Error: CPPCHECK_WARNING (CWE-457): [#def1] postgresql-18.0/postgresql-17.6/contrib/pgcrypto/pgp-pgsql.c:403: error[uninitvar]: Uninitialized variable: tmp # 401| * reserve room for header # 402| */ # 403|-> mbuf_append(dst, tmp, VARHDRSZ); # 404| # 405| /* Error: CPPCHECK_WARNING (CWE-457): [#def2] postgresql-18.0/postgresql-17.6/contrib/pgcrypto/pgp-pgsql.c:482: error[uninitvar]: Uninitialized variable: tmp # 480| * reserve room for header # 481| */ # 482|-> mbuf_append(dst, tmp, VARHDRSZ); # 483| # 484| /* Error: GCC_ANALYZER_WARNING (CWE-404): [#def3] postgresql-18.0/postgresql-17.6/contrib/pgcrypto/px.c:158:17: warning[-Wanalyzer-va-list-leak]: missing call to ‘va_end’ postgresql-18.0/postgresql-17.6/contrib/pgcrypto/px.c:153:9: acquire_resource: ‘va_start’ called here postgresql-18.0/postgresql-17.6/contrib/pgcrypto/px.c:154:12: branch_true: following ‘true’ branch... postgresql-18.0/postgresql-17.6/contrib/pgcrypto/px.c:158:17: branch_true: ...to here postgresql-18.0/postgresql-17.6/contrib/pgcrypto/px.c:158:17: danger: missing call to ‘va_end’ to match ‘va_start’ at [(1)](sarif:/runs/0/results/0/codeFlows/0/threadFlows/0/locations/0) # 156| char buf[512]; # 157| # 158|-> vsnprintf(buf, sizeof(buf), fmt, ap); # 159| debug_handler(buf); # 160| } Error: GCC_ANALYZER_WARNING (CWE-775): [#def4] postgresql-18.0/postgresql-17.6/src/bin/pg_upgrade/check.c:1776:33: warning[-Wanalyzer-file-leak]: leak of FILE ‘script’ postgresql-18.0/postgresql-17.6/src/bin/pg_upgrade/check.c:1741:25: branch_true: following ‘true’ branch... postgresql-18.0/postgresql-17.6/src/bin/pg_upgrade/check.c:1750:42: branch_true: ...to here postgresql-18.0/postgresql-17.6/src/bin/pg_upgrade/check.c:1769:33: branch_true: following ‘true’ branch... postgresql-18.0/postgresql-17.6/src/bin/pg_upgrade/check.c:1771:28: branch_true: ...to here postgresql-18.0/postgresql-17.6/src/bin/pg_upgrade/check.c:1771:28: branch_true: following ‘true’ branch (when ‘script’ is NULL)... postgresql-18.0/postgresql-17.6/src/bin/pg_upgrade/check.c:1772:43: branch_true: ...to here postgresql-18.0/postgresql-17.6/src/bin/pg_upgrade/check.c:1772:43: acquire_resource: opened here postgresql-18.0/postgresql-17.6/src/bin/pg_upgrade/check.c:1771:29: branch_false: following ‘false’ branch... postgresql-18.0/postgresql-17.6/src/bin/pg_upgrade/check.c:1774:28: branch_false: ...to here postgresql-18.0/postgresql-17.6/src/bin/pg_upgrade/check.c:1774:28: branch_false: following ‘false’ branch (when ‘db_used == 0’)... postgresql-18.0/postgresql-17.6/src/bin/pg_upgrade/check.c:1776:33: branch_false: ...to here postgresql-18.0/postgresql-17.6/src/bin/pg_upgrade/check.c:1776:33: danger: ‘script’ leaks here; was opened at [(7)](sarif:/runs/0/results/22/codeFlows/0/threadFlows/0/locations/6) # 1774| if (!db_used) # 1775| { # 1776|-> fprintf(script, "In database: %s\n", active_db->db_name); # 1777| db_used = true; # 1778| } Error: GCC_ANALYZER_WARNING (CWE-401): [#def5] postgresql-18.0/postgresql-17.6/src/bin/pg_upgrade/check.c:1776:33: warning[-Wanalyzer-malloc-leak]: leak of ‘script’ postgresql-18.0/postgresql-17.6/src/bin/pg_upgrade/check.c:1741:25: branch_true: following ‘true’ branch... postgresql-18.0/postgresql-17.6/src/bin/pg_upgrade/check.c:1750:42: branch_true: ...to here postgresql-18.0/postgresql-17.6/src/bin/pg_upgrade/check.c:1769:33: branch_true: following ‘true’ branch... postgresql-18.0/postgresql-17.6/src/bin/pg_upgrade/check.c:1771:28: branch_true: ...to here postgresql-18.0/postgresql-17.6/src/bin/pg_upgrade/check.c:1771:28: branch_true: following ‘true’ branch (when ‘script’ is NULL)... postgresql-18.0/postgresql-17.6/src/bin/pg_upgrade/check.c:1772:43: branch_true: ...to here postgresql-18.0/postgresql-17.6/src/bin/pg_upgrade/check.c:1772:43: acquire_memory: allocated here postgresql-18.0/postgresql-17.6/src/bin/pg_upgrade/check.c:1771:29: branch_false: following ‘false’ branch... postgresql-18.0/postgresql-17.6/src/bin/pg_upgrade/check.c:1774:28: branch_false: ...to here postgresql-18.0/postgresql-17.6/src/bin/pg_upgrade/check.c:1774:28: branch_false: following ‘false’ branch (when ‘db_used == 0’)... postgresql-18.0/postgresql-17.6/src/bin/pg_upgrade/check.c:1776:33: branch_false: ...to here postgresql-18.0/postgresql-17.6/src/bin/pg_upgrade/check.c:1776:33: danger: ‘script’ leaks here; was allocated at [(7)](sarif:/runs/0/results/23/codeFlows/0/threadFlows/0/locations/6) # 1774| if (!db_used) # 1775| { # 1776|-> fprintf(script, "In database: %s\n", active_db->db_name); # 1777| db_used = true; # 1778| } Error: GCC_ANALYZER_WARNING (CWE-476): [#def6] postgresql-18.0/src/backend/optimizer/plan/planner.c:8266:17: warning[-Wanalyzer-null-dereference]: dereference of NULL ‘ct’ postgresql-18.0/src/backend/optimizer/plan/planner.c:8240:1: enter_function: entry to ‘generate_setop_child_grouplist’ postgresql-18.0/src/backend/optimizer/plan/planner.c:8247:14: call_function: inlined call to ‘list_head’ from ‘generate_setop_child_grouplist’ postgresql-18.0/src/backend/optimizer/plan/planner.c:8248:14: call_function: inlined call to ‘list_head’ from ‘generate_setop_child_grouplist’ postgresql-18.0/src/backend/optimizer/plan/planner.c:8249:9: branch_false: ...to here postgresql-18.0/src/backend/optimizer/plan/planner.c:8249:9: branch_true: following ‘true’ branch... postgresql-18.0/src/backend/optimizer/plan/planner.c:8256:20: branch_false: following ‘false’ branch... postgresql-18.0/src/backend/optimizer/plan/planner.c:8265:17: branch_false: ...to here postgresql-18.0/src/backend/optimizer/plan/planner.c:8266:17: danger: dereference of NULL ‘ct’ # 8264| Assert(ct != NULL); # 8265| sgc = (SortGroupClause *) lfirst(lg); # 8266|-> coltype = lfirst_oid(ct); # 8267| # 8268| /* reject if target type isn't the same as the setop target type */ Error: CPPCHECK_WARNING (CWE-768): [#def7] postgresql-18.0/src/backend/parser/parse_utilcmd.c:1296: error[unknownEvaluationOrder]: Expression 'T_List,(union ListCell){.ptr_value=(makeString(cxt->relation->schemaname))},(union ListCell){.ptr_value=(makeString(cxt->relation->relname))}' depends on order of evaluation of side effects # 1294| # 1295| stmt->objtype = OBJECT_TABCONSTRAINT; # 1296|-> stmt->object = (Node *) list_make3(makeString(cxt->relation->schemaname), # 1297| makeString(cxt->relation->relname), # 1298| makeString(nnconstr->conname)); Error: CPPCHECK_WARNING (CWE-768): [#def8] postgresql-18.0/src/backend/parser/parse_utilcmd.c:1296: error[unknownEvaluationOrder]: Expression 'T_List,(union ListCell){.ptr_value=(makeString(cxt->relation->schemaname))},(union ListCell){.ptr_value=(makeString(cxt->relation->relname))},(union ListCell){.ptr_value=(makeString(nnconstr->conname))}' depends on order of evaluation of side effects # 1294| # 1295| stmt->objtype = OBJECT_TABCONSTRAINT; # 1296|-> stmt->object = (Node *) list_make3(makeString(cxt->relation->schemaname), # 1297| makeString(cxt->relation->relname), # 1298| makeString(nnconstr->conname)); Error: GCC_ANALYZER_WARNING (CWE-476): [#def9] postgresql-18.0/src/backend/utils/adt/mcxtfuncs.c:146:17: warning[-Wanalyzer-null-dereference]: dereference of NULL ‘context’ postgresql-18.0/src/backend/utils/adt/mcxtfuncs.c:90:43: branch_false: following ‘false’ branch... postgresql-18.0/src/backend/utils/adt/mcxtfuncs.c:103:9: branch_false: ...to here postgresql-18.0/src/backend/utils/adt/mcxtfuncs.c:127:12: branch_false: following ‘false’ branch (when ‘ident’ is NULL)... postgresql-18.0/src/backend/utils/adt/mcxtfuncs.c:144:17: branch_false: ...to here postgresql-18.0/src/backend/utils/adt/mcxtfuncs.c:146:17: danger: dereference of NULL ‘context’ # 144| nulls[1] = true; # 145| # 146|-> switch (context->type) # 147| { # 148| case T_AllocSetContext: Error: GCC_ANALYZER_WARNING (CWE-401): [#def10] postgresql-18.0/src/bin/pg_dump/compress_lz4.c:740:17: warning[-Wanalyzer-malloc-leak]: leak of ‘fdopen(dup(fd), mode)’ postgresql-18.0/src/bin/pg_dump/compress_lz4.c:739:12: branch_true: following ‘true’ branch (when ‘fd >= 0’)... postgresql-18.0/src/bin/pg_dump/compress_lz4.c:740:29: branch_true: ...to here postgresql-18.0/src/bin/pg_dump/compress_lz4.c:740:29: acquire_memory: allocated here postgresql-18.0/src/bin/pg_dump/compress_lz4.c:740:17: danger: ‘fdopen(dup(fd), mode)’ leaks here; was allocated at [(3)](sarif:/runs/0/results/0/codeFlows/0/threadFlows/0/locations/2) # 738| # 739| if (fd >= 0) # 740|-> state->fp = fdopen(dup(fd), mode); # 741| else # 742| state->fp = fopen(path, mode); Error: GCC_ANALYZER_WARNING (CWE-404): [#def11] postgresql-18.0/src/bin/pg_dump/pg_backup_archiver.c:1773:23: warning[-Wanalyzer-va-list-leak]: missing call to ‘va_end’ postgresql-18.0/src/bin/pg_dump/pg_backup_archiver.c:4292:1: enter_function: entry to ‘dumpTimestamp’ postgresql-18.0/src/bin/pg_dump/pg_backup_archiver.c:4296:12: branch_true: following ‘true’ branch... postgresql-18.0/src/bin/pg_dump/pg_backup_archiver.c:4297:17: branch_true: ...to here postgresql-18.0/src/bin/pg_dump/pg_backup_archiver.c:4297:17: call_function: calling ‘ahprintf’ from ‘dumpTimestamp’ # 1771| errno = save_errno; # 1772| va_start(args, fmt); # 1773|-> cnt = pvsnprintf(p, len, fmt, args); # 1774| va_end(args); # 1775| Error: GCC_ANALYZER_WARNING (CWE-404): [#def12] postgresql-18.0/src/bin/pg_dump/pg_backup_archiver.c:1934:9: warning[-Wanalyzer-va-list-leak]: missing call to ‘va_end’ postgresql-18.0/src/bin/pg_dump/pg_backup_archiver.c:3579:1: enter_function: entry to ‘_selectOutputSchema’ postgresql-18.0/src/bin/pg_dump/pg_backup_archiver.c:3610:25: call_function: calling ‘warn_or_exit_horribly’ from ‘_selectOutputSchema’ # 1932| # 1933| va_start(ap, fmt); # 1934|-> pg_log_generic_v(PG_LOG_ERROR, PG_LOG_PRIMARY, fmt, ap); # 1935| va_end(ap); # 1936| Error: CPPCHECK_WARNING (CWE-457): [#def13] postgresql-18.0/src/bin/psql/tab-complete.in.c:2624: warning[uninitvar]: Uninitialized variable: argarray # 2622| /* ALTER VIEW xxx ALTER [ COLUMN ] yyy */ # 2623| else if (Matches("ALTER", "VIEW", MatchAny, "ALTER", MatchAny) || # 2624|-> Matches("ALTER", "VIEW", MatchAny, "ALTER", "COLUMN", MatchAny)) # 2625| COMPLETE_WITH("SET DEFAULT", "DROP DEFAULT"); # 2626| /* ALTER VIEW xxx RENAME yyy */ Error: CPPCHECK_WARNING (CWE-457): [#def14] postgresql-18.0/src/bin/psql/tab-complete.in.c:2712: warning[uninitvar]: Uninitialized variable: argarray # 2710| COMPLETE_WITH("RENAME TO"); # 2711| # 2712|-> /* ALTER STATISTICS <name> */ # 2713| else if (Matches("ALTER", "STATISTICS", MatchAny)) # 2714| COMPLETE_WITH("OWNER TO", "RENAME TO", "SET SCHEMA", "SET STATISTICS"); Error: GCC_ANALYZER_WARNING (CWE-401): [#def15] postgresql-18.0/src/common/cryptohash_openssl.c:148:9: warning[-Wanalyzer-malloc-leak]: leak of ‘ctx’ postgresql-18.0/src/common/cryptohash_openssl.c:135:15: acquire_memory: allocated here postgresql-18.0/src/common/cryptohash_openssl.c:136:12: branch_false: following ‘false’ branch (when ‘ctx’ is non-NULL)... postgresql-18.0/src/common/cryptohash_openssl.c:138:9: branch_false: ...to here postgresql-18.0/src/common/cryptohash_openssl.c:148:9: danger: ‘ctx’ leaks here; was allocated at [(1)](sarif:/runs/0/results/0/codeFlows/0/threadFlows/0/locations/0) # 146| * previous runs. # 147| */ # 148|-> ERR_clear_error(); # 149| ctx->evpctx = EVP_MD_CTX_create(); # 150| Error: GCC_ANALYZER_WARNING (CWE-401): [#def16] postgresql-18.0/src/common/hmac_openssl.c:136:9: warning[-Wanalyzer-malloc-leak]: leak of ‘ctx’ postgresql-18.0/src/common/hmac_openssl.c:121:15: acquire_memory: allocated here postgresql-18.0/src/common/hmac_openssl.c:122:12: branch_false: following ‘false’ branch (when ‘ctx’ is non-NULL)... postgresql-18.0/src/common/hmac_openssl.c:124:9: branch_false: ...to here postgresql-18.0/src/common/hmac_openssl.c:136:9: danger: ‘ctx’ leaks here; was allocated at [(1)](sarif:/runs/0/results/0/codeFlows/0/threadFlows/0/locations/0) # 134| * previous runs. # 135| */ # 136|-> ERR_clear_error(); # 137| # 138| #ifdef USE_RESOWNER_FOR_HMAC Error: GCC_ANALYZER_WARNING (CWE-401): [#def17] postgresql-18.0/src/common/hmac_openssl.c:142:24: warning[-Wanalyzer-malloc-leak]: leak of ‘ctx’ postgresql-18.0/src/common/hmac_openssl.c:121:15: acquire_memory: allocated here postgresql-18.0/src/common/hmac_openssl.c:122:12: branch_false: following ‘false’ branch (when ‘ctx’ is non-NULL)... postgresql-18.0/src/common/hmac_openssl.c:124:9: branch_false: ...to here postgresql-18.0/src/common/hmac_openssl.c:142:24: danger: ‘ctx’ leaks here; was allocated at [(1)](sarif:/runs/0/results/1/codeFlows/0/threadFlows/0/locations/0) # 140| #endif # 141| # 142|-> ctx->hmacctx = HMAC_CTX_new(); # 143| # 144| if (ctx->hmacctx == NULL) Error: GCC_ANALYZER_WARNING (CWE-401): [#def18] postgresql-18.0/src/interfaces/libpq/fe-auth-scram.c:509:37: warning[-Wanalyzer-malloc-leak]: leak of ‘cbind_input’ postgresql-18.0/src/interfaces/libpq/fe-auth-scram.c:474:12: branch_true: following ‘true’ branch (when the strings are equal)... postgresql-18.0/src/interfaces/libpq/fe-auth-scram.c:478:33: branch_true: ...to here postgresql-18.0/src/interfaces/libpq/fe-auth-scram.c:488:20: branch_false: following ‘false’ branch... postgresql-18.0/src/interfaces/libpq/fe-auth-scram.c:495:17: branch_false: ...to here postgresql-18.0/src/interfaces/libpq/fe-auth-scram.c:500:31: acquire_memory: allocated here postgresql-18.0/src/interfaces/libpq/fe-auth-scram.c:501:20: branch_false: following ‘false’ branch (when ‘cbind_input’ is non-NULL)... postgresql-18.0/src/interfaces/libpq/fe-auth-scram.c:506:17: branch_false: ...to here postgresql-18.0/src/interfaces/libpq/fe-auth-scram.c:509:37: danger: ‘cbind_input’ leaks here; was allocated at [(5)](sarif:/runs/0/results/3/codeFlows/0/threadFlows/0/locations/4) # 507| memcpy(cbind_input + cbind_header_len, cbind_data, cbind_data_len); # 508| # 509|-> encoded_cbind_len = pg_b64_enc_len(cbind_input_len); # 510| if (!enlargePQExpBuffer(&buf, encoded_cbind_len)) # 511| { Error: GCC_ANALYZER_WARNING (CWE-401): [#def19] postgresql-18.0/src/interfaces/libpq/fe-auth-scram.c:510:22: warning[-Wanalyzer-malloc-leak]: leak of ‘cbind_input’ postgresql-18.0/src/interfaces/libpq/fe-auth-scram.c:474:12: branch_true: following ‘true’ branch (when the strings are equal)... postgresql-18.0/src/interfaces/libpq/fe-auth-scram.c:478:33: branch_true: ...to here postgresql-18.0/src/interfaces/libpq/fe-auth-scram.c:488:20: branch_false: following ‘false’ branch... postgresql-18.0/src/interfaces/libpq/fe-auth-scram.c:495:17: branch_false: ...to here postgresql-18.0/src/interfaces/libpq/fe-auth-scram.c:500:31: acquire_memory: allocated here postgresql-18.0/src/interfaces/libpq/fe-auth-scram.c:501:20: branch_false: following ‘false’ branch (when ‘cbind_input’ is non-NULL)... postgresql-18.0/src/interfaces/libpq/fe-auth-scram.c:506:17: branch_false: ...to here postgresql-18.0/src/interfaces/libpq/fe-auth-scram.c:510:22: danger: ‘cbind_input’ leaks here; was allocated at [(5)](sarif:/runs/0/results/4/codeFlows/0/threadFlows/0/locations/4) # 508| # 509| encoded_cbind_len = pg_b64_enc_len(cbind_input_len); # 510|-> if (!enlargePQExpBuffer(&buf, encoded_cbind_len)) # 511| { # 512| free(cbind_data); Error: GCC_ANALYZER_WARNING (CWE-401): [#def20] postgresql-18.0/src/interfaces/libpq/fe-auth-scram.c:516:37: warning[-Wanalyzer-malloc-leak]: leak of ‘cbind_input’ postgresql-18.0/src/interfaces/libpq/fe-auth-scram.c:474:12: branch_true: following ‘true’ branch (when the strings are equal)... postgresql-18.0/src/interfaces/libpq/fe-auth-scram.c:478:33: branch_true: ...to here postgresql-18.0/src/interfaces/libpq/fe-auth-scram.c:488:20: branch_false: following ‘false’ branch... postgresql-18.0/src/interfaces/libpq/fe-auth-scram.c:495:17: branch_false: ...to here postgresql-18.0/src/interfaces/libpq/fe-auth-scram.c:500:31: acquire_memory: allocated here postgresql-18.0/src/interfaces/libpq/fe-auth-scram.c:501:20: branch_false: following ‘false’ branch (when ‘cbind_input’ is non-NULL)... postgresql-18.0/src/interfaces/libpq/fe-auth-scram.c:506:17: branch_false: ...to here postgresql-18.0/src/interfaces/libpq/fe-auth-scram.c:510:20: branch_false: following ‘false’ branch... postgresql-18.0/src/interfaces/libpq/fe-auth-scram.c:517:83: branch_false: ...to here postgresql-18.0/src/interfaces/libpq/fe-auth-scram.c:516:37: danger: ‘cbind_input’ leaks here; was allocated at [(5)](sarif:/runs/0/results/5/codeFlows/0/threadFlows/0/locations/4) # 514| goto oom_error; # 515| } # 516|-> encoded_cbind_len = pg_b64_encode((uint8 *) cbind_input, cbind_input_len, # 517| buf.data + buf.len, # 518| encoded_cbind_len); Error: GCC_ANALYZER_WARNING (CWE-401): [#def21] postgresql-18.0/src/interfaces/libpq/fe-auth.c:832:38: warning[-Wanalyzer-malloc-leak]: leak of ‘crypt_pwd’ postgresql-18.0/src/interfaces/libpq/fe-auth.c:806:20: branch_false: following ‘false’ branch... postgresql-18.0/src/interfaces/libpq/fe-auth.c:811:13: branch_false: ...to here postgresql-18.0/src/interfaces/libpq/fe-auth.c:824:45: acquire_memory: allocated here postgresql-18.0/src/interfaces/libpq/fe-auth.c:825:36: branch_false: following ‘false’ branch (when ‘crypt_pwd’ is non-NULL)... postgresql-18.0/src/interfaces/libpq/fe-auth.c:831:33: branch_false: ...to here postgresql-18.0/src/interfaces/libpq/fe-auth.c:832:38: danger: ‘crypt_pwd’ leaks here; was allocated at [(5)](sarif:/runs/0/results/2/codeFlows/0/threadFlows/0/locations/4) # 830| # 831| crypt_pwd2 = crypt_pwd + MD5_PASSWD_LEN + 1; # 832|-> if (!pg_md5_encrypt(password, (uint8 *) conn->pguser, # 833| strlen(conn->pguser), crypt_pwd2, # 834| &errstr)) Error: GCC_ANALYZER_WARNING (CWE-401): [#def22] postgresql-18.0/src/interfaces/libpq/fe-auth.c:1372:14: warning[-Wanalyzer-malloc-leak]: leak of ‘crypt_pwd’ postgresql-18.0/src/interfaces/libpq/fe-auth.c:1368:21: acquire_memory: allocated here postgresql-18.0/src/interfaces/libpq/fe-auth.c:1369:12: branch_false: following ‘false’ branch (when ‘crypt_pwd’ is non-NULL)... postgresql-18.0/src/interfaces/libpq/fe-auth.c:1372:14: branch_false: ...to here postgresql-18.0/src/interfaces/libpq/fe-auth.c:1372:14: danger: ‘crypt_pwd’ leaks here; was allocated at [(1)](sarif:/runs/0/results/3/codeFlows/0/threadFlows/0/locations/0) # 1370| return NULL; # 1371| # 1372|-> if (!pg_md5_encrypt(passwd, (uint8 *) user, strlen(user), crypt_pwd, &errstr)) # 1373| { # 1374| free(crypt_pwd); Error: GCC_ANALYZER_WARNING (CWE-401): [#def23] postgresql-18.0/src/interfaces/libpq/fe-auth.c:1485:30: warning[-Wanalyzer-malloc-leak]: leak of ‘crypt_pwd’ postgresql-18.0/src/interfaces/libpq/fe-auth.c:1413:12: branch_false: following ‘false’ branch (when ‘conn’ is non-NULL)... postgresql-18.0/src/interfaces/libpq/fe-auth.c:1416:9: branch_false: ...to here postgresql-18.0/src/interfaces/libpq/fe-auth.c:1419:12: branch_false: following ‘false’ branch (when ‘algorithm’ is non-NULL)... postgresql-18.0/src/interfaces/libpq/fe-auth.c:1461:13: branch_false: ...to here postgresql-18.0/src/interfaces/libpq/fe-auth.c:1468:12: branch_false: following ‘false’ branch (when the strings are non-equal)... postgresql-18.0/src/interfaces/libpq/fe-auth.c:1478:18: branch_false: ...to here postgresql-18.0/src/interfaces/libpq/fe-auth.c:1478:17: branch_true: following ‘true’ branch (when the strings are equal)... postgresql-18.0/src/interfaces/libpq/fe-auth.c:1480:29: branch_true: ...to here postgresql-18.0/src/interfaces/libpq/fe-auth.c:1480:29: acquire_memory: allocated here postgresql-18.0/src/interfaces/libpq/fe-auth.c:1481:20: branch_true: following ‘true’ branch (when ‘crypt_pwd’ is non-NULL)... postgresql-18.0/src/interfaces/libpq/fe-auth.c:1483:37: branch_true: ...to here postgresql-18.0/src/interfaces/libpq/fe-auth.c:1485:30: danger: ‘crypt_pwd’ leaks here; was allocated at [(9)](sarif:/runs/0/results/4/codeFlows/0/threadFlows/0/locations/8) # 1483| const char *errstr = NULL; # 1484| # 1485|-> if (!pg_md5_encrypt(passwd, (uint8 *) user, strlen(user), crypt_pwd, &errstr)) # 1486| { # 1487| libpq_append_conn_error(conn, "could not encrypt password: %s", errstr); Error: GCC_ANALYZER_WARNING (CWE-401): [#def24] postgresql-18.0/src/interfaces/libpq/fe-secure-common.c:63:13: warning[-Wanalyzer-malloc-leak]: leak of ‘name’ postgresql-18.0/src/interfaces/libpq/fe-secure-common.c:87:1: enter_function: entry to ‘pq_verify_peer_name_matches_certificate_name’ postgresql-18.0/src/interfaces/libpq/fe-secure-common.c:97:12: branch_false: following ‘false’ branch... postgresql-18.0/src/interfaces/libpq/fe-secure-common.c:107:16: acquire_memory: allocated here postgresql-18.0/src/interfaces/libpq/fe-secure-common.c:108:12: branch_false: following ‘false’ branch (when ‘name’ is non-NULL)... postgresql-18.0/src/interfaces/libpq/fe-secure-common.c:113:9: branch_false: ...to here postgresql-18.0/src/interfaces/libpq/fe-secure-common.c:120:12: branch_false: following ‘false’ branch... postgresql-18.0/src/interfaces/libpq/fe-secure-common.c:127:13: branch_false: ...to here postgresql-18.0/src/interfaces/libpq/fe-secure-common.c:127:12: branch_false: following ‘false’ branch... postgresql-18.0/src/interfaces/libpq/fe-secure-common.c:132:18: branch_false: ...to here postgresql-18.0/src/interfaces/libpq/fe-secure-common.c:132:18: call_function: calling ‘wildcard_certificate_match’ from ‘pq_verify_peer_name_matches_certificate_name’ # 61| * If string does not end in pattern (minus the wildcard), we don't match # 62| */ # 63|-> if (pg_strcasecmp(pattern + 1, string + lenstr - lenpat + 1) != 0) # 64| return false; # 65| Error: GCC_ANALYZER_WARNING (CWE-401): [#def25] postgresql-18.0/src/interfaces/libpq/fe-secure-common.c:127:13: warning[-Wanalyzer-malloc-leak]: leak of ‘name’ postgresql-18.0/src/interfaces/libpq/fe-secure-common.c:97:12: branch_false: following ‘false’ branch... postgresql-18.0/src/interfaces/libpq/fe-secure-common.c:107:16: acquire_memory: allocated here postgresql-18.0/src/interfaces/libpq/fe-secure-common.c:108:12: branch_false: following ‘false’ branch (when ‘name’ is non-NULL)... postgresql-18.0/src/interfaces/libpq/fe-secure-common.c:113:9: branch_false: ...to here postgresql-18.0/src/interfaces/libpq/fe-secure-common.c:120:12: branch_false: following ‘false’ branch... postgresql-18.0/src/interfaces/libpq/fe-secure-common.c:127:13: branch_false: ...to here postgresql-18.0/src/interfaces/libpq/fe-secure-common.c:127:13: danger: ‘name’ leaks here; was allocated at [(3)](sarif:/runs/0/results/1/codeFlows/0/threadFlows/0/locations/2) # 125| } # 126| # 127|-> if (pg_strcasecmp(name, host) == 0) # 128| { # 129| /* Exact name match */ Error: GCC_ANALYZER_WARNING (CWE-401): [#def26] postgresql-18.0/src/interfaces/libpq/fe-secure-openssl.c:1564:17: warning[-Wanalyzer-malloc-leak]: leak of ‘errbuf’ postgresql-18.0/src/interfaces/libpq/fe-secure-openssl.c:1559:18: acquire_memory: allocated here postgresql-18.0/src/interfaces/libpq/fe-secure-openssl.c:1560:12: branch_false: following ‘false’ branch (when ‘errbuf’ is non-NULL)... postgresql-18.0/src/interfaces/libpq/fe-secure-openssl.c:1562:12: branch_false: ...to here postgresql-18.0/src/interfaces/libpq/fe-secure-openssl.c:1562:12: branch_true: following ‘true’ branch (when ‘ecode == 0’)... postgresql-18.0/src/interfaces/libpq/fe-secure-openssl.c:1564:47: branch_true: ...to here postgresql-18.0/src/interfaces/libpq/fe-secure-openssl.c:1564:17: danger: ‘errbuf’ leaks here; was allocated at [(1)](sarif:/runs/0/results/0/codeFlows/0/threadFlows/0/locations/0) # 1562| if (ecode == 0) # 1563| { # 1564|-> snprintf(errbuf, SSL_ERR_LEN, libpq_gettext("no SSL error reported")); # 1565| return errbuf; # 1566| } Error: GCC_ANALYZER_WARNING (CWE-401): [#def27] postgresql-18.0/src/interfaces/libpq/fe-secure-openssl.c:1564:47: warning[-Wanalyzer-malloc-leak]: leak of ‘errbuf’ postgresql-18.0/src/interfaces/libpq/fe-secure-openssl.c:1559:18: acquire_memory: allocated here postgresql-18.0/src/interfaces/libpq/fe-secure-openssl.c:1560:12: branch_false: following ‘false’ branch (when ‘errbuf’ is non-NULL)... postgresql-18.0/src/interfaces/libpq/fe-secure-openssl.c:1562:12: branch_false: ...to here postgresql-18.0/src/interfaces/libpq/fe-secure-openssl.c:1562:12: branch_true: following ‘true’ branch (when ‘ecode == 0’)... postgresql-18.0/src/interfaces/libpq/fe-secure-openssl.c:1564:47: branch_true: ...to here postgresql-18.0/src/interfaces/libpq/fe-secure-openssl.c:1564:47: danger: ‘errbuf’ leaks here; was allocated at [(1)](sarif:/runs/0/results/1/codeFlows/0/threadFlows/0/locations/0) # 1562| if (ecode == 0) # 1563| { # 1564|-> snprintf(errbuf, SSL_ERR_LEN, libpq_gettext("no SSL error reported")); # 1565| return errbuf; # 1566| } Error: GCC_ANALYZER_WARNING (CWE-401): [#def28] postgresql-18.0/src/interfaces/libpq/fe-secure-openssl.c:1567:21: warning[-Wanalyzer-malloc-leak]: leak of ‘errbuf’ postgresql-18.0/src/interfaces/libpq/fe-secure-openssl.c:1559:18: acquire_memory: allocated here postgresql-18.0/src/interfaces/libpq/fe-secure-openssl.c:1560:12: branch_false: following ‘false’ branch (when ‘errbuf’ is non-NULL)... postgresql-18.0/src/interfaces/libpq/fe-secure-openssl.c:1562:12: branch_false: ...to here postgresql-18.0/src/interfaces/libpq/fe-secure-openssl.c:1562:12: branch_false: following ‘false’ branch (when ‘ecode != 0’)... postgresql-18.0/src/interfaces/libpq/fe-secure-openssl.c:1567:21: branch_false: ...to here postgresql-18.0/src/interfaces/libpq/fe-secure-openssl.c:1567:21: danger: ‘errbuf’ leaks here; was allocated at [(1)](sarif:/runs/0/results/2/codeFlows/0/threadFlows/0/locations/0) # 1565| return errbuf; # 1566| } # 1567|-> errreason = ERR_reason_error_string(ecode); # 1568| if (errreason != NULL) # 1569| { Error: GCC_ANALYZER_WARNING (CWE-401): [#def29] postgresql-18.0/src/interfaces/libpq/fe-secure-openssl.c:1586:17: warning[-Wanalyzer-malloc-leak]: leak of ‘errbuf’ postgresql-18.0/src/interfaces/libpq/fe-secure-openssl.c:1554:1: enter_function: entry to ‘SSLerrmessage’ postgresql-18.0/src/interfaces/libpq/fe-secure-openssl.c:1559:18: acquire_memory: allocated here postgresql-18.0/src/interfaces/libpq/fe-secure-openssl.c:1560:12: branch_false: following ‘false’ branch (when ‘errbuf’ is non-NULL)... postgresql-18.0/src/interfaces/libpq/fe-secure-openssl.c:1562:12: branch_false: ...to here postgresql-18.0/src/interfaces/libpq/fe-secure-openssl.c:1562:12: branch_false: following ‘false’ branch (when ‘ecode != 0’)... postgresql-18.0/src/interfaces/libpq/fe-secure-openssl.c:1567:21: branch_false: ...to here postgresql-18.0/src/interfaces/libpq/fe-secure-openssl.c:1568:12: branch_false: following ‘false’ branch... postgresql-18.0/src/interfaces/libpq/fe-secure-openssl.c:1583:13: call_function: inlined call to ‘ERR_GET_LIB’ from ‘SSLerrmessage’ postgresql-18.0/src/interfaces/libpq/fe-secure-openssl.c:1583:12: branch_true: following ‘true’ branch... postgresql-18.0/src/interfaces/libpq/fe-secure-openssl.c:1584:17: call_function: inlined call to ‘ERR_GET_REASON’ from ‘SSLerrmessage’ postgresql-18.0/src/interfaces/libpq/fe-secure-openssl.c:1583:13: branch_true: following ‘true’ branch... postgresql-18.0/src/interfaces/libpq/fe-secure-openssl.c:1586:17: branch_true: ...to here postgresql-18.0/src/interfaces/libpq/fe-secure-openssl.c:1586:17: danger: ‘errbuf’ leaks here; was allocated at [(2)](sarif:/runs/0/results/3/codeFlows/0/threadFlows/0/locations/1) # 1584| ERR_GET_REASON(ecode) == SSL_AD_REASON_OFFSET + SSL_AD_NO_APPLICATION_PROTOCOL) # 1585| { # 1586|-> snprintf(errbuf, SSL_ERR_LEN, "no application protocol"); # 1587| return errbuf; # 1588| } Error: GCC_ANALYZER_WARNING (CWE-401): [#def30] postgresql-18.0/src/interfaces/libpq/fe-secure-openssl.c:1601:17: warning[-Wanalyzer-malloc-leak]: leak of ‘errbuf’ postgresql-18.0/src/interfaces/libpq/fe-secure-openssl.c:1554:1: enter_function: entry to ‘SSLerrmessage’ postgresql-18.0/src/interfaces/libpq/fe-secure-openssl.c:1559:18: acquire_memory: allocated here postgresql-18.0/src/interfaces/libpq/fe-secure-openssl.c:1560:12: branch_false: following ‘false’ branch (when ‘errbuf’ is non-NULL)... postgresql-18.0/src/interfaces/libpq/fe-secure-openssl.c:1562:12: branch_false: ...to here postgresql-18.0/src/interfaces/libpq/fe-secure-openssl.c:1562:12: branch_false: following ‘false’ branch (when ‘ecode != 0’)... postgresql-18.0/src/interfaces/libpq/fe-secure-openssl.c:1567:21: branch_false: ...to here postgresql-18.0/src/interfaces/libpq/fe-secure-openssl.c:1568:12: branch_false: following ‘false’ branch... postgresql-18.0/src/interfaces/libpq/fe-secure-openssl.c:1583:13: call_function: inlined call to ‘ERR_GET_LIB’ from ‘SSLerrmessage’ postgresql-18.0/src/interfaces/libpq/fe-secure-openssl.c:1599:12: branch_true: following ‘true’ branch... postgresql-18.0/src/interfaces/libpq/fe-secure-openssl.c:1601:17: call_function: inlined call to ‘ERR_GET_REASON’ from ‘SSLerrmessage’ postgresql-18.0/src/interfaces/libpq/fe-secure-openssl.c:1601:17: danger: ‘errbuf’ leaks here; was allocated at [(2)](sarif:/runs/0/results/4/codeFlows/0/threadFlows/0/locations/1) # 1599| if (ERR_SYSTEM_ERROR(ecode)) # 1600| { # 1601|-> strerror_r(ERR_GET_REASON(ecode), errbuf, SSL_ERR_LEN); # 1602| return errbuf; # 1603| } Error: GCC_ANALYZER_WARNING (CWE-401): [#def31] postgresql-18.0/src/interfaces/libpq/fe-secure-openssl.c:1607:9: warning[-Wanalyzer-malloc-leak]: leak of ‘errbuf’ postgresql-18.0/src/interfaces/libpq/fe-secure-openssl.c:1554:1: enter_function: entry to ‘SSLerrmessage’ postgresql-18.0/src/interfaces/libpq/fe-secure-openssl.c:1559:18: acquire_memory: allocated here postgresql-18.0/src/interfaces/libpq/fe-secure-openssl.c:1560:12: branch_false: following ‘false’ branch (when ‘errbuf’ is non-NULL)... postgresql-18.0/src/interfaces/libpq/fe-secure-openssl.c:1562:12: branch_false: ...to here postgresql-18.0/src/interfaces/libpq/fe-secure-openssl.c:1562:12: branch_false: following ‘false’ branch (when ‘ecode != 0’)... postgresql-18.0/src/interfaces/libpq/fe-secure-openssl.c:1567:21: branch_false: ...to here postgresql-18.0/src/interfaces/libpq/fe-secure-openssl.c:1568:12: branch_false: following ‘false’ branch... postgresql-18.0/src/interfaces/libpq/fe-secure-openssl.c:1583:13: call_function: inlined call to ‘ERR_GET_LIB’ from ‘SSLerrmessage’ postgresql-18.0/src/interfaces/libpq/fe-secure-openssl.c:1599:12: branch_false: following ‘false’ branch... postgresql-18.0/src/interfaces/libpq/fe-secure-openssl.c:1607:39: branch_false: ...to here postgresql-18.0/src/interfaces/libpq/fe-secure-openssl.c:1607:9: danger: ‘errbuf’ leaks here; was allocated at [(2)](sarif:/runs/0/results/5/codeFlows/0/threadFlows/0/locations/1) # 1605| # 1606| /* No choice but to report the numeric ecode */ # 1607|-> snprintf(errbuf, SSL_ERR_LEN, libpq_gettext("SSL error code %lu"), ecode); # 1608| return errbuf; # 1609| } Error: GCC_ANALYZER_WARNING (CWE-401): [#def32] postgresql-18.0/src/interfaces/libpq/fe-secure-openssl.c:1607:39: warning[-Wanalyzer-malloc-leak]: leak of ‘errbuf’ postgresql-18.0/src/interfaces/libpq/fe-secure-openssl.c:1554:1: enter_function: entry to ‘SSLerrmessage’ postgresql-18.0/src/interfaces/libpq/fe-secure-openssl.c:1559:18: acquire_memory: allocated here postgresql-18.0/src/interfaces/libpq/fe-secure-openssl.c:1560:12: branch_false: following ‘false’ branch (when ‘errbuf’ is non-NULL)... postgresql-18.0/src/interfaces/libpq/fe-secure-openssl.c:1562:12: branch_false: ...to here postgresql-18.0/src/interfaces/libpq/fe-secure-openssl.c:1562:12: branch_false: following ‘false’ branch (when ‘ecode != 0’)... postgresql-18.0/src/interfaces/libpq/fe-secure-openssl.c:1567:21: branch_false: ...to here postgresql-18.0/src/interfaces/libpq/fe-secure-openssl.c:1568:12: branch_false: following ‘false’ branch... postgresql-18.0/src/interfaces/libpq/fe-secure-openssl.c:1583:13: call_function: inlined call to ‘ERR_GET_LIB’ from ‘SSLerrmessage’ postgresql-18.0/src/interfaces/libpq/fe-secure-openssl.c:1599:12: branch_false: following ‘false’ branch... postgresql-18.0/src/interfaces/libpq/fe-secure-openssl.c:1607:39: branch_false: ...to here postgresql-18.0/src/interfaces/libpq/fe-secure-openssl.c:1607:39: danger: ‘errbuf’ leaks here; was allocated at [(2)](sarif:/runs/0/results/6/codeFlows/0/threadFlows/0/locations/1) # 1605| # 1606| /* No choice but to report the numeric ecode */ # 1607|-> snprintf(errbuf, SSL_ERR_LEN, libpq_gettext("SSL error code %lu"), ecode); # 1608| return errbuf; # 1609| }
| analyzer-version-clippy | 1.90.0 |
| analyzer-version-cppcheck | 2.18.3 |
| analyzer-version-gcc | 15.2.1 |
| analyzer-version-gcc-analyzer | 16.0.0 |
| analyzer-version-shellcheck | 0.11.0 |
| analyzer-version-unicontrol | 0.0.2 |
| diffbase-analyzer-version-clippy | 1.90.0 |
| diffbase-analyzer-version-cppcheck | 2.18.3 |
| diffbase-analyzer-version-gcc | 15.2.1 |
| diffbase-analyzer-version-gcc-analyzer | 16.0.0 |
| diffbase-analyzer-version-shellcheck | 0.11.0 |
| diffbase-analyzer-version-unicontrol | 0.0.2 |
| diffbase-enabled-plugins | clippy, cppcheck, gcc, shellcheck, unicontrol |
| diffbase-exit-code | 0 |
| diffbase-host | ip-172-16-1-96.us-west-2.compute.internal |
| diffbase-known-false-positives | /usr/share/csmock/known-false-positives.js |
| diffbase-known-false-positives-rpm | known-false-positives-0.0.0.20250521.132812.g8eff701.main-1.el9.noarch |
| diffbase-mock-config | fedora-rawhide-gcc-latest-x86_64 |
| diffbase-project-name | postgresql18-18beta1-4.fc43 |
| diffbase-store-results-to | /tmp/tmpdfdnhfjw/postgresql18-18beta1-4.fc43.tar.xz |
| diffbase-time-created | 2025-10-28 19:46:09 |
| diffbase-time-finished | 2025-10-28 20:17:46 |
| diffbase-tool | csmock |
| diffbase-tool-args | '/usr/bin/csmock' '-r' 'fedora-rawhide-gcc-latest-x86_64' '-t' 'gcc,cppcheck,shellcheck,clippy,unicontrol' '-o' '/tmp/tmpdfdnhfjw/postgresql18-18beta1-4.fc43.tar.xz' '--gcc-analyze' '--unicontrol-notests' '--unicontrol-bidi-only' '--install' 'pam' '--install=gcc-latest' '--gcc-analyzer-bin=/opt/gcc-latest/bin/gcc' '/tmp/tmpdfdnhfjw/postgresql18-18beta1-4.fc43.src.rpm' |
| diffbase-tool-version | csmock-3.8.3.20251027.143044.ge6b947b-1.el9 |
| enabled-plugins | clippy, cppcheck, gcc, shellcheck, unicontrol |
| exit-code | 0 |
| host | ip-172-16-1-96.us-west-2.compute.internal |
| known-false-positives | /usr/share/csmock/known-false-positives.js |
| known-false-positives-rpm | known-false-positives-0.0.0.20250521.132812.g8eff701.main-1.el9.noarch |
| mock-config | fedora-rawhide-gcc-latest-x86_64 |
| project-name | postgresql18-18.0-1.fc44 |
| store-results-to | /tmp/tmpcf6xl8i0/postgresql18-18.0-1.fc44.tar.xz |
| time-created | 2025-10-28 20:19:10 |
| time-finished | 2025-10-28 20:50:18 |
| title | Newly introduced findings |
| tool | csmock |
| tool-args | '/usr/bin/csmock' '-r' 'fedora-rawhide-gcc-latest-x86_64' '-t' 'gcc,cppcheck,shellcheck,clippy,unicontrol' '-o' '/tmp/tmpcf6xl8i0/postgresql18-18.0-1.fc44.tar.xz' '--gcc-analyze' '--unicontrol-notests' '--unicontrol-bidi-only' '--install' 'pam' '--install=gcc-latest' '--gcc-analyzer-bin=/opt/gcc-latest/bin/gcc' '/tmp/tmpcf6xl8i0/postgresql18-18.0-1.fc44.src.rpm' |
| tool-version | csmock-3.8.3.20251027.143044.ge6b947b-1.el9 |