if(vdata) {
#  241|-> 		_alpm_log(db->handle, ALPM_LOG_DEBUG, "removed cache server URL from database '%s': %s\n",
#  242|   				db->treename, newurl);
#  243|   		free(vdata);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def437]
pacman-v7.0.0/lib/libalpm/db.c:264:23: warning[-Wanalyzer-malloc-leak]: leak of ‘sanitize_url(url)’
pacman-v7.0.0/lib/libalpm/db.c:251:15: enter_function: entry to ‘alpm_db_remove_server’
pacman-v7.0.0/lib/libalpm/db.c:257:9: branch_false: following ‘false’ branch (when ‘db’ is non-NULL)...
pacman-v7.0.0/lib/libalpm/db.c:258:9: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/db.c:259:9: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/db.c:261:18: call_function: calling ‘sanitize_url’ from ‘alpm_db_remove_server’
pacman-v7.0.0/lib/libalpm/db.c:261:18: return_function: returning to ‘alpm_db_remove_server’ from ‘sanitize_url’
pacman-v7.0.0/lib/libalpm/db.c:262:9: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/db.c:264:23: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/db.c:264:23: danger: ‘sanitize_url(url)’ leaks here; was allocated at [(8)](sarif:/runs/0/results/4/codeFlows/0/threadFlows/0/locations/7)
#  262|   	ASSERT(newurl != NULL, RET_ERR(db->handle, ALPM_ERR_MEMORY, -1));
#  263|   
#  264|-> 	db->servers = alpm_list_remove_str(db->servers, newurl, &vdata);
#  265|   
#  266|   	if(vdata) {

Error: GCC_ANALYZER_WARNING (CWE-401): [#def438]
pacman-v7.0.0/lib/libalpm/db.c:267:17: warning[-Wanalyzer-malloc-leak]: leak of ‘sanitize_url(url)’
pacman-v7.0.0/lib/libalpm/db.c:251:15: enter_function: entry to ‘alpm_db_remove_server’
pacman-v7.0.0/lib/libalpm/db.c:257:9: branch_false: following ‘false’ branch (when ‘db’ is non-NULL)...
pacman-v7.0.0/lib/libalpm/db.c:258:9: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/db.c:259:9: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/db.c:261:18: call_function: calling ‘sanitize_url’ from ‘alpm_db_remove_server’
pacman-v7.0.0/lib/libalpm/db.c:261:18: return_function: returning to ‘alpm_db_remove_server’ from ‘sanitize_url’
pacman-v7.0.0/lib/libalpm/db.c:262:9: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/db.c:264:23: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/db.c:266:11: branch_true: following ‘true’ branch...
pacman-v7.0.0/lib/libalpm/db.c:267:17: branch_true: ...to here
pacman-v7.0.0/lib/libalpm/db.c:267:17: danger: ‘sanitize_url(url)’ leaks here; was allocated at [(8)](sarif:/runs/0/results/5/codeFlows/0/threadFlows/0/locations/7)
#  265|   
#  266|   	if(vdata) {
#  267|-> 		_alpm_log(db->handle, ALPM_LOG_DEBUG, "removed server URL from database '%s': %s\n",
#  268|   				db->treename, newurl);
#  269|   		free(vdata);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def439]
pacman-v7.0.0/lib/libalpm/db.c:376:9: warning[-Wanalyzer-malloc-leak]: leak of ‘db’
pacman-v7.0.0/lib/libalpm/db.c:375:9: acquire_memory: allocated here
pacman-v7.0.0/lib/libalpm/db.c:375:9: branch_false: following ‘false’ branch (when ‘db’ is non-NULL)...
pacman-v7.0.0/lib/libalpm/db.c:376:9: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/db.c:376:9: branch_true: following ‘true’ branch...
pacman-v7.0.0/lib/libalpm/db.c:376:9: danger: ‘db’ leaks here; was allocated at [(1)](sarif:/runs/0/results/6/codeFlows/0/threadFlows/0/locations/0)
#  374|   
#  375|   	CALLOC(db, 1, sizeof(alpm_db_t), return NULL);
#  376|-> 	STRDUP(db->treename, treename, FREE(db); return NULL);
#  377|   	if(is_local) {
#  378|   		db->status |= DB_STATUS_LOCAL;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def440]
pacman-v7.0.0/lib/libalpm/diskspace.c:119:17: warning[-Wanalyzer-malloc-leak]: leak of ‘mp’
pacman-v7.0.0/lib/libalpm/diskspace.c:107:11: branch_false: following ‘false’ branch (when ‘fp’ is non-NULL)...
 branch_false: ...to here
pacman-v7.0.0/lib/libalpm/diskspace.c:113:15: branch_true: following ‘true’ branch (when ‘mnt’ is non-NULL)...
pacman-v7.0.0/lib/libalpm/diskspace.c:114:20: branch_true: ...to here
pacman-v7.0.0/lib/libalpm/diskspace.c:118:17: acquire_memory: allocated here
pacman-v7.0.0/lib/libalpm/diskspace.c:118:17: branch_false: following ‘false’ branch (when ‘mp’ is non-NULL)...
pacman-v7.0.0/lib/libalpm/diskspace.c:119:17: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/diskspace.c:119:17: branch_true: following ‘true’ branch...
pacman-v7.0.0/lib/libalpm/diskspace.c:119:17: branch_true: ...to here
pacman-v7.0.0/lib/libalpm/diskspace.c:119:17: danger: ‘mp’ leaks here; was allocated at [(5)](sarif:/runs/0/results/0/codeFlows/0/threadFlows/0/locations/4)
#  117|   
#  118|   		CALLOC(mp, 1, sizeof(alpm_mountpoint_t), RET_ERR(handle, ALPM_ERR_MEMORY, NULL));
#  119|-> 		STRDUP(mp->mount_dir, mnt->mnt_dir, free(mp); RET_ERR(handle, ALPM_ERR_MEMORY, NULL));
#  120|   		mp->mount_dir_len = strlen(mp->mount_dir);
#  121|   

Error: GCC_ANALYZER_WARNING (CWE-401): [#def441]
pacman-v7.0.0/lib/libalpm/diskspace.c:122:32: warning[-Wanalyzer-malloc-leak]: leak of ‘<unknown>’
pacman-v7.0.0/lib/libalpm/diskspace.c:107:11: branch_false: following ‘false’ branch (when ‘fp’ is non-NULL)...
 branch_false: ...to here
pacman-v7.0.0/lib/libalpm/diskspace.c:113:15: branch_true: following ‘true’ branch (when ‘mnt’ is non-NULL)...
pacman-v7.0.0/lib/libalpm/diskspace.c:114:20: branch_true: ...to here
pacman-v7.0.0/lib/libalpm/diskspace.c:118:17: branch_false: following ‘false’ branch (when ‘mp’ is non-NULL)...
pacman-v7.0.0/lib/libalpm/diskspace.c:119:17: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/diskspace.c:119:17: acquire_memory: allocated here
pacman-v7.0.0/lib/libalpm/diskspace.c:119:17: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/diskspace.c:120:44: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/diskspace.c:122:32: danger: ‘<unknown>’ leaks here; was allocated at [(7)](sarif:/runs/0/results/1/codeFlows/0/threadFlows/0/locations/6)
#  120|   		mp->mount_dir_len = strlen(mp->mount_dir);
#  121|   
#  122|-> 		mount_points = alpm_list_add(mount_points, mp);
#  123|   	}
#  124|   

Error: GCC_ANALYZER_WARNING (CWE-401): [#def442]
pacman-v7.0.0/lib/libalpm/diskspace.c:122:32: warning[-Wanalyzer-malloc-leak]: leak of ‘mp’
pacman-v7.0.0/lib/libalpm/diskspace.c:107:11: branch_false: following ‘false’ branch (when ‘fp’ is non-NULL)...
 branch_false: ...to here
pacman-v7.0.0/lib/libalpm/diskspace.c:113:15: branch_true: following ‘true’ branch (when ‘mnt’ is non-NULL)...
pacman-v7.0.0/lib/libalpm/diskspace.c:114:20: branch_true: ...to here
pacman-v7.0.0/lib/libalpm/diskspace.c:118:17: acquire_memory: allocated here
pacman-v7.0.0/lib/libalpm/diskspace.c:118:17: branch_false: following ‘false’ branch (when ‘mp’ is non-NULL)...
pacman-v7.0.0/lib/libalpm/diskspace.c:119:17: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/diskspace.c:119:17: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/diskspace.c:120:44: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/diskspace.c:122:32: danger: ‘mp’ leaks here; was allocated at [(5)](sarif:/runs/0/results/2/codeFlows/0/threadFlows/0/locations/4)
#  120|   		mp->mount_dir_len = strlen(mp->mount_dir);
#  121|   
#  122|-> 		mount_points = alpm_list_add(mount_points, mp);
#  123|   	}
#  124|   

Error: CPPCHECK_WARNING (CWE-476): [#def443]
pacman-v7.0.0/lib/libalpm/dload.c:59: error[ctunullpointer]: Null pointer dereference: url
#   57|   static const char *get_filename(const char *url)
#   58|   {
#   59|-> 	char *filename = strrchr(url, '/');
#   60|   	if(filename != NULL) {
#   61|   		return filename + 1;

Error: CPPCHECK_WARNING (CWE-476): [#def444]
pacman-v7.0.0/lib/libalpm/dload.c:59: warning[nullPointer]: Possible null pointer dereference: url
#   57|   static const char *get_filename(const char *url)
#   58|   {
#   59|-> 	char *filename = strrchr(url, '/');
#   60|   	if(filename != NULL) {
#   61|   		return filename + 1;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def445]
pacman-v7.0.0/lib/libalpm/dload.c:99:9: warning[-Wanalyzer-malloc-leak]: leak of ‘<unknown>’
pacman-v7.0.0/lib/libalpm/dload.c:1289:15: enter_function: entry to ‘alpm_fetch_pkgurl’
pacman-v7.0.0/lib/libalpm/dload.c:1298:9: branch_false: following ‘false’ branch (when ‘handle’ is non-NULL)...
pacman-v7.0.0/lib/libalpm/dload.c:1298:9: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/dload.c:1299:9: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/dload.c:1302:20: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/dload.c:1304:9: branch_false: following ‘false’ branch...
 branch_false: ...to here
pacman-v7.0.0/lib/libalpm/dload.c:1306:23: branch_true: following ‘true’ branch (when ‘i’ is non-NULL)...
pacman-v7.0.0/lib/libalpm/dload.c:1307:23: branch_true: ...to here
pacman-v7.0.0/lib/libalpm/dload.c:1311:19: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/dload.c:1318:25: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/dload.c:1318:25: branch_false: following ‘false’ branch (when ‘url’ is non-NULL)...
pacman-v7.0.0/lib/libalpm/dload.c:1319:25: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/dload.c:1319:25: branch_false: following ‘false’ branch (when ‘payload’ is non-NULL)...
pacman-v7.0.0/lib/libalpm/dload.c:1320:25: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/dload.c:1320:25: acquire_memory: allocated here
pacman-v7.0.0/lib/libalpm/dload.c:1320:25: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/dload.c:1322:25: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/dload.c:1322:25: call_function: calling ‘get_filename’ from ‘alpm_fetch_pkgurl’
pacman-v7.0.0/lib/libalpm/dload.c:1322:25: return_function: returning to ‘alpm_fetch_pkgurl’ from ‘get_filename’
pacman-v7.0.0/lib/libalpm/dload.c:1322:25: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/dload.c:1325:29: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/dload.c:1343:51: call_function: calling ‘create_tempfile’ from ‘alpm_fetch_pkgurl’
#   97|   	/* create a random filename, which is opened with O_EXCL */
#   98|   	len = strlen(localpath) + 14 + 1;
#   99|-> 	MALLOC(randpath, len, RET_ERR(payload->handle, ALPM_ERR_MEMORY, NULL));
#  100|   	snprintf(randpath, len, "%salpmtmp.XXXXXX", localpath);
#  101|   	if((fd = mkstemp(randpath)) == -1 ||

Error: GCC_ANALYZER_WARNING (CWE-401): [#def446]
pacman-v7.0.0/lib/libalpm/dload.c:99:9: warning[-Wanalyzer-malloc-leak]: leak of ‘payload’
pacman-v7.0.0/lib/libalpm/dload.c:1289:15: enter_function: entry to ‘alpm_fetch_pkgurl’
pacman-v7.0.0/lib/libalpm/dload.c:1298:9: branch_false: following ‘false’ branch (when ‘handle’ is non-NULL)...
pacman-v7.0.0/lib/libalpm/dload.c:1298:9: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/dload.c:1299:9: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/dload.c:1302:20: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/dload.c:1304:9: branch_false: following ‘false’ branch...
 branch_false: ...to here
pacman-v7.0.0/lib/libalpm/dload.c:1306:23: branch_true: following ‘true’ branch (when ‘i’ is non-NULL)...
pacman-v7.0.0/lib/libalpm/dload.c:1307:23: branch_true: ...to here
pacman-v7.0.0/lib/libalpm/dload.c:1311:19: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/dload.c:1318:25: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/dload.c:1318:25: branch_false: following ‘false’ branch (when ‘url’ is non-NULL)...
pacman-v7.0.0/lib/libalpm/dload.c:1319:25: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/dload.c:1319:25: acquire_memory: allocated here
pacman-v7.0.0/lib/libalpm/dload.c:1319:25: branch_false: following ‘false’ branch (when ‘payload’ is non-NULL)...
pacman-v7.0.0/lib/libalpm/dload.c:1320:25: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/dload.c:1320:25: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/dload.c:1322:25: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/dload.c:1322:25: call_function: calling ‘get_filename’ from ‘alpm_fetch_pkgurl’
pacman-v7.0.0/lib/libalpm/dload.c:1322:25: return_function: returning to ‘alpm_fetch_pkgurl’ from ‘get_filename’
pacman-v7.0.0/lib/libalpm/dload.c:1322:25: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/dload.c:1325:29: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/dload.c:1343:51: call_function: calling ‘create_tempfile’ from ‘alpm_fetch_pkgurl’
#   97|   	/* create a random filename, which is opened with O_EXCL */
#   98|   	len = strlen(localpath) + 14 + 1;
#   99|-> 	MALLOC(randpath, len, RET_ERR(payload->handle, ALPM_ERR_MEMORY, NULL));
#  100|   	snprintf(randpath, len, "%salpmtmp.XXXXXX", localpath);
#  101|   	if((fd = mkstemp(randpath)) == -1 ||

Error: GCC_ANALYZER_WARNING (CWE-476): [#def447]
pacman-v7.0.0/lib/libalpm/dload.c:99:9: warning[-Wanalyzer-null-dereference]: dereference of NULL ‘0’
pacman-v7.0.0/lib/libalpm/dload.c:1289:15: enter_function: entry to ‘alpm_fetch_pkgurl’
pacman-v7.0.0/lib/libalpm/dload.c:1298:9: branch_false: following ‘false’ branch (when ‘handle’ is non-NULL)...
pacman-v7.0.0/lib/libalpm/dload.c:1298:9: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/dload.c:1299:9: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/dload.c:1302:20: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/dload.c:1304:9: branch_false: following ‘false’ branch...
 branch_false: ...to here
pacman-v7.0.0/lib/libalpm/dload.c:1306:23: branch_true: following ‘true’ branch (when ‘i’ is non-NULL)...
pacman-v7.0.0/lib/libalpm/dload.c:1307:23: branch_true: ...to here
pacman-v7.0.0/lib/libalpm/dload.c:1311:19: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/dload.c:1318:25: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/dload.c:1318:25: branch_false: following ‘false’ branch (when ‘url’ is non-NULL)...
pacman-v7.0.0/lib/libalpm/dload.c:1319:25: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/dload.c:1319:25: branch_false: following ‘false’ branch (when ‘payload’ is non-NULL)...
pacman-v7.0.0/lib/libalpm/dload.c:1320:25: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/dload.c:1320:25: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/dload.c:1322:25: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/dload.c:1322:25: call_function: calling ‘get_filename’ from ‘alpm_fetch_pkgurl’
pacman-v7.0.0/lib/libalpm/dload.c:1322:25: return_function: returning to ‘alpm_fetch_pkgurl’ from ‘get_filename’
pacman-v7.0.0/lib/libalpm/dload.c:1322:25: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/dload.c:1325:29: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/dload.c:1343:51: call_function: calling ‘create_tempfile’ from ‘alpm_fetch_pkgurl’
#   97|   	/* create a random filename, which is opened with O_EXCL */
#   98|   	len = strlen(localpath) + 14 + 1;
#   99|-> 	MALLOC(randpath, len, RET_ERR(payload->handle, ALPM_ERR_MEMORY, NULL));
#  100|   	snprintf(randpath, len, "%salpmtmp.XXXXXX", localpath);
#  101|   	if((fd = mkstemp(randpath)) == -1 ||

Error: GCC_ANALYZER_WARNING (CWE-401): [#def448]
pacman-v7.0.0/lib/libalpm/dload.c:101:18: warning[-Wanalyzer-malloc-leak]: leak of ‘<unknown>’
pacman-v7.0.0/lib/libalpm/dload.c:1289:15: enter_function: entry to ‘alpm_fetch_pkgurl’
pacman-v7.0.0/lib/libalpm/dload.c:1298:9: branch_false: following ‘false’ branch (when ‘handle’ is non-NULL)...
pacman-v7.0.0/lib/libalpm/dload.c:1298:9: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/dload.c:1299:9: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/dload.c:1302:20: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/dload.c:1304:9: branch_false: following ‘false’ branch...
 branch_false: ...to here
pacman-v7.0.0/lib/libalpm/dload.c:1306:23: branch_true: following ‘true’ branch (when ‘i’ is non-NULL)...
pacman-v7.0.0/lib/libalpm/dload.c:1307:23: branch_true: ...to here
pacman-v7.0.0/lib/libalpm/dload.c:1311:19: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/dload.c:1318:25: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/dload.c:1318:25: branch_false: following ‘false’ branch (when ‘url’ is non-NULL)...
pacman-v7.0.0/lib/libalpm/dload.c:1319:25: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/dload.c:1319:25: branch_false: following ‘false’ branch (when ‘payload’ is non-NULL)...
pacman-v7.0.0/lib/libalpm/dload.c:1320:25: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/dload.c:1320:25: acquire_memory: allocated here
pacman-v7.0.0/lib/libalpm/dload.c:1320:25: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/dload.c:1322:25: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/dload.c:1322:25: call_function: calling ‘get_filename’ from ‘alpm_fetch_pkgurl’
pacman-v7.0.0/lib/libalpm/dload.c:1322:25: return_function: returning to ‘alpm_fetch_pkgurl’ from ‘get_filename’
pacman-v7.0.0/lib/libalpm/dload.c:1322:25: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/dload.c:1325:29: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/dload.c:1343:51: call_function: calling ‘create_tempfile’ from ‘alpm_fetch_pkgurl’
#   99|   	MALLOC(randpath, len, RET_ERR(payload->handle, ALPM_ERR_MEMORY, NULL));
#  100|   	snprintf(randpath, len, "%salpmtmp.XXXXXX", localpath);
#  101|-> 	if((fd = mkstemp(randpath)) == -1 ||
#  102|   			fchmod(fd, ~(_getumask()) & 0666) ||
#  103|   			!(fp = fdopen(fd, payload->tempfile_openmode))) {

Error: GCC_ANALYZER_WARNING (CWE-401): [#def449]
pacman-v7.0.0/lib/libalpm/dload.c:101:18: warning[-Wanalyzer-malloc-leak]: leak of ‘payload’
pacman-v7.0.0/lib/libalpm/dload.c:1289:15: enter_function: entry to ‘alpm_fetch_pkgurl’
pacman-v7.0.0/lib/libalpm/dload.c:1298:9: branch_false: following ‘false’ branch (when ‘handle’ is non-NULL)...
pacman-v7.0.0/lib/libalpm/dload.c:1298:9: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/dload.c:1299:9: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/dload.c:1302:20: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/dload.c:1304:9: branch_false: following ‘false’ branch...
 branch_false: ...to here
pacman-v7.0.0/lib/libalpm/dload.c:1306:23: branch_true: following ‘true’ branch (when ‘i’ is non-NULL)...
pacman-v7.0.0/lib/libalpm/dload.c:1307:23: branch_true: ...to here
pacman-v7.0.0/lib/libalpm/dload.c:1311:19: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/dload.c:1318:25: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/dload.c:1318:25: branch_false: following ‘false’ branch (when ‘url’ is non-NULL)...
pacman-v7.0.0/lib/libalpm/dload.c:1319:25: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/dload.c:1319:25: acquire_memory: allocated here
pacman-v7.0.0/lib/libalpm/dload.c:1319:25: branch_false: following ‘false’ branch (when ‘payload’ is non-NULL)...
pacman-v7.0.0/lib/libalpm/dload.c:1320:25: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/dload.c:1320:25: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/dload.c:1322:25: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/dload.c:1322:25: call_function: calling ‘get_filename’ from ‘alpm_fetch_pkgurl’
pacman-v7.0.0/lib/libalpm/dload.c:1322:25: return_function: returning to ‘alpm_fetch_pkgurl’ from ‘get_filename’
pacman-v7.0.0/lib/libalpm/dload.c:1322:25: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/dload.c:1325:29: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/dload.c:1343:51: call_function: calling ‘create_tempfile’ from ‘alpm_fetch_pkgurl’
#   99|   	MALLOC(randpath, len, RET_ERR(payload->handle, ALPM_ERR_MEMORY, NULL));
#  100|   	snprintf(randpath, len, "%salpmtmp.XXXXXX", localpath);
#  101|-> 	if((fd = mkstemp(randpath)) == -1 ||
#  102|   			fchmod(fd, ~(_getumask()) & 0666) ||
#  103|   			!(fp = fdopen(fd, payload->tempfile_openmode))) {

Error: GCC_ANALYZER_WARNING (CWE-401): [#def450]
pacman-v7.0.0/lib/libalpm/dload.c:105:17: warning[-Wanalyzer-malloc-leak]: leak of ‘<unknown>’
pacman-v7.0.0/lib/libalpm/dload.c:1289:15: enter_function: entry to ‘alpm_fetch_pkgurl’
pacman-v7.0.0/lib/libalpm/dload.c:1298:9: branch_false: following ‘false’ branch (when ‘handle’ is non-NULL)...
pacman-v7.0.0/lib/libalpm/dload.c:1298:9: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/dload.c:1299:9: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/dload.c:1302:20: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/dload.c:1304:9: branch_false: following ‘false’ branch...
 branch_false: ...to here
pacman-v7.0.0/lib/libalpm/dload.c:1306:23: branch_true: following ‘true’ branch (when ‘i’ is non-NULL)...
pacman-v7.0.0/lib/libalpm/dload.c:1307:23: branch_true: ...to here
pacman-v7.0.0/lib/libalpm/dload.c:1311:19: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/dload.c:1318:25: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/dload.c:1318:25: branch_false: following ‘false’ branch (when ‘url’ is non-NULL)...
pacman-v7.0.0/lib/libalpm/dload.c:1319:25: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/dload.c:1319:25: branch_false: following ‘false’ branch (when ‘payload’ is non-NULL)...
pacman-v7.0.0/lib/libalpm/dload.c:1320:25: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/dload.c:1320:25: acquire_memory: allocated here
pacman-v7.0.0/lib/libalpm/dload.c:1320:25: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/dload.c:1322:25: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/dload.c:1322:25: call_function: calling ‘get_filename’ from ‘alpm_fetch_pkgurl’
pacman-v7.0.0/lib/libalpm/dload.c:1322:25: return_function: returning to ‘alpm_fetch_pkgurl’ from ‘get_filename’
pacman-v7.0.0/lib/libalpm/dload.c:1322:25: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/dload.c:1325:29: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/dload.c:1343:51: call_function: calling ‘create_tempfile’ from ‘alpm_fetch_pkgurl’
#  103|   			!(fp = fdopen(fd, payload->tempfile_openmode))) {
#  104|   		unlink(randpath);
#  105|-> 		close(fd);
#  106|   		_alpm_log(payload->handle, ALPM_LOG_ERROR,
#  107|   				_("failed to create temporary file for download\n"));

Error: GCC_ANALYZER_WARNING (CWE-401): [#def451]
pacman-v7.0.0/lib/libalpm/dload.c:105:17: warning[-Wanalyzer-malloc-leak]: leak of ‘payload’
pacman-v7.0.0/lib/libalpm/dload.c:1289:15: enter_function: entry to ‘alpm_fetch_pkgurl’
pacman-v7.0.0/lib/libalpm/dload.c:1298:9: branch_false: following ‘false’ branch (when ‘handle’ is non-NULL)...
pacman-v7.0.0/lib/libalpm/dload.c:1298:9: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/dload.c:1299:9: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/dload.c:1302:20: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/dload.c:1304:9: branch_false: following ‘false’ branch...
 branch_false: ...to here
pacman-v7.0.0/lib/libalpm/dload.c:1306:23: branch_true: following ‘true’ branch (when ‘i’ is non-NULL)...
pacman-v7.0.0/lib/libalpm/dload.c:1307:23: branch_true: ...to here
pacman-v7.0.0/lib/libalpm/dload.c:1311:19: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/dload.c:1318:25: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/dload.c:1318:25: branch_false: following ‘false’ branch (when ‘url’ is non-NULL)...
pacman-v7.0.0/lib/libalpm/dload.c:1319:25: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/dload.c:1319:25: acquire_memory: allocated here
pacman-v7.0.0/lib/libalpm/dload.c:1319:25: branch_false: following ‘false’ branch (when ‘payload’ is non-NULL)...
pacman-v7.0.0/lib/libalpm/dload.c:1320:25: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/dload.c:1320:25: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/dload.c:1322:25: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/dload.c:1322:25: call_function: calling ‘get_filename’ from ‘alpm_fetch_pkgurl’
pacman-v7.0.0/lib/libalpm/dload.c:1322:25: return_function: returning to ‘alpm_fetch_pkgurl’ from ‘get_filename’
pacman-v7.0.0/lib/libalpm/dload.c:1322:25: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/dload.c:1325:29: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/dload.c:1343:51: call_function: calling ‘create_tempfile’ from ‘alpm_fetch_pkgurl’
#  103|   			!(fp = fdopen(fd, payload->tempfile_openmode))) {
#  104|   		unlink(randpath);
#  105|-> 		close(fd);
#  106|   		_alpm_log(payload->handle, ALPM_LOG_ERROR,
#  107|   				_("failed to create temporary file for download\n"));

Error: GCC_ANALYZER_WARNING (CWE-401): [#def452]
pacman-v7.0.0/lib/libalpm/dload.c:106:17: warning[-Wanalyzer-malloc-leak]: leak of ‘<unknown>’
pacman-v7.0.0/lib/libalpm/dload.c:1289:15: enter_function: entry to ‘alpm_fetch_pkgurl’
pacman-v7.0.0/lib/libalpm/dload.c:1298:9: branch_false: following ‘false’ branch (when ‘handle’ is non-NULL)...
pacman-v7.0.0/lib/libalpm/dload.c:1298:9: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/dload.c:1299:9: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/dload.c:1302:20: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/dload.c:1304:9: branch_false: following ‘false’ branch...
 branch_false: ...to here
pacman-v7.0.0/lib/libalpm/dload.c:1306:23: branch_true: following ‘true’ branch (when ‘i’ is non-NULL)...
pacman-v7.0.0/lib/libalpm/dload.c:1307:23: branch_true: ...to here
pacman-v7.0.0/lib/libalpm/dload.c:1311:19: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/dload.c:1318:25: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/dload.c:1318:25: branch_false: following ‘false’ branch (when ‘url’ is non-NULL)...
pacman-v7.0.0/lib/libalpm/dload.c:1319:25: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/dload.c:1319:25: branch_false: following ‘false’ branch (when ‘payload’ is non-NULL)...
pacman-v7.0.0/lib/libalpm/dload.c:1320:25: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/dload.c:1320:25: acquire_memory: allocated here
pacman-v7.0.0/lib/libalpm/dload.c:1320:25: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/dload.c:1322:25: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/dload.c:1322:25: call_function: calling ‘get_filename’ from ‘alpm_fetch_pkgurl’
pacman-v7.0.0/lib/libalpm/dload.c:1322:25: return_function: returning to ‘alpm_fetch_pkgurl’ from ‘get_filename’
pacman-v7.0.0/lib/libalpm/dload.c:1322:25: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/dload.c:1325:29: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/dload.c:1343:51: call_function: calling ‘create_tempfile’ from ‘alpm_fetch_pkgurl’
#  104|   		unlink(randpath);
#  105|   		close(fd);
#  106|-> 		_alpm_log(payload->handle, ALPM_LOG_ERROR,
#  107|   				_("failed to create temporary file for download\n"));
#  108|   		free(randpath);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def453]
pacman-v7.0.0/lib/libalpm/dload.c:106:17: warning[-Wanalyzer-malloc-leak]: leak of ‘payload’
pacman-v7.0.0/lib/libalpm/dload.c:1289:15: enter_function: entry to ‘alpm_fetch_pkgurl’
pacman-v7.0.0/lib/libalpm/dload.c:1298:9: branch_false: following ‘false’ branch (when ‘handle’ is non-NULL)...
pacman-v7.0.0/lib/libalpm/dload.c:1298:9: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/dload.c:1299:9: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/dload.c:1302:20: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/dload.c:1304:9: branch_false: following ‘false’ branch...
 branch_false: ...to here
pacman-v7.0.0/lib/libalpm/dload.c:1306:23: branch_true: following ‘true’ branch (when ‘i’ is non-NULL)...
pacman-v7.0.0/lib/libalpm/dload.c:1307:23: branch_true: ...to here
pacman-v7.0.0/lib/libalpm/dload.c:1311:19: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/dload.c:1318:25: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/dload.c:1318:25: branch_false: following ‘false’ branch (when ‘url’ is non-NULL)...
pacman-v7.0.0/lib/libalpm/dload.c:1319:25: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/dload.c:1319:25: acquire_memory: allocated here
pacman-v7.0.0/lib/libalpm/dload.c:1319:25: branch_false: following ‘false’ branch (when ‘payload’ is non-NULL)...
pacman-v7.0.0/lib/libalpm/dload.c:1320:25: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/dload.c:1320:25: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/dload.c:1322:25: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/dload.c:1322:25: call_function: calling ‘get_filename’ from ‘alpm_fetch_pkgurl’
pacman-v7.0.0/lib/libalpm/dload.c:1322:25: return_function: returning to ‘alpm_fetch_pkgurl’ from ‘get_filename’
pacman-v7.0.0/lib/libalpm/dload.c:1322:25: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/dload.c:1325:29: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/dload.c:1343:51: call_function: calling ‘create_tempfile’ from ‘alpm_fetch_pkgurl’
#  104|   		unlink(randpath);
#  105|   		close(fd);
#  106|-> 		_alpm_log(payload->handle, ALPM_LOG_ERROR,
#  107|   				_("failed to create temporary file for download\n"));
#  108|   		free(randpath);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def454]
pacman-v7.0.0/lib/libalpm/dload.c:115:9: warning[-Wanalyzer-malloc-leak]: leak of ‘<unknown>’
pacman-v7.0.0/lib/libalpm/dload.c:1289:15: enter_function: entry to ‘alpm_fetch_pkgurl’
pacman-v7.0.0/lib/libalpm/dload.c:1298:9: branch_false: following ‘false’ branch (when ‘handle’ is non-NULL)...
pacman-v7.0.0/lib/libalpm/dload.c:1298:9: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/dload.c:1299:9: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/dload.c:1302:20: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/dload.c:1304:9: branch_false: following ‘false’ branch...
 branch_false: ...to here
pacman-v7.0.0/lib/libalpm/dload.c:1306:23: branch_true: following ‘true’ branch (when ‘i’ is non-NULL)...
pacman-v7.0.0/lib/libalpm/dload.c:1307:23: branch_true: ...to here
pacman-v7.0.0/lib/libalpm/dload.c:1311:19: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/dload.c:1318:25: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/dload.c:1318:25: branch_false: following ‘false’ branch (when ‘url’ is non-NULL)...
pacman-v7.0.0/lib/libalpm/dload.c:1319:25: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/dload.c:1319:25: branch_false: following ‘false’ branch (when ‘payload’ is non-NULL)...
pacman-v7.0.0/lib/libalpm/dload.c:1320:25: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/dload.c:1320:25: acquire_memory: allocated here
pacman-v7.0.0/lib/libalpm/dload.c:1320:25: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/dload.c:1322:25: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/dload.c:1322:25: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/dload.c:1325:29: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/dload.c:1343:51: call_function: calling ‘create_tempfile’ from ‘alpm_fetch_pkgurl’
#  113|   	payload->tempfile_name = randpath;
#  114|   	free(payload->remote_name);
#  115|-> 	STRDUP(payload->remote_name, strrchr(randpath, '/') + 1,
#  116|   			fclose(fp); RET_ERR(payload->handle, ALPM_ERR_MEMORY, NULL));
#  117|   

Error: GCC_ANALYZER_WARNING (CWE-401): [#def455]
pacman-v7.0.0/lib/libalpm/dload.c:115:9: warning[-Wanalyzer-malloc-leak]: leak of ‘fp’
pacman-v7.0.0/lib/libalpm/dload.c:1289:15: enter_function: entry to ‘alpm_fetch_pkgurl’
pacman-v7.0.0/lib/libalpm/dload.c:1298:9: branch_false: following ‘false’ branch (when ‘handle’ is non-NULL)...
pacman-v7.0.0/lib/libalpm/dload.c:1298:9: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/dload.c:1299:9: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/dload.c:1302:20: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/dload.c:1304:9: branch_false: following ‘false’ branch...
 branch_false: ...to here
pacman-v7.0.0/lib/libalpm/dload.c:1306:23: branch_true: following ‘true’ branch (when ‘i’ is non-NULL)...
pacman-v7.0.0/lib/libalpm/dload.c:1307:23: branch_true: ...to here
pacman-v7.0.0/lib/libalpm/dload.c:1311:19: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/dload.c:1318:25: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/dload.c:1318:25: branch_false: following ‘false’ branch (when ‘url’ is non-NULL)...
pacman-v7.0.0/lib/libalpm/dload.c:1319:25: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/dload.c:1319:25: branch_false: following ‘false’ branch (when ‘payload’ is non-NULL)...
pacman-v7.0.0/lib/libalpm/dload.c:1320:25: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/dload.c:1320:25: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/dload.c:1322:25: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/dload.c:1322:25: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/dload.c:1325:29: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/dload.c:1343:51: call_function: calling ‘create_tempfile’ from ‘alpm_fetch_pkgurl’
#  113|   	payload->tempfile_name = randpath;
#  114|   	free(payload->remote_name);
#  115|-> 	STRDUP(payload->remote_name, strrchr(randpath, '/') + 1,
#  116|   			fclose(fp); RET_ERR(payload->handle, ALPM_ERR_MEMORY, NULL));
#  117|   

Error: GCC_ANALYZER_WARNING (CWE-401): [#def456]
pacman-v7.0.0/lib/libalpm/dload.c:115:9: warning[-Wanalyzer-malloc-leak]: leak of ‘payload’
pacman-v7.0.0/lib/libalpm/dload.c:1289:15: enter_function: entry to ‘alpm_fetch_pkgurl’
pacman-v7.0.0/lib/libalpm/dload.c:1298:9: branch_false: following ‘false’ branch (when ‘handle’ is non-NULL)...
pacman-v7.0.0/lib/libalpm/dload.c:1298:9: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/dload.c:1299:9: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/dload.c:1302:20: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/dload.c:1304:9: branch_false: following ‘false’ branch...
 branch_false: ...to here
pacman-v7.0.0/lib/libalpm/dload.c:1306:23: branch_true: following ‘true’ branch (when ‘i’ is non-NULL)...
pacman-v7.0.0/lib/libalpm/dload.c:1307:23: branch_true: ...to here
pacman-v7.0.0/lib/libalpm/dload.c:1311:19: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/dload.c:1318:25: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/dload.c:1318:25: branch_false: following ‘false’ branch (when ‘url’ is non-NULL)...
pacman-v7.0.0/lib/libalpm/dload.c:1319:25: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/dload.c:1319:25: acquire_memory: allocated here
pacman-v7.0.0/lib/libalpm/dload.c:1319:25: branch_false: following ‘false’ branch (when ‘payload’ is non-NULL)...
pacman-v7.0.0/lib/libalpm/dload.c:1320:25: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/dload.c:1320:25: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/dload.c:1322:25: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/dload.c:1322:25: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/dload.c:1325:29: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/dload.c:1343:51: call_function: calling ‘create_tempfile’ from ‘alpm_fetch_pkgurl’
#  113|   	payload->tempfile_name = randpath;
#  114|   	free(payload->remote_name);
#  115|-> 	STRDUP(payload->remote_name, strrchr(randpath, '/') + 1,
#  116|   			fclose(fp); RET_ERR(payload->handle, ALPM_ERR_MEMORY, NULL));
#  117|   

Error: GCC_ANALYZER_WARNING (CWE-476): [#def457]
pacman-v7.0.0/lib/libalpm/dload.c:115:9: warning[-Wanalyzer-null-dereference]: dereference of NULL ‘0’
pacman-v7.0.0/lib/libalpm/dload.c:1289:15: enter_function: entry to ‘alpm_fetch_pkgurl’
pacman-v7.0.0/lib/libalpm/dload.c:1298:9: branch_false: following ‘false’ branch (when ‘handle’ is non-NULL)...
pacman-v7.0.0/lib/libalpm/dload.c:1298:9: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/dload.c:1299:9: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/dload.c:1302:20: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/dload.c:1304:9: branch_false: following ‘false’ branch...
 branch_false: ...to here
pacman-v7.0.0/lib/libalpm/dload.c:1306:23: branch_true: following ‘true’ branch (when ‘i’ is non-NULL)...
pacman-v7.0.0/lib/libalpm/dload.c:1307:23: branch_true: ...to here
pacman-v7.0.0/lib/libalpm/dload.c:1311:19: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/dload.c:1318:25: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/dload.c:1318:25: branch_false: following ‘false’ branch (when ‘url’ is non-NULL)...
pacman-v7.0.0/lib/libalpm/dload.c:1319:25: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/dload.c:1319:25: branch_false: following ‘false’ branch (when ‘payload’ is non-NULL)...
pacman-v7.0.0/lib/libalpm/dload.c:1320:25: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/dload.c:1320:25: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/dload.c:1322:25: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/dload.c:1322:25: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/dload.c:1325:29: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/dload.c:1343:51: call_function: calling ‘create_tempfile’ from ‘alpm_fetch_pkgurl’
#  113|   	payload->tempfile_name = randpath;
#  114|   	free(payload->remote_name);
#  115|-> 	STRDUP(payload->remote_name, strrchr(randpath, '/') + 1,
#  116|   			fclose(fp); RET_ERR(payload->handle, ALPM_ERR_MEMORY, NULL));
#  117|   

Error: GCC_ANALYZER_WARNING (CWE-401): [#def458]
pacman-v7.0.0/lib/libalpm/dload.c:157:28: warning[-Wanalyzer-malloc-leak]: leak of ‘h’
pacman-v7.0.0/lib/libalpm/dload.c:916:12: enter_function: entry to ‘curl_download_internal_sandboxed’
pacman-v7.0.0/lib/libalpm/dload.c:929:11: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/dload.c:933:9: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/dload.c:945:11: branch_true: following ‘true’ branch (when ‘pid == 0’)...
pacman-v7.0.0/lib/libalpm/dload.c:946:17: branch_true: ...to here
pacman-v7.0.0/lib/libalpm/dload.c:961:19: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/dload.c:966:64: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/dload.c:967:28: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/dload.c:972:31: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/dload.c:972:31: call_function: calling ‘curl_download_internal’ from ‘curl_download_internal_sandboxed’
#  155|   	}
#  156|   	if((h = calloc(sizeof(struct server_error_count), 1))
#  157|-> 			&& alpm_list_append(&handle->server_errors, h)) {
#  158|   		strcpy(h->server, hostname);
#  159|   		h->errors = 0;

Error: GCC_ANALYZER_WARNING (CWE-775): [#def459]
pacman-v7.0.0/lib/libalpm/dload.c:946:17: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘callbacks_fd[0]’
pacman-v7.0.0/lib/libalpm/dload.c:929:11: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/dload.c:933:9: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/dload.c:945:11: branch_true: following ‘true’ branch (when ‘pid == 0’)...
pacman-v7.0.0/lib/libalpm/dload.c:946:17: branch_true: ...to here
pacman-v7.0.0/lib/libalpm/dload.c:946:17: danger: ‘callbacks_fd[0]’ leaks here
#  944|   	/* child */
#  945|   	if(pid == 0) {
#  946|-> 		close(callbacks_fd[0]);
#  947|   		fcntl(callbacks_fd[1], F_SETFD, FD_CLOEXEC);
#  948|   		callbacks_ctx.callback_pipe = callbacks_fd[1];

Error: GCC_ANALYZER_WARNING (CWE-775): [#def460]
pacman-v7.0.0/lib/libalpm/dload.c:946:17: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘callbacks_fd[1]’
pacman-v7.0.0/lib/libalpm/dload.c:929:11: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/dload.c:933:9: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/dload.c:945:11: branch_true: following ‘true’ branch (when ‘pid == 0’)...
pacman-v7.0.0/lib/libalpm/dload.c:946:17: branch_true: ...to here
pacman-v7.0.0/lib/libalpm/dload.c:946:17: danger: ‘callbacks_fd[1]’ leaks here
#  944|   	/* child */
#  945|   	if(pid == 0) {
#  946|-> 		close(callbacks_fd[0]);
#  947|   		fcntl(callbacks_fd[1], F_SETFD, FD_CLOEXEC);
#  948|   		callbacks_ctx.callback_pipe = callbacks_fd[1];

Error: GCC_ANALYZER_WARNING (CWE-775): [#def461]
pacman-v7.0.0/lib/libalpm/dload.c:947:17: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘callbacks_fd[1]’
pacman-v7.0.0/lib/libalpm/dload.c:929:11: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/dload.c:933:9: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/dload.c:945:11: branch_true: following ‘true’ branch (when ‘pid == 0’)...
pacman-v7.0.0/lib/libalpm/dload.c:946:17: branch_true: ...to here
pacman-v7.0.0/lib/libalpm/dload.c:947:17: danger: ‘callbacks_fd[1]’ leaks here
#  945|   	if(pid == 0) {
#  946|   		close(callbacks_fd[0]);
#  947|-> 		fcntl(callbacks_fd[1], F_SETFD, FD_CLOEXEC);
#  948|   		callbacks_ctx.callback_pipe = callbacks_fd[1];
#  949|   		alpm_option_set_logcb(handle, _alpm_sandbox_cb_log, &callbacks_ctx);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def462]
pacman-v7.0.0/lib/libalpm/dload.c:1320:25: warning[-Wanalyzer-malloc-leak]: leak of ‘payload’
pacman-v7.0.0/lib/libalpm/dload.c:1298:9: branch_false: following ‘false’ branch (when ‘handle’ is non-NULL)...
pacman-v7.0.0/lib/libalpm/dload.c:1298:9: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/dload.c:1299:9: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/dload.c:1302:20: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/dload.c:1304:9: branch_false: following ‘false’ branch...
 branch_false: ...to here
pacman-v7.0.0/lib/libalpm/dload.c:1306:23: branch_true: following ‘true’ branch (when ‘i’ is non-NULL)...
pacman-v7.0.0/lib/libalpm/dload.c:1307:23: branch_true: ...to here
pacman-v7.0.0/lib/libalpm/dload.c:1311:19: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/dload.c:1318:25: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/dload.c:1318:25: branch_false: following ‘false’ branch (when ‘url’ is non-NULL)...
pacman-v7.0.0/lib/libalpm/dload.c:1319:25: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/dload.c:1319:25: acquire_memory: allocated here
pacman-v7.0.0/lib/libalpm/dload.c:1319:25: branch_false: following ‘false’ branch (when ‘payload’ is non-NULL)...
pacman-v7.0.0/lib/libalpm/dload.c:1320:25: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/dload.c:1320:25: branch_true: following ‘true’ branch...
pacman-v7.0.0/lib/libalpm/dload.c:1320:25: branch_true: ...to here
pacman-v7.0.0/lib/libalpm/dload.c:1320:25: danger: ‘payload’ leaks here; was allocated at [(13)](sarif:/runs/0/results/23/codeFlows/0/threadFlows/0/locations/12)
# 1318|   			ASSERT(url, GOTO_ERR(handle, ALPM_ERR_WRONG_ARGS, err));
# 1319|   			CALLOC(payload, 1, sizeof(*payload), GOTO_ERR(handle, ALPM_ERR_MEMORY, err));
# 1320|-> 			STRDUP(payload->fileurl, url, FREE(payload); GOTO_ERR(handle, ALPM_ERR_MEMORY, err));
# 1321|   
# 1322|   			STRDUP(payload->remote_name, get_filename(payload->fileurl),

Error: GCC_ANALYZER_WARNING (CWE-401): [#def463]
pacman-v7.0.0/lib/libalpm/dload.c:1322:25: warning[-Wanalyzer-malloc-leak]: leak of ‘<unknown>’
pacman-v7.0.0/lib/libalpm/dload.c:1289:15: enter_function: entry to ‘alpm_fetch_pkgurl’
pacman-v7.0.0/lib/libalpm/dload.c:1298:9: branch_false: following ‘false’ branch (when ‘handle’ is non-NULL)...
pacman-v7.0.0/lib/libalpm/dload.c:1298:9: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/dload.c:1299:9: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/dload.c:1302:20: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/dload.c:1304:9: branch_false: following ‘false’ branch...
 branch_false: ...to here
pacman-v7.0.0/lib/libalpm/dload.c:1306:23: branch_true: following ‘true’ branch (when ‘i’ is non-NULL)...
pacman-v7.0.0/lib/libalpm/dload.c:1307:23: branch_true: ...to here
pacman-v7.0.0/lib/libalpm/dload.c:1311:19: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/dload.c:1318:25: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/dload.c:1318:25: branch_false: following ‘false’ branch (when ‘url’ is non-NULL)...
pacman-v7.0.0/lib/libalpm/dload.c:1319:25: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/dload.c:1319:25: branch_false: following ‘false’ branch (when ‘payload’ is non-NULL)...
pacman-v7.0.0/lib/libalpm/dload.c:1320:25: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/dload.c:1320:25: acquire_memory: allocated here
pacman-v7.0.0/lib/libalpm/dload.c:1320:25: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/dload.c:1322:25: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/dload.c:1322:25: call_function: calling ‘get_filename’ from ‘alpm_fetch_pkgurl’
pacman-v7.0.0/lib/libalpm/dload.c:1322:25: return_function: returning to ‘alpm_fetch_pkgurl’ from ‘get_filename’
pacman-v7.0.0/lib/libalpm/dload.c:1322:25: branch_true: following ‘true’ branch...
pacman-v7.0.0/lib/libalpm/dload.c:1322:25: branch_true: ...to here
pacman-v7.0.0/lib/libalpm/dload.c:1322:25: danger: ‘<unknown>’ leaks here; was allocated at [(16)](sarif:/runs/0/results/25/codeFlows/0/threadFlows/0/locations/15)
# 1320|   			STRDUP(payload->fileurl, url, FREE(payload); GOTO_ERR(handle, ALPM_ERR_MEMORY, err));
# 1321|   
# 1322|-> 			STRDUP(payload->remote_name, get_filename(payload->fileurl),
# 1323|   				GOTO_ERR(handle, ALPM_ERR_MEMORY, err));
# 1324|   

Error: GCC_ANALYZER_WARNING (CWE-401): [#def464]
pacman-v7.0.0/lib/libalpm/dload.c:1322:25: warning[-Wanalyzer-malloc-leak]: leak of ‘payload’
pacman-v7.0.0/lib/libalpm/dload.c:1289:15: enter_function: entry to ‘alpm_fetch_pkgurl’
pacman-v7.0.0/lib/libalpm/dload.c:1298:9: branch_false: following ‘false’ branch (when ‘handle’ is non-NULL)...
pacman-v7.0.0/lib/libalpm/dload.c:1298:9: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/dload.c:1299:9: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/dload.c:1302:20: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/dload.c:1304:9: branch_false: following ‘false’ branch...
 branch_false: ...to here
pacman-v7.0.0/lib/libalpm/dload.c:1306:23: branch_true: following ‘true’ branch (when ‘i’ is non-NULL)...
pacman-v7.0.0/lib/libalpm/dload.c:1307:23: branch_true: ...to here
pacman-v7.0.0/lib/libalpm/dload.c:1311:19: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/dload.c:1318:25: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/dload.c:1318:25: branch_false: following ‘false’ branch (when ‘url’ is non-NULL)...
pacman-v7.0.0/lib/libalpm/dload.c:1319:25: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/dload.c:1319:25: acquire_memory: allocated here
pacman-v7.0.0/lib/libalpm/dload.c:1319:25: branch_false: following ‘false’ branch (when ‘payload’ is non-NULL)...
pacman-v7.0.0/lib/libalpm/dload.c:1320:25: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/dload.c:1320:25: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/dload.c:1322:25: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/dload.c:1322:25: call_function: calling ‘get_filename’ from ‘alpm_fetch_pkgurl’
pacman-v7.0.0/lib/libalpm/dload.c:1322:25: return_function: returning to ‘alpm_fetch_pkgurl’ from ‘get_filename’
pacman-v7.0.0/lib/libalpm/dload.c:1322:25: branch_true: following ‘true’ branch...
pacman-v7.0.0/lib/libalpm/dload.c:1322:25: branch_true: ...to here
pacman-v7.0.0/lib/libalpm/dload.c:1322:25: danger: ‘payload’ leaks here; was allocated at [(14)](sarif:/runs/0/results/24/codeFlows/0/threadFlows/0/locations/13)
# 1320|   			STRDUP(payload->fileurl, url, FREE(payload); GOTO_ERR(handle, ALPM_ERR_MEMORY, err));
# 1321|   
# 1322|-> 			STRDUP(payload->remote_name, get_filename(payload->fileurl),
# 1323|   				GOTO_ERR(handle, ALPM_ERR_MEMORY, err));
# 1324|   

Error: GCC_ANALYZER_WARNING (CWE-401): [#def465]
pacman-v7.0.0/lib/libalpm/dload.c:1328:58: warning[-Wanalyzer-malloc-leak]: leak of ‘<unknown>’
pacman-v7.0.0/lib/libalpm/dload.c:1289:15: enter_function: entry to ‘alpm_fetch_pkgurl’
pacman-v7.0.0/lib/libalpm/dload.c:1298:9: branch_false: following ‘false’ branch (when ‘handle’ is non-NULL)...
pacman-v7.0.0/lib/libalpm/dload.c:1298:9: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/dload.c:1299:9: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/dload.c:1302:20: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/dload.c:1304:9: branch_false: following ‘false’ branch...
 branch_false: ...to here
pacman-v7.0.0/lib/libalpm/dload.c:1306:23: branch_true: following ‘true’ branch (when ‘i’ is non-NULL)...
pacman-v7.0.0/lib/libalpm/dload.c:1307:23: branch_true: ...to here
pacman-v7.0.0/lib/libalpm/dload.c:1311:19: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/dload.c:1318:25: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/dload.c:1318:25: branch_false: following ‘false’ branch (when ‘url’ is non-NULL)...
pacman-v7.0.0/lib/libalpm/dload.c:1319:25: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/dload.c:1319:25: branch_false: following ‘false’ branch (when ‘payload’ is non-NULL)...
pacman-v7.0.0/lib/libalpm/dload.c:1320:25: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/dload.c:1320:25: acquire_memory: allocated here
pacman-v7.0.0/lib/libalpm/dload.c:1320:25: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/dload.c:1322:25: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/dload.c:1322:25: call_function: calling ‘get_filename’ from ‘alpm_fetch_pkgurl’
pacman-v7.0.0/lib/libalpm/dload.c:1322:25: return_function: returning to ‘alpm_fetch_pkgurl’ from ‘get_filename’
pacman-v7.0.0/lib/libalpm/dload.c:1322:25: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/dload.c:1325:29: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/dload.c:1326:27: branch_true: following ‘true’ branch (when ‘c’ is non-NULL)...
pacman-v7.0.0/lib/libalpm/dload.c:1326:42: branch_true: ...to here
pacman-v7.0.0/lib/libalpm/dload.c:1326:28: branch_true: following ‘true’ branch...
pacman-v7.0.0/lib/libalpm/dload.c:1328:58: danger: ‘<unknown>’ leaks here; was allocated at [(16)](sarif:/runs/0/results/31/codeFlows/0/threadFlows/0/locations/15)
# 1326|   			if(c != NULL &&  strstr(c, ".pkg") && payload->remote_name && strlen(payload->remote_name) > 0) {
# 1327|   				/* we probably have a usable package filename to download to */
# 1328|-> 				payload->destfile_name = _alpm_get_fullpath(temporary_cachedir, payload->remote_name, "");
# 1329|   				payload->tempfile_name = _alpm_get_fullpath(temporary_cachedir, payload->remote_name, ".part");
# 1330|   				payload->allow_resume = 1;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def466]
pacman-v7.0.0/lib/libalpm/dload.c:1328:58: warning[-Wanalyzer-malloc-leak]: leak of ‘payload’
pacman-v7.0.0/lib/libalpm/dload.c:1289:15: enter_function: entry to ‘alpm_fetch_pkgurl’
pacman-v7.0.0/lib/libalpm/dload.c:1298:9: branch_false: following ‘false’ branch (when ‘handle’ is non-NULL)...
pacman-v7.0.0/lib/libalpm/dload.c:1298:9: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/dload.c:1299:9: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/dload.c:1302:20: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/dload.c:1304:9: branch_false: following ‘false’ branch...
 branch_false: ...to here
pacman-v7.0.0/lib/libalpm/dload.c:1306:23: branch_true: following ‘true’ branch (when ‘i’ is non-NULL)...
pacman-v7.0.0/lib/libalpm/dload.c:1307:23: branch_true: ...to here
pacman-v7.0.0/lib/libalpm/dload.c:1311:19: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/dload.c:1318:25: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/dload.c:1318:25: branch_false: following ‘false’ branch (when ‘url’ is non-NULL)...
pacman-v7.0.0/lib/libalpm/dload.c:1319:25: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/dload.c:1319:25: acquire_memory: allocated here
pacman-v7.0.0/lib/libalpm/dload.c:1319:25: branch_false: following ‘false’ branch (when ‘payload’ is non-NULL)...
pacman-v7.0.0/lib/libalpm/dload.c:1320:25: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/dload.c:1320:25: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/dload.c:1322:25: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/dload.c:1322:25: call_function: calling ‘get_filename’ from ‘alpm_fetch_pkgurl’
pacman-v7.0.0/lib/libalpm/dload.c:1322:25: return_function: returning to ‘alpm_fetch_pkgurl’ from ‘get_filename’
pacman-v7.0.0/lib/libalpm/dload.c:1322:25: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/dload.c:1325:29: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/dload.c:1326:27: branch_true: following ‘true’ branch (when ‘c’ is non-NULL)...
pacman-v7.0.0/lib/libalpm/dload.c:1326:42: branch_true: ...to here
pacman-v7.0.0/lib/libalpm/dload.c:1326:28: branch_true: following ‘true’ branch...
pacman-v7.0.0/lib/libalpm/dload.c:1328:58: danger: ‘payload’ leaks here; was allocated at [(14)](sarif:/runs/0/results/30/codeFlows/0/threadFlows/0/locations/13)
# 1326|   			if(c != NULL &&  strstr(c, ".pkg") && payload->remote_name && strlen(payload->remote_name) > 0) {
# 1327|   				/* we probably have a usable package filename to download to */
# 1328|-> 				payload->destfile_name = _alpm_get_fullpath(temporary_cachedir, payload->remote_name, "");
# 1329|   				payload->tempfile_name = _alpm_get_fullpath(temporary_cachedir, payload->remote_name, ".part");
# 1330|   				payload->allow_resume = 1;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def467]
pacman-v7.0.0/lib/libalpm/dload.c:1329:58: warning[-Wanalyzer-malloc-leak]: leak of ‘<unknown>’
pacman-v7.0.0/lib/libalpm/dload.c:1289:15: enter_function: entry to ‘alpm_fetch_pkgurl’
pacman-v7.0.0/lib/libalpm/dload.c:1298:9: branch_false: following ‘false’ branch (when ‘handle’ is non-NULL)...
pacman-v7.0.0/lib/libalpm/dload.c:1298:9: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/dload.c:1299:9: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/dload.c:1302:20: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/dload.c:1304:9: branch_false: following ‘false’ branch...
 branch_false: ...to here
pacman-v7.0.0/lib/libalpm/dload.c:1306:23: branch_true: following ‘true’ branch (when ‘i’ is non-NULL)...
pacman-v7.0.0/lib/libalpm/dload.c:1307:23: branch_true: ...to here
pacman-v7.0.0/lib/libalpm/dload.c:1311:19: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/dload.c:1318:25: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/dload.c:1318:25: branch_false: following ‘false’ branch (when ‘url’ is non-NULL)...
pacman-v7.0.0/lib/libalpm/dload.c:1319:25: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/dload.c:1319:25: branch_false: following ‘false’ branch (when ‘payload’ is non-NULL)...
pacman-v7.0.0/lib/libalpm/dload.c:1320:25: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/dload.c:1320:25: acquire_memory: allocated here
pacman-v7.0.0/lib/libalpm/dload.c:1320:25: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/dload.c:1322:25: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/dload.c:1322:25: call_function: calling ‘get_filename’ from ‘alpm_fetch_pkgurl’
pacman-v7.0.0/lib/libalpm/dload.c:1322:25: return_function: returning to ‘alpm_fetch_pkgurl’ from ‘get_filename’
pacman-v7.0.0/lib/libalpm/dload.c:1322:25: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/dload.c:1325:29: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/dload.c:1326:27: branch_true: following ‘true’ branch (when ‘c’ is non-NULL)...
pacman-v7.0.0/lib/libalpm/dload.c:1326:42: branch_true: ...to here
pacman-v7.0.0/lib/libalpm/dload.c:1326:28: branch_true: following ‘true’ branch...
pacman-v7.0.0/lib/libalpm/dload.c:1329:58: danger: ‘<unknown>’ leaks here; was allocated at [(16)](sarif:/runs/0/results/32/codeFlows/0/threadFlows/0/locations/15)
# 1327|   				/* we probably have a usable package filename to download to */
# 1328|   				payload->destfile_name = _alpm_get_fullpath(temporary_cachedir, payload->remote_name, "");
# 1329|-> 				payload->tempfile_name = _alpm_get_fullpath(temporary_cachedir, payload->remote_name, ".part");
# 1330|   				payload->allow_resume = 1;
# 1331|   

Error: GCC_ANALYZER_WARNING (CWE-401): [#def468]
pacman-v7.0.0/lib/libalpm/dload.c:1329:58: warning[-Wanalyzer-malloc-leak]: leak of ‘payload’
pacman-v7.0.0/lib/libalpm/dload.c:1289:15: enter_function: entry to ‘alpm_fetch_pkgurl’
pacman-v7.0.0/lib/libalpm/dload.c:1298:9: branch_false: following ‘false’ branch (when ‘handle’ is non-NULL)...
pacman-v7.0.0/lib/libalpm/dload.c:1298:9: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/dload.c:1299:9: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/dload.c:1302:20: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/dload.c:1304:9: branch_false: following ‘false’ branch...
 branch_false: ...to here
pacman-v7.0.0/lib/libalpm/dload.c:1306:23: branch_true: following ‘true’ branch (when ‘i’ is non-NULL)...
pacman-v7.0.0/lib/libalpm/dload.c:1307:23: branch_true: ...to here
pacman-v7.0.0/lib/libalpm/dload.c:1311:19: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/dload.c:1318:25: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/dload.c:1318:25: branch_false: following ‘false’ branch (when ‘url’ is non-NULL)...
pacman-v7.0.0/lib/libalpm/dload.c:1319:25: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/dload.c:1319:25: acquire_memory: allocated here
pacman-v7.0.0/lib/libalpm/dload.c:1319:25: branch_false: following ‘false’ branch (when ‘payload’ is non-NULL)...
pacman-v7.0.0/lib/libalpm/dload.c:1320:25: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/dload.c:1320:25: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/dload.c:1322:25: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/dload.c:1322:25: call_function: calling ‘get_filename’ from ‘alpm_fetch_pkgurl’
pacman-v7.0.0/lib/libalpm/dload.c:1322:25: return_function: returning to ‘alpm_fetch_pkgurl’ from ‘get_filename’
pacman-v7.0.0/lib/libalpm/dload.c:1322:25: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/dload.c:1325:29: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/dload.c:1326:27: branch_true: following ‘true’ branch (when ‘c’ is non-NULL)...
pacman-v7.0.0/lib/libalpm/dload.c:1326:42: branch_true: ...to here
pacman-v7.0.0/lib/libalpm/dload.c:1326:28: branch_true: following ‘true’ branch...
pacman-v7.0.0/lib/libalpm/dload.c:1329:58: danger: ‘payload’ leaks here; was allocated at [(14)](sarif:/runs/0/results/33/codeFlows/0/threadFlows/0/locations/13)
# 1327|   				/* we probably have a usable package filename to download to */
# 1328|   				payload->destfile_name = _alpm_get_fullpath(temporary_cachedir, payload->remote_name, "");
# 1329|-> 				payload->tempfile_name = _alpm_get_fullpath(temporary_cachedir, payload->remote_name, ".part");
# 1330|   				payload->allow_resume = 1;
# 1331|   

Error: GCC_ANALYZER_WARNING (CWE-401): [#def469]
pacman-v7.0.0/lib/libalpm/dload.c:1352:36: warning[-Wanalyzer-malloc-leak]: leak of ‘<unknown>’
pacman-v7.0.0/lib/libalpm/dload.c:1289:15: enter_function: entry to ‘alpm_fetch_pkgurl’
pacman-v7.0.0/lib/libalpm/dload.c:1298:9: branch_false: following ‘false’ branch (when ‘handle’ is non-NULL)...
pacman-v7.0.0/lib/libalpm/dload.c:1298:9: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/dload.c:1299:9: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/dload.c:1302:20: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/dload.c:1304:9: branch_false: following ‘false’ branch...
 branch_false: ...to here
pacman-v7.0.0/lib/libalpm/dload.c:1306:23: branch_true: following ‘true’ branch (when ‘i’ is non-NULL)...
pacman-v7.0.0/lib/libalpm/dload.c:1307:23: branch_true: ...to here
pacman-v7.0.0/lib/libalpm/dload.c:1311:19: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/dload.c:1318:25: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/dload.c:1318:25: branch_false: following ‘false’ branch (when ‘url’ is non-NULL)...
pacman-v7.0.0/lib/libalpm/dload.c:1319:25: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/dload.c:1319:25: branch_false: following ‘false’ branch (when ‘payload’ is non-NULL)...
pacman-v7.0.0/lib/libalpm/dload.c:1320:25: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/dload.c:1320:25: acquire_memory: allocated here
pacman-v7.0.0/lib/libalpm/dload.c:1320:25: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/dload.c:1322:25: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/dload.c:1322:25: call_function: calling ‘get_filename’ from ‘alpm_fetch_pkgurl’
pacman-v7.0.0/lib/libalpm/dload.c:1322:25: return_function: returning to ‘alpm_fetch_pkgurl’ from ‘get_filename’
pacman-v7.0.0/lib/libalpm/dload.c:1322:25: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/dload.c:1325:29: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/dload.c:1326:27: branch_true: following ‘true’ branch (when ‘c’ is non-NULL)...
pacman-v7.0.0/lib/libalpm/dload.c:1326:42: branch_true: ...to here
pacman-v7.0.0/lib/libalpm/dload.c:1326:28: branch_true: following ‘true’ branch...
pacman-v7.0.0/lib/libalpm/dload.c:1332:35: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/dload.c:1352:36: danger: ‘<unknown>’ leaks here; was allocated at [(16)](sarif:/runs/0/results/35/codeFlows/0/threadFlows/0/locations/15)
# 1350|   			payload->download_signature = (handle->siglevel & ALPM_SIG_PACKAGE);
# 1351|   			payload->signature_optional = (handle->siglevel & ALPM_SIG_PACKAGE_OPTIONAL);
# 1352|-> 			payloads = alpm_list_add(payloads, payload);
# 1353|   		}
# 1354|   	}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def470]
pacman-v7.0.0/lib/libalpm/dload.c:1352:36: warning[-Wanalyzer-malloc-leak]: leak of ‘payload’
pacman-v7.0.0/lib/libalpm/dload.c:1289:15: enter_function: entry to ‘alpm_fetch_pkgurl’
pacman-v7.0.0/lib/libalpm/dload.c:1298:9: branch_false: following ‘false’ branch (when ‘handle’ is non-NULL)...
pacman-v7.0.0/lib/libalpm/dload.c:1298:9: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/dload.c:1299:9: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/dload.c:1302:20: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/dload.c:1304:9: branch_false: following ‘false’ branch...
 branch_false: ...to here
pacman-v7.0.0/lib/libalpm/dload.c:1306:23: branch_true: following ‘true’ branch (when ‘i’ is non-NULL)...
pacman-v7.0.0/lib/libalpm/dload.c:1307:23: branch_true: ...to here
pacman-v7.0.0/lib/libalpm/dload.c:1311:19: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/dload.c:1318:25: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/dload.c:1318:25: branch_false: following ‘false’ branch (when ‘url’ is non-NULL)...
pacman-v7.0.0/lib/libalpm/dload.c:1319:25: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/dload.c:1319:25: acquire_memory: allocated here
pacman-v7.0.0/lib/libalpm/dload.c:1319:25: branch_false: following ‘false’ branch (when ‘payload’ is non-NULL)...
pacman-v7.0.0/lib/libalpm/dload.c:1320:25: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/dload.c:1320:25: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/dload.c:1322:25: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/dload.c:1322:25: call_function: calling ‘get_filename’ from ‘alpm_fetch_pkgurl’
pacman-v7.0.0/lib/libalpm/dload.c:1322:25: return_function: returning to ‘alpm_fetch_pkgurl’ from ‘get_filename’
pacman-v7.0.0/lib/libalpm/dload.c:1322:25: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/dload.c:1325:29: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/dload.c:1326:27: branch_true: following ‘true’ branch (when ‘c’ is non-NULL)...
pacman-v7.0.0/lib/libalpm/dload.c:1326:42: branch_true: ...to here
pacman-v7.0.0/lib/libalpm/dload.c:1326:28: branch_true: following ‘true’ branch...
pacman-v7.0.0/lib/libalpm/dload.c:1332:35: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/dload.c:1352:36: danger: ‘payload’ leaks here; was allocated at [(14)](sarif:/runs/0/results/34/codeFlows/0/threadFlows/0/locations/13)
# 1350|   			payload->download_signature = (handle->siglevel & ALPM_SIG_PACKAGE);
# 1351|   			payload->signature_optional = (handle->siglevel & ALPM_SIG_PACKAGE_OPTIONAL);
# 1352|-> 			payloads = alpm_list_add(payloads, payload);
# 1353|   		}
# 1354|   	}

Error: CPPCHECK_WARNING (CWE-457): [#def471]
pacman-v7.0.0/lib/libalpm/filelist.c:132: warning[uninitvar]: Uninitialized variables: &key.size, &key.mode
#  130|   	key.name = (char *)path;
#  131|   
#  132|-> 	return bsearch(&key, filelist->files, filelist->count,
#  133|   			sizeof(alpm_file_t), _alpm_files_cmp);
#  134|   }

Error: GCC_ANALYZER_WARNING (CWE-401): [#def472]
pacman-v7.0.0/lib/libalpm/group.c:36:9: warning[-Wanalyzer-malloc-leak]: leak of ‘grp’
pacman-v7.0.0/lib/libalpm/group.c:35:9: acquire_memory: allocated here
pacman-v7.0.0/lib/libalpm/group.c:35:9: branch_false: following ‘false’ branch (when ‘grp’ is non-NULL)...
pacman-v7.0.0/lib/libalpm/group.c:36:9: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/group.c:36:9: branch_true: following ‘true’ branch...
pacman-v7.0.0/lib/libalpm/group.c:36:9: danger: ‘grp’ leaks here; was allocated at [(1)](sarif:/runs/0/results/0/codeFlows/0/threadFlows/0/locations/0)
#   34|   
#   35|   	CALLOC(grp, 1, sizeof(alpm_group_t), return NULL);
#   36|-> 	STRDUP(grp->name, name, free(grp); return NULL);
#   37|   
#   38|   	return grp;

Error: CPPCHECK_WARNING (CWE-476): [#def473]
pacman-v7.0.0/lib/libalpm/handle.c:127: warning[nullPointer]: Possible null pointer dereference: dir
#  125|   	/* create the dir of the lockfile first */
#  126|   	STRDUP(dir, handle->lockfile, return -1);
#  127|-> 	ptr = strrchr(dir, '/');
#  128|   	if(ptr) {
#  129|   		*ptr = '\0';

Error: GCC_ANALYZER_WARNING (CWE-401): [#def474]
pacman-v7.0.0/lib/libalpm/handle.c:131:12: warning[-Wanalyzer-malloc-leak]: leak of ‘dir’
pacman-v7.0.0/lib/libalpm/handle.c:122:9: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/handle.c:123:9: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/handle.c:123:9: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/handle.c:126:9: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/handle.c:126:9: acquire_memory: allocated here
pacman-v7.0.0/lib/libalpm/handle.c:126:9: branch_false: following ‘false’ branch (when ‘dir’ is non-NULL)...
pacman-v7.0.0/lib/libalpm/handle.c:127:15: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/handle.c:128:11: branch_false: following ‘false’ branch (when ‘ptr’ is NULL)...
pacman-v7.0.0/lib/libalpm/handle.c:131:12: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/handle.c:131:12: danger: ‘dir’ leaks here; was allocated at [(5)](sarif:/runs/0/results/0/codeFlows/0/threadFlows/0/locations/4)
#  129|   		*ptr = '\0';
#  130|   	}
#  131|-> 	if(_alpm_makepath(dir)) {
#  132|   		FREE(dir);
#  133|   		return -1;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def475]
pacman-v7.0.0/lib/libalpm/handle.c:474:28: warning[-Wanalyzer-malloc-leak]: leak of ‘canonicalize_path(hookdir)’
pacman-v7.0.0/lib/libalpm/handle.c:463:15: enter_function: entry to ‘alpm_option_add_hookdir’
pacman-v7.0.0/lib/libalpm/handle.c:467:9: branch_false: following ‘false’ branch (when ‘handle’ is non-NULL)...
pacman-v7.0.0/lib/libalpm/handle.c:467:9: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/handle.c:468:9: branch_false: following ‘false’ branch (when ‘hookdir’ is non-NULL)...
pacman-v7.0.0/lib/libalpm/handle.c:470:22: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/handle.c:470:22: call_function: calling ‘canonicalize_path’ from ‘alpm_option_add_hookdir’
pacman-v7.0.0/lib/libalpm/handle.c:470:22: return_function: returning to ‘alpm_option_add_hookdir’ from ‘canonicalize_path’
pacman-v7.0.0/lib/libalpm/handle.c:471:11: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/handle.c:474:28: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/handle.c:474:28: danger: ‘canonicalize_path(hookdir)’ leaks here; was allocated at [(8)](sarif:/runs/0/results/1/codeFlows/0/threadFlows/0/locations/7)
#  472|   		RET_ERR(handle, ALPM_ERR_MEMORY, -1);
#  473|   	}
#  474|-> 	handle->hookdirs = alpm_list_add(handle->hookdirs, newhookdir);
#  475|   	_alpm_log(handle, ALPM_LOG_DEBUG, "option 'hookdir' = %s\n", newhookdir);
#  476|   	return 0;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def476]
pacman-v7.0.0/lib/libalpm/handle.c:506:28: warning[-Wanalyzer-malloc-leak]: leak of ‘canonicalize_path(hookdir)’
pacman-v7.0.0/lib/libalpm/handle.c:495:15: enter_function: entry to ‘alpm_option_remove_hookdir’
pacman-v7.0.0/lib/libalpm/handle.c:499:9: branch_false: following ‘false’ branch (when ‘handle’ is non-NULL)...
pacman-v7.0.0/lib/libalpm/handle.c:499:9: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/handle.c:500:9: branch_false: following ‘false’ branch (when ‘hookdir’ is non-NULL)...
pacman-v7.0.0/lib/libalpm/handle.c:502:22: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/handle.c:502:22: call_function: calling ‘canonicalize_path’ from ‘alpm_option_remove_hookdir’
pacman-v7.0.0/lib/libalpm/handle.c:502:22: return_function: returning to ‘alpm_option_remove_hookdir’ from ‘canonicalize_path’
pacman-v7.0.0/lib/libalpm/handle.c:503:11: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/handle.c:506:28: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/handle.c:506:28: danger: ‘canonicalize_path(hookdir)’ leaks here; was allocated at [(8)](sarif:/runs/0/results/2/codeFlows/0/threadFlows/0/locations/7)
#  504|   		RET_ERR(handle, ALPM_ERR_MEMORY, -1);
#  505|   	}
#  506|-> 	handle->hookdirs = alpm_list_remove_str(handle->hookdirs, newhookdir, &vdata);
#  507|   	FREE(newhookdir);
#  508|   	if(vdata != NULL) {

Error: GCC_ANALYZER_WARNING (CWE-401): [#def477]
pacman-v7.0.0/lib/libalpm/handle.c:528:29: warning[-Wanalyzer-malloc-leak]: leak of ‘canonicalize_path(cachedir)’
pacman-v7.0.0/lib/libalpm/handle.c:515:15: enter_function: entry to ‘alpm_option_add_cachedir’
pacman-v7.0.0/lib/libalpm/handle.c:519:9: branch_false: following ‘false’ branch (when ‘handle’ is non-NULL)...
pacman-v7.0.0/lib/libalpm/handle.c:519:9: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/handle.c:520:9: branch_false: following ‘false’ branch (when ‘cachedir’ is non-NULL)...
pacman-v7.0.0/lib/libalpm/handle.c:524:23: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/handle.c:524:23: call_function: calling ‘canonicalize_path’ from ‘alpm_option_add_cachedir’
pacman-v7.0.0/lib/libalpm/handle.c:524:23: return_function: returning to ‘alpm_option_add_cachedir’ from ‘canonicalize_path’
pacman-v7.0.0/lib/libalpm/handle.c:525:11: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/handle.c:528:29: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/handle.c:528:29: danger: ‘canonicalize_path(cachedir)’ leaks here; was allocated at [(8)](sarif:/runs/0/results/3/codeFlows/0/threadFlows/0/locations/7)
#  526|   		RET_ERR(handle, ALPM_ERR_MEMORY, -1);
#  527|   	}
#  528|-> 	handle->cachedirs = alpm_list_add(handle->cachedirs, newcachedir);
#  529|   	_alpm_log(handle, ALPM_LOG_DEBUG, "option 'cachedir' = %s\n", newcachedir);
#  530|   	return 0;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def478]
pacman-v7.0.0/lib/libalpm/handle.c:560:29: warning[-Wanalyzer-malloc-leak]: leak of ‘canonicalize_path(cachedir)’
pacman-v7.0.0/lib/libalpm/handle.c:549:15: enter_function: entry to ‘alpm_option_remove_cachedir’
pacman-v7.0.0/lib/libalpm/handle.c:553:9: branch_false: following ‘false’ branch (when ‘handle’ is non-NULL)...
pacman-v7.0.0/lib/libalpm/handle.c:553:9: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/handle.c:554:9: branch_false: following ‘false’ branch (when ‘cachedir’ is non-NULL)...
pacman-v7.0.0/lib/libalpm/handle.c:556:23: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/handle.c:556:23: call_function: calling ‘canonicalize_path’ from ‘alpm_option_remove_cachedir’
pacman-v7.0.0/lib/libalpm/handle.c:556:23: return_function: returning to ‘alpm_option_remove_cachedir’ from ‘canonicalize_path’
pacman-v7.0.0/lib/libalpm/handle.c:557:11: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/handle.c:560:29: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/handle.c:560:29: danger: ‘canonicalize_path(cachedir)’ leaks here; was allocated at [(8)](sarif:/runs/0/results/4/codeFlows/0/threadFlows/0/locations/7)
#  558|   		RET_ERR(handle, ALPM_ERR_MEMORY, -1);
#  559|   	}
#  560|-> 	handle->cachedirs = alpm_list_remove_str(handle->cachedirs, newcachedir, &vdata);
#  561|   	FREE(newcachedir);
#  562|   	if(vdata != NULL) {

Error: GCC_ANALYZER_WARNING (CWE-401): [#def479]
pacman-v7.0.0/lib/libalpm/handle.c:630:17: warning[-Wanalyzer-malloc-leak]: leak of ‘dup’
pacman-v7.0.0/lib/libalpm/handle.c:628:9: branch_false: following ‘false’ branch (when ‘handle’ is non-NULL)...
pacman-v7.0.0/lib/libalpm/handle.c:628:9: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/handle.c:629:9: branch_true: following ‘true’ branch (when ‘str’ is non-NULL)...
pacman-v7.0.0/lib/libalpm/handle.c:629:9: branch_true: ...to here
pacman-v7.0.0/lib/libalpm/handle.c:629:9: acquire_memory: allocated here
pacman-v7.0.0/lib/libalpm/handle.c:629:9: branch_false: following ‘false’ branch (when ‘dup’ is non-NULL)...
pacman-v7.0.0/lib/libalpm/handle.c:630:17: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/handle.c:630:17: danger: ‘dup’ leaks here; was allocated at [(5)](sarif:/runs/0/results/5/codeFlows/0/threadFlows/0/locations/4)
#  628|   	CHECK_HANDLE(handle, return -1);
#  629|   	STRDUP(dup, str, RET_ERR(handle, ALPM_ERR_MEMORY, -1));
#  630|-> 	*list = alpm_list_add(*list, dup);
#  631|   	return 0;
#  632|   }

Error: GCC_ANALYZER_WARNING (CWE-401): [#def480]
pacman-v7.0.0/lib/libalpm/handle.c:809:9: warning[-Wanalyzer-malloc-leak]: leak of ‘strdup(arch)’
pacman-v7.0.0/lib/libalpm/handle.c:809:70: acquire_memory: allocated here
pacman-v7.0.0/lib/libalpm/handle.c:809:9: danger: ‘strdup(arch)’ leaks here; was allocated at [(1)](sarif:/runs/0/results/6/codeFlows/0/threadFlows/0/locations/0)
#  807|   int SYMEXPORT alpm_option_add_architecture(alpm_handle_t *handle, const char *arch)
#  808|   {
#  809|-> 	handle->architectures = alpm_list_add(handle->architectures, strdup(arch));
#  810|   	return 0;
#  811|   }

Error: GCC_ANALYZER_WARNING (CWE-416): [#def481]
pacman-v7.0.0/lib/libalpm/hook.c:497:47: warning[-Wanalyzer-use-after-free]: use after ‘free’ of ‘next’
pacman-v7.0.0/lib/libalpm/hook.c:507:12: enter_function: entry to ‘_alpm_hook_run_hook’
pacman-v7.0.0/lib/libalpm/hook.c:519:11: branch_true: following ‘true’ branch...
pacman-v7.0.0/lib/libalpm/hook.c:522:49: branch_true: ...to here
pacman-v7.0.0/lib/libalpm/hook.c:524:39: call_function: calling ‘_alpm_strlist_dedup’ from ‘_alpm_hook_run_hook’
#  495|   	while(i) {
#  496|   		alpm_list_t *next = i->next;
#  497|-> 		while(next && strcmp(i->data, next->data) == 0) {
#  498|   			list = alpm_list_remove_item(list, next);
#  499|   			free(next);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def482]
pacman-v7.0.0/lib/libalpm/hook.c:565:43: warning[-Wanalyzer-malloc-leak]: leak of ‘opendir(&path)’
pacman-v7.0.0/lib/libalpm/hook.c:540:51: branch_true: following ‘true’ branch (when ‘i’ is non-NULL)...
pacman-v7.0.0/lib/libalpm/hook.c:546:37: branch_true: ...to here
pacman-v7.0.0/lib/libalpm/hook.c:546:19: branch_false: following ‘false’ branch (when ‘dirlen <= 4095’)...
pacman-v7.0.0/lib/libalpm/hook.c:552:17: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/hook.c:554:26: acquire_memory: allocated here
pacman-v7.0.0/lib/libalpm/hook.c:554:19: branch_false: following ‘false’ branch...
 branch_false: ...to here
pacman-v7.0.0/lib/libalpm/hook.c:565:43: danger: ‘opendir(&path)’ leaks here; was allocated at [(5)](sarif:/runs/0/results/1/codeFlows/0/threadFlows/0/locations/4)
#  563|   		}
#  564|   
#  565|-> 		while((errno = 0, entry = readdir(d))) {
#  566|   			struct _alpm_hook_cb_ctx ctx = { handle, NULL };
#  567|   			struct stat buf;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def483]
pacman-v7.0.0/lib/libalpm/hook.c:608:25: warning[-Wanalyzer-malloc-leak]: leak of ‘ctx.hook’
pacman-v7.0.0/lib/libalpm/hook.c:532:5: enter_function: entry to ‘_alpm_hook_run’
pacman-v7.0.0/lib/libalpm/hook.c:540:51: branch_true: following ‘true’ branch (when ‘i’ is non-NULL)...
pacman-v7.0.0/lib/libalpm/hook.c:546:37: branch_true: ...to here
pacman-v7.0.0/lib/libalpm/hook.c:546:19: branch_false: following ‘false’ branch (when ‘dirlen <= 4095’)...
pacman-v7.0.0/lib/libalpm/hook.c:552:17: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/hook.c:554:19: branch_false: following ‘false’ branch...
 branch_false: ...to here
pacman-v7.0.0/lib/libalpm/hook.c:565:23: branch_true: following ‘true’ branch...
pacman-v7.0.0/lib/libalpm/hook.c:566:50: branch_true: ...to here
pacman-v7.0.0/lib/libalpm/hook.c:574:27: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/hook.c:580:25: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/hook.c:582:27: branch_false: following ‘false’ branch (when ‘name_len > 4’)...
pacman-v7.0.0/lib/libalpm/hook.c:583:76: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/hook.c:582:28: branch_false: following ‘false’ branch (when the strings are equal)...
pacman-v7.0.0/lib/libalpm/hook.c:588:28: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/hook.c:588:28: call_function: calling ‘find_hook’ from ‘_alpm_hook_run’
pacman-v7.0.0/lib/libalpm/hook.c:588:28: return_function: returning to ‘_alpm_hook_run’ from ‘find_hook’
pacman-v7.0.0/lib/libalpm/hook.c:588:27: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/hook.c:593:28: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/hook.c:593:27: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/hook.c:600:28: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/hook.c:600:27: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/hook.c:605:25: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/hook.c:605:25: acquire_memory: allocated here
pacman-v7.0.0/lib/libalpm/hook.c:605:25: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/hook.c:608:25: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/hook.c:608:25: danger: ‘ctx.hook’ leaks here; was allocated at [(27)](sarif:/runs/0/results/2/codeFlows/0/threadFlows/0/locations/26)
#  606|   					ret = -1; closedir(d); goto cleanup);
#  607|   
#  608|-> 			_alpm_log(handle, ALPM_LOG_DEBUG, "parsing hook file %s\n", path);
#  609|   			if(parse_ini(path, _alpm_hook_parse_cb, &ctx) != 0
#  610|   					|| _alpm_hook_validate(handle, ctx.hook, path)) {

Error: GCC_ANALYZER_WARNING (CWE-401): [#def484]
pacman-v7.0.0/lib/libalpm/hook.c:609:28: warning[-Wanalyzer-malloc-leak]: leak of ‘ctx.hook’
pacman-v7.0.0/lib/libalpm/hook.c:532:5: enter_function: entry to ‘_alpm_hook_run’
pacman-v7.0.0/lib/libalpm/hook.c:540:51: branch_true: following ‘true’ branch (when ‘i’ is non-NULL)...
pacman-v7.0.0/lib/libalpm/hook.c:546:37: branch_true: ...to here
pacman-v7.0.0/lib/libalpm/hook.c:546:19: branch_false: following ‘false’ branch (when ‘dirlen <= 4095’)...
pacman-v7.0.0/lib/libalpm/hook.c:552:17: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/hook.c:554:19: branch_false: following ‘false’ branch...
 branch_false: ...to here
pacman-v7.0.0/lib/libalpm/hook.c:565:23: branch_true: following ‘true’ branch...
pacman-v7.0.0/lib/libalpm/hook.c:566:50: branch_true: ...to here
pacman-v7.0.0/lib/libalpm/hook.c:574:27: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/hook.c:580:25: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/hook.c:582:27: branch_false: following ‘false’ branch (when ‘name_len > 4’)...
pacman-v7.0.0/lib/libalpm/hook.c:583:76: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/hook.c:582:28: branch_false: following ‘false’ branch (when the strings are equal)...
pacman-v7.0.0/lib/libalpm/hook.c:588:28: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/hook.c:588:28: call_function: calling ‘find_hook’ from ‘_alpm_hook_run’
pacman-v7.0.0/lib/libalpm/hook.c:588:28: return_function: returning to ‘_alpm_hook_run’ from ‘find_hook’
pacman-v7.0.0/lib/libalpm/hook.c:588:27: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/hook.c:593:28: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/hook.c:593:27: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/hook.c:600:28: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/hook.c:600:27: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/hook.c:605:25: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/hook.c:605:25: acquire_memory: allocated here
pacman-v7.0.0/lib/libalpm/hook.c:605:25: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/hook.c:608:25: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/hook.c:609:28: danger: ‘ctx.hook’ leaks here; was allocated at [(27)](sarif:/runs/0/results/3/codeFlows/0/threadFlows/0/locations/26)
#  607|   
#  608|   			_alpm_log(handle, ALPM_LOG_DEBUG, "parsing hook file %s\n", path);
#  609|-> 			if(parse_ini(path, _alpm_hook_parse_cb, &ctx) != 0
#  610|   					|| _alpm_hook_validate(handle, ctx.hook, path)) {
#  611|   				_alpm_log(handle, ALPM_LOG_DEBUG, "parsing hook file %s failed\n", path);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def485]
pacman-v7.0.0/lib/libalpm/hook.c:617:25: warning[-Wanalyzer-malloc-leak]: leak of ‘strdup(&*<unknown>.d_name)’
pacman-v7.0.0/lib/libalpm/hook.c:532:5: enter_function: entry to ‘_alpm_hook_run’
pacman-v7.0.0/lib/libalpm/hook.c:540:51: branch_true: following ‘true’ branch (when ‘i’ is non-NULL)...
pacman-v7.0.0/lib/libalpm/hook.c:546:37: branch_true: ...to here
pacman-v7.0.0/lib/libalpm/hook.c:546:19: branch_false: following ‘false’ branch (when ‘dirlen <= 4095’)...
pacman-v7.0.0/lib/libalpm/hook.c:552:17: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/hook.c:554:19: branch_false: following ‘false’ branch...
 branch_false: ...to here
pacman-v7.0.0/lib/libalpm/hook.c:565:23: branch_true: following ‘true’ branch...
pacman-v7.0.0/lib/libalpm/hook.c:566:50: branch_true: ...to here
pacman-v7.0.0/lib/libalpm/hook.c:574:27: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/hook.c:580:25: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/hook.c:582:27: branch_false: following ‘false’ branch (when ‘name_len > 4’)...
pacman-v7.0.0/lib/libalpm/hook.c:583:76: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/hook.c:582:28: branch_false: following ‘false’ branch (when the strings are equal)...
pacman-v7.0.0/lib/libalpm/hook.c:588:28: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/hook.c:588:28: call_function: calling ‘find_hook’ from ‘_alpm_hook_run’
pacman-v7.0.0/lib/libalpm/hook.c:588:28: return_function: returning to ‘_alpm_hook_run’ from ‘find_hook’
pacman-v7.0.0/lib/libalpm/hook.c:588:27: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/hook.c:593:28: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/hook.c:593:27: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/hook.c:600:28: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/hook.c:600:27: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/hook.c:605:25: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/hook.c:605:25: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/hook.c:608:25: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/hook.c:609:27: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/hook.c:610:44: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/hook.c:609:28: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/hook.c:617:25: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/hook.c:617:25: acquire_memory: allocated here
pacman-v7.0.0/lib/libalpm/hook.c:617:25: danger: ‘strdup(&*<unknown>.d_name)’ leaks here; was allocated at [(33)](sarif:/runs/0/results/4/codeFlows/0/threadFlows/0/locations/32)
#  615|   			}
#  616|   
#  617|-> 			STRDUP(ctx.hook->name, entry->d_name, ret = -1; closedir(d); goto cleanup);
#  618|   			hooks = alpm_list_add(hooks, ctx.hook);
#  619|   		}

Error: GCC_ANALYZER_WARNING (CWE-775): [#def486]
pacman-v7.0.0/lib/libalpm/libarchive-compat.h:27:16: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘<unknown>’
pacman-v7.0.0/lib/libalpm/add.c:415:12: enter_function: entry to ‘commit_single_pkg’
pacman-v7.0.0/lib/libalpm/add.c:432:9: branch_false: following ‘false’ branch (when ‘trans’ is non-NULL)...
pacman-v7.0.0/lib/libalpm/add.c:435:42: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/add.c:461:9: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/add.c:463:9: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/add.c:483:11: branch_false: following ‘false’ branch (when ‘oldpkg’ is NULL)...
pacman-v7.0.0/lib/libalpm/add.c:493:12: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/add.c:493:11: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/add.c:501:14: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/add.c:503:11: branch_false: following ‘false’ branch...
 branch_false: ...to here
pacman-v7.0.0/lib/libalpm/add.c:508:9: acquire_resource: opened here
pacman-v7.0.0/lib/libalpm/add.c:514:11: branch_true: following ‘true’ branch...
pacman-v7.0.0/lib/libalpm/add.c:516:56: branch_true: ...to here
pacman-v7.0.0/lib/libalpm/add.c:517:17: call_function: inlined call to ‘_alpm_archive_read_free’ from ‘commit_single_pkg’
#   25|   static inline int _alpm_archive_read_free(struct archive *archive)
#   26|   {
#   27|-> 	return archive_read_free(archive);
#   28|   }
#   29|   

Error: GCC_ANALYZER_WARNING (CWE-775): [#def487]
pacman-v7.0.0/lib/libalpm/libarchive-compat.h:32:16: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘<unknown>’
pacman-v7.0.0/lib/libalpm/add.c:415:12: enter_function: entry to ‘commit_single_pkg’
pacman-v7.0.0/lib/libalpm/add.c:432:9: branch_false: following ‘false’ branch (when ‘trans’ is non-NULL)...
pacman-v7.0.0/lib/libalpm/add.c:435:42: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/add.c:461:9: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/add.c:463:9: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/add.c:483:11: branch_false: following ‘false’ branch (when ‘oldpkg’ is NULL)...
pacman-v7.0.0/lib/libalpm/add.c:493:12: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/add.c:493:11: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/add.c:501:14: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/add.c:503:11: branch_false: following ‘false’ branch...
 branch_false: ...to here
pacman-v7.0.0/lib/libalpm/add.c:508:9: acquire_resource: opened here
pacman-v7.0.0/lib/libalpm/add.c:514:11: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/add.c:525:12: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/add.c:525:11: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/add.c:536:17: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/add.c:541:23: branch_true: following ‘true’ branch...
pacman-v7.0.0/lib/libalpm/add.c:544:28: branch_true: ...to here
pacman-v7.0.0/lib/libalpm/add.c:544:27: branch_true: following ‘true’ branch...
pacman-v7.0.0/lib/libalpm/add.c:548:47: branch_true: ...to here
pacman-v7.0.0/lib/libalpm/add.c:548:47: call_function: inlined call to ‘_alpm_archive_compressed_ftell’ from ‘commit_single_pkg’
#   30|   static inline int64_t _alpm_archive_compressed_ftell(struct archive *archive)
#   31|   {
#   32|-> 	return archive_filter_bytes(archive, -1);
#   33|   }
#   34|   

Error: GCC_ANALYZER_WARNING (CWE-404): [#def488]
pacman-v7.0.0/lib/libalpm/log.c:84:17: warning[-Wanalyzer-va-list-leak]: missing call to ‘va_end’
pacman-v7.0.0/lib/libalpm/log.c:51:9: branch_false: following ‘false’ branch (when ‘handle’ is non-NULL)...
pacman-v7.0.0/lib/libalpm/log.c:53:11: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/log.c:77:9: acquire_resource: ‘va_start’ called here
pacman-v7.0.0/lib/libalpm/log.c:79:11: branch_true: following ‘true’ branch...
pacman-v7.0.0/lib/libalpm/log.c:83:17: branch_true: ...to here
pacman-v7.0.0/lib/libalpm/log.c:84:17: danger: missing call to ‘va_end’ to match ‘va_start’ at [(3)](sarif:/runs/0/results/0/codeFlows/0/threadFlows/0/locations/2)
#   82|   		va_list args_syslog;
#   83|   		va_copy(args_syslog, args);
#   84|-> 		vsyslog(LOG_WARNING, fmt, args_syslog);
#   85|   		va_end(args_syslog);
#   86|   	}

Error: GCC_ANALYZER_WARNING (CWE-404): [#def489]
pacman-v7.0.0/lib/libalpm/log.c:94:17: warning[-Wanalyzer-va-list-leak]: missing call to ‘va_end’
pacman-v7.0.0/lib/libalpm/log.c:51:9: branch_false: following ‘false’ branch (when ‘handle’ is non-NULL)...
pacman-v7.0.0/lib/libalpm/log.c:53:11: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/log.c:77:9: acquire_resource: ‘va_start’ called here
pacman-v7.0.0/lib/libalpm/log.c:88:11: branch_true: following ‘true’ branch...
pacman-v7.0.0/lib/libalpm/log.c:89:20: branch_true: ...to here
pacman-v7.0.0/lib/libalpm/log.c:94:17: danger: missing call to ‘va_end’ to match ‘va_start’ at [(3)](sarif:/runs/0/results/1/codeFlows/0/threadFlows/0/locations/2)
#   92|   			handle->pm_errno = ALPM_ERR_SYSTEM;
#   93|   		}
#   94|-> 		fflush(handle->logstream);
#   95|   	}
#   96|   

Error: GCC_ANALYZER_WARNING (CWE-404): [#def490]
pacman-v7.0.0/lib/libalpm/log.c:110:9: warning[-Wanalyzer-va-list-leak]: missing call to ‘va_end’
pacman-v7.0.0/lib/libalpm/log.c:105:11: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/log.c:109:9: acquire_resource: ‘va_start’ called here
pacman-v7.0.0/lib/libalpm/log.c:110:9: danger: missing call to ‘va_end’ to match ‘va_start’ at [(3)](sarif:/runs/0/results/2/codeFlows/0/threadFlows/0/locations/2)
#  108|   
#  109|   	va_start(args, fmt);
#  110|-> 	handle->logcb(handle->logcb_ctx, flag, fmt, args);
#  111|   	va_end(args);
#  112|   }

Error: GCC_ANALYZER_WARNING (CWE-401): [#def491]
pacman-v7.0.0/lib/libalpm/package.c:518:41: warning[-Wanalyzer-malloc-leak]: leak of ‘strdup(cachepkgname)’
pacman-v7.0.0/lib/libalpm/package.c:498:13: enter_function: entry to ‘find_requiredby’
pacman-v7.0.0/lib/libalpm/package.c:504:44: branch_true: following ‘true’ branch (when ‘i’ is non-NULL)...
pacman-v7.0.0/lib/libalpm/package.c:505:29: branch_true: ...to here
pacman-v7.0.0/lib/libalpm/package.c:509:29: call_function: calling ‘alpm_pkg_get_depends’ from ‘find_requiredby’
pacman-v7.0.0/lib/libalpm/package.c:509:29: return_function: returning to ‘find_requiredby’ from ‘alpm_pkg_get_depends’
pacman-v7.0.0/lib/libalpm/package.c:514:23: branch_true: following ‘true’ branch (when ‘j’ is non-NULL)...
pacman-v7.0.0/lib/libalpm/package.c:515:46: branch_true: ...to here
pacman-v7.0.0/lib/libalpm/package.c:515:27: branch_true: following ‘true’ branch...
pacman-v7.0.0/lib/libalpm/package.c:516:45: branch_true: ...to here
pacman-v7.0.0/lib/libalpm/package.c:517:35: branch_true: following ‘true’ branch...
pacman-v7.0.0/lib/libalpm/package.c:518:70: branch_true: ...to here
pacman-v7.0.0/lib/libalpm/package.c:518:70: acquire_memory: allocated here
pacman-v7.0.0/lib/libalpm/package.c:518:41: danger: ‘strdup(cachepkgname)’ leaks here; was allocated at [(15)](sarif:/runs/0/results/0/codeFlows/0/threadFlows/0/locations/14)
#  516|   				const char *cachepkgname = cachepkg->name;
#  517|   				if(alpm_list_find_str(*reqs, cachepkgname) == NULL) {
#  518|-> 					*reqs = alpm_list_add(*reqs, strdup(cachepkgname));
#  519|   				}
#  520|   			}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def492]
pacman-v7.0.0/lib/libalpm/package.c:567:9: warning[-Wanalyzer-malloc-leak]: leak of ‘<unknown>’
pacman-v7.0.0/lib/libalpm/package.c:598:5: enter_function: entry to ‘_alpm_pkg_dup’
pacman-v7.0.0/lib/libalpm/package.c:604:11: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/package.c:608:11: branch_false: following ‘false’ branch (when ‘new_ptr’ is non-NULL)...
pacman-v7.0.0/lib/libalpm/package.c:612:12: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/package.c:620:9: branch_false: following ‘false’ branch (when ‘newpkg’ is non-NULL)...
pacman-v7.0.0/lib/libalpm/package.c:622:29: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/package.c:623:9: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/package.c:623:9: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/package.c:624:9: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/package.c:624:9: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/package.c:625:9: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/package.c:625:9: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/package.c:626:9: branch_true: following ‘true’ branch...
pacman-v7.0.0/lib/libalpm/package.c:626:9: branch_true: ...to here
pacman-v7.0.0/lib/libalpm/package.c:626:9: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/package.c:627:9: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/package.c:627:9: branch_true: following ‘true’ branch...
pacman-v7.0.0/lib/libalpm/package.c:627:9: branch_true: ...to here
pacman-v7.0.0/lib/libalpm/package.c:627:9: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/package.c:628:9: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/package.c:628:9: branch_true: following ‘true’ branch...
pacman-v7.0.0/lib/libalpm/package.c:628:9: branch_true: ...to here
pacman-v7.0.0/lib/libalpm/package.c:628:9: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/package.c:629:29: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/package.c:631:9: branch_true: following ‘true’ branch...
pacman-v7.0.0/lib/libalpm/package.c:631:9: branch_true: ...to here
pacman-v7.0.0/lib/libalpm/package.c:631:9: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/package.c:632:9: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/package.c:632:9: branch_true: following ‘true’ branch...
pacman-v7.0.0/lib/libalpm/package.c:632:9: branch_true: ...to here
pacman-v7.0.0/lib/libalpm/package.c:632:9: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/package.c:633:9: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/package.c:633:9: branch_true: following ‘true’ branch...
pacman-v7.0.0/lib/libalpm/package.c:633:9: branch_true: ...to here
pacman-v7.0.0/lib/libalpm/package.c:633:9: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/package.c:634:9: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/package.c:634:9: branch_true: following ‘true’ branch...
pacman-v7.0.0/lib/libalpm/package.c:634:9: branch_true: ...to here
pacman-v7.0.0/lib/libalpm/package.c:634:9: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/package.c:635:24: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/package.c:642:30: call_function: calling ‘list_depdup’ from ‘_alpm_pkg_dup’
pacman-v7.0.0/lib/libalpm/package.c:642:30: return_function: returning to ‘_alpm_pkg_dup’ from ‘list_depdup’
pacman-v7.0.0/lib/libalpm/package.c:644:30: branch_false: following ‘false’ branch (when ‘i’ is NULL)...
pacman-v7.0.0/lib/libalpm/package.c:647:30: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/package.c:647:30: call_function: calling ‘list_depdup’ from ‘_alpm_pkg_dup’
pacman-v7.0.0/lib/libalpm/package.c:647:30: return_function: returning to ‘_alpm_pkg_dup’ from ‘list_depdup’
pacman-v7.0.0/lib/libalpm/package.c:648:30: call_function: calling ‘list_depdup’ from ‘_alpm_pkg_dup’
pacman-v7.0.0/lib/libalpm/package.c:648:30: return_function: returning to ‘_alpm_pkg_dup’ from ‘list_depdup’
pacman-v7.0.0/lib/libalpm/package.c:649:30: call_function: calling ‘list_depdup’ from ‘_alpm_pkg_dup’
pacman-v7.0.0/lib/libalpm/package.c:649:30: return_function: returning to ‘_alpm_pkg_dup’ from ‘list_depdup’
pacman-v7.0.0/lib/libalpm/package.c:650:30: call_function: calling ‘list_depdup’ from ‘_alpm_pkg_dup’
pacman-v7.0.0/lib/libalpm/package.c:650:30: return_function: returning to ‘_alpm_pkg_dup’ from ‘list_depdup’
pacman-v7.0.0/lib/libalpm/package.c:652:11: branch_true: following ‘true’ branch...
pacman-v7.0.0/lib/libalpm/package.c:654:24: branch_true: ...to here
pacman-v7.0.0/lib/libalpm/package.c:655:17: acquire_memory: allocated here
pacman-v7.0.0/lib/libalpm/package.c:655:17: branch_false: following ‘false’ branch...
 branch_false: ...to here
pacman-v7.0.0/lib/libalpm/package.c:656:34: branch_true: following ‘true’ branch...
pacman-v7.0.0/lib/libalpm/package.c:658:49: branch_true: ...to here
pacman-v7.0.0/lib/libalpm/package.c:657:29: call_function: calling ‘_alpm_file_copy’ from ‘_alpm_pkg_dup’
#  565|   		const alpm_file_t *src)
#  566|   {
#  567|-> 	STRDUP(dest->name, src->name, return NULL);
#  568|   	dest->size = src->size;
#  569|   	dest->mode = src->mode;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def493]
pacman-v7.0.0/lib/libalpm/package.c:567:9: warning[-Wanalyzer-malloc-leak]: leak of ‘newpkg’
pacman-v7.0.0/lib/libalpm/package.c:598:5: enter_function: entry to ‘_alpm_pkg_dup’
pacman-v7.0.0/lib/libalpm/package.c:604:11: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/package.c:608:11: branch_false: following ‘false’ branch (when ‘new_ptr’ is non-NULL)...
pacman-v7.0.0/lib/libalpm/package.c:612:12: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/package.c:620:9: acquire_memory: allocated here
pacman-v7.0.0/lib/libalpm/package.c:620:9: branch_false: following ‘false’ branch (when ‘newpkg’ is non-NULL)...
pacman-v7.0.0/lib/libalpm/package.c:622:29: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/package.c:623:9: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/package.c:623:9: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/package.c:624:9: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/package.c:624:9: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/package.c:625:9: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/package.c:625:9: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/package.c:626:9: branch_true: following ‘true’ branch...
pacman-v7.0.0/lib/libalpm/package.c:626:9: branch_true: ...to here
pacman-v7.0.0/lib/libalpm/package.c:626:9: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/package.c:627:9: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/package.c:627:9: branch_true: following ‘true’ branch...
pacman-v7.0.0/lib/libalpm/package.c:627:9: branch_true: ...to here
pacman-v7.0.0/lib/libalpm/package.c:627:9: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/package.c:628:9: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/package.c:628:9: branch_true: following ‘true’ branch...
pacman-v7.0.0/lib/libalpm/package.c:628:9: branch_true: ...to here
pacman-v7.0.0/lib/libalpm/package.c:628:9: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/package.c:629:29: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/package.c:631:9: branch_true: following ‘true’ branch...
pacman-v7.0.0/lib/libalpm/package.c:631:9: branch_true: ...to here
pacman-v7.0.0/lib/libalpm/package.c:631:9: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/package.c:632:9: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/package.c:632:9: branch_true: following ‘true’ branch...
pacman-v7.0.0/lib/libalpm/package.c:632:9: branch_true: ...to here
pacman-v7.0.0/lib/libalpm/package.c:632:9: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/package.c:633:9: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/package.c:633:9: branch_true: following ‘true’ branch...
pacman-v7.0.0/lib/libalpm/package.c:633:9: branch_true: ...to here
pacman-v7.0.0/lib/libalpm/package.c:633:9: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/package.c:634:9: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/package.c:634:9: branch_true: following ‘true’ branch...
pacman-v7.0.0/lib/libalpm/package.c:634:9: branch_true: ...to here
pacman-v7.0.0/lib/libalpm/package.c:634:9: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/package.c:635:24: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/package.c:642:30: call_function: calling ‘list_depdup’ from ‘_alpm_pkg_dup’
pacman-v7.0.0/lib/libalpm/package.c:642:30: return_function: returning to ‘_alpm_pkg_dup’ from ‘list_depdup’
pacman-v7.0.0/lib/libalpm/package.c:644:30: branch_false: following ‘false’ branch (when ‘i’ is NULL)...
pacman-v7.0.0/lib/libalpm/package.c:647:30: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/package.c:647:30: call_function: calling ‘list_depdup’ from ‘_alpm_pkg_dup’
pacman-v7.0.0/lib/libalpm/package.c:647:30: return_function: returning to ‘_alpm_pkg_dup’ from ‘list_depdup’
pacman-v7.0.0/lib/libalpm/package.c:648:30: call_function: calling ‘list_depdup’ from ‘_alpm_pkg_dup’
pacman-v7.0.0/lib/libalpm/package.c:648:30: return_function: returning to ‘_alpm_pkg_dup’ from ‘list_depdup’
pacman-v7.0.0/lib/libalpm/package.c:649:30: call_function: calling ‘list_depdup’ from ‘_alpm_pkg_dup’
pacman-v7.0.0/lib/libalpm/package.c:649:30: return_function: returning to ‘_alpm_pkg_dup’ from ‘list_depdup’
pacman-v7.0.0/lib/libalpm/package.c:650:30: call_function: calling ‘list_depdup’ from ‘_alpm_pkg_dup’
pacman-v7.0.0/lib/libalpm/package.c:650:30: return_function: returning to ‘_alpm_pkg_dup’ from ‘list_depdup’
pacman-v7.0.0/lib/libalpm/package.c:652:11: branch_true: following ‘true’ branch...
pacman-v7.0.0/lib/libalpm/package.c:654:24: branch_true: ...to here
pacman-v7.0.0/lib/libalpm/package.c:655:17: branch_false: following ‘false’ branch...
 branch_false: ...to here
pacman-v7.0.0/lib/libalpm/package.c:656:34: branch_true: following ‘true’ branch...
pacman-v7.0.0/lib/libalpm/package.c:658:49: branch_true: ...to here
pacman-v7.0.0/lib/libalpm/package.c:657:29: call_function: calling ‘_alpm_file_copy’ from ‘_alpm_pkg_dup’
#  565|   		const alpm_file_t *src)
#  566|   {
#  567|-> 	STRDUP(dest->name, src->name, return NULL);
#  568|   	dest->size = src->size;
#  569|   	dest->mode = src->mode;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def494]
pacman-v7.0.0/lib/libalpm/package.c:587:23: warning[-Wanalyzer-malloc-leak]: leak of ‘<unknown>’
pacman-v7.0.0/lib/libalpm/package.c:598:5: enter_function: entry to ‘_alpm_pkg_dup’
pacman-v7.0.0/lib/libalpm/package.c:604:11: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/package.c:608:11: branch_false: following ‘false’ branch (when ‘new_ptr’ is non-NULL)...
pacman-v7.0.0/lib/libalpm/package.c:612:12: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/package.c:620:9: branch_false: following ‘false’ branch (when ‘newpkg’ is non-NULL)...
pacman-v7.0.0/lib/libalpm/package.c:622:29: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/package.c:623:9: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/package.c:623:9: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/package.c:624:9: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/package.c:624:9: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/package.c:625:9: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/package.c:625:9: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/package.c:626:9: branch_true: following ‘true’ branch...
pacman-v7.0.0/lib/libalpm/package.c:626:9: branch_true: ...to here
pacman-v7.0.0/lib/libalpm/package.c:626:9: acquire_memory: allocated here
pacman-v7.0.0/lib/libalpm/package.c:626:9: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/package.c:627:9: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/package.c:627:9: branch_true: following ‘true’ branch...
pacman-v7.0.0/lib/libalpm/package.c:627:9: branch_true: ...to here
pacman-v7.0.0/lib/libalpm/package.c:627:9: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/package.c:628:9: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/package.c:628:9: branch_true: following ‘true’ branch...
pacman-v7.0.0/lib/libalpm/package.c:628:9: branch_true: ...to here
pacman-v7.0.0/lib/libalpm/package.c:628:9: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/package.c:629:29: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/package.c:631:9: branch_true: following ‘true’ branch...
pacman-v7.0.0/lib/libalpm/package.c:631:9: branch_true: ...to here
pacman-v7.0.0/lib/libalpm/package.c:631:9: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/package.c:632:9: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/package.c:632:9: branch_true: following ‘true’ branch...
pacman-v7.0.0/lib/libalpm/package.c:632:9: branch_true: ...to here
pacman-v7.0.0/lib/libalpm/package.c:632:9: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/package.c:633:9: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/package.c:633:9: branch_true: following ‘true’ branch...
pacman-v7.0.0/lib/libalpm/package.c:633:9: branch_true: ...to here
pacman-v7.0.0/lib/libalpm/package.c:633:9: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/package.c:634:9: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/package.c:634:9: branch_true: following ‘true’ branch...
pacman-v7.0.0/lib/libalpm/package.c:634:9: branch_true: ...to here
pacman-v7.0.0/lib/libalpm/package.c:634:9: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/package.c:635:24: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/package.c:642:30: call_function: calling ‘list_depdup’ from ‘_alpm_pkg_dup’
#  585|   	alpm_list_t *i, *new = NULL;
#  586|   	for(i = old; i; i = i->next) {
#  587|-> 		new = alpm_list_add(new, _alpm_dep_dup(i->data));
#  588|   	}
#  589|   	return new;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def495]
pacman-v7.0.0/lib/libalpm/package.c:587:23: warning[-Wanalyzer-malloc-leak]: leak of ‘newpkg’
pacman-v7.0.0/lib/libalpm/package.c:598:5: enter_function: entry to ‘_alpm_pkg_dup’
pacman-v7.0.0/lib/libalpm/package.c:604:11: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/package.c:608:11: branch_false: following ‘false’ branch (when ‘new_ptr’ is non-NULL)...
pacman-v7.0.0/lib/libalpm/package.c:612:12: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/package.c:620:9: acquire_memory: allocated here
pacman-v7.0.0/lib/libalpm/package.c:620:9: branch_false: following ‘false’ branch (when ‘newpkg’ is non-NULL)...
pacman-v7.0.0/lib/libalpm/package.c:622:29: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/package.c:623:9: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/package.c:623:9: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/package.c:624:9: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/package.c:624:9: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/package.c:625:9: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/package.c:625:9: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/package.c:626:9: branch_true: following ‘true’ branch...
pacman-v7.0.0/lib/libalpm/package.c:626:9: branch_true: ...to here
pacman-v7.0.0/lib/libalpm/package.c:626:9: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/package.c:627:9: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/package.c:627:9: branch_true: following ‘true’ branch...
pacman-v7.0.0/lib/libalpm/package.c:627:9: branch_true: ...to here
pacman-v7.0.0/lib/libalpm/package.c:627:9: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/package.c:628:9: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/package.c:628:9: branch_true: following ‘true’ branch...
pacman-v7.0.0/lib/libalpm/package.c:628:9: branch_true: ...to here
pacman-v7.0.0/lib/libalpm/package.c:628:9: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/package.c:629:29: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/package.c:631:9: branch_true: following ‘true’ branch...
pacman-v7.0.0/lib/libalpm/package.c:631:9: branch_true: ...to here
pacman-v7.0.0/lib/libalpm/package.c:631:9: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/package.c:632:9: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/package.c:632:9: branch_true: following ‘true’ branch...
pacman-v7.0.0/lib/libalpm/package.c:632:9: branch_true: ...to here
pacman-v7.0.0/lib/libalpm/package.c:632:9: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/package.c:633:9: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/package.c:633:9: branch_true: following ‘true’ branch...
pacman-v7.0.0/lib/libalpm/package.c:633:9: branch_true: ...to here
pacman-v7.0.0/lib/libalpm/package.c:633:9: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/package.c:634:9: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/package.c:634:9: branch_true: following ‘true’ branch...
pacman-v7.0.0/lib/libalpm/package.c:634:9: branch_true: ...to here
pacman-v7.0.0/lib/libalpm/package.c:634:9: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/package.c:635:24: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/package.c:642:30: call_function: calling ‘list_depdup’ from ‘_alpm_pkg_dup’
#  585|   	alpm_list_t *i, *new = NULL;
#  586|   	for(i = old; i; i = i->next) {
#  587|-> 		new = alpm_list_add(new, _alpm_dep_dup(i->data));
#  588|   	}
#  589|   	return new;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def496]
pacman-v7.0.0/lib/libalpm/package.c:587:42: warning[-Wanalyzer-malloc-leak]: leak of ‘<unknown>’
pacman-v7.0.0/lib/libalpm/package.c:598:5: enter_function: entry to ‘_alpm_pkg_dup’
pacman-v7.0.0/lib/libalpm/package.c:604:11: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/package.c:608:11: branch_false: following ‘false’ branch (when ‘new_ptr’ is non-NULL)...
pacman-v7.0.0/lib/libalpm/package.c:612:12: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/package.c:620:9: branch_false: following ‘false’ branch (when ‘newpkg’ is non-NULL)...
pacman-v7.0.0/lib/libalpm/package.c:622:29: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/package.c:623:9: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/package.c:623:9: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/package.c:624:9: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/package.c:624:9: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/package.c:625:9: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/package.c:625:9: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/package.c:626:9: branch_true: following ‘true’ branch...
pacman-v7.0.0/lib/libalpm/package.c:626:9: branch_true: ...to here
pacman-v7.0.0/lib/libalpm/package.c:626:9: acquire_memory: allocated here
pacman-v7.0.0/lib/libalpm/package.c:626:9: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/package.c:627:9: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/package.c:627:9: branch_true: following ‘true’ branch...
pacman-v7.0.0/lib/libalpm/package.c:627:9: branch_true: ...to here
pacman-v7.0.0/lib/libalpm/package.c:627:9: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/package.c:628:9: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/package.c:628:9: branch_true: following ‘true’ branch...
pacman-v7.0.0/lib/libalpm/package.c:628:9: branch_true: ...to here
pacman-v7.0.0/lib/libalpm/package.c:628:9: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/package.c:629:29: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/package.c:631:9: branch_true: following ‘true’ branch...
pacman-v7.0.0/lib/libalpm/package.c:631:9: branch_true: ...to here
pacman-v7.0.0/lib/libalpm/package.c:631:9: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/package.c:632:9: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/package.c:632:9: branch_true: following ‘true’ branch...
pacman-v7.0.0/lib/libalpm/package.c:632:9: branch_true: ...to here
pacman-v7.0.0/lib/libalpm/package.c:632:9: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/package.c:633:9: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/package.c:633:9: branch_true: following ‘true’ branch...
pacman-v7.0.0/lib/libalpm/package.c:633:9: branch_true: ...to here
pacman-v7.0.0/lib/libalpm/package.c:633:9: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/package.c:634:9: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/package.c:634:9: branch_true: following ‘true’ branch...
pacman-v7.0.0/lib/libalpm/package.c:634:9: branch_true: ...to here
pacman-v7.0.0/lib/libalpm/package.c:634:9: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/package.c:635:24: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/package.c:642:30: call_function: calling ‘list_depdup’ from ‘_alpm_pkg_dup’
#  585|   	alpm_list_t *i, *new = NULL;
#  586|   	for(i = old; i; i = i->next) {
#  587|-> 		new = alpm_list_add(new, _alpm_dep_dup(i->data));
#  588|   	}
#  589|   	return new;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def497]
pacman-v7.0.0/lib/libalpm/package.c:587:42: warning[-Wanalyzer-malloc-leak]: leak of ‘newpkg’
pacman-v7.0.0/lib/libalpm/package.c:598:5: enter_function: entry to ‘_alpm_pkg_dup’
pacman-v7.0.0/lib/libalpm/package.c:604:11: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/package.c:608:11: branch_false: following ‘false’ branch (when ‘new_ptr’ is non-NULL)...
pacman-v7.0.0/lib/libalpm/package.c:612:12: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/package.c:620:9: acquire_memory: allocated here
pacman-v7.0.0/lib/libalpm/package.c:620:9: branch_false: following ‘false’ branch (when ‘newpkg’ is non-NULL)...
pacman-v7.0.0/lib/libalpm/package.c:622:29: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/package.c:623:9: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/package.c:623:9: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/package.c:624:9: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/package.c:624:9: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/package.c:625:9: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/package.c:625:9: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/package.c:626:9: branch_true: following ‘true’ branch...
pacman-v7.0.0/lib/libalpm/package.c:626:9: branch_true: ...to here
pacman-v7.0.0/lib/libalpm/package.c:626:9: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/package.c:627:9: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/package.c:627:9: branch_true: following ‘true’ branch...
pacman-v7.0.0/lib/libalpm/package.c:627:9: branch_true: ...to here
pacman-v7.0.0/lib/libalpm/package.c:627:9: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/package.c:628:9: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/package.c:628:9: branch_true: following ‘true’ branch...
pacman-v7.0.0/lib/libalpm/package.c:628:9: branch_true: ...to here
pacman-v7.0.0/lib/libalpm/package.c:628:9: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/package.c:629:29: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/package.c:631:9: branch_true: following ‘true’ branch...
pacman-v7.0.0/lib/libalpm/package.c:631:9: branch_true: ...to here
pacman-v7.0.0/lib/libalpm/package.c:631:9: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/package.c:632:9: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/package.c:632:9: branch_true: following ‘true’ branch...
pacman-v7.0.0/lib/libalpm/package.c:632:9: branch_true: ...to here
pacman-v7.0.0/lib/libalpm/package.c:632:9: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/package.c:633:9: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/package.c:633:9: branch_true: following ‘true’ branch...
pacman-v7.0.0/lib/libalpm/package.c:633:9: branch_true: ...to here
pacman-v7.0.0/lib/libalpm/package.c:633:9: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/package.c:634:9: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/package.c:634:9: branch_true: following ‘true’ branch...
pacman-v7.0.0/lib/libalpm/package.c:634:9: branch_true: ...to here
pacman-v7.0.0/lib/libalpm/package.c:634:9: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/package.c:635:24: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/package.c:642:30: call_function: calling ‘list_depdup’ from ‘_alpm_pkg_dup’
#  585|   	alpm_list_t *i, *new = NULL;
#  586|   	for(i = old; i; i = i->next) {
#  587|-> 		new = alpm_list_add(new, _alpm_dep_dup(i->data));
#  588|   	}
#  589|   	return new;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def498]
pacman-v7.0.0/lib/libalpm/package.c:623:9: warning[-Wanalyzer-malloc-leak]: leak of ‘newpkg’
pacman-v7.0.0/lib/libalpm/package.c:604:11: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/package.c:608:11: branch_false: following ‘false’ branch (when ‘new_ptr’ is non-NULL)...
pacman-v7.0.0/lib/libalpm/package.c:612:12: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/package.c:620:9: acquire_memory: allocated here
pacman-v7.0.0/lib/libalpm/package.c:620:9: branch_false: following ‘false’ branch (when ‘newpkg’ is non-NULL)...
pacman-v7.0.0/lib/libalpm/package.c:622:29: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/package.c:623:9: branch_true: following ‘true’ branch...
pacman-v7.0.0/lib/libalpm/package.c:623:9: danger: ‘newpkg’ leaks here; was allocated at [(5)](sarif:/runs/0/results/7/codeFlows/0/threadFlows/0/locations/4)
#  621|   
#  622|   	newpkg->name_hash = pkg->name_hash;
#  623|-> 	STRDUP(newpkg->filename, pkg->filename, goto cleanup);
#  624|   	STRDUP(newpkg->base, pkg->base, goto cleanup);
#  625|   	STRDUP(newpkg->name, pkg->name, goto cleanup);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def499]
pacman-v7.0.0/lib/libalpm/package.c:624:9: warning[-Wanalyzer-malloc-leak]: leak of ‘<unknown>’
pacman-v7.0.0/lib/libalpm/package.c:604:11: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/package.c:608:11: branch_false: following ‘false’ branch (when ‘new_ptr’ is non-NULL)...
pacman-v7.0.0/lib/libalpm/package.c:612:12: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/package.c:620:9: branch_false: following ‘false’ branch (when ‘newpkg’ is non-NULL)...
pacman-v7.0.0/lib/libalpm/package.c:622:29: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/package.c:623:9: branch_true: following ‘true’ branch...
pacman-v7.0.0/lib/libalpm/package.c:623:9: branch_true: ...to here
pacman-v7.0.0/lib/libalpm/package.c:623:9: acquire_memory: allocated here
pacman-v7.0.0/lib/libalpm/package.c:623:9: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/package.c:624:9: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/package.c:624:9: branch_true: following ‘true’ branch...
pacman-v7.0.0/lib/libalpm/package.c:624:9: danger: ‘<unknown>’ leaks here; was allocated at [(9)](sarif:/runs/0/results/9/codeFlows/0/threadFlows/0/locations/8)
#  622|   	newpkg->name_hash = pkg->name_hash;
#  623|   	STRDUP(newpkg->filename, pkg->filename, goto cleanup);
#  624|-> 	STRDUP(newpkg->base, pkg->base, goto cleanup);
#  625|   	STRDUP(newpkg->name, pkg->name, goto cleanup);
#  626|   	STRDUP(newpkg->version, pkg->version, goto cleanup);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def500]
pacman-v7.0.0/lib/libalpm/package.c:624:9: warning[-Wanalyzer-malloc-leak]: leak of ‘newpkg’
pacman-v7.0.0/lib/libalpm/package.c:604:11: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/package.c:608:11: branch_false: following ‘false’ branch (when ‘new_ptr’ is non-NULL)...
pacman-v7.0.0/lib/libalpm/package.c:612:12: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/package.c:620:9: acquire_memory: allocated here
pacman-v7.0.0/lib/libalpm/package.c:620:9: branch_false: following ‘false’ branch (when ‘newpkg’ is non-NULL)...
pacman-v7.0.0/lib/libalpm/package.c:622:29: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/package.c:623:9: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/package.c:623:9: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/package.c:624:9: branch_true: following ‘true’ branch...
pacman-v7.0.0/lib/libalpm/package.c:624:9: danger: ‘newpkg’ leaks here; was allocated at [(5)](sarif:/runs/0/results/8/codeFlows/0/threadFlows/0/locations/4)
#  622|   	newpkg->name_hash = pkg->name_hash;
#  623|   	STRDUP(newpkg->filename, pkg->filename, goto cleanup);
#  624|-> 	STRDUP(newpkg->base, pkg->base, goto cleanup);
#  625|   	STRDUP(newpkg->name, pkg->name, goto cleanup);
#  626|   	STRDUP(newpkg->version, pkg->version, goto cleanup);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def501]
pacman-v7.0.0/lib/libalpm/package.c:625:9: warning[-Wanalyzer-malloc-leak]: leak of ‘<unknown>’
pacman-v7.0.0/lib/libalpm/package.c:604:11: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/package.c:608:11: branch_false: following ‘false’ branch (when ‘new_ptr’ is non-NULL)...
pacman-v7.0.0/lib/libalpm/package.c:612:12: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/package.c:620:9: branch_false: following ‘false’ branch (when ‘newpkg’ is non-NULL)...
pacman-v7.0.0/lib/libalpm/package.c:622:29: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/package.c:623:9: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/package.c:623:9: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/package.c:624:9: branch_true: following ‘true’ branch...
pacman-v7.0.0/lib/libalpm/package.c:624:9: branch_true: ...to here
pacman-v7.0.0/lib/libalpm/package.c:624:9: acquire_memory: allocated here
pacman-v7.0.0/lib/libalpm/package.c:624:9: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/package.c:625:9: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/package.c:625:9: branch_true: following ‘true’ branch...
pacman-v7.0.0/lib/libalpm/package.c:625:9: danger: ‘<unknown>’ leaks here; was allocated at [(11)](sarif:/runs/0/results/11/codeFlows/0/threadFlows/0/locations/10)
#  623|   	STRDUP(newpkg->filename, pkg->filename, goto cleanup);
#  624|   	STRDUP(newpkg->base, pkg->base, goto cleanup);
#  625|-> 	STRDUP(newpkg->name, pkg->name, goto cleanup);
#  626|   	STRDUP(newpkg->version, pkg->version, goto cleanup);
#  627|   	STRDUP(newpkg->desc, pkg->desc, goto cleanup);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def502]
pacman-v7.0.0/lib/libalpm/package.c:625:9: warning[-Wanalyzer-malloc-leak]: leak of ‘newpkg’
pacman-v7.0.0/lib/libalpm/package.c:604:11: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/package.c:608:11: branch_false: following ‘false’ branch (when ‘new_ptr’ is non-NULL)...
pacman-v7.0.0/lib/libalpm/package.c:612:12: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/package.c:620:9: acquire_memory: allocated here
pacman-v7.0.0/lib/libalpm/package.c:620:9: branch_false: following ‘false’ branch (when ‘newpkg’ is non-NULL)...
pacman-v7.0.0/lib/libalpm/package.c:622:29: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/package.c:623:9: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/package.c:623:9: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/package.c:624:9: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/package.c:624:9: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/package.c:625:9: branch_true: following ‘true’ branch...
pacman-v7.0.0/lib/libalpm/package.c:625:9: danger: ‘newpkg’ leaks here; was allocated at [(5)](sarif:/runs/0/results/10/codeFlows/0/threadFlows/0/locations/4)
#  623|   	STRDUP(newpkg->filename, pkg->filename, goto cleanup);
#  624|   	STRDUP(newpkg->base, pkg->base, goto cleanup);
#  625|-> 	STRDUP(newpkg->name, pkg->name, goto cleanup);
#  626|   	STRDUP(newpkg->version, pkg->version, goto cleanup);
#  627|   	STRDUP(newpkg->desc, pkg->desc, goto cleanup);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def503]
pacman-v7.0.0/lib/libalpm/package.c:626:9: warning[-Wanalyzer-malloc-leak]: leak of ‘<unknown>’
pacman-v7.0.0/lib/libalpm/package.c:604:11: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/package.c:608:11: branch_false: following ‘false’ branch (when ‘new_ptr’ is non-NULL)...
pacman-v7.0.0/lib/libalpm/package.c:612:12: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/package.c:620:9: branch_false: following ‘false’ branch (when ‘newpkg’ is non-NULL)...
pacman-v7.0.0/lib/libalpm/package.c:622:29: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/package.c:623:9: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/package.c:623:9: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/package.c:624:9: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/package.c:624:9: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/package.c:625:9: branch_true: following ‘true’ branch...
pacman-v7.0.0/lib/libalpm/package.c:625:9: branch_true: ...to here
pacman-v7.0.0/lib/libalpm/package.c:625:9: acquire_memory: allocated here
pacman-v7.0.0/lib/libalpm/package.c:625:9: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/package.c:626:9: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/package.c:626:9: branch_true: following ‘true’ branch...
pacman-v7.0.0/lib/libalpm/package.c:626:9: danger: ‘<unknown>’ leaks here; was allocated at [(13)](sarif:/runs/0/results/13/codeFlows/0/threadFlows/0/locations/12)
#  624|   	STRDUP(newpkg->base, pkg->base, goto cleanup);
#  625|   	STRDUP(newpkg->name, pkg->name, goto cleanup);
#  626|-> 	STRDUP(newpkg->version, pkg->version, goto cleanup);
#  627|   	STRDUP(newpkg->desc, pkg->desc, goto cleanup);
#  628|   	STRDUP(newpkg->url, pkg->url, goto cleanup);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def504]
pacman-v7.0.0/lib/libalpm/package.c:626:9: warning[-Wanalyzer-malloc-leak]: leak of ‘newpkg’
pacman-v7.0.0/lib/libalpm/package.c:604:11: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/package.c:608:11: branch_false: following ‘false’ branch (when ‘new_ptr’ is non-NULL)...
pacman-v7.0.0/lib/libalpm/package.c:612:12: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/package.c:620:9: acquire_memory: allocated here
pacman-v7.0.0/lib/libalpm/package.c:620:9: branch_false: following ‘false’ branch (when ‘newpkg’ is non-NULL)...
pacman-v7.0.0/lib/libalpm/package.c:622:29: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/package.c:623:9: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/package.c:623:9: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/package.c:624:9: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/package.c:624:9: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/package.c:625:9: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/package.c:625:9: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/package.c:626:9: branch_true: following ‘true’ branch...
pacman-v7.0.0/lib/libalpm/package.c:626:9: danger: ‘newpkg’ leaks here; was allocated at [(5)](sarif:/runs/0/results/12/codeFlows/0/threadFlows/0/locations/4)
#  624|   	STRDUP(newpkg->base, pkg->base, goto cleanup);
#  625|   	STRDUP(newpkg->name, pkg->name, goto cleanup);
#  626|-> 	STRDUP(newpkg->version, pkg->version, goto cleanup);
#  627|   	STRDUP(newpkg->desc, pkg->desc, goto cleanup);
#  628|   	STRDUP(newpkg->url, pkg->url, goto cleanup);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def505]
pacman-v7.0.0/lib/libalpm/package.c:627:9: warning[-Wanalyzer-malloc-leak]: leak of ‘<unknown>’
pacman-v7.0.0/lib/libalpm/package.c:604:11: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/package.c:608:11: branch_false: following ‘false’ branch (when ‘new_ptr’ is non-NULL)...
pacman-v7.0.0/lib/libalpm/package.c:612:12: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/package.c:620:9: branch_false: following ‘false’ branch (when ‘newpkg’ is non-NULL)...
pacman-v7.0.0/lib/libalpm/package.c:622:29: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/package.c:623:9: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/package.c:623:9: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/package.c:624:9: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/package.c:624:9: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/package.c:625:9: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/package.c:625:9: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/package.c:626:9: branch_true: following ‘true’ branch...
pacman-v7.0.0/lib/libalpm/package.c:626:9: branch_true: ...to here
pacman-v7.0.0/lib/libalpm/package.c:626:9: acquire_memory: allocated here
pacman-v7.0.0/lib/libalpm/package.c:626:9: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/package.c:627:9: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/package.c:627:9: branch_true: following ‘true’ branch...
pacman-v7.0.0/lib/libalpm/package.c:627:9: danger: ‘<unknown>’ leaks here; was allocated at [(15)](sarif:/runs/0/results/14/codeFlows/0/threadFlows/0/locations/14)
#  625|   	STRDUP(newpkg->name, pkg->name, goto cleanup);
#  626|   	STRDUP(newpkg->version, pkg->version, goto cleanup);
#  627|-> 	STRDUP(newpkg->desc, pkg->desc, goto cleanup);
#  628|   	STRDUP(newpkg->url, pkg->url, goto cleanup);
#  629|   	newpkg->builddate = pkg->builddate;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def506]
pacman-v7.0.0/lib/libalpm/package.c:627:9: warning[-Wanalyzer-malloc-leak]: leak of ‘newpkg’
pacman-v7.0.0/lib/libalpm/package.c:604:11: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/package.c:608:11: branch_false: following ‘false’ branch (when ‘new_ptr’ is non-NULL)...
pacman-v7.0.0/lib/libalpm/package.c:612:12: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/package.c:620:9: acquire_memory: allocated here
pacman-v7.0.0/lib/libalpm/package.c:620:9: branch_false: following ‘false’ branch (when ‘newpkg’ is non-NULL)...
pacman-v7.0.0/lib/libalpm/package.c:622:29: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/package.c:623:9: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/package.c:623:9: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/package.c:624:9: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/package.c:624:9: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/package.c:625:9: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/package.c:625:9: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/package.c:626:9: branch_true: following ‘true’ branch...
pacman-v7.0.0/lib/libalpm/package.c:626:9: branch_true: ...to here
pacman-v7.0.0/lib/libalpm/package.c:626:9: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/package.c:627:9: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/package.c:627:9: branch_true: following ‘true’ branch...
pacman-v7.0.0/lib/libalpm/package.c:627:9: danger: ‘newpkg’ leaks here; was allocated at [(5)](sarif:/runs/0/results/15/codeFlows/0/threadFlows/0/locations/4)
#  625|   	STRDUP(newpkg->name, pkg->name, goto cleanup);
#  626|   	STRDUP(newpkg->version, pkg->version, goto cleanup);
#  627|-> 	STRDUP(newpkg->desc, pkg->desc, goto cleanup);
#  628|   	STRDUP(newpkg->url, pkg->url, goto cleanup);
#  629|   	newpkg->builddate = pkg->builddate;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def507]
pacman-v7.0.0/lib/libalpm/package.c:628:9: warning[-Wanalyzer-malloc-leak]: leak of ‘<unknown>’
pacman-v7.0.0/lib/libalpm/package.c:604:11: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/package.c:608:11: branch_false: following ‘false’ branch (when ‘new_ptr’ is non-NULL)...
pacman-v7.0.0/lib/libalpm/package.c:612:12: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/package.c:620:9: branch_false: following ‘false’ branch (when ‘newpkg’ is non-NULL)...
pacman-v7.0.0/lib/libalpm/package.c:622:29: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/package.c:623:9: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/package.c:623:9: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/package.c:624:9: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/package.c:624:9: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/package.c:625:9: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/package.c:625:9: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/package.c:626:9: branch_true: following ‘true’ branch...
pacman-v7.0.0/lib/libalpm/package.c:626:9: branch_true: ...to here
pacman-v7.0.0/lib/libalpm/package.c:626:9: acquire_memory: allocated here
pacman-v7.0.0/lib/libalpm/package.c:626:9: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/package.c:627:9: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/package.c:627:9: branch_true: following ‘true’ branch...
pacman-v7.0.0/lib/libalpm/package.c:627:9: branch_true: ...to here
pacman-v7.0.0/lib/libalpm/package.c:627:9: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/package.c:628:9: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/package.c:628:9: branch_true: following ‘true’ branch...
pacman-v7.0.0/lib/libalpm/package.c:628:9: danger: ‘<unknown>’ leaks here; was allocated at [(15)](sarif:/runs/0/results/17/codeFlows/0/threadFlows/0/locations/14)
#  626|   	STRDUP(newpkg->version, pkg->version, goto cleanup);
#  627|   	STRDUP(newpkg->desc, pkg->desc, goto cleanup);
#  628|-> 	STRDUP(newpkg->url, pkg->url, goto cleanup);
#  629|   	newpkg->builddate = pkg->builddate;
#  630|   	newpkg->installdate = pkg->installdate;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def508]
pacman-v7.0.0/lib/libalpm/package.c:628:9: warning[-Wanalyzer-malloc-leak]: leak of ‘newpkg’
pacman-v7.0.0/lib/libalpm/package.c:604:11: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/package.c:608:11: branch_false: following ‘false’ branch (when ‘new_ptr’ is non-NULL)...
pacman-v7.0.0/lib/libalpm/package.c:612:12: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/package.c:620:9: acquire_memory: allocated here
pacman-v7.0.0/lib/libalpm/package.c:620:9: branch_false: following ‘false’ branch (when ‘newpkg’ is non-NULL)...
pacman-v7.0.0/lib/libalpm/package.c:622:29: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/package.c:623:9: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/package.c:623:9: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/package.c:624:9: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/package.c:624:9: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/package.c:625:9: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/package.c:625:9: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/package.c:626:9: branch_true: following ‘true’ branch...
pacman-v7.0.0/lib/libalpm/package.c:626:9: branch_true: ...to here
pacman-v7.0.0/lib/libalpm/package.c:626:9: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/package.c:627:9: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/package.c:627:9: branch_true: following ‘true’ branch...
pacman-v7.0.0/lib/libalpm/package.c:627:9: branch_true: ...to here
pacman-v7.0.0/lib/libalpm/package.c:627:9: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/package.c:628:9: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/package.c:628:9: branch_true: following ‘true’ branch...
pacman-v7.0.0/lib/libalpm/package.c:628:9: danger: ‘newpkg’ leaks here; was allocated at [(5)](sarif:/runs/0/results/16/codeFlows/0/threadFlows/0/locations/4)
#  626|   	STRDUP(newpkg->version, pkg->version, goto cleanup);
#  627|   	STRDUP(newpkg->desc, pkg->desc, goto cleanup);
#  628|-> 	STRDUP(newpkg->url, pkg->url, goto cleanup);
#  629|   	newpkg->builddate = pkg->builddate;
#  630|   	newpkg->installdate = pkg->installdate;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def509]
pacman-v7.0.0/lib/libalpm/package.c:631:9: warning[-Wanalyzer-malloc-leak]: leak of ‘<unknown>’
pacman-v7.0.0/lib/libalpm/package.c:604:11: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/package.c:608:11: branch_false: following ‘false’ branch (when ‘new_ptr’ is non-NULL)...
pacman-v7.0.0/lib/libalpm/package.c:612:12: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/package.c:620:9: branch_false: following ‘false’ branch (when ‘newpkg’ is non-NULL)...
pacman-v7.0.0/lib/libalpm/package.c:622:29: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/package.c:623:9: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/package.c:623:9: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/package.c:624:9: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/package.c:624:9: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/package.c:625:9: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/package.c:625:9: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/package.c:626:9: branch_true: following ‘true’ branch...
pacman-v7.0.0/lib/libalpm/package.c:626:9: branch_true: ...to here
pacman-v7.0.0/lib/libalpm/package.c:626:9: acquire_memory: allocated here
pacman-v7.0.0/lib/libalpm/package.c:626:9: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/package.c:627:9: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/package.c:627:9: branch_true: following ‘true’ branch...
pacman-v7.0.0/lib/libalpm/package.c:627:9: branch_true: ...to here
pacman-v7.0.0/lib/libalpm/package.c:627:9: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/package.c:628:9: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/package.c:628:9: branch_true: following ‘true’ branch...
pacman-v7.0.0/lib/libalpm/package.c:628:9: branch_true: ...to here
pacman-v7.0.0/lib/libalpm/package.c:628:9: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/package.c:629:29: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/package.c:631:9: branch_true: following ‘true’ branch...
pacman-v7.0.0/lib/libalpm/package.c:631:9: danger: ‘<unknown>’ leaks here; was allocated at [(15)](sarif:/runs/0/results/18/codeFlows/0/threadFlows/0/locations/14)
#  629|   	newpkg->builddate = pkg->builddate;
#  630|   	newpkg->installdate = pkg->installdate;
#  631|-> 	STRDUP(newpkg->packager, pkg->packager, goto cleanup);
#  632|   	STRDUP(newpkg->md5sum, pkg->md5sum, goto cleanup);
#  633|   	STRDUP(newpkg->sha256sum, pkg->sha256sum, goto cleanup);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def510]
pacman-v7.0.0/lib/libalpm/package.c:631:9: warning[-Wanalyzer-malloc-leak]: leak of ‘newpkg’
pacman-v7.0.0/lib/libalpm/package.c:604:11: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/package.c:608:11: branch_false: following ‘false’ branch (when ‘new_ptr’ is non-NULL)...
pacman-v7.0.0/lib/libalpm/package.c:612:12: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/package.c:620:9: acquire_memory: allocated here
pacman-v7.0.0/lib/libalpm/package.c:620:9: branch_false: following ‘false’ branch (when ‘newpkg’ is non-NULL)...
pacman-v7.0.0/lib/libalpm/package.c:622:29: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/package.c:623:9: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/package.c:623:9: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/package.c:624:9: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/package.c:624:9: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/package.c:625:9: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/package.c:625:9: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/package.c:626:9: branch_true: following ‘true’ branch...
pacman-v7.0.0/lib/libalpm/package.c:626:9: branch_true: ...to here
pacman-v7.0.0/lib/libalpm/package.c:626:9: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/package.c:627:9: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/package.c:627:9: branch_true: following ‘true’ branch...
pacman-v7.0.0/lib/libalpm/package.c:627:9: branch_true: ...to here
pacman-v7.0.0/lib/libalpm/package.c:627:9: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/package.c:628:9: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/package.c:628:9: branch_true: following ‘true’ branch...
pacman-v7.0.0/lib/libalpm/package.c:628:9: branch_true: ...to here
pacman-v7.0.0/lib/libalpm/package.c:628:9: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/package.c:629:29: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/package.c:631:9: branch_true: following ‘true’ branch...
pacman-v7.0.0/lib/libalpm/package.c:631:9: danger: ‘newpkg’ leaks here; was allocated at [(5)](sarif:/runs/0/results/19/codeFlows/0/threadFlows/0/locations/4)
#  629|   	newpkg->builddate = pkg->builddate;
#  630|   	newpkg->installdate = pkg->installdate;
#  631|-> 	STRDUP(newpkg->packager, pkg->packager, goto cleanup);
#  632|   	STRDUP(newpkg->md5sum, pkg->md5sum, goto cleanup);
#  633|   	STRDUP(newpkg->sha256sum, pkg->sha256sum, goto cleanup);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def511]
pacman-v7.0.0/lib/libalpm/package.c:632:9: warning[-Wanalyzer-malloc-leak]: leak of ‘<unknown>’
pacman-v7.0.0/lib/libalpm/package.c:604:11: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/package.c:608:11: branch_false: following ‘false’ branch (when ‘new_ptr’ is non-NULL)...
pacman-v7.0.0/lib/libalpm/package.c:612:12: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/package.c:620:9: branch_false: following ‘false’ branch (when ‘newpkg’ is non-NULL)...
pacman-v7.0.0/lib/libalpm/package.c:622:29: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/package.c:623:9: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/package.c:623:9: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/package.c:624:9: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/package.c:624:9: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/package.c:625:9: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/package.c:625:9: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/package.c:626:9: branch_true: following ‘true’ branch...
pacman-v7.0.0/lib/libalpm/package.c:626:9: branch_true: ...to here
pacman-v7.0.0/lib/libalpm/package.c:626:9: acquire_memory: allocated here
pacman-v7.0.0/lib/libalpm/package.c:626:9: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/package.c:627:9: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/package.c:627:9: branch_true: following ‘true’ branch...
pacman-v7.0.0/lib/libalpm/package.c:627:9: branch_true: ...to here
pacman-v7.0.0/lib/libalpm/package.c:627:9: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/package.c:628:9: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/package.c:628:9: branch_true: following ‘true’ branch...
pacman-v7.0.0/lib/libalpm/package.c:628:9: branch_true: ...to here
pacman-v7.0.0/lib/libalpm/package.c:628:9: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/package.c:629:29: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/package.c:631:9: branch_true: following ‘true’ branch...
pacman-v7.0.0/lib/libalpm/package.c:631:9: branch_true: ...to here
pacman-v7.0.0/lib/libalpm/package.c:631:9: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/package.c:632:9: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/package.c:632:9: branch_true: following ‘true’ branch...
pacman-v7.0.0/lib/libalpm/package.c:632:9: danger: ‘<unknown>’ leaks here; was allocated at [(15)](sarif:/runs/0/results/21/codeFlows/0/threadFlows/0/locations/14)
#  630|   	newpkg->installdate = pkg->installdate;
#  631|   	STRDUP(newpkg->packager, pkg->packager, goto cleanup);
#  632|-> 	STRDUP(newpkg->md5sum, pkg->md5sum, goto cleanup);
#  633|   	STRDUP(newpkg->sha256sum, pkg->sha256sum, goto cleanup);
#  634|   	STRDUP(newpkg->arch, pkg->arch, goto cleanup);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def512]
pacman-v7.0.0/lib/libalpm/package.c:632:9: warning[-Wanalyzer-malloc-leak]: leak of ‘newpkg’
pacman-v7.0.0/lib/libalpm/package.c:604:11: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/package.c:608:11: branch_false: following ‘false’ branch (when ‘new_ptr’ is non-NULL)...
pacman-v7.0.0/lib/libalpm/package.c:612:12: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/package.c:620:9: acquire_memory: allocated here
pacman-v7.0.0/lib/libalpm/package.c:620:9: branch_false: following ‘false’ branch (when ‘newpkg’ is non-NULL)...
pacman-v7.0.0/lib/libalpm/package.c:622:29: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/package.c:623:9: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/package.c:623:9: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/package.c:624:9: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/package.c:624:9: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/package.c:625:9: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/package.c:625:9: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/package.c:626:9: branch_true: following ‘true’ branch...
pacman-v7.0.0/lib/libalpm/package.c:626:9: branch_true: ...to here
pacman-v7.0.0/lib/libalpm/package.c:626:9: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/package.c:627:9: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/package.c:627:9: branch_true: following ‘true’ branch...
pacman-v7.0.0/lib/libalpm/package.c:627:9: branch_true: ...to here
pacman-v7.0.0/lib/libalpm/package.c:627:9: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/package.c:628:9: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/package.c:628:9: branch_true: following ‘true’ branch...
pacman-v7.0.0/lib/libalpm/package.c:628:9: branch_true: ...to here
pacman-v7.0.0/lib/libalpm/package.c:628:9: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/package.c:629:29: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/package.c:631:9: branch_true: following ‘true’ branch...
pacman-v7.0.0/lib/libalpm/package.c:631:9: branch_true: ...to here
pacman-v7.0.0/lib/libalpm/package.c:631:9: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/package.c:632:9: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/package.c:632:9: branch_true: following ‘true’ branch...
pacman-v7.0.0/lib/libalpm/package.c:632:9: danger: ‘newpkg’ leaks here; was allocated at [(5)](sarif:/runs/0/results/20/codeFlows/0/threadFlows/0/locations/4)
#  630|   	newpkg->installdate = pkg->installdate;
#  631|   	STRDUP(newpkg->packager, pkg->packager, goto cleanup);
#  632|-> 	STRDUP(newpkg->md5sum, pkg->md5sum, goto cleanup);
#  633|   	STRDUP(newpkg->sha256sum, pkg->sha256sum, goto cleanup);
#  634|   	STRDUP(newpkg->arch, pkg->arch, goto cleanup);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def513]
pacman-v7.0.0/lib/libalpm/package.c:633:9: warning[-Wanalyzer-malloc-leak]: leak of ‘<unknown>’
pacman-v7.0.0/lib/libalpm/package.c:604:11: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/package.c:608:11: branch_false: following ‘false’ branch (when ‘new_ptr’ is non-NULL)...
pacman-v7.0.0/lib/libalpm/package.c:612:12: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/package.c:620:9: branch_false: following ‘false’ branch (when ‘newpkg’ is non-NULL)...
pacman-v7.0.0/lib/libalpm/package.c:622:29: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/package.c:623:9: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/package.c:623:9: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/package.c:624:9: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/package.c:624:9: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/package.c:625:9: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/package.c:625:9: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/package.c:626:9: branch_true: following ‘true’ branch...
pacman-v7.0.0/lib/libalpm/package.c:626:9: branch_true: ...to here
pacman-v7.0.0/lib/libalpm/package.c:626:9: acquire_memory: allocated here
pacman-v7.0.0/lib/libalpm/package.c:626:9: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/package.c:627:9: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/package.c:627:9: branch_true: following ‘true’ branch...
pacman-v7.0.0/lib/libalpm/package.c:627:9: branch_true: ...to here
pacman-v7.0.0/lib/libalpm/package.c:627:9: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/package.c:628:9: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/package.c:628:9: branch_true: following ‘true’ branch...
pacman-v7.0.0/lib/libalpm/package.c:628:9: branch_true: ...to here
pacman-v7.0.0/lib/libalpm/package.c:628:9: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/package.c:629:29: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/package.c:631:9: branch_true: following ‘true’ branch...
pacman-v7.0.0/lib/libalpm/package.c:631:9: branch_true: ...to here
pacman-v7.0.0/lib/libalpm/package.c:631:9: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/package.c:632:9: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/package.c:632:9: branch_true: following ‘true’ branch...
pacman-v7.0.0/lib/libalpm/package.c:632:9: branch_true: ...to here
pacman-v7.0.0/lib/libalpm/package.c:632:9: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/package.c:633:9: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/package.c:633:9: branch_true: following ‘true’ branch...
pacman-v7.0.0/lib/libalpm/package.c:633:9: danger: ‘<unknown>’ leaks here; was allocated at [(15)](sarif:/runs/0/results/23/codeFlows/0/threadFlows/0/locations/14)
#  631|   	STRDUP(newpkg->packager, pkg->packager, goto cleanup);
#  632|   	STRDUP(newpkg->md5sum, pkg->md5sum, goto cleanup);
#  633|-> 	STRDUP(newpkg->sha256sum, pkg->sha256sum, goto cleanup);
#  634|   	STRDUP(newpkg->arch, pkg->arch, goto cleanup);
#  635|   	newpkg->size = pkg->size;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def514]
pacman-v7.0.0/lib/libalpm/package.c:633:9: warning[-Wanalyzer-malloc-leak]: leak of ‘newpkg’
pacman-v7.0.0/lib/libalpm/package.c:604:11: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/package.c:608:11: branch_false: following ‘false’ branch (when ‘new_ptr’ is non-NULL)...
pacman-v7.0.0/lib/libalpm/package.c:612:12: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/package.c:620:9: acquire_memory: allocated here
pacman-v7.0.0/lib/libalpm/package.c:620:9: branch_false: following ‘false’ branch (when ‘newpkg’ is non-NULL)...
pacman-v7.0.0/lib/libalpm/package.c:622:29: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/package.c:623:9: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/package.c:623:9: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/package.c:624:9: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/package.c:624:9: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/package.c:625:9: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/package.c:625:9: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/package.c:626:9: branch_true: following ‘true’ branch...
pacman-v7.0.0/lib/libalpm/package.c:626:9: branch_true: ...to here
pacman-v7.0.0/lib/libalpm/package.c:626:9: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/package.c:627:9: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/package.c:627:9: branch_true: following ‘true’ branch...
pacman-v7.0.0/lib/libalpm/package.c:627:9: branch_true: ...to here
pacman-v7.0.0/lib/libalpm/package.c:627:9: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/package.c:628:9: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/package.c:628:9: branch_true: following ‘true’ branch...
pacman-v7.0.0/lib/libalpm/package.c:628:9: branch_true: ...to here
pacman-v7.0.0/lib/libalpm/package.c:628:9: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/package.c:629:29: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/package.c:631:9: branch_true: following ‘true’ branch...
pacman-v7.0.0/lib/libalpm/package.c:631:9: branch_true: ...to here
pacman-v7.0.0/lib/libalpm/package.c:631:9: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/package.c:632:9: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/package.c:632:9: branch_true: following ‘true’ branch...
pacman-v7.0.0/lib/libalpm/package.c:632:9: branch_true: ...to here
pacman-v7.0.0/lib/libalpm/package.c:632:9: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/package.c:633:9: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/package.c:633:9: branch_true: following ‘true’ branch...
pacman-v7.0.0/lib/libalpm/package.c:633:9: danger: ‘newpkg’ leaks here; was allocated at [(5)](sarif:/runs/0/results/22/codeFlows/0/threadFlows/0/locations/4)
#  631|   	STRDUP(newpkg->packager, pkg->packager, goto cleanup);
#  632|   	STRDUP(newpkg->md5sum, pkg->md5sum, goto cleanup);
#  633|-> 	STRDUP(newpkg->sha256sum, pkg->sha256sum, goto cleanup);
#  634|   	STRDUP(newpkg->arch, pkg->arch, goto cleanup);
#  635|   	newpkg->size = pkg->size;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def515]
pacman-v7.0.0/lib/libalpm/package.c:634:9: warning[-Wanalyzer-malloc-leak]: leak of ‘<unknown>’
pacman-v7.0.0/lib/libalpm/package.c:604:11: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/package.c:608:11: branch_false: following ‘false’ branch (when ‘new_ptr’ is non-NULL)...
pacman-v7.0.0/lib/libalpm/package.c:612:12: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/package.c:620:9: branch_false: following ‘false’ branch (when ‘newpkg’ is non-NULL)...
pacman-v7.0.0/lib/libalpm/package.c:622:29: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/package.c:623:9: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/package.c:623:9: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/package.c:624:9: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/package.c:624:9: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/package.c:625:9: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/package.c:625:9: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/package.c:626:9: branch_true: following ‘true’ branch...
pacman-v7.0.0/lib/libalpm/package.c:626:9: branch_true: ...to here
pacman-v7.0.0/lib/libalpm/package.c:626:9: acquire_memory: allocated here
pacman-v7.0.0/lib/libalpm/package.c:626:9: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/package.c:627:9: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/package.c:627:9: branch_true: following ‘true’ branch...
pacman-v7.0.0/lib/libalpm/package.c:627:9: branch_true: ...to here
pacman-v7.0.0/lib/libalpm/package.c:627:9: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/package.c:628:9: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/package.c:628:9: branch_true: following ‘true’ branch...
pacman-v7.0.0/lib/libalpm/package.c:628:9: branch_true: ...to here
pacman-v7.0.0/lib/libalpm/package.c:628:9: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/package.c:629:29: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/package.c:631:9: branch_true: following ‘true’ branch...
pacman-v7.0.0/lib/libalpm/package.c:631:9: branch_true: ...to here
pacman-v7.0.0/lib/libalpm/package.c:631:9: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/package.c:632:9: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/package.c:632:9: branch_true: following ‘true’ branch...
pacman-v7.0.0/lib/libalpm/package.c:632:9: branch_true: ...to here
pacman-v7.0.0/lib/libalpm/package.c:632:9: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/package.c:633:9: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/package.c:633:9: branch_true: following ‘true’ branch...
pacman-v7.0.0/lib/libalpm/package.c:633:9: branch_true: ...to here
pacman-v7.0.0/lib/libalpm/package.c:633:9: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/package.c:634:9: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/package.c:634:9: branch_true: following ‘true’ branch...
pacman-v7.0.0/lib/libalpm/package.c:634:9: danger: ‘<unknown>’ leaks here; was allocated at [(15)](sarif:/runs/0/results/25/codeFlows/0/threadFlows/0/locations/14)
#  632|   	STRDUP(newpkg->md5sum, pkg->md5sum, goto cleanup);
#  633|   	STRDUP(newpkg->sha256sum, pkg->sha256sum, goto cleanup);
#  634|-> 	STRDUP(newpkg->arch, pkg->arch, goto cleanup);
#  635|   	newpkg->size = pkg->size;
#  636|   	newpkg->isize = pkg->isize;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def516]
pacman-v7.0.0/lib/libalpm/package.c:634:9: warning[-Wanalyzer-malloc-leak]: leak of ‘newpkg’
pacman-v7.0.0/lib/libalpm/package.c:604:11: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/package.c:608:11: branch_false: following ‘false’ branch (when ‘new_ptr’ is non-NULL)...
pacman-v7.0.0/lib/libalpm/package.c:612:12: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/package.c:620:9: acquire_memory: allocated here
pacman-v7.0.0/lib/libalpm/package.c:620:9: branch_false: following ‘false’ branch (when ‘newpkg’ is non-NULL)...
pacman-v7.0.0/lib/libalpm/package.c:622:29: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/package.c:623:9: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/package.c:623:9: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/package.c:624:9: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/package.c:624:9: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/package.c:625:9: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/package.c:625:9: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/package.c:626:9: branch_true: following ‘true’ branch...
pacman-v7.0.0/lib/libalpm/package.c:626:9: branch_true: ...to here
pacman-v7.0.0/lib/libalpm/package.c:626:9: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/package.c:627:9: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/package.c:627:9: branch_true: following ‘true’ branch...
pacman-v7.0.0/lib/libalpm/package.c:627:9: branch_true: ...to here
pacman-v7.0.0/lib/libalpm/package.c:627:9: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/package.c:628:9: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/package.c:628:9: branch_true: following ‘true’ branch...
pacman-v7.0.0/lib/libalpm/package.c:628:9: branch_true: ...to here
pacman-v7.0.0/lib/libalpm/package.c:628:9: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/package.c:629:29: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/package.c:631:9: branch_true: following ‘true’ branch...
pacman-v7.0.0/lib/libalpm/package.c:631:9: branch_true: ...to here
pacman-v7.0.0/lib/libalpm/package.c:631:9: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/package.c:632:9: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/package.c:632:9: branch_true: following ‘true’ branch...
pacman-v7.0.0/lib/libalpm/package.c:632:9: branch_true: ...to here
pacman-v7.0.0/lib/libalpm/package.c:632:9: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/package.c:633:9: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/package.c:633:9: branch_true: following ‘true’ branch...
pacman-v7.0.0/lib/libalpm/package.c:633:9: branch_true: ...to here
pacman-v7.0.0/lib/libalpm/package.c:633:9: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/package.c:634:9: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/package.c:634:9: branch_true: following ‘true’ branch...
pacman-v7.0.0/lib/libalpm/package.c:634:9: danger: ‘newpkg’ leaks here; was allocated at [(5)](sarif:/runs/0/results/24/codeFlows/0/threadFlows/0/locations/4)
#  632|   	STRDUP(newpkg->md5sum, pkg->md5sum, goto cleanup);
#  633|   	STRDUP(newpkg->sha256sum, pkg->sha256sum, goto cleanup);
#  634|-> 	STRDUP(newpkg->arch, pkg->arch, goto cleanup);
#  635|   	newpkg->size = pkg->size;
#  636|   	newpkg->isize = pkg->isize;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def517]
pacman-v7.0.0/lib/libalpm/package.c:641:30: warning[-Wanalyzer-malloc-leak]: leak of ‘<unknown>’
pacman-v7.0.0/lib/libalpm/package.c:604:11: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/package.c:608:11: branch_false: following ‘false’ branch (when ‘new_ptr’ is non-NULL)...
pacman-v7.0.0/lib/libalpm/package.c:612:12: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/package.c:620:9: branch_false: following ‘false’ branch (when ‘newpkg’ is non-NULL)...
pacman-v7.0.0/lib/libalpm/package.c:622:29: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/package.c:623:9: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/package.c:623:9: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/package.c:624:9: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/package.c:624:9: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/package.c:625:9: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/package.c:625:9: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/package.c:626:9: branch_true: following ‘true’ branch...
pacman-v7.0.0/lib/libalpm/package.c:626:9: branch_true: ...to here
pacman-v7.0.0/lib/libalpm/package.c:626:9: acquire_memory: allocated here
pacman-v7.0.0/lib/libalpm/package.c:626:9: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/package.c:627:9: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/package.c:627:9: branch_true: following ‘true’ branch...
pacman-v7.0.0/lib/libalpm/package.c:627:9: branch_true: ...to here
pacman-v7.0.0/lib/libalpm/package.c:627:9: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/package.c:628:9: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/package.c:628:9: branch_true: following ‘true’ branch...
pacman-v7.0.0/lib/libalpm/package.c:628:9: branch_true: ...to here
pacman-v7.0.0/lib/libalpm/package.c:628:9: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/package.c:629:29: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/package.c:631:9: branch_true: following ‘true’ branch...
pacman-v7.0.0/lib/libalpm/package.c:631:9: branch_true: ...to here
pacman-v7.0.0/lib/libalpm/package.c:631:9: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/package.c:632:9: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/package.c:632:9: branch_true: following ‘true’ branch...
pacman-v7.0.0/lib/libalpm/package.c:632:9: branch_true: ...to here
pacman-v7.0.0/lib/libalpm/package.c:632:9: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/package.c:633:9: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/package.c:633:9: branch_true: following ‘true’ branch...
pacman-v7.0.0/lib/libalpm/package.c:633:9: branch_true: ...to here
pacman-v7.0.0/lib/libalpm/package.c:633:9: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/package.c:634:9: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/package.c:634:9: branch_true: following ‘true’ branch...
pacman-v7.0.0/lib/libalpm/package.c:634:9: branch_true: ...to here
pacman-v7.0.0/lib/libalpm/package.c:634:9: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/package.c:635:24: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/package.c:641:30: danger: ‘<unknown>’ leaks here; was allocated at [(15)](sarif:/runs/0/results/26/codeFlows/0/threadFlows/0/locations/14)
#  639|   	newpkg->validation = pkg->validation;
#  640|   
#  641|-> 	newpkg->licenses   = alpm_list_strdup(pkg->licenses);
#  642|   	newpkg->replaces   = list_depdup(pkg->replaces);
#  643|   	newpkg->groups     = alpm_list_strdup(pkg->groups);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def518]
pacman-v7.0.0/lib/libalpm/package.c:641:30: warning[-Wanalyzer-malloc-leak]: leak of ‘newpkg’
pacman-v7.0.0/lib/libalpm/package.c:604:11: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/package.c:608:11: branch_false: following ‘false’ branch (when ‘new_ptr’ is non-NULL)...
pacman-v7.0.0/lib/libalpm/package.c:612:12: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/package.c:620:9: acquire_memory: allocated here
pacman-v7.0.0/lib/libalpm/package.c:620:9: branch_false: following ‘false’ branch (when ‘newpkg’ is non-NULL)...
pacman-v7.0.0/lib/libalpm/package.c:622:29: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/package.c:623:9: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/package.c:623:9: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/package.c:624:9: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/package.c:624:9: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/package.c:625:9: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/package.c:625:9: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/package.c:626:9: branch_true: following ‘true’ branch...
pacman-v7.0.0/lib/libalpm/package.c:626:9: branch_true: ...to here
pacman-v7.0.0/lib/libalpm/package.c:626:9: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/package.c:627:9: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/package.c:627:9: branch_true: following ‘true’ branch...
pacman-v7.0.0/lib/libalpm/package.c:627:9: branch_true: ...to here
pacman-v7.0.0/lib/libalpm/package.c:627:9: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/package.c:628:9: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/package.c:628:9: branch_true: following ‘true’ branch...
pacman-v7.0.0/lib/libalpm/package.c:628:9: branch_true: ...to here
pacman-v7.0.0/lib/libalpm/package.c:628:9: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/package.c:629:29: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/package.c:631:9: branch_true: following ‘true’ branch...
pacman-v7.0.0/lib/libalpm/package.c:631:9: branch_true: ...to here
pacman-v7.0.0/lib/libalpm/package.c:631:9: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/package.c:632:9: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/package.c:632:9: branch_true: following ‘true’ branch...
pacman-v7.0.0/lib/libalpm/package.c:632:9: branch_true: ...to here
pacman-v7.0.0/lib/libalpm/package.c:632:9: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/package.c:633:9: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/package.c:633:9: branch_true: following ‘true’ branch...
pacman-v7.0.0/lib/libalpm/package.c:633:9: branch_true: ...to here
pacman-v7.0.0/lib/libalpm/package.c:633:9: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/package.c:634:9: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/package.c:634:9: branch_true: following ‘true’ branch...
pacman-v7.0.0/lib/libalpm/package.c:634:9: branch_true: ...to here
pacman-v7.0.0/lib/libalpm/package.c:634:9: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/package.c:635:24: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/package.c:641:30: danger: ‘newpkg’ leaks here; was allocated at [(5)](sarif:/runs/0/results/27/codeFlows/0/threadFlows/0/locations/4)
#  639|   	newpkg->validation = pkg->validation;
#  640|   
#  641|-> 	newpkg->licenses   = alpm_list_strdup(pkg->licenses);
#  642|   	newpkg->replaces   = list_depdup(pkg->replaces);
#  643|   	newpkg->groups     = alpm_list_strdup(pkg->groups);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def519]
pacman-v7.0.0/lib/libalpm/package.c:643:30: warning[-Wanalyzer-malloc-leak]: leak of ‘<unknown>’
pacman-v7.0.0/lib/libalpm/package.c:598:5: enter_function: entry to ‘_alpm_pkg_dup’
pacman-v7.0.0/lib/libalpm/package.c:604:11: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/package.c:608:11: branch_false: following ‘false’ branch (when ‘new_ptr’ is non-NULL)...
pacman-v7.0.0/lib/libalpm/package.c:612:12: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/package.c:620:9: branch_false: following ‘false’ branch (when ‘newpkg’ is non-NULL)...
pacman-v7.0.0/lib/libalpm/package.c:622:29: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/package.c:623:9: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/package.c:623:9: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/package.c:624:9: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/package.c:624:9: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/package.c:625:9: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/package.c:625:9: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/package.c:626:9: branch_true: following ‘true’ branch...
pacman-v7.0.0/lib/libalpm/package.c:626:9: branch_true: ...to here
pacman-v7.0.0/lib/libalpm/package.c:626:9: acquire_memory: allocated here
pacman-v7.0.0/lib/libalpm/package.c:626:9: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/package.c:627:9: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/package.c:627:9: branch_true: following ‘true’ branch...
pacman-v7.0.0/lib/libalpm/package.c:627:9: branch_true: ...to here
pacman-v7.0.0/lib/libalpm/package.c:627:9: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/package.c:628:9: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/package.c:628:9: branch_true: following ‘true’ branch...
pacman-v7.0.0/lib/libalpm/package.c:628:9: branch_true: ...to here
pacman-v7.0.0/lib/libalpm/package.c:628:9: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/package.c:629:29: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/package.c:631:9: branch_true: following ‘true’ branch...
pacman-v7.0.0/lib/libalpm/package.c:631:9: branch_true: ...to here
pacman-v7.0.0/lib/libalpm/package.c:631:9: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/package.c:632:9: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/package.c:632:9: branch_true: following ‘true’ branch...
pacman-v7.0.0/lib/libalpm/package.c:632:9: branch_true: ...to here
pacman-v7.0.0/lib/libalpm/package.c:632:9: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/package.c:633:9: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/package.c:633:9: branch_true: following ‘true’ branch...
pacman-v7.0.0/lib/libalpm/package.c:633:9: branch_true: ...to here
pacman-v7.0.0/lib/libalpm/package.c:633:9: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/package.c:634:9: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/package.c:634:9: branch_true: following ‘true’ branch...
pacman-v7.0.0/lib/libalpm/package.c:634:9: branch_true: ...to here
pacman-v7.0.0/lib/libalpm/package.c:634:9: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/package.c:635:24: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/package.c:642:30: call_function: calling ‘list_depdup’ from ‘_alpm_pkg_dup’
pacman-v7.0.0/lib/libalpm/package.c:642:30: return_function: returning to ‘_alpm_pkg_dup’ from ‘list_depdup’
pacman-v7.0.0/lib/libalpm/package.c:643:30: danger: ‘<unknown>’ leaks here; was allocated at [(16)](sarif:/runs/0/results/29/codeFlows/0/threadFlows/0/locations/15)
#  641|   	newpkg->licenses   = alpm_list_strdup(pkg->licenses);
#  642|   	newpkg->replaces   = list_depdup(pkg->replaces);
#  643|-> 	newpkg->groups     = alpm_list_strdup(pkg->groups);
#  644|   	for(i = pkg->backup; i; i = i->next) {
#  645|   		newpkg->backup = alpm_list_add(newpkg->backup, _alpm_backup_dup(i->data));

Error: GCC_ANALYZER_WARNING (CWE-401): [#def520]
pacman-v7.0.0/lib/libalpm/package.c:643:30: warning[-Wanalyzer-malloc-leak]: leak of ‘newpkg’
pacman-v7.0.0/lib/libalpm/package.c:598:5: enter_function: entry to ‘_alpm_pkg_dup’
pacman-v7.0.0/lib/libalpm/package.c:604:11: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/package.c:608:11: branch_false: following ‘false’ branch (when ‘new_ptr’ is non-NULL)...
pacman-v7.0.0/lib/libalpm/package.c:612:12: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/package.c:620:9: acquire_memory: allocated here
pacman-v7.0.0/lib/libalpm/package.c:620:9: branch_false: following ‘false’ branch (when ‘newpkg’ is non-NULL)...
pacman-v7.0.0/lib/libalpm/package.c:622:29: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/package.c:623:9: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/package.c:623:9: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/package.c:624:9: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/package.c:624:9: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/package.c:625:9: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/package.c:625:9: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/package.c:626:9: branch_true: following ‘true’ branch...
pacman-v7.0.0/lib/libalpm/package.c:626:9: branch_true: ...to here
pacman-v7.0.0/lib/libalpm/package.c:626:9: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/package.c:627:9: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/package.c:627:9: branch_true: following ‘true’ branch...
pacman-v7.0.0/lib/libalpm/package.c:627:9: branch_true: ...to here
pacman-v7.0.0/lib/libalpm/package.c:627:9: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/package.c:628:9: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/package.c:628:9: branch_true: following ‘true’ branch...
pacman-v7.0.0/lib/libalpm/package.c:628:9: branch_true: ...to here
pacman-v7.0.0/lib/libalpm/package.c:628:9: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/package.c:629:29: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/package.c:631:9: branch_true: following ‘true’ branch...
pacman-v7.0.0/lib/libalpm/package.c:631:9: branch_true: ...to here
pacman-v7.0.0/lib/libalpm/package.c:631:9: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/package.c:632:9: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/package.c:632:9: branch_true: following ‘true’ branch...
pacman-v7.0.0/lib/libalpm/package.c:632:9: branch_true: ...to here
pacman-v7.0.0/lib/libalpm/package.c:632:9: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/package.c:633:9: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/package.c:633:9: branch_true: following ‘true’ branch...
pacman-v7.0.0/lib/libalpm/package.c:633:9: branch_true: ...to here
pacman-v7.0.0/lib/libalpm/package.c:633:9: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/package.c:634:9: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/package.c:634:9: branch_true: following ‘true’ branch...
pacman-v7.0.0/lib/libalpm/package.c:634:9: branch_true: ...to here
pacman-v7.0.0/lib/libalpm/package.c:634:9: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/package.c:635:24: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/package.c:642:30: call_function: calling ‘list_depdup’ from ‘_alpm_pkg_dup’
pacman-v7.0.0/lib/libalpm/package.c:642:30: return_function: returning to ‘_alpm_pkg_dup’ from ‘list_depdup’
pacman-v7.0.0/lib/libalpm/package.c:643:30: danger: ‘newpkg’ leaks here; was allocated at [(6)](sarif:/runs/0/results/28/codeFlows/0/threadFlows/0/locations/5)
#  641|   	newpkg->licenses   = alpm_list_strdup(pkg->licenses);
#  642|   	newpkg->replaces   = list_depdup(pkg->replaces);
#  643|-> 	newpkg->groups     = alpm_list_strdup(pkg->groups);
#  644|   	for(i = pkg->backup; i; i = i->next) {
#  645|   		newpkg->backup = alpm_list_add(newpkg->backup, _alpm_backup_dup(i->data));

Error: GCC_ANALYZER_WARNING (CWE-401): [#def521]
pacman-v7.0.0/lib/libalpm/package.c:645:34: warning[-Wanalyzer-malloc-leak]: leak of ‘<unknown>’
pacman-v7.0.0/lib/libalpm/package.c:598:5: enter_function: entry to ‘_alpm_pkg_dup’
pacman-v7.0.0/lib/libalpm/package.c:604:11: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/package.c:608:11: branch_false: following ‘false’ branch (when ‘new_ptr’ is non-NULL)...
pacman-v7.0.0/lib/libalpm/package.c:612:12: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/package.c:620:9: branch_false: following ‘false’ branch (when ‘newpkg’ is non-NULL)...
pacman-v7.0.0/lib/libalpm/package.c:622:29: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/package.c:623:9: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/package.c:623:9: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/package.c:624:9: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/package.c:624:9: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/package.c:625:9: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/package.c:625:9: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/package.c:626:9: branch_true: following ‘true’ branch...
pacman-v7.0.0/lib/libalpm/package.c:626:9: branch_true: ...to here
pacman-v7.0.0/lib/libalpm/package.c:626:9: acquire_memory: allocated here
pacman-v7.0.0/lib/libalpm/package.c:626:9: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/package.c:627:9: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/package.c:627:9: branch_true: following ‘true’ branch...
pacman-v7.0.0/lib/libalpm/package.c:627:9: branch_true: ...to here
pacman-v7.0.0/lib/libalpm/package.c:627:9: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/package.c:628:9: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/package.c:628:9: branch_true: following ‘true’ branch...
pacman-v7.0.0/lib/libalpm/package.c:628:9: branch_true: ...to here
pacman-v7.0.0/lib/libalpm/package.c:628:9: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/package.c:629:29: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/package.c:631:9: branch_true: following ‘true’ branch...
pacman-v7.0.0/lib/libalpm/package.c:631:9: branch_true: ...to here
pacman-v7.0.0/lib/libalpm/package.c:631:9: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/package.c:632:9: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/package.c:632:9: branch_true: following ‘true’ branch...
pacman-v7.0.0/lib/libalpm/package.c:632:9: branch_true: ...to here
pacman-v7.0.0/lib/libalpm/package.c:632:9: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/package.c:633:9: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/package.c:633:9: branch_true: following ‘true’ branch...
pacman-v7.0.0/lib/libalpm/package.c:633:9: branch_true: ...to here
pacman-v7.0.0/lib/libalpm/package.c:633:9: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/package.c:634:9: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/package.c:634:9: branch_true: following ‘true’ branch...
pacman-v7.0.0/lib/libalpm/package.c:634:9: branch_true: ...to here
pacman-v7.0.0/lib/libalpm/package.c:634:9: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/package.c:635:24: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/package.c:642:30: call_function: calling ‘list_depdup’ from ‘_alpm_pkg_dup’
pacman-v7.0.0/lib/libalpm/package.c:642:30: return_function: returning to ‘_alpm_pkg_dup’ from ‘list_depdup’
pacman-v7.0.0/lib/libalpm/package.c:644:30: branch_true: following ‘true’ branch (when ‘i’ is non-NULL)...
pacman-v7.0.0/lib/libalpm/package.c:645:81: branch_true: ...to here
pacman-v7.0.0/lib/libalpm/package.c:645:34: danger: ‘<unknown>’ leaks here; was allocated at [(16)](sarif:/runs/0/results/31/codeFlows/0/threadFlows/0/locations/15)
#  643|   	newpkg->groups     = alpm_list_strdup(pkg->groups);
#  644|   	for(i = pkg->backup; i; i = i->next) {
#  645|-> 		newpkg->backup = alpm_list_add(newpkg->backup, _alpm_backup_dup(i->data));
#  646|   	}
#  647|   	newpkg->depends    = list_depdup(pkg->depends);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def522]
pacman-v7.0.0/lib/libalpm/package.c:645:34: warning[-Wanalyzer-malloc-leak]: leak of ‘newpkg’
pacman-v7.0.0/lib/libalpm/package.c:598:5: enter_function: entry to ‘_alpm_pkg_dup’
pacman-v7.0.0/lib/libalpm/package.c:604:11: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/package.c:608:11: branch_false: following ‘false’ branch (when ‘new_ptr’ is non-NULL)...
pacman-v7.0.0/lib/libalpm/package.c:612:12: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/package.c:620:9: acquire_memory: allocated here
pacman-v7.0.0/lib/libalpm/package.c:620:9: branch_false: following ‘false’ branch (when ‘newpkg’ is non-NULL)...
pacman-v7.0.0/lib/libalpm/package.c:622:29: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/package.c:623:9: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/package.c:623:9: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/package.c:624:9: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/package.c:624:9: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/package.c:625:9: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/package.c:625:9: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/package.c:626:9: branch_true: following ‘true’ branch...
pacman-v7.0.0/lib/libalpm/package.c:626:9: branch_true: ...to here
pacman-v7.0.0/lib/libalpm/package.c:626:9: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/package.c:627:9: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/package.c:627:9: branch_true: following ‘true’ branch...
pacman-v7.0.0/lib/libalpm/package.c:627:9: branch_true: ...to here
pacman-v7.0.0/lib/libalpm/package.c:627:9: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/package.c:628:9: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/package.c:628:9: branch_true: following ‘true’ branch...
pacman-v7.0.0/lib/libalpm/package.c:628:9: branch_true: ...to here
pacman-v7.0.0/lib/libalpm/package.c:628:9: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/package.c:629:29: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/package.c:631:9: branch_true: following ‘true’ branch...
pacman-v7.0.0/lib/libalpm/package.c:631:9: branch_true: ...to here
pacman-v7.0.0/lib/libalpm/package.c:631:9: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/package.c:632:9: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/package.c:632:9: branch_true: following ‘true’ branch...
pacman-v7.0.0/lib/libalpm/package.c:632:9: branch_true: ...to here
pacman-v7.0.0/lib/libalpm/package.c:632:9: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/package.c:633:9: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/package.c:633:9: branch_true: following ‘true’ branch...
pacman-v7.0.0/lib/libalpm/package.c:633:9: branch_true: ...to here
pacman-v7.0.0/lib/libalpm/package.c:633:9: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/package.c:634:9: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/package.c:634:9: branch_true: following ‘true’ branch...
pacman-v7.0.0/lib/libalpm/package.c:634:9: branch_true: ...to here
pacman-v7.0.0/lib/libalpm/package.c:634:9: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/package.c:635:24: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/package.c:642:30: call_function: calling ‘list_depdup’ from ‘_alpm_pkg_dup’
pacman-v7.0.0/lib/libalpm/package.c:642:30: return_function: returning to ‘_alpm_pkg_dup’ from ‘list_depdup’
pacman-v7.0.0/lib/libalpm/package.c:644:30: branch_true: following ‘true’ branch (when ‘i’ is non-NULL)...
pacman-v7.0.0/lib/libalpm/package.c:645:81: branch_true: ...to here
pacman-v7.0.0/lib/libalpm/package.c:645:34: danger: ‘newpkg’ leaks here; was allocated at [(6)](sarif:/runs/0/results/30/codeFlows/0/threadFlows/0/locations/5)
#  643|   	newpkg->groups     = alpm_list_strdup(pkg->groups);
#  644|   	for(i = pkg->backup; i; i = i->next) {
#  645|-> 		newpkg->backup = alpm_list_add(newpkg->backup, _alpm_backup_dup(i->data));
#  646|   	}
#  647|   	newpkg->depends    = list_depdup(pkg->depends);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def523]
pacman-v7.0.0/lib/libalpm/package.c:645:64: warning[-Wanalyzer-malloc-leak]: leak of ‘<unknown>’
pacman-v7.0.0/lib/libalpm/package.c:598:5: enter_function: entry to ‘_alpm_pkg_dup’
pacman-v7.0.0/lib/libalpm/package.c:604:11: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/package.c:608:11: branch_false: following ‘false’ branch (when ‘new_ptr’ is non-NULL)...
pacman-v7.0.0/lib/libalpm/package.c:612:12: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/package.c:620:9: branch_false: following ‘false’ branch (when ‘newpkg’ is non-NULL)...
pacman-v7.0.0/lib/libalpm/package.c:622:29: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/package.c:623:9: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/package.c:623:9: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/package.c:624:9: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/package.c:624:9: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/package.c:625:9: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/package.c:625:9: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/package.c:626:9: branch_true: following ‘true’ branch...
pacman-v7.0.0/lib/libalpm/package.c:626:9: branch_true: ...to here
pacman-v7.0.0/lib/libalpm/package.c:626:9: acquire_memory: allocated here
pacman-v7.0.0/lib/libalpm/package.c:626:9: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/package.c:627:9: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/package.c:627:9: branch_true: following ‘true’ branch...
pacman-v7.0.0/lib/libalpm/package.c:627:9: branch_true: ...to here
pacman-v7.0.0/lib/libalpm/package.c:627:9: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/package.c:628:9: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/package.c:628:9: branch_true: following ‘true’ branch...
pacman-v7.0.0/lib/libalpm/package.c:628:9: branch_true: ...to here
pacman-v7.0.0/lib/libalpm/package.c:628:9: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/package.c:629:29: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/package.c:631:9: branch_true: following ‘true’ branch...
pacman-v7.0.0/lib/libalpm/package.c:631:9: branch_true: ...to here
pacman-v7.0.0/lib/libalpm/package.c:631:9: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/package.c:632:9: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/package.c:632:9: branch_true: following ‘true’ branch...
pacman-v7.0.0/lib/libalpm/package.c:632:9: branch_true: ...to here
pacman-v7.0.0/lib/libalpm/package.c:632:9: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/package.c:633:9: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/package.c:633:9: branch_true: following ‘true’ branch...
pacman-v7.0.0/lib/libalpm/package.c:633:9: branch_true: ...to here
pacman-v7.0.0/lib/libalpm/package.c:633:9: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/package.c:634:9: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/package.c:634:9: branch_true: following ‘true’ branch...
pacman-v7.0.0/lib/libalpm/package.c:634:9: branch_true: ...to here
pacman-v7.0.0/lib/libalpm/package.c:634:9: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/package.c:635:24: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/package.c:642:30: call_function: calling ‘list_depdup’ from ‘_alpm_pkg_dup’
pacman-v7.0.0/lib/libalpm/package.c:642:30: return_function: returning to ‘_alpm_pkg_dup’ from ‘list_depdup’
pacman-v7.0.0/lib/libalpm/package.c:644:30: branch_true: following ‘true’ branch (when ‘i’ is non-NULL)...
pacman-v7.0.0/lib/libalpm/package.c:645:81: branch_true: ...to here
pacman-v7.0.0/lib/libalpm/package.c:645:64: danger: ‘<unknown>’ leaks here; was allocated at [(16)](sarif:/runs/0/results/33/codeFlows/0/threadFlows/0/locations/15)
#  643|   	newpkg->groups     = alpm_list_strdup(pkg->groups);
#  644|   	for(i = pkg->backup; i; i = i->next) {
#  645|-> 		newpkg->backup = alpm_list_add(newpkg->backup, _alpm_backup_dup(i->data));
#  646|   	}
#  647|   	newpkg->depends    = list_depdup(pkg->depends);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def524]
pacman-v7.0.0/lib/libalpm/package.c:645:64: warning[-Wanalyzer-malloc-leak]: leak of ‘newpkg’
pacman-v7.0.0/lib/libalpm/package.c:598:5: enter_function: entry to ‘_alpm_pkg_dup’
pacman-v7.0.0/lib/libalpm/package.c:604:11: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/package.c:608:11: branch_false: following ‘false’ branch (when ‘new_ptr’ is non-NULL)...
pacman-v7.0.0/lib/libalpm/package.c:612:12: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/package.c:620:9: acquire_memory: allocated here
pacman-v7.0.0/lib/libalpm/package.c:620:9: branch_false: following ‘false’ branch (when ‘newpkg’ is non-NULL)...
pacman-v7.0.0/lib/libalpm/package.c:622:29: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/package.c:623:9: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/package.c:623:9: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/package.c:624:9: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/package.c:624:9: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/package.c:625:9: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/package.c:625:9: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/package.c:626:9: branch_true: following ‘true’ branch...
pacman-v7.0.0/lib/libalpm/package.c:626:9: branch_true: ...to here
pacman-v7.0.0/lib/libalpm/package.c:626:9: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/package.c:627:9: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/package.c:627:9: branch_true: following ‘true’ branch...
pacman-v7.0.0/lib/libalpm/package.c:627:9: branch_true: ...to here
pacman-v7.0.0/lib/libalpm/package.c:627:9: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/package.c:628:9: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/package.c:628:9: branch_true: following ‘true’ branch...
pacman-v7.0.0/lib/libalpm/package.c:628:9: branch_true: ...to here
pacman-v7.0.0/lib/libalpm/package.c:628:9: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/package.c:629:29: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/package.c:631:9: branch_true: following ‘true’ branch...
pacman-v7.0.0/lib/libalpm/package.c:631:9: branch_true: ...to here
pacman-v7.0.0/lib/libalpm/package.c:631:9: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/package.c:632:9: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/package.c:632:9: branch_true: following ‘true’ branch...
pacman-v7.0.0/lib/libalpm/package.c:632:9: branch_true: ...to here
pacman-v7.0.0/lib/libalpm/package.c:632:9: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/package.c:633:9: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/package.c:633:9: branch_true: following ‘true’ branch...
pacman-v7.0.0/lib/libalpm/package.c:633:9: branch_true: ...to here
pacman-v7.0.0/lib/libalpm/package.c:633:9: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/package.c:634:9: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/package.c:634:9: branch_true: following ‘true’ branch...
pacman-v7.0.0/lib/libalpm/package.c:634:9: branch_true: ...to here
pacman-v7.0.0/lib/libalpm/package.c:634:9: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/package.c:635:24: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/package.c:642:30: call_function: calling ‘list_depdup’ from ‘_alpm_pkg_dup’
pacman-v7.0.0/lib/libalpm/package.c:642:30: return_function: returning to ‘_alpm_pkg_dup’ from ‘list_depdup’
pacman-v7.0.0/lib/libalpm/package.c:644:30: branch_true: following ‘true’ branch (when ‘i’ is non-NULL)...
pacman-v7.0.0/lib/libalpm/package.c:645:81: branch_true: ...to here
pacman-v7.0.0/lib/libalpm/package.c:645:64: danger: ‘newpkg’ leaks here; was allocated at [(6)](sarif:/runs/0/results/32/codeFlows/0/threadFlows/0/locations/5)
#  643|   	newpkg->groups     = alpm_list_strdup(pkg->groups);
#  644|   	for(i = pkg->backup; i; i = i->next) {
#  645|-> 		newpkg->backup = alpm_list_add(newpkg->backup, _alpm_backup_dup(i->data));
#  646|   	}
#  647|   	newpkg->depends    = list_depdup(pkg->depends);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def525]
pacman-v7.0.0/lib/libalpm/package.c:655:17: warning[-Wanalyzer-malloc-leak]: leak of ‘<unknown>’
pacman-v7.0.0/lib/libalpm/package.c:598:5: enter_function: entry to ‘_alpm_pkg_dup’
pacman-v7.0.0/lib/libalpm/package.c:604:11: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/package.c:608:11: branch_false: following ‘false’ branch (when ‘new_ptr’ is non-NULL)...
pacman-v7.0.0/lib/libalpm/package.c:612:12: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/package.c:620:9: branch_false: following ‘false’ branch (when ‘newpkg’ is non-NULL)...
pacman-v7.0.0/lib/libalpm/package.c:622:29: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/package.c:623:9: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/package.c:623:9: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/package.c:624:9: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/package.c:624:9: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/package.c:625:9: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/package.c:625:9: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/package.c:626:9: branch_true: following ‘true’ branch...
pacman-v7.0.0/lib/libalpm/package.c:626:9: branch_true: ...to here
pacman-v7.0.0/lib/libalpm/package.c:626:9: acquire_memory: allocated here
pacman-v7.0.0/lib/libalpm/package.c:626:9: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/package.c:627:9: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/package.c:627:9: branch_true: following ‘true’ branch...
pacman-v7.0.0/lib/libalpm/package.c:627:9: branch_true: ...to here
pacman-v7.0.0/lib/libalpm/package.c:627:9: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/package.c:628:9: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/package.c:628:9: branch_true: following ‘true’ branch...
pacman-v7.0.0/lib/libalpm/package.c:628:9: branch_true: ...to here
pacman-v7.0.0/lib/libalpm/package.c:628:9: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/package.c:629:29: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/package.c:631:9: branch_true: following ‘true’ branch...
pacman-v7.0.0/lib/libalpm/package.c:631:9: branch_true: ...to here
pacman-v7.0.0/lib/libalpm/package.c:631:9: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/package.c:632:9: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/package.c:632:9: branch_true: following ‘true’ branch...
pacman-v7.0.0/lib/libalpm/package.c:632:9: branch_true: ...to here
pacman-v7.0.0/lib/libalpm/package.c:632:9: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/package.c:633:9: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/package.c:633:9: branch_true: following ‘true’ branch...
pacman-v7.0.0/lib/libalpm/package.c:633:9: branch_true: ...to here
pacman-v7.0.0/lib/libalpm/package.c:633:9: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/package.c:634:9: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/package.c:634:9: branch_true: following ‘true’ branch...
pacman-v7.0.0/lib/libalpm/package.c:634:9: branch_true: ...to here
pacman-v7.0.0/lib/libalpm/package.c:634:9: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/package.c:635:24: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/package.c:642:30: call_function: calling ‘list_depdup’ from ‘_alpm_pkg_dup’
pacman-v7.0.0/lib/libalpm/package.c:642:30: return_function: returning to ‘_alpm_pkg_dup’ from ‘list_depdup’
pacman-v7.0.0/lib/libalpm/package.c:644:30: branch_false: following ‘false’ branch (when ‘i’ is NULL)...
pacman-v7.0.0/lib/libalpm/package.c:647:30: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/package.c:647:30: call_function: calling ‘list_depdup’ from ‘_alpm_pkg_dup’
pacman-v7.0.0/lib/libalpm/package.c:647:30: return_function: returning to ‘_alpm_pkg_dup’ from ‘list_depdup’
pacman-v7.0.0/lib/libalpm/package.c:648:30: call_function: calling ‘list_depdup’ from ‘_alpm_pkg_dup’
pacman-v7.0.0/lib/libalpm/package.c:648:30: return_function: returning to ‘_alpm_pkg_dup’ from ‘list_depdup’
pacman-v7.0.0/lib/libalpm/package.c:649:30: call_function: calling ‘list_depdup’ from ‘_alpm_pkg_dup’
pacman-v7.0.0/lib/libalpm/package.c:649:30: return_function: returning to ‘_alpm_pkg_dup’ from ‘list_depdup’
pacman-v7.0.0/lib/libalpm/package.c:650:30: call_function: calling ‘list_depdup’ from ‘_alpm_pkg_dup’
pacman-v7.0.0/lib/libalpm/package.c:650:30: return_function: returning to ‘_alpm_pkg_dup’ from ‘list_depdup’
pacman-v7.0.0/lib/libalpm/package.c:652:11: branch_true: following ‘true’ branch...
pacman-v7.0.0/lib/libalpm/package.c:654:24: branch_true: ...to here
pacman-v7.0.0/lib/libalpm/package.c:655:17: branch_true: following ‘true’ branch...
pacman-v7.0.0/lib/libalpm/package.c:655:17: branch_true: ...to here
pacman-v7.0.0/lib/libalpm/package.c:655:17: danger: ‘<unknown>’ leaks here; was allocated at [(16)](sarif:/runs/0/results/35/codeFlows/0/threadFlows/0/locations/15)
#  653|   		size_t filenum;
#  654|   		size_t len = sizeof(alpm_file_t) * pkg->files.count;
#  655|-> 		MALLOC(newpkg->files.files, len, goto cleanup);
#  656|   		for(filenum = 0; filenum < pkg->files.count; filenum++) {
#  657|   			if(!_alpm_file_copy(newpkg->files.files + filenum,

Error: GCC_ANALYZER_WARNING (CWE-401): [#def526]
pacman-v7.0.0/lib/libalpm/package.c:655:17: warning[-Wanalyzer-malloc-leak]: leak of ‘newpkg’
pacman-v7.0.0/lib/libalpm/package.c:598:5: enter_function: entry to ‘_alpm_pkg_dup’
pacman-v7.0.0/lib/libalpm/package.c:604:11: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/package.c:608:11: branch_false: following ‘false’ branch (when ‘new_ptr’ is non-NULL)...
pacman-v7.0.0/lib/libalpm/package.c:612:12: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/package.c:620:9: acquire_memory: allocated here
pacman-v7.0.0/lib/libalpm/package.c:620:9: branch_false: following ‘false’ branch (when ‘newpkg’ is non-NULL)...
pacman-v7.0.0/lib/libalpm/package.c:622:29: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/package.c:623:9: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/package.c:623:9: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/package.c:624:9: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/package.c:624:9: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/package.c:625:9: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/package.c:625:9: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/package.c:626:9: branch_true: following ‘true’ branch...
pacman-v7.0.0/lib/libalpm/package.c:626:9: branch_true: ...to here
pacman-v7.0.0/lib/libalpm/package.c:626:9: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/package.c:627:9: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/package.c:627:9: branch_true: following ‘true’ branch...
pacman-v7.0.0/lib/libalpm/package.c:627:9: branch_true: ...to here
pacman-v7.0.0/lib/libalpm/package.c:627:9: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/package.c:628:9: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/package.c:628:9: branch_true: following ‘true’ branch...
pacman-v7.0.0/lib/libalpm/package.c:628:9: branch_true: ...to here
pacman-v7.0.0/lib/libalpm/package.c:628:9: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/package.c:629:29: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/package.c:631:9: branch_true: following ‘true’ branch...
pacman-v7.0.0/lib/libalpm/package.c:631:9: branch_true: ...to here
pacman-v7.0.0/lib/libalpm/package.c:631:9: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/package.c:632:9: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/package.c:632:9: branch_true: following ‘true’ branch...
pacman-v7.0.0/lib/libalpm/package.c:632:9: branch_true: ...to here
pacman-v7.0.0/lib/libalpm/package.c:632:9: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/package.c:633:9: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/package.c:633:9: branch_true: following ‘true’ branch...
pacman-v7.0.0/lib/libalpm/package.c:633:9: branch_true: ...to here
pacman-v7.0.0/lib/libalpm/package.c:633:9: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/package.c:634:9: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/package.c:634:9: branch_true: following ‘true’ branch...
pacman-v7.0.0/lib/libalpm/package.c:634:9: branch_true: ...to here
pacman-v7.0.0/lib/libalpm/package.c:634:9: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/package.c:635:24: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/package.c:642:30: call_function: calling ‘list_depdup’ from ‘_alpm_pkg_dup’
pacman-v7.0.0/lib/libalpm/package.c:642:30: return_function: returning to ‘_alpm_pkg_dup’ from ‘list_depdup’
pacman-v7.0.0/lib/libalpm/package.c:644:30: branch_false: following ‘false’ branch (when ‘i’ is NULL)...
pacman-v7.0.0/lib/libalpm/package.c:647:30: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/package.c:647:30: call_function: calling ‘list_depdup’ from ‘_alpm_pkg_dup’
pacman-v7.0.0/lib/libalpm/package.c:647:30: return_function: returning to ‘_alpm_pkg_dup’ from ‘list_depdup’
pacman-v7.0.0/lib/libalpm/package.c:648:30: call_function: calling ‘list_depdup’ from ‘_alpm_pkg_dup’
pacman-v7.0.0/lib/libalpm/package.c:648:30: return_function: returning to ‘_alpm_pkg_dup’ from ‘list_depdup’
pacman-v7.0.0/lib/libalpm/package.c:649:30: call_function: calling ‘list_depdup’ from ‘_alpm_pkg_dup’
pacman-v7.0.0/lib/libalpm/package.c:649:30: return_function: returning to ‘_alpm_pkg_dup’ from ‘list_depdup’
pacman-v7.0.0/lib/libalpm/package.c:650:30: call_function: calling ‘list_depdup’ from ‘_alpm_pkg_dup’
pacman-v7.0.0/lib/libalpm/package.c:650:30: return_function: returning to ‘_alpm_pkg_dup’ from ‘list_depdup’
pacman-v7.0.0/lib/libalpm/package.c:652:11: branch_true: following ‘true’ branch...
pacman-v7.0.0/lib/libalpm/package.c:654:24: branch_true: ...to here
pacman-v7.0.0/lib/libalpm/package.c:655:17: branch_true: following ‘true’ branch...
pacman-v7.0.0/lib/libalpm/package.c:655:17: branch_true: ...to here
pacman-v7.0.0/lib/libalpm/package.c:655:17: danger: ‘newpkg’ leaks here; was allocated at [(6)](sarif:/runs/0/results/34/codeFlows/0/threadFlows/0/locations/5)
#  653|   		size_t filenum;
#  654|   		size_t len = sizeof(alpm_file_t) * pkg->files.count;
#  655|-> 		MALLOC(newpkg->files.files, len, goto cleanup);
#  656|   		for(filenum = 0; filenum < pkg->files.count; filenum++) {
#  657|   			if(!_alpm_file_copy(newpkg->files.files + filenum,

Error: GCC_ANALYZER_WARNING (CWE-401): [#def527]
pacman-v7.0.0/lib/libalpm/package.c:669:17: warning[-Wanalyzer-malloc-leak]: leak of ‘<unknown>’
pacman-v7.0.0/lib/libalpm/package.c:598:5: enter_function: entry to ‘_alpm_pkg_dup’
pacman-v7.0.0/lib/libalpm/package.c:604:11: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/package.c:608:11: branch_false: following ‘false’ branch (when ‘new_ptr’ is non-NULL)...
pacman-v7.0.0/lib/libalpm/package.c:612:12: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/package.c:620:9: branch_false: following ‘false’ branch (when ‘newpkg’ is non-NULL)...
pacman-v7.0.0/lib/libalpm/package.c:622:29: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/package.c:623:9: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/package.c:623:9: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/package.c:624:9: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/package.c:624:9: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/package.c:625:9: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/package.c:625:9: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/package.c:626:9: branch_true: following ‘true’ branch...
pacman-v7.0.0/lib/libalpm/package.c:626:9: branch_true: ...to here
pacman-v7.0.0/lib/libalpm/package.c:626:9: acquire_memory: allocated here
pacman-v7.0.0/lib/libalpm/package.c:626:9: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/package.c:627:9: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/package.c:627:9: branch_true: following ‘true’ branch...
pacman-v7.0.0/lib/libalpm/package.c:627:9: branch_true: ...to here
pacman-v7.0.0/lib/libalpm/package.c:627:9: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/package.c:628:9: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/package.c:628:9: branch_true: following ‘true’ branch...
pacman-v7.0.0/lib/libalpm/package.c:628:9: branch_true: ...to here
pacman-v7.0.0/lib/libalpm/package.c:628:9: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/package.c:629:29: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/package.c:631:9: branch_true: following ‘true’ branch...
pacman-v7.0.0/lib/libalpm/package.c:631:9: branch_true: ...to here
pacman-v7.0.0/lib/libalpm/package.c:631:9: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/package.c:632:9: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/package.c:632:9: branch_true: following ‘true’ branch...
pacman-v7.0.0/lib/libalpm/package.c:632:9: branch_true: ...to here
pacman-v7.0.0/lib/libalpm/package.c:632:9: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/package.c:633:9: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/package.c:633:9: branch_true: following ‘true’ branch...
pacman-v7.0.0/lib/libalpm/package.c:633:9: branch_true: ...to here
pacman-v7.0.0/lib/libalpm/package.c:633:9: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/package.c:634:9: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/package.c:634:9: branch_true: following ‘true’ branch...
pacman-v7.0.0/lib/libalpm/package.c:634:9: branch_true: ...to here
pacman-v7.0.0/lib/libalpm/package.c:634:9: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/package.c:635:24: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/package.c:642:30: call_function: calling ‘list_depdup’ from ‘_alpm_pkg_dup’
pacman-v7.0.0/lib/libalpm/package.c:642:30: return_function: returning to ‘_alpm_pkg_dup’ from ‘list_depdup’
pacman-v7.0.0/lib/libalpm/package.c:644:30: branch_false: following ‘false’ branch (when ‘i’ is NULL)...
pacman-v7.0.0/lib/libalpm/package.c:647:30: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/package.c:647:30: call_function: calling ‘list_depdup’ from ‘_alpm_pkg_dup’
pacman-v7.0.0/lib/libalpm/package.c:647:30: return_function: returning to ‘_alpm_pkg_dup’ from ‘list_depdup’
pacman-v7.0.0/lib/libalpm/package.c:648:30: call_function: calling ‘list_depdup’ from ‘_alpm_pkg_dup’
pacman-v7.0.0/lib/libalpm/package.c:648:30: return_function: returning to ‘_alpm_pkg_dup’ from ‘list_depdup’
pacman-v7.0.0/lib/libalpm/package.c:649:30: call_function: calling ‘list_depdup’ from ‘_alpm_pkg_dup’
pacman-v7.0.0/lib/libalpm/package.c:649:30: return_function: returning to ‘_alpm_pkg_dup’ from ‘list_depdup’
pacman-v7.0.0/lib/libalpm/package.c:650:30: call_function: calling ‘list_depdup’ from ‘_alpm_pkg_dup’
pacman-v7.0.0/lib/libalpm/package.c:650:30: return_function: returning to ‘_alpm_pkg_dup’ from ‘list_depdup’
pacman-v7.0.0/lib/libalpm/package.c:652:11: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/package.c:666:29: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/package.c:668:11: branch_true: following ‘true’ branch...
pacman-v7.0.0/lib/libalpm/package.c:669:17: branch_true: ...to here
pacman-v7.0.0/lib/libalpm/package.c:669:17: branch_true: following ‘true’ branch...
pacman-v7.0.0/lib/libalpm/package.c:669:17: danger: ‘<unknown>’ leaks here; was allocated at [(16)](sarif:/runs/0/results/37/codeFlows/0/threadFlows/0/locations/15)
#  667|   	newpkg->origin = pkg->origin;
#  668|   	if(newpkg->origin == ALPM_PKG_FROM_FILE) {
#  669|-> 		STRDUP(newpkg->origin_data.file, pkg->origin_data.file, goto cleanup);
#  670|   	} else {
#  671|   		newpkg->origin_data.db = pkg->origin_data.db;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def528]
pacman-v7.0.0/lib/libalpm/package.c:669:17: warning[-Wanalyzer-malloc-leak]: leak of ‘newpkg’
pacman-v7.0.0/lib/libalpm/package.c:598:5: enter_function: entry to ‘_alpm_pkg_dup’
pacman-v7.0.0/lib/libalpm/package.c:604:11: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/package.c:608:11: branch_false: following ‘false’ branch (when ‘new_ptr’ is non-NULL)...
pacman-v7.0.0/lib/libalpm/package.c:612:12: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/package.c:620:9: acquire_memory: allocated here
pacman-v7.0.0/lib/libalpm/package.c:620:9: branch_false: following ‘false’ branch (when ‘newpkg’ is non-NULL)...
pacman-v7.0.0/lib/libalpm/package.c:622:29: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/package.c:623:9: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/package.c:623:9: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/package.c:624:9: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/package.c:624:9: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/package.c:625:9: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/package.c:625:9: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/package.c:626:9: branch_true: following ‘true’ branch...
pacman-v7.0.0/lib/libalpm/package.c:626:9: branch_true: ...to here
pacman-v7.0.0/lib/libalpm/package.c:626:9: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/package.c:627:9: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/package.c:627:9: branch_true: following ‘true’ branch...
pacman-v7.0.0/lib/libalpm/package.c:627:9: branch_true: ...to here
pacman-v7.0.0/lib/libalpm/package.c:627:9: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/package.c:628:9: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/package.c:628:9: branch_true: following ‘true’ branch...
pacman-v7.0.0/lib/libalpm/package.c:628:9: branch_true: ...to here
pacman-v7.0.0/lib/libalpm/package.c:628:9: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/package.c:629:29: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/package.c:631:9: branch_true: following ‘true’ branch...
pacman-v7.0.0/lib/libalpm/package.c:631:9: branch_true: ...to here
pacman-v7.0.0/lib/libalpm/package.c:631:9: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/package.c:632:9: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/package.c:632:9: branch_true: following ‘true’ branch...
pacman-v7.0.0/lib/libalpm/package.c:632:9: branch_true: ...to here
pacman-v7.0.0/lib/libalpm/package.c:632:9: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/package.c:633:9: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/package.c:633:9: branch_true: following ‘true’ branch...
pacman-v7.0.0/lib/libalpm/package.c:633:9: branch_true: ...to here
pacman-v7.0.0/lib/libalpm/package.c:633:9: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/package.c:634:9: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/package.c:634:9: branch_true: following ‘true’ branch...
pacman-v7.0.0/lib/libalpm/package.c:634:9: branch_true: ...to here
pacman-v7.0.0/lib/libalpm/package.c:634:9: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/package.c:635:24: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/package.c:642:30: call_function: calling ‘list_depdup’ from ‘_alpm_pkg_dup’
pacman-v7.0.0/lib/libalpm/package.c:642:30: return_function: returning to ‘_alpm_pkg_dup’ from ‘list_depdup’
pacman-v7.0.0/lib/libalpm/package.c:644:30: branch_false: following ‘false’ branch (when ‘i’ is NULL)...
pacman-v7.0.0/lib/libalpm/package.c:647:30: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/package.c:647:30: call_function: calling ‘list_depdup’ from ‘_alpm_pkg_dup’
pacman-v7.0.0/lib/libalpm/package.c:647:30: return_function: returning to ‘_alpm_pkg_dup’ from ‘list_depdup’
pacman-v7.0.0/lib/libalpm/package.c:648:30: call_function: calling ‘list_depdup’ from ‘_alpm_pkg_dup’
pacman-v7.0.0/lib/libalpm/package.c:648:30: return_function: returning to ‘_alpm_pkg_dup’ from ‘list_depdup’
pacman-v7.0.0/lib/libalpm/package.c:649:30: call_function: calling ‘list_depdup’ from ‘_alpm_pkg_dup’
pacman-v7.0.0/lib/libalpm/package.c:649:30: return_function: returning to ‘_alpm_pkg_dup’ from ‘list_depdup’
pacman-v7.0.0/lib/libalpm/package.c:650:30: call_function: calling ‘list_depdup’ from ‘_alpm_pkg_dup’
pacman-v7.0.0/lib/libalpm/package.c:650:30: return_function: returning to ‘_alpm_pkg_dup’ from ‘list_depdup’
pacman-v7.0.0/lib/libalpm/package.c:652:11: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/package.c:666:29: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/package.c:668:11: branch_true: following ‘true’ branch...
pacman-v7.0.0/lib/libalpm/package.c:669:17: branch_true: ...to here
pacman-v7.0.0/lib/libalpm/package.c:669:17: branch_true: following ‘true’ branch...
pacman-v7.0.0/lib/libalpm/package.c:669:17: danger: ‘newpkg’ leaks here; was allocated at [(6)](sarif:/runs/0/results/36/codeFlows/0/threadFlows/0/locations/5)
#  667|   	newpkg->origin = pkg->origin;
#  668|   	if(newpkg->origin == ALPM_PKG_FROM_FILE) {
#  669|-> 		STRDUP(newpkg->origin_data.file, pkg->origin_data.file, goto cleanup);
#  670|   	} else {
#  671|   		newpkg->origin_data.db = pkg->origin_data.db;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def529]
pacman-v7.0.0/lib/libalpm/package.c:686:9: warning[-Wanalyzer-malloc-leak]: leak of ‘newpkg’
pacman-v7.0.0/lib/libalpm/package.c:598:5: enter_function: entry to ‘_alpm_pkg_dup’
pacman-v7.0.0/lib/libalpm/package.c:604:11: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/package.c:608:11: branch_false: following ‘false’ branch (when ‘new_ptr’ is non-NULL)...
pacman-v7.0.0/lib/libalpm/package.c:612:12: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/package.c:620:9: acquire_memory: allocated here
pacman-v7.0.0/lib/libalpm/package.c:620:9: branch_false: following ‘false’ branch (when ‘newpkg’ is non-NULL)...
pacman-v7.0.0/lib/libalpm/package.c:622:29: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/package.c:680:9: call_function: inlined call to ‘_alpm_pkg_free’ from ‘_alpm_pkg_dup’
 branch_false: ...to here
pacman-v7.0.0/lib/libalpm/package.c:680:9: call_function: inlined call to ‘_alpm_pkg_free’ from ‘_alpm_pkg_dup’
#  684|   static void free_deplist(alpm_list_t *deps)
#  685|   {
#  686|-> 	alpm_list_free_inner(deps, (alpm_list_fn_free)alpm_dep_free);
#  687|   	alpm_list_free(deps);
#  688|   }

Error: GCC_ANALYZER_WARNING (CWE-401): [#def530]
pacman-v7.0.0/lib/libalpm/package.c:687:9: warning[-Wanalyzer-malloc-leak]: leak of ‘newpkg’
pacman-v7.0.0/lib/libalpm/package.c:598:5: enter_function: entry to ‘_alpm_pkg_dup’
pacman-v7.0.0/lib/libalpm/package.c:604:11: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/package.c:608:11: branch_false: following ‘false’ branch (when ‘new_ptr’ is non-NULL)...
pacman-v7.0.0/lib/libalpm/package.c:612:12: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/package.c:620:9: acquire_memory: allocated here
pacman-v7.0.0/lib/libalpm/package.c:620:9: branch_false: following ‘false’ branch (when ‘newpkg’ is non-NULL)...
pacman-v7.0.0/lib/libalpm/package.c:622:29: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/package.c:680:9: call_function: inlined call to ‘_alpm_pkg_free’ from ‘_alpm_pkg_dup’
 branch_false: ...to here
pacman-v7.0.0/lib/libalpm/package.c:680:9: call_function: inlined call to ‘_alpm_pkg_free’ from ‘_alpm_pkg_dup’
#  685|   {
#  686|   	alpm_list_free_inner(deps, (alpm_list_fn_free)alpm_dep_free);
#  687|-> 	alpm_list_free(deps);
#  688|   }
#  689|   

Error: GCC_ANALYZER_WARNING (CWE-401): [#def531]
pacman-v7.0.0/lib/libalpm/package.c:699:9: warning[-Wanalyzer-malloc-leak]: leak of ‘pd’
pacman-v7.0.0/lib/libalpm/package.c:694:11: branch_false: following ‘false’ branch (when ‘string’ is non-NULL)...
pacman-v7.0.0/lib/libalpm/package.c:694:37: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/package.c:694:12: branch_false: following ‘false’ branch (when ‘sep’ is non-NULL)...
pacman-v7.0.0/lib/libalpm/package.c:698:9: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/package.c:698:9: acquire_memory: allocated here
pacman-v7.0.0/lib/libalpm/package.c:698:9: branch_false: following ‘false’ branch (when ‘pd’ is non-NULL)...
pacman-v7.0.0/lib/libalpm/package.c:699:9: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/package.c:699:9: branch_true: following ‘true’ branch...
pacman-v7.0.0/lib/libalpm/package.c:699:9: branch_true: ...to here
pacman-v7.0.0/lib/libalpm/package.c:699:9: danger: ‘pd’ leaks here; was allocated at [(6)](sarif:/runs/0/results/40/codeFlows/0/threadFlows/0/locations/5)
#  697|   
#  698|   	CALLOC(pd, 1, sizeof(alpm_pkg_xdata_t), return NULL);
#  699|-> 	STRNDUP(pd->name, string, sep - string, FREE(pd); return NULL);
#  700|   	STRDUP(pd->value, sep + 1, FREE(pd->name); FREE(pd); return NULL);
#  701|   

Error: GCC_ANALYZER_WARNING (CWE-401): [#def532]
pacman-v7.0.0/lib/libalpm/package.c:700:9: warning[-Wanalyzer-malloc-leak]: leak of ‘<unknown>’
pacman-v7.0.0/lib/libalpm/package.c:694:11: branch_false: following ‘false’ branch (when ‘string’ is non-NULL)...
pacman-v7.0.0/lib/libalpm/package.c:694:37: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/package.c:694:12: branch_false: following ‘false’ branch (when ‘sep’ is non-NULL)...
pacman-v7.0.0/lib/libalpm/package.c:698:9: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/package.c:698:9: branch_false: following ‘false’ branch (when ‘pd’ is non-NULL)...
pacman-v7.0.0/lib/libalpm/package.c:699:9: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/package.c:699:9: acquire_memory: allocated here
pacman-v7.0.0/lib/libalpm/package.c:699:9: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/package.c:700:9: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/package.c:700:9: branch_true: following ‘true’ branch...
pacman-v7.0.0/lib/libalpm/package.c:700:9: branch_true: ...to here
pacman-v7.0.0/lib/libalpm/package.c:700:9: danger: ‘<unknown>’ leaks here; was allocated at [(8)](sarif:/runs/0/results/42/codeFlows/0/threadFlows/0/locations/7)
#  698|   	CALLOC(pd, 1, sizeof(alpm_pkg_xdata_t), return NULL);
#  699|   	STRNDUP(pd->name, string, sep - string, FREE(pd); return NULL);
#  700|-> 	STRDUP(pd->value, sep + 1, FREE(pd->name); FREE(pd); return NULL);
#  701|   
#  702|   	return pd;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def533]
pacman-v7.0.0/lib/libalpm/package.c:700:9: warning[-Wanalyzer-malloc-leak]: leak of ‘pd’
pacman-v7.0.0/lib/libalpm/package.c:694:11: branch_false: following ‘false’ branch (when ‘string’ is non-NULL)...
pacman-v7.0.0/lib/libalpm/package.c:694:37: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/package.c:694:12: branch_false: following ‘false’ branch (when ‘sep’ is non-NULL)...
pacman-v7.0.0/lib/libalpm/package.c:698:9: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/package.c:698:9: acquire_memory: allocated here
pacman-v7.0.0/lib/libalpm/package.c:698:9: branch_false: following ‘false’ branch (when ‘pd’ is non-NULL)...
pacman-v7.0.0/lib/libalpm/package.c:699:9: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/package.c:699:9: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/package.c:700:9: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/package.c:700:9: branch_true: following ‘true’ branch...
pacman-v7.0.0/lib/libalpm/package.c:700:9: branch_true: ...to here
pacman-v7.0.0/lib/libalpm/package.c:700:9: danger: ‘pd’ leaks here; was allocated at [(6)](sarif:/runs/0/results/41/codeFlows/0/threadFlows/0/locations/5)
#  698|   	CALLOC(pd, 1, sizeof(alpm_pkg_xdata_t), return NULL);
#  699|   	STRNDUP(pd->name, string, sep - string, FREE(pd); return NULL);
#  700|-> 	STRDUP(pd->value, sep + 1, FREE(pd->name); FREE(pd); return NULL);
#  701|   
#  702|   	return pd;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def534]
pacman-v7.0.0/lib/libalpm/package.c:732:9: warning[-Wanalyzer-malloc-leak]: leak of ‘newpkg’
pacman-v7.0.0/lib/libalpm/package.c:598:5: enter_function: entry to ‘_alpm_pkg_dup’
pacman-v7.0.0/lib/libalpm/package.c:604:11: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/package.c:608:11: branch_false: following ‘false’ branch (when ‘new_ptr’ is non-NULL)...
pacman-v7.0.0/lib/libalpm/package.c:612:12: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/package.c:620:9: acquire_memory: allocated here
pacman-v7.0.0/lib/libalpm/package.c:620:9: branch_false: following ‘false’ branch (when ‘newpkg’ is non-NULL)...
pacman-v7.0.0/lib/libalpm/package.c:622:29: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/package.c:623:9: branch_true: following ‘true’ branch...
pacman-v7.0.0/lib/libalpm/package.c:680:9: call_function: inlined call to ‘_alpm_pkg_free’ from ‘_alpm_pkg_dup’
 branch_false: ...to here
pacman-v7.0.0/lib/libalpm/package.c:680:9: call_function: inlined call to ‘_alpm_pkg_free’ from ‘_alpm_pkg_dup’
#  730|   	FREE(pkg->arch);
#  731|   
#  732|-> 	FREELIST(pkg->licenses);
#  733|   	free_deplist(pkg->replaces);
#  734|   	FREELIST(pkg->groups);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def535]
pacman-v7.0.0/lib/libalpm/package.c:734:9: warning[-Wanalyzer-malloc-leak]: leak of ‘newpkg’
pacman-v7.0.0/lib/libalpm/package.c:598:5: enter_function: entry to ‘_alpm_pkg_dup’
pacman-v7.0.0/lib/libalpm/package.c:604:11: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/package.c:608:11: branch_false: following ‘false’ branch (when ‘new_ptr’ is non-NULL)...
pacman-v7.0.0/lib/libalpm/package.c:612:12: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/package.c:620:9: acquire_memory: allocated here
pacman-v7.0.0/lib/libalpm/package.c:620:9: branch_false: following ‘false’ branch (when ‘newpkg’ is non-NULL)...
pacman-v7.0.0/lib/libalpm/package.c:622:29: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/package.c:680:9: call_function: inlined call to ‘_alpm_pkg_free’ from ‘_alpm_pkg_dup’
 branch_false: ...to here
pacman-v7.0.0/lib/libalpm/package.c:680:9: call_function: inlined call to ‘_alpm_pkg_free’ from ‘_alpm_pkg_dup’
#  732|   	FREELIST(pkg->licenses);
#  733|   	free_deplist(pkg->replaces);
#  734|-> 	FREELIST(pkg->groups);
#  735|   	if(pkg->files.count) {
#  736|   		size_t i;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def536]
pacman-v7.0.0/lib/libalpm/package.c:742:9: warning[-Wanalyzer-malloc-leak]: leak of ‘newpkg’
pacman-v7.0.0/lib/libalpm/package.c:598:5: enter_function: entry to ‘_alpm_pkg_dup’
pacman-v7.0.0/lib/libalpm/package.c:604:11: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/package.c:608:11: branch_false: following ‘false’ branch (when ‘new_ptr’ is non-NULL)...
pacman-v7.0.0/lib/libalpm/package.c:612:12: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/package.c:620:9: acquire_memory: allocated here
pacman-v7.0.0/lib/libalpm/package.c:620:9: branch_false: following ‘false’ branch (when ‘newpkg’ is non-NULL)...
pacman-v7.0.0/lib/libalpm/package.c:622:29: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/package.c:680:9: call_function: inlined call to ‘_alpm_pkg_free’ from ‘_alpm_pkg_dup’
 branch_false: ...to here
pacman-v7.0.0/lib/libalpm/package.c:680:9: call_function: inlined call to ‘_alpm_pkg_free’ from ‘_alpm_pkg_dup’
#  740|   		free(pkg->files.files);
#  741|   	}
#  742|-> 	alpm_list_free_inner(pkg->backup, (alpm_list_fn_free)_alpm_backup_free);
#  743|   	alpm_list_free(pkg->backup);
#  744|   	alpm_list_free_inner(pkg->xdata, (alpm_list_fn_free)_alpm_pkg_xdata_free);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def537]
pacman-v7.0.0/lib/libalpm/package.c:743:9: warning[-Wanalyzer-malloc-leak]: leak of ‘newpkg’
pacman-v7.0.0/lib/libalpm/package.c:598:5: enter_function: entry to ‘_alpm_pkg_dup’
pacman-v7.0.0/lib/libalpm/package.c:604:11: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/package.c:608:11: branch_false: following ‘false’ branch (when ‘new_ptr’ is non-NULL)...
pacman-v7.0.0/lib/libalpm/package.c:612:12: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/package.c:620:9: acquire_memory: allocated here
pacman-v7.0.0/lib/libalpm/package.c:620:9: branch_false: following ‘false’ branch (when ‘newpkg’ is non-NULL)...
pacman-v7.0.0/lib/libalpm/package.c:622:29: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/package.c:680:9: call_function: inlined call to ‘_alpm_pkg_free’ from ‘_alpm_pkg_dup’
 branch_false: ...to here
pacman-v7.0.0/lib/libalpm/package.c:680:9: call_function: inlined call to ‘_alpm_pkg_free’ from ‘_alpm_pkg_dup’
#  741|   	}
#  742|   	alpm_list_free_inner(pkg->backup, (alpm_list_fn_free)_alpm_backup_free);
#  743|-> 	alpm_list_free(pkg->backup);
#  744|   	alpm_list_free_inner(pkg->xdata, (alpm_list_fn_free)_alpm_pkg_xdata_free);
#  745|   	alpm_list_free(pkg->xdata);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def538]
pacman-v7.0.0/lib/libalpm/pkghash.c:84:9: warning[-Wanalyzer-malloc-leak]: leak of ‘hash’
pacman-v7.0.0/lib/libalpm/pkghash.c:202:17: enter_function: entry to ‘_alpm_pkghash_add_sorted’
pacman-v7.0.0/lib/libalpm/pkghash.c:204:16: call_function: calling ‘pkghash_add_pkg’ from ‘_alpm_pkghash_add_sorted’
#   82|   	}
#   83|   
#   84|-> 	CALLOC(hash->hash_table, hash->buckets, sizeof(alpm_list_t *), \
#   85|   				free(hash); return NULL);
#   86|   

Error: GCC_ANALYZER_WARNING (CWE-401): [#def539]
pacman-v7.0.0/lib/libalpm/remove.c:363:19: warning[-Wanalyzer-malloc-leak]: leak of ‘newpath’
pacman-v7.0.0/lib/libalpm/remove.c:611:12: enter_function: entry to ‘remove_package_files’
pacman-v7.0.0/lib/libalpm/remove.c:641:34: branch_true: following ‘true’ branch (when ‘i != 0’)...
pacman-v7.0.0/lib/libalpm/remove.c:642:37: branch_true: ...to here
pacman-v7.0.0/lib/libalpm/remove.c:647:19: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/remove.c:653:20: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/remove.c:653:20: call_function: calling ‘unlink_file’ from ‘remove_package_files’
#  361|   	size_t basename_len;
#  362|   
#  363|-> 	dirname = mdirname(file);
#  364|   	if(!dirname) {
#  365|   		return;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def540]
pacman-v7.0.0/lib/libalpm/remove.c:368:20: warning[-Wanalyzer-malloc-leak]: leak of ‘newpath’
pacman-v7.0.0/lib/libalpm/remove.c:611:12: enter_function: entry to ‘remove_package_files’
pacman-v7.0.0/lib/libalpm/remove.c:641:34: branch_true: following ‘true’ branch (when ‘i != 0’)...
pacman-v7.0.0/lib/libalpm/remove.c:642:37: branch_true: ...to here
pacman-v7.0.0/lib/libalpm/remove.c:647:19: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/remove.c:653:20: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/remove.c:653:20: call_function: calling ‘unlink_file’ from ‘remove_package_files’
#  366|   	}
#  367|   
#  368|-> 	basename = mbasename(file);
#  369|   	basename_len = strlen(basename);
#  370|   

Error: GCC_ANALYZER_WARNING (CWE-401): [#def541]
pacman-v7.0.0/lib/libalpm/remove.c:372:12: warning[-Wanalyzer-malloc-leak]: leak of ‘newpath’
pacman-v7.0.0/lib/libalpm/remove.c:611:12: enter_function: entry to ‘remove_package_files’
pacman-v7.0.0/lib/libalpm/remove.c:641:34: branch_true: following ‘true’ branch (when ‘i != 0’)...
pacman-v7.0.0/lib/libalpm/remove.c:642:37: branch_true: ...to here
pacman-v7.0.0/lib/libalpm/remove.c:647:19: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/remove.c:653:20: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/remove.c:653:20: call_function: calling ‘unlink_file’ from ‘remove_package_files’
#  370|   
#  371|   	snprintf(regstr, PATH_MAX, "^%s\\.pacsave\\.([[:digit:]]+)$", basename);
#  372|-> 	if(regcomp(&reg, regstr, REG_EXTENDED | REG_NEWLINE) != 0) {
#  373|   		goto cleanup;
#  374|   	}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def542]
pacman-v7.0.0/lib/libalpm/remove.c:376:15: warning[-Wanalyzer-malloc-leak]: leak of ‘newpath’
pacman-v7.0.0/lib/libalpm/remove.c:611:12: enter_function: entry to ‘remove_package_files’
pacman-v7.0.0/lib/libalpm/remove.c:641:34: branch_true: following ‘true’ branch (when ‘i != 0’)...
pacman-v7.0.0/lib/libalpm/remove.c:642:37: branch_true: ...to here
pacman-v7.0.0/lib/libalpm/remove.c:647:19: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/remove.c:653:20: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/remove.c:653:20: call_function: calling ‘unlink_file’ from ‘remove_package_files’
#  374|   	}
#  375|   
#  376|-> 	dir = opendir(dirname);
#  377|   	if(dir == NULL) {
#  378|   		_alpm_log(handle, ALPM_LOG_ERROR, _("could not open directory: %s: %s\n"),

Error: GCC_ANALYZER_WARNING (CWE-401): [#def543]
pacman-v7.0.0/lib/libalpm/remove.c:378:17: warning[-Wanalyzer-malloc-leak]: leak of ‘newpath’
pacman-v7.0.0/lib/libalpm/remove.c:611:12: enter_function: entry to ‘remove_package_files’
pacman-v7.0.0/lib/libalpm/remove.c:641:34: branch_true: following ‘true’ branch (when ‘i != 0’)...
pacman-v7.0.0/lib/libalpm/remove.c:642:37: branch_true: ...to here
pacman-v7.0.0/lib/libalpm/remove.c:647:19: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/remove.c:653:20: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/remove.c:653:20: call_function: calling ‘unlink_file’ from ‘remove_package_files’
#  376|   	dir = opendir(dirname);
#  377|   	if(dir == NULL) {
#  378|-> 		_alpm_log(handle, ALPM_LOG_ERROR, _("could not open directory: %s: %s\n"),
#  379|   							dirname, strerror(errno));
#  380|   		goto cleanup;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def544]
pacman-v7.0.0/lib/libalpm/remove.c:383:22: warning[-Wanalyzer-malloc-leak]: leak of ‘newpath’
pacman-v7.0.0/lib/libalpm/remove.c:611:12: enter_function: entry to ‘remove_package_files’
pacman-v7.0.0/lib/libalpm/remove.c:641:34: branch_true: following ‘true’ branch (when ‘i != 0’)...
pacman-v7.0.0/lib/libalpm/remove.c:642:37: branch_true: ...to here
pacman-v7.0.0/lib/libalpm/remove.c:647:19: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/remove.c:653:20: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/remove.c:653:20: call_function: calling ‘unlink_file’ from ‘remove_package_files’
#  381|   	}
#  382|   
#  383|-> 	while((ent = readdir(dir)) != NULL) {
#  384|   		if(strcmp(ent->d_name, ".") == 0 || strcmp(ent->d_name, "..") == 0) {
#  385|   			continue;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def545]
pacman-v7.0.0/lib/libalpm/remove.c:383:22: warning[-Wanalyzer-malloc-leak]: leak of ‘opendir(mdirname(file))’
pacman-v7.0.0/lib/libalpm/remove.c:611:12: enter_function: entry to ‘remove_package_files’
pacman-v7.0.0/lib/libalpm/remove.c:641:34: branch_true: following ‘true’ branch (when ‘i != 0’)...
pacman-v7.0.0/lib/libalpm/remove.c:642:37: branch_true: ...to here
pacman-v7.0.0/lib/libalpm/remove.c:647:19: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/remove.c:653:20: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/remove.c:653:20: call_function: calling ‘unlink_file’ from ‘remove_package_files’
#  381|   	}
#  382|   
#  383|-> 	while((ent = readdir(dir)) != NULL) {
#  384|   		if(strcmp(ent->d_name, ".") == 0 || strcmp(ent->d_name, "..") == 0) {
#  385|   			continue;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def546]
pacman-v7.0.0/lib/libalpm/remove.c:388:20: warning[-Wanalyzer-malloc-leak]: leak of ‘newpath’
pacman-v7.0.0/lib/libalpm/remove.c:611:12: enter_function: entry to ‘remove_package_files’
pacman-v7.0.0/lib/libalpm/remove.c:641:34: branch_true: following ‘true’ branch (when ‘i != 0’)...
pacman-v7.0.0/lib/libalpm/remove.c:642:37: branch_true: ...to here
pacman-v7.0.0/lib/libalpm/remove.c:647:19: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/remove.c:653:20: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/remove.c:653:20: call_function: calling ‘unlink_file’ from ‘remove_package_files’
#  386|   		}
#  387|   
#  388|-> 		if(regexec(&reg, ent->d_name, 0, 0, 0) == 0) {
#  389|   			unsigned long cur_log;
#  390|   			cur_log = strtoul(ent->d_name + basename_len + strlen(".pacsave."), NULL, 10);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def547]
pacman-v7.0.0/lib/libalpm/sandbox.c:179:9: warning[-Wanalyzer-malloc-leak]: leak of ‘string’
pacman-v7.0.0/lib/libalpm/sandbox.c:166:6: enter_function: entry to ‘_alpm_sandbox_process_cb_log’
pacman-v7.0.0/lib/libalpm/sandbox.c:171:9: call_function: calling ‘read_from_pipe’ from ‘_alpm_sandbox_process_cb_log’
pacman-v7.0.0/lib/libalpm/sandbox.c:171:9: return_function: returning to ‘_alpm_sandbox_process_cb_log’ from ‘read_from_pipe’
pacman-v7.0.0/lib/libalpm/sandbox.c:171:9: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/sandbox.c:172:9: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/sandbox.c:172:9: call_function: calling ‘read_from_pipe’ from ‘_alpm_sandbox_process_cb_log’
pacman-v7.0.0/lib/libalpm/sandbox.c:172:9: return_function: returning to ‘_alpm_sandbox_process_cb_log’ from ‘read_from_pipe’
pacman-v7.0.0/lib/libalpm/sandbox.c:172:9: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/sandbox.c:174:9: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/sandbox.c:174:9: acquire_memory: allocated here
pacman-v7.0.0/lib/libalpm/sandbox.c:174:9: branch_false: following ‘false’ branch (when ‘string’ is non-NULL)...
pacman-v7.0.0/lib/libalpm/sandbox.c:176:9: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/sandbox.c:176:9: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/sandbox.c:177:15: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/sandbox.c:179:9: danger: ‘string’ leaks here; was allocated at [(20)](sarif:/runs/0/results/0/codeFlows/0/threadFlows/0/locations/19)
#  177|   	string[string_size] = '\0';
#  178|   
#  179|-> 	_alpm_log(handle, level, "%s", string);
#  180|   	FREE(string);
#  181|   	return true;

Error: GCC_ANALYZER_WARNING (CWE-775): [#def548]
pacman-v7.0.0/lib/libalpm/signing.c:158:12: warning[-Wanalyzer-file-leak]: leak of FILE ‘fopen(path, "rb")’
pacman-v7.0.0/lib/libalpm/signing.c:571:5: enter_function: entry to ‘_alpm_gpgme_checksig’
pacman-v7.0.0/lib/libalpm/signing.c:584:11: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/signing.c:588:11: branch_false: following ‘false’ branch (when ‘siglist’ is non-NULL)...
pacman-v7.0.0/lib/libalpm/signing.c:591:9: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/signing.c:593:11: branch_false: following ‘false’ branch (when ‘base64_sig’ is non-NULL)...
pacman-v7.0.0/lib/libalpm/signing.c:604:16: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/signing.c:604:16: acquire_resource: opened here
pacman-v7.0.0/lib/libalpm/signing.c:605:11: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/signing.c:609:12: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/signing.c:609:12: call_function: calling ‘init_gpgme’ from ‘_alpm_gpgme_checksig’
#  156|   	sigdir = handle->gpgdir;
#  157|   
#  158|-> 	if(_alpm_access(handle, sigdir, "pubring.gpg", R_OK)
#  159|   			|| _alpm_access(handle, sigdir, "trustdb.gpg", R_OK)) {
#  160|   		handle->pm_errno = ALPM_ERR_NOT_A_FILE;

Error: GCC_ANALYZER_WARNING (CWE-775): [#def549]
pacman-v7.0.0/lib/libalpm/signing.c:158:12: warning[-Wanalyzer-file-leak]: leak of FILE ‘sigfile’
pacman-v7.0.0/lib/libalpm/signing.c:1011:15: enter_function: entry to ‘alpm_db_check_pgp_signature’
pacman-v7.0.0/lib/libalpm/signing.c:1014:9: branch_false: following ‘false’ branch (when ‘db’ is non-NULL)...
pacman-v7.0.0/lib/libalpm/signing.c:1015:9: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/signing.c:1015:9: branch_false: following ‘false’ branch (when ‘siglist’ is non-NULL)...
pacman-v7.0.0/lib/libalpm/signing.c:1016:9: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/signing.c:1018:16: call_function: calling ‘_alpm_gpgme_checksig’ from ‘alpm_db_check_pgp_signature’
#  156|   	sigdir = handle->gpgdir;
#  157|   
#  158|-> 	if(_alpm_access(handle, sigdir, "pubring.gpg", R_OK)
#  159|   			|| _alpm_access(handle, sigdir, "trustdb.gpg", R_OK)) {
#  160|   		handle->pm_errno = ALPM_ERR_NOT_A_FILE;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def550]
pacman-v7.0.0/lib/libalpm/signing.c:158:12: warning[-Wanalyzer-malloc-leak]: leak of ‘fopen(path, "rb")’
pacman-v7.0.0/lib/libalpm/signing.c:571:5: enter_function: entry to ‘_alpm_gpgme_checksig’
pacman-v7.0.0/lib/libalpm/signing.c:584:11: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/signing.c:588:11: branch_false: following ‘false’ branch (when ‘siglist’ is non-NULL)...
pacman-v7.0.0/lib/libalpm/signing.c:591:9: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/signing.c:593:11: branch_false: following ‘false’ branch (when ‘base64_sig’ is non-NULL)...
pacman-v7.0.0/lib/libalpm/signing.c:604:16: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/signing.c:604:16: acquire_memory: allocated here
pacman-v7.0.0/lib/libalpm/signing.c:605:11: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/signing.c:609:12: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/signing.c:609:12: call_function: calling ‘init_gpgme’ from ‘_alpm_gpgme_checksig’
#  156|   	sigdir = handle->gpgdir;
#  157|   
#  158|-> 	if(_alpm_access(handle, sigdir, "pubring.gpg", R_OK)
#  159|   			|| _alpm_access(handle, sigdir, "trustdb.gpg", R_OK)) {
#  160|   		handle->pm_errno = ALPM_ERR_NOT_A_FILE;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def551]
pacman-v7.0.0/lib/libalpm/signing.c:158:12: warning[-Wanalyzer-malloc-leak]: leak of ‘sigfile’
pacman-v7.0.0/lib/libalpm/signing.c:1011:15: enter_function: entry to ‘alpm_db_check_pgp_signature’
pacman-v7.0.0/lib/libalpm/signing.c:1014:9: branch_false: following ‘false’ branch (when ‘db’ is non-NULL)...
pacman-v7.0.0/lib/libalpm/signing.c:1015:9: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/signing.c:1015:9: branch_false: following ‘false’ branch (when ‘siglist’ is non-NULL)...
pacman-v7.0.0/lib/libalpm/signing.c:1016:9: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/signing.c:1018:16: call_function: calling ‘_alpm_gpgme_checksig’ from ‘alpm_db_check_pgp_signature’
#  156|   	sigdir = handle->gpgdir;
#  157|   
#  158|-> 	if(_alpm_access(handle, sigdir, "pubring.gpg", R_OK)
#  159|   			|| _alpm_access(handle, sigdir, "trustdb.gpg", R_OK)) {
#  160|   		handle->pm_errno = ALPM_ERR_NOT_A_FILE;

Error: GCC_ANALYZER_WARNING (CWE-775): [#def552]
pacman-v7.0.0/lib/libalpm/signing.c:159:28: warning[-Wanalyzer-file-leak]: leak of FILE ‘fopen(path, "rb")’
pacman-v7.0.0/lib/libalpm/signing.c:571:5: enter_function: entry to ‘_alpm_gpgme_checksig’
pacman-v7.0.0/lib/libalpm/signing.c:584:11: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/signing.c:588:11: branch_false: following ‘false’ branch (when ‘siglist’ is non-NULL)...
pacman-v7.0.0/lib/libalpm/signing.c:591:9: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/signing.c:593:11: branch_false: following ‘false’ branch (when ‘base64_sig’ is non-NULL)...
pacman-v7.0.0/lib/libalpm/signing.c:604:16: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/signing.c:604:16: acquire_resource: opened here
pacman-v7.0.0/lib/libalpm/signing.c:605:11: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/signing.c:609:12: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/signing.c:609:12: call_function: calling ‘init_gpgme’ from ‘_alpm_gpgme_checksig’
#  157|   
#  158|   	if(_alpm_access(handle, sigdir, "pubring.gpg", R_OK)
#  159|-> 			|| _alpm_access(handle, sigdir, "trustdb.gpg", R_OK)) {
#  160|   		handle->pm_errno = ALPM_ERR_NOT_A_FILE;
#  161|   		_alpm_log(handle, ALPM_LOG_DEBUG, "Signature verification will fail!\n");

Error: GCC_ANALYZER_WARNING (CWE-775): [#def553]
pacman-v7.0.0/lib/libalpm/signing.c:159:28: warning[-Wanalyzer-file-leak]: leak of FILE ‘sigfile’
pacman-v7.0.0/lib/libalpm/signing.c:1011:15: enter_function: entry to ‘alpm_db_check_pgp_signature’
pacman-v7.0.0/lib/libalpm/signing.c:1014:9: branch_false: following ‘false’ branch (when ‘db’ is non-NULL)...
pacman-v7.0.0/lib/libalpm/signing.c:1015:9: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/signing.c:1015:9: branch_false: following ‘false’ branch (when ‘siglist’ is non-NULL)...
pacman-v7.0.0/lib/libalpm/signing.c:1016:9: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/signing.c:1018:16: call_function: calling ‘_alpm_gpgme_checksig’ from ‘alpm_db_check_pgp_signature’
#  157|   
#  158|   	if(_alpm_access(handle, sigdir, "pubring.gpg", R_OK)
#  159|-> 			|| _alpm_access(handle, sigdir, "trustdb.gpg", R_OK)) {
#  160|   		handle->pm_errno = ALPM_ERR_NOT_A_FILE;
#  161|   		_alpm_log(handle, ALPM_LOG_DEBUG, "Signature verification will fail!\n");

Error: GCC_ANALYZER_WARNING (CWE-401): [#def554]
pacman-v7.0.0/lib/libalpm/signing.c:159:28: warning[-Wanalyzer-malloc-leak]: leak of ‘fopen(path, "rb")’
pacman-v7.0.0/lib/libalpm/signing.c:571:5: enter_function: entry to ‘_alpm_gpgme_checksig’
pacman-v7.0.0/lib/libalpm/signing.c:584:11: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/signing.c:588:11: branch_false: following ‘false’ branch (when ‘siglist’ is non-NULL)...
pacman-v7.0.0/lib/libalpm/signing.c:591:9: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/signing.c:593:11: branch_false: following ‘false’ branch (when ‘base64_sig’ is non-NULL)...
pacman-v7.0.0/lib/libalpm/signing.c:604:16: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/signing.c:604:16: acquire_memory: allocated here
pacman-v7.0.0/lib/libalpm/signing.c:605:11: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/signing.c:609:12: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/signing.c:609:12: call_function: calling ‘init_gpgme’ from ‘_alpm_gpgme_checksig’
#  157|   
#  158|   	if(_alpm_access(handle, sigdir, "pubring.gpg", R_OK)
#  159|-> 			|| _alpm_access(handle, sigdir, "trustdb.gpg", R_OK)) {
#  160|   		handle->pm_errno = ALPM_ERR_NOT_A_FILE;
#  161|   		_alpm_log(handle, ALPM_LOG_DEBUG, "Signature verification will fail!\n");

Error: GCC_ANALYZER_WARNING (CWE-401): [#def555]
pacman-v7.0.0/lib/libalpm/signing.c:159:28: warning[-Wanalyzer-malloc-leak]: leak of ‘sigfile’
pacman-v7.0.0/lib/libalpm/signing.c:1011:15: enter_function: entry to ‘alpm_db_check_pgp_signature’
pacman-v7.0.0/lib/libalpm/signing.c:1014:9: branch_false: following ‘false’ branch (when ‘db’ is non-NULL)...
pacman-v7.0.0/lib/libalpm/signing.c:1015:9: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/signing.c:1015:9: branch_false: following ‘false’ branch (when ‘siglist’ is non-NULL)...
pacman-v7.0.0/lib/libalpm/signing.c:1016:9: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/signing.c:1018:16: call_function: calling ‘_alpm_gpgme_checksig’ from ‘alpm_db_check_pgp_signature’
#  157|   
#  158|   	if(_alpm_access(handle, sigdir, "pubring.gpg", R_OK)
#  159|-> 			|| _alpm_access(handle, sigdir, "trustdb.gpg", R_OK)) {
#  160|   		handle->pm_errno = ALPM_ERR_NOT_A_FILE;
#  161|   		_alpm_log(handle, ALPM_LOG_DEBUG, "Signature verification will fail!\n");

Error: GCC_ANALYZER_WARNING (CWE-775): [#def556]
pacman-v7.0.0/lib/libalpm/signing.c:161:17: warning[-Wanalyzer-file-leak]: leak of FILE ‘fopen(path, "rb")’
pacman-v7.0.0/lib/libalpm/signing.c:571:5: enter_function: entry to ‘_alpm_gpgme_checksig’
pacman-v7.0.0/lib/libalpm/signing.c:584:11: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/signing.c:588:11: branch_false: following ‘false’ branch (when ‘siglist’ is non-NULL)...
pacman-v7.0.0/lib/libalpm/signing.c:591:9: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/signing.c:593:11: branch_false: following ‘false’ branch (when ‘base64_sig’ is non-NULL)...
pacman-v7.0.0/lib/libalpm/signing.c:604:16: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/signing.c:604:16: acquire_resource: opened here
pacman-v7.0.0/lib/libalpm/signing.c:605:11: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/signing.c:609:12: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/signing.c:609:12: call_function: calling ‘init_gpgme’ from ‘_alpm_gpgme_checksig’
#  159|   			|| _alpm_access(handle, sigdir, "trustdb.gpg", R_OK)) {
#  160|   		handle->pm_errno = ALPM_ERR_NOT_A_FILE;
#  161|-> 		_alpm_log(handle, ALPM_LOG_DEBUG, "Signature verification will fail!\n");
#  162|   		_alpm_log(handle, ALPM_LOG_WARNING,
#  163|   				_("Public keyring not found; have you run '%s'?\n"),

Error: GCC_ANALYZER_WARNING (CWE-775): [#def557]
pacman-v7.0.0/lib/libalpm/signing.c:161:17: warning[-Wanalyzer-file-leak]: leak of FILE ‘sigfile’
pacman-v7.0.0/lib/libalpm/signing.c:1011:15: enter_function: entry to ‘alpm_db_check_pgp_signature’
pacman-v7.0.0/lib/libalpm/signing.c:1014:9: branch_false: following ‘false’ branch (when ‘db’ is non-NULL)...
pacman-v7.0.0/lib/libalpm/signing.c:1015:9: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/signing.c:1015:9: branch_false: following ‘false’ branch (when ‘siglist’ is non-NULL)...
pacman-v7.0.0/lib/libalpm/signing.c:1016:9: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/signing.c:1018:16: call_function: calling ‘_alpm_gpgme_checksig’ from ‘alpm_db_check_pgp_signature’
#  159|   			|| _alpm_access(handle, sigdir, "trustdb.gpg", R_OK)) {
#  160|   		handle->pm_errno = ALPM_ERR_NOT_A_FILE;
#  161|-> 		_alpm_log(handle, ALPM_LOG_DEBUG, "Signature verification will fail!\n");
#  162|   		_alpm_log(handle, ALPM_LOG_WARNING,
#  163|   				_("Public keyring not found; have you run '%s'?\n"),

Error: GCC_ANALYZER_WARNING (CWE-401): [#def558]
pacman-v7.0.0/lib/libalpm/signing.c:161:17: warning[-Wanalyzer-malloc-leak]: leak of ‘fopen(path, "rb")’
pacman-v7.0.0/lib/libalpm/signing.c:571:5: enter_function: entry to ‘_alpm_gpgme_checksig’
pacman-v7.0.0/lib/libalpm/signing.c:584:11: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/signing.c:588:11: branch_false: following ‘false’ branch (when ‘siglist’ is non-NULL)...
pacman-v7.0.0/lib/libalpm/signing.c:591:9: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/signing.c:593:11: branch_false: following ‘false’ branch (when ‘base64_sig’ is non-NULL)...
pacman-v7.0.0/lib/libalpm/signing.c:604:16: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/signing.c:604:16: acquire_memory: allocated here
pacman-v7.0.0/lib/libalpm/signing.c:605:11: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/signing.c:609:12: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/signing.c:609:12: call_function: calling ‘init_gpgme’ from ‘_alpm_gpgme_checksig’
#  159|   			|| _alpm_access(handle, sigdir, "trustdb.gpg", R_OK)) {
#  160|   		handle->pm_errno = ALPM_ERR_NOT_A_FILE;
#  161|-> 		_alpm_log(handle, ALPM_LOG_DEBUG, "Signature verification will fail!\n");
#  162|   		_alpm_log(handle, ALPM_LOG_WARNING,
#  163|   				_("Public keyring not found; have you run '%s'?\n"),

Error: GCC_ANALYZER_WARNING (CWE-401): [#def559]
pacman-v7.0.0/lib/libalpm/signing.c:161:17: warning[-Wanalyzer-malloc-leak]: leak of ‘sigfile’
pacman-v7.0.0/lib/libalpm/signing.c:1011:15: enter_function: entry to ‘alpm_db_check_pgp_signature’
pacman-v7.0.0/lib/libalpm/signing.c:1014:9: branch_false: following ‘false’ branch (when ‘db’ is non-NULL)...
pacman-v7.0.0/lib/libalpm/signing.c:1015:9: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/signing.c:1015:9: branch_false: following ‘false’ branch (when ‘siglist’ is non-NULL)...
pacman-v7.0.0/lib/libalpm/signing.c:1016:9: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/signing.c:1018:16: call_function: calling ‘_alpm_gpgme_checksig’ from ‘alpm_db_check_pgp_signature’
#  159|   			|| _alpm_access(handle, sigdir, "trustdb.gpg", R_OK)) {
#  160|   		handle->pm_errno = ALPM_ERR_NOT_A_FILE;
#  161|-> 		_alpm_log(handle, ALPM_LOG_DEBUG, "Signature verification will fail!\n");
#  162|   		_alpm_log(handle, ALPM_LOG_WARNING,
#  163|   				_("Public keyring not found; have you run '%s'?\n"),

Error: GCC_ANALYZER_WARNING (CWE-775): [#def560]
pacman-v7.0.0/lib/libalpm/signing.c:162:17: warning[-Wanalyzer-file-leak]: leak of FILE ‘fopen(path, "rb")’
pacman-v7.0.0/lib/libalpm/signing.c:571:5: enter_function: entry to ‘_alpm_gpgme_checksig’
pacman-v7.0.0/lib/libalpm/signing.c:584:11: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/signing.c:588:11: branch_false: following ‘false’ branch (when ‘siglist’ is non-NULL)...
pacman-v7.0.0/lib/libalpm/signing.c:591:9: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/signing.c:593:11: branch_false: following ‘false’ branch (when ‘base64_sig’ is non-NULL)...
pacman-v7.0.0/lib/libalpm/signing.c:604:16: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/signing.c:604:16: acquire_resource: opened here
pacman-v7.0.0/lib/libalpm/signing.c:605:11: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/signing.c:609:12: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/signing.c:609:12: call_function: calling ‘init_gpgme’ from ‘_alpm_gpgme_checksig’
#  160|   		handle->pm_errno = ALPM_ERR_NOT_A_FILE;
#  161|   		_alpm_log(handle, ALPM_LOG_DEBUG, "Signature verification will fail!\n");
#  162|-> 		_alpm_log(handle, ALPM_LOG_WARNING,
#  163|   				_("Public keyring not found; have you run '%s'?\n"),
#  164|   				"pacman-key --init");

Error: GCC_ANALYZER_WARNING (CWE-775): [#def561]
pacman-v7.0.0/lib/libalpm/signing.c:162:17: warning[-Wanalyzer-file-leak]: leak of FILE ‘sigfile’
pacman-v7.0.0/lib/libalpm/signing.c:1011:15: enter_function: entry to ‘alpm_db_check_pgp_signature’
pacman-v7.0.0/lib/libalpm/signing.c:1014:9: branch_false: following ‘false’ branch (when ‘db’ is non-NULL)...
pacman-v7.0.0/lib/libalpm/signing.c:1015:9: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/signing.c:1015:9: branch_false: following ‘false’ branch (when ‘siglist’ is non-NULL)...
pacman-v7.0.0/lib/libalpm/signing.c:1016:9: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/signing.c:1018:16: call_function: calling ‘_alpm_gpgme_checksig’ from ‘alpm_db_check_pgp_signature’
#  160|   		handle->pm_errno = ALPM_ERR_NOT_A_FILE;
#  161|   		_alpm_log(handle, ALPM_LOG_DEBUG, "Signature verification will fail!\n");
#  162|-> 		_alpm_log(handle, ALPM_LOG_WARNING,
#  163|   				_("Public keyring not found; have you run '%s'?\n"),
#  164|   				"pacman-key --init");

Error: GCC_ANALYZER_WARNING (CWE-401): [#def562]
pacman-v7.0.0/lib/libalpm/signing.c:162:17: warning[-Wanalyzer-malloc-leak]: leak of ‘fopen(path, "rb")’
pacman-v7.0.0/lib/libalpm/signing.c:571:5: enter_function: entry to ‘_alpm_gpgme_checksig’
pacman-v7.0.0/lib/libalpm/signing.c:584:11: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/signing.c:588:11: branch_false: following ‘false’ branch (when ‘siglist’ is non-NULL)...
pacman-v7.0.0/lib/libalpm/signing.c:591:9: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/signing.c:593:11: branch_false: following ‘false’ branch (when ‘base64_sig’ is non-NULL)...
pacman-v7.0.0/lib/libalpm/signing.c:604:16: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/signing.c:604:16: acquire_memory: allocated here
pacman-v7.0.0/lib/libalpm/signing.c:605:11: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/signing.c:609:12: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/signing.c:609:12: call_function: calling ‘init_gpgme’ from ‘_alpm_gpgme_checksig’
#  160|   		handle->pm_errno = ALPM_ERR_NOT_A_FILE;
#  161|   		_alpm_log(handle, ALPM_LOG_DEBUG, "Signature verification will fail!\n");
#  162|-> 		_alpm_log(handle, ALPM_LOG_WARNING,
#  163|   				_("Public keyring not found; have you run '%s'?\n"),
#  164|   				"pacman-key --init");

Error: GCC_ANALYZER_WARNING (CWE-401): [#def563]
pacman-v7.0.0/lib/libalpm/signing.c:162:17: warning[-Wanalyzer-malloc-leak]: leak of ‘sigfile’
pacman-v7.0.0/lib/libalpm/signing.c:1011:15: enter_function: entry to ‘alpm_db_check_pgp_signature’
pacman-v7.0.0/lib/libalpm/signing.c:1014:9: branch_false: following ‘false’ branch (when ‘db’ is non-NULL)...
pacman-v7.0.0/lib/libalpm/signing.c:1015:9: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/signing.c:1015:9: branch_false: following ‘false’ branch (when ‘siglist’ is non-NULL)...
pacman-v7.0.0/lib/libalpm/signing.c:1016:9: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/signing.c:1018:16: call_function: calling ‘_alpm_gpgme_checksig’ from ‘alpm_db_check_pgp_signature’
#  160|   		handle->pm_errno = ALPM_ERR_NOT_A_FILE;
#  161|   		_alpm_log(handle, ALPM_LOG_DEBUG, "Signature verification will fail!\n");
#  162|-> 		_alpm_log(handle, ALPM_LOG_WARNING,
#  163|   				_("Public keyring not found; have you run '%s'?\n"),
#  164|   				"pacman-key --init");

Error: GCC_ANALYZER_WARNING (CWE-775): [#def564]
pacman-v7.0.0/lib/libalpm/signing.c:170:9: warning[-Wanalyzer-file-leak]: leak of FILE ‘fopen(path, "rb")’
pacman-v7.0.0/lib/libalpm/signing.c:571:5: enter_function: entry to ‘_alpm_gpgme_checksig’
pacman-v7.0.0/lib/libalpm/signing.c:584:11: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/signing.c:588:11: branch_false: following ‘false’ branch (when ‘siglist’ is non-NULL)...
pacman-v7.0.0/lib/libalpm/signing.c:591:9: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/signing.c:593:11: branch_false: following ‘false’ branch (when ‘base64_sig’ is non-NULL)...
pacman-v7.0.0/lib/libalpm/signing.c:604:16: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/signing.c:604:16: acquire_resource: opened here
pacman-v7.0.0/lib/libalpm/signing.c:605:11: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/signing.c:609:12: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/signing.c:609:12: call_function: calling ‘init_gpgme’ from ‘_alpm_gpgme_checksig’
#  168|   	 * some internal library setup code */
#  169|   	version = gpgme_check_version(NULL);
#  170|-> 	_alpm_log(handle, ALPM_LOG_DEBUG, "GPGME version: %s\n", version);
#  171|   	gpgme_set_locale(NULL, LC_CTYPE, setlocale(LC_CTYPE, NULL));
#  172|   #ifdef LC_MESSAGES

Error: GCC_ANALYZER_WARNING (CWE-775): [#def565]
pacman-v7.0.0/lib/libalpm/signing.c:170:9: warning[-Wanalyzer-file-leak]: leak of FILE ‘sigfile’
pacman-v7.0.0/lib/libalpm/signing.c:1011:15: enter_function: entry to ‘alpm_db_check_pgp_signature’
pacman-v7.0.0/lib/libalpm/signing.c:1014:9: branch_false: following ‘false’ branch (when ‘db’ is non-NULL)...
pacman-v7.0.0/lib/libalpm/signing.c:1015:9: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/signing.c:1015:9: branch_false: following ‘false’ branch (when ‘siglist’ is non-NULL)...
pacman-v7.0.0/lib/libalpm/signing.c:1016:9: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/signing.c:1018:16: call_function: calling ‘_alpm_gpgme_checksig’ from ‘alpm_db_check_pgp_signature’
#  168|   	 * some internal library setup code */
#  169|   	version = gpgme_check_version(NULL);
#  170|-> 	_alpm_log(handle, ALPM_LOG_DEBUG, "GPGME version: %s\n", version);
#  171|   	gpgme_set_locale(NULL, LC_CTYPE, setlocale(LC_CTYPE, NULL));
#  172|   #ifdef LC_MESSAGES

Error: GCC_ANALYZER_WARNING (CWE-401): [#def566]
pacman-v7.0.0/lib/libalpm/signing.c:170:9: warning[-Wanalyzer-malloc-leak]: leak of ‘fopen(path, "rb")’
pacman-v7.0.0/lib/libalpm/signing.c:571:5: enter_function: entry to ‘_alpm_gpgme_checksig’
pacman-v7.0.0/lib/libalpm/signing.c:584:11: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/signing.c:588:11: branch_false: following ‘false’ branch (when ‘siglist’ is non-NULL)...
pacman-v7.0.0/lib/libalpm/signing.c:591:9: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/signing.c:593:11: branch_false: following ‘false’ branch (when ‘base64_sig’ is non-NULL)...
pacman-v7.0.0/lib/libalpm/signing.c:604:16: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/signing.c:604:16: acquire_memory: allocated here
pacman-v7.0.0/lib/libalpm/signing.c:605:11: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/signing.c:609:12: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/signing.c:609:12: call_function: calling ‘init_gpgme’ from ‘_alpm_gpgme_checksig’
#  168|   	 * some internal library setup code */
#  169|   	version = gpgme_check_version(NULL);
#  170|-> 	_alpm_log(handle, ALPM_LOG_DEBUG, "GPGME version: %s\n", version);
#  171|   	gpgme_set_locale(NULL, LC_CTYPE, setlocale(LC_CTYPE, NULL));
#  172|   #ifdef LC_MESSAGES

Error: GCC_ANALYZER_WARNING (CWE-401): [#def567]
pacman-v7.0.0/lib/libalpm/signing.c:170:9: warning[-Wanalyzer-malloc-leak]: leak of ‘sigfile’
pacman-v7.0.0/lib/libalpm/signing.c:1011:15: enter_function: entry to ‘alpm_db_check_pgp_signature’
pacman-v7.0.0/lib/libalpm/signing.c:1014:9: branch_false: following ‘false’ branch (when ‘db’ is non-NULL)...
pacman-v7.0.0/lib/libalpm/signing.c:1015:9: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/signing.c:1015:9: branch_false: following ‘false’ branch (when ‘siglist’ is non-NULL)...
pacman-v7.0.0/lib/libalpm/signing.c:1016:9: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/signing.c:1018:16: call_function: calling ‘_alpm_gpgme_checksig’ from ‘alpm_db_check_pgp_signature’
#  168|   	 * some internal library setup code */
#  169|   	version = gpgme_check_version(NULL);
#  170|-> 	_alpm_log(handle, ALPM_LOG_DEBUG, "GPGME version: %s\n", version);
#  171|   	gpgme_set_locale(NULL, LC_CTYPE, setlocale(LC_CTYPE, NULL));
#  172|   #ifdef LC_MESSAGES

Error: GCC_ANALYZER_WARNING (CWE-775): [#def568]
pacman-v7.0.0/lib/libalpm/signing.c:171:9: warning[-Wanalyzer-file-leak]: leak of FILE ‘fopen(path, "rb")’
pacman-v7.0.0/lib/libalpm/signing.c:571:5: enter_function: entry to ‘_alpm_gpgme_checksig’
pacman-v7.0.0/lib/libalpm/signing.c:584:11: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/signing.c:588:11: branch_false: following ‘false’ branch (when ‘siglist’ is non-NULL)...
pacman-v7.0.0/lib/libalpm/signing.c:591:9: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/signing.c:593:11: branch_false: following ‘false’ branch (when ‘base64_sig’ is non-NULL)...
pacman-v7.0.0/lib/libalpm/signing.c:604:16: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/signing.c:604:16: acquire_resource: opened here
pacman-v7.0.0/lib/libalpm/signing.c:605:11: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/signing.c:609:12: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/signing.c:609:12: call_function: calling ‘init_gpgme’ from ‘_alpm_gpgme_checksig’
#  169|   	version = gpgme_check_version(NULL);
#  170|   	_alpm_log(handle, ALPM_LOG_DEBUG, "GPGME version: %s\n", version);
#  171|-> 	gpgme_set_locale(NULL, LC_CTYPE, setlocale(LC_CTYPE, NULL));
#  172|   #ifdef LC_MESSAGES
#  173|   	gpgme_set_locale(NULL, LC_MESSAGES, setlocale(LC_MESSAGES, NULL));

Error: GCC_ANALYZER_WARNING (CWE-401): [#def569]
pacman-v7.0.0/lib/libalpm/signing.c:171:9: warning[-Wanalyzer-malloc-leak]: leak of ‘fopen(path, "rb")’
pacman-v7.0.0/lib/libalpm/signing.c:571:5: enter_function: entry to ‘_alpm_gpgme_checksig’
pacman-v7.0.0/lib/libalpm/signing.c:584:11: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/signing.c:588:11: branch_false: following ‘false’ branch (when ‘siglist’ is non-NULL)...
pacman-v7.0.0/lib/libalpm/signing.c:591:9: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/signing.c:593:11: branch_false: following ‘false’ branch (when ‘base64_sig’ is non-NULL)...
pacman-v7.0.0/lib/libalpm/signing.c:604:16: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/signing.c:604:16: acquire_memory: allocated here
pacman-v7.0.0/lib/libalpm/signing.c:605:11: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/signing.c:609:12: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/signing.c:609:12: call_function: calling ‘init_gpgme’ from ‘_alpm_gpgme_checksig’
#  169|   	version = gpgme_check_version(NULL);
#  170|   	_alpm_log(handle, ALPM_LOG_DEBUG, "GPGME version: %s\n", version);
#  171|-> 	gpgme_set_locale(NULL, LC_CTYPE, setlocale(LC_CTYPE, NULL));
#  172|   #ifdef LC_MESSAGES
#  173|   	gpgme_set_locale(NULL, LC_MESSAGES, setlocale(LC_MESSAGES, NULL));

Error: GCC_ANALYZER_WARNING (CWE-775): [#def570]
pacman-v7.0.0/lib/libalpm/signing.c:173:9: warning[-Wanalyzer-file-leak]: leak of FILE ‘fopen(path, "rb")’
pacman-v7.0.0/lib/libalpm/signing.c:571:5: enter_function: entry to ‘_alpm_gpgme_checksig’
pacman-v7.0.0/lib/libalpm/signing.c:584:11: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/signing.c:588:11: branch_false: following ‘false’ branch (when ‘siglist’ is non-NULL)...
pacman-v7.0.0/lib/libalpm/signing.c:591:9: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/signing.c:593:11: branch_false: following ‘false’ branch (when ‘base64_sig’ is non-NULL)...
pacman-v7.0.0/lib/libalpm/signing.c:604:16: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/signing.c:604:16: acquire_resource: opened here
pacman-v7.0.0/lib/libalpm/signing.c:605:11: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/signing.c:609:12: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/signing.c:609:12: call_function: calling ‘init_gpgme’ from ‘_alpm_gpgme_checksig’
#  171|   	gpgme_set_locale(NULL, LC_CTYPE, setlocale(LC_CTYPE, NULL));
#  172|   #ifdef LC_MESSAGES
#  173|-> 	gpgme_set_locale(NULL, LC_MESSAGES, setlocale(LC_MESSAGES, NULL));
#  174|   #endif
#  175|   	/* NOTE:

Error: GCC_ANALYZER_WARNING (CWE-401): [#def571]
pacman-v7.0.0/lib/libalpm/signing.c:173:9: warning[-Wanalyzer-malloc-leak]: leak of ‘fopen(path, "rb")’
pacman-v7.0.0/lib/libalpm/signing.c:571:5: enter_function: entry to ‘_alpm_gpgme_checksig’
pacman-v7.0.0/lib/libalpm/signing.c:584:11: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/signing.c:588:11: branch_false: following ‘false’ branch (when ‘siglist’ is non-NULL)...
pacman-v7.0.0/lib/libalpm/signing.c:591:9: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/signing.c:593:11: branch_false: following ‘false’ branch (when ‘base64_sig’ is non-NULL)...
pacman-v7.0.0/lib/libalpm/signing.c:604:16: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/signing.c:604:16: acquire_memory: allocated here
pacman-v7.0.0/lib/libalpm/signing.c:605:11: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/signing.c:609:12: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/signing.c:609:12: call_function: calling ‘init_gpgme’ from ‘_alpm_gpgme_checksig’
#  171|   	gpgme_set_locale(NULL, LC_CTYPE, setlocale(LC_CTYPE, NULL));
#  172|   #ifdef LC_MESSAGES
#  173|-> 	gpgme_set_locale(NULL, LC_MESSAGES, setlocale(LC_MESSAGES, NULL));
#  174|   #endif
#  175|   	/* NOTE:

Error: COMPILER_WARNING (CWE-1023): [#def572]
pacman-v7.0.0/lib/libalpm/signing.c: scope_hint: In function ‘key_search_keyserver’
pacman-v7.0.0/lib/libalpm/signing.c:378:9: warning[-Wswitch]: enumeration value ‘GPGME_PK_KYBER’ not handled in switch
#  378 |         switch(key->subkeys->pubkey_algo) {
#      |         ^~~~~~
#  376|   	pgpkey->pubkey_algo = '?';
#  377|   
#  378|-> 	switch(key->subkeys->pubkey_algo) {
#  379|   		case GPGME_PK_RSA:
#  380|   		case GPGME_PK_RSA_E:

Error: GCC_ANALYZER_WARNING (CWE-401): [#def573]
pacman-v7.0.0/lib/libalpm/signing.c:584:21: warning[-Wanalyzer-malloc-leak]: leak of ‘siglist’
pacman-v7.0.0/lib/libalpm/signing.c:837:5: enter_function: entry to ‘_alpm_check_pgp_helper’
pacman-v7.0.0/lib/libalpm/signing.c:844:9: acquire_memory: allocated here
pacman-v7.0.0/lib/libalpm/signing.c:844:9: branch_false: following ‘false’ branch (when ‘siglist’ is non-NULL)...
pacman-v7.0.0/lib/libalpm/signing.c:847:15: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/signing.c:847:15: call_function: calling ‘_alpm_gpgme_checksig’ from ‘_alpm_check_pgp_helper’
#  582|   	FILE *file = NULL, *sigfile = NULL;
#  583|   
#  584|-> 	if(!path || _alpm_access(handle, NULL, path, R_OK) != 0) {
#  585|   		RET_ERR(handle, ALPM_ERR_NOT_A_FILE, -1);
#  586|   	}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def574]
pacman-v7.0.0/lib/libalpm/signing.c:585:17: warning[-Wanalyzer-malloc-leak]: leak of ‘siglist’
pacman-v7.0.0/lib/libalpm/signing.c:837:5: enter_function: entry to ‘_alpm_check_pgp_helper’
pacman-v7.0.0/lib/libalpm/signing.c:844:9: acquire_memory: allocated here
pacman-v7.0.0/lib/libalpm/signing.c:844:9: branch_false: following ‘false’ branch (when ‘siglist’ is non-NULL)...
pacman-v7.0.0/lib/libalpm/signing.c:847:15: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/signing.c:847:15: call_function: calling ‘_alpm_gpgme_checksig’ from ‘_alpm_check_pgp_helper’
#  583|   
#  584|   	if(!path || _alpm_access(handle, NULL, path, R_OK) != 0) {
#  585|-> 		RET_ERR(handle, ALPM_ERR_NOT_A_FILE, -1);
#  586|   	}
#  587|   

Error: GCC_ANALYZER_WARNING (CWE-401): [#def575]
pacman-v7.0.0/lib/libalpm/signing.c:595:20: warning[-Wanalyzer-malloc-leak]: leak of ‘siglist’
pacman-v7.0.0/lib/libalpm/signing.c:837:5: enter_function: entry to ‘_alpm_check_pgp_helper’
pacman-v7.0.0/lib/libalpm/signing.c:844:9: acquire_memory: allocated here
pacman-v7.0.0/lib/libalpm/signing.c:844:9: branch_false: following ‘false’ branch (when ‘siglist’ is non-NULL)...
pacman-v7.0.0/lib/libalpm/signing.c:847:15: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/signing.c:847:15: call_function: calling ‘_alpm_gpgme_checksig’ from ‘_alpm_check_pgp_helper’
#  593|   	if(!base64_sig) {
#  594|   		sigpath = _alpm_sigpath(handle, path);
#  595|-> 		if(_alpm_access(handle, NULL, sigpath, R_OK) != 0
#  596|   				|| (sigfile = fopen(sigpath, "rb")) == NULL) {
#  597|   			_alpm_log(handle, ALPM_LOG_DEBUG, "sig path %s could not be opened\n",

Error: GCC_ANALYZER_WARNING (CWE-775): [#def576]
pacman-v7.0.0/lib/libalpm/signing.c:606:17: warning[-Wanalyzer-file-leak]: leak of FILE ‘sigfile’
pacman-v7.0.0/lib/libalpm/signing.c:571:5: enter_function: entry to ‘_alpm_gpgme_checksig’
pacman-v7.0.0/lib/libalpm/signing.c:584:11: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/signing.c:588:11: branch_false: following ‘false’ branch (when ‘siglist’ is non-NULL)...
pacman-v7.0.0/lib/libalpm/signing.c:591:9: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/signing.c:593:11: branch_true: following ‘true’ branch (when ‘base64_sig’ is NULL)...
pacman-v7.0.0/lib/libalpm/signing.c:594:27: branch_true: ...to here
pacman-v7.0.0/lib/libalpm/signing.c:594:27: call_function: calling ‘_alpm_sigpath’ from ‘_alpm_gpgme_checksig’
pacman-v7.0.0/lib/libalpm/signing.c:594:27: return_function: returning to ‘_alpm_gpgme_checksig’ from ‘_alpm_sigpath’
pacman-v7.0.0/lib/libalpm/signing.c:595:19: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/signing.c:596:47: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/signing.c:596:47: acquire_resource: opened here
pacman-v7.0.0/lib/libalpm/signing.c:595:20: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/signing.c:604:16: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/signing.c:605:11: branch_true: following ‘true’ branch...
pacman-v7.0.0/lib/libalpm/signing.c:606:17: branch_true: ...to here
pacman-v7.0.0/lib/libalpm/signing.c:606:17: danger: ‘sigfile’ leaks here; was opened at [(17)](sarif:/runs/0/results/28/codeFlows/0/threadFlows/0/locations/16)
#  604|   	file = fopen(path, "rb");
#  605|   	if(file == NULL) {
#  606|-> 		GOTO_ERR(handle, ALPM_ERR_NOT_A_FILE, error);
#  607|   	}
#  608|   

Error: GCC_ANALYZER_WARNING (CWE-401): [#def577]
pacman-v7.0.0/lib/libalpm/signing.c:606:17: warning[-Wanalyzer-malloc-leak]: leak of ‘sigfile’
pacman-v7.0.0/lib/libalpm/signing.c:571:5: enter_function: entry to ‘_alpm_gpgme_checksig’
pacman-v7.0.0/lib/libalpm/signing.c:584:11: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/signing.c:588:11: branch_false: following ‘false’ branch (when ‘siglist’ is non-NULL)...
pacman-v7.0.0/lib/libalpm/signing.c:591:9: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/signing.c:593:11: branch_true: following ‘true’ branch (when ‘base64_sig’ is NULL)...
pacman-v7.0.0/lib/libalpm/signing.c:594:27: branch_true: ...to here
pacman-v7.0.0/lib/libalpm/signing.c:594:27: call_function: calling ‘_alpm_sigpath’ from ‘_alpm_gpgme_checksig’
pacman-v7.0.0/lib/libalpm/signing.c:594:27: return_function: returning to ‘_alpm_gpgme_checksig’ from ‘_alpm_sigpath’
pacman-v7.0.0/lib/libalpm/signing.c:595:19: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/signing.c:596:47: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/signing.c:596:47: acquire_memory: allocated here
pacman-v7.0.0/lib/libalpm/signing.c:595:20: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/signing.c:604:16: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/signing.c:605:11: branch_true: following ‘true’ branch...
pacman-v7.0.0/lib/libalpm/signing.c:606:17: branch_true: ...to here
pacman-v7.0.0/lib/libalpm/signing.c:606:17: danger: ‘sigfile’ leaks here; was allocated at [(17)](sarif:/runs/0/results/29/codeFlows/0/threadFlows/0/locations/16)
#  604|   	file = fopen(path, "rb");
#  605|   	if(file == NULL) {
#  606|-> 		GOTO_ERR(handle, ALPM_ERR_NOT_A_FILE, error);
#  607|   	}
#  608|   

Error: GCC_ANALYZER_WARNING (CWE-401): [#def578]
pacman-v7.0.0/lib/libalpm/signing.c:818:9: warning[-Wanalyzer-malloc-leak]: leak of ‘siglist’
pacman-v7.0.0/lib/libalpm/signing.c:837:5: enter_function: entry to ‘_alpm_check_pgp_helper’
pacman-v7.0.0/lib/libalpm/signing.c:844:9: acquire_memory: allocated here
pacman-v7.0.0/lib/libalpm/signing.c:844:9: branch_false: following ‘false’ branch (when ‘siglist’ is non-NULL)...
pacman-v7.0.0/lib/libalpm/signing.c:847:15: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/signing.c:847:15: call_function: calling ‘_alpm_gpgme_checksig’ from ‘_alpm_check_pgp_helper’
#  816|   	}
#  817|   	len = strlen(path) + 5;
#  818|-> 	CALLOC(sigpath, len, sizeof(char), RET_ERR(handle, ALPM_ERR_MEMORY, NULL));
#  819|   	snprintf(sigpath, len, "%s.sig", path);
#  820|   	return sigpath;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def579]
pacman-v7.0.0/lib/libalpm/signing.c:1090:33: warning[-Wanalyzer-malloc-leak]: leak of ‘strdup(&key)’
pacman-v7.0.0/lib/libalpm/signing.c:1063:23: branch_true: following ‘true’ branch...
pacman-v7.0.0/lib/libalpm/signing.c:1064:31: branch_true: ...to here
pacman-v7.0.0/lib/libalpm/signing.c:1080:27: branch_true: following ‘true’ branch...
pacman-v7.0.0/lib/libalpm/signing.c:1084:36: branch_true: ...to here
pacman-v7.0.0/lib/libalpm/signing.c:1084:35: branch_false: following ‘false’ branch...
 branch_false: ...to here
pacman-v7.0.0/lib/libalpm/signing.c:1087:45: branch_true: following ‘true’ branch (when ‘i != 8’)...
pacman-v7.0.0/lib/libalpm/signing.c:1088:78: branch_true: ...to here
pacman-v7.0.0/lib/libalpm/signing.c:1090:62: acquire_memory: allocated here
pacman-v7.0.0/lib/libalpm/signing.c:1090:33: danger: ‘strdup(&key)’ leaks here; was allocated at [(9)](sarif:/runs/0/results/35/codeFlows/0/threadFlows/0/locations/8)
# 1088|   					snprintf(&key[i * 2], 3, "%02X", sig[spos + i + 1]);
# 1089|   				}
# 1090|-> 				*keys = alpm_list_add(*keys, strdup(key));
# 1091|   				break;
# 1092|   			}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def580]
pacman-v7.0.0/lib/libalpm/sync.c:943:66: warning[-Wanalyzer-malloc-leak]: leak of ‘<unknown>’
pacman-v7.0.0/lib/libalpm/sync.c:910:37: branch_true: following ‘true’ branch (when ‘i’ is non-NULL)...
pacman-v7.0.0/lib/libalpm/sync.c:911:29: branch_true: ...to here
pacman-v7.0.0/lib/libalpm/sync.c:918:19: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/sync.c:922:25: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/sync.c:923:19: branch_true: following ‘true’ branch...
pacman-v7.0.0/lib/libalpm/sync.c:924:40: branch_true: ...to here
pacman-v7.0.0/lib/libalpm/sync.c:927:27: branch_true: following ‘true’ branch...
pacman-v7.0.0/lib/libalpm/sync.c:928:46: branch_true: ...to here
pacman-v7.0.0/lib/libalpm/sync.c:929:35: branch_true: following ‘true’ branch...
pacman-v7.0.0/lib/libalpm/sync.c:932:45: branch_true: ...to here
pacman-v7.0.0/lib/libalpm/sync.c:932:55: branch_true: following ‘true’ branch (when ‘k’ is non-NULL)...
pacman-v7.0.0/lib/libalpm/sync.c:933:55: branch_true: ...to here
pacman-v7.0.0/lib/libalpm/sync.c:935:51: branch_true: following ‘true’ branch...
pacman-v7.0.0/lib/libalpm/sync.c:936:65: branch_true: ...to here
pacman-v7.0.0/lib/libalpm/sync.c:935:52: branch_true: following ‘true’ branch...
pacman-v7.0.0/lib/libalpm/sync.c:937:67: branch_true: ...to here
pacman-v7.0.0/lib/libalpm/sync.c:938:59: branch_false: following ‘false’ branch (when ‘keyinfo’ is non-NULL)...
pacman-v7.0.0/lib/libalpm/sync.c:941:79: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/sync.c:941:72: acquire_memory: allocated here
pacman-v7.0.0/lib/libalpm/sync.c:943:66: danger: ‘<unknown>’ leaks here; was allocated at [(19)](sarif:/runs/0/results/0/codeFlows/0/threadFlows/0/locations/18)
#  941|   							keyinfo->uid = strdup(pkg->packager);
#  942|   							keyinfo->keyid = strdup(key);
#  943|-> 							errors = alpm_list_add(errors, keyinfo);
#  944|   						}
#  945|   					}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def581]
pacman-v7.0.0/lib/libalpm/sync.c:943:66: warning[-Wanalyzer-malloc-leak]: leak of ‘keyinfo’
pacman-v7.0.0/lib/libalpm/sync.c:910:37: branch_true: following ‘true’ branch (when ‘i’ is non-NULL)...
pacman-v7.0.0/lib/libalpm/sync.c:911:29: branch_true: ...to here
pacman-v7.0.0/lib/libalpm/sync.c:918:19: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/sync.c:922:25: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/sync.c:923:19: branch_true: following ‘true’ branch...
pacman-v7.0.0/lib/libalpm/sync.c:924:40: branch_true: ...to here
pacman-v7.0.0/lib/libalpm/sync.c:927:27: branch_true: following ‘true’ branch...
pacman-v7.0.0/lib/libalpm/sync.c:928:46: branch_true: ...to here
pacman-v7.0.0/lib/libalpm/sync.c:929:35: branch_true: following ‘true’ branch...
pacman-v7.0.0/lib/libalpm/sync.c:932:45: branch_true: ...to here
pacman-v7.0.0/lib/libalpm/sync.c:932:55: branch_true: following ‘true’ branch (when ‘k’ is non-NULL)...
pacman-v7.0.0/lib/libalpm/sync.c:933:55: branch_true: ...to here
pacman-v7.0.0/lib/libalpm/sync.c:935:51: branch_true: following ‘true’ branch...
pacman-v7.0.0/lib/libalpm/sync.c:936:65: branch_true: ...to here
pacman-v7.0.0/lib/libalpm/sync.c:935:52: branch_true: following ‘true’ branch...
pacman-v7.0.0/lib/libalpm/sync.c:937:67: branch_true: ...to here
pacman-v7.0.0/lib/libalpm/sync.c:937:67: acquire_memory: allocated here
pacman-v7.0.0/lib/libalpm/sync.c:938:59: branch_false: following ‘false’ branch (when ‘keyinfo’ is non-NULL)...
pacman-v7.0.0/lib/libalpm/sync.c:941:79: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/sync.c:943:66: danger: ‘keyinfo’ leaks here; was allocated at [(17)](sarif:/runs/0/results/1/codeFlows/0/threadFlows/0/locations/16)
#  941|   							keyinfo->uid = strdup(pkg->packager);
#  942|   							keyinfo->keyid = strdup(key);
#  943|-> 							errors = alpm_list_add(errors, keyinfo);
#  944|   						}
#  945|   					}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def582]
pacman-v7.0.0/lib/libalpm/sync.c:1032:34: warning[-Wanalyzer-malloc-leak]: leak of ‘invalid’
pacman-v7.0.0/lib/libalpm/sync.c:1005:37: branch_true: following ‘true’ branch (when ‘i’ is non-NULL)...
pacman-v7.0.0/lib/libalpm/sync.c:1006:39: branch_true: ...to here
pacman-v7.0.0/lib/libalpm/sync.c:1011:19: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/sync.c:1015:34: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/sync.c:1018:19: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/sync.c:1024:30: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/sync.c:1026:19: branch_true: following ‘true’ branch...
pacman-v7.0.0/lib/libalpm/sync.c:1029:35: branch_true: ...to here
pacman-v7.0.0/lib/libalpm/sync.c:1030:25: acquire_memory: allocated here
pacman-v7.0.0/lib/libalpm/sync.c:1030:25: branch_false: following ‘false’ branch (when ‘invalid’ is non-NULL)...
pacman-v7.0.0/lib/libalpm/sync.c:1031:25: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/sync.c:1032:34: danger: ‘invalid’ leaks here; was allocated at [(9)](sarif:/runs/0/results/2/codeFlows/0/threadFlows/0/locations/8)
# 1030|   			MALLOC(invalid, sizeof(struct validity), return -1);
# 1031|   			memcpy(invalid, &v, sizeof(struct validity));
# 1032|-> 			errors = alpm_list_add(errors, invalid);
# 1033|   		} else {
# 1034|   			alpm_siglist_cleanup(v.siglist);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def583]
pacman-v7.0.0/lib/libalpm/sync.c:1205:25: warning[-Wanalyzer-malloc-leak]: leak of ‘strdup(*spkg.filename)’
pacman-v7.0.0/lib/libalpm/sync.c:1169:37: branch_true: following ‘true’ branch (when ‘i’ is non-NULL)...
pacman-v7.0.0/lib/libalpm/sync.c:1171:29: branch_true: ...to here
pacman-v7.0.0/lib/libalpm/sync.c:1177:19: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/sync.c:1181:34: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/sync.c:1184:19: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/sync.c:1193:17: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/sync.c:1197:19: branch_true: following ‘true’ branch...
pacman-v7.0.0/lib/libalpm/sync.c:1198:25: branch_true: ...to here
pacman-v7.0.0/lib/libalpm/sync.c:1205:54: acquire_memory: allocated here
pacman-v7.0.0/lib/libalpm/sync.c:1205:25: danger: ‘strdup(*spkg.filename)’ leaks here; was allocated at [(9)](sarif:/runs/0/results/3/codeFlows/0/threadFlows/0/locations/8)
# 1203|   		if(error != 0) {
# 1204|   			errors++;
# 1205|-> 			*data = alpm_list_add(*data, strdup(spkg->filename));
# 1206|   			delete = alpm_list_add(delete, filepath);
# 1207|   			_alpm_pkg_free(pkgfile);

Error: GCC_ANALYZER_WARNING (CWE-775): [#def584]
pacman-v7.0.0/lib/libalpm/trans.c:320:20: warning[-Wanalyzer-file-leak]: leak of FILE ‘fopen(fn, "r")’
pacman-v7.0.0/lib/libalpm/trans.c:315:18: acquire_resource: opened here
pacman-v7.0.0/lib/libalpm/trans.c:315:11: branch_false: following ‘false’ branch...
 branch_false: ...to here
pacman-v7.0.0/lib/libalpm/trans.c:318:15: branch_true: following ‘true’ branch...
pacman-v7.0.0/lib/libalpm/trans.c:320:20: branch_true: ...to here
pacman-v7.0.0/lib/libalpm/trans.c:320:20: danger: ‘fopen(fn, "r")’ leaks here; was opened at [(1)](sarif:/runs/0/results/0/codeFlows/0/threadFlows/0/locations/0)
#  318|   	while(!feof(fp)) {
#  319|   		char line[1024];
#  320|-> 		if(safe_fgets(line, sizeof(line), fp) == NULL) {
#  321|   			continue;
#  322|   		}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def585]
pacman-v7.0.0/lib/libalpm/trans.c:320:20: warning[-Wanalyzer-malloc-leak]: leak of ‘fopen(fn, "r")’
pacman-v7.0.0/lib/libalpm/trans.c:315:18: acquire_memory: allocated here
pacman-v7.0.0/lib/libalpm/trans.c:315:11: branch_false: following ‘false’ branch...
 branch_false: ...to here
pacman-v7.0.0/lib/libalpm/trans.c:318:15: branch_true: following ‘true’ branch...
pacman-v7.0.0/lib/libalpm/trans.c:320:20: branch_true: ...to here
pacman-v7.0.0/lib/libalpm/trans.c:320:20: danger: ‘fopen(fn, "r")’ leaks here; was allocated at [(1)](sarif:/runs/0/results/1/codeFlows/0/threadFlows/0/locations/0)
#  318|   	while(!feof(fp)) {
#  319|   		char line[1024];
#  320|-> 		if(safe_fgets(line, sizeof(line), fp) == NULL) {
#  321|   			continue;
#  322|   		}

Error: CPPCHECK_WARNING (CWE-476): [#def586]
pacman-v7.0.0/lib/libalpm/util.c:118: warning[nullPointer]: Possible null pointer dereference: ptr
#  116|   	oldmask = umask(0000);
#  117|   
#  118|-> 	for(ptr = str; *ptr; ptr++) {
#  119|   		/* detect mid-path condition and zero length paths */
#  120|   		if(*ptr != '/' || ptr == str || ptr[-1] == '/') {

Error: GCC_ANALYZER_WARNING (CWE-476): [#def587]
pacman-v7.0.0/lib/libalpm/util.c:118:24: warning[-Wanalyzer-null-dereference]: dereference of NULL ‘ptr’
pacman-v7.0.0/lib/libalpm/util.c:114:9: branch_false: following ‘false’ branch (when ‘path’ is NULL)...
pacman-v7.0.0/lib/libalpm/util.c:116:19: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/util.c:118:24: danger: dereference of NULL ‘ptr’
#  116|   	oldmask = umask(0000);
#  117|   
#  118|-> 	for(ptr = str; *ptr; ptr++) {
#  119|   		/* detect mid-path condition and zero length paths */
#  120|   		if(*ptr != '/' || ptr == str || ptr[-1] == '/') {

Error: GCC_ANALYZER_WARNING (CWE-401): [#def588]
pacman-v7.0.0/lib/libalpm/util.c:162:9: warning[-Wanalyzer-malloc-leak]: leak of ‘buf’
pacman-v7.0.0/lib/libalpm/util.c:160:9: acquire_memory: allocated here
pacman-v7.0.0/lib/libalpm/util.c:160:9: branch_false: following ‘false’ branch (when ‘buf’ is non-NULL)...
 branch_false: ...to here
pacman-v7.0.0/lib/libalpm/util.c:162:9: danger: ‘buf’ leaks here; was allocated at [(1)](sarif:/runs/0/results/2/codeFlows/0/threadFlows/0/locations/0)
#  160|   	MALLOC(buf, (size_t)ALPM_BUFFER_SIZE, return 1);
#  161|   
#  162|-> 	OPEN(in, src, O_RDONLY | O_CLOEXEC);
#  163|   	do {
#  164|   		out = open(dest, O_WRONLY | O_CREAT | O_BINARY | O_CLOEXEC, 0000);

Error: GCC_ANALYZER_WARNING (CWE-775): [#def589]
pacman-v7.0.0/lib/libalpm/util.c:164:23: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘<unknown>’
pacman-v7.0.0/lib/libalpm/util.c:160:9: branch_false: following ‘false’ branch (when ‘buf’ is non-NULL)...
 branch_false: ...to here
pacman-v7.0.0/lib/libalpm/util.c:162:9: acquire_resource: opened here
pacman-v7.0.0/lib/libalpm/util.c:164:23: danger: ‘<unknown>’ leaks here; was opened at [(3)](sarif:/runs/0/results/3/codeFlows/0/threadFlows/0/locations/2)
#  162|   	OPEN(in, src, O_RDONLY | O_CLOEXEC);
#  163|   	do {
#  164|-> 		out = open(dest, O_WRONLY | O_CREAT | O_BINARY | O_CLOEXEC, 0000);
#  165|   	} while(out == -1 && errno == EINTR);
#  166|   	if(in < 0 || out < 0) {

Error: GCC_ANALYZER_WARNING (CWE-401): [#def590]
pacman-v7.0.0/lib/libalpm/util.c:164:23: warning[-Wanalyzer-malloc-leak]: leak of ‘buf’
pacman-v7.0.0/lib/libalpm/util.c:160:9: acquire_memory: allocated here
pacman-v7.0.0/lib/libalpm/util.c:160:9: branch_false: following ‘false’ branch (when ‘buf’ is non-NULL)...
 branch_false: ...to here
pacman-v7.0.0/lib/libalpm/util.c:164:23: danger: ‘buf’ leaks here; was allocated at [(1)](sarif:/runs/0/results/4/codeFlows/0/threadFlows/0/locations/0)
#  162|   	OPEN(in, src, O_RDONLY | O_CLOEXEC);
#  163|   	do {
#  164|-> 		out = open(dest, O_WRONLY | O_CREAT | O_BINARY | O_CLOEXEC, 0000);
#  165|   	} while(out == -1 && errno == EINTR);
#  166|   	if(in < 0 || out < 0) {

Error: GCC_ANALYZER_WARNING (CWE-401): [#def591]
pacman-v7.0.0/lib/libalpm/util.c:181:34: warning[-Wanalyzer-malloc-leak]: leak of ‘buf’
pacman-v7.0.0/lib/libalpm/util.c:160:9: acquire_memory: allocated here
pacman-v7.0.0/lib/libalpm/util.c:160:9: branch_false: following ‘false’ branch (when ‘buf’ is non-NULL)...
 branch_false: ...to here
pacman-v7.0.0/lib/libalpm/util.c:166:11: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/util.c:170:12: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/util.c:170:11: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/util.c:177:19: branch_false: following ‘false’ branch...
 branch_false: ...to here
pacman-v7.0.0/lib/libalpm/util.c:181:34: danger: ‘buf’ leaks here; was allocated at [(1)](sarif:/runs/0/results/5/codeFlows/0/threadFlows/0/locations/0)
#  179|   		}
#  180|   		do {
#  181|-> 			nwrite = write(out, buf + nwrite, nread);
#  182|   			if(nwrite >= 0) {
#  183|   				nread -= nwrite;

Error: GCC_ANALYZER_WARNING (CWE-775): [#def592]
pacman-v7.0.0/lib/libalpm/util.c:193:11: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘<unknown>’
pacman-v7.0.0/lib/libalpm/util.c:160:9: branch_false: following ‘false’ branch (when ‘buf’ is non-NULL)...
 branch_false: ...to here
pacman-v7.0.0/lib/libalpm/util.c:162:9: acquire_resource: opened here
pacman-v7.0.0/lib/libalpm/util.c:166:11: branch_true: following ‘true’ branch...
pacman-v7.0.0/lib/libalpm/util.c:167:17: branch_true: ...to here
pacman-v7.0.0/lib/libalpm/util.c:193:11: danger: ‘<unknown>’ leaks here; was opened at [(3)](sarif:/runs/0/results/6/codeFlows/0/threadFlows/0/locations/2)
#  191|   cleanup:
#  192|   	free(buf);
#  193|-> 	if(in >= 0) {
#  194|   		close(in);
#  195|   	}

Error: GCC_ANALYZER_WARNING (CWE-775): [#def593]
pacman-v7.0.0/lib/libalpm/util.c:194:17: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘<unknown>’
pacman-v7.0.0/lib/libalpm/util.c:160:9: branch_false: following ‘false’ branch (when ‘buf’ is non-NULL)...
 branch_false: ...to here
pacman-v7.0.0/lib/libalpm/util.c:162:9: acquire_resource: opened here
pacman-v7.0.0/lib/libalpm/util.c:166:11: branch_true: following ‘true’ branch...
pacman-v7.0.0/lib/libalpm/util.c:167:17: branch_true: ...to here
pacman-v7.0.0/lib/libalpm/util.c:193:11: branch_true: following ‘true’ branch...
pacman-v7.0.0/lib/libalpm/util.c:194:17: branch_true: ...to here
pacman-v7.0.0/lib/libalpm/util.c:194:17: danger: ‘<unknown>’ leaks here; was opened at [(3)](sarif:/runs/0/results/7/codeFlows/0/threadFlows/0/locations/2)
#  192|   	free(buf);
#  193|   	if(in >= 0) {
#  194|-> 		close(in);
#  195|   	}
#  196|   	if(out >= 0) {

Error: GCC_ANALYZER_WARNING (CWE-775): [#def594]
pacman-v7.0.0/lib/libalpm/util.c:272:17: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘<unknown>’
pacman-v7.0.0/lib/libalpm/util.c:255:5: enter_function: entry to ‘_alpm_open_archive’
pacman-v7.0.0/lib/libalpm/util.c:262:11: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/util.c:266:9: call_function: inlined call to ‘_alpm_archive_read_support_filter_all’ from ‘_alpm_open_archive’
pacman-v7.0.0/lib/libalpm/util.c:270:9: acquire_resource: opened here
pacman-v7.0.0/lib/libalpm/util.c:271:11: branch_true: following ‘true’ branch...
pacman-v7.0.0/lib/libalpm/util.c:272:17: branch_true: ...to here
pacman-v7.0.0/lib/libalpm/util.c:272:17: danger: ‘<unknown>’ leaks here; was opened at [(5)](sarif:/runs/0/results/8/codeFlows/0/threadFlows/0/locations/4)
#  270|   	OPEN(fd, path, O_RDONLY | O_CLOEXEC);
#  271|   	if(fd < 0) {
#  272|-> 		_alpm_log(handle, ALPM_LOG_ERROR,
#  273|   				_("could not open file %s: %s\n"), path, strerror(errno));
#  274|   		goto error;

Error: GCC_ANALYZER_WARNING (CWE-775): [#def595]
pacman-v7.0.0/lib/libalpm/util.c:299:11: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘<unknown>’
pacman-v7.0.0/lib/libalpm/util.c:255:5: enter_function: entry to ‘_alpm_open_archive’
pacman-v7.0.0/lib/libalpm/util.c:262:11: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/util.c:266:9: call_function: inlined call to ‘_alpm_archive_read_support_filter_all’ from ‘_alpm_open_archive’
pacman-v7.0.0/lib/libalpm/util.c:270:9: acquire_resource: opened here
pacman-v7.0.0/lib/libalpm/util.c:271:11: branch_true: following ‘true’ branch...
pacman-v7.0.0/lib/libalpm/util.c:272:17: branch_true: ...to here
pacman-v7.0.0/lib/libalpm/util.c:299:11: danger: ‘<unknown>’ leaks here; was opened at [(5)](sarif:/runs/0/results/9/codeFlows/0/threadFlows/0/locations/4)
#  297|   	_alpm_archive_read_free(*archive);
#  298|   	*archive = NULL;
#  299|-> 	if(fd >= 0) {
#  300|   		close(fd);
#  301|   	}

Error: CPPCHECK_WARNING (CWE-476): [#def596]
pacman-v7.0.0/lib/libalpm/util.c:380: warning[nullPointer]: Possible null pointer dereference: entry_prefix
#  378|   			char *entry_prefix = NULL;
#  379|   			STRDUP(entry_prefix, entryname, ret = 1; goto cleanup);
#  380|-> 			char *p = strstr(entry_prefix,"/");
#  381|   			if(p) {
#  382|   				*(p + 1) = '\0';

Error: GCC_ANALYZER_WARNING (CWE-401): [#def597]
pacman-v7.0.0/lib/libalpm/util.c:460:22: warning[-Wanalyzer-malloc-leak]: leak of ‘opendir(path)’
pacman-v7.0.0/lib/libalpm/util.c:449:20: acquire_memory: allocated here
pacman-v7.0.0/lib/libalpm/util.c:451:11: branch_false: following ‘false’ branch...
 branch_false: ...to here
pacman-v7.0.0/lib/libalpm/util.c:460:22: danger: ‘opendir(path)’ leaks here; was allocated at [(1)](sarif:/runs/0/results/10/codeFlows/0/threadFlows/0/locations/0)
#  458|   		return -1;
#  459|   	}
#  460|-> 	while((ent = readdir(dir)) != NULL) {
#  461|   		const char *name = ent->d_name;
#  462|   

Error: GCC_ANALYZER_WARNING (CWE-775): [#def598]
pacman-v7.0.0/lib/libalpm/util.c:496:33: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘<unknown>’
pacman-v7.0.0/lib/libalpm/util.c:610:5: enter_function: entry to ‘_alpm_run_chroot’
pacman-v7.0.0/lib/libalpm/util.c:622:9: acquire_resource: opened here
pacman-v7.0.0/lib/libalpm/util.c:628:11: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/util.c:634:9: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/util.c:640:11: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/util.c:646:12: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/util.c:646:11: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/util.c:653:15: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/util.c:654:11: branch_false: following ‘false’ branch (when ‘pid != -1’)...
pacman-v7.0.0/lib/libalpm/util.c:660:11: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/util.c:660:11: branch_false: following ‘false’ branch (when ‘pid != 0’)...
pacman-v7.0.0/lib/libalpm/util.c:707:25: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/util.c:730:23: branch_true: following ‘true’ branch...
pacman-v7.0.0/lib/libalpm/util.c:732:27: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/util.c:739:28: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/util.c:739:27: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/util.c:745:34: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/util.c:745:34: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/util.c:749:28: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/util.c:749:27: branch_true: following ‘true’ branch...
pacman-v7.0.0/lib/libalpm/util.c:750:36: branch_true: ...to here
pacman-v7.0.0/lib/libalpm/util.c:750:36: call_function: calling ‘_alpm_chroot_write_to_child’ from ‘_alpm_run_chroot’
#  494|   	if(*buf_size == 0) {
#  495|   		/* empty buffer, ask the callback for more */
#  496|-> 		if((*buf_size = out_cb(buf, buf_limit, cb_ctx)) == 0) {
#  497|   			/* no more to write, close the pipe */
#  498|   			return -1;

Error: GCC_ANALYZER_WARNING (CWE-476): [#def599]
pacman-v7.0.0/lib/libalpm/util.c:496:33: warning[-Wanalyzer-jump-through-null]: jump through null pointer
pacman-v7.0.0/lib/libalpm/util.c:820:5: enter_function: entry to ‘_alpm_ldconfig’
pacman-v7.0.0/lib/libalpm/util.c:827:11: branch_true: following ‘true’ branch...
pacman-v7.0.0/lib/libalpm/util.c:828:17: branch_true: ...to here
pacman-v7.0.0/lib/libalpm/util.c:829:19: branch_true: following ‘true’ branch...
pacman-v7.0.0/lib/libalpm/util.c:831:31: branch_true: ...to here
pacman-v7.0.0/lib/libalpm/util.c:833:32: call_function: calling ‘_alpm_run_chroot’ from ‘_alpm_ldconfig’
#  494|   	if(*buf_size == 0) {
#  495|   		/* empty buffer, ask the callback for more */
#  496|-> 		if((*buf_size = out_cb(buf, buf_limit, cb_ctx)) == 0) {
#  497|   			/* no more to write, close the pipe */
#  498|   			return -1;

Error: GCC_ANALYZER_WARNING (CWE-775): [#def600]
pacman-v7.0.0/lib/libalpm/util.c:502:18: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘<unknown>’
pacman-v7.0.0/lib/libalpm/util.c:610:5: enter_function: entry to ‘_alpm_run_chroot’
pacman-v7.0.0/lib/libalpm/util.c:622:9: acquire_resource: opened here
pacman-v7.0.0/lib/libalpm/util.c:628:11: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/util.c:634:9: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/util.c:640:11: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/util.c:646:12: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/util.c:646:11: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/util.c:653:15: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/util.c:654:11: branch_false: following ‘false’ branch (when ‘pid != -1’)...
pacman-v7.0.0/lib/libalpm/util.c:660:11: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/util.c:660:11: branch_false: following ‘false’ branch (when ‘pid != 0’)...
pacman-v7.0.0/lib/libalpm/util.c:707:25: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/util.c:730:23: branch_true: following ‘true’ branch...
pacman-v7.0.0/lib/libalpm/util.c:732:27: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/util.c:739:28: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/util.c:739:27: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/util.c:745:34: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/util.c:745:34: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/util.c:749:28: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/util.c:749:27: branch_true: following ‘true’ branch...
pacman-v7.0.0/lib/libalpm/util.c:750:36: branch_true: ...to here
pacman-v7.0.0/lib/libalpm/util.c:750:36: call_function: calling ‘_alpm_chroot_write_to_child’ from ‘_alpm_run_chroot’
#  500|   	}
#  501|   
#  502|-> 	nwrite = send(fd, buf, *buf_size, MSG_NOSIGNAL);
#  503|   
#  504|   	if(nwrite != -1) {

Error: GCC_ANALYZER_WARNING (CWE-775): [#def601]
pacman-v7.0.0/lib/libalpm/util.c:624:17: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘<unknown>’
pacman-v7.0.0/lib/libalpm/util.c:622:9: acquire_resource: opened here
pacman-v7.0.0/lib/libalpm/util.c:623:11: branch_true: following ‘true’ branch...
pacman-v7.0.0/lib/libalpm/util.c:624:51: branch_true: ...to here
pacman-v7.0.0/lib/libalpm/util.c:624:17: danger: ‘<unknown>’ leaks here; was opened at [(1)](sarif:/runs/0/results/14/codeFlows/0/threadFlows/0/locations/0)
#  622|   	OPEN(cwdfd, ".", O_RDONLY | O_CLOEXEC);
#  623|   	if(cwdfd < 0) {
#  624|-> 		_alpm_log(handle, ALPM_LOG_ERROR, _("could not get current working directory\n"));
#  625|   	}
#  626|   

Error: GCC_ANALYZER_WARNING (CWE-775): [#def602]
pacman-v7.0.0/lib/libalpm/util.c:629:17: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘<unknown>’
pacman-v7.0.0/lib/libalpm/util.c:622:9: acquire_resource: opened here
pacman-v7.0.0/lib/libalpm/util.c:628:11: branch_true: following ‘true’ branch...
pacman-v7.0.0/lib/libalpm/util.c:630:56: branch_true: ...to here
pacman-v7.0.0/lib/libalpm/util.c:629:17: danger: ‘<unknown>’ leaks here; was opened at [(1)](sarif:/runs/0/results/15/codeFlows/0/threadFlows/0/locations/0)
#  627|   	/* just in case our cwd was removed in the upgrade operation */
#  628|   	if(chdir(handle->root) != 0) {
#  629|-> 		_alpm_log(handle, ALPM_LOG_ERROR, _("could not change directory to %s (%s)\n"),
#  630|   				handle->root, strerror(errno));
#  631|   		goto cleanup;

Error: GCC_ANALYZER_WARNING (CWE-775): [#def603]
pacman-v7.0.0/lib/libalpm/util.c:634:9: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘<unknown>’
pacman-v7.0.0/lib/libalpm/util.c:622:9: acquire_resource: opened here
pacman-v7.0.0/lib/libalpm/util.c:628:11: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/util.c:634:9: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/util.c:634:9: danger: ‘<unknown>’ leaks here; was opened at [(1)](sarif:/runs/0/results/16/codeFlows/0/threadFlows/0/locations/0)
#  632|   	}
#  633|   
#  634|-> 	_alpm_log(handle, ALPM_LOG_DEBUG, "executing \"%s\" under chroot \"%s\"\n",
#  635|   			cmd, handle->root);
#  636|   

Error: GCC_ANALYZER_WARNING (CWE-775): [#def604]
pacman-v7.0.0/lib/libalpm/util.c:638:9: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘<unknown>’
pacman-v7.0.0/lib/libalpm/util.c:622:9: acquire_resource: opened here
pacman-v7.0.0/lib/libalpm/util.c:628:11: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/util.c:634:9: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/util.c:638:9: danger: ‘<unknown>’ leaks here; was opened at [(1)](sarif:/runs/0/results/17/codeFlows/0/threadFlows/0/locations/0)
#  636|   
#  637|   	/* Flush open fds before fork() to avoid cloning buffers */
#  638|-> 	fflush(NULL);
#  639|   
#  640|   	if(socketpair(AF_UNIX, SOCK_STREAM, 0, child2parent_pipefd) == -1) {

Error: GCC_ANALYZER_WARNING (CWE-775): [#def605]
pacman-v7.0.0/lib/libalpm/util.c:641:17: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘<unknown>’
pacman-v7.0.0/lib/libalpm/util.c:622:9: acquire_resource: opened here
pacman-v7.0.0/lib/libalpm/util.c:628:11: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/util.c:634:9: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/util.c:640:11: branch_true: following ‘true’ branch...
pacman-v7.0.0/lib/libalpm/util.c:641:95: branch_true: ...to here
pacman-v7.0.0/lib/libalpm/util.c:641:17: danger: ‘<unknown>’ leaks here; was opened at [(1)](sarif:/runs/0/results/18/codeFlows/0/threadFlows/0/locations/0)
#  639|   
#  640|   	if(socketpair(AF_UNIX, SOCK_STREAM, 0, child2parent_pipefd) == -1) {
#  641|-> 		_alpm_log(handle, ALPM_LOG_ERROR, _("could not create pipe (%s)\n"), strerror(errno));
#  642|   		retval = 1;
#  643|   		goto cleanup;

Error: GCC_ANALYZER_WARNING (CWE-775): [#def606]
pacman-v7.0.0/lib/libalpm/util.c:647:17: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘<unknown>’
pacman-v7.0.0/lib/libalpm/util.c:622:9: acquire_resource: opened here
pacman-v7.0.0/lib/libalpm/util.c:628:11: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/util.c:634:9: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/util.c:640:11: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/util.c:646:12: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/util.c:646:11: branch_true: following ‘true’ branch...
pacman-v7.0.0/lib/libalpm/util.c:647:95: branch_true: ...to here
pacman-v7.0.0/lib/libalpm/util.c:647:17: danger: ‘<unknown>’ leaks here; was opened at [(1)](sarif:/runs/0/results/19/codeFlows/0/threadFlows/0/locations/0)
#  645|   
#  646|   	if(socketpair(AF_UNIX, SOCK_STREAM, 0, parent2child_pipefd) == -1) {
#  647|-> 		_alpm_log(handle, ALPM_LOG_ERROR, _("could not create pipe (%s)\n"), strerror(errno));
#  648|   		retval = 1;
#  649|   		goto cleanup;

Error: GCC_ANALYZER_WARNING (CWE-775): [#def607]
pacman-v7.0.0/lib/libalpm/util.c:655:17: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘<unknown>’
pacman-v7.0.0/lib/libalpm/util.c:622:9: acquire_resource: opened here
pacman-v7.0.0/lib/libalpm/util.c:628:11: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/util.c:634:9: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/util.c:640:11: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/util.c:646:12: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/util.c:646:11: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/util.c:653:15: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/util.c:654:11: branch_true: following ‘true’ branch (when ‘pid == -1’)...
pacman-v7.0.0/lib/libalpm/util.c:655:102: branch_true: ...to here
pacman-v7.0.0/lib/libalpm/util.c:655:17: danger: ‘<unknown>’ leaks here; was opened at [(1)](sarif:/runs/0/results/20/codeFlows/0/threadFlows/0/locations/0)
#  653|   	pid = fork();
#  654|   	if(pid == -1) {
#  655|-> 		_alpm_log(handle, ALPM_LOG_ERROR, _("could not fork a new process (%s)\n"), strerror(errno));
#  656|   		retval = 1;
#  657|   		goto cleanup;

Error: GCC_ANALYZER_WARNING (CWE-775): [#def608]
pacman-v7.0.0/lib/libalpm/util.c:662:17: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘<unknown>’
pacman-v7.0.0/lib/libalpm/util.c:622:9: acquire_resource: opened here
pacman-v7.0.0/lib/libalpm/util.c:628:11: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/util.c:634:9: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/util.c:640:11: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/util.c:646:12: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/util.c:646:11: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/util.c:653:15: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/util.c:654:11: branch_false: following ‘false’ branch (when ‘pid != -1’)...
pacman-v7.0.0/lib/libalpm/util.c:660:11: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/util.c:660:11: branch_true: following ‘true’ branch (when ‘pid == 0’)...
pacman-v7.0.0/lib/libalpm/util.c:662:17: branch_true: ...to here
pacman-v7.0.0/lib/libalpm/util.c:662:17: danger: ‘<unknown>’ leaks here; was opened at [(1)](sarif:/runs/0/results/21/codeFlows/0/threadFlows/0/locations/0)
#  660|   	if(pid == 0) {
#  661|   		/* this code runs for the child only (the actual chroot/exec) */
#  662|-> 		close(0);
#  663|   		close(1);
#  664|   		close(2);

Error: GCC_ANALYZER_WARNING (CWE-775): [#def609]
pacman-v7.0.0/lib/libalpm/util.c:663:17: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘<unknown>’
pacman-v7.0.0/lib/libalpm/util.c:622:9: acquire_resource: opened here
pacman-v7.0.0/lib/libalpm/util.c:628:11: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/util.c:634:9: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/util.c:640:11: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/util.c:646:12: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/util.c:646:11: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/util.c:653:15: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/util.c:654:11: branch_false: following ‘false’ branch (when ‘pid != -1’)...
pacman-v7.0.0/lib/libalpm/util.c:660:11: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/util.c:660:11: branch_true: following ‘true’ branch (when ‘pid == 0’)...
pacman-v7.0.0/lib/libalpm/util.c:662:17: branch_true: ...to here
pacman-v7.0.0/lib/libalpm/util.c:663:17: danger: ‘<unknown>’ leaks here; was opened at [(1)](sarif:/runs/0/results/22/codeFlows/0/threadFlows/0/locations/0)
#  661|   		/* this code runs for the child only (the actual chroot/exec) */
#  662|   		close(0);
#  663|-> 		close(1);
#  664|   		close(2);
#  665|   		while(dup2(child2parent_pipefd[HEAD], 1) == -1 && errno == EINTR);

Error: GCC_ANALYZER_WARNING (CWE-775): [#def610]
pacman-v7.0.0/lib/libalpm/util.c:664:17: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘<unknown>’
pacman-v7.0.0/lib/libalpm/util.c:622:9: acquire_resource: opened here
pacman-v7.0.0/lib/libalpm/util.c:628:11: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/util.c:634:9: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/util.c:640:11: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/util.c:646:12: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/util.c:646:11: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/util.c:653:15: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/util.c:654:11: branch_false: following ‘false’ branch (when ‘pid != -1’)...
pacman-v7.0.0/lib/libalpm/util.c:660:11: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/util.c:660:11: branch_true: following ‘true’ branch (when ‘pid == 0’)...
pacman-v7.0.0/lib/libalpm/util.c:662:17: branch_true: ...to here
pacman-v7.0.0/lib/libalpm/util.c:664:17: danger: ‘<unknown>’ leaks here; was opened at [(1)](sarif:/runs/0/results/23/codeFlows/0/threadFlows/0/locations/0)
#  662|   		close(0);
#  663|   		close(1);
#  664|-> 		close(2);
#  665|   		while(dup2(child2parent_pipefd[HEAD], 1) == -1 && errno == EINTR);
#  666|   		while(dup2(child2parent_pipefd[HEAD], 2) == -1 && errno == EINTR);

Error: GCC_ANALYZER_WARNING: [#def611]
pacman-v7.0.0/lib/libalpm/util.c:665:23: warning[-Wanalyzer-fd-use-without-check]: ‘dup2’ on possibly invalid file descriptor ‘1’
pacman-v7.0.0/lib/libalpm/util.c:628:11: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/util.c:634:9: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/util.c:640:11: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/util.c:646:12: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/util.c:646:11: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/util.c:653:15: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/util.c:654:11: branch_false: following ‘false’ branch (when ‘pid != -1’)...
pacman-v7.0.0/lib/libalpm/util.c:660:11: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/util.c:660:11: branch_true: following ‘true’ branch (when ‘pid == 0’)...
pacman-v7.0.0/lib/libalpm/util.c:662:17: branch_true: ...to here
pacman-v7.0.0/lib/libalpm/util.c:663:17: release_resource: closed here
pacman-v7.0.0/lib/libalpm/util.c:665:23: danger: ‘1’ could be invalid
#  663|   		close(1);
#  664|   		close(2);
#  665|-> 		while(dup2(child2parent_pipefd[HEAD], 1) == -1 && errno == EINTR);
#  666|   		while(dup2(child2parent_pipefd[HEAD], 2) == -1 && errno == EINTR);
#  667|   		while(dup2(parent2child_pipefd[TAIL], 0) == -1 && errno == EINTR);

Error: GCC_ANALYZER_WARNING: [#def612]
pacman-v7.0.0/lib/libalpm/util.c:666:23: warning[-Wanalyzer-fd-use-without-check]: ‘dup2’ on possibly invalid file descriptor ‘2’
pacman-v7.0.0/lib/libalpm/util.c:628:11: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/util.c:634:9: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/util.c:640:11: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/util.c:646:12: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/util.c:646:11: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/util.c:653:15: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/util.c:654:11: branch_false: following ‘false’ branch (when ‘pid != -1’)...
pacman-v7.0.0/lib/libalpm/util.c:660:11: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/util.c:660:11: branch_true: following ‘true’ branch (when ‘pid == 0’)...
pacman-v7.0.0/lib/libalpm/util.c:662:17: branch_true: ...to here
pacman-v7.0.0/lib/libalpm/util.c:664:17: release_resource: closed here
pacman-v7.0.0/lib/libalpm/util.c:666:23: danger: ‘2’ could be invalid
#  664|   		close(2);
#  665|   		while(dup2(child2parent_pipefd[HEAD], 1) == -1 && errno == EINTR);
#  666|-> 		while(dup2(child2parent_pipefd[HEAD], 2) == -1 && errno == EINTR);
#  667|   		while(dup2(parent2child_pipefd[TAIL], 0) == -1 && errno == EINTR);
#  668|   		close(parent2child_pipefd[TAIL]);

Error: GCC_ANALYZER_WARNING: [#def613]
pacman-v7.0.0/lib/libalpm/util.c:667:23: warning[-Wanalyzer-fd-use-without-check]: ‘dup2’ on possibly invalid file descriptor ‘0’
pacman-v7.0.0/lib/libalpm/util.c:628:11: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/util.c:634:9: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/util.c:640:11: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/util.c:646:12: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/util.c:646:11: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/util.c:653:15: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/util.c:654:11: branch_false: following ‘false’ branch (when ‘pid != -1’)...
pacman-v7.0.0/lib/libalpm/util.c:660:11: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/util.c:660:11: branch_true: following ‘true’ branch (when ‘pid == 0’)...
pacman-v7.0.0/lib/libalpm/util.c:662:17: branch_true: ...to here
pacman-v7.0.0/lib/libalpm/util.c:662:17: release_resource: closed here
pacman-v7.0.0/lib/libalpm/util.c:667:23: danger: ‘0’ could be invalid
#  665|   		while(dup2(child2parent_pipefd[HEAD], 1) == -1 && errno == EINTR);
#  666|   		while(dup2(child2parent_pipefd[HEAD], 2) == -1 && errno == EINTR);
#  667|-> 		while(dup2(parent2child_pipefd[TAIL], 0) == -1 && errno == EINTR);
#  668|   		close(parent2child_pipefd[TAIL]);
#  669|   		close(parent2child_pipefd[HEAD]);

Error: GCC_ANALYZER_WARNING (CWE-775): [#def614]
pacman-v7.0.0/lib/libalpm/util.c:668:17: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘<unknown>’
pacman-v7.0.0/lib/libalpm/util.c:622:9: acquire_resource: opened here
pacman-v7.0.0/lib/libalpm/util.c:628:11: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/util.c:634:9: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/util.c:640:11: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/util.c:646:12: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/util.c:646:11: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/util.c:653:15: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/util.c:654:11: branch_false: following ‘false’ branch (when ‘pid != -1’)...
pacman-v7.0.0/lib/libalpm/util.c:660:11: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/util.c:660:11: branch_true: following ‘true’ branch (when ‘pid == 0’)...
pacman-v7.0.0/lib/libalpm/util.c:662:17: branch_true: ...to here
pacman-v7.0.0/lib/libalpm/util.c:668:17: danger: ‘<unknown>’ leaks here; was opened at [(1)](sarif:/runs/0/results/27/codeFlows/0/threadFlows/0/locations/0)
#  666|   		while(dup2(child2parent_pipefd[HEAD], 2) == -1 && errno == EINTR);
#  667|   		while(dup2(parent2child_pipefd[TAIL], 0) == -1 && errno == EINTR);
#  668|-> 		close(parent2child_pipefd[TAIL]);
#  669|   		close(parent2child_pipefd[HEAD]);
#  670|   		close(child2parent_pipefd[TAIL]);

Error: GCC_ANALYZER_WARNING (CWE-775): [#def615]
pacman-v7.0.0/lib/libalpm/util.c:669:17: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘<unknown>’
pacman-v7.0.0/lib/libalpm/util.c:622:9: acquire_resource: opened here
pacman-v7.0.0/lib/libalpm/util.c:628:11: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/util.c:634:9: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/util.c:640:11: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/util.c:646:12: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/util.c:646:11: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/util.c:653:15: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/util.c:654:11: branch_false: following ‘false’ branch (when ‘pid != -1’)...
pacman-v7.0.0/lib/libalpm/util.c:660:11: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/util.c:660:11: branch_true: following ‘true’ branch (when ‘pid == 0’)...
pacman-v7.0.0/lib/libalpm/util.c:662:17: branch_true: ...to here
pacman-v7.0.0/lib/libalpm/util.c:669:17: danger: ‘<unknown>’ leaks here; was opened at [(1)](sarif:/runs/0/results/28/codeFlows/0/threadFlows/0/locations/0)
#  667|   		while(dup2(parent2child_pipefd[TAIL], 0) == -1 && errno == EINTR);
#  668|   		close(parent2child_pipefd[TAIL]);
#  669|-> 		close(parent2child_pipefd[HEAD]);
#  670|   		close(child2parent_pipefd[TAIL]);
#  671|   		close(child2parent_pipefd[HEAD]);

Error: GCC_ANALYZER_WARNING (CWE-775): [#def616]
pacman-v7.0.0/lib/libalpm/util.c:670:17: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘<unknown>’
pacman-v7.0.0/lib/libalpm/util.c:622:9: acquire_resource: opened here
pacman-v7.0.0/lib/libalpm/util.c:628:11: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/util.c:634:9: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/util.c:640:11: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/util.c:646:12: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/util.c:646:11: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/util.c:653:15: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/util.c:654:11: branch_false: following ‘false’ branch (when ‘pid != -1’)...
pacman-v7.0.0/lib/libalpm/util.c:660:11: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/util.c:660:11: branch_true: following ‘true’ branch (when ‘pid == 0’)...
pacman-v7.0.0/lib/libalpm/util.c:662:17: branch_true: ...to here
pacman-v7.0.0/lib/libalpm/util.c:670:17: danger: ‘<unknown>’ leaks here; was opened at [(1)](sarif:/runs/0/results/29/codeFlows/0/threadFlows/0/locations/0)
#  668|   		close(parent2child_pipefd[TAIL]);
#  669|   		close(parent2child_pipefd[HEAD]);
#  670|-> 		close(child2parent_pipefd[TAIL]);
#  671|   		close(child2parent_pipefd[HEAD]);
#  672|   		if(cwdfd >= 0) {

Error: GCC_ANALYZER_WARNING (CWE-775): [#def617]
pacman-v7.0.0/lib/libalpm/util.c:671:17: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘<unknown>’
pacman-v7.0.0/lib/libalpm/util.c:622:9: acquire_resource: opened here
pacman-v7.0.0/lib/libalpm/util.c:628:11: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/util.c:634:9: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/util.c:640:11: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/util.c:646:12: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/util.c:646:11: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/util.c:653:15: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/util.c:654:11: branch_false: following ‘false’ branch (when ‘pid != -1’)...
pacman-v7.0.0/lib/libalpm/util.c:660:11: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/util.c:660:11: branch_true: following ‘true’ branch (when ‘pid == 0’)...
pacman-v7.0.0/lib/libalpm/util.c:662:17: branch_true: ...to here
pacman-v7.0.0/lib/libalpm/util.c:671:17: danger: ‘<unknown>’ leaks here; was opened at [(1)](sarif:/runs/0/results/30/codeFlows/0/threadFlows/0/locations/0)
#  669|   		close(parent2child_pipefd[HEAD]);
#  670|   		close(child2parent_pipefd[TAIL]);
#  671|-> 		close(child2parent_pipefd[HEAD]);
#  672|   		if(cwdfd >= 0) {
#  673|   			close(cwdfd);

Error: GCC_ANALYZER_WARNING (CWE-775): [#def618]
pacman-v7.0.0/lib/libalpm/util.c:672:19: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘<unknown>’
pacman-v7.0.0/lib/libalpm/util.c:622:9: acquire_resource: opened here
pacman-v7.0.0/lib/libalpm/util.c:628:11: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/util.c:634:9: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/util.c:640:11: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/util.c:646:12: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/util.c:646:11: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/util.c:653:15: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/util.c:654:11: branch_false: following ‘false’ branch (when ‘pid != -1’)...
pacman-v7.0.0/lib/libalpm/util.c:660:11: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/util.c:660:11: branch_true: following ‘true’ branch (when ‘pid == 0’)...
pacman-v7.0.0/lib/libalpm/util.c:662:17: branch_true: ...to here
pacman-v7.0.0/lib/libalpm/util.c:672:19: danger: ‘<unknown>’ leaks here; was opened at [(1)](sarif:/runs/0/results/31/codeFlows/0/threadFlows/0/locations/0)
#  670|   		close(child2parent_pipefd[TAIL]);
#  671|   		close(child2parent_pipefd[HEAD]);
#  672|-> 		if(cwdfd >= 0) {
#  673|   			close(cwdfd);
#  674|   		}

Error: GCC_ANALYZER_WARNING (CWE-775): [#def619]
pacman-v7.0.0/lib/libalpm/util.c:673:25: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘<unknown>’
pacman-v7.0.0/lib/libalpm/util.c:622:9: acquire_resource: opened here
pacman-v7.0.0/lib/libalpm/util.c:628:11: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/util.c:634:9: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/util.c:640:11: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/util.c:646:12: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/util.c:646:11: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/util.c:653:15: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/util.c:654:11: branch_false: following ‘false’ branch (when ‘pid != -1’)...
pacman-v7.0.0/lib/libalpm/util.c:660:11: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/util.c:660:11: branch_true: following ‘true’ branch (when ‘pid == 0’)...
pacman-v7.0.0/lib/libalpm/util.c:662:17: branch_true: ...to here
pacman-v7.0.0/lib/libalpm/util.c:672:19: branch_true: following ‘true’ branch...
pacman-v7.0.0/lib/libalpm/util.c:673:25: branch_true: ...to here
pacman-v7.0.0/lib/libalpm/util.c:673:25: danger: ‘<unknown>’ leaks here; was opened at [(1)](sarif:/runs/0/results/32/codeFlows/0/threadFlows/0/locations/0)
#  671|   		close(child2parent_pipefd[HEAD]);
#  672|   		if(cwdfd >= 0) {
#  673|-> 			close(cwdfd);
#  674|   		}
#  675|   

Error: GCC_ANALYZER_WARNING (CWE-775): [#def620]
pacman-v7.0.0/lib/libalpm/util.c:714:17: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘<unknown>’
pacman-v7.0.0/lib/libalpm/util.c:622:9: acquire_resource: opened here
pacman-v7.0.0/lib/libalpm/util.c:628:11: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/util.c:634:9: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/util.c:640:11: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/util.c:646:12: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/util.c:646:11: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/util.c:653:15: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/util.c:654:11: branch_false: following ‘false’ branch (when ‘pid != -1’)...
pacman-v7.0.0/lib/libalpm/util.c:660:11: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/util.c:660:11: branch_false: following ‘false’ branch (when ‘pid != 0’)...
pacman-v7.0.0/lib/libalpm/util.c:707:25: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/util.c:714:17: danger: ‘<unknown>’ leaks here; was opened at [(1)](sarif:/runs/0/results/33/codeFlows/0/threadFlows/0/locations/0)
#  712|   		child2parent->fd = child2parent_pipefd[TAIL];
#  713|   		child2parent->events = POLLIN;
#  714|-> 		fcntl(child2parent->fd, F_SETFL, O_NONBLOCK);
#  715|   		close(child2parent_pipefd[HEAD]);
#  716|   		close(parent2child_pipefd[TAIL]);

Error: GCC_ANALYZER_WARNING (CWE-775): [#def621]
pacman-v7.0.0/lib/libalpm/util.c:715:17: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘<unknown>’
pacman-v7.0.0/lib/libalpm/util.c:622:9: acquire_resource: opened here
pacman-v7.0.0/lib/libalpm/util.c:628:11: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/util.c:634:9: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/util.c:640:11: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/util.c:646:12: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/util.c:646:11: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/util.c:653:15: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/util.c:654:11: branch_false: following ‘false’ branch (when ‘pid != -1’)...
pacman-v7.0.0/lib/libalpm/util.c:660:11: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/util.c:660:11: branch_false: following ‘false’ branch (when ‘pid != 0’)...
pacman-v7.0.0/lib/libalpm/util.c:707:25: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/util.c:715:17: danger: ‘<unknown>’ leaks here; was opened at [(1)](sarif:/runs/0/results/34/codeFlows/0/threadFlows/0/locations/0)
#  713|   		child2parent->events = POLLIN;
#  714|   		fcntl(child2parent->fd, F_SETFL, O_NONBLOCK);
#  715|-> 		close(child2parent_pipefd[HEAD]);
#  716|   		close(parent2child_pipefd[TAIL]);
#  717|   

Error: GCC_ANALYZER_WARNING (CWE-775): [#def622]
pacman-v7.0.0/lib/libalpm/util.c:716:17: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘<unknown>’
pacman-v7.0.0/lib/libalpm/util.c:622:9: acquire_resource: opened here
pacman-v7.0.0/lib/libalpm/util.c:628:11: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/util.c:634:9: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/util.c:640:11: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/util.c:646:12: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/util.c:646:11: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/util.c:653:15: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/util.c:654:11: branch_false: following ‘false’ branch (when ‘pid != -1’)...
pacman-v7.0.0/lib/libalpm/util.c:660:11: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/util.c:660:11: branch_false: following ‘false’ branch (when ‘pid != 0’)...
pacman-v7.0.0/lib/libalpm/util.c:707:25: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/util.c:716:17: danger: ‘<unknown>’ leaks here; was opened at [(1)](sarif:/runs/0/results/35/codeFlows/0/threadFlows/0/locations/0)
#  714|   		fcntl(child2parent->fd, F_SETFL, O_NONBLOCK);
#  715|   		close(child2parent_pipefd[HEAD]);
#  716|-> 		close(parent2child_pipefd[TAIL]);
#  717|   
#  718|   		if(stdin_cb) {

Error: GCC_ANALYZER_WARNING (CWE-775): [#def623]
pacman-v7.0.0/lib/libalpm/util.c:721:25: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘<unknown>’
pacman-v7.0.0/lib/libalpm/util.c:622:9: acquire_resource: opened here
pacman-v7.0.0/lib/libalpm/util.c:628:11: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/util.c:634:9: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/util.c:640:11: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/util.c:646:12: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/util.c:646:11: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/util.c:653:15: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/util.c:654:11: branch_false: following ‘false’ branch (when ‘pid != -1’)...
pacman-v7.0.0/lib/libalpm/util.c:660:11: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/util.c:660:11: branch_false: following ‘false’ branch (when ‘pid != 0’)...
pacman-v7.0.0/lib/libalpm/util.c:707:25: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/util.c:718:19: branch_true: following ‘true’ branch (when ‘stdin_cb’ is non-NULL)...
pacman-v7.0.0/lib/libalpm/util.c:719:44: branch_true: ...to here
pacman-v7.0.0/lib/libalpm/util.c:721:25: danger: ‘<unknown>’ leaks here; was opened at [(1)](sarif:/runs/0/results/36/codeFlows/0/threadFlows/0/locations/0)
#  719|   			parent2child->fd = parent2child_pipefd[HEAD];
#  720|   			parent2child->events = POLLOUT;
#  721|-> 			fcntl(parent2child->fd, F_SETFL, O_NONBLOCK);
#  722|   		} else {
#  723|   			parent2child->fd = -1;

Error: GCC_ANALYZER_WARNING (CWE-775): [#def624]
pacman-v7.0.0/lib/libalpm/util.c:725:25: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘<unknown>’
pacman-v7.0.0/lib/libalpm/util.c:622:9: acquire_resource: opened here
pacman-v7.0.0/lib/libalpm/util.c:628:11: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/util.c:634:9: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/util.c:640:11: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/util.c:646:12: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/util.c:646:11: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/util.c:653:15: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/util.c:654:11: branch_false: following ‘false’ branch (when ‘pid != -1’)...
pacman-v7.0.0/lib/libalpm/util.c:660:11: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/util.c:660:11: branch_false: following ‘false’ branch (when ‘pid != 0’)...
pacman-v7.0.0/lib/libalpm/util.c:707:25: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/util.c:718:19: branch_false: following ‘false’ branch (when ‘stdin_cb’ is NULL)...
pacman-v7.0.0/lib/libalpm/util.c:723:25: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/util.c:725:25: danger: ‘<unknown>’ leaks here; was opened at [(1)](sarif:/runs/0/results/37/codeFlows/0/threadFlows/0/locations/0)
#  723|   			parent2child->fd = -1;
#  724|   			parent2child->events = 0;
#  725|-> 			close(parent2child_pipefd[HEAD]);
#  726|   		}
#  727|   

Error: GCC_ANALYZER_WARNING (CWE-775): [#def625]
pacman-v7.0.0/lib/libalpm/util.c:731:48: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘<unknown>’
pacman-v7.0.0/lib/libalpm/util.c:622:9: acquire_resource: opened here
pacman-v7.0.0/lib/libalpm/util.c:628:11: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/util.c:634:9: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/util.c:640:11: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/util.c:646:12: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/util.c:646:11: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/util.c:653:15: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/util.c:654:11: branch_false: following ‘false’ branch (when ‘pid != -1’)...
pacman-v7.0.0/lib/libalpm/util.c:660:11: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/util.c:660:11: branch_false: following ‘false’ branch (when ‘pid != 0’)...
pacman-v7.0.0/lib/libalpm/util.c:707:25: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/util.c:718:19: branch_true: following ‘true’ branch (when ‘stdin_cb’ is non-NULL)...
pacman-v7.0.0/lib/libalpm/util.c:719:44: branch_true: ...to here
pacman-v7.0.0/lib/libalpm/util.c:730:23: branch_true: following ‘true’ branch...
pacman-v7.0.0/lib/libalpm/util.c:731:48: branch_true: ...to here
pacman-v7.0.0/lib/libalpm/util.c:731:48: danger: ‘<unknown>’ leaks here; was opened at [(1)](sarif:/runs/0/results/38/codeFlows/0/threadFlows/0/locations/0)
#  729|   
#  730|   		while((child2parent->fd != -1 || parent2child->fd != -1)
#  731|-> 				&& (poll_ret = poll(fds, nfds, -1)) != 0) {
#  732|   			if(poll_ret == -1) {
#  733|   				if(errno == EINTR) {

Error: GCC_ANALYZER_WARNING (CWE-775): [#def626]
pacman-v7.0.0/lib/libalpm/util.c:747:33: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘<unknown>’
pacman-v7.0.0/lib/libalpm/util.c:622:9: acquire_resource: opened here
pacman-v7.0.0/lib/libalpm/util.c:628:11: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/util.c:634:9: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/util.c:640:11: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/util.c:646:12: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/util.c:646:11: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/util.c:653:15: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/util.c:654:11: branch_false: following ‘false’ branch (when ‘pid != -1’)...
pacman-v7.0.0/lib/libalpm/util.c:660:11: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/util.c:660:11: branch_false: following ‘false’ branch (when ‘pid != 0’)...
pacman-v7.0.0/lib/libalpm/util.c:707:25: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/util.c:730:23: branch_true: following ‘true’ branch...
pacman-v7.0.0/lib/libalpm/util.c:732:27: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/util.c:739:28: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/util.c:739:27: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/util.c:745:34: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/util.c:745:34: branch_true: following ‘true’ branch...
pacman-v7.0.0/lib/libalpm/util.c:747:33: branch_true: ...to here
pacman-v7.0.0/lib/libalpm/util.c:747:33: danger: ‘<unknown>’ leaks here; was opened at [(1)](sarif:/runs/0/results/39/codeFlows/0/threadFlows/0/locations/0)
#  745|   			} else if(child2parent->revents) {
#  746|   				/* anything but POLLIN indicates an error */
#  747|-> 				STOP_POLLING(child2parent);
#  748|   			}
#  749|   			if(parent2child->revents & POLLOUT) {

Error: GCC_ANALYZER_WARNING (CWE-775): [#def627]
pacman-v7.0.0/lib/libalpm/util.c:756:33: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘<unknown>’
pacman-v7.0.0/lib/libalpm/util.c:622:9: acquire_resource: opened here
pacman-v7.0.0/lib/libalpm/util.c:628:11: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/util.c:634:9: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/util.c:640:11: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/util.c:646:12: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/util.c:646:11: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/util.c:653:15: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/util.c:654:11: branch_false: following ‘false’ branch (when ‘pid != -1’)...
pacman-v7.0.0/lib/libalpm/util.c:660:11: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/util.c:660:11: branch_false: following ‘false’ branch (when ‘pid != 0’)...
pacman-v7.0.0/lib/libalpm/util.c:707:25: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/util.c:730:23: branch_true: following ‘true’ branch...
pacman-v7.0.0/lib/libalpm/util.c:732:27: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/util.c:739:28: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/util.c:739:27: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/util.c:745:34: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/util.c:745:34: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/util.c:749:28: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/util.c:749:27: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/util.c:754:34: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/util.c:754:34: branch_true: following ‘true’ branch...
pacman-v7.0.0/lib/libalpm/util.c:756:33: branch_true: ...to here
pacman-v7.0.0/lib/libalpm/util.c:756:33: danger: ‘<unknown>’ leaks here; was opened at [(1)](sarif:/runs/0/results/40/codeFlows/0/threadFlows/0/locations/0)
#  754|   			} else if(parent2child->revents) {
#  755|   				/* anything but POLLOUT indicates an error */
#  756|-> 				STOP_POLLING(parent2child);
#  757|   			}
#  758|   		}

Error: GCC_ANALYZER_WARNING (CWE-775): [#def628]
pacman-v7.0.0/lib/libalpm/util.c:771:25: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘<unknown>’
pacman-v7.0.0/lib/libalpm/util.c:622:9: acquire_resource: opened here
pacman-v7.0.0/lib/libalpm/util.c:628:11: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/util.c:634:9: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/util.c:640:11: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/util.c:646:12: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/util.c:646:11: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/util.c:653:15: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/util.c:654:11: branch_false: following ‘false’ branch (when ‘pid != -1’)...
pacman-v7.0.0/lib/libalpm/util.c:660:11: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/util.c:660:11: branch_false: following ‘false’ branch (when ‘pid != 0’)...
pacman-v7.0.0/lib/libalpm/util.c:707:25: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/util.c:730:23: branch_true: following ‘true’ branch...
pacman-v7.0.0/lib/libalpm/util.c:731:48: branch_true: ...to here
pacman-v7.0.0/lib/libalpm/util.c:760:19: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/util.c:770:20: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/util.c:770:19: branch_true: following ‘true’ branch...
pacman-v7.0.0/lib/libalpm/util.c:771:25: branch_true: ...to here
pacman-v7.0.0/lib/libalpm/util.c:771:25: danger: ‘<unknown>’ leaks here; was opened at [(1)](sarif:/runs/0/results/41/codeFlows/0/threadFlows/0/locations/0)
#  769|   
#  770|   		if(parent2child->fd != -1) {
#  771|-> 			close(parent2child->fd);
#  772|   		}
#  773|   		if(child2parent->fd != -1) {

Error: GCC_ANALYZER_WARNING (CWE-775): [#def629]
pacman-v7.0.0/lib/libalpm/util.c:774:25: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘<unknown>’
pacman-v7.0.0/lib/libalpm/util.c:622:9: acquire_resource: opened here
pacman-v7.0.0/lib/libalpm/util.c:628:11: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/util.c:634:9: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/util.c:640:11: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/util.c:646:12: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/util.c:646:11: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/util.c:653:15: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/util.c:654:11: branch_false: following ‘false’ branch (when ‘pid != -1’)...
pacman-v7.0.0/lib/libalpm/util.c:660:11: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/util.c:660:11: branch_false: following ‘false’ branch (when ‘pid != 0’)...
pacman-v7.0.0/lib/libalpm/util.c:707:25: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/util.c:730:23: branch_true: following ‘true’ branch...
pacman-v7.0.0/lib/libalpm/util.c:731:48: branch_true: ...to here
pacman-v7.0.0/lib/libalpm/util.c:760:19: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/util.c:770:20: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/util.c:773:19: branch_true: following ‘true’ branch...
pacman-v7.0.0/lib/libalpm/util.c:774:25: branch_true: ...to here
pacman-v7.0.0/lib/libalpm/util.c:774:25: danger: ‘<unknown>’ leaks here; was opened at [(1)](sarif:/runs/0/results/42/codeFlows/0/threadFlows/0/locations/0)
#  772|   		}
#  773|   		if(child2parent->fd != -1) {
#  774|-> 			close(child2parent->fd);
#  775|   		}
#  776|   

Error: GCC_ANALYZER_WARNING (CWE-775): [#def630]
pacman-v7.0.0/lib/libalpm/util.c:777:23: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘<unknown>’
pacman-v7.0.0/lib/libalpm/util.c:622:9: acquire_resource: opened here
pacman-v7.0.0/lib/libalpm/util.c:628:11: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/util.c:634:9: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/util.c:640:11: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/util.c:646:12: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/util.c:646:11: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/util.c:653:15: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/util.c:654:11: branch_false: following ‘false’ branch (when ‘pid != -1’)...
pacman-v7.0.0/lib/libalpm/util.c:660:11: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/util.c:660:11: branch_false: following ‘false’ branch (when ‘pid != 0’)...
pacman-v7.0.0/lib/libalpm/util.c:707:25: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/util.c:760:19: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/util.c:770:20: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/util.c:777:23: danger: ‘<unknown>’ leaks here; was opened at [(1)](sarif:/runs/0/results/43/codeFlows/0/threadFlows/0/locations/0)
#  775|   		}
#  776|   
#  777|-> 		while(waitpid(pid, &status, 0) == -1) {
#  778|   			if(errno != EINTR) {
#  779|   				_alpm_log(handle, ALPM_LOG_ERROR, _("call to waitpid failed (%s)\n"), strerror(errno));

Error: GCC_ANALYZER_WARNING (CWE-775): [#def631]
pacman-v7.0.0/lib/libalpm/util.c:779:33: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘<unknown>’
pacman-v7.0.0/lib/libalpm/util.c:622:9: acquire_resource: opened here
pacman-v7.0.0/lib/libalpm/util.c:628:11: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/util.c:634:9: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/util.c:640:11: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/util.c:646:12: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/util.c:646:11: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/util.c:653:15: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/util.c:654:11: branch_false: following ‘false’ branch (when ‘pid != -1’)...
pacman-v7.0.0/lib/libalpm/util.c:660:11: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/util.c:660:11: branch_false: following ‘false’ branch (when ‘pid != 0’)...
pacman-v7.0.0/lib/libalpm/util.c:707:25: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/util.c:760:19: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/util.c:770:20: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/util.c:777:23: branch_true: following ‘true’ branch...
pacman-v7.0.0/lib/libalpm/util.c:778:28: branch_true: ...to here
pacman-v7.0.0/lib/libalpm/util.c:778:27: branch_true: following ‘true’ branch...
pacman-v7.0.0/lib/libalpm/util.c:779:33: branch_true: ...to here
pacman-v7.0.0/lib/libalpm/util.c:779:33: danger: ‘<unknown>’ leaks here; was opened at [(1)](sarif:/runs/0/results/44/codeFlows/0/threadFlows/0/locations/0)
#  777|   		while(waitpid(pid, &status, 0) == -1) {
#  778|   			if(errno != EINTR) {
#  779|-> 				_alpm_log(handle, ALPM_LOG_ERROR, _("call to waitpid failed (%s)\n"), strerror(errno));
#  780|   				retval = 1;
#  781|   				goto cleanup;

Error: GCC_ANALYZER_WARNING (CWE-775): [#def632]
pacman-v7.0.0/lib/libalpm/util.c:787:25: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘<unknown>’
pacman-v7.0.0/lib/libalpm/util.c:622:9: acquire_resource: opened here
pacman-v7.0.0/lib/libalpm/util.c:628:11: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/util.c:634:9: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/util.c:640:11: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/util.c:646:12: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/util.c:646:11: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/util.c:653:15: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/util.c:654:11: branch_false: following ‘false’ branch (when ‘pid != -1’)...
pacman-v7.0.0/lib/libalpm/util.c:660:11: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/util.c:660:11: branch_false: following ‘false’ branch (when ‘pid != 0’)...
pacman-v7.0.0/lib/libalpm/util.c:707:25: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/util.c:760:19: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/util.c:770:20: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/util.c:777:23: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/util.c:786:20: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/util.c:786:19: branch_true: following ‘true’ branch...
pacman-v7.0.0/lib/libalpm/util.c:787:25: branch_true: ...to here
pacman-v7.0.0/lib/libalpm/util.c:787:25: danger: ‘<unknown>’ leaks here; was opened at [(1)](sarif:/runs/0/results/45/codeFlows/0/threadFlows/0/locations/0)
#  785|   		/* check the return status, make sure it is 0 (success) */
#  786|   		if(WIFEXITED(status)) {
#  787|-> 			_alpm_log(handle, ALPM_LOG_DEBUG, "call to waitpid succeeded\n");
#  788|   			if(WEXITSTATUS(status) != 0) {
#  789|   				_alpm_log(handle, ALPM_LOG_ERROR, _("command failed to execute correctly\n"));

Error: GCC_ANALYZER_WARNING (CWE-775): [#def633]
pacman-v7.0.0/lib/libalpm/util.c:789:33: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘<unknown>’
pacman-v7.0.0/lib/libalpm/util.c:622:9: acquire_resource: opened here
pacman-v7.0.0/lib/libalpm/util.c:628:11: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/util.c:634:9: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/util.c:640:11: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/util.c:646:12: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/util.c:646:11: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/util.c:653:15: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/util.c:654:11: branch_false: following ‘false’ branch (when ‘pid != -1’)...
pacman-v7.0.0/lib/libalpm/util.c:660:11: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/util.c:660:11: branch_false: following ‘false’ branch (when ‘pid != 0’)...
pacman-v7.0.0/lib/libalpm/util.c:707:25: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/util.c:760:19: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/util.c:770:20: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/util.c:777:23: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/util.c:786:20: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/util.c:786:19: branch_true: following ‘true’ branch...
pacman-v7.0.0/lib/libalpm/util.c:787:25: branch_true: ...to here
pacman-v7.0.0/lib/libalpm/util.c:788:27: branch_true: following ‘true’ branch...
pacman-v7.0.0/lib/libalpm/util.c:789:67: branch_true: ...to here
pacman-v7.0.0/lib/libalpm/util.c:789:33: danger: ‘<unknown>’ leaks here; was opened at [(1)](sarif:/runs/0/results/46/codeFlows/0/threadFlows/0/locations/0)
#  787|   			_alpm_log(handle, ALPM_LOG_DEBUG, "call to waitpid succeeded\n");
#  788|   			if(WEXITSTATUS(status) != 0) {
#  789|-> 				_alpm_log(handle, ALPM_LOG_ERROR, _("command failed to execute correctly\n"));
#  790|   				retval = 1;
#  791|   			}

Error: GCC_ANALYZER_WARNING (CWE-775): [#def634]
pacman-v7.0.0/lib/libalpm/util.c:798:25: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘<unknown>’
pacman-v7.0.0/lib/libalpm/util.c:622:9: acquire_resource: opened here
pacman-v7.0.0/lib/libalpm/util.c:628:11: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/util.c:634:9: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/util.c:640:11: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/util.c:646:12: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/util.c:646:11: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/util.c:653:15: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/util.c:654:11: branch_false: following ‘false’ branch (when ‘pid != -1’)...
pacman-v7.0.0/lib/libalpm/util.c:660:11: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/util.c:660:11: branch_false: following ‘false’ branch (when ‘pid != 0’)...
pacman-v7.0.0/lib/libalpm/util.c:707:25: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/util.c:760:19: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/util.c:770:20: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/util.c:777:23: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/util.c:786:20: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/util.c:786:19: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/util.c:792:27: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/util.c:792:26: branch_true: following ‘true’ branch...
pacman-v7.0.0/lib/libalpm/util.c:793:52: branch_true: ...to here
pacman-v7.0.0/lib/libalpm/util.c:798:25: danger: ‘<unknown>’ leaks here; was opened at [(1)](sarif:/runs/0/results/47/codeFlows/0/threadFlows/0/locations/0)
#  796|   				signal_description = _("Unknown signal");
#  797|   			}
#  798|-> 			_alpm_log(handle, ALPM_LOG_ERROR, _("command terminated by signal %d: %s\n"),
#  799|   						WTERMSIG(status), signal_description);
#  800|   			retval = 1;

Error: GCC_ANALYZER_WARNING (CWE-775): [#def635]
pacman-v7.0.0/lib/libalpm/util.c:805:11: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘<unknown>’
pacman-v7.0.0/lib/libalpm/util.c:622:9: acquire_resource: opened here
pacman-v7.0.0/lib/libalpm/util.c:805:11: danger: ‘<unknown>’ leaks here; was opened at [(1)](sarif:/runs/0/results/48/codeFlows/0/threadFlows/0/locations/0)
#  803|   
#  804|   cleanup:
#  805|-> 	if(cwdfd >= 0) {
#  806|   		if(fchdir(cwdfd) != 0) {
#  807|   			_alpm_log(handle, ALPM_LOG_ERROR,

Error: GCC_ANALYZER_WARNING (CWE-401): [#def636]
pacman-v7.0.0/lib/libalpm/util.c:871:33: warning[-Wanalyzer-malloc-leak]: leak of ‘retpath’
pacman-v7.0.0/lib/libalpm/util.c:865:36: branch_true: following ‘true’ branch (when ‘i’ is non-NULL)...
pacman-v7.0.0/lib/libalpm/util.c:866:58: branch_true: ...to here
pacman-v7.0.0/lib/libalpm/util.c:868:19: branch_true: following ‘true’ branch...
pacman-v7.0.0/lib/libalpm/util.c:869:28: branch_true: ...to here
pacman-v7.0.0/lib/libalpm/util.c:869:27: branch_true: following ‘true’ branch...
pacman-v7.0.0/lib/libalpm/util.c:870:43: branch_true: ...to here
pacman-v7.0.0/lib/libalpm/util.c:870:43: acquire_memory: allocated here
pacman-v7.0.0/lib/libalpm/util.c:871:33: danger: ‘retpath’ leaks here; was allocated at [(7)](sarif:/runs/0/results/49/codeFlows/0/threadFlows/0/locations/6)
#  869|   			if(S_ISREG(buf.st_mode)) {
#  870|   				retpath = strdup(path);
#  871|-> 				_alpm_log(handle, ALPM_LOG_DEBUG, "found cached pkg: %s\n", retpath);
#  872|   				return retpath;
#  873|   			} else {

Error: GCC_ANALYZER_WARNING (CWE-401): [#def637]
pacman-v7.0.0/lib/libalpm/util.c:1002:18: warning[-Wanalyzer-malloc-leak]: leak of ‘opendir(dir)’
pacman-v7.0.0/lib/libalpm/util.c:995:9: branch_false: following ‘false’ branch (when ‘dir’ is non-NULL)...
pacman-v7.0.0/lib/libalpm/util.c:996:25: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/util.c:998:21: acquire_memory: allocated here
pacman-v7.0.0/lib/libalpm/util.c:999:11: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/util.c:1002:18: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/util.c:1002:18: danger: ‘opendir(dir)’ leaks here; was allocated at [(3)](sarif:/runs/0/results/50/codeFlows/0/threadFlows/0/locations/2)
# 1000|   		return;
# 1001|   	}
# 1002|-> 	for(dp = readdir(dirp); dp != NULL; dp = readdir(dirp)) {
# 1003|   		if(strcmp(dp->d_name, "..") != 0 && strcmp(dp->d_name, ".") != 0) {
# 1004|   			char name[PATH_MAX];

Error: GCC_ANALYZER_WARNING (CWE-401): [#def638]
pacman-v7.0.0/lib/libalpm/util.c:1041:9: warning[-Wanalyzer-malloc-leak]: leak of ‘buf’
pacman-v7.0.0/lib/libalpm/util.c:1039:9: acquire_memory: allocated here
pacman-v7.0.0/lib/libalpm/util.c:1039:9: branch_false: following ‘false’ branch (when ‘buf’ is non-NULL)...
 branch_false: ...to here
pacman-v7.0.0/lib/libalpm/util.c:1041:9: danger: ‘buf’ leaks here; was allocated at [(1)](sarif:/runs/0/results/51/codeFlows/0/threadFlows/0/locations/0)
# 1039|   	MALLOC(buf, (size_t)ALPM_BUFFER_SIZE, return 1);
# 1040|   
# 1041|-> 	OPEN(fd, path, O_RDONLY | O_CLOEXEC);
# 1042|   	if(fd < 0) {
# 1043|   		free(buf);

Error: GCC_ANALYZER_WARNING (CWE-775): [#def639]
pacman-v7.0.0/lib/libalpm/util.c:1042:11: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘<unknown>’
pacman-v7.0.0/lib/libalpm/util.c:1039:9: branch_false: following ‘false’ branch (when ‘buf’ is non-NULL)...
 branch_false: ...to here
pacman-v7.0.0/lib/libalpm/util.c:1041:9: acquire_resource: opened here
pacman-v7.0.0/lib/libalpm/util.c:1042:11: danger: ‘<unknown>’ leaks here; was opened at [(3)](sarif:/runs/0/results/52/codeFlows/0/threadFlows/0/locations/2)
# 1040|   
# 1041|   	OPEN(fd, path, O_RDONLY | O_CLOEXEC);
# 1042|-> 	if(fd < 0) {
# 1043|   		free(buf);
# 1044|   		return 1;

Error: GCC_ANALYZER_WARNING (CWE-775): [#def640]
pacman-v7.0.0/lib/libalpm/util.c:1049:9: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘<unknown>’
pacman-v7.0.0/lib/libalpm/util.c:1039:9: branch_false: following ‘false’ branch (when ‘buf’ is non-NULL)...
 branch_false: ...to here
pacman-v7.0.0/lib/libalpm/util.c:1041:9: acquire_resource: opened here
pacman-v7.0.0/lib/libalpm/util.c:1042:11: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/util.c:1048:15: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/util.c:1049:9: danger: ‘<unknown>’ leaks here; was opened at [(3)](sarif:/runs/0/results/53/codeFlows/0/threadFlows/0/locations/2)
# 1047|   #if HAVE_LIBSSL
# 1048|   	ctx = EVP_MD_CTX_create();
# 1049|-> 	EVP_DigestInit_ex(ctx, md, NULL);
# 1050|   #else /* HAVE_LIBNETTLE */
# 1051|   	md5_init(&ctx);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def641]
pacman-v7.0.0/lib/libalpm/util.c:1049:9: warning[-Wanalyzer-malloc-leak]: leak of ‘buf’
pacman-v7.0.0/lib/libalpm/util.c:1039:9: acquire_memory: allocated here
pacman-v7.0.0/lib/libalpm/util.c:1039:9: branch_false: following ‘false’ branch (when ‘buf’ is non-NULL)...
 branch_false: ...to here
pacman-v7.0.0/lib/libalpm/util.c:1042:11: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/util.c:1048:15: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/util.c:1049:9: danger: ‘buf’ leaks here; was allocated at [(1)](sarif:/runs/0/results/54/codeFlows/0/threadFlows/0/locations/0)
# 1047|   #if HAVE_LIBSSL
# 1048|   	ctx = EVP_MD_CTX_create();
# 1049|-> 	EVP_DigestInit_ex(ctx, md, NULL);
# 1050|   #else /* HAVE_LIBNETTLE */
# 1051|   	md5_init(&ctx);

Error: GCC_ANALYZER_WARNING (CWE-775): [#def642]
pacman-v7.0.0/lib/libalpm/util.c:1059:17: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘<unknown>’
pacman-v7.0.0/lib/libalpm/util.c:1039:9: branch_false: following ‘false’ branch (when ‘buf’ is non-NULL)...
 branch_false: ...to here
pacman-v7.0.0/lib/libalpm/util.c:1041:9: acquire_resource: opened here
pacman-v7.0.0/lib/libalpm/util.c:1042:11: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/util.c:1048:15: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/util.c:1059:17: danger: ‘<unknown>’ leaks here; was opened at [(3)](sarif:/runs/0/results/55/codeFlows/0/threadFlows/0/locations/2)
# 1057|   		}
# 1058|   #if HAVE_LIBSSL
# 1059|-> 		EVP_DigestUpdate(ctx, buf, n);
# 1060|   #else /* HAVE_LIBNETTLE */
# 1061|   		md5_update(&ctx, n, buf);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def643]
pacman-v7.0.0/lib/libalpm/util.c:1059:17: warning[-Wanalyzer-malloc-leak]: leak of ‘buf’
pacman-v7.0.0/lib/libalpm/util.c:1039:9: acquire_memory: allocated here
pacman-v7.0.0/lib/libalpm/util.c:1039:9: branch_false: following ‘false’ branch (when ‘buf’ is non-NULL)...
 branch_false: ...to here
pacman-v7.0.0/lib/libalpm/util.c:1042:11: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/util.c:1048:15: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/util.c:1059:17: danger: ‘buf’ leaks here; was allocated at [(1)](sarif:/runs/0/results/56/codeFlows/0/threadFlows/0/locations/0)
# 1057|   		}
# 1058|   #if HAVE_LIBSSL
# 1059|-> 		EVP_DigestUpdate(ctx, buf, n);
# 1060|   #else /* HAVE_LIBNETTLE */
# 1061|   		md5_update(&ctx, n, buf);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def644]
pacman-v7.0.0/lib/libalpm/util.c:1065:9: warning[-Wanalyzer-malloc-leak]: leak of ‘buf’
pacman-v7.0.0/lib/libalpm/util.c:1039:9: acquire_memory: allocated here
pacman-v7.0.0/lib/libalpm/util.c:1039:9: branch_false: following ‘false’ branch (when ‘buf’ is non-NULL)...
 branch_false: ...to here
pacman-v7.0.0/lib/libalpm/util.c:1042:11: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/util.c:1048:15: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/util.c:1065:9: danger: ‘buf’ leaks here; was allocated at [(1)](sarif:/runs/0/results/57/codeFlows/0/threadFlows/0/locations/0)
# 1063|   	}
# 1064|   
# 1065|-> 	close(fd);
# 1066|   	free(buf);
# 1067|   

Error: GCC_ANALYZER_WARNING (CWE-775): [#def645]
pacman-v7.0.0/lib/libalpm/util.c:1066:9: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘<unknown>’
pacman-v7.0.0/lib/libalpm/util.c:1039:9: branch_false: following ‘false’ branch (when ‘buf’ is non-NULL)...
 branch_false: ...to here
pacman-v7.0.0/lib/libalpm/util.c:1041:9: acquire_resource: opened here
pacman-v7.0.0/lib/libalpm/util.c:1042:11: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/util.c:1048:15: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/util.c:1066:9: danger: ‘<unknown>’ leaks here; was opened at [(3)](sarif:/runs/0/results/58/codeFlows/0/threadFlows/0/locations/2)
# 1064|   
# 1065|   	close(fd);
# 1066|-> 	free(buf);
# 1067|   
# 1068|   	if(n < 0) {

Error: GCC_ANALYZER_WARNING (CWE-401): [#def646]
pacman-v7.0.0/lib/libalpm/util.c:1100:9: warning[-Wanalyzer-malloc-leak]: leak of ‘buf’
pacman-v7.0.0/lib/libalpm/util.c:1098:9: acquire_memory: allocated here
pacman-v7.0.0/lib/libalpm/util.c:1098:9: branch_false: following ‘false’ branch (when ‘buf’ is non-NULL)...
 branch_false: ...to here
pacman-v7.0.0/lib/libalpm/util.c:1100:9: danger: ‘buf’ leaks here; was allocated at [(1)](sarif:/runs/0/results/59/codeFlows/0/threadFlows/0/locations/0)
# 1098|   	MALLOC(buf, (size_t)ALPM_BUFFER_SIZE, return 1);
# 1099|   
# 1100|-> 	OPEN(fd, path, O_RDONLY | O_CLOEXEC);
# 1101|   	if(fd < 0) {
# 1102|   		free(buf);

Error: GCC_ANALYZER_WARNING (CWE-775): [#def647]
pacman-v7.0.0/lib/libalpm/util.c:1101:11: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘<unknown>’
pacman-v7.0.0/lib/libalpm/util.c:1098:9: branch_false: following ‘false’ branch (when ‘buf’ is non-NULL)...
 branch_false: ...to here
pacman-v7.0.0/lib/libalpm/util.c:1100:9: acquire_resource: opened here
pacman-v7.0.0/lib/libalpm/util.c:1101:11: danger: ‘<unknown>’ leaks here; was opened at [(3)](sarif:/runs/0/results/60/codeFlows/0/threadFlows/0/locations/2)
# 1099|   
# 1100|   	OPEN(fd, path, O_RDONLY | O_CLOEXEC);
# 1101|-> 	if(fd < 0) {
# 1102|   		free(buf);
# 1103|   		return 1;

Error: GCC_ANALYZER_WARNING (CWE-775): [#def648]
pacman-v7.0.0/lib/libalpm/util.c:1108:9: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘<unknown>’
pacman-v7.0.0/lib/libalpm/util.c:1098:9: branch_false: following ‘false’ branch (when ‘buf’ is non-NULL)...
 branch_false: ...to here
pacman-v7.0.0/lib/libalpm/util.c:1100:9: acquire_resource: opened here
pacman-v7.0.0/lib/libalpm/util.c:1101:11: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/util.c:1107:15: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/util.c:1108:9: danger: ‘<unknown>’ leaks here; was opened at [(3)](sarif:/runs/0/results/61/codeFlows/0/threadFlows/0/locations/2)
# 1106|   #if HAVE_LIBSSL
# 1107|   	ctx = EVP_MD_CTX_create();
# 1108|-> 	EVP_DigestInit_ex(ctx, md, NULL);
# 1109|   #else /* HAVE_LIBNETTLE */
# 1110|   	sha256_init(&ctx);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def649]
pacman-v7.0.0/lib/libalpm/util.c:1108:9: warning[-Wanalyzer-malloc-leak]: leak of ‘buf’
pacman-v7.0.0/lib/libalpm/util.c:1098:9: acquire_memory: allocated here
pacman-v7.0.0/lib/libalpm/util.c:1098:9: branch_false: following ‘false’ branch (when ‘buf’ is non-NULL)...
 branch_false: ...to here
pacman-v7.0.0/lib/libalpm/util.c:1101:11: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/util.c:1107:15: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/util.c:1108:9: danger: ‘buf’ leaks here; was allocated at [(1)](sarif:/runs/0/results/62/codeFlows/0/threadFlows/0/locations/0)
# 1106|   #if HAVE_LIBSSL
# 1107|   	ctx = EVP_MD_CTX_create();
# 1108|-> 	EVP_DigestInit_ex(ctx, md, NULL);
# 1109|   #else /* HAVE_LIBNETTLE */
# 1110|   	sha256_init(&ctx);

Error: GCC_ANALYZER_WARNING (CWE-775): [#def650]
pacman-v7.0.0/lib/libalpm/util.c:1118:17: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘<unknown>’
pacman-v7.0.0/lib/libalpm/util.c:1098:9: branch_false: following ‘false’ branch (when ‘buf’ is non-NULL)...
 branch_false: ...to here
pacman-v7.0.0/lib/libalpm/util.c:1100:9: acquire_resource: opened here
pacman-v7.0.0/lib/libalpm/util.c:1101:11: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/util.c:1107:15: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/util.c:1118:17: danger: ‘<unknown>’ leaks here; was opened at [(3)](sarif:/runs/0/results/63/codeFlows/0/threadFlows/0/locations/2)
# 1116|   		}
# 1117|   #if HAVE_LIBSSL
# 1118|-> 		EVP_DigestUpdate(ctx, buf, n);
# 1119|   #else /* HAVE_LIBNETTLE */
# 1120|   		sha256_update(&ctx, n, buf);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def651]
pacman-v7.0.0/lib/libalpm/util.c:1118:17: warning[-Wanalyzer-malloc-leak]: leak of ‘buf’
pacman-v7.0.0/lib/libalpm/util.c:1098:9: acquire_memory: allocated here
pacman-v7.0.0/lib/libalpm/util.c:1098:9: branch_false: following ‘false’ branch (when ‘buf’ is non-NULL)...
 branch_false: ...to here
pacman-v7.0.0/lib/libalpm/util.c:1101:11: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/util.c:1107:15: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/util.c:1118:17: danger: ‘buf’ leaks here; was allocated at [(1)](sarif:/runs/0/results/64/codeFlows/0/threadFlows/0/locations/0)
# 1116|   		}
# 1117|   #if HAVE_LIBSSL
# 1118|-> 		EVP_DigestUpdate(ctx, buf, n);
# 1119|   #else /* HAVE_LIBNETTLE */
# 1120|   		sha256_update(&ctx, n, buf);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def652]
pacman-v7.0.0/lib/libalpm/util.c:1124:9: warning[-Wanalyzer-malloc-leak]: leak of ‘buf’
pacman-v7.0.0/lib/libalpm/util.c:1098:9: acquire_memory: allocated here
pacman-v7.0.0/lib/libalpm/util.c:1098:9: branch_false: following ‘false’ branch (when ‘buf’ is non-NULL)...
 branch_false: ...to here
pacman-v7.0.0/lib/libalpm/util.c:1101:11: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/util.c:1107:15: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/util.c:1124:9: danger: ‘buf’ leaks here; was allocated at [(1)](sarif:/runs/0/results/65/codeFlows/0/threadFlows/0/locations/0)
# 1122|   	}
# 1123|   
# 1124|-> 	close(fd);
# 1125|   	free(buf);
# 1126|   

Error: GCC_ANALYZER_WARNING (CWE-775): [#def653]
pacman-v7.0.0/lib/libalpm/util.c:1125:9: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘<unknown>’
pacman-v7.0.0/lib/libalpm/util.c:1098:9: branch_false: following ‘false’ branch (when ‘buf’ is non-NULL)...
 branch_false: ...to here
pacman-v7.0.0/lib/libalpm/util.c:1100:9: acquire_resource: opened here
pacman-v7.0.0/lib/libalpm/util.c:1101:11: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/util.c:1107:15: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/util.c:1125:9: danger: ‘<unknown>’ leaks here; was opened at [(3)](sarif:/runs/0/results/66/codeFlows/0/threadFlows/0/locations/2)
# 1123|   
# 1124|   	close(fd);
# 1125|-> 	free(buf);
# 1126|   
# 1127|   	if(n < 0) {

Error: CPPCHECK_WARNING (CWE-476): [#def654]
pacman-v7.0.0/lib/libalpm/version.c:49: warning[nullPointerOutOfMemory]: If memory allocation fails, then there is a possible null pointer dereference: s
#   47|   	s = evr;
#   48|   	/* s points to epoch terminator */
#   49|-> 	while (*s && isdigit(*s)) s++;
#   50|   	/* se points to version terminator */
#   51|   	se = strrchr(s, '-');

Error: GCC_ANALYZER_WARNING (CWE-476): [#def655]
pacman-v7.0.0/lib/libalpm/version.c:49:16: warning[-Wanalyzer-possible-null-dereference]: dereference of possibly-NULL ‘s’
pacman-v7.0.0/lib/libalpm/version.c:219:15: enter_function: entry to ‘alpm_pkg_vercmp’
pacman-v7.0.0/lib/libalpm/version.c:227:11: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/version.c:229:18: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/version.c:229:18: branch_false: following ‘false’ branch (when ‘a’ is non-NULL)...
pacman-v7.0.0/lib/libalpm/version.c:231:18: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/version.c:231:18: branch_false: following ‘false’ branch (when ‘b’ is non-NULL)...
pacman-v7.0.0/lib/libalpm/version.c:235:12: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/version.c:235:11: branch_false: following ‘false’ branch (when the strings are non-equal)...
pacman-v7.0.0/lib/libalpm/version.c:242:17: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/version.c:242:17: acquire_memory: this call could return NULL
pacman-v7.0.0/lib/libalpm/version.c:246:9: call_function: calling ‘parseEVR’ from ‘alpm_pkg_vercmp’
#   47|   	s = evr;
#   48|   	/* s points to epoch terminator */
#   49|-> 	while (*s && isdigit(*s)) s++;
#   50|   	/* se points to version terminator */
#   51|   	se = strrchr(s, '-');

Error: CPPCHECK_WARNING (CWE-476): [#def656]
pacman-v7.0.0/lib/libalpm/version.c:57: warning[nullPointerOutOfMemory]: If memory allocation fails, then there is a possible null pointer dereference: epoch
#   55|   		*s++ = '\0';
#   56|   		version = s;
#   57|-> 		if(*epoch == '\0') {
#   58|   			epoch = "0";
#   59|   		}

Error: CPPCHECK_WARNING (CWE-476): [#def657]
pacman-v7.0.0/lib/libalpm/version.c:103: warning[nullPointerOutOfMemory]: If memory allocation fails, then there is a possible null pointer dereference: one
#  101|   
#  102|   	/* loop through each version segment of str1 and str2 and compare them */
#  103|-> 	while (*one && *two) {
#  104|   		while (*one && !isalnum((int)*one)) one++;
#  105|   		while (*two && !isalnum((int)*two)) two++;

Error: GCC_ANALYZER_WARNING (CWE-476): [#def658]
pacman-v7.0.0/lib/libalpm/version.c:103:16: warning[-Wanalyzer-possible-null-dereference]: dereference of possibly-NULL ‘ptr1’
pacman-v7.0.0/lib/libalpm/version.c:96:16: acquire_memory: this call could return NULL
pacman-v7.0.0/lib/libalpm/version.c:103:16: danger: ‘ptr1’ could be NULL: unchecked value from [(1)](sarif:/runs/0/results/1/codeFlows/0/threadFlows/0/locations/0)
#  101|   
#  102|   	/* loop through each version segment of str1 and str2 and compare them */
#  103|-> 	while (*one && *two) {
#  104|   		while (*one && !isalnum((int)*one)) one++;
#  105|   		while (*two && !isalnum((int)*two)) two++;

Error: GCC_ANALYZER_WARNING (CWE-476): [#def659]
pacman-v7.0.0/lib/libalpm/version.c:103:24: warning[-Wanalyzer-possible-null-dereference]: dereference of possibly-NULL ‘ptr2’
pacman-v7.0.0/lib/libalpm/version.c:97:16: acquire_memory: this call could return NULL
pacman-v7.0.0/lib/libalpm/version.c:103:16: branch_true: following ‘true’ branch...
pacman-v7.0.0/lib/libalpm/version.c:103:24: branch_true: ...to here
pacman-v7.0.0/lib/libalpm/version.c:103:24: danger: ‘ptr2’ could be NULL: unchecked value from [(1)](sarif:/runs/0/results/2/codeFlows/0/threadFlows/0/locations/0)
#  101|   
#  102|   	/* loop through each version segment of str1 and str2 and compare them */
#  103|-> 	while (*one && *two) {
#  104|   		while (*one && !isalnum((int)*one)) one++;
#  105|   		while (*two && !isalnum((int)*two)) two++;

Error: GCC_ANALYZER_WARNING (CWE-476): [#def660]
pacman-v7.0.0/lib/libalpm/version.c:195:26: warning[-Wanalyzer-possible-null-dereference]: dereference of possibly-NULL ‘two’
pacman-v7.0.0/lib/libalpm/version.c:97:16: acquire_memory: this call could return NULL
pacman-v7.0.0/lib/libalpm/version.c:103:16: branch_false: following ‘false’ branch...
pacman-v7.0.0/lib/libalpm/version.c:195:15: branch_false: ...to here
pacman-v7.0.0/lib/libalpm/version.c:195:12: branch_true: following ‘true’ branch...
pacman-v7.0.0/lib/libalpm/version.c:195:26: branch_true: ...to here
pacman-v7.0.0/lib/libalpm/version.c:195:26: danger: ‘two’ could be NULL: unchecked value from [(1)](sarif:/runs/0/results/3/codeFlows/0/threadFlows/0/locations/0)
#  193|   	/* compared identically but the segment separating characters were */
#  194|   	/* different */
#  195|-> 	if ((!*one) && (!*two)) {
#  196|   		ret = 0;
#  197|   		goto cleanup;

Error: GCC_ANALYZER_WARNING (CWE-775): [#def661]
pacman-v7.0.0/src/common/ini.c:62:15: warning[-Wanalyzer-file-leak]: leak of FILE ‘fopen(file, "r")’
pacman-v7.0.0/src/common/ini.c:57:14: acquire_resource: opened here
pacman-v7.0.0/src/common/ini.c:58:11: branch_false: following ‘false’ branch...
 branch_false: ...to here
pacman-v7.0.0/src/common/ini.c:62:15: danger: ‘fopen(file, "r")’ leaks here; was opened at [(1)](sarif:/runs/0/results/0/codeFlows/0/threadFlows/0/locations/0)
#   60|   	}
#   61|   
#   62|-> 	while(safe_fgets(line, PATH_MAX, fp)) {
#   63|   		char *key, *value;
#   64|   		size_t line_len;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def662]
pacman-v7.0.0/src/common/ini.c:62:15: warning[-Wanalyzer-malloc-leak]: leak of ‘fopen(file, "r")’
pacman-v7.0.0/src/common/ini.c:57:14: acquire_memory: allocated here
pacman-v7.0.0/src/common/ini.c:58:11: branch_false: following ‘false’ branch...
 branch_false: ...to here
pacman-v7.0.0/src/common/ini.c:62:15: danger: ‘fopen(file, "r")’ leaks here; was allocated at [(1)](sarif:/runs/0/results/1/codeFlows/0/threadFlows/0/locations/0)
#   60|   	}
#   61|   
#   62|-> 	while(safe_fgets(line, PATH_MAX, fp)) {
#   63|   		char *key, *value;
#   64|   		size_t line_len;

Error: CPPCHECK_WARNING (CWE-476): [#def663]
pacman-v7.0.0/src/common/ini.c:78: warning[nullPointerOutOfMemory]: If memory allocation fails, then there is a possible null pointer dereference: name
#   76|   			/* new config section, skip the '[' */
#   77|   			name = strdup(line + 1);
#   78|-> 			name[line_len - 2] = '\0';
#   79|   
#   80|   			ret = cb(file, linenum, name, NULL, NULL, data);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def664]
pacman-v7.0.0/src/common/ini.c:80:31: warning[-Wanalyzer-malloc-leak]: leak of ‘name’
pacman-v7.0.0/src/common/ini.c:58:11: branch_false: following ‘false’ branch...
 branch_false: ...to here
pacman-v7.0.0/src/common/ini.c:62:15: branch_true: following ‘true’ branch...
pacman-v7.0.0/src/common/ini.c:66:17: branch_true: ...to here
pacman-v7.0.0/src/common/ini.c:70:19: branch_false: following ‘false’ branch...
pacman-v7.0.0/src/common/ini.c:74:19: branch_true: following ‘true’ branch...
pacman-v7.0.0/src/common/ini.c:77:32: acquire_memory: allocated here
pacman-v7.0.0/src/common/ini.c:80:31: danger: ‘name’ leaks here; was allocated at [(9)](sarif:/runs/0/results/2/codeFlows/0/threadFlows/0/locations/8)
#   78|   			name[line_len - 2] = '\0';
#   79|   
#   80|-> 			ret = cb(file, linenum, name, NULL, NULL, data);
#   81|   			free(section_name);
#   82|   			section_name = name;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def665]
pacman-v7.0.0/src/pacman/callback.c:714:23: warning[-Wanalyzer-malloc-leak]: leak of ‘clean_filename(filename)’
pacman-v7.0.0/src/pacman/callback.c:1115:6: enter_function: entry to ‘cb_download’
pacman-v7.0.0/src/pacman/callback.c:1120:11: branch_false: following ‘false’ branch...
pacman-v7.0.0/src/pacman/callback.c:1124:11: branch_false: ...to here
pacman-v7.0.0/src/pacman/callback.c:1124:11: branch_true: following ‘true’ branch (when ‘event == 0’)...
pacman-v7.0.0/src/pacman/callback.c:1125:17: branch_true: ...to here
pacman-v7.0.0/src/pacman/callback.c:1125:17: call_function: calling ‘dload_init_event’ from ‘cb_download’
#  712|   static int dload_progressbar_enabled(void)
#  713|   {
#  714|-> 	return !config->noprogressbar && (getcols() != 0);
#  715|   }
#  716|   

Error: GCC_ANALYZER_WARNING (CWE-401): [#def666]
pacman-v7.0.0/src/pacman/callback.c:714:43: warning[-Wanalyzer-malloc-leak]: leak of ‘clean_filename(filename)’
pacman-v7.0.0/src/pacman/callback.c:1115:6: enter_function: entry to ‘cb_download’
pacman-v7.0.0/src/pacman/callback.c:1120:11: branch_false: following ‘false’ branch...
pacman-v7.0.0/src/pacman/callback.c:1124:11: branch_false: ...to here
pacman-v7.0.0/src/pacman/callback.c:1124:11: branch_true: following ‘true’ branch (when ‘event == 0’)...
pacman-v7.0.0/src/pacman/callback.c:1125:17: branch_true: ...to here
pacman-v7.0.0/src/pacman/callback.c:1125:17: call_function: calling ‘dload_init_event’ from ‘cb_download’
#  712|   static int dload_progressbar_enabled(void)
#  713|   {
#  714|-> 	return !config->noprogressbar && (getcols() != 0);
#  715|   }
#  716|   

Error: GCC_ANALYZER_WARNING (CWE-401): [#def667]
pacman-v7.0.0/src/pacman/callback.c:721:17: warning[-Wanalyzer-malloc-leak]: leak of ‘clean_filename(filename)’
pacman-v7.0.0/src/pacman/callback.c:1115:6: enter_function: entry to ‘cb_download’
pacman-v7.0.0/src/pacman/callback.c:1120:11: branch_false: following ‘false’ branch...
pacman-v7.0.0/src/pacman/callback.c:1124:11: branch_false: ...to here
pacman-v7.0.0/src/pacman/callback.c:1124:11: branch_true: following ‘true’ branch (when ‘event == 0’)...
pacman-v7.0.0/src/pacman/callback.c:1125:17: branch_true: ...to here
pacman-v7.0.0/src/pacman/callback.c:1125:17: call_function: calling ‘dload_init_event’ from ‘cb_download’
#  719|   {
#  720|   	if(num > multibar_ui.cursor_lineno) {
#  721|-> 		console_cursor_move_down(num - multibar_ui.cursor_lineno);
#  722|   	} else if(num < multibar_ui.cursor_lineno) {
#  723|   		console_cursor_move_up(multibar_ui.cursor_lineno - num);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def668]
pacman-v7.0.0/src/pacman/callback.c:723:17: warning[-Wanalyzer-malloc-leak]: leak of ‘clean_filename(filename)’
pacman-v7.0.0/src/pacman/callback.c:1115:6: enter_function: entry to ‘cb_download’
pacman-v7.0.0/src/pacman/callback.c:1120:11: branch_false: following ‘false’ branch...
pacman-v7.0.0/src/pacman/callback.c:1124:11: branch_false: ...to here
pacman-v7.0.0/src/pacman/callback.c:1124:11: branch_true: following ‘true’ branch (when ‘event == 0’)...
pacman-v7.0.0/src/pacman/callback.c:1125:17: branch_true: ...to here
pacman-v7.0.0/src/pacman/callback.c:1125:17: call_function: calling ‘dload_init_event’ from ‘cb_download’
#  721|   		console_cursor_move_down(num - multibar_ui.cursor_lineno);
#  722|   	} else if(num < multibar_ui.cursor_lineno) {
#  723|-> 		console_cursor_move_up(multibar_ui.cursor_lineno - num);
#  724|   	}
#  725|   	multibar_ui.cursor_lineno = num;

Error: CPPCHECK_WARNING (CWE-476): [#def669]
pacman-v7.0.0/src/pacman/callback.c:769: warning[nullPointerOutOfMemory]: If memory allocation fails, then there is a possible null pointer dereference: fname
#  767|   	char *fname = strdup(filename);
#  768|   	/* strip package or DB extension for cleaner look */
#  769|-> 	if((p = strstr(fname, ".pkg")) || (p = strstr(fname, ".db")) || (p = strstr(fname, ".files"))) {
#  770|   		fname[p - fname] = '\0';
#  771|   	}

Error: GCC_ANALYZER_WARNING (CWE-688): [#def670]
pacman-v7.0.0/src/pacman/callback.c:769:17: warning[-Wanalyzer-possible-null-argument]: use of possibly-NULL ‘fname’ where non-null expected
pacman-v7.0.0/src/pacman/callback.c:1115:6: enter_function: entry to ‘cb_download’
pacman-v7.0.0/src/pacman/callback.c:1120:11: branch_false: following ‘false’ branch...
pacman-v7.0.0/src/pacman/callback.c:1124:11: branch_false: ...to here
pacman-v7.0.0/src/pacman/callback.c:1124:11: branch_true: following ‘true’ branch (when ‘event == 0’)...
pacman-v7.0.0/src/pacman/callback.c:1125:17: branch_true: ...to here
pacman-v7.0.0/src/pacman/callback.c:1125:17: call_function: calling ‘dload_init_event’ from ‘cb_download’
#argument 1 of ‘__builtin_strstr’ must be non-null
#  767|   	char *fname = strdup(filename);
#  768|   	/* strip package or DB extension for cleaner look */
#  769|-> 	if((p = strstr(fname, ".pkg")) || (p = strstr(fname, ".db")) || (p = strstr(fname, ".files"))) {
#  770|   		fname[p - fname] = '\0';
#  771|   	}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def671]
pacman-v7.0.0/src/pacman/callback.c:789:37: warning[-Wanalyzer-malloc-leak]: leak of ‘clean_filename(filename)’
pacman-v7.0.0/src/pacman/callback.c:1115:6: enter_function: entry to ‘cb_download’
pacman-v7.0.0/src/pacman/callback.c:1120:11: branch_false: following ‘false’ branch...
pacman-v7.0.0/src/pacman/callback.c:1124:11: branch_false: ...to here
pacman-v7.0.0/src/pacman/callback.c:1124:11: branch_true: following ‘true’ branch (when ‘event == 0’)...
pacman-v7.0.0/src/pacman/callback.c:1125:17: branch_true: ...to here
pacman-v7.0.0/src/pacman/callback.c:1125:17: call_function: calling ‘dload_init_event’ from ‘cb_download’
#  787|   	int file_percent = 0;
#  788|   
#  789|-> 	const unsigned short cols = getcols();
#  790|   
#  791|   	if(bar->total_size) {

Error: CPPCHECK_WARNING (CWE-476): [#def672]
pacman-v7.0.0/src/pacman/callback.c:810: warning[nullPointerOutOfMemory]: If memory allocation fails, then there is a possible null pointer dereference: name
#  808|   		size_t needed = strlen(fname) + (digits * 2) + 4 + 1;
#  809|   		char *name = malloc(needed);
#  810|-> 		snprintf(name, needed, "%s (%*zu/%*zu)", fname, digits, bar->downloaded, digits, bar->howmany);
#  811|   		free(fname);
#  812|   		fname = name;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def673]
pacman-v7.0.0/src/pacman/callback.c:851:22: warning[-Wanalyzer-malloc-leak]: leak of ‘clean_filename(filename)’
pacman-v7.0.0/src/pacman/callback.c:1115:6: enter_function: entry to ‘cb_download’
pacman-v7.0.0/src/pacman/callback.c:1120:11: branch_false: following ‘false’ branch...
pacman-v7.0.0/src/pacman/callback.c:1124:11: branch_false: ...to here
pacman-v7.0.0/src/pacman/callback.c:1124:11: branch_true: following ‘true’ branch (when ‘event == 0’)...
pacman-v7.0.0/src/pacman/callback.c:1125:17: branch_true: ...to here
pacman-v7.0.0/src/pacman/callback.c:1125:17: call_function: calling ‘dload_init_event’ from ‘cb_download’
#  849|   	}
#  850|   
#  851|-> 	rate_human = humanize_size((off_t)bar->rate, '\0', -1, &rate_label);
#  852|   	xfered_human = humanize_size(bar->sync_xfered, '\0', -1, &xfered_label);
#  853|   

Error: GCC_ANALYZER_WARNING (CWE-401): [#def674]
pacman-v7.0.0/src/pacman/callback.c:851:22: warning[-Wanalyzer-malloc-leak]: leak of ‘fname’
pacman-v7.0.0/src/pacman/callback.c:1032:13: enter_function: entry to ‘dload_complete_event’
pacman-v7.0.0/src/pacman/callback.c:1038:11: branch_false: following ‘false’ branch...
pacman-v7.0.0/src/pacman/callback.c:1042:12: branch_false: ...to here
pacman-v7.0.0/src/pacman/callback.c:1047:9: branch_true: following ‘true’ branch...
pacman-v7.0.0/src/pacman/callback.c:1048:12: branch_true: ...to here
pacman-v7.0.0/src/pacman/callback.c:1054:11: branch_false: following ‘false’ branch...
pacman-v7.0.0/src/pacman/callback.c:1061:18: branch_false: ...to here
pacman-v7.0.0/src/pacman/callback.c:1061:18: branch_true: following ‘true’ branch...
pacman-v7.0.0/src/pacman/callback.c:1062:17: branch_true: ...to here
pacman-v7.0.0/src/pacman/callback.c:1080:17: call_function: calling ‘draw_pacman_progress_bar’ from ‘dload_complete_event’
#  849|   	}
#  850|   
#  851|-> 	rate_human = humanize_size((off_t)bar->rate, '\0', -1, &rate_label);
#  852|   	xfered_human = humanize_size(bar->sync_xfered, '\0', -1, &xfered_label);
#  853|   

Error: GCC_ANALYZER_WARNING (CWE-401): [#def675]
pacman-v7.0.0/src/pacman/callback.c:852:24: warning[-Wanalyzer-malloc-leak]: leak of ‘clean_filename(filename)’
pacman-v7.0.0/src/pacman/callback.c:1115:6: enter_function: entry to ‘cb_download’
pacman-v7.0.0/src/pacman/callback.c:1120:11: branch_false: following ‘false’ branch...
pacman-v7.0.0/src/pacman/callback.c:1124:11: branch_false: ...to here
pacman-v7.0.0/src/pacman/callback.c:1124:11: branch_true: following ‘true’ branch (when ‘event == 0’)...
pacman-v7.0.0/src/pacman/callback.c:1125:17: branch_true: ...to here
pacman-v7.0.0/src/pacman/callback.c:1125:17: call_function: calling ‘dload_init_event’ from ‘cb_download’
#  850|   
#  851|   	rate_human = humanize_size((off_t)bar->rate, '\0', -1, &rate_label);
#  852|-> 	xfered_human = humanize_size(bar->sync_xfered, '\0', -1, &xfered_label);
#  853|   
#  854|   	printf(" %ls%-*s ", wcfname, padwid, "");

Error: GCC_ANALYZER_WARNING (CWE-401): [#def676]
pacman-v7.0.0/src/pacman/callback.c:852:24: warning[-Wanalyzer-malloc-leak]: leak of ‘fname’
pacman-v7.0.0/src/pacman/callback.c:1032:13: enter_function: entry to ‘dload_complete_event’
pacman-v7.0.0/src/pacman/callback.c:1038:11: branch_false: following ‘false’ branch...
pacman-v7.0.0/src/pacman/callback.c:1042:12: branch_false: ...to here
pacman-v7.0.0/src/pacman/callback.c:1047:9: branch_true: following ‘true’ branch...
pacman-v7.0.0/src/pacman/callback.c:1048:12: branch_true: ...to here
pacman-v7.0.0/src/pacman/callback.c:1054:11: branch_false: following ‘false’ branch...
pacman-v7.0.0/src/pacman/callback.c:1061:18: branch_false: ...to here
pacman-v7.0.0/src/pacman/callback.c:1061:18: branch_true: following ‘true’ branch...
pacman-v7.0.0/src/pacman/callback.c:1062:17: branch_true: ...to here
pacman-v7.0.0/src/pacman/callback.c:1080:17: call_function: calling ‘draw_pacman_progress_bar’ from ‘dload_complete_event’
#  850|   
#  851|   	rate_human = humanize_size((off_t)bar->rate, '\0', -1, &rate_label);
#  852|-> 	xfered_human = humanize_size(bar->sync_xfered, '\0', -1, &xfered_label);
#  853|   
#  854|   	printf(" %ls%-*s ", wcfname, padwid, "");

Error: GCC_ANALYZER_WARNING (CWE-401): [#def677]
pacman-v7.0.0/src/pacman/callback.c:898:40: warning[-Wanalyzer-malloc-leak]: leak of ‘<unknown>’
pacman-v7.0.0/src/pacman/callback.c:1115:6: enter_function: entry to ‘cb_download’
pacman-v7.0.0/src/pacman/callback.c:1120:11: branch_false: following ‘false’ branch...
pacman-v7.0.0/src/pacman/callback.c:1124:11: branch_false: ...to here
pacman-v7.0.0/src/pacman/callback.c:1124:11: branch_true: following ‘true’ branch (when ‘event == 0’)...
pacman-v7.0.0/src/pacman/callback.c:1125:17: branch_true: ...to here
pacman-v7.0.0/src/pacman/callback.c:1125:17: call_function: calling ‘dload_init_event’ from ‘cb_download’
#  896|   	bar->init_time = get_time_ms();
#  897|   	bar->rate = 0.0;
#  898|-> 	multibar_ui.active_downloads = alpm_list_add(multibar_ui.active_downloads, bar);
#  899|   
#  900|   	console_cursor_move_end();

Error: GCC_ANALYZER_WARNING (CWE-401): [#def678]
pacman-v7.0.0/src/pacman/callback.c:898:40: warning[-Wanalyzer-malloc-leak]: leak of ‘bar’
pacman-v7.0.0/src/pacman/callback.c:1115:6: enter_function: entry to ‘cb_download’
pacman-v7.0.0/src/pacman/callback.c:1120:11: branch_false: following ‘false’ branch...
pacman-v7.0.0/src/pacman/callback.c:1124:11: branch_false: ...to here
pacman-v7.0.0/src/pacman/callback.c:1124:11: branch_true: following ‘true’ branch (when ‘event == 0’)...
pacman-v7.0.0/src/pacman/callback.c:1125:17: branch_true: ...to here
pacman-v7.0.0/src/pacman/callback.c:1125:17: call_function: calling ‘dload_init_event’ from ‘cb_download’
#  896|   	bar->init_time = get_time_ms();
#  897|   	bar->rate = 0.0;
#  898|-> 	multibar_ui.active_downloads = alpm_list_add(multibar_ui.active_downloads, bar);
#  899|   
#  900|   	console_cursor_move_end();

Error: GCC_ANALYZER_WARNING (CWE-401): [#def679]
pacman-v7.0.0/src/pacman/callback.c:898:40: warning[-Wanalyzer-malloc-leak]: leak of ‘clean_filename(filename)’
pacman-v7.0.0/src/pacman/callback.c:1115:6: enter_function: entry to ‘cb_download’
pacman-v7.0.0/src/pacman/callback.c:1120:11: branch_false: following ‘false’ branch...
pacman-v7.0.0/src/pacman/callback.c:1124:11: branch_false: ...to here
pacman-v7.0.0/src/pacman/callback.c:1124:11: branch_true: following ‘true’ branch (when ‘event == 0’)...
pacman-v7.0.0/src/pacman/callback.c:1125:17: branch_true: ...to here
pacman-v7.0.0/src/pacman/callback.c:1125:17: call_function: calling ‘dload_init_event’ from ‘cb_download’
#  896|   	bar->init_time = get_time_ms();
#  897|   	bar->rate = 0.0;
#  898|-> 	multibar_ui.active_downloads = alpm_list_add(multibar_ui.active_downloads, bar);
#  899|   
#  900|   	console_cursor_move_end();

Error: CPPCHECK_WARNING (CWE-476): [#def680]
pacman-v7.0.0/src/pacman/conf.c:199: warning[nullPointerOutOfMemory]: If memory allocation fails, then there is a possible null pointer dereference: destfile
#  197|   	size_t len = strlen(path) + strlen(filename) + 1;
#  198|   	destfile = calloc(len, sizeof(char));
#  199|-> 	snprintf(destfile, len, "%s%s", path, filename);
#  200|   
#  201|   	return destfile;

Error: CPPCHECK_WARNING (CWE-476): [#def681]
pacman-v7.0.0/src/pacman/conf.c:211: warning[nullPointerOutOfMemory]: If memory allocation fails, then there is a possible null pointer dereference: tempfile
#  209|   	size_t len = strlen(path) + strlen(filename) + 6;
#  210|   	tempfile = calloc(len, sizeof(char));
#  211|-> 	snprintf(tempfile, len, "%s%s.part", path, filename);
#  212|   
#  213|   	return tempfile;

Error: CPPCHECK_WARNING (CWE-476): [#def682]
pacman-v7.0.0/src/pacman/conf.c:1246: warning[nullPointerOutOfMemory]: If memory allocation fails, then there is a possible null pointer dereference: section->repo
# 1244|   		} else {
# 1245|   			section->repo = calloc(sizeof(config_repo_t), 1);
# 1246|-> 			section->repo->name = strdup(name);
# 1247|   			section->repo->siglevel = ALPM_SIG_USE_DEFAULT;
# 1248|   			section->repo->usage = 0;

Error: CPPCHECK_WARNING (CWE-476): [#def683]
pacman-v7.0.0/src/pacman/conf.c:1332: warning[nullPointerOutOfMemory]: If memory allocation fails, then there is a possible null pointer dereference: rootdir
# 1330|   	if(c->rootdir) {
# 1331|   		char* rootdir = strdup(c->rootdir);
# 1332|-> 		int rootdir_len = strlen(rootdir);
# 1333|   		/* This removes trailing slashes from the root directory */
# 1334|   		if(rootdir[rootdir_len-1] == '/'){

Error: GCC_ANALYZER_WARNING (CWE-688): [#def684]
pacman-v7.0.0/src/pacman/conf.c:1332:35: warning[-Wanalyzer-possible-null-argument]: use of possibly-NULL ‘rootdir’ where non-null expected
pacman-v7.0.0/src/pacman/conf.c:1330:11: branch_true: following ‘true’ branch...
pacman-v7.0.0/src/pacman/conf.c:1331:33: branch_true: ...to here
pacman-v7.0.0/src/pacman/conf.c:1331:33: acquire_memory: this call could return NULL
pacman-v7.0.0/src/pacman/conf.c:1332:35: danger: argument 1 (‘rootdir’) from [(3)](sarif:/runs/0/results/0/codeFlows/0/threadFlows/0/locations/2) could be NULL where non-null expected
#argument 1 of ‘__builtin_strlen’ must be non-null
# 1330|   	if(c->rootdir) {
# 1331|   		char* rootdir = strdup(c->rootdir);
# 1332|-> 		int rootdir_len = strlen(rootdir);
# 1333|   		/* This removes trailing slashes from the root directory */
# 1334|   		if(rootdir[rootdir_len-1] == '/'){

Error: CPPCHECK_WARNING (CWE-476): [#def685]
pacman-v7.0.0/src/pacman/conf.c:1334: warning[nullPointerOutOfMemory]: If memory allocation fails, then there is a possible null pointer dereference: rootdir
# 1332|   		int rootdir_len = strlen(rootdir);
# 1333|   		/* This removes trailing slashes from the root directory */
# 1334|-> 		if(rootdir[rootdir_len-1] == '/'){
# 1335|   			rootdir[rootdir_len-1] = '\0';
# 1336|   		}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def686]
pacman-v7.0.0/src/pacman/conf.c:1344:40: warning[-Wanalyzer-malloc-leak]: leak of ‘ppath’
pacman-v7.0.0/src/pacman/conf.c:1330:11: branch_true: following ‘true’ branch...
pacman-v7.0.0/src/pacman/conf.c:1331:33: branch_true: ...to here
pacman-v7.0.0/src/pacman/conf.c:1338:19: branch_true: following ‘true’ branch...
pacman-v7.0.0/src/pacman/conf.c:1340:25: branch_true: ...to here
pacman-v7.0.0/src/pacman/conf.c:1341:33: acquire_memory: allocated here
pacman-v7.0.0/src/pacman/conf.c:1342:27: branch_false: following ‘false’ branch (when ‘ppath’ is non-NULL)...
pacman-v7.0.0/src/pacman/conf.c:1346:25: branch_false: ...to here
pacman-v7.0.0/src/pacman/conf.c:1346:25: branch_false: following ‘false’ branch...
pacman-v7.0.0/src/pacman/conf.c:1348:21: branch_false: ...to here
pacman-v7.0.0/src/pacman/conf.c:1348:19: branch_true: following ‘true’ branch...
pacman-v7.0.0/src/pacman/conf.c:1350:25: branch_true: ...to here
pacman-v7.0.0/src/pacman/conf.c:1352:27: branch_true: following ‘true’ branch (when ‘ppath’ is NULL)...
pacman-v7.0.0/src/pacman/conf.c:1353:33: branch_true: ...to here
pacman-v7.0.0/src/pacman/conf.c:1344:40: danger: ‘ppath’ leaks here; was allocated at [(5)](sarif:/runs/0/results/1/codeFlows/0/threadFlows/0/locations/4)
# 1342|   			if(ppath == NULL) {
# 1343|   				free(rootdir);
# 1344|-> 				return -1;
# 1345|   			}
# 1346|   			SETDEFAULT(c->dbpath, ppath);

Error: CPPCHECK_WARNING (CWE-401): [#def687]
pacman-v7.0.0/src/pacman/conf.c:1347: error[memleak]: Memory leak: ppath
# 1345|   			}
# 1346|   			SETDEFAULT(c->dbpath, ppath);
# 1347|-> 		}
# 1348|   		if(!c->logfile) {
# 1349|   			char* ppath;

Error: CPPCHECK_WARNING (CWE-401): [#def688]
pacman-v7.0.0/src/pacman/conf.c:1357: error[memleak]: Memory leak: ppath
# 1355|   			}
# 1356|   			SETDEFAULT(c->logfile, ppath);
# 1357|-> 		}
# 1358|   		free(rootdir);
# 1359|   	} else {

Error: GCC_ANALYZER_WARNING (CWE-401): [#def689]
pacman-v7.0.0/src/pacman/conf.c:1365:9: warning[-Wanalyzer-malloc-leak]: leak of ‘ppath’
pacman-v7.0.0/src/pacman/conf.c:1409:5: enter_function: entry to ‘parseconfig’
pacman-v7.0.0/src/pacman/conf.c:1412:19: call_function: calling ‘parseconfigfile’ from ‘parseconfig’
pacman-v7.0.0/src/pacman/conf.c:1412:19: return_function: returning to ‘parseconfig’ from ‘parseconfigfile’
pacman-v7.0.0/src/pacman/conf.c:1412:11: branch_false: following ‘false’ branch...
pacman-v7.0.0/src/pacman/conf.c:1415:19: branch_false: ...to here
pacman-v7.0.0/src/pacman/conf.c:1415:19: call_function: calling ‘setdefaults’ from ‘parseconfig’
# 1363|   
# 1364|   	SETDEFAULT(c->logfile, strdup(LOGFILE));
# 1365|-> 	SETDEFAULT(c->gpgdir, strdup(GPGDIR));
# 1366|   	SETDEFAULT(c->cachedirs, alpm_list_add(NULL, strdup(CACHEDIR)));
# 1367|   	SETDEFAULT(c->hookdirs, alpm_list_add(NULL, strdup(HOOKDIR)));

Error: GCC_ANALYZER_WARNING (CWE-401): [#def690]
pacman-v7.0.0/src/pacman/conf.c:1366:9: warning[-Wanalyzer-malloc-leak]: leak of ‘ppath’
pacman-v7.0.0/src/pacman/conf.c:1330:11: branch_true: following ‘true’ branch...
pacman-v7.0.0/src/pacman/conf.c:1331:33: branch_true: ...to here
pacman-v7.0.0/src/pacman/conf.c:1338:19: branch_true: following ‘true’ branch...
pacman-v7.0.0/src/pacman/conf.c:1340:25: branch_true: ...to here
pacman-v7.0.0/src/pacman/conf.c:1341:33: acquire_memory: allocated here
pacman-v7.0.0/src/pacman/conf.c:1342:27: branch_false: following ‘false’ branch (when ‘ppath’ is non-NULL)...
pacman-v7.0.0/src/pacman/conf.c:1346:25: branch_false: ...to here
pacman-v7.0.0/src/pacman/conf.c:1346:25: branch_false: following ‘false’ branch...
pacman-v7.0.0/src/pacman/conf.c:1348:21: branch_false: ...to here
pacman-v7.0.0/src/pacman/conf.c:1348:19: branch_false: following ‘false’ branch...
pacman-v7.0.0/src/pacman/conf.c:1358:17: branch_false: ...to here
pacman-v7.0.0/src/pacman/conf.c:1364:9: branch_false: following ‘false’ branch...
pacman-v7.0.0/src/pacman/conf.c:1365:9: branch_false: ...to here
pacman-v7.0.0/src/pacman/conf.c:1365:9: branch_false: following ‘false’ branch...
pacman-v7.0.0/src/pacman/conf.c:1366:9: branch_false: ...to here
pacman-v7.0.0/src/pacman/conf.c:1366:9: branch_true: following ‘true’ branch...
pacman-v7.0.0/src/pacman/conf.c:1366:9: branch_true: ...to here
pacman-v7.0.0/src/pacman/conf.c:1366:9: danger: ‘ppath’ leaks here; was allocated at [(5)](sarif:/runs/0/results/4/codeFlows/0/threadFlows/0/locations/4)
# 1364|   	SETDEFAULT(c->logfile, strdup(LOGFILE));
# 1365|   	SETDEFAULT(c->gpgdir, strdup(GPGDIR));
# 1366|-> 	SETDEFAULT(c->cachedirs, alpm_list_add(NULL, strdup(CACHEDIR)));
# 1367|   	SETDEFAULT(c->hookdirs, alpm_list_add(NULL, strdup(HOOKDIR)));
# 1368|   	SETDEFAULT(c->cleanmethod, PM_CLEAN_KEEPINST);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def691]
pacman-v7.0.0/src/pacman/conf.c:1366:9: warning[-Wanalyzer-malloc-leak]: leak of ‘strdup("/var/cache/pacman/pkg/")’
pacman-v7.0.0/src/pacman/conf.c:1330:11: branch_false: following ‘false’ branch...
pacman-v7.0.0/src/pacman/conf.c:1360:17: branch_false: ...to here
pacman-v7.0.0/src/pacman/conf.c:1360:17: branch_false: following ‘false’ branch...
pacman-v7.0.0/src/pacman/conf.c:1361:17: branch_false: ...to here
pacman-v7.0.0/src/pacman/conf.c:1361:17: branch_false: following ‘false’ branch...
pacman-v7.0.0/src/pacman/conf.c:1364:9: branch_false: ...to here
pacman-v7.0.0/src/pacman/conf.c:1364:9: branch_false: following ‘false’ branch...
pacman-v7.0.0/src/pacman/conf.c:1365:9: branch_false: ...to here
pacman-v7.0.0/src/pacman/conf.c:1365:9: branch_false: following ‘false’ branch...
pacman-v7.0.0/src/pacman/conf.c:1366:9: branch_false: ...to here
pacman-v7.0.0/src/pacman/conf.c:1366:9: branch_true: following ‘true’ branch...
pacman-v7.0.0/src/pacman/conf.c:1366:9: branch_true: ...to here
pacman-v7.0.0/src/pacman/conf.c:1366:9: acquire_memory: allocated here
pacman-v7.0.0/src/pacman/conf.c:1366:9: danger: ‘strdup("/var/cache/pacman/pkg/")’ leaks here; was allocated at [(13)](sarif:/runs/0/results/3/codeFlows/0/threadFlows/0/locations/12)
# 1364|   	SETDEFAULT(c->logfile, strdup(LOGFILE));
# 1365|   	SETDEFAULT(c->gpgdir, strdup(GPGDIR));
# 1366|-> 	SETDEFAULT(c->cachedirs, alpm_list_add(NULL, strdup(CACHEDIR)));
# 1367|   	SETDEFAULT(c->hookdirs, alpm_list_add(NULL, strdup(HOOKDIR)));
# 1368|   	SETDEFAULT(c->cleanmethod, PM_CLEAN_KEEPINST);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def692]
pacman-v7.0.0/src/pacman/conf.c:1367:9: warning[-Wanalyzer-malloc-leak]: leak of ‘ppath’
pacman-v7.0.0/src/pacman/conf.c:1330:11: branch_true: following ‘true’ branch...
pacman-v7.0.0/src/pacman/conf.c:1331:33: branch_true: ...to here
pacman-v7.0.0/src/pacman/conf.c:1338:19: branch_true: following ‘true’ branch...
pacman-v7.0.0/src/pacman/conf.c:1340:25: branch_true: ...to here
pacman-v7.0.0/src/pacman/conf.c:1341:33: acquire_memory: allocated here
pacman-v7.0.0/src/pacman/conf.c:1342:27: branch_false: following ‘false’ branch (when ‘ppath’ is non-NULL)...
pacman-v7.0.0/src/pacman/conf.c:1346:25: branch_false: ...to here
pacman-v7.0.0/src/pacman/conf.c:1346:25: branch_false: following ‘false’ branch...
pacman-v7.0.0/src/pacman/conf.c:1348:21: branch_false: ...to here
pacman-v7.0.0/src/pacman/conf.c:1348:19: branch_false: following ‘false’ branch...
pacman-v7.0.0/src/pacman/conf.c:1358:17: branch_false: ...to here
pacman-v7.0.0/src/pacman/conf.c:1364:9: branch_false: following ‘false’ branch...
pacman-v7.0.0/src/pacman/conf.c:1365:9: branch_false: ...to here
pacman-v7.0.0/src/pacman/conf.c:1365:9: branch_false: following ‘false’ branch...
pacman-v7.0.0/src/pacman/conf.c:1366:9: branch_false: ...to here
pacman-v7.0.0/src/pacman/conf.c:1366:9: branch_false: following ‘false’ branch...
pacman-v7.0.0/src/pacman/conf.c:1367:9: branch_false: ...to here
pacman-v7.0.0/src/pacman/conf.c:1367:9: branch_true: following ‘true’ branch...
pacman-v7.0.0/src/pacman/conf.c:1367:9: branch_true: ...to here
pacman-v7.0.0/src/pacman/conf.c:1367:9: danger: ‘ppath’ leaks here; was allocated at [(5)](sarif:/runs/0/results/7/codeFlows/0/threadFlows/0/locations/4)
# 1365|   	SETDEFAULT(c->gpgdir, strdup(GPGDIR));
# 1366|   	SETDEFAULT(c->cachedirs, alpm_list_add(NULL, strdup(CACHEDIR)));
# 1367|-> 	SETDEFAULT(c->hookdirs, alpm_list_add(NULL, strdup(HOOKDIR)));
# 1368|   	SETDEFAULT(c->cleanmethod, PM_CLEAN_KEEPINST);
# 1369|   

Error: GCC_ANALYZER_WARNING (CWE-401): [#def693]
pacman-v7.0.0/src/pacman/conf.c:1367:9: warning[-Wanalyzer-malloc-leak]: leak of ‘strdup("/etc/pacman.d/hooks/")’
pacman-v7.0.0/src/pacman/conf.c:1330:11: branch_false: following ‘false’ branch...
pacman-v7.0.0/src/pacman/conf.c:1360:17: branch_false: ...to here
pacman-v7.0.0/src/pacman/conf.c:1360:17: branch_false: following ‘false’ branch...
pacman-v7.0.0/src/pacman/conf.c:1361:17: branch_false: ...to here
pacman-v7.0.0/src/pacman/conf.c:1361:17: branch_false: following ‘false’ branch...
pacman-v7.0.0/src/pacman/conf.c:1364:9: branch_false: ...to here
pacman-v7.0.0/src/pacman/conf.c:1364:9: branch_false: following ‘false’ branch...
pacman-v7.0.0/src/pacman/conf.c:1365:9: branch_false: ...to here
pacman-v7.0.0/src/pacman/conf.c:1365:9: branch_false: following ‘false’ branch...
pacman-v7.0.0/src/pacman/conf.c:1366:9: branch_false: ...to here
pacman-v7.0.0/src/pacman/conf.c:1366:9: branch_false: following ‘false’ branch...
pacman-v7.0.0/src/pacman/conf.c:1367:9: branch_false: ...to here
pacman-v7.0.0/src/pacman/conf.c:1367:9: branch_true: following ‘true’ branch...
pacman-v7.0.0/src/pacman/conf.c:1367:9: branch_true: ...to here
pacman-v7.0.0/src/pacman/conf.c:1367:9: acquire_memory: allocated here
pacman-v7.0.0/src/pacman/conf.c:1367:9: danger: ‘strdup("/etc/pacman.d/hooks/")’ leaks here; was allocated at [(15)](sarif:/runs/0/results/6/codeFlows/0/threadFlows/0/locations/14)
# 1365|   	SETDEFAULT(c->gpgdir, strdup(GPGDIR));
# 1366|   	SETDEFAULT(c->cachedirs, alpm_list_add(NULL, strdup(CACHEDIR)));
# 1367|-> 	SETDEFAULT(c->hookdirs, alpm_list_add(NULL, strdup(HOOKDIR)));
# 1368|   	SETDEFAULT(c->cleanmethod, PM_CLEAN_KEEPINST);
# 1369|   

Error: GCC_ANALYZER_WARNING (CWE-401): [#def694]
pacman-v7.0.0/src/pacman/conf.c:1400:15: warning[-Wanalyzer-malloc-leak]: leak of ‘prepend_dir(*config.sysroot,  file)’
pacman-v7.0.0/src/pacman/conf.c:1392:5: enter_function: entry to ‘parseconfigfile’
pacman-v7.0.0/src/pacman/conf.c:1397:24: call_function: calling ‘prepend_dir’ from ‘parseconfigfile’
pacman-v7.0.0/src/pacman/conf.c:1397:24: return_function: returning to ‘parseconfigfile’ from ‘prepend_dir’
pacman-v7.0.0/src/pacman/conf.c:1397:11: branch_false: following ‘false’ branch...
pacman-v7.0.0/src/pacman/conf.c:1400:15: branch_false: ...to here
pacman-v7.0.0/src/pacman/conf.c:1400:15: danger: ‘prepend_dir(*config.sysroot,  file)’ leaks here; was allocated at [(6)](sarif:/runs/0/results/9/codeFlows/0/threadFlows/0/locations/5)
# 1398|   		return -1;
# 1399|   	}
# 1400|-> 	ret = parse_ini(realfile, _parse_directive, &section);
# 1401|   	free(realfile);
# 1402|   	return ret;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def695]
pacman-v7.0.0/src/pacman/database.c:129:22: warning[-Wanalyzer-malloc-leak]: leak of ‘opendir(&path)’
pacman-v7.0.0/src/pacman/database.c:123:22: acquire_memory: allocated here
pacman-v7.0.0/src/pacman/database.c:123:11: branch_false: following ‘false’ branch...
 branch_false: ...to here
pacman-v7.0.0/src/pacman/database.c:129:22: danger: ‘opendir(&path)’ leaks here; was allocated at [(1)](sarif:/runs/0/results/0/codeFlows/0/threadFlows/0/locations/0)
#  127|   	}
#  128|   
#  129|-> 	while((ent = readdir(dbdir)) != NULL) {
#  130|   		if(strcmp(ent->d_name, ".") == 0 || strcmp(ent->d_name, "..") == 0
#  131|   				|| strcmp(ent->d_name, "ALPM_DB_VERSION") == 0) {

Error: GCC_ANALYZER_WARNING (CWE-401): [#def696]
pacman-v7.0.0/src/pacman/database.c:193:45: warning[-Wanalyzer-malloc-leak]: leak of ‘all_files’
pacman-v7.0.0/src/pacman/database.c:189:21: acquire_memory: allocated here
pacman-v7.0.0/src/pacman/database.c:191:26: branch_true: following ‘true’ branch (when ‘i’ is non-NULL)...
pacman-v7.0.0/src/pacman/database.c:192:29: branch_true: ...to here
pacman-v7.0.0/src/pacman/database.c:193:45: danger: ‘all_files’ leaks here; was allocated at [(1)](sarif:/runs/0/results/1/codeFlows/0/threadFlows/0/locations/0)
#  191|   	for(i = pkglist; i; i = i->next) {
#  192|   		alpm_pkg_t *pkg = i->data;
#  193|-> 		alpm_filelist_t *filelist = alpm_pkg_get_files(pkg);
#  194|   		for(j = 0; j < filelist->count; j++) {
#  195|   			alpm_file_t *file = filelist->files + j;

Error: GCC_ANALYZER_WARNING (CWE-476): [#def697]
pacman-v7.0.0/src/pacman/database.c:214:25: warning[-Wanalyzer-possible-null-dereference]: dereference of possibly-NULL ‘all_files’
pacman-v7.0.0/src/pacman/database.c:189:21: acquire_memory: this call could return NULL
pacman-v7.0.0/src/pacman/database.c:191:26: branch_true: following ‘true’ branch (when ‘i’ is non-NULL)...
pacman-v7.0.0/src/pacman/database.c:192:29: branch_true: ...to here
pacman-v7.0.0/src/pacman/database.c:194:28: branch_true: following ‘true’ branch...
pacman-v7.0.0/src/pacman/database.c:195:45: branch_true: ...to here
pacman-v7.0.0/src/pacman/database.c:197:27: branch_false: following ‘false’ branch...
pacman-v7.0.0/src/pacman/database.c:202:27: branch_false: ...to here
pacman-v7.0.0/src/pacman/database.c:202:27: branch_false: following ‘false’ branch (when ‘list_size > offset’)...
pacman-v7.0.0/src/pacman/database.c:214:34: branch_false: ...to here
pacman-v7.0.0/src/pacman/database.c:214:25: danger: ‘all_files + offset * 16’ could be NULL: unchecked value from [(1)](sarif:/runs/0/results/2/codeFlows/0/threadFlows/0/locations/0)
#  212|   
#  213|   			/* we can finally add it to the list */
#  214|-> 			all_files[offset].file = file;
#  215|   			all_files[offset].pkg = pkg;
#  216|   			offset++;

Error: GCC_ANALYZER_WARNING (CWE-688): [#def698]
pacman-v7.0.0/src/pacman/database.c:221:9: warning[-Wanalyzer-possible-null-argument]: use of possibly-NULL ‘all_files’ where non-null expected
pacman-v7.0.0/src/pacman/database.c:189:21: acquire_memory: this call could return NULL
pacman-v7.0.0/src/pacman/database.c:221:9: danger: argument 1 (‘all_files’) from [(1)](sarif:/runs/0/results/3/codeFlows/0/threadFlows/0/locations/0) could be NULL where non-null expected
#  219|   
#  220|   	/* now sort the list so we can find duplicates */
#  221|-> 	qsort(all_files, offset, sizeof(struct fileitem), fileitem_cmp);
#  222|   
#  223|   	/* do a 'uniq' style check on the list */

Error: GCC_ANALYZER_WARNING (CWE-401): [#def699]
pacman-v7.0.0/src/pacman/files.c:45:37: warning[-Wanalyzer-malloc-leak]: leak of ‘repo’
pacman-v7.0.0/src/pacman/files.c:309:5: enter_function: entry to ‘pacman_files’
pacman-v7.0.0/src/pacman/files.c:313:11: branch_false: following ‘false’ branch...
pacman-v7.0.0/src/pacman/files.c:317:44: branch_false: ...to here
pacman-v7.0.0/src/pacman/files.c:330:11: branch_true: following ‘true’ branch...
pacman-v7.0.0/src/pacman/files.c:331:24: branch_true: ...to here
pacman-v7.0.0/src/pacman/files.c:331:24: call_function: calling ‘files_list’ from ‘pacman_files’
#   43|   static void dump_pkg_machinereadable(alpm_db_t *db, alpm_pkg_t *pkg)
#   44|   {
#   45|-> 	alpm_filelist_t *pkgfiles = alpm_pkg_get_files(pkg);
#   46|   	for(size_t filenum = 0; filenum < pkgfiles->count; filenum++) {
#   47|   		const alpm_file_t *file = pkgfiles->files + filenum;

Error: CPPCHECK_WARNING (CWE-476): [#def700]
pacman-v7.0.0/src/pacman/files.c:136: warning[nullPointerOutOfMemory]: If memory allocation fails, then there is a possible null pointer dereference: ftarg
#  134|   
#  135|   		struct filetarget *ftarg = malloc(sizeof(struct filetarget));
#  136|-> 		ftarg->targ = targ;
#  137|   		ftarg->exact_file = exact_file;
#  138|   		ftarg->reg = reg;

Error: GCC_ANALYZER_WARNING (CWE-476): [#def701]
pacman-v7.0.0/src/pacman/files.c:136:17: warning[-Wanalyzer-possible-null-dereference]: dereference of possibly-NULL ‘ftarg’
pacman-v7.0.0/src/pacman/files.c:309:5: enter_function: entry to ‘pacman_files’
pacman-v7.0.0/src/pacman/files.c:313:11: branch_false: following ‘false’ branch...
pacman-v7.0.0/src/pacman/files.c:317:44: branch_false: ...to here
pacman-v7.0.0/src/pacman/files.c:330:11: branch_false: following ‘false’ branch...
pacman-v7.0.0/src/pacman/files.c:334:11: branch_false: ...to here
pacman-v7.0.0/src/pacman/files.c:340:16: call_function: calling ‘files_search’ from ‘pacman_files’
#  134|   
#  135|   		struct filetarget *ftarg = malloc(sizeof(struct filetarget));
#  136|-> 		ftarg->targ = targ;
#  137|   		ftarg->exact_file = exact_file;
#  138|   		ftarg->reg = reg;

Error: CPPCHECK_WARNING (CWE-476): [#def702]
pacman-v7.0.0/src/pacman/files.c:137: warning[nullPointerOutOfMemory]: If memory allocation fails, then there is a possible null pointer dereference: ftarg
#  135|   		struct filetarget *ftarg = malloc(sizeof(struct filetarget));
#  136|   		ftarg->targ = targ;
#  137|-> 		ftarg->exact_file = exact_file;
#  138|   		ftarg->reg = reg;
#  139|   

Error: CPPCHECK_WARNING (CWE-476): [#def703]
pacman-v7.0.0/src/pacman/files.c:138: warning[nullPointerOutOfMemory]: If memory allocation fails, then there is a possible null pointer dereference: ftarg
#  136|   		ftarg->targ = targ;
#  137|   		ftarg->exact_file = exact_file;
#  138|-> 		ftarg->reg = reg;
#  139|   
#  140|   		filetargs = alpm_list_add(filetargs, ftarg);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def704]
pacman-v7.0.0/src/pacman/files.c:140:29: warning[-Wanalyzer-malloc-leak]: leak of ‘ftarg’
pacman-v7.0.0/src/pacman/files.c:309:5: enter_function: entry to ‘pacman_files’
pacman-v7.0.0/src/pacman/files.c:313:11: branch_false: following ‘false’ branch...
pacman-v7.0.0/src/pacman/files.c:317:44: branch_false: ...to here
pacman-v7.0.0/src/pacman/files.c:330:11: branch_false: following ‘false’ branch...
pacman-v7.0.0/src/pacman/files.c:334:11: branch_false: ...to here
pacman-v7.0.0/src/pacman/files.c:340:16: call_function: calling ‘files_search’ from ‘pacman_files’
#  138|   		ftarg->reg = reg;
#  139|   
#  140|-> 		filetargs = alpm_list_add(filetargs, ftarg);
#  141|   	}
#  142|   

Error: GCC_ANALYZER_WARNING (CWE-401): [#def705]
pacman-v7.0.0/src/pacman/files.c:222:19: warning[-Wanalyzer-malloc-leak]: leak of ‘repo’
pacman-v7.0.0/src/pacman/files.c:309:5: enter_function: entry to ‘pacman_files’
pacman-v7.0.0/src/pacman/files.c:313:11: branch_false: following ‘false’ branch...
pacman-v7.0.0/src/pacman/files.c:317:44: branch_false: ...to here
pacman-v7.0.0/src/pacman/files.c:330:11: branch_true: following ‘true’ branch...
pacman-v7.0.0/src/pacman/files.c:331:24: branch_true: ...to here
pacman-v7.0.0/src/pacman/files.c:331:24: call_function: calling ‘files_list’ from ‘pacman_files’
#  220|   	size_t i;
#  221|   
#  222|-> 	pkgname = alpm_pkg_get_name(pkg);
#  223|   	pkgfiles = alpm_pkg_get_files(pkg);
#  224|   

Error: GCC_ANALYZER_WARNING (CWE-401): [#def706]
pacman-v7.0.0/src/pacman/files.c:223:20: warning[-Wanalyzer-malloc-leak]: leak of ‘repo’
pacman-v7.0.0/src/pacman/files.c:309:5: enter_function: entry to ‘pacman_files’
pacman-v7.0.0/src/pacman/files.c:313:11: branch_false: following ‘false’ branch...
pacman-v7.0.0/src/pacman/files.c:317:44: branch_false: ...to here
pacman-v7.0.0/src/pacman/files.c:330:11: branch_true: following ‘true’ branch...
pacman-v7.0.0/src/pacman/files.c:331:24: branch_true: ...to here
pacman-v7.0.0/src/pacman/files.c:331:24: call_function: calling ‘files_list’ from ‘pacman_files’
#  221|   
#  222|   	pkgname = alpm_pkg_get_name(pkg);
#  223|-> 	pkgfiles = alpm_pkg_get_files(pkg);
#  224|   
#  225|   	for(i = 0; i < pkgfiles->count; i++) {

Error: GCC_ANALYZER_WARNING (CWE-401): [#def707]
pacman-v7.0.0/src/pacman/files.c:236:9: warning[-Wanalyzer-malloc-leak]: leak of ‘repo’
pacman-v7.0.0/src/pacman/files.c:309:5: enter_function: entry to ‘pacman_files’
pacman-v7.0.0/src/pacman/files.c:313:11: branch_false: following ‘false’ branch...
pacman-v7.0.0/src/pacman/files.c:317:44: branch_false: ...to here
pacman-v7.0.0/src/pacman/files.c:330:11: branch_true: following ‘true’ branch...
pacman-v7.0.0/src/pacman/files.c:331:24: branch_true: ...to here
pacman-v7.0.0/src/pacman/files.c:331:24: call_function: calling ‘files_list’ from ‘pacman_files’
#  234|   	}
#  235|   
#  236|-> 	fflush(stdout);
#  237|   }
#  238|   

Error: GCC_ANALYZER_WARNING (CWE-401): [#def708]
pacman-v7.0.0/src/pacman/files.c:262:47: warning[-Wanalyzer-malloc-leak]: leak of ‘repo’
pacman-v7.0.0/src/pacman/files.c:309:5: enter_function: entry to ‘pacman_files’
pacman-v7.0.0/src/pacman/files.c:313:11: branch_false: following ‘false’ branch...
pacman-v7.0.0/src/pacman/files.c:317:44: branch_false: ...to here
pacman-v7.0.0/src/pacman/files.c:330:11: branch_true: following ‘true’ branch...
pacman-v7.0.0/src/pacman/files.c:331:24: branch_true: ...to here
pacman-v7.0.0/src/pacman/files.c:331:24: call_function: calling ‘files_list’ from ‘pacman_files’
#  260|   			}
#  261|   
#  262|-> 			for(j = syncs; j; j = alpm_list_next(j)) {
#  263|   				alpm_pkg_t *pkg;
#  264|   				alpm_db_t *db = j->data;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def709]
pacman-v7.0.0/src/pacman/files.c:267:44: warning[-Wanalyzer-malloc-leak]: leak of ‘repo’
pacman-v7.0.0/src/pacman/files.c:309:5: enter_function: entry to ‘pacman_files’
pacman-v7.0.0/src/pacman/files.c:313:11: branch_false: following ‘false’ branch...
pacman-v7.0.0/src/pacman/files.c:317:44: branch_false: ...to here
pacman-v7.0.0/src/pacman/files.c:330:11: branch_true: following ‘true’ branch...
pacman-v7.0.0/src/pacman/files.c:331:24: branch_true: ...to here
pacman-v7.0.0/src/pacman/files.c:331:24: call_function: calling ‘files_list’ from ‘pacman_files’
#  265|   
#  266|   				if(repo) {
#  267|-> 					if(strcmp(alpm_db_get_name(db), repo) != 0) {
#  268|   						continue;
#  269|   					}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def710]
pacman-v7.0.0/src/pacman/files.c:272:43: warning[-Wanalyzer-malloc-leak]: leak of ‘repo’
pacman-v7.0.0/src/pacman/files.c:309:5: enter_function: entry to ‘pacman_files’
pacman-v7.0.0/src/pacman/files.c:313:11: branch_false: following ‘false’ branch...
pacman-v7.0.0/src/pacman/files.c:317:44: branch_false: ...to here
pacman-v7.0.0/src/pacman/files.c:330:11: branch_true: following ‘true’ branch...
pacman-v7.0.0/src/pacman/files.c:331:24: branch_true: ...to here
pacman-v7.0.0/src/pacman/files.c:331:24: call_function: calling ‘files_list’ from ‘pacman_files’
#  270|   				}
#  271|   
#  272|-> 				if((pkg = alpm_db_get_pkg(db, targ)) != NULL) {
#  273|   					found = 1;
#  274|   					if(config->op_f_machinereadable) {

Error: GCC_ANALYZER_WARNING (CWE-401): [#def711]
pacman-v7.0.0/src/pacman/files.c:284:33: warning[-Wanalyzer-malloc-leak]: leak of ‘repo’
pacman-v7.0.0/src/pacman/files.c:309:5: enter_function: entry to ‘pacman_files’
pacman-v7.0.0/src/pacman/files.c:313:11: branch_false: following ‘false’ branch...
pacman-v7.0.0/src/pacman/files.c:317:44: branch_false: ...to here
pacman-v7.0.0/src/pacman/files.c:330:11: branch_true: following ‘true’ branch...
pacman-v7.0.0/src/pacman/files.c:331:24: branch_true: ...to here
pacman-v7.0.0/src/pacman/files.c:331:24: call_function: calling ‘files_list’ from ‘pacman_files’
#  282|   			if(!found) {
#  283|   				targ = i->data;
#  284|-> 				pm_printf(ALPM_LOG_ERROR,
#  285|   						_("package '%s' was not found\n"), targ);
#  286|   				ret += 1;

Error: CPPCHECK_WARNING (CWE-401): [#def712]
pacman-v7.0.0/src/pacman/package.c:175: error[memleakOnRealloc]: Common realloc mistake: 'depstring' nulled but not freed upon failure
#  173|   			if(alpm_find_satisfier(alpm_db_get_pkgcache(localdb), depstring)) {
#  174|   				const char *installed = _(" [installed]");
#  175|-> 				depstring = realloc(depstring, strlen(depstring) + strlen(installed) + 1);
#  176|   				strcpy(depstring + strlen(depstring), installed);
#  177|   			}

Error: GCC_ANALYZER_WARNING (CWE-688): [#def713]
pacman-v7.0.0/src/pacman/package.c:176:52: warning[-Wanalyzer-null-argument]: use of NULL ‘depstring’ where non-null expected
pacman-v7.0.0/src/pacman/package.c:169:47: branch_true: following ‘true’ branch (when ‘i’ is non-NULL)...
pacman-v7.0.0/src/pacman/package.c:170:32: branch_true: ...to here
pacman-v7.0.0/src/pacman/package.c:172:19: branch_true: following ‘true’ branch...
pacman-v7.0.0/src/pacman/package.c:173:28: branch_true: ...to here
pacman-v7.0.0/src/pacman/package.c:173:27: branch_true: following ‘true’ branch...
pacman-v7.0.0/src/pacman/package.c:174:57: branch_true: ...to here
pacman-v7.0.0/src/pacman/package.c:176:52: danger: argument 1 (‘depstring’) NULL where non-null expected
#argument 1 of ‘__builtin_strlen’ must be non-null
#  174|   				const char *installed = _(" [installed]");
#  175|   				depstring = realloc(depstring, strlen(depstring) + strlen(installed) + 1);
#  176|-> 				strcpy(depstring + strlen(depstring), installed);
#  177|   			}
#  178|   		}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def714]
pacman-v7.0.0/src/pacman/package.c:179:24: warning[-Wanalyzer-malloc-leak]: leak of ‘depstring’
pacman-v7.0.0/src/pacman/package.c:169:47: branch_true: following ‘true’ branch (when ‘i’ is non-NULL)...
pacman-v7.0.0/src/pacman/package.c:170:32: branch_true: ...to here
pacman-v7.0.0/src/pacman/package.c:172:19: branch_true: following ‘true’ branch...
pacman-v7.0.0/src/pacman/package.c:173:28: branch_true: ...to here
pacman-v7.0.0/src/pacman/package.c:173:27: branch_true: following ‘true’ branch...
pacman-v7.0.0/src/pacman/package.c:174:57: branch_true: ...to here
pacman-v7.0.0/src/pacman/package.c:179:24: danger: ‘depstring’ leaks here; was allocated at [(7)](sarif:/runs/0/results/1/codeFlows/0/threadFlows/0/locations/6)
#  177|   			}
#  178|   		}
#  179|-> 		text = alpm_list_add(text, depstring);
#  180|   	}
#  181|   	list_display_linebreak(titles[T_OPTIONAL_DEPS], text, cols);

Error: GCC_ANALYZER_WARNING (CWE-688): [#def715]
pacman-v7.0.0/src/pacman/package.c:431:68: warning[-Wanalyzer-null-argument]: use of NULL where non-null expected
pacman-v7.0.0/src/pacman/package.c:417:6: enter_function: entry to ‘dump_pkg_backups’
pacman-v7.0.0/src/pacman/package.c:422:43: branch_true: following ‘true’ branch (when ‘i’ is non-NULL)...
pacman-v7.0.0/src/pacman/package.c:423:38: branch_true: ...to here
pacman-v7.0.0/src/pacman/package.c:427:19: branch_false: following ‘false’ branch...
pacman-v7.0.0/src/pacman/package.c:430:25: branch_false: ...to here
pacman-v7.0.0/src/pacman/package.c:430:25: call_function: calling ‘get_backup_file_status’ from ‘dump_pkg_backups’
pacman-v7.0.0/src/pacman/package.c:430:25: return_function: returning to ‘dump_pkg_backups’ from ‘get_backup_file_status’
pacman-v7.0.0/src/pacman/package.c:431:68: danger: argument 1 (‘get_backup_file_status(alpm_option_get_root(*config.handle), backup)’) NULL where non-null expected
#argument 1 of ‘__builtin_strlen’ must be non-null
#  429|   		}
#  430|   		value = get_backup_file_status(root, backup);
#  431|-> 		needed = strlen(root) + strlen(backup->name) + 1 + strlen(value) + 1;
#  432|   		line = malloc(needed);
#  433|   		if(!line) {

Error: GCC_ANALYZER_WARNING (CWE-401): [#def716]
pacman-v7.0.0/src/pacman/pacman.c:326:17: warning[-Wanalyzer-malloc-leak]: leak of ‘strdup(i)’
pacman-v7.0.0/src/pacman/pacman.c:1123:5: enter_function: entry to ‘main’
pacman-v7.0.0/src/pacman/pacman.c:1133:9: call_function: calling ‘localize’ from ‘main’
pacman-v7.0.0/src/pacman/pacman.c:1133:9: return_function: returning to ‘main’ from ‘localize’
pacman-v7.0.0/src/pacman/pacman.c:1140:11: branch_false: following ‘false’ branch...
pacman-v7.0.0/src/pacman/pacman.c:1145:9: branch_false: ...to here
pacman-v7.0.0/src/pacman/pacman.c:1147:11: branch_true: following ‘true’ branch...
pacman-v7.0.0/src/pacman/pacman.c:1149:23: branch_true: ...to here
pacman-v7.0.0/src/pacman/pacman.c:1165:15: call_function: calling ‘parseargs’ from ‘main’
#  324|   
#  325|   	for(i = strtok_r(optarg, ",", &save); i; i = strtok_r(NULL, ",", &save)) {
#  326|-> 		*list = alpm_list_add(*list, strdup(i));
#  327|   	}
#  328|   

Error: GCC_ANALYZER_WARNING (CWE-401): [#def717]
pacman-v7.0.0/src/pacman/pacman.c:382:25: warning[-Wanalyzer-malloc-leak]: leak of ‘strdup(optarg)’
pacman-v7.0.0/src/pacman/pacman.c:1123:5: enter_function: entry to ‘main’
pacman-v7.0.0/src/pacman/pacman.c:1133:9: call_function: calling ‘localize’ from ‘main’
pacman-v7.0.0/src/pacman/pacman.c:1133:9: return_function: returning to ‘main’ from ‘localize’
pacman-v7.0.0/src/pacman/pacman.c:1140:11: branch_false: following ‘false’ branch...
pacman-v7.0.0/src/pacman/pacman.c:1145:9: branch_false: ...to here
pacman-v7.0.0/src/pacman/pacman.c:1147:11: branch_true: following ‘true’ branch...
pacman-v7.0.0/src/pacman/pacman.c:1149:23: branch_true: ...to here
pacman-v7.0.0/src/pacman/pacman.c:1165:15: call_function: calling ‘parseargs’ from ‘main’
#  380|   	switch(opt) {
#  381|   		case OP_ARCH:
#  382|-> 			config_add_architecture(strdup(optarg));
#  383|   			break;
#  384|   		case OP_ASK:

Error: GCC_ANALYZER_WARNING (CWE-401): [#def718]
pacman-v7.0.0/src/pacman/pacman.c:406:25: warning[-Wanalyzer-malloc-leak]: leak of ‘strdup(optarg)’
pacman-v7.0.0/src/pacman/pacman.c:1123:5: enter_function: entry to ‘main’
pacman-v7.0.0/src/pacman/pacman.c:1133:9: call_function: calling ‘localize’ from ‘main’
pacman-v7.0.0/src/pacman/pacman.c:1133:9: return_function: returning to ‘main’ from ‘localize’
pacman-v7.0.0/src/pacman/pacman.c:1140:11: branch_false: following ‘false’ branch...
pacman-v7.0.0/src/pacman/pacman.c:1145:9: branch_false: ...to here
pacman-v7.0.0/src/pacman/pacman.c:1147:11: branch_true: following ‘true’ branch...
pacman-v7.0.0/src/pacman/pacman.c:1149:23: branch_true: ...to here
pacman-v7.0.0/src/pacman/pacman.c:1165:15: call_function: calling ‘parseargs’ from ‘main’
#  404|   			break;
#  405|   		case OP_CACHEDIR:
#  406|-> 			config->cachedirs = alpm_list_add(config->cachedirs, strdup(optarg));
#  407|   			break;
#  408|   		case OP_COLOR:

Error: GCC_ANALYZER_WARNING (CWE-401): [#def719]
pacman-v7.0.0/src/pacman/pacman.c:466:25: warning[-Wanalyzer-malloc-leak]: leak of ‘strdup(optarg)’
pacman-v7.0.0/src/pacman/pacman.c:1123:5: enter_function: entry to ‘main’
pacman-v7.0.0/src/pacman/pacman.c:1133:9: call_function: calling ‘localize’ from ‘main’
pacman-v7.0.0/src/pacman/pacman.c:1133:9: return_function: returning to ‘main’ from ‘localize’
pacman-v7.0.0/src/pacman/pacman.c:1140:11: branch_false: following ‘false’ branch...
pacman-v7.0.0/src/pacman/pacman.c:1145:9: branch_false: ...to here
pacman-v7.0.0/src/pacman/pacman.c:1147:11: branch_true: following ‘true’ branch...
pacman-v7.0.0/src/pacman/pacman.c:1149:23: branch_true: ...to here
pacman-v7.0.0/src/pacman/pacman.c:1165:15: call_function: calling ‘parseargs’ from ‘main’
#  464|   			break;
#  465|   		case OP_HOOKDIR:
#  466|-> 			config->hookdirs = alpm_list_add(config->hookdirs, strdup(optarg));
#  467|   			break;
#  468|   		case OP_LOGFILE:

Error: GCC_ANALYZER_WARNING (CWE-401): [#def720]
pacman-v7.0.0/src/pacman/pacman.c:1071:17: warning[-Wanalyzer-malloc-leak]: leak of ‘strdup(*<unknown>)’
pacman-v7.0.0/src/pacman/pacman.c:1123:5: enter_function: entry to ‘main’
pacman-v7.0.0/src/pacman/pacman.c:1133:9: call_function: calling ‘localize’ from ‘main’
pacman-v7.0.0/src/pacman/pacman.c:1133:9: return_function: returning to ‘main’ from ‘localize’
pacman-v7.0.0/src/pacman/pacman.c:1140:11: branch_false: following ‘false’ branch...
pacman-v7.0.0/src/pacman/pacman.c:1145:9: branch_false: ...to here
pacman-v7.0.0/src/pacman/pacman.c:1147:11: branch_true: following ‘true’ branch...
pacman-v7.0.0/src/pacman/pacman.c:1149:23: branch_true: ...to here
pacman-v7.0.0/src/pacman/pacman.c:1165:15: call_function: calling ‘parseargs’ from ‘main’
# 1069|   	while(optind < argc) {
# 1070|   		/* add the target to our target array */
# 1071|-> 		pm_targets = alpm_list_add(pm_targets, strdup(argv[optind]));
# 1072|   		optind++;
# 1073|   	}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def721]
pacman-v7.0.0/src/pacman/query.c:170:25: warning[-Wanalyzer-malloc-leak]: leak of ‘filename’
pacman-v7.0.0/src/pacman/query.c:148:11: branch_false: following ‘false’ branch (when ‘targets’ is non-NULL)...
pacman-v7.0.0/src/pacman/query.c:153:43: branch_false: ...to here
pacman-v7.0.0/src/pacman/query.c:156:26: branch_true: following ‘true’ branch (when ‘t’ is non-NULL)...
pacman-v7.0.0/src/pacman/query.c:165:39: branch_true: ...to here
pacman-v7.0.0/src/pacman/query.c:165:32: acquire_memory: allocated here
pacman-v7.0.0/src/pacman/query.c:165:19: branch_false: following ‘false’ branch...
pacman-v7.0.0/src/pacman/query.c:169:20: branch_false: ...to here
pacman-v7.0.0/src/pacman/query.c:169:19: branch_true: following ‘true’ branch...
pacman-v7.0.0/src/pacman/query.c:170:51: branch_true: ...to here
pacman-v7.0.0/src/pacman/query.c:170:25: danger: ‘filename’ leaks here; was allocated at [(5)](sarif:/runs/0/results/0/codeFlows/0/threadFlows/0/locations/4)
#  168|   
#  169|   		if(strcmp(filename, "") == 0) {
#  170|-> 			pm_printf(ALPM_LOG_ERROR, _("empty string passed to file owner query\n"));
#  171|   			goto targcleanup;
#  172|   		}

Error: CPPCHECK_WARNING (CWE-476): [#def722]
pacman-v7.0.0/src/pacman/sync.c:411: warning[nullPointerOutOfMemory]: If memory allocation fails, then there is a possible null pointer dereference: name
#  409|   			int foundpkg = 0, founddb = 0;
#  410|   
#  411|-> 			pkgstr = strchr(name, '/');
#  412|   			if(pkgstr) {
#  413|   				repo = name;

Error: GCC_ANALYZER_WARNING (CWE-688): [#def723]
pacman-v7.0.0/src/pacman/sync.c:411:34: warning[-Wanalyzer-possible-null-argument]: use of possibly-NULL ‘name’ where non-null expected
pacman-v7.0.0/src/pacman/sync.c:900:5: enter_function: entry to ‘pacman_sync’
pacman-v7.0.0/src/pacman/sync.c:905:11: branch_false: following ‘false’ branch...
pacman-v7.0.0/src/pacman/sync.c:922:12: branch_false: ...to here
pacman-v7.0.0/src/pacman/sync.c:922:11: branch_false: following ‘false’ branch...
pacman-v7.0.0/src/pacman/sync.c:926:43: branch_false: ...to here
pacman-v7.0.0/src/pacman/sync.c:938:11: branch_false: following ‘false’ branch...
pacman-v7.0.0/src/pacman/sync.c:943:18: branch_false: ...to here
pacman-v7.0.0/src/pacman/sync.c:943:11: branch_false: following ‘false’ branch...
pacman-v7.0.0/src/pacman/sync.c:948:12: branch_false: ...to here
pacman-v7.0.0/src/pacman/sync.c:948:11: branch_false: following ‘false’ branch...
pacman-v7.0.0/src/pacman/sync.c:953:12: branch_false: ...to here
pacman-v7.0.0/src/pacman/sync.c:953:11: branch_true: following ‘true’ branch...
pacman-v7.0.0/src/pacman/sync.c:954:24: branch_true: ...to here
pacman-v7.0.0/src/pacman/sync.c:954:24: call_function: calling ‘sync_info’ from ‘pacman_sync’
#argument 1 of ‘__builtin_strchr’ must be non-null
#  409|   			int foundpkg = 0, founddb = 0;
#  410|   
#  411|-> 			pkgstr = strchr(name, '/');
#  412|   			if(pkgstr) {
#  413|   				repo = name;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def724]
pacman-v7.0.0/src/pacman/sync.c:421:47: warning[-Wanalyzer-malloc-leak]: leak of ‘pkgstr’
pacman-v7.0.0/src/pacman/sync.c:900:5: enter_function: entry to ‘pacman_sync’
pacman-v7.0.0/src/pacman/sync.c:905:11: branch_false: following ‘false’ branch...
pacman-v7.0.0/src/pacman/sync.c:922:12: branch_false: ...to here
pacman-v7.0.0/src/pacman/sync.c:922:11: branch_false: following ‘false’ branch...
pacman-v7.0.0/src/pacman/sync.c:926:43: branch_false: ...to here
pacman-v7.0.0/src/pacman/sync.c:938:11: branch_false: following ‘false’ branch...
pacman-v7.0.0/src/pacman/sync.c:943:18: branch_false: ...to here
pacman-v7.0.0/src/pacman/sync.c:943:11: branch_false: following ‘false’ branch...
pacman-v7.0.0/src/pacman/sync.c:948:12: branch_false: ...to here
pacman-v7.0.0/src/pacman/sync.c:948:11: branch_false: following ‘false’ branch...
pacman-v7.0.0/src/pacman/sync.c:953:12: branch_false: ...to here
pacman-v7.0.0/src/pacman/sync.c:953:11: branch_true: following ‘true’ branch...
pacman-v7.0.0/src/pacman/sync.c:954:24: branch_true: ...to here
pacman-v7.0.0/src/pacman/sync.c:954:24: call_function: calling ‘sync_info’ from ‘pacman_sync’
#  419|   			}
#  420|   
#  421|-> 			for(j = syncs; j; j = alpm_list_next(j)) {
#  422|   				alpm_db_t *db = j->data;
#  423|   				if(repo && strcmp(repo, alpm_db_get_name(db)) != 0) {

Error: GCC_ANALYZER_WARNING (CWE-401): [#def725]
pacman-v7.0.0/src/pacman/sync.c:421:47: warning[-Wanalyzer-malloc-leak]: leak of ‘repo’
pacman-v7.0.0/src/pacman/sync.c:900:5: enter_function: entry to ‘pacman_sync’
pacman-v7.0.0/src/pacman/sync.c:905:11: branch_false: following ‘false’ branch...
pacman-v7.0.0/src/pacman/sync.c:922:12: branch_false: ...to here
pacman-v7.0.0/src/pacman/sync.c:922:11: branch_false: following ‘false’ branch...
pacman-v7.0.0/src/pacman/sync.c:926:43: branch_false: ...to here
pacman-v7.0.0/src/pacman/sync.c:938:11: branch_false: following ‘false’ branch...
pacman-v7.0.0/src/pacman/sync.c:943:18: branch_false: ...to here
pacman-v7.0.0/src/pacman/sync.c:943:11: branch_false: following ‘false’ branch...
pacman-v7.0.0/src/pacman/sync.c:948:12: branch_false: ...to here
pacman-v7.0.0/src/pacman/sync.c:948:11: branch_false: following ‘false’ branch...
pacman-v7.0.0/src/pacman/sync.c:953:12: branch_false: ...to here
pacman-v7.0.0/src/pacman/sync.c:953:11: branch_true: following ‘true’ branch...
pacman-v7.0.0/src/pacman/sync.c:954:24: branch_true: ...to here
pacman-v7.0.0/src/pacman/sync.c:954:24: call_function: calling ‘sync_info’ from ‘pacman_sync’
#  419|   			}
#  420|   
#  421|-> 			for(j = syncs; j; j = alpm_list_next(j)) {
#  422|   				alpm_db_t *db = j->data;
#  423|   				if(repo && strcmp(repo, alpm_db_get_name(db)) != 0) {

Error: GCC_ANALYZER_WARNING (CWE-401): [#def726]
pacman-v7.0.0/src/pacman/sync.c:423:44: warning[-Wanalyzer-malloc-leak]: leak of ‘repo’
pacman-v7.0.0/src/pacman/sync.c:900:5: enter_function: entry to ‘pacman_sync’
pacman-v7.0.0/src/pacman/sync.c:905:11: branch_false: following ‘false’ branch...
pacman-v7.0.0/src/pacman/sync.c:922:12: branch_false: ...to here
pacman-v7.0.0/src/pacman/sync.c:922:11: branch_false: following ‘false’ branch...
pacman-v7.0.0/src/pacman/sync.c:926:43: branch_false: ...to here
pacman-v7.0.0/src/pacman/sync.c:938:11: branch_false: following ‘false’ branch...
pacman-v7.0.0/src/pacman/sync.c:943:18: branch_false: ...to here
pacman-v7.0.0/src/pacman/sync.c:943:11: branch_false: following ‘false’ branch...
pacman-v7.0.0/src/pacman/sync.c:948:12: branch_false: ...to here
pacman-v7.0.0/src/pacman/sync.c:948:11: branch_false: following ‘false’ branch...
pacman-v7.0.0/src/pacman/sync.c:953:12: branch_false: ...to here
pacman-v7.0.0/src/pacman/sync.c:953:11: branch_true: following ‘true’ branch...
pacman-v7.0.0/src/pacman/sync.c:954:24: branch_true: ...to here
pacman-v7.0.0/src/pacman/sync.c:954:24: call_function: calling ‘sync_info’ from ‘pacman_sync’
#  421|   			for(j = syncs; j; j = alpm_list_next(j)) {
#  422|   				alpm_db_t *db = j->data;
#  423|-> 				if(repo && strcmp(repo, alpm_db_get_name(db)) != 0) {
#  424|   					continue;
#  425|   				}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def727]
pacman-v7.0.0/src/pacman/sync.c:428:41: warning[-Wanalyzer-malloc-leak]: leak of ‘pkgstr’
pacman-v7.0.0/src/pacman/sync.c:900:5: enter_function: entry to ‘pacman_sync’
pacman-v7.0.0/src/pacman/sync.c:905:11: branch_false: following ‘false’ branch...
pacman-v7.0.0/src/pacman/sync.c:922:12: branch_false: ...to here
pacman-v7.0.0/src/pacman/sync.c:922:11: branch_false: following ‘false’ branch...
pacman-v7.0.0/src/pacman/sync.c:926:43: branch_false: ...to here
pacman-v7.0.0/src/pacman/sync.c:938:11: branch_false: following ‘false’ branch...
pacman-v7.0.0/src/pacman/sync.c:943:18: branch_false: ...to here
pacman-v7.0.0/src/pacman/sync.c:943:11: branch_false: following ‘false’ branch...
pacman-v7.0.0/src/pacman/sync.c:948:12: branch_false: ...to here
pacman-v7.0.0/src/pacman/sync.c:948:11: branch_false: following ‘false’ branch...
pacman-v7.0.0/src/pacman/sync.c:953:12: branch_false: ...to here
pacman-v7.0.0/src/pacman/sync.c:953:11: branch_true: following ‘true’ branch...
pacman-v7.0.0/src/pacman/sync.c:954:24: branch_true: ...to here
pacman-v7.0.0/src/pacman/sync.c:954:24: call_function: calling ‘sync_info’ from ‘pacman_sync’
#  426|   				founddb = 1;
#  427|   
#  428|-> 				for(k = alpm_db_get_pkgcache(db); k; k = alpm_list_next(k)) {
#  429|   					alpm_pkg_t *pkg = k->data;
#  430|   

Error: GCC_ANALYZER_WARNING (CWE-401): [#def728]
pacman-v7.0.0/src/pacman/sync.c:428:41: warning[-Wanalyzer-malloc-leak]: leak of ‘repo’
pacman-v7.0.0/src/pacman/sync.c:900:5: enter_function: entry to ‘pacman_sync’
pacman-v7.0.0/src/pacman/sync.c:905:11: branch_false: following ‘false’ branch...
pacman-v7.0.0/src/pacman/sync.c:922:12: branch_false: ...to here
pacman-v7.0.0/src/pacman/sync.c:922:11: branch_false: following ‘false’ branch...
pacman-v7.0.0/src/pacman/sync.c:926:43: branch_false: ...to here
pacman-v7.0.0/src/pacman/sync.c:938:11: branch_false: following ‘false’ branch...
pacman-v7.0.0/src/pacman/sync.c:943:18: branch_false: ...to here
pacman-v7.0.0/src/pacman/sync.c:943:11: branch_false: following ‘false’ branch...
pacman-v7.0.0/src/pacman/sync.c:948:12: branch_false: ...to here
pacman-v7.0.0/src/pacman/sync.c:948:11: branch_false: following ‘false’ branch...
pacman-v7.0.0/src/pacman/sync.c:953:12: branch_false: ...to here
pacman-v7.0.0/src/pacman/sync.c:953:11: branch_true: following ‘true’ branch...
pacman-v7.0.0/src/pacman/sync.c:954:24: branch_true: ...to here
pacman-v7.0.0/src/pacman/sync.c:954:24: call_function: calling ‘sync_info’ from ‘pacman_sync’
#  426|   				founddb = 1;
#  427|   
#  428|-> 				for(k = alpm_db_get_pkgcache(db); k; k = alpm_list_next(k)) {
#  429|   					alpm_pkg_t *pkg = k->data;
#  430|   

Error: GCC_ANALYZER_WARNING (CWE-401): [#def729]
pacman-v7.0.0/src/pacman/sync.c:428:74: warning[-Wanalyzer-malloc-leak]: leak of ‘pkgstr’
pacman-v7.0.0/src/pacman/sync.c:900:5: enter_function: entry to ‘pacman_sync’
pacman-v7.0.0/src/pacman/sync.c:905:11: branch_false: following ‘false’ branch...
pacman-v7.0.0/src/pacman/sync.c:922:12: branch_false: ...to here
pacman-v7.0.0/src/pacman/sync.c:922:11: branch_false: following ‘false’ branch...
pacman-v7.0.0/src/pacman/sync.c:926:43: branch_false: ...to here
pacman-v7.0.0/src/pacman/sync.c:938:11: branch_false: following ‘false’ branch...
pacman-v7.0.0/src/pacman/sync.c:943:18: branch_false: ...to here
pacman-v7.0.0/src/pacman/sync.c:943:11: branch_false: following ‘false’ branch...
pacman-v7.0.0/src/pacman/sync.c:948:12: branch_false: ...to here
pacman-v7.0.0/src/pacman/sync.c:948:11: branch_false: following ‘false’ branch...
pacman-v7.0.0/src/pacman/sync.c:953:12: branch_false: ...to here
pacman-v7.0.0/src/pacman/sync.c:953:11: branch_true: following ‘true’ branch...
pacman-v7.0.0/src/pacman/sync.c:954:24: branch_true: ...to here
pacman-v7.0.0/src/pacman/sync.c:954:24: call_function: calling ‘sync_info’ from ‘pacman_sync’
#  426|   				founddb = 1;
#  427|   
#  428|-> 				for(k = alpm_db_get_pkgcache(db); k; k = alpm_list_next(k)) {
#  429|   					alpm_pkg_t *pkg = k->data;
#  430|   

Error: GCC_ANALYZER_WARNING (CWE-401): [#def730]
pacman-v7.0.0/src/pacman/sync.c:428:74: warning[-Wanalyzer-malloc-leak]: leak of ‘repo’
pacman-v7.0.0/src/pacman/sync.c:900:5: enter_function: entry to ‘pacman_sync’
pacman-v7.0.0/src/pacman/sync.c:905:11: branch_false: following ‘false’ branch...
pacman-v7.0.0/src/pacman/sync.c:922:12: branch_false: ...to here
pacman-v7.0.0/src/pacman/sync.c:922:11: branch_false: following ‘false’ branch...
pacman-v7.0.0/src/pacman/sync.c:926:43: branch_false: ...to here
pacman-v7.0.0/src/pacman/sync.c:938:11: branch_false: following ‘false’ branch...
pacman-v7.0.0/src/pacman/sync.c:943:18: branch_false: ...to here
pacman-v7.0.0/src/pacman/sync.c:943:11: branch_false: following ‘false’ branch...
pacman-v7.0.0/src/pacman/sync.c:948:12: branch_false: ...to here
pacman-v7.0.0/src/pacman/sync.c:948:11: branch_false: following ‘false’ branch...
pacman-v7.0.0/src/pacman/sync.c:953:12: branch_false: ...to here
pacman-v7.0.0/src/pacman/sync.c:953:11: branch_true: following ‘true’ branch...
pacman-v7.0.0/src/pacman/sync.c:954:24: branch_true: ...to here
pacman-v7.0.0/src/pacman/sync.c:954:24: call_function: calling ‘sync_info’ from ‘pacman_sync’
#  426|   				founddb = 1;
#  427|   
#  428|-> 				for(k = alpm_db_get_pkgcache(db); k; k = alpm_list_next(k)) {
#  429|   					alpm_pkg_t *pkg = k->data;
#  430|   

Error: GCC_ANALYZER_WARNING (CWE-401): [#def731]
pacman-v7.0.0/src/pacman/sync.c:431:44: warning[-Wanalyzer-malloc-leak]: leak of ‘pkgstr’
pacman-v7.0.0/src/pacman/sync.c:900:5: enter_function: entry to ‘pacman_sync’
pacman-v7.0.0/src/pacman/sync.c:905:11: branch_false: following ‘false’ branch...
pacman-v7.0.0/src/pacman/sync.c:922:12: branch_false: ...to here
pacman-v7.0.0/src/pacman/sync.c:922:11: branch_false: following ‘false’ branch...
pacman-v7.0.0/src/pacman/sync.c:926:43: branch_false: ...to here
pacman-v7.0.0/src/pacman/sync.c:938:11: branch_false: following ‘false’ branch...
pacman-v7.0.0/src/pacman/sync.c:943:18: branch_false: ...to here
pacman-v7.0.0/src/pacman/sync.c:943:11: branch_false: following ‘false’ branch...
pacman-v7.0.0/src/pacman/sync.c:948:12: branch_false: ...to here
pacman-v7.0.0/src/pacman/sync.c:948:11: branch_false: following ‘false’ branch...
pacman-v7.0.0/src/pacman/sync.c:953:12: branch_false: ...to here
pacman-v7.0.0/src/pacman/sync.c:953:11: branch_true: following ‘true’ branch...
pacman-v7.0.0/src/pacman/sync.c:954:24: branch_true: ...to here
pacman-v7.0.0/src/pacman/sync.c:954:24: call_function: calling ‘sync_info’ from ‘pacman_sync’
#  429|   					alpm_pkg_t *pkg = k->data;
#  430|   
#  431|-> 					if(strcmp(alpm_pkg_get_name(pkg), pkgstr) == 0) {
#  432|   						dump_pkg_full(pkg, config->op_s_info > 1);
#  433|   						foundpkg = 1;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def732]
pacman-v7.0.0/src/pacman/sync.c:431:44: warning[-Wanalyzer-malloc-leak]: leak of ‘repo’
pacman-v7.0.0/src/pacman/sync.c:900:5: enter_function: entry to ‘pacman_sync’
pacman-v7.0.0/src/pacman/sync.c:905:11: branch_false: following ‘false’ branch...
pacman-v7.0.0/src/pacman/sync.c:922:12: branch_false: ...to here
pacman-v7.0.0/src/pacman/sync.c:922:11: branch_false: following ‘false’ branch...
pacman-v7.0.0/src/pacman/sync.c:926:43: branch_false: ...to here
pacman-v7.0.0/src/pacman/sync.c:938:11: branch_false: following ‘false’ branch...
pacman-v7.0.0/src/pacman/sync.c:943:18: branch_false: ...to here
pacman-v7.0.0/src/pacman/sync.c:943:11: branch_false: following ‘false’ branch...
pacman-v7.0.0/src/pacman/sync.c:948:12: branch_false: ...to here
pacman-v7.0.0/src/pacman/sync.c:948:11: branch_false: following ‘false’ branch...
pacman-v7.0.0/src/pacman/sync.c:953:12: branch_false: ...to here
pacman-v7.0.0/src/pacman/sync.c:953:11: branch_true: following ‘true’ branch...
pacman-v7.0.0/src/pacman/sync.c:954:24: branch_true: ...to here
pacman-v7.0.0/src/pacman/sync.c:954:24: call_function: calling ‘sync_info’ from ‘pacman_sync’
#  429|   					alpm_pkg_t *pkg = k->data;
#  430|   
#  431|-> 					if(strcmp(alpm_pkg_get_name(pkg), pkgstr) == 0) {
#  432|   						dump_pkg_full(pkg, config->op_s_info > 1);
#  433|   						foundpkg = 1;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def733]
pacman-v7.0.0/src/pacman/sync.c:432:49: warning[-Wanalyzer-malloc-leak]: leak of ‘pkgstr’
pacman-v7.0.0/src/pacman/sync.c:900:5: enter_function: entry to ‘pacman_sync’
pacman-v7.0.0/src/pacman/sync.c:905:11: branch_false: following ‘false’ branch...
pacman-v7.0.0/src/pacman/sync.c:922:12: branch_false: ...to here
pacman-v7.0.0/src/pacman/sync.c:922:11: branch_false: following ‘false’ branch...
pacman-v7.0.0/src/pacman/sync.c:926:43: branch_false: ...to here
pacman-v7.0.0/src/pacman/sync.c:938:11: branch_false: following ‘false’ branch...
pacman-v7.0.0/src/pacman/sync.c:943:18: branch_false: ...to here
pacman-v7.0.0/src/pacman/sync.c:943:11: branch_false: following ‘false’ branch...
pacman-v7.0.0/src/pacman/sync.c:948:12: branch_false: ...to here
pacman-v7.0.0/src/pacman/sync.c:948:11: branch_false: following ‘false’ branch...
pacman-v7.0.0/src/pacman/sync.c:953:12: branch_false: ...to here
pacman-v7.0.0/src/pacman/sync.c:953:11: branch_true: following ‘true’ branch...
pacman-v7.0.0/src/pacman/sync.c:954:24: branch_true: ...to here
pacman-v7.0.0/src/pacman/sync.c:954:24: call_function: calling ‘sync_info’ from ‘pacman_sync’
#  430|   
#  431|   					if(strcmp(alpm_pkg_get_name(pkg), pkgstr) == 0) {
#  432|-> 						dump_pkg_full(pkg, config->op_s_info > 1);
#  433|   						foundpkg = 1;
#  434|   						break;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def734]
pacman-v7.0.0/src/pacman/sync.c:432:49: warning[-Wanalyzer-malloc-leak]: leak of ‘repo’
pacman-v7.0.0/src/pacman/sync.c:900:5: enter_function: entry to ‘pacman_sync’
pacman-v7.0.0/src/pacman/sync.c:905:11: branch_false: following ‘false’ branch...
pacman-v7.0.0/src/pacman/sync.c:922:12: branch_false: ...to here
pacman-v7.0.0/src/pacman/sync.c:922:11: branch_false: following ‘false’ branch...
pacman-v7.0.0/src/pacman/sync.c:926:43: branch_false: ...to here
pacman-v7.0.0/src/pacman/sync.c:938:11: branch_false: following ‘false’ branch...
pacman-v7.0.0/src/pacman/sync.c:943:18: branch_false: ...to here
pacman-v7.0.0/src/pacman/sync.c:943:11: branch_false: following ‘false’ branch...
pacman-v7.0.0/src/pacman/sync.c:948:12: branch_false: ...to here
pacman-v7.0.0/src/pacman/sync.c:948:11: branch_false: following ‘false’ branch...
pacman-v7.0.0/src/pacman/sync.c:953:12: branch_false: ...to here
pacman-v7.0.0/src/pacman/sync.c:953:11: branch_true: following ‘true’ branch...
pacman-v7.0.0/src/pacman/sync.c:954:24: branch_true: ...to here
pacman-v7.0.0/src/pacman/sync.c:954:24: call_function: calling ‘sync_info’ from ‘pacman_sync’
#  430|   
#  431|   					if(strcmp(alpm_pkg_get_name(pkg), pkgstr) == 0) {
#  432|-> 						dump_pkg_full(pkg, config->op_s_info > 1);
#  433|   						foundpkg = 1;
#  434|   						break;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def735]
pacman-v7.0.0/src/pacman/sync.c:440:33: warning[-Wanalyzer-malloc-leak]: leak of ‘pkgstr’
pacman-v7.0.0/src/pacman/sync.c:900:5: enter_function: entry to ‘pacman_sync’
pacman-v7.0.0/src/pacman/sync.c:905:11: branch_false: following ‘false’ branch...
pacman-v7.0.0/src/pacman/sync.c:922:12: branch_false: ...to here
pacman-v7.0.0/src/pacman/sync.c:922:11: branch_false: following ‘false’ branch...
pacman-v7.0.0/src/pacman/sync.c:926:43: branch_false: ...to here
pacman-v7.0.0/src/pacman/sync.c:938:11: branch_false: following ‘false’ branch...
pacman-v7.0.0/src/pacman/sync.c:943:18: branch_false: ...to here
pacman-v7.0.0/src/pacman/sync.c:943:11: branch_false: following ‘false’ branch...
pacman-v7.0.0/src/pacman/sync.c:948:12: branch_false: ...to here
pacman-v7.0.0/src/pacman/sync.c:948:11: branch_false: following ‘false’ branch...
pacman-v7.0.0/src/pacman/sync.c:953:12: branch_false: ...to here
pacman-v7.0.0/src/pacman/sync.c:953:11: branch_true: following ‘true’ branch...
pacman-v7.0.0/src/pacman/sync.c:954:24: branch_true: ...to here
pacman-v7.0.0/src/pacman/sync.c:954:24: call_function: calling ‘sync_info’ from ‘pacman_sync’
#  438|   
#  439|   			if(!founddb) {
#  440|-> 				pm_printf(ALPM_LOG_ERROR,
#  441|   						_("repository '%s' does not exist\n"), repo);
#  442|   				ret++;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def736]
pacman-v7.0.0/src/pacman/sync.c:445:33: warning[-Wanalyzer-malloc-leak]: leak of ‘pkgstr’
pacman-v7.0.0/src/pacman/sync.c:900:5: enter_function: entry to ‘pacman_sync’
pacman-v7.0.0/src/pacman/sync.c:905:11: branch_false: following ‘false’ branch...
pacman-v7.0.0/src/pacman/sync.c:922:12: branch_false: ...to here
pacman-v7.0.0/src/pacman/sync.c:922:11: branch_false: following ‘false’ branch...
pacman-v7.0.0/src/pacman/sync.c:926:43: branch_false: ...to here
pacman-v7.0.0/src/pacman/sync.c:938:11: branch_false: following ‘false’ branch...
pacman-v7.0.0/src/pacman/sync.c:943:18: branch_false: ...to here
pacman-v7.0.0/src/pacman/sync.c:943:11: branch_false: following ‘false’ branch...
pacman-v7.0.0/src/pacman/sync.c:948:12: branch_false: ...to here
pacman-v7.0.0/src/pacman/sync.c:948:11: branch_false: following ‘false’ branch...
pacman-v7.0.0/src/pacman/sync.c:953:12: branch_false: ...to here
pacman-v7.0.0/src/pacman/sync.c:953:11: branch_true: following ‘true’ branch...
pacman-v7.0.0/src/pacman/sync.c:954:24: branch_true: ...to here
pacman-v7.0.0/src/pacman/sync.c:954:24: call_function: calling ‘sync_info’ from ‘pacman_sync’
#  443|   			}
#  444|   			if(!foundpkg) {
#  445|-> 				pm_printf(ALPM_LOG_ERROR,
#  446|   						_("package '%s' was not found\n"), target);
#  447|   				ret++;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def737]
pacman-v7.0.0/src/pacman/sync.c:526:17: warning[-Wanalyzer-malloc-leak]: leak of ‘targstring’
pacman-v7.0.0/src/pacman/sync.c:702:12: enter_function: entry to ‘sync_trans’
pacman-v7.0.0/src/pacman/sync.c:708:11: branch_false: following ‘false’ branch...
 branch_false: ...to here
pacman-v7.0.0/src/pacman/sync.c:713:26: branch_true: following ‘true’ branch (when ‘i’ is non-NULL)...
pacman-v7.0.0/src/pacman/sync.c:714:29: branch_true: ...to here
pacman-v7.0.0/src/pacman/sync.c:715:20: call_function: calling ‘process_target’ from ‘sync_trans’
#  524|   {
#  525|   	alpm_list_t *i;
#  526|-> 	for(i = alpm_get_syncdbs(config->handle); i; i = i->next) {
#  527|   		alpm_db_t *db = i->data;
#  528|   		if(strcmp(alpm_db_get_name(db), dbname) == 0) {

Error: GCC_ANALYZER_WARNING (CWE-401): [#def738]
pacman-v7.0.0/src/pacman/sync.c:528:20: warning[-Wanalyzer-malloc-leak]: leak of ‘targstring’
pacman-v7.0.0/src/pacman/sync.c:702:12: enter_function: entry to ‘sync_trans’
pacman-v7.0.0/src/pacman/sync.c:708:11: branch_false: following ‘false’ branch...
 branch_false: ...to here
pacman-v7.0.0/src/pacman/sync.c:713:26: branch_true: following ‘true’ branch (when ‘i’ is non-NULL)...
pacman-v7.0.0/src/pacman/sync.c:714:29: branch_true: ...to here
pacman-v7.0.0/src/pacman/sync.c:715:20: call_function: calling ‘process_target’ from ‘sync_trans’
#  526|   	for(i = alpm_get_syncdbs(config->handle); i; i = i->next) {
#  527|   		alpm_db_t *db = i->data;
#  528|-> 		if(strcmp(alpm_db_get_name(db), dbname) == 0) {
#  529|   			return db;
#  530|   		}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def739]
pacman-v7.0.0/src/pacman/sync.c:537:19: warning[-Wanalyzer-malloc-leak]: leak of ‘targstring’
pacman-v7.0.0/src/pacman/sync.c:702:12: enter_function: entry to ‘sync_trans’
pacman-v7.0.0/src/pacman/sync.c:708:11: branch_false: following ‘false’ branch...
 branch_false: ...to here
pacman-v7.0.0/src/pacman/sync.c:713:26: branch_true: following ‘true’ branch (when ‘i’ is non-NULL)...
pacman-v7.0.0/src/pacman/sync.c:714:29: branch_true: ...to here
pacman-v7.0.0/src/pacman/sync.c:715:20: call_function: calling ‘process_target’ from ‘sync_trans’
#  535|   static int process_pkg(alpm_pkg_t *pkg)
#  536|   {
#  537|-> 	int ret = alpm_add_pkg(config->handle, pkg);
#  538|   
#  539|   	if(ret == -1) {

Error: GCC_ANALYZER_WARNING (CWE-401): [#def740]
pacman-v7.0.0/src/pacman/sync.c:540:36: warning[-Wanalyzer-malloc-leak]: leak of ‘targstring’
pacman-v7.0.0/src/pacman/sync.c:702:12: enter_function: entry to ‘sync_trans’
pacman-v7.0.0/src/pacman/sync.c:708:11: branch_false: following ‘false’ branch...
 branch_false: ...to here
pacman-v7.0.0/src/pacman/sync.c:713:26: branch_true: following ‘true’ branch (when ‘i’ is non-NULL)...
pacman-v7.0.0/src/pacman/sync.c:714:29: branch_true: ...to here
pacman-v7.0.0/src/pacman/sync.c:715:20: call_function: calling ‘process_target’ from ‘sync_trans’
#  538|   
#  539|   	if(ret == -1) {
#  540|-> 		alpm_errno_t err = alpm_errno(config->handle);
#  541|   		pm_printf(ALPM_LOG_ERROR, "'%s': %s\n", alpm_pkg_get_name(pkg), alpm_strerror(err));
#  542|   		return 1;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def741]
pacman-v7.0.0/src/pacman/sync.c:541:17: warning[-Wanalyzer-malloc-leak]: leak of ‘targstring’
pacman-v7.0.0/src/pacman/sync.c:702:12: enter_function: entry to ‘sync_trans’
pacman-v7.0.0/src/pacman/sync.c:708:11: branch_false: following ‘false’ branch...
 branch_false: ...to here
pacman-v7.0.0/src/pacman/sync.c:713:26: branch_true: following ‘true’ branch (when ‘i’ is non-NULL)...
pacman-v7.0.0/src/pacman/sync.c:714:29: branch_true: ...to here
pacman-v7.0.0/src/pacman/sync.c:715:20: call_function: calling ‘process_target’ from ‘sync_trans’
#  539|   	if(ret == -1) {
#  540|   		alpm_errno_t err = alpm_errno(config->handle);
#  541|-> 		pm_printf(ALPM_LOG_ERROR, "'%s': %s\n", alpm_pkg_get_name(pkg), alpm_strerror(err));
#  542|   		return 1;
#  543|   	}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def742]
pacman-v7.0.0/src/pacman/sync.c:589:17: warning[-Wanalyzer-malloc-leak]: leak of ‘array’
pacman-v7.0.0/src/pacman/sync.c:702:12: enter_function: entry to ‘sync_trans’
pacman-v7.0.0/src/pacman/sync.c:708:11: branch_false: following ‘false’ branch...
 branch_false: ...to here
pacman-v7.0.0/src/pacman/sync.c:713:26: branch_true: following ‘true’ branch (when ‘i’ is non-NULL)...
pacman-v7.0.0/src/pacman/sync.c:714:29: branch_true: ...to here
pacman-v7.0.0/src/pacman/sync.c:715:20: call_function: calling ‘process_target’ from ‘sync_trans’
#  587|   		int n = 0;
#  588|   		const colstr_t *colstr = &config->colstr;
#  589|-> 		colon_printf(_n("There is %d member in group %s%s%s:\n",
#  590|   				"There are %d members in group %s%s%s:\n", count),
#  591|   				count, colstr->groups, group, colstr->title);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def743]
pacman-v7.0.0/src/pacman/sync.c:592:17: warning[-Wanalyzer-malloc-leak]: leak of ‘array’
pacman-v7.0.0/src/pacman/sync.c:702:12: enter_function: entry to ‘sync_trans’
pacman-v7.0.0/src/pacman/sync.c:708:11: branch_false: following ‘false’ branch...
 branch_false: ...to here
pacman-v7.0.0/src/pacman/sync.c:713:26: branch_true: following ‘true’ branch (when ‘i’ is non-NULL)...
pacman-v7.0.0/src/pacman/sync.c:714:29: branch_true: ...to here
pacman-v7.0.0/src/pacman/sync.c:715:20: call_function: calling ‘process_target’ from ‘sync_trans’
#  590|   				"There are %d members in group %s%s%s:\n", count),
#  591|   				count, colstr->groups, group, colstr->title);
#  592|-> 		select_display(pkgs);
#  593|   		if(!array) {
#  594|   			ret = 1;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def744]
pacman-v7.0.0/src/pacman/sync.c:597:20: warning[-Wanalyzer-malloc-leak]: leak of ‘array’
pacman-v7.0.0/src/pacman/sync.c:702:12: enter_function: entry to ‘sync_trans’
pacman-v7.0.0/src/pacman/sync.c:708:11: branch_false: following ‘false’ branch...
 branch_false: ...to here
pacman-v7.0.0/src/pacman/sync.c:713:26: branch_true: following ‘true’ branch (when ‘i’ is non-NULL)...
pacman-v7.0.0/src/pacman/sync.c:714:29: branch_true: ...to here
pacman-v7.0.0/src/pacman/sync.c:715:20: call_function: calling ‘process_target’ from ‘sync_trans’
#  595|   			goto cleanup;
#  596|   		}
#  597|-> 		if(multiselect_question(array, count)) {
#  598|   			ret = 1;
#  599|   			free(array);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def745]
pacman-v7.0.0/src/pacman/sync.c:635:27: warning[-Wanalyzer-malloc-leak]: leak of ‘targstring’
pacman-v7.0.0/src/pacman/sync.c:702:12: enter_function: entry to ‘sync_trans’
pacman-v7.0.0/src/pacman/sync.c:708:11: branch_false: following ‘false’ branch...
 branch_false: ...to here
pacman-v7.0.0/src/pacman/sync.c:713:26: branch_true: following ‘true’ branch (when ‘i’ is non-NULL)...
pacman-v7.0.0/src/pacman/sync.c:714:29: branch_true: ...to here
pacman-v7.0.0/src/pacman/sync.c:715:20: call_function: calling ‘process_target’ from ‘sync_trans’
#  633|   		int error)
#  634|   {
#  635|-> 	alpm_pkg_t *pkg = alpm_find_dbs_satisfier(config->handle, dblist, targname);
#  636|   
#  637|   	/* skip ignored packages when user says no */

Error: GCC_ANALYZER_WARNING (CWE-401): [#def746]
pacman-v7.0.0/src/pacman/sync.c:638:12: warning[-Wanalyzer-malloc-leak]: leak of ‘targstring’
pacman-v7.0.0/src/pacman/sync.c:702:12: enter_function: entry to ‘sync_trans’
pacman-v7.0.0/src/pacman/sync.c:708:11: branch_false: following ‘false’ branch...
 branch_false: ...to here
pacman-v7.0.0/src/pacman/sync.c:713:26: branch_true: following ‘true’ branch (when ‘i’ is non-NULL)...
pacman-v7.0.0/src/pacman/sync.c:714:29: branch_true: ...to here
pacman-v7.0.0/src/pacman/sync.c:715:20: call_function: calling ‘process_target’ from ‘sync_trans’
#  636|   
#  637|   	/* skip ignored packages when user says no */
#  638|-> 	if(alpm_errno(config->handle) == ALPM_ERR_PKG_IGNORED) {
#  639|   			pm_printf(ALPM_LOG_WARNING, _("skipping target: %s\n"), targname);
#  640|   			return 0;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def747]
pacman-v7.0.0/src/pacman/sync.c:639:25: warning[-Wanalyzer-malloc-leak]: leak of ‘targstring’
pacman-v7.0.0/src/pacman/sync.c:702:12: enter_function: entry to ‘sync_trans’
pacman-v7.0.0/src/pacman/sync.c:708:11: branch_false: following ‘false’ branch...
 branch_false: ...to here
pacman-v7.0.0/src/pacman/sync.c:713:26: branch_true: following ‘true’ branch (when ‘i’ is non-NULL)...
pacman-v7.0.0/src/pacman/sync.c:714:29: branch_true: ...to here
pacman-v7.0.0/src/pacman/sync.c:715:20: call_function: calling ‘process_target’ from ‘sync_trans’
#  637|   	/* skip ignored packages when user says no */
#  638|   	if(alpm_errno(config->handle) == ALPM_ERR_PKG_IGNORED) {
#  639|-> 			pm_printf(ALPM_LOG_WARNING, _("skipping target: %s\n"), targname);
#  640|   			return 0;
#  641|   	}

Error: CPPCHECK_WARNING (CWE-476): [#def748]
pacman-v7.0.0/src/pacman/sync.c:654: warning[nullPointerOutOfMemory]: If memory allocation fails, then there is a possible null pointer dereference: targstring
#  652|   	/* process targets */
#  653|   	char *targstring = strdup(target);
#  654|-> 	char *targname = strchr(targstring, '/');
#  655|   	int ret = 0;
#  656|   	alpm_list_t *dblist;

Error: GCC_ANALYZER_WARNING (CWE-688): [#def749]
pacman-v7.0.0/src/pacman/sync.c:654:26: warning[-Wanalyzer-possible-null-argument]: use of possibly-NULL ‘targstring’ where non-null expected
pacman-v7.0.0/src/pacman/sync.c:702:12: enter_function: entry to ‘sync_trans’
pacman-v7.0.0/src/pacman/sync.c:708:11: branch_false: following ‘false’ branch...
 branch_false: ...to here
pacman-v7.0.0/src/pacman/sync.c:713:26: branch_true: following ‘true’ branch (when ‘i’ is non-NULL)...
pacman-v7.0.0/src/pacman/sync.c:714:29: branch_true: ...to here
pacman-v7.0.0/src/pacman/sync.c:715:20: call_function: calling ‘process_target’ from ‘sync_trans’
#argument 1 of ‘__builtin_strchr’ must be non-null
#  652|   	/* process targets */
#  653|   	char *targstring = strdup(target);
#  654|-> 	char *targname = strchr(targstring, '/');
#  655|   	int ret = 0;
#  656|   	alpm_list_t *dblist;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def750]
pacman-v7.0.0/src/pacman/sync.c:668:25: warning[-Wanalyzer-malloc-leak]: leak of ‘targstring’
pacman-v7.0.0/src/pacman/sync.c:702:12: enter_function: entry to ‘sync_trans’
pacman-v7.0.0/src/pacman/sync.c:708:11: branch_false: following ‘false’ branch...
 branch_false: ...to here
pacman-v7.0.0/src/pacman/sync.c:713:26: branch_true: following ‘true’ branch (when ‘i’ is non-NULL)...
pacman-v7.0.0/src/pacman/sync.c:714:29: branch_true: ...to here
pacman-v7.0.0/src/pacman/sync.c:715:20: call_function: calling ‘process_target’ from ‘sync_trans’
#  666|   		db = get_db(dbname);
#  667|   		if(!db) {
#  668|-> 			pm_printf(ALPM_LOG_ERROR, _("database not found: %s\n"),
#  669|   					dbname);
#  670|   			ret = 1;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def751]
pacman-v7.0.0/src/pacman/sync.c:676:17: warning[-Wanalyzer-malloc-leak]: leak of ‘targstring’
pacman-v7.0.0/src/pacman/sync.c:702:12: enter_function: entry to ‘sync_trans’
pacman-v7.0.0/src/pacman/sync.c:708:11: branch_false: following ‘false’ branch...
 branch_false: ...to here
pacman-v7.0.0/src/pacman/sync.c:713:26: branch_true: following ‘true’ branch (when ‘i’ is non-NULL)...
pacman-v7.0.0/src/pacman/sync.c:714:29: branch_true: ...to here
pacman-v7.0.0/src/pacman/sync.c:715:20: call_function: calling ‘process_target’ from ‘sync_trans’
#  674|   		/* explicitly mark this repo as valid for installs since
#  675|   		 * a repo name was given with the target */
#  676|-> 		alpm_db_get_usage(db, &usage);
#  677|   		alpm_db_set_usage(db, usage|ALPM_DB_USAGE_INSTALL);
#  678|   

Error: GCC_ANALYZER_WARNING (CWE-401): [#def752]
pacman-v7.0.0/src/pacman/sync.c:677:17: warning[-Wanalyzer-malloc-leak]: leak of ‘targstring’
pacman-v7.0.0/src/pacman/sync.c:702:12: enter_function: entry to ‘sync_trans’
pacman-v7.0.0/src/pacman/sync.c:708:11: branch_false: following ‘false’ branch...
 branch_false: ...to here
pacman-v7.0.0/src/pacman/sync.c:713:26: branch_true: following ‘true’ branch (when ‘i’ is non-NULL)...
pacman-v7.0.0/src/pacman/sync.c:714:29: branch_true: ...to here
pacman-v7.0.0/src/pacman/sync.c:715:20: call_function: calling ‘process_target’ from ‘sync_trans’
#  675|   		 * a repo name was given with the target */
#  676|   		alpm_db_get_usage(db, &usage);
#  677|-> 		alpm_db_set_usage(db, usage|ALPM_DB_USAGE_INSTALL);
#  678|   
#  679|   		dblist = alpm_list_add(NULL, db);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def753]
pacman-v7.0.0/src/pacman/sync.c:679:26: warning[-Wanalyzer-malloc-leak]: leak of ‘targstring’
pacman-v7.0.0/src/pacman/sync.c:702:12: enter_function: entry to ‘sync_trans’
pacman-v7.0.0/src/pacman/sync.c:708:11: branch_false: following ‘false’ branch...
 branch_false: ...to here
pacman-v7.0.0/src/pacman/sync.c:713:26: branch_true: following ‘true’ branch (when ‘i’ is non-NULL)...
pacman-v7.0.0/src/pacman/sync.c:714:29: branch_true: ...to here
pacman-v7.0.0/src/pacman/sync.c:715:20: call_function: calling ‘process_target’ from ‘sync_trans’
#  677|   		alpm_db_set_usage(db, usage|ALPM_DB_USAGE_INSTALL);
#  678|   
#  679|-> 		dblist = alpm_list_add(NULL, db);
#  680|   		ret = process_targname(dblist, targname, error);
#  681|   		alpm_list_free(dblist);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def754]
pacman-v7.0.0/src/pacman/sync.c:681:17: warning[-Wanalyzer-malloc-leak]: leak of ‘targstring’
pacman-v7.0.0/src/pacman/sync.c:702:12: enter_function: entry to ‘sync_trans’
pacman-v7.0.0/src/pacman/sync.c:708:11: branch_false: following ‘false’ branch...
 branch_false: ...to here
pacman-v7.0.0/src/pacman/sync.c:713:26: branch_true: following ‘true’ branch (when ‘i’ is non-NULL)...
pacman-v7.0.0/src/pacman/sync.c:714:29: branch_true: ...to here
pacman-v7.0.0/src/pacman/sync.c:715:20: call_function: calling ‘process_target’ from ‘sync_trans’
#  679|   		dblist = alpm_list_add(NULL, db);
#  680|   		ret = process_targname(dblist, targname, error);
#  681|-> 		alpm_list_free(dblist);
#  682|   
#  683|   		/* restore old usage so we don't possibly disturb later

Error: GCC_ANALYZER_WARNING (CWE-401): [#def755]
pacman-v7.0.0/src/pacman/sync.c:685:17: warning[-Wanalyzer-malloc-leak]: leak of ‘targstring’
pacman-v7.0.0/src/pacman/sync.c:702:12: enter_function: entry to ‘sync_trans’
pacman-v7.0.0/src/pacman/sync.c:708:11: branch_false: following ‘false’ branch...
 branch_false: ...to here
pacman-v7.0.0/src/pacman/sync.c:713:26: branch_true: following ‘true’ branch (when ‘i’ is non-NULL)...
pacman-v7.0.0/src/pacman/sync.c:714:29: branch_true: ...to here
pacman-v7.0.0/src/pacman/sync.c:715:20: call_function: calling ‘process_target’ from ‘sync_trans’
#  683|   		/* restore old usage so we don't possibly disturb later
#  684|   		 * targets */
#  685|-> 		alpm_db_set_usage(db, usage);
#  686|   	} else {
#  687|   		targname = targstring;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def756]
pacman-v7.0.0/src/pacman/sync.c:688:26: warning[-Wanalyzer-malloc-leak]: leak of ‘targstring’
pacman-v7.0.0/src/pacman/sync.c:702:12: enter_function: entry to ‘sync_trans’
pacman-v7.0.0/src/pacman/sync.c:708:11: branch_false: following ‘false’ branch...
 branch_false: ...to here
pacman-v7.0.0/src/pacman/sync.c:713:26: branch_true: following ‘true’ branch (when ‘i’ is non-NULL)...
pacman-v7.0.0/src/pacman/sync.c:714:29: branch_true: ...to here
pacman-v7.0.0/src/pacman/sync.c:715:20: call_function: calling ‘process_target’ from ‘sync_trans’
#  686|   	} else {
#  687|   		targname = targstring;
#  688|-> 		dblist = alpm_get_syncdbs(config->handle);
#  689|   		ret = process_targname(dblist, targname, error);
#  690|   	}

Error: GCC_ANALYZER_WARNING (CWE-476): [#def757]
pacman-v7.0.0/src/pacman/util.c:477:25: warning[-Wanalyzer-possible-null-dereference]: dereference of possibly-NULL ‘replaced’
pacman-v7.0.0/src/pacman/util.c:458:11: branch_true: following ‘true’ branch...
pacman-v7.0.0/src/pacman/util.c:459:34: branch_true: ...to here
pacman-v7.0.0/src/pacman/util.c:459:34: acquire_memory: this call could return NULL
pacman-v7.0.0/src/pacman/util.c:461:23: branch_true: following ‘true’ branch...
pacman-v7.0.0/src/pacman/util.c:462:27: branch_true: ...to here
pacman-v7.0.0/src/pacman/util.c:477:25: danger: ‘replaced + iter’ could be NULL: unchecked value from [(4)](sarif:/runs/0/results/0/codeFlows/0/threadFlows/0/locations/3)
#  475|   			}
#  476|   
#  477|-> 			replaced[iter] = *s;
#  478|   			iter++;
#  479|   		}

Error: GCC_ANALYZER_WARNING (CWE-476): [#def758]
pacman-v7.0.0/src/pacman/util.c:480:17: warning[-Wanalyzer-possible-null-dereference]: dereference of possibly-NULL ‘replaced’
pacman-v7.0.0/src/pacman/util.c:458:11: branch_true: following ‘true’ branch...
pacman-v7.0.0/src/pacman/util.c:459:34: branch_true: ...to here
pacman-v7.0.0/src/pacman/util.c:459:34: acquire_memory: this call could return NULL
pacman-v7.0.0/src/pacman/util.c:480:17: danger: ‘replaced + iter’ could be NULL: unchecked value from [(4)](sarif:/runs/0/results/1/codeFlows/0/threadFlows/0/locations/3)
#  478|   			iter++;
#  479|   		}
#  480|-> 		replaced[iter] = '\0';
#  481|   		len = iter;
#  482|   		wcstr = calloc(len, sizeof(wchar_t));

Error: CPPCHECK_WARNING (CWE-476): [#def759]
pacman-v7.0.0/src/pacman/util.c:503: warning[nullPointerOutOfMemory]: If memory allocation fails, then there is a possible null pointer dereference: cell
#  501|   	struct table_cell_t *cell = malloc(sizeof(struct table_cell_t));
#  502|   
#  503|-> 	cell->label = label;
#  504|   	cell->mode = mode;
#  505|   	cell->len = string_length(label);

Error: CPPCHECK_WARNING (CWE-476): [#def760]
pacman-v7.0.0/src/pacman/util.c:504: warning[nullPointerOutOfMemory]: If memory allocation fails, then there is a possible null pointer dereference: cell
#  502|   
#  503|   	cell->label = label;
#  504|-> 	cell->mode = mode;
#  505|   	cell->len = string_length(label);
#  506|   

Error: CPPCHECK_WARNING (CWE-476): [#def761]
pacman-v7.0.0/src/pacman/util.c:505: warning[nullPointerOutOfMemory]: If memory allocation fails, then there is a possible null pointer dereference: cell
#  503|   	cell->label = label;
#  504|   	cell->mode = mode;
#  505|-> 	cell->len = string_length(label);
#  506|   
#  507|   	*row = alpm_list_add(*row, cell);

Error: CPPCHECK_WARNING (CWE-476): [#def762]
pacman-v7.0.0/src/pacman/util.c:1208: warning[nullPointerOutOfMemory]: If memory allocation fails, then there is a possible null pointer dereference: temp
# 1206|   		char *temp = string;
# 1207|   		/* %a : arch */
# 1208|-> 		if(strstr(temp, "%a")) {
# 1209|   			const char *arch = alpm_pkg_get_arch(pkg);
# 1210|   			if(arch == NULL) {

Error: CPPCHECK_WARNING (CWE-401): [#def763]
pacman-v7.0.0/src/pacman/util.c:1351: error[memleakOnRealloc]: Common realloc mistake: 'optstring' nulled but not freed upon failure
# 1349|   	}
# 1350|   	if(status) {
# 1351|-> 		optstring = realloc(optstring, strlen(optstring) + strlen(status) + 1);
# 1352|   		strcpy(optstring + strlen(optstring), status);
# 1353|   	}

Error: GCC_ANALYZER_WARNING (CWE-688): [#def764]
pacman-v7.0.0/src/pacman/util.c:1352:36: warning[-Wanalyzer-null-argument]: use of NULL ‘optstring’ where non-null expected
pacman-v7.0.0/src/pacman/util.c:1381:6: enter_function: entry to ‘display_optdepends’
pacman-v7.0.0/src/pacman/util.c:1388:26: branch_true: following ‘true’ branch (when ‘i’ is non-NULL)...
pacman-v7.0.0/src/pacman/util.c:1389:32: branch_true: ...to here
pacman-v7.0.0/src/pacman/util.c:1390:56: call_function: calling ‘make_optstring’ from ‘display_optdepends’
#argument 1 of ‘__builtin_strlen’ must be non-null
# 1350|   	if(status) {
# 1351|   		optstring = realloc(optstring, strlen(optstring) + strlen(status) + 1);
# 1352|-> 		strcpy(optstring + strlen(optstring), status);
# 1353|   	}
# 1354|   	return optstring;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def765]
pacman-v7.0.0/src/pacman/util.c:1366:33: warning[-Wanalyzer-malloc-leak]: leak of ‘make_optstring(optdep)’
pacman-v7.0.0/src/pacman/util.c:1357:6: enter_function: entry to ‘display_new_optdepends’
pacman-v7.0.0/src/pacman/util.c:1366:26: branch_true: following ‘true’ branch (when ‘i’ is non-NULL)...
pacman-v7.0.0/src/pacman/util.c:1367:32: branch_true: ...to here
pacman-v7.0.0/src/pacman/util.c:1368:56: call_function: calling ‘make_optstring’ from ‘display_new_optdepends’
pacman-v7.0.0/src/pacman/util.c:1368:56: return_function: returning to ‘display_new_optdepends’ from ‘make_optstring’
pacman-v7.0.0/src/pacman/util.c:1366:33: danger: ‘make_optstring(optdep)’ leaks here; was allocated at [(8)](sarif:/runs/0/results/3/codeFlows/0/threadFlows/0/locations/7)
# 1364|   
# 1365|   	/* turn optdepends list into a text list */
# 1366|-> 	for(i = optdeps; i; i = alpm_list_next(i)) {
# 1367|   		alpm_depend_t *optdep = i->data;
# 1368|   		optstrings = alpm_list_add(optstrings, make_optstring(optdep));

Error: GCC_ANALYZER_WARNING (CWE-401): [#def766]
pacman-v7.0.0/src/pacman/util.c:1388:33: warning[-Wanalyzer-malloc-leak]: leak of ‘make_optstring(optdep)’
pacman-v7.0.0/src/pacman/util.c:1381:6: enter_function: entry to ‘display_optdepends’
pacman-v7.0.0/src/pacman/util.c:1388:26: branch_true: following ‘true’ branch (when ‘i’ is non-NULL)...
pacman-v7.0.0/src/pacman/util.c:1389:32: branch_true: ...to here
pacman-v7.0.0/src/pacman/util.c:1390:56: call_function: calling ‘make_optstring’ from ‘display_optdepends’
pacman-v7.0.0/src/pacman/util.c:1390:56: return_function: returning to ‘display_optdepends’ from ‘make_optstring’
pacman-v7.0.0/src/pacman/util.c:1388:33: danger: ‘make_optstring(optdep)’ leaks here; was allocated at [(8)](sarif:/runs/0/results/4/codeFlows/0/threadFlows/0/locations/7)
# 1386|   
# 1387|   	/* turn optdepends list into a text list */
# 1388|-> 	for(i = optdeps; i; i = alpm_list_next(i)) {
# 1389|   		alpm_depend_t *optdep = i->data;
# 1390|   		optstrings = alpm_list_add(optstrings, make_optstring(optdep));

Error: GCC_ANALYZER_WARNING (CWE-401): [#def767]
pacman-v7.0.0/src/pacman/util.c:1535:17: warning[-Wanalyzer-malloc-leak]: leak of ‘new_response’
pacman-v7.0.0/src/pacman/util.c:1548:5: enter_function: entry to ‘multiselect_question’
pacman-v7.0.0/src/pacman/util.c:1562:11: branch_false: following ‘false’ branch (when ‘response’ is non-NULL)...
pacman-v7.0.0/src/pacman/util.c:1565:9: branch_false: ...to here
pacman-v7.0.0/src/pacman/util.c:1577:19: branch_false: following ‘false’ branch...
pacman-v7.0.0/src/pacman/util.c:1582:17: branch_false: ...to here
pacman-v7.0.0/src/pacman/util.c:1582:17: call_function: calling ‘flush_term_input’ from ‘multiselect_question’
pacman-v7.0.0/src/pacman/util.c:1582:17: return_function: returning to ‘multiselect_question’ from ‘flush_term_input’
pacman-v7.0.0/src/pacman/util.c:1584:20: call_function: calling ‘safe_fgets_stdin’ from ‘multiselect_question’
pacman-v7.0.0/src/pacman/util.c:1584:20: return_function: returning to ‘multiselect_question’ from ‘safe_fgets_stdin’
pacman-v7.0.0/src/pacman/util.c:1584:19: branch_true: following ‘true’ branch...
 branch_true: ...to here
pacman-v7.0.0/src/pacman/util.c:1592:35: branch_false: following ‘false’ branch (when ‘new_response’ is non-NULL)...
pacman-v7.0.0/src/pacman/util.c:1597:68: branch_false: ...to here
pacman-v7.0.0/src/pacman/util.c:1600:36: call_function: calling ‘safe_fgets_stdin’ from ‘multiselect_question’
# 1533|   		 * SIG_DFL, it doesn't leave the cursor invisible.
# 1534|   		 */
# 1535|-> 		fflush(stdout);
# 1536|   	}
# 1537|   }

Error: GCC_ANALYZER_WARNING (CWE-401): [#def768]
pacman-v7.0.0/src/pacman/util.c:1535:17: warning[-Wanalyzer-malloc-leak]: leak of ‘response’
pacman-v7.0.0/src/pacman/util.c:1548:5: enter_function: entry to ‘multiselect_question’
pacman-v7.0.0/src/pacman/util.c:1561:20: acquire_memory: allocated here
pacman-v7.0.0/src/pacman/util.c:1562:11: branch_false: following ‘false’ branch (when ‘response’ is non-NULL)...
pacman-v7.0.0/src/pacman/util.c:1565:9: branch_false: ...to here
pacman-v7.0.0/src/pacman/util.c:1577:19: branch_false: following ‘false’ branch...
pacman-v7.0.0/src/pacman/util.c:1582:17: branch_false: ...to here
pacman-v7.0.0/src/pacman/util.c:1582:17: call_function: calling ‘flush_term_input’ from ‘multiselect_question’
pacman-v7.0.0/src/pacman/util.c:1582:17: return_function: returning to ‘multiselect_question’ from ‘flush_term_input’
pacman-v7.0.0/src/pacman/util.c:1584:20: call_function: calling ‘safe_fgets_stdin’ from ‘multiselect_question’
# 1533|   		 * SIG_DFL, it doesn't leave the cursor invisible.
# 1534|   		 */
# 1535|-> 		fflush(stdout);
# 1536|   	}
# 1537|   }

Error: GCC_ANALYZER_WARNING (CWE-404): [#def769]
pacman-v7.0.0/src/pacman/util.c:1535:17: warning[-Wanalyzer-va-list-leak]: missing call to ‘va_end’
pacman-v7.0.0/src/pacman/util.c:1772:5: enter_function: entry to ‘noyes’
pacman-v7.0.0/src/pacman/util.c:1777:9: acquire_resource: ‘va_start’ called here
pacman-v7.0.0/src/pacman/util.c:1778:15: call_function: calling ‘question’ from ‘noyes’
# 1533|   		 * SIG_DFL, it doesn't leave the cursor invisible.
# 1534|   		 */
# 1535|-> 		fflush(stdout);
# 1536|   	}
# 1537|   }

Error: GCC_ANALYZER_WARNING (CWE-401): [#def770]
pacman-v7.0.0/src/pacman/util.c:1543:18: warning[-Wanalyzer-malloc-leak]: leak of ‘new_response’
pacman-v7.0.0/src/pacman/util.c:1548:5: enter_function: entry to ‘multiselect_question’
pacman-v7.0.0/src/pacman/util.c:1562:11: branch_false: following ‘false’ branch (when ‘response’ is non-NULL)...
pacman-v7.0.0/src/pacman/util.c:1565:9: branch_false: ...to here
pacman-v7.0.0/src/pacman/util.c:1577:19: branch_false: following ‘false’ branch...
pacman-v7.0.0/src/pacman/util.c:1582:17: branch_false: ...to here
pacman-v7.0.0/src/pacman/util.c:1582:17: call_function: calling ‘flush_term_input’ from ‘multiselect_question’
pacman-v7.0.0/src/pacman/util.c:1582:17: return_function: returning to ‘multiselect_question’ from ‘flush_term_input’
pacman-v7.0.0/src/pacman/util.c:1584:20: call_function: calling ‘safe_fgets_stdin’ from ‘multiselect_question’
pacman-v7.0.0/src/pacman/util.c:1584:20: return_function: returning to ‘multiselect_question’ from ‘safe_fgets_stdin’
pacman-v7.0.0/src/pacman/util.c:1584:19: branch_true: following ‘true’ branch...
 branch_true: ...to here
pacman-v7.0.0/src/pacman/util.c:1592:35: branch_false: following ‘false’ branch (when ‘new_response’ is non-NULL)...
pacman-v7.0.0/src/pacman/util.c:1597:68: branch_false: ...to here
pacman-v7.0.0/src/pacman/util.c:1600:36: call_function: calling ‘safe_fgets_stdin’ from ‘multiselect_question’
# 1541|   	char *result;
# 1542|   	console_cursor_show();
# 1543|-> 	result = safe_fgets(s, size, stdin);
# 1544|   	console_cursor_hide();
# 1545|   	return result;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def771]
pacman-v7.0.0/src/pacman/util.c:1543:18: warning[-Wanalyzer-malloc-leak]: leak of ‘response’
pacman-v7.0.0/src/pacman/util.c:1548:5: enter_function: entry to ‘multiselect_question’
pacman-v7.0.0/src/pacman/util.c:1561:20: acquire_memory: allocated here
pacman-v7.0.0/src/pacman/util.c:1562:11: branch_false: following ‘false’ branch (when ‘response’ is non-NULL)...
pacman-v7.0.0/src/pacman/util.c:1565:9: branch_false: ...to here
pacman-v7.0.0/src/pacman/util.c:1577:19: branch_false: following ‘false’ branch...
pacman-v7.0.0/src/pacman/util.c:1582:17: branch_false: ...to here
pacman-v7.0.0/src/pacman/util.c:1582:17: call_function: calling ‘flush_term_input’ from ‘multiselect_question’
pacman-v7.0.0/src/pacman/util.c:1582:17: return_function: returning to ‘multiselect_question’ from ‘flush_term_input’
pacman-v7.0.0/src/pacman/util.c:1584:20: call_function: calling ‘safe_fgets_stdin’ from ‘multiselect_question’
# 1541|   	char *result;
# 1542|   	console_cursor_show();
# 1543|-> 	result = safe_fgets(s, size, stdin);
# 1544|   	console_cursor_hide();
# 1545|   	return result;

Error: GCC_ANALYZER_WARNING (CWE-404): [#def772]
pacman-v7.0.0/src/pacman/util.c:1543:18: warning[-Wanalyzer-va-list-leak]: missing call to ‘va_end’
pacman-v7.0.0/src/pacman/util.c:1772:5: enter_function: entry to ‘noyes’
pacman-v7.0.0/src/pacman/util.c:1777:9: acquire_resource: ‘va_start’ called here
pacman-v7.0.0/src/pacman/util.c:1778:15: call_function: calling ‘question’ from ‘noyes’
# 1541|   	char *result;
# 1542|   	console_cursor_show();
# 1543|-> 	result = safe_fgets(s, size, stdin);
# 1544|   	console_cursor_hide();
# 1545|   	return result;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def773]
pacman-v7.0.0/src/pacman/util.c:1575:17: warning[-Wanalyzer-malloc-leak]: leak of ‘response’
pacman-v7.0.0/src/pacman/util.c:1561:20: acquire_memory: allocated here
pacman-v7.0.0/src/pacman/util.c:1562:11: branch_false: following ‘false’ branch (when ‘response’ is non-NULL)...
pacman-v7.0.0/src/pacman/util.c:1565:9: branch_false: ...to here
pacman-v7.0.0/src/pacman/util.c:1575:17: danger: ‘response’ leaks here; was allocated at [(1)](sarif:/runs/0/results/11/codeFlows/0/threadFlows/0/locations/0)
# 1573|   		fprintf(stream, _("Enter a selection (default=all)"));
# 1574|   		fprintf(stream, ": ");
# 1575|-> 		fflush(stream);
# 1576|   
# 1577|   		if(config->noconfirm) {

Error: GCC_ANALYZER_WARNING (CWE-404): [#def774]
pacman-v7.0.0/src/pacman/util.c:1717:9: warning[-Wanalyzer-va-list-leak]: missing call to ‘va_end’
pacman-v7.0.0/src/pacman/util.c:1772:5: enter_function: entry to ‘noyes’
pacman-v7.0.0/src/pacman/util.c:1777:9: acquire_resource: ‘va_start’ called here
pacman-v7.0.0/src/pacman/util.c:1778:15: call_function: calling ‘question’ from ‘noyes’
# 1715|   
# 1716|   	/* ensure all text makes it to the screen before we prompt the user */
# 1717|-> 	fflush(stdout);
# 1718|   	fflush(stderr);
# 1719|   

Error: GCC_ANALYZER_WARNING (CWE-404): [#def775]
pacman-v7.0.0/src/pacman/util.c:1718:9: warning[-Wanalyzer-va-list-leak]: missing call to ‘va_end’
pacman-v7.0.0/src/pacman/util.c:1772:5: enter_function: entry to ‘noyes’
pacman-v7.0.0/src/pacman/util.c:1777:9: acquire_resource: ‘va_start’ called here
pacman-v7.0.0/src/pacman/util.c:1778:15: call_function: calling ‘question’ from ‘noyes’
# 1716|   	/* ensure all text makes it to the screen before we prompt the user */
# 1717|   	fflush(stdout);
# 1718|-> 	fflush(stderr);
# 1719|   
# 1720|   	fputs(config->colstr.colon, stream);

Error: GCC_ANALYZER_WARNING (CWE-404): [#def776]
pacman-v7.0.0/src/pacman/util.c:1730:9: warning[-Wanalyzer-va-list-leak]: missing call to ‘va_end’
pacman-v7.0.0/src/pacman/util.c:1772:5: enter_function: entry to ‘noyes’
pacman-v7.0.0/src/pacman/util.c:1777:9: acquire_resource: ‘va_start’ called here
pacman-v7.0.0/src/pacman/util.c:1778:15: call_function: calling ‘question’ from ‘noyes’
# 1728|   
# 1729|   	fputs(config->colstr.nocolor, stream);
# 1730|-> 	fflush(stream);
# 1731|   
# 1732|   	if(config->noconfirm) {

Error: GCC_ANALYZER_WARNING (CWE-404): [#def777]
pacman-v7.0.0/src/pacman/util.c:1740:30: warning[-Wanalyzer-va-list-leak]: missing call to ‘va_end’
pacman-v7.0.0/src/pacman/util.c:1772:5: enter_function: entry to ‘noyes’
pacman-v7.0.0/src/pacman/util.c:1777:9: acquire_resource: ‘va_start’ called here
pacman-v7.0.0/src/pacman/util.c:1778:15: call_function: calling ‘question’ from ‘noyes’
# 1738|   
# 1739|   	if(safe_fgets_stdin(response, sizeof(response))) {
# 1740|-> 		size_t len = strtrim(response);
# 1741|   		if(len == 0) {
# 1742|   			return preset;