sudo-1.9.17-6.p2.fc44

List of Findings

Error: GCC_ANALYZER_WARNING (CWE-401): [#def1]
sudo-1.9.17p2/lib/eventlog/parse_json.c:508:5: warning[-Wanalyzer-malloc-leak]: leak of 'item'
sudo-1.9.17p2/lib/eventlog/parse_json.c:499:17: acquire_memory: allocated here
sudo-1.9.17p2/lib/eventlog/parse_json.c:499:8: branch_false: following 'false' branch (when 'item' is non-NULL)...
sudo-1.9.17p2/lib/eventlog/parse_json.c:504:5: branch_false: ...to here
sudo-1.9.17p2/lib/eventlog/parse_json.c:508:5: danger: 'item' leaks here; was allocated at [(1)](sarif:/runs/0/results/0/codeFlows/0/threadFlows/0/locations/0)
#  506|       item->lineno = lineno;
#  507|   
#  508|->     debug_return_ptr(item);
#  509|   }
#  510|   

Error: GCC_ANALYZER_WARNING (CWE-401): [#def2]
sudo-1.9.17p2/lib/eventlog/parse_json.c:556:26: warning[-Wanalyzer-malloc-leak]: leak of 'dst'
sudo-1.9.17p2/lib/eventlog/parse_json.c:522:8: branch_false: following 'false' branch...
sudo-1.9.17p2/lib/eventlog/parse_json.c:526:19: branch_false: ...to here
sudo-1.9.17p2/lib/eventlog/parse_json.c:529:17: acquire_memory: allocated here
sudo-1.9.17p2/lib/eventlog/parse_json.c:530:8: branch_false: following 'false' branch (when 'ret' is non-NULL)...
 branch_false: ...to here
sudo-1.9.17p2/lib/eventlog/parse_json.c:534:12: branch_true: following 'true' branch (when 'end > src')...
sudo-1.9.17p2/lib/eventlog/parse_json.c:535:19: branch_true: ...to here
sudo-1.9.17p2/lib/eventlog/parse_json.c:536:12: branch_true: following 'true' branch (when 'ch == 92')...
sudo-1.9.17p2/lib/eventlog/parse_json.c:537:21: branch_true: ...to here
sudo-1.9.17p2/lib/eventlog/parse_json.c:555:20: branch_true: following 'true' branch...
sudo-1.9.17p2/lib/eventlog/parse_json.c:556:26: danger: 'dst' leaks here; was allocated at [(3)](sarif:/runs/0/results/1/codeFlows/0/threadFlows/0/locations/2)
#  554|   		/* Only currently handles 8-bit ASCII. */
#  555|   		if (src[1] == '0' && src[2] == '0') {
#  556|-> 		    ch = sudo_hexchar(&src[3]);
#  557|   		    if (ch != -1) {
#  558|   			src += 4;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def3]
sudo-1.9.17p2/lib/eventlog/parse_json.c:556:26: warning[-Wanalyzer-malloc-leak]: leak of 'ret'
sudo-1.9.17p2/lib/eventlog/parse_json.c:522:8: branch_false: following 'false' branch...
sudo-1.9.17p2/lib/eventlog/parse_json.c:526:19: branch_false: ...to here
sudo-1.9.17p2/lib/eventlog/parse_json.c:529:17: acquire_memory: allocated here
sudo-1.9.17p2/lib/eventlog/parse_json.c:530:8: branch_false: following 'false' branch (when 'ret' is non-NULL)...
 branch_false: ...to here
sudo-1.9.17p2/lib/eventlog/parse_json.c:534:12: branch_true: following 'true' branch (when 'end > src')...
sudo-1.9.17p2/lib/eventlog/parse_json.c:535:19: branch_true: ...to here
sudo-1.9.17p2/lib/eventlog/parse_json.c:534:12: branch_true: following 'true' branch (when 'end > src')...
sudo-1.9.17p2/lib/eventlog/parse_json.c:535:19: branch_true: ...to here
sudo-1.9.17p2/lib/eventlog/parse_json.c:536:12: branch_true: following 'true' branch (when 'ch == 92')...
sudo-1.9.17p2/lib/eventlog/parse_json.c:537:21: branch_true: ...to here
sudo-1.9.17p2/lib/eventlog/parse_json.c:555:20: branch_true: following 'true' branch...
sudo-1.9.17p2/lib/eventlog/parse_json.c:556:26: danger: 'ret' leaks here; was allocated at [(3)](sarif:/runs/0/results/2/codeFlows/0/threadFlows/0/locations/2)
#  554|   		/* Only currently handles 8-bit ASCII. */
#  555|   		if (src[1] == '0' && src[2] == '0') {
#  556|-> 		    ch = sudo_hexchar(&src[3]);
#  557|   		    if (ch != -1) {
#  558|   			src += 4;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def4]
sudo-1.9.17p2/lib/eventlog/parse_json.c:583:5: warning[-Wanalyzer-malloc-leak]: leak of 'dst'
sudo-1.9.17p2/lib/eventlog/parse_json.c:522:8: branch_false: following 'false' branch...
sudo-1.9.17p2/lib/eventlog/parse_json.c:526:19: branch_false: ...to here
sudo-1.9.17p2/lib/eventlog/parse_json.c:529:17: acquire_memory: allocated here
sudo-1.9.17p2/lib/eventlog/parse_json.c:530:8: branch_false: following 'false' branch (when 'ret' is non-NULL)...
 branch_false: ...to here
sudo-1.9.17p2/lib/eventlog/parse_json.c:534:12: branch_false: following 'false' branch (when 'end <= src')...
sudo-1.9.17p2/lib/eventlog/parse_json.c:575:5: branch_false: ...to here
sudo-1.9.17p2/lib/eventlog/parse_json.c:583:5: danger: 'dst' leaks here; was allocated at [(3)](sarif:/runs/0/results/3/codeFlows/0/threadFlows/0/locations/2)
#  581|       *strp = end;
#  582|   
#  583|->     debug_return_str(ret);
#  584|   }
#  585|   

Error: GCC_ANALYZER_WARNING (CWE-401): [#def5]
sudo-1.9.17p2/lib/eventlog/parse_json.c:583:5: warning[-Wanalyzer-malloc-leak]: leak of 'ret'
sudo-1.9.17p2/lib/eventlog/parse_json.c:522:8: branch_false: following 'false' branch...
sudo-1.9.17p2/lib/eventlog/parse_json.c:526:19: branch_false: ...to here
sudo-1.9.17p2/lib/eventlog/parse_json.c:529:17: acquire_memory: allocated here
sudo-1.9.17p2/lib/eventlog/parse_json.c:530:8: branch_false: following 'false' branch (when 'ret' is non-NULL)...
 branch_false: ...to here
sudo-1.9.17p2/lib/eventlog/parse_json.c:534:12: branch_true: following 'true' branch (when 'end > src')...
sudo-1.9.17p2/lib/eventlog/parse_json.c:535:19: branch_true: ...to here
sudo-1.9.17p2/lib/eventlog/parse_json.c:583:5: danger: 'ret' leaks here; was allocated at [(3)](sarif:/runs/0/results/4/codeFlows/0/threadFlows/0/locations/2)
#  581|       *strp = end;
#  582|   
#  583|->     debug_return_str(ret);
#  584|   }
#  585|   

Error: GCC_ANALYZER_WARNING (CWE-416): [#def6]
sudo-1.9.17p2/lib/eventlog/parse_json.c:594:17: warning[-Wanalyzer-use-after-free]: use after 'free' of 'item'
sudo-1.9.17p2/lib/eventlog/parse_json.c:801:1: enter_function: entry to 'eventlog_json_read'
sudo-1.9.17p2/lib/eventlog/parse_json.c:816:8: branch_false: following 'false' branch (when 'root' is non-NULL)...
sudo-1.9.17p2/lib/eventlog/parse_json.c:819:5: branch_false: ...to here
sudo-1.9.17p2/lib/eventlog/parse_json.c:823:12: branch_true: following 'true' branch...
sudo-1.9.17p2/lib/eventlog/parse_json.c:824:20: branch_true: ...to here
sudo-1.9.17p2/lib/eventlog/parse_json.c:1064:5: call_function: calling 'eventlog_json_free' from 'eventlog_json_read'
#  592|       while ((item = TAILQ_FIRST(items)) != NULL) {
#  593|   	TAILQ_REMOVE(items, item, entries);
#  594|-> 	switch (item->type) {
#  595|   	case JSON_STRING:
#  596|   	    free(item->u.string);

Error: GCC_ANALYZER_WARNING (CWE-415): [#def7]
sudo-1.9.17p2/lib/eventlog/parse_json.c:613:9: warning[-Wanalyzer-double-free]: double-'free' of '*item.name'
sudo-1.9.17p2/lib/eventlog/parse_json.c:801:1: enter_function: entry to 'eventlog_json_read'
sudo-1.9.17p2/lib/eventlog/parse_json.c:816:8: branch_false: following 'false' branch (when 'root' is non-NULL)...
sudo-1.9.17p2/lib/eventlog/parse_json.c:819:5: branch_false: ...to here
sudo-1.9.17p2/lib/eventlog/parse_json.c:823:12: branch_true: following 'true' branch...
sudo-1.9.17p2/lib/eventlog/parse_json.c:824:20: branch_true: ...to here
sudo-1.9.17p2/lib/eventlog/parse_json.c:1064:5: call_function: calling 'eventlog_json_free' from 'eventlog_json_read'
#  611|   	    break;
#  612|   	}
#  613|-> 	free(item->name);
#  614|   	free(item);
#  615|       }

Error: GCC_ANALYZER_WARNING (CWE-401): [#def8]
sudo-1.9.17p2/lib/eventlog/parse_json.c:823:23: warning[-Wanalyzer-malloc-leak]: leak of 'frame'
sudo-1.9.17p2/lib/eventlog/parse_json.c:815:12: acquire_memory: allocated here
sudo-1.9.17p2/lib/eventlog/parse_json.c:816:8: branch_false: following 'false' branch (when 'root' is non-NULL)...
sudo-1.9.17p2/lib/eventlog/parse_json.c:819:5: branch_false: ...to here
sudo-1.9.17p2/lib/eventlog/parse_json.c:823:23: danger: 'frame' leaks here; was allocated at [(1)](sarif:/runs/0/results/7/codeFlows/0/threadFlows/0/locations/0)
#  821|   
#  822|       frame = root;
#  823|->     while ((linelen = getdelim(&line, &linesize, '\n', fp)) != -1) {
#  824|   	char *ep = line + linelen - 1;
#  825|   	cp = line;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def9]
sudo-1.9.17p2/lib/eventlog/parse_json.c:1070:5: warning[-Wanalyzer-malloc-leak]: leak of 'frame'
sudo-1.9.17p2/lib/eventlog/parse_json.c:815:12: acquire_memory: allocated here
sudo-1.9.17p2/lib/eventlog/parse_json.c:816:8: branch_false: following 'false' branch (when 'root' is non-NULL)...
sudo-1.9.17p2/lib/eventlog/parse_json.c:819:5: branch_false: ...to here
sudo-1.9.17p2/lib/eventlog/parse_json.c:823:12: branch_false: following 'false' branch...
sudo-1.9.17p2/lib/eventlog/parse_json.c:1047:9: branch_false: ...to here
sudo-1.9.17p2/lib/eventlog/parse_json.c:1047:8: branch_false: following 'false' branch...
sudo-1.9.17p2/lib/eventlog/parse_json.c:1059:5: branch_false: ...to here
sudo-1.9.17p2/lib/eventlog/parse_json.c:1070:5: danger: 'frame' leaks here; was allocated at [(1)](sarif:/runs/0/results/8/codeFlows/0/threadFlows/0/locations/0)
# 1068|       free(name);
# 1069|   
# 1070|->     debug_return_ptr(root);
# 1071|   }

Error: GCC_ANALYZER_WARNING (CWE-401): [#def10]
sudo-1.9.17p2/lib/iolog/iolog_filter.c:73:5: warning[-Wanalyzer-malloc-leak]: leak of 'handle'
sudo-1.9.17p2/lib/iolog/iolog_filter.c:67:14: acquire_memory: allocated here
sudo-1.9.17p2/lib/iolog/iolog_filter.c:68:8: branch_true: following 'true' branch (when 'handle' is non-NULL)...
sudo-1.9.17p2/lib/iolog/iolog_filter.c:69:9: branch_true: ...to here
sudo-1.9.17p2/lib/iolog/iolog_filter.c:73:5: danger: 'handle' leaks here; was allocated at [(1)](sarif:/runs/0/results/0/codeFlows/0/threadFlows/0/locations/0)
#   71|       }
#   72|   
#   73|->     debug_return_ptr(handle);
#   74|   }
#   75|   

Error: GCC_ANALYZER_WARNING (CWE-401): [#def11]
sudo-1.9.17p2/lib/iolog/iolog_filter.c:132:10: warning[-Wanalyzer-malloc-leak]: leak of '<unknown>'
sudo-1.9.17p2/lib/iolog/iolog_filter.c:126:8: branch_false: following 'false' branch (when 'filt' is non-NULL)...
sudo-1.9.17p2/lib/iolog/iolog_filter.c:128:21: branch_false: ...to here
sudo-1.9.17p2/lib/iolog/iolog_filter.c:128:21: acquire_memory: allocated here
sudo-1.9.17p2/lib/iolog/iolog_filter.c:129:8: branch_false: following 'false' branch...
sudo-1.9.17p2/lib/iolog/iolog_filter.c:132:10: branch_false: ...to here
sudo-1.9.17p2/lib/iolog/iolog_filter.c:132:10: danger: '<unknown>' leaks here; was allocated at [(3)](sarif:/runs/0/results/2/codeFlows/0/threadFlows/0/locations/2)
#  130|   	goto oom;
#  131|   
#  132|->     if (!sudo_regex_compile(&filt->regex, filt->pattern, &errstr)) {
#  133|   	sudo_warnx(U_("invalid regular expression \"%s\": %s"),
#  134|   	    pattern, U_(errstr));

Error: GCC_ANALYZER_WARNING (CWE-401): [#def12]
sudo-1.9.17p2/lib/iolog/iolog_filter.c:132:10: warning[-Wanalyzer-malloc-leak]: leak of 'filt'
sudo-1.9.17p2/lib/iolog/iolog_filter.c:125:12: acquire_memory: allocated here
sudo-1.9.17p2/lib/iolog/iolog_filter.c:126:8: branch_false: following 'false' branch (when 'filt' is non-NULL)...
sudo-1.9.17p2/lib/iolog/iolog_filter.c:128:21: branch_false: ...to here
sudo-1.9.17p2/lib/iolog/iolog_filter.c:129:8: branch_false: following 'false' branch...
sudo-1.9.17p2/lib/iolog/iolog_filter.c:132:10: branch_false: ...to here
sudo-1.9.17p2/lib/iolog/iolog_filter.c:132:10: danger: 'filt' leaks here; was allocated at [(1)](sarif:/runs/0/results/1/codeFlows/0/threadFlows/0/locations/0)
#  130|   	goto oom;
#  131|   
#  132|->     if (!sudo_regex_compile(&filt->regex, filt->pattern, &errstr)) {
#  133|   	sudo_warnx(U_("invalid regular expression \"%s\": %s"),
#  134|   	    pattern, U_(errstr));

Error: GCC_ANALYZER_WARNING (CWE-401): [#def13]
sudo-1.9.17p2/lib/iolog/iolog_filter.c:142:5: warning[-Wanalyzer-malloc-leak]: leak of 'filt'
sudo-1.9.17p2/lib/iolog/iolog_filter.c:125:12: acquire_memory: allocated here
sudo-1.9.17p2/lib/iolog/iolog_filter.c:126:8: branch_false: following 'false' branch (when 'filt' is non-NULL)...
sudo-1.9.17p2/lib/iolog/iolog_filter.c:128:21: branch_false: ...to here
sudo-1.9.17p2/lib/iolog/iolog_filter.c:129:8: branch_true: following 'true' branch...
sudo-1.9.17p2/lib/iolog/iolog_filter.c:130:9: branch_true: ...to here
sudo-1.9.17p2/lib/iolog/iolog_filter.c:142:5: danger: 'filt' leaks here; was allocated at [(1)](sarif:/runs/0/results/3/codeFlows/0/threadFlows/0/locations/0)
#  140|   
#  141|   oom:
#  142|->     sudo_warnx(U_("%s: %s"), __func__, U_("unable to allocate memory"));
#  143|   bad:
#  144|       if (filt != NULL) {

Error: GCC_ANALYZER_WARNING (CWE-401): [#def14]
sudo-1.9.17p2/lib/iolog/iolog_loginfo.c:76:9: warning[-Wanalyzer-malloc-leak]: leak of 'fp'
sudo-1.9.17p2/lib/iolog/iolog_loginfo.c:69:8: branch_false: following 'false' branch (when 'fd != -1')...
sudo-1.9.17p2/lib/iolog/iolog_loginfo.c:69:27: branch_false: ...to here
sudo-1.9.17p2/lib/iolog/iolog_loginfo.c:69:27: acquire_memory: allocated here
sudo-1.9.17p2/lib/iolog/iolog_loginfo.c:69:9: branch_false: following 'false' branch (when 'fp' is non-NULL)...
sudo-1.9.17p2/lib/iolog/iolog_loginfo.c:75:18: branch_false: ...to here
sudo-1.9.17p2/lib/iolog/iolog_loginfo.c:75:8: branch_true: following 'true' branch (when 'evlog' is NULL)...
sudo-1.9.17p2/lib/iolog/iolog_loginfo.c:76:9: branch_true: ...to here
sudo-1.9.17p2/lib/iolog/iolog_loginfo.c:76:9: danger: 'fp' leaks here; was allocated at [(3)](sarif:/runs/0/results/0/codeFlows/0/threadFlows/0/locations/2)
#   74|   
#   75|       if ((evlog = calloc(1, sizeof(*evlog))) == NULL) {
#   76|-> 	sudo_warnx(U_("%s: %s"), __func__, U_("unable to allocate memory"));
#   77|   	goto bad;
#   78|       }

Error: GCC_ANALYZER_WARNING (CWE-401): [#def15]
sudo-1.9.17p2/lib/iolog/iolog_loginfo.c:83:19: warning[-Wanalyzer-malloc-leak]: leak of 'evlog'
sudo-1.9.17p2/lib/iolog/iolog_loginfo.c:69:8: branch_false: following 'false' branch...
sudo-1.9.17p2/lib/iolog/iolog_loginfo.c:75:18: acquire_memory: allocated here
sudo-1.9.17p2/lib/iolog/iolog_loginfo.c:75:8: branch_false: following 'false' branch (when 'evlog' is non-NULL)...
sudo-1.9.17p2/lib/iolog/iolog_loginfo.c:79:5: branch_false: ...to here
sudo-1.9.17p2/lib/iolog/iolog_loginfo.c:84:9: branch_true: following 'true' branch (when 'legacy != 0')...
sudo-1.9.17p2/lib/iolog/iolog_loginfo.c:83:19: branch_true: ...to here
sudo-1.9.17p2/lib/iolog/iolog_loginfo.c:83:19: danger: 'evlog' leaks here; was allocated at [(3)](sarif:/runs/0/results/7/codeFlows/0/threadFlows/0/locations/2)
#   81|       evlog->exit_value = -1;
#   82|   
#   83|->     ok = legacy ? iolog_parse_loginfo_legacy(fp, iolog_dir, evlog) :
#   84|   	iolog_parse_loginfo_json(fp, iolog_dir, evlog);
#   85|       if (ok) {

Error: GCC_ANALYZER_WARNING (CWE-401): [#def16]
sudo-1.9.17p2/lib/iolog/iolog_loginfo.c:83:19: warning[-Wanalyzer-malloc-leak]: leak of 'fp'
sudo-1.9.17p2/lib/iolog/iolog_loginfo.c:69:8: branch_false: following 'false' branch (when 'fd != -1')...
sudo-1.9.17p2/lib/iolog/iolog_loginfo.c:69:27: branch_false: ...to here
sudo-1.9.17p2/lib/iolog/iolog_loginfo.c:69:27: acquire_memory: allocated here
sudo-1.9.17p2/lib/iolog/iolog_loginfo.c:69:9: branch_false: following 'false' branch (when 'fp' is non-NULL)...
sudo-1.9.17p2/lib/iolog/iolog_loginfo.c:75:18: branch_false: ...to here
sudo-1.9.17p2/lib/iolog/iolog_loginfo.c:75:8: branch_false: following 'false' branch (when 'evlog' is non-NULL)...
sudo-1.9.17p2/lib/iolog/iolog_loginfo.c:79:5: branch_false: ...to here
sudo-1.9.17p2/lib/iolog/iolog_loginfo.c:84:9: branch_true: following 'true' branch (when 'legacy != 0')...
sudo-1.9.17p2/lib/iolog/iolog_loginfo.c:83:19: branch_true: ...to here
sudo-1.9.17p2/lib/iolog/iolog_loginfo.c:83:19: danger: 'fp' leaks here; was allocated at [(3)](sarif:/runs/0/results/6/codeFlows/0/threadFlows/0/locations/2)
#   81|       evlog->exit_value = -1;
#   82|   
#   83|->     ok = legacy ? iolog_parse_loginfo_legacy(fp, iolog_dir, evlog) :
#   84|   	iolog_parse_loginfo_json(fp, iolog_dir, evlog);
#   85|       if (ok) {

Error: GCC_ANALYZER_WARNING (CWE-401): [#def17]
sudo-1.9.17p2/lib/iolog/iolog_loginfo.c:84:9: warning[-Wanalyzer-malloc-leak]: leak of 'evlog'
sudo-1.9.17p2/lib/iolog/iolog_loginfo.c:69:8: branch_false: following 'false' branch...
sudo-1.9.17p2/lib/iolog/iolog_loginfo.c:75:18: acquire_memory: allocated here
sudo-1.9.17p2/lib/iolog/iolog_loginfo.c:75:8: branch_false: following 'false' branch (when 'evlog' is non-NULL)...
sudo-1.9.17p2/lib/iolog/iolog_loginfo.c:79:5: branch_false: ...to here
sudo-1.9.17p2/lib/iolog/iolog_loginfo.c:84:9: branch_false: following 'false' branch (when 'legacy == 0')...
sudo-1.9.17p2/lib/iolog/iolog_loginfo.c:84:9: branch_false: ...to here
sudo-1.9.17p2/lib/iolog/iolog_loginfo.c:84:9: danger: 'evlog' leaks here; was allocated at [(3)](sarif:/runs/0/results/9/codeFlows/0/threadFlows/0/locations/2)
#   82|   
#   83|       ok = legacy ? iolog_parse_loginfo_legacy(fp, iolog_dir, evlog) :
#   84|-> 	iolog_parse_loginfo_json(fp, iolog_dir, evlog);
#   85|       if (ok) {
#   86|   	fclose(fp);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def18]
sudo-1.9.17p2/lib/iolog/iolog_loginfo.c:84:9: warning[-Wanalyzer-malloc-leak]: leak of 'fp'
sudo-1.9.17p2/lib/iolog/iolog_loginfo.c:69:8: branch_false: following 'false' branch (when 'fd != -1')...
sudo-1.9.17p2/lib/iolog/iolog_loginfo.c:69:27: branch_false: ...to here
sudo-1.9.17p2/lib/iolog/iolog_loginfo.c:69:27: acquire_memory: allocated here
sudo-1.9.17p2/lib/iolog/iolog_loginfo.c:69:9: branch_false: following 'false' branch (when 'fp' is non-NULL)...
sudo-1.9.17p2/lib/iolog/iolog_loginfo.c:75:18: branch_false: ...to here
sudo-1.9.17p2/lib/iolog/iolog_loginfo.c:75:8: branch_false: following 'false' branch (when 'evlog' is non-NULL)...
sudo-1.9.17p2/lib/iolog/iolog_loginfo.c:79:5: branch_false: ...to here
sudo-1.9.17p2/lib/iolog/iolog_loginfo.c:84:9: branch_false: following 'false' branch (when 'legacy == 0')...
sudo-1.9.17p2/lib/iolog/iolog_loginfo.c:84:9: branch_false: ...to here
sudo-1.9.17p2/lib/iolog/iolog_loginfo.c:84:9: danger: 'fp' leaks here; was allocated at [(3)](sarif:/runs/0/results/8/codeFlows/0/threadFlows/0/locations/2)
#   82|   
#   83|       ok = legacy ? iolog_parse_loginfo_legacy(fp, iolog_dir, evlog) :
#   84|-> 	iolog_parse_loginfo_json(fp, iolog_dir, evlog);
#   85|       if (ok) {
#   86|   	fclose(fp);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def19]
sudo-1.9.17p2/lib/iolog/iolog_loginfo.c:119:20: warning[-Wanalyzer-malloc-leak]: leak of 'fp'
sudo-1.9.17p2/lib/iolog/iolog_loginfo.c:112:8: branch_false: following 'false' branch...
sudo-1.9.17p2/lib/iolog/iolog_loginfo.c:112:27: branch_false: ...to here
sudo-1.9.17p2/lib/iolog/iolog_loginfo.c:112:27: acquire_memory: allocated here
sudo-1.9.17p2/lib/iolog/iolog_loginfo.c:112:9: branch_false: following 'false' branch (when 'fp' is non-NULL)...
sudo-1.9.17p2/lib/iolog/iolog_loginfo.c:119:37: branch_false: ...to here
sudo-1.9.17p2/lib/iolog/iolog_loginfo.c:119:20: danger: 'fp' leaks here; was allocated at [(3)](sarif:/runs/0/results/10/codeFlows/0/threadFlows/0/locations/2)
#  117|   	debug_return_bool(false);
#  118|       }
#  119|->     if (fchown(fd, iolog_get_uid(), iolog_get_gid()) != 0) {
#  120|   	sudo_debug_printf(SUDO_DEBUG_ERROR|SUDO_DEBUG_ERRNO,
#  121|   	    "%s: unable to fchown %d:%d %s/log", __func__,

Error: GCC_ANALYZER_WARNING (CWE-401): [#def20]
sudo-1.9.17p2/lib/iolog/iolog_loginfo.c:119:37: warning[-Wanalyzer-malloc-leak]: leak of 'fp'
sudo-1.9.17p2/lib/iolog/iolog_loginfo.c:112:8: branch_false: following 'false' branch...
sudo-1.9.17p2/lib/iolog/iolog_loginfo.c:112:27: branch_false: ...to here
sudo-1.9.17p2/lib/iolog/iolog_loginfo.c:112:27: acquire_memory: allocated here
sudo-1.9.17p2/lib/iolog/iolog_loginfo.c:112:9: branch_false: following 'false' branch (when 'fp' is non-NULL)...
sudo-1.9.17p2/lib/iolog/iolog_loginfo.c:119:37: branch_false: ...to here
sudo-1.9.17p2/lib/iolog/iolog_loginfo.c:119:37: danger: 'fp' leaks here; was allocated at [(3)](sarif:/runs/0/results/11/codeFlows/0/threadFlows/0/locations/2)
#  117|   	debug_return_bool(false);
#  118|       }
#  119|->     if (fchown(fd, iolog_get_uid(), iolog_get_gid()) != 0) {
#  120|   	sudo_debug_printf(SUDO_DEBUG_ERROR|SUDO_DEBUG_ERRNO,
#  121|   	    "%s: unable to fchown %d:%d %s/log", __func__,

Error: GCC_ANALYZER_WARNING (CWE-401): [#def21]
sudo-1.9.17p2/lib/iolog/iolog_loginfo.c:120:9: warning[-Wanalyzer-malloc-leak]: leak of 'fp'
sudo-1.9.17p2/lib/iolog/iolog_loginfo.c:112:8: branch_false: following 'false' branch...
sudo-1.9.17p2/lib/iolog/iolog_loginfo.c:112:27: branch_false: ...to here
sudo-1.9.17p2/lib/iolog/iolog_loginfo.c:112:27: acquire_memory: allocated here
sudo-1.9.17p2/lib/iolog/iolog_loginfo.c:112:9: branch_false: following 'false' branch (when 'fp' is non-NULL)...
sudo-1.9.17p2/lib/iolog/iolog_loginfo.c:119:37: branch_false: ...to here
sudo-1.9.17p2/lib/iolog/iolog_loginfo.c:119:8: branch_true: following 'true' branch...
sudo-1.9.17p2/lib/iolog/iolog_loginfo.c:120:9: branch_true: ...to here
sudo-1.9.17p2/lib/iolog/iolog_loginfo.c:120:9: danger: 'fp' leaks here; was allocated at [(3)](sarif:/runs/0/results/12/codeFlows/0/threadFlows/0/locations/2)
#  118|       }
#  119|       if (fchown(fd, iolog_get_uid(), iolog_get_gid()) != 0) {
#  120|-> 	sudo_debug_printf(SUDO_DEBUG_ERROR|SUDO_DEBUG_ERRNO,
#  121|   	    "%s: unable to fchown %d:%d %s/log", __func__,
#  122|   	    (int)iolog_get_uid(), (int)iolog_get_gid(), evlog->iolog_path);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def22]
sudo-1.9.17p2/lib/iolog/iolog_loginfo.c:193:20: warning[-Wanalyzer-malloc-leak]: leak of 'fp'
sudo-1.9.17p2/lib/iolog/iolog_loginfo.c:163:8: branch_true: following 'true' branch...
sudo-1.9.17p2/lib/iolog/iolog_loginfo.c:167:10: branch_true: ...to here
sudo-1.9.17p2/lib/iolog/iolog_loginfo.c:167:8: branch_true: following 'true' branch...
sudo-1.9.17p2/lib/iolog/iolog_loginfo.c:170:5: branch_true: ...to here
sudo-1.9.17p2/lib/iolog/iolog_loginfo.c:172:8: branch_true: following 'true' branch...
sudo-1.9.17p2/lib/iolog/iolog_loginfo.c:175:5: branch_true: ...to here
sudo-1.9.17p2/lib/iolog/iolog_loginfo.c:177:8: branch_true: following 'true' branch...
sudo-1.9.17p2/lib/iolog/iolog_loginfo.c:180:10: branch_true: ...to here
sudo-1.9.17p2/lib/iolog/iolog_loginfo.c:180:8: branch_true: following 'true' branch...
sudo-1.9.17p2/lib/iolog/iolog_loginfo.c:183:10: branch_true: ...to here
sudo-1.9.17p2/lib/iolog/iolog_loginfo.c:183:8: branch_true: following 'true' branch...
sudo-1.9.17p2/lib/iolog/iolog_loginfo.c:186:10: branch_true: ...to here
sudo-1.9.17p2/lib/iolog/iolog_loginfo.c:187:8: branch_false: following 'false' branch...
sudo-1.9.17p2/lib/iolog/iolog_loginfo.c:187:27: branch_false: ...to here
sudo-1.9.17p2/lib/iolog/iolog_loginfo.c:187:27: acquire_memory: allocated here
sudo-1.9.17p2/lib/iolog/iolog_loginfo.c:187:9: branch_false: following 'false' branch (when 'fp' is non-NULL)...
sudo-1.9.17p2/lib/iolog/iolog_loginfo.c:193:37: branch_false: ...to here
sudo-1.9.17p2/lib/iolog/iolog_loginfo.c:193:20: danger: 'fp' leaks here; was allocated at [(15)](sarif:/runs/0/results/15/codeFlows/0/threadFlows/0/locations/14)
#  191|           goto done;
#  192|       }
#  193|->     if (fchown(fd, iolog_get_uid(), iolog_get_gid()) != 0) {
#  194|   	sudo_debug_printf(SUDO_DEBUG_ERROR|SUDO_DEBUG_ERRNO,
#  195|   	    "%s: unable to fchown %d:%d %s/log.json", __func__,

Error: GCC_ANALYZER_WARNING (CWE-401): [#def23]
sudo-1.9.17p2/lib/iolog/iolog_loginfo.c:193:37: warning[-Wanalyzer-malloc-leak]: leak of 'fp'
sudo-1.9.17p2/lib/iolog/iolog_loginfo.c:163:8: branch_true: following 'true' branch...
sudo-1.9.17p2/lib/iolog/iolog_loginfo.c:167:10: branch_true: ...to here
sudo-1.9.17p2/lib/iolog/iolog_loginfo.c:167:8: branch_true: following 'true' branch...
sudo-1.9.17p2/lib/iolog/iolog_loginfo.c:170:5: branch_true: ...to here
sudo-1.9.17p2/lib/iolog/iolog_loginfo.c:172:8: branch_true: following 'true' branch...
sudo-1.9.17p2/lib/iolog/iolog_loginfo.c:175:5: branch_true: ...to here
sudo-1.9.17p2/lib/iolog/iolog_loginfo.c:177:8: branch_true: following 'true' branch...
sudo-1.9.17p2/lib/iolog/iolog_loginfo.c:180:10: branch_true: ...to here
sudo-1.9.17p2/lib/iolog/iolog_loginfo.c:180:8: branch_true: following 'true' branch...
sudo-1.9.17p2/lib/iolog/iolog_loginfo.c:183:10: branch_true: ...to here
sudo-1.9.17p2/lib/iolog/iolog_loginfo.c:183:8: branch_true: following 'true' branch...
sudo-1.9.17p2/lib/iolog/iolog_loginfo.c:186:10: branch_true: ...to here
sudo-1.9.17p2/lib/iolog/iolog_loginfo.c:187:8: branch_false: following 'false' branch...
sudo-1.9.17p2/lib/iolog/iolog_loginfo.c:187:27: branch_false: ...to here
sudo-1.9.17p2/lib/iolog/iolog_loginfo.c:187:27: acquire_memory: allocated here
sudo-1.9.17p2/lib/iolog/iolog_loginfo.c:187:9: branch_false: following 'false' branch (when 'fp' is non-NULL)...
sudo-1.9.17p2/lib/iolog/iolog_loginfo.c:193:37: branch_false: ...to here
sudo-1.9.17p2/lib/iolog/iolog_loginfo.c:193:37: danger: 'fp' leaks here; was allocated at [(15)](sarif:/runs/0/results/16/codeFlows/0/threadFlows/0/locations/14)
#  191|           goto done;
#  192|       }
#  193|->     if (fchown(fd, iolog_get_uid(), iolog_get_gid()) != 0) {
#  194|   	sudo_debug_printf(SUDO_DEBUG_ERROR|SUDO_DEBUG_ERRNO,
#  195|   	    "%s: unable to fchown %d:%d %s/log.json", __func__,

Error: GCC_ANALYZER_WARNING (CWE-401): [#def24]
sudo-1.9.17p2/lib/iolog/iolog_loginfo.c:194:9: warning[-Wanalyzer-malloc-leak]: leak of 'fp'
sudo-1.9.17p2/lib/iolog/iolog_loginfo.c:163:8: branch_true: following 'true' branch...
sudo-1.9.17p2/lib/iolog/iolog_loginfo.c:167:10: branch_true: ...to here
sudo-1.9.17p2/lib/iolog/iolog_loginfo.c:167:8: branch_true: following 'true' branch...
sudo-1.9.17p2/lib/iolog/iolog_loginfo.c:170:5: branch_true: ...to here
sudo-1.9.17p2/lib/iolog/iolog_loginfo.c:172:8: branch_true: following 'true' branch...
sudo-1.9.17p2/lib/iolog/iolog_loginfo.c:175:5: branch_true: ...to here
sudo-1.9.17p2/lib/iolog/iolog_loginfo.c:177:8: branch_true: following 'true' branch...
sudo-1.9.17p2/lib/iolog/iolog_loginfo.c:180:10: branch_true: ...to here
sudo-1.9.17p2/lib/iolog/iolog_loginfo.c:180:8: branch_true: following 'true' branch...
sudo-1.9.17p2/lib/iolog/iolog_loginfo.c:183:10: branch_true: ...to here
sudo-1.9.17p2/lib/iolog/iolog_loginfo.c:183:8: branch_true: following 'true' branch...
sudo-1.9.17p2/lib/iolog/iolog_loginfo.c:186:10: branch_true: ...to here
sudo-1.9.17p2/lib/iolog/iolog_loginfo.c:187:8: branch_false: following 'false' branch...
sudo-1.9.17p2/lib/iolog/iolog_loginfo.c:187:27: branch_false: ...to here
sudo-1.9.17p2/lib/iolog/iolog_loginfo.c:187:27: acquire_memory: allocated here
sudo-1.9.17p2/lib/iolog/iolog_loginfo.c:187:9: branch_false: following 'false' branch (when 'fp' is non-NULL)...
sudo-1.9.17p2/lib/iolog/iolog_loginfo.c:193:37: branch_false: ...to here
sudo-1.9.17p2/lib/iolog/iolog_loginfo.c:193:8: branch_true: following 'true' branch...
sudo-1.9.17p2/lib/iolog/iolog_loginfo.c:194:9: branch_true: ...to here
sudo-1.9.17p2/lib/iolog/iolog_loginfo.c:194:9: danger: 'fp' leaks here; was allocated at [(15)](sarif:/runs/0/results/17/codeFlows/0/threadFlows/0/locations/14)
#  192|       }
#  193|       if (fchown(fd, iolog_get_uid(), iolog_get_gid()) != 0) {
#  194|-> 	sudo_debug_printf(SUDO_DEBUG_ERROR|SUDO_DEBUG_ERRNO,
#  195|   	    "%s: unable to fchown %d:%d %s/log.json", __func__,
#  196|   	    (int)iolog_get_uid(), (int)iolog_get_gid(), evlog->iolog_path);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def25]
sudo-1.9.17p2/lib/iolog/iolog_loginfo.c:200:5: warning[-Wanalyzer-malloc-leak]: leak of 'fp'
sudo-1.9.17p2/lib/iolog/iolog_loginfo.c:163:8: branch_true: following 'true' branch...
sudo-1.9.17p2/lib/iolog/iolog_loginfo.c:167:10: branch_true: ...to here
sudo-1.9.17p2/lib/iolog/iolog_loginfo.c:167:8: branch_true: following 'true' branch...
sudo-1.9.17p2/lib/iolog/iolog_loginfo.c:170:5: branch_true: ...to here
sudo-1.9.17p2/lib/iolog/iolog_loginfo.c:172:8: branch_true: following 'true' branch...
sudo-1.9.17p2/lib/iolog/iolog_loginfo.c:175:5: branch_true: ...to here
sudo-1.9.17p2/lib/iolog/iolog_loginfo.c:177:8: branch_true: following 'true' branch...
sudo-1.9.17p2/lib/iolog/iolog_loginfo.c:180:10: branch_true: ...to here
sudo-1.9.17p2/lib/iolog/iolog_loginfo.c:180:8: branch_true: following 'true' branch...
sudo-1.9.17p2/lib/iolog/iolog_loginfo.c:183:10: branch_true: ...to here
sudo-1.9.17p2/lib/iolog/iolog_loginfo.c:183:8: branch_true: following 'true' branch...
sudo-1.9.17p2/lib/iolog/iolog_loginfo.c:186:10: branch_true: ...to here
sudo-1.9.17p2/lib/iolog/iolog_loginfo.c:187:8: branch_false: following 'false' branch...
sudo-1.9.17p2/lib/iolog/iolog_loginfo.c:187:27: branch_false: ...to here
sudo-1.9.17p2/lib/iolog/iolog_loginfo.c:187:27: acquire_memory: allocated here
sudo-1.9.17p2/lib/iolog/iolog_loginfo.c:187:9: branch_false: following 'false' branch (when 'fp' is non-NULL)...
sudo-1.9.17p2/lib/iolog/iolog_loginfo.c:193:37: branch_false: ...to here
sudo-1.9.17p2/lib/iolog/iolog_loginfo.c:200:5: danger: 'fp' leaks here; was allocated at [(15)](sarif:/runs/0/results/20/codeFlows/0/threadFlows/0/locations/14)
#  198|       fd = -1;
#  199|   
#  200|->     fprintf(fp, "{%s\n}\n", sudo_json_get_buf(&jsonc));
#  201|       fflush(fp);
#  202|       if (ferror(fp)) {

Error: GCC_ANALYZER_WARNING (CWE-401): [#def26]
sudo-1.9.17p2/lib/util/closefrom.c:167:24: warning[-Wanalyzer-malloc-leak]: leak of 'opendir("/proc/self/fd")'
sudo-1.9.17p2/lib/util/closefrom.c:114:8: branch_false: following 'false' branch...
sudo-1.9.17p2/lib/util/closefrom.c:165:17: branch_false: ...to here
sudo-1.9.17p2/lib/util/closefrom.c:165:17: acquire_memory: allocated here
sudo-1.9.17p2/lib/util/closefrom.c:165:8: branch_true: following 'true' branch...
 branch_true: ...to here
sudo-1.9.17p2/lib/util/closefrom.c:167:24: danger: 'opendir("/proc/self/fd")' leaks here; was allocated at [(3)](sarif:/runs/0/results/0/codeFlows/0/threadFlows/0/locations/2)
#  165|       if ((dirp = opendir(path)) != NULL) {
#  166|   	struct dirent *dent;
#  167|-> 	while ((dent = readdir(dirp)) != NULL) {
#  168|   	    const char *errstr;
#  169|   	    int fd = (int)sudo_strtonum(dent->d_name, lowfd, INT_MAX, &errstr);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def27]
sudo-1.9.17p2/lib/util/digest_openssl.c:90:5: warning[-Wanalyzer-malloc-leak]: leak of 'dig'
sudo-1.9.17p2/lib/util/digest_openssl.c:78:8: branch_false: following 'false' branch...
sudo-1.9.17p2/lib/util/digest_openssl.c:81:13: branch_false: ...to here
sudo-1.9.17p2/lib/util/digest_openssl.c:82:8: branch_false: following 'false' branch...
sudo-1.9.17p2/lib/util/digest_openssl.c:85:16: acquire_memory: allocated here
sudo-1.9.17p2/lib/util/digest_openssl.c:85:8: branch_false: following 'false' branch (when 'dig' is non-NULL)...
sudo-1.9.17p2/lib/util/digest_openssl.c:87:5: branch_false: ...to here
sudo-1.9.17p2/lib/util/digest_openssl.c:90:5: danger: 'dig' leaks here; was allocated at [(5)](sarif:/runs/0/results/0/codeFlows/0/threadFlows/0/locations/4)
#   88|       dig->ctx = mdctx;
#   89|   
#   90|->     debug_return_ptr(dig);
#   91|   bad:
#   92|       EVP_MD_CTX_free(mdctx);

Error: GCC_ANALYZER_WARNING (CWE-404): [#def28]
sudo-1.9.17p2/lib/util/fatal.c:190:9: warning[-Wanalyzer-va-list-leak]: missing call to 'va_end'
sudo-1.9.17p2/lib/util/fatal.c:167:1: enter_function: entry to 'sudo_gai_warn_nodebug_v1'
sudo-1.9.17p2/lib/util/fatal.c:171:5: acquire_resource: 'va_start' called here
sudo-1.9.17p2/lib/util/fatal.c:172:5: call_function: calling 'warning' from 'sudo_gai_warn_nodebug_v1'
#  188|       /* Set user locale if setter was specified. */
#  189|       if (sudo_warn_setlocale != NULL)
#  190|-> 	sudo_warn_setlocale(false, &cookie);
#  191|   
#  192|       if (sudo_warn_conversation != NULL) {

Error: GCC_ANALYZER_WARNING (CWE-404): [#def29]
sudo-1.9.17p2/lib/util/fatal.c:199:29: warning[-Wanalyzer-va-list-leak]: missing call to 'va_end'
sudo-1.9.17p2/lib/util/fatal.c:167:1: enter_function: entry to 'sudo_gai_warn_nodebug_v1'
sudo-1.9.17p2/lib/util/fatal.c:171:5: acquire_resource: 'va_start' called here
sudo-1.9.17p2/lib/util/fatal.c:172:5: call_function: calling 'warning' from 'sudo_gai_warn_nodebug_v1'
#  197|   	/* Use conversation function. */
#  198|           msgs[nmsgs].msg_type = SUDO_CONV_ERROR_MSG;
#  199|-> 	msgs[nmsgs++].msg = getprogname();
#  200|           if (fmt != NULL) {
#  201|   		va_list ap2;

Error: GCC_ANALYZER_WARNING (CWE-404): [#def30]
sudo-1.9.17p2/lib/util/fatal.c:228:9: warning[-Wanalyzer-va-list-leak]: missing call to 'va_end'
sudo-1.9.17p2/lib/util/fatal.c:116:1: enter_function: entry to 'sudo_warn_nodebug_v1'
sudo-1.9.17p2/lib/util/fatal.c:120:5: acquire_resource: 'va_start' called here
sudo-1.9.17p2/lib/util/fatal.c:121:5: call_function: calling 'warning' from 'sudo_warn_nodebug_v1'
#  226|   	msgs[nmsgs].msg_type = SUDO_CONV_ERROR_MSG;
#  227|   	msgs[nmsgs++].msg = "\n";
#  228|-> 	sudo_warn_conversation(nmsgs, msgs, NULL, NULL);
#  229|   	if (buf != static_buf)
#  230|   	    free(buf);

Error: GCC_ANALYZER_WARNING (CWE-404): [#def31]
sudo-1.9.17p2/lib/util/fatal.c:233:15: warning[-Wanalyzer-va-list-leak]: missing call to 'va_end'
sudo-1.9.17p2/lib/util/fatal.c:167:1: enter_function: entry to 'sudo_gai_warn_nodebug_v1'
sudo-1.9.17p2/lib/util/fatal.c:171:5: acquire_resource: 'va_start' called here
sudo-1.9.17p2/lib/util/fatal.c:172:5: call_function: calling 'warning' from 'sudo_gai_warn_nodebug_v1'
#  231|       } else {
#  232|   	/* Write to the standard error. */
#  233|->         fputs(getprogname(), stderr);
#  234|           if (fmt != NULL) {
#  235|                   fputs(": ", stderr);

Error: GCC_ANALYZER_WARNING (CWE-404): [#def32]
sudo-1.9.17p2/lib/util/fatal.c:243:13: warning[-Wanalyzer-va-list-leak]: missing call to 'va_end'
sudo-1.9.17p2/lib/util/fatal.c:116:1: enter_function: entry to 'sudo_warn_nodebug_v1'
sudo-1.9.17p2/lib/util/fatal.c:120:5: acquire_resource: 'va_start' called here
sudo-1.9.17p2/lib/util/fatal.c:121:5: call_function: calling 'warning' from 'sudo_warn_nodebug_v1'
#  241|           }
#  242|   #ifndef FUZZING_BUILD_MODE_UNSAFE_FOR_PRODUCTION
#  243|->         if (sudo_term_is_raw(fileno(stderr)))
#  244|               putc('\r', stderr);
#  245|   #endif

Error: GCC_ANALYZER_WARNING (CWE-401): [#def33]
sudo-1.9.17p2/lib/util/getentropy.c:456:25: warning[-Wanalyzer-malloc-leak]: leak of 'results'
sudo-1.9.17p2/lib/util/getentropy.c:432:12: branch_false: following 'false' branch (when 'len != 0')...
sudo-1.9.17p2/lib/util/getentropy.c:434:23: branch_false: ...to here
sudo-1.9.17p2/lib/util/getentropy.c:435:12: branch_false: following 'false' branch (when 'pgs != 18446744073709551615')...
sudo-1.9.17p2/lib/util/getentropy.c:437:20: branch_false: ...to here
sudo-1.9.17p2/lib/util/getentropy.c:437:12: branch_false: following 'false' branch...
sudo-1.9.17p2/lib/util/getentropy.c:439:22: branch_false: ...to here
sudo-1.9.17p2/lib/util/getentropy.c:440:12: branch_false: following 'false' branch...
sudo-1.9.17p2/lib/util/getentropy.c:440:43: branch_false: ...to here
sudo-1.9.17p2/lib/util/getentropy.c:440:43: acquire_memory: allocated here
sudo-1.9.17p2/lib/util/getentropy.c:440:13: branch_false: following 'false' branch (when 'results' is non-NULL)...
sudo-1.9.17p2/lib/util/getentropy.c:443:15: branch_false: ...to here
sudo-1.9.17p2/lib/util/getentropy.c:455:29: branch_true: following 'true' branch (when 'repeat > j')...
sudo-1.9.17p2/lib/util/getentropy.c:456:25: branch_true: ...to here
sudo-1.9.17p2/lib/util/getentropy.c:456:25: branch_true: following 'true' branch...
sudo-1.9.17p2/lib/util/getentropy.c:456:25: branch_true: ...to here
sudo-1.9.17p2/lib/util/getentropy.c:456:25: danger: 'results' leaks here; was allocated at [(9)](sarif:/runs/0/results/0/codeFlows/0/threadFlows/0/locations/8)
#  454|   		unsigned int j;
#  455|   		for (j = 0; j < repeat; j++) {
#  456|-> 			HX((e = gettimeofday(&tv, NULL)) == -1, tv);
#  457|   			if (e != -1) {
#  458|   				cnt += (size_t)tv.tv_sec;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def34]
sudo-1.9.17p2/lib/util/getentropy.c:462:25: warning[-Wanalyzer-malloc-leak]: leak of 'results'
sudo-1.9.17p2/lib/util/getentropy.c:432:12: branch_false: following 'false' branch (when 'len != 0')...
sudo-1.9.17p2/lib/util/getentropy.c:434:23: branch_false: ...to here
sudo-1.9.17p2/lib/util/getentropy.c:435:12: branch_false: following 'false' branch (when 'pgs != 18446744073709551615')...
sudo-1.9.17p2/lib/util/getentropy.c:437:20: branch_false: ...to here
sudo-1.9.17p2/lib/util/getentropy.c:437:12: branch_false: following 'false' branch...
sudo-1.9.17p2/lib/util/getentropy.c:439:22: branch_false: ...to here
sudo-1.9.17p2/lib/util/getentropy.c:440:12: branch_false: following 'false' branch...
sudo-1.9.17p2/lib/util/getentropy.c:440:43: branch_false: ...to here
sudo-1.9.17p2/lib/util/getentropy.c:440:43: acquire_memory: allocated here
sudo-1.9.17p2/lib/util/getentropy.c:440:13: branch_false: following 'false' branch (when 'results' is non-NULL)...
sudo-1.9.17p2/lib/util/getentropy.c:443:15: branch_false: ...to here
sudo-1.9.17p2/lib/util/getentropy.c:455:29: branch_true: following 'true' branch (when 'repeat > j')...
sudo-1.9.17p2/lib/util/getentropy.c:456:25: branch_true: ...to here
sudo-1.9.17p2/lib/util/getentropy.c:462:25: danger: 'results' leaks here; was allocated at [(9)](sarif:/runs/0/results/2/codeFlows/0/threadFlows/0/locations/8)
#  460|   			}
#  461|   #ifdef HAVE_DL_ITERATE_PHDR
#  462|-> 			dl_iterate_phdr(getentropy_phdr, ctx);
#  463|   #endif
#  464|   

Error: GCC_ANALYZER_WARNING (CWE-401): [#def35]
sudo-1.9.17p2/lib/util/getentropy.c:467:33: warning[-Wanalyzer-malloc-leak]: leak of 'results'
sudo-1.9.17p2/lib/util/getentropy.c:432:12: branch_false: following 'false' branch (when 'len != 0')...
sudo-1.9.17p2/lib/util/getentropy.c:434:23: branch_false: ...to here
sudo-1.9.17p2/lib/util/getentropy.c:435:12: branch_false: following 'false' branch (when 'pgs != 18446744073709551615')...
sudo-1.9.17p2/lib/util/getentropy.c:437:20: branch_false: ...to here
sudo-1.9.17p2/lib/util/getentropy.c:437:12: branch_false: following 'false' branch...
sudo-1.9.17p2/lib/util/getentropy.c:439:22: branch_false: ...to here
sudo-1.9.17p2/lib/util/getentropy.c:440:12: branch_false: following 'false' branch...
sudo-1.9.17p2/lib/util/getentropy.c:440:43: branch_false: ...to here
sudo-1.9.17p2/lib/util/getentropy.c:440:43: acquire_memory: allocated here
sudo-1.9.17p2/lib/util/getentropy.c:440:13: branch_false: following 'false' branch (when 'results' is non-NULL)...
sudo-1.9.17p2/lib/util/getentropy.c:443:15: branch_false: ...to here
sudo-1.9.17p2/lib/util/getentropy.c:455:29: branch_true: following 'true' branch (when 'repeat > j')...
sudo-1.9.17p2/lib/util/getentropy.c:456:25: branch_true: ...to here
sudo-1.9.17p2/lib/util/getentropy.c:466:38: branch_true: following 'true' branch (when 'ii != 6')...
sudo-1.9.17p2/lib/util/getentropy.c:467:33: branch_true: ...to here
sudo-1.9.17p2/lib/util/getentropy.c:467:33: branch_true: following 'true' branch...
sudo-1.9.17p2/lib/util/getentropy.c:467:33: branch_true: ...to here
sudo-1.9.17p2/lib/util/getentropy.c:467:33: danger: 'results' leaks here; was allocated at [(9)](sarif:/runs/0/results/3/codeFlows/0/threadFlows/0/locations/8)
#  465|   #ifdef HAVE_CLOCK_GETTIME
#  466|   			for (ii = 0; ii < sizeof(cl)/sizeof(cl[0]); ii++)
#  467|-> 				HX(clock_gettime(cl[ii], &ts) == -1, ts);
#  468|   #endif /* HAVE_CLOCK_GETTIME */
#  469|   

Error: GCC_ANALYZER_WARNING (CWE-401): [#def36]
sudo-1.9.17p2/lib/util/getentropy.c:470:25: warning[-Wanalyzer-malloc-leak]: leak of 'results'
sudo-1.9.17p2/lib/util/getentropy.c:432:12: branch_false: following 'false' branch (when 'len != 0')...
sudo-1.9.17p2/lib/util/getentropy.c:434:23: branch_false: ...to here
sudo-1.9.17p2/lib/util/getentropy.c:435:12: branch_false: following 'false' branch (when 'pgs != 18446744073709551615')...
sudo-1.9.17p2/lib/util/getentropy.c:437:20: branch_false: ...to here
sudo-1.9.17p2/lib/util/getentropy.c:437:12: branch_false: following 'false' branch...
sudo-1.9.17p2/lib/util/getentropy.c:439:22: branch_false: ...to here
sudo-1.9.17p2/lib/util/getentropy.c:440:12: branch_false: following 'false' branch...
sudo-1.9.17p2/lib/util/getentropy.c:440:43: branch_false: ...to here
sudo-1.9.17p2/lib/util/getentropy.c:440:43: acquire_memory: allocated here
sudo-1.9.17p2/lib/util/getentropy.c:440:13: branch_false: following 'false' branch (when 'results' is non-NULL)...
sudo-1.9.17p2/lib/util/getentropy.c:443:15: branch_false: ...to here
sudo-1.9.17p2/lib/util/getentropy.c:455:29: branch_true: following 'true' branch (when 'repeat > j')...
sudo-1.9.17p2/lib/util/getentropy.c:456:25: branch_true: ...to here
sudo-1.9.17p2/lib/util/getentropy.c:466:38: branch_true: following 'true' branch (when 'ii != 6')...
sudo-1.9.17p2/lib/util/getentropy.c:467:33: branch_true: ...to here
sudo-1.9.17p2/lib/util/getentropy.c:470:25: branch_true: following 'true' branch...
sudo-1.9.17p2/lib/util/getentropy.c:470:25: branch_true: ...to here
sudo-1.9.17p2/lib/util/getentropy.c:470:25: danger: 'results' leaks here; was allocated at [(9)](sarif:/runs/0/results/5/codeFlows/0/threadFlows/0/locations/8)
#  468|   #endif /* HAVE_CLOCK_GETTIME */
#  469|   
#  470|-> 			HX((pid = getpid()) == -1, pid);
#  471|   			HX((pid = getsid(pid)) == -1, pid);
#  472|   			HX((pid = getppid()) == -1, pid);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def37]
sudo-1.9.17p2/lib/util/getentropy.c:471:25: warning[-Wanalyzer-malloc-leak]: leak of 'results'
sudo-1.9.17p2/lib/util/getentropy.c:432:12: branch_false: following 'false' branch (when 'len != 0')...
sudo-1.9.17p2/lib/util/getentropy.c:434:23: branch_false: ...to here
sudo-1.9.17p2/lib/util/getentropy.c:435:12: branch_false: following 'false' branch (when 'pgs != 18446744073709551615')...
sudo-1.9.17p2/lib/util/getentropy.c:437:20: branch_false: ...to here
sudo-1.9.17p2/lib/util/getentropy.c:437:12: branch_false: following 'false' branch...
sudo-1.9.17p2/lib/util/getentropy.c:439:22: branch_false: ...to here
sudo-1.9.17p2/lib/util/getentropy.c:440:12: branch_false: following 'false' branch...
sudo-1.9.17p2/lib/util/getentropy.c:440:43: branch_false: ...to here
sudo-1.9.17p2/lib/util/getentropy.c:440:43: acquire_memory: allocated here
sudo-1.9.17p2/lib/util/getentropy.c:440:13: branch_false: following 'false' branch (when 'results' is non-NULL)...
sudo-1.9.17p2/lib/util/getentropy.c:443:15: branch_false: ...to here
sudo-1.9.17p2/lib/util/getentropy.c:455:29: branch_true: following 'true' branch (when 'repeat > j')...
sudo-1.9.17p2/lib/util/getentropy.c:456:25: branch_true: ...to here
sudo-1.9.17p2/lib/util/getentropy.c:466:38: branch_true: following 'true' branch (when 'ii != 6')...
sudo-1.9.17p2/lib/util/getentropy.c:467:33: branch_true: ...to here
sudo-1.9.17p2/lib/util/getentropy.c:471:25: branch_true: following 'true' branch...
sudo-1.9.17p2/lib/util/getentropy.c:471:25: branch_true: ...to here
sudo-1.9.17p2/lib/util/getentropy.c:471:25: danger: 'results' leaks here; was allocated at [(9)](sarif:/runs/0/results/7/codeFlows/0/threadFlows/0/locations/8)
#  469|   
#  470|   			HX((pid = getpid()) == -1, pid);
#  471|-> 			HX((pid = getsid(pid)) == -1, pid);
#  472|   			HX((pid = getppid()) == -1, pid);
#  473|   			HX((pid = getpgrp()) == -1, pid);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def38]
sudo-1.9.17p2/lib/util/getentropy.c:472:25: warning[-Wanalyzer-malloc-leak]: leak of 'results'
sudo-1.9.17p2/lib/util/getentropy.c:432:12: branch_false: following 'false' branch (when 'len != 0')...
sudo-1.9.17p2/lib/util/getentropy.c:434:23: branch_false: ...to here
sudo-1.9.17p2/lib/util/getentropy.c:435:12: branch_false: following 'false' branch (when 'pgs != 18446744073709551615')...
sudo-1.9.17p2/lib/util/getentropy.c:437:20: branch_false: ...to here
sudo-1.9.17p2/lib/util/getentropy.c:437:12: branch_false: following 'false' branch...
sudo-1.9.17p2/lib/util/getentropy.c:439:22: branch_false: ...to here
sudo-1.9.17p2/lib/util/getentropy.c:440:12: branch_false: following 'false' branch...
sudo-1.9.17p2/lib/util/getentropy.c:440:43: branch_false: ...to here
sudo-1.9.17p2/lib/util/getentropy.c:440:43: acquire_memory: allocated here
sudo-1.9.17p2/lib/util/getentropy.c:440:13: branch_false: following 'false' branch (when 'results' is non-NULL)...
sudo-1.9.17p2/lib/util/getentropy.c:443:15: branch_false: ...to here
sudo-1.9.17p2/lib/util/getentropy.c:455:29: branch_true: following 'true' branch (when 'repeat > j')...
sudo-1.9.17p2/lib/util/getentropy.c:456:25: branch_true: ...to here
sudo-1.9.17p2/lib/util/getentropy.c:466:38: branch_true: following 'true' branch (when 'ii != 6')...
sudo-1.9.17p2/lib/util/getentropy.c:467:33: branch_true: ...to here
sudo-1.9.17p2/lib/util/getentropy.c:472:25: branch_true: following 'true' branch...
sudo-1.9.17p2/lib/util/getentropy.c:472:25: branch_true: ...to here
sudo-1.9.17p2/lib/util/getentropy.c:472:25: danger: 'results' leaks here; was allocated at [(9)](sarif:/runs/0/results/9/codeFlows/0/threadFlows/0/locations/8)
#  470|   			HX((pid = getpid()) == -1, pid);
#  471|   			HX((pid = getsid(pid)) == -1, pid);
#  472|-> 			HX((pid = getppid()) == -1, pid);
#  473|   			HX((pid = getpgrp()) == -1, pid);
#  474|   			HX((e = getpriority(0, 0)) == -1, e);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def39]
sudo-1.9.17p2/lib/util/getentropy.c:473:25: warning[-Wanalyzer-malloc-leak]: leak of 'results'
sudo-1.9.17p2/lib/util/getentropy.c:432:12: branch_false: following 'false' branch (when 'len != 0')...
sudo-1.9.17p2/lib/util/getentropy.c:434:23: branch_false: ...to here
sudo-1.9.17p2/lib/util/getentropy.c:435:12: branch_false: following 'false' branch (when 'pgs != 18446744073709551615')...
sudo-1.9.17p2/lib/util/getentropy.c:437:20: branch_false: ...to here
sudo-1.9.17p2/lib/util/getentropy.c:437:12: branch_false: following 'false' branch...
sudo-1.9.17p2/lib/util/getentropy.c:439:22: branch_false: ...to here
sudo-1.9.17p2/lib/util/getentropy.c:440:12: branch_false: following 'false' branch...
sudo-1.9.17p2/lib/util/getentropy.c:440:43: branch_false: ...to here
sudo-1.9.17p2/lib/util/getentropy.c:440:43: acquire_memory: allocated here
sudo-1.9.17p2/lib/util/getentropy.c:440:13: branch_false: following 'false' branch (when 'results' is non-NULL)...
sudo-1.9.17p2/lib/util/getentropy.c:443:15: branch_false: ...to here
sudo-1.9.17p2/lib/util/getentropy.c:455:29: branch_true: following 'true' branch (when 'repeat > j')...
sudo-1.9.17p2/lib/util/getentropy.c:456:25: branch_true: ...to here
sudo-1.9.17p2/lib/util/getentropy.c:466:38: branch_true: following 'true' branch (when 'ii != 6')...
sudo-1.9.17p2/lib/util/getentropy.c:467:33: branch_true: ...to here
sudo-1.9.17p2/lib/util/getentropy.c:473:25: branch_true: following 'true' branch...
sudo-1.9.17p2/lib/util/getentropy.c:473:25: branch_true: ...to here
sudo-1.9.17p2/lib/util/getentropy.c:473:25: danger: 'results' leaks here; was allocated at [(9)](sarif:/runs/0/results/11/codeFlows/0/threadFlows/0/locations/8)
#  471|   			HX((pid = getsid(pid)) == -1, pid);
#  472|   			HX((pid = getppid()) == -1, pid);
#  473|-> 			HX((pid = getpgrp()) == -1, pid);
#  474|   			HX((e = getpriority(0, 0)) == -1, e);
#  475|   

Error: GCC_ANALYZER_WARNING (CWE-401): [#def40]
sudo-1.9.17p2/lib/util/getentropy.c:474:25: warning[-Wanalyzer-malloc-leak]: leak of 'results'
sudo-1.9.17p2/lib/util/getentropy.c:432:12: branch_false: following 'false' branch (when 'len != 0')...
sudo-1.9.17p2/lib/util/getentropy.c:434:23: branch_false: ...to here
sudo-1.9.17p2/lib/util/getentropy.c:435:12: branch_false: following 'false' branch (when 'pgs != 18446744073709551615')...
sudo-1.9.17p2/lib/util/getentropy.c:437:20: branch_false: ...to here
sudo-1.9.17p2/lib/util/getentropy.c:437:12: branch_false: following 'false' branch...
sudo-1.9.17p2/lib/util/getentropy.c:439:22: branch_false: ...to here
sudo-1.9.17p2/lib/util/getentropy.c:440:12: branch_false: following 'false' branch...
sudo-1.9.17p2/lib/util/getentropy.c:440:43: branch_false: ...to here
sudo-1.9.17p2/lib/util/getentropy.c:440:43: acquire_memory: allocated here
sudo-1.9.17p2/lib/util/getentropy.c:440:13: branch_false: following 'false' branch (when 'results' is non-NULL)...
sudo-1.9.17p2/lib/util/getentropy.c:443:15: branch_false: ...to here
sudo-1.9.17p2/lib/util/getentropy.c:455:29: branch_true: following 'true' branch (when 'repeat > j')...
sudo-1.9.17p2/lib/util/getentropy.c:456:25: branch_true: ...to here
sudo-1.9.17p2/lib/util/getentropy.c:466:38: branch_true: following 'true' branch (when 'ii != 6')...
sudo-1.9.17p2/lib/util/getentropy.c:467:33: branch_true: ...to here
sudo-1.9.17p2/lib/util/getentropy.c:474:25: branch_true: following 'true' branch...
sudo-1.9.17p2/lib/util/getentropy.c:474:25: branch_true: ...to here
sudo-1.9.17p2/lib/util/getentropy.c:474:25: danger: 'results' leaks here; was allocated at [(9)](sarif:/runs/0/results/13/codeFlows/0/threadFlows/0/locations/8)
#  472|   			HX((pid = getppid()) == -1, pid);
#  473|   			HX((pid = getpgrp()) == -1, pid);
#  474|-> 			HX((e = getpriority(0, 0)) == -1, e);
#  475|   
#  476|   			if (!faster) {

Error: GCC_ANALYZER_WARNING (CWE-401): [#def41]
sudo-1.9.17p2/lib/util/getentropy.c:479:40: warning[-Wanalyzer-malloc-leak]: leak of 'results'
sudo-1.9.17p2/lib/util/getentropy.c:432:12: branch_false: following 'false' branch (when 'len != 0')...
sudo-1.9.17p2/lib/util/getentropy.c:434:23: branch_false: ...to here
sudo-1.9.17p2/lib/util/getentropy.c:435:12: branch_false: following 'false' branch (when 'pgs != 18446744073709551615')...
sudo-1.9.17p2/lib/util/getentropy.c:437:20: branch_false: ...to here
sudo-1.9.17p2/lib/util/getentropy.c:437:12: branch_false: following 'false' branch...
sudo-1.9.17p2/lib/util/getentropy.c:439:22: branch_false: ...to here
sudo-1.9.17p2/lib/util/getentropy.c:440:12: branch_false: following 'false' branch...
sudo-1.9.17p2/lib/util/getentropy.c:440:43: branch_false: ...to here
sudo-1.9.17p2/lib/util/getentropy.c:440:43: acquire_memory: allocated here
sudo-1.9.17p2/lib/util/getentropy.c:440:13: branch_false: following 'false' branch (when 'results' is non-NULL)...
sudo-1.9.17p2/lib/util/getentropy.c:443:15: branch_false: ...to here
sudo-1.9.17p2/lib/util/getentropy.c:455:29: branch_true: following 'true' branch (when 'repeat > j')...
sudo-1.9.17p2/lib/util/getentropy.c:456:25: branch_true: ...to here
sudo-1.9.17p2/lib/util/getentropy.c:466:38: branch_true: following 'true' branch (when 'ii != 6')...
sudo-1.9.17p2/lib/util/getentropy.c:467:33: branch_true: ...to here
sudo-1.9.17p2/lib/util/getentropy.c:476:28: branch_true: following 'true' branch (when 'faster == 0')...
sudo-1.9.17p2/lib/util/getentropy.c:477:33: branch_true: ...to here
sudo-1.9.17p2/lib/util/getentropy.c:479:40: danger: 'results' leaks here; was allocated at [(9)](sarif:/runs/0/results/15/codeFlows/0/threadFlows/0/locations/8)
#  477|   				ts.tv_sec = 0;
#  478|   				ts.tv_nsec = 1;
#  479|-> 				(void) nanosleep(&ts, NULL);
#  480|   			}
#  481|   

Error: GCC_ANALYZER_WARNING (CWE-401): [#def42]
sudo-1.9.17p2/lib/util/getentropy.c:482:25: warning[-Wanalyzer-malloc-leak]: leak of 'results'
sudo-1.9.17p2/lib/util/getentropy.c:432:12: branch_false: following 'false' branch (when 'len != 0')...
sudo-1.9.17p2/lib/util/getentropy.c:434:23: branch_false: ...to here
sudo-1.9.17p2/lib/util/getentropy.c:435:12: branch_false: following 'false' branch (when 'pgs != 18446744073709551615')...
sudo-1.9.17p2/lib/util/getentropy.c:437:20: branch_false: ...to here
sudo-1.9.17p2/lib/util/getentropy.c:437:12: branch_false: following 'false' branch...
sudo-1.9.17p2/lib/util/getentropy.c:439:22: branch_false: ...to here
sudo-1.9.17p2/lib/util/getentropy.c:440:12: branch_false: following 'false' branch...
sudo-1.9.17p2/lib/util/getentropy.c:440:43: branch_false: ...to here
sudo-1.9.17p2/lib/util/getentropy.c:440:43: acquire_memory: allocated here
sudo-1.9.17p2/lib/util/getentropy.c:440:13: branch_false: following 'false' branch (when 'results' is non-NULL)...
sudo-1.9.17p2/lib/util/getentropy.c:443:15: branch_false: ...to here
sudo-1.9.17p2/lib/util/getentropy.c:455:29: branch_true: following 'true' branch (when 'repeat > j')...
sudo-1.9.17p2/lib/util/getentropy.c:456:25: branch_true: ...to here
sudo-1.9.17p2/lib/util/getentropy.c:466:38: branch_true: following 'true' branch (when 'ii != 6')...
sudo-1.9.17p2/lib/util/getentropy.c:467:33: branch_true: ...to here
sudo-1.9.17p2/lib/util/getentropy.c:482:25: branch_true: following 'true' branch...
sudo-1.9.17p2/lib/util/getentropy.c:482:25: branch_true: ...to here
sudo-1.9.17p2/lib/util/getentropy.c:482:25: danger: 'results' leaks here; was allocated at [(9)](sarif:/runs/0/results/16/codeFlows/0/threadFlows/0/locations/8)
#  480|   			}
#  481|   
#  482|-> 			HX(sigpending(&set) == -1, set);
#  483|   			HX(sigprocmask(SIG_BLOCK, NULL, &set) == -1, set);
#  484|   

Error: GCC_ANALYZER_WARNING (CWE-401): [#def43]
sudo-1.9.17p2/lib/util/getentropy.c:483:25: warning[-Wanalyzer-malloc-leak]: leak of 'results'
sudo-1.9.17p2/lib/util/getentropy.c:432:12: branch_false: following 'false' branch (when 'len != 0')...
sudo-1.9.17p2/lib/util/getentropy.c:434:23: branch_false: ...to here
sudo-1.9.17p2/lib/util/getentropy.c:435:12: branch_false: following 'false' branch (when 'pgs != 18446744073709551615')...
sudo-1.9.17p2/lib/util/getentropy.c:437:20: branch_false: ...to here
sudo-1.9.17p2/lib/util/getentropy.c:437:12: branch_false: following 'false' branch...
sudo-1.9.17p2/lib/util/getentropy.c:439:22: branch_false: ...to here
sudo-1.9.17p2/lib/util/getentropy.c:440:12: branch_false: following 'false' branch...
sudo-1.9.17p2/lib/util/getentropy.c:440:43: branch_false: ...to here
sudo-1.9.17p2/lib/util/getentropy.c:440:43: acquire_memory: allocated here
sudo-1.9.17p2/lib/util/getentropy.c:440:13: branch_false: following 'false' branch (when 'results' is non-NULL)...
sudo-1.9.17p2/lib/util/getentropy.c:443:15: branch_false: ...to here
sudo-1.9.17p2/lib/util/getentropy.c:455:29: branch_true: following 'true' branch (when 'repeat > j')...
sudo-1.9.17p2/lib/util/getentropy.c:456:25: branch_true: ...to here
sudo-1.9.17p2/lib/util/getentropy.c:466:38: branch_true: following 'true' branch (when 'ii != 6')...
sudo-1.9.17p2/lib/util/getentropy.c:467:33: branch_true: ...to here
sudo-1.9.17p2/lib/util/getentropy.c:483:25: branch_true: following 'true' branch...
sudo-1.9.17p2/lib/util/getentropy.c:483:25: branch_true: ...to here
sudo-1.9.17p2/lib/util/getentropy.c:483:25: danger: 'results' leaks here; was allocated at [(9)](sarif:/runs/0/results/18/codeFlows/0/threadFlows/0/locations/8)
#  481|   
#  482|   			HX(sigpending(&set) == -1, set);
#  483|-> 			HX(sigprocmask(SIG_BLOCK, NULL, &set) == -1, set);
#  484|   
#  485|   			HF(sudo_getentropy);	/* an addr in this library */

Error: GCC_ANALYZER_WARNING (CWE-401): [#def44]
sudo-1.9.17p2/lib/util/getentropy.c:485:25: warning[-Wanalyzer-malloc-leak]: leak of 'results'
sudo-1.9.17p2/lib/util/getentropy.c:432:12: branch_false: following 'false' branch (when 'len != 0')...
sudo-1.9.17p2/lib/util/getentropy.c:434:23: branch_false: ...to here
sudo-1.9.17p2/lib/util/getentropy.c:435:12: branch_false: following 'false' branch (when 'pgs != 18446744073709551615')...
sudo-1.9.17p2/lib/util/getentropy.c:437:20: branch_false: ...to here
sudo-1.9.17p2/lib/util/getentropy.c:437:12: branch_false: following 'false' branch...
sudo-1.9.17p2/lib/util/getentropy.c:439:22: branch_false: ...to here
sudo-1.9.17p2/lib/util/getentropy.c:440:12: branch_false: following 'false' branch...
sudo-1.9.17p2/lib/util/getentropy.c:440:43: branch_false: ...to here
sudo-1.9.17p2/lib/util/getentropy.c:440:43: acquire_memory: allocated here
sudo-1.9.17p2/lib/util/getentropy.c:440:13: branch_false: following 'false' branch (when 'results' is non-NULL)...
sudo-1.9.17p2/lib/util/getentropy.c:443:15: branch_false: ...to here
sudo-1.9.17p2/lib/util/getentropy.c:455:29: branch_true: following 'true' branch (when 'repeat > j')...
sudo-1.9.17p2/lib/util/getentropy.c:456:25: branch_true: ...to here
sudo-1.9.17p2/lib/util/getentropy.c:466:38: branch_true: following 'true' branch (when 'ii != 6')...
sudo-1.9.17p2/lib/util/getentropy.c:467:33: branch_true: ...to here
sudo-1.9.17p2/lib/util/getentropy.c:485:25: danger: 'results' leaks here; was allocated at [(9)](sarif:/runs/0/results/20/codeFlows/0/threadFlows/0/locations/8)
#  483|   			HX(sigprocmask(SIG_BLOCK, NULL, &set) == -1, set);
#  484|   
#  485|-> 			HF(sudo_getentropy);	/* an addr in this library */
#  486|   			HF(printf);		/* an addr in libc */
#  487|   			p = (char *)&p;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def45]
sudo-1.9.17p2/lib/util/getentropy.c:486:25: warning[-Wanalyzer-malloc-leak]: leak of 'results'
sudo-1.9.17p2/lib/util/getentropy.c:432:12: branch_false: following 'false' branch (when 'len != 0')...
sudo-1.9.17p2/lib/util/getentropy.c:434:23: branch_false: ...to here
sudo-1.9.17p2/lib/util/getentropy.c:435:12: branch_false: following 'false' branch (when 'pgs != 18446744073709551615')...
sudo-1.9.17p2/lib/util/getentropy.c:437:20: branch_false: ...to here
sudo-1.9.17p2/lib/util/getentropy.c:437:12: branch_false: following 'false' branch...
sudo-1.9.17p2/lib/util/getentropy.c:439:22: branch_false: ...to here
sudo-1.9.17p2/lib/util/getentropy.c:440:12: branch_false: following 'false' branch...
sudo-1.9.17p2/lib/util/getentropy.c:440:43: branch_false: ...to here
sudo-1.9.17p2/lib/util/getentropy.c:440:43: acquire_memory: allocated here
sudo-1.9.17p2/lib/util/getentropy.c:440:13: branch_false: following 'false' branch (when 'results' is non-NULL)...
sudo-1.9.17p2/lib/util/getentropy.c:443:15: branch_false: ...to here
sudo-1.9.17p2/lib/util/getentropy.c:455:29: branch_true: following 'true' branch (when 'repeat > j')...
sudo-1.9.17p2/lib/util/getentropy.c:456:25: branch_true: ...to here
sudo-1.9.17p2/lib/util/getentropy.c:466:38: branch_true: following 'true' branch (when 'ii != 6')...
sudo-1.9.17p2/lib/util/getentropy.c:467:33: branch_true: ...to here
sudo-1.9.17p2/lib/util/getentropy.c:486:25: danger: 'results' leaks here; was allocated at [(9)](sarif:/runs/0/results/21/codeFlows/0/threadFlows/0/locations/8)
#  484|   
#  485|   			HF(sudo_getentropy);	/* an addr in this library */
#  486|-> 			HF(printf);		/* an addr in libc */
#  487|   			p = (char *)&p;
#  488|   			HD(p);		/* an addr on stack */

Error: GCC_ANALYZER_WARNING (CWE-401): [#def46]
sudo-1.9.17p2/lib/util/getentropy.c:488:25: warning[-Wanalyzer-malloc-leak]: leak of 'results'
sudo-1.9.17p2/lib/util/getentropy.c:432:12: branch_false: following 'false' branch (when 'len != 0')...
sudo-1.9.17p2/lib/util/getentropy.c:434:23: branch_false: ...to here
sudo-1.9.17p2/lib/util/getentropy.c:435:12: branch_false: following 'false' branch (when 'pgs != 18446744073709551615')...
sudo-1.9.17p2/lib/util/getentropy.c:437:20: branch_false: ...to here
sudo-1.9.17p2/lib/util/getentropy.c:437:12: branch_false: following 'false' branch...
sudo-1.9.17p2/lib/util/getentropy.c:439:22: branch_false: ...to here
sudo-1.9.17p2/lib/util/getentropy.c:440:12: branch_false: following 'false' branch...
sudo-1.9.17p2/lib/util/getentropy.c:440:43: branch_false: ...to here
sudo-1.9.17p2/lib/util/getentropy.c:440:43: acquire_memory: allocated here
sudo-1.9.17p2/lib/util/getentropy.c:440:13: branch_false: following 'false' branch (when 'results' is non-NULL)...
sudo-1.9.17p2/lib/util/getentropy.c:443:15: branch_false: ...to here
sudo-1.9.17p2/lib/util/getentropy.c:455:29: branch_true: following 'true' branch (when 'repeat > j')...
sudo-1.9.17p2/lib/util/getentropy.c:456:25: branch_true: ...to here
sudo-1.9.17p2/lib/util/getentropy.c:466:38: branch_true: following 'true' branch (when 'ii != 6')...
sudo-1.9.17p2/lib/util/getentropy.c:467:33: branch_true: ...to here
sudo-1.9.17p2/lib/util/getentropy.c:488:25: danger: 'results' leaks here; was allocated at [(9)](sarif:/runs/0/results/22/codeFlows/0/threadFlows/0/locations/8)
#  486|   			HF(printf);		/* an addr in libc */
#  487|   			p = (char *)&p;
#  488|-> 			HD(p);		/* an addr on stack */
#  489|   			p = (char *)&errno;
#  490|   			HD(p);		/* the addr of errno */

Error: GCC_ANALYZER_WARNING (CWE-401): [#def47]
sudo-1.9.17p2/lib/util/getentropy.c:490:25: warning[-Wanalyzer-malloc-leak]: leak of 'results'
sudo-1.9.17p2/lib/util/getentropy.c:432:12: branch_false: following 'false' branch (when 'len != 0')...
sudo-1.9.17p2/lib/util/getentropy.c:434:23: branch_false: ...to here
sudo-1.9.17p2/lib/util/getentropy.c:435:12: branch_false: following 'false' branch (when 'pgs != 18446744073709551615')...
sudo-1.9.17p2/lib/util/getentropy.c:437:20: branch_false: ...to here
sudo-1.9.17p2/lib/util/getentropy.c:437:12: branch_false: following 'false' branch...
sudo-1.9.17p2/lib/util/getentropy.c:439:22: branch_false: ...to here
sudo-1.9.17p2/lib/util/getentropy.c:440:12: branch_false: following 'false' branch...
sudo-1.9.17p2/lib/util/getentropy.c:440:43: branch_false: ...to here
sudo-1.9.17p2/lib/util/getentropy.c:440:43: acquire_memory: allocated here
sudo-1.9.17p2/lib/util/getentropy.c:440:13: branch_false: following 'false' branch (when 'results' is non-NULL)...
sudo-1.9.17p2/lib/util/getentropy.c:443:15: branch_false: ...to here
sudo-1.9.17p2/lib/util/getentropy.c:455:29: branch_true: following 'true' branch (when 'repeat > j')...
sudo-1.9.17p2/lib/util/getentropy.c:456:25: branch_true: ...to here
sudo-1.9.17p2/lib/util/getentropy.c:466:38: branch_true: following 'true' branch (when 'ii != 6')...
sudo-1.9.17p2/lib/util/getentropy.c:467:33: branch_true: ...to here
sudo-1.9.17p2/lib/util/getentropy.c:490:25: danger: 'results' leaks here; was allocated at [(9)](sarif:/runs/0/results/23/codeFlows/0/threadFlows/0/locations/8)
#  488|   			HD(p);		/* an addr on stack */
#  489|   			p = (char *)&errno;
#  490|-> 			HD(p);		/* the addr of errno */
#  491|   
#  492|   			if (i == 0) {

Error: GCC_ANALYZER_WARNING (CWE-401): [#def48]
sudo-1.9.17p2/lib/util/getentropy.c:516:41: warning[-Wanalyzer-malloc-leak]: leak of 'results'
sudo-1.9.17p2/lib/util/getentropy.c:432:12: branch_false: following 'false' branch (when 'len != 0')...
sudo-1.9.17p2/lib/util/getentropy.c:434:23: branch_false: ...to here
sudo-1.9.17p2/lib/util/getentropy.c:435:12: branch_false: following 'false' branch (when 'pgs != 18446744073709551615')...
sudo-1.9.17p2/lib/util/getentropy.c:437:20: branch_false: ...to here
sudo-1.9.17p2/lib/util/getentropy.c:437:12: branch_false: following 'false' branch...
sudo-1.9.17p2/lib/util/getentropy.c:439:22: branch_false: ...to here
sudo-1.9.17p2/lib/util/getentropy.c:440:12: branch_false: following 'false' branch...
sudo-1.9.17p2/lib/util/getentropy.c:440:43: branch_false: ...to here
sudo-1.9.17p2/lib/util/getentropy.c:440:43: acquire_memory: allocated here
sudo-1.9.17p2/lib/util/getentropy.c:440:13: branch_false: following 'false' branch (when 'results' is non-NULL)...
sudo-1.9.17p2/lib/util/getentropy.c:443:15: branch_false: ...to here
sudo-1.9.17p2/lib/util/getentropy.c:455:29: branch_true: following 'true' branch (when 'repeat > j')...
sudo-1.9.17p2/lib/util/getentropy.c:456:25: branch_true: ...to here
sudo-1.9.17p2/lib/util/getentropy.c:466:38: branch_true: following 'true' branch (when 'ii != 6')...
sudo-1.9.17p2/lib/util/getentropy.c:467:33: branch_true: ...to here
sudo-1.9.17p2/lib/util/getentropy.c:492:28: branch_true: following 'true' branch (when 'i == 0')...
sudo-1.9.17p2/lib/util/getentropy.c:506:35: branch_true: ...to here
sudo-1.9.17p2/lib/util/getentropy.c:515:45: branch_true: following 'true' branch (when 'm != 12')...
sudo-1.9.17p2/lib/util/getentropy.c:516:41: branch_true: ...to here
sudo-1.9.17p2/lib/util/getentropy.c:516:41: branch_true: following 'true' branch...
sudo-1.9.17p2/lib/util/getentropy.c:516:41: branch_true: ...to here
sudo-1.9.17p2/lib/util/getentropy.c:516:41: danger: 'results' leaks here; was allocated at [(9)](sarif:/runs/0/results/24/codeFlows/0/threadFlows/0/locations/8)
#  514|   
#  515|   				for (m = 0; m < sizeof mm/sizeof(mm[0]); m++) {
#  516|-> 					HX(mm[m].p = mmap_anon(NULL,
#  517|   					    mm[m].npg * pgs,
#  518|   					    PROT_READ|PROT_WRITE,

Error: GCC_ANALYZER_WARNING (CWE-401): [#def49]
sudo-1.9.17p2/lib/util/getentropy.c:536:49: warning[-Wanalyzer-malloc-leak]: leak of 'results'
sudo-1.9.17p2/lib/util/getentropy.c:432:12: branch_false: following 'false' branch (when 'len != 0')...
sudo-1.9.17p2/lib/util/getentropy.c:434:23: branch_false: ...to here
sudo-1.9.17p2/lib/util/getentropy.c:435:12: branch_false: following 'false' branch (when 'pgs != 18446744073709551615')...
sudo-1.9.17p2/lib/util/getentropy.c:437:20: branch_false: ...to here
sudo-1.9.17p2/lib/util/getentropy.c:437:12: branch_false: following 'false' branch...
sudo-1.9.17p2/lib/util/getentropy.c:439:22: branch_false: ...to here
sudo-1.9.17p2/lib/util/getentropy.c:440:12: branch_false: following 'false' branch...
sudo-1.9.17p2/lib/util/getentropy.c:440:43: branch_false: ...to here
sudo-1.9.17p2/lib/util/getentropy.c:440:43: acquire_memory: allocated here
sudo-1.9.17p2/lib/util/getentropy.c:440:13: branch_false: following 'false' branch (when 'results' is non-NULL)...
sudo-1.9.17p2/lib/util/getentropy.c:443:15: branch_false: ...to here
sudo-1.9.17p2/lib/util/getentropy.c:455:29: branch_true: following 'true' branch (when 'repeat > j')...
sudo-1.9.17p2/lib/util/getentropy.c:456:25: branch_true: ...to here
sudo-1.9.17p2/lib/util/getentropy.c:466:38: branch_true: following 'true' branch (when 'ii != 6')...
sudo-1.9.17p2/lib/util/getentropy.c:467:33: branch_true: ...to here
sudo-1.9.17p2/lib/util/getentropy.c:492:28: branch_true: following 'true' branch (when 'i == 0')...
sudo-1.9.17p2/lib/util/getentropy.c:506:35: branch_true: ...to here
sudo-1.9.17p2/lib/util/getentropy.c:515:45: branch_true: following 'true' branch (when 'm != 12')...
sudo-1.9.17p2/lib/util/getentropy.c:516:41: branch_true: ...to here
sudo-1.9.17p2/lib/util/getentropy.c:534:54: branch_true: following 'true' branch (when 'ii != 6')...
sudo-1.9.17p2/lib/util/getentropy.c:536:49: branch_true: ...to here
sudo-1.9.17p2/lib/util/getentropy.c:536:49: branch_true: following 'true' branch...
sudo-1.9.17p2/lib/util/getentropy.c:536:49: branch_true: ...to here
sudo-1.9.17p2/lib/util/getentropy.c:536:49: danger: 'results' leaks here; was allocated at [(9)](sarif:/runs/0/results/26/codeFlows/0/threadFlows/0/locations/8)
#  534|   					for (ii = 0; ii < sizeof(cl)/sizeof(cl[0]);
#  535|   					    ii++) {
#  536|-> 						HX((e = clock_gettime(cl[ii],
#  537|   						    &ts)) == -1, ts);
#  538|   						if (e != -1)

Error: GCC_ANALYZER_WARNING (CWE-401): [#def50]
sudo-1.9.17p2/lib/util/getentropy.c:543:41: warning[-Wanalyzer-malloc-leak]: leak of 'results'
sudo-1.9.17p2/lib/util/getentropy.c:432:12: branch_false: following 'false' branch (when 'len != 0')...
sudo-1.9.17p2/lib/util/getentropy.c:434:23: branch_false: ...to here
sudo-1.9.17p2/lib/util/getentropy.c:435:12: branch_false: following 'false' branch (when 'pgs != 18446744073709551615')...
sudo-1.9.17p2/lib/util/getentropy.c:437:20: branch_false: ...to here
sudo-1.9.17p2/lib/util/getentropy.c:437:12: branch_false: following 'false' branch...
sudo-1.9.17p2/lib/util/getentropy.c:439:22: branch_false: ...to here
sudo-1.9.17p2/lib/util/getentropy.c:440:12: branch_false: following 'false' branch...
sudo-1.9.17p2/lib/util/getentropy.c:440:43: branch_false: ...to here
sudo-1.9.17p2/lib/util/getentropy.c:440:43: acquire_memory: allocated here
sudo-1.9.17p2/lib/util/getentropy.c:440:13: branch_false: following 'false' branch (when 'results' is non-NULL)...
sudo-1.9.17p2/lib/util/getentropy.c:443:15: branch_false: ...to here
sudo-1.9.17p2/lib/util/getentropy.c:455:29: branch_true: following 'true' branch (when 'repeat > j')...
sudo-1.9.17p2/lib/util/getentropy.c:456:25: branch_true: ...to here
sudo-1.9.17p2/lib/util/getentropy.c:466:38: branch_true: following 'true' branch (when 'ii != 6')...
sudo-1.9.17p2/lib/util/getentropy.c:467:33: branch_true: ...to here
sudo-1.9.17p2/lib/util/getentropy.c:492:28: branch_true: following 'true' branch (when 'i == 0')...
sudo-1.9.17p2/lib/util/getentropy.c:506:35: branch_true: ...to here
sudo-1.9.17p2/lib/util/getentropy.c:515:45: branch_true: following 'true' branch (when 'm != 12')...
sudo-1.9.17p2/lib/util/getentropy.c:516:41: branch_true: ...to here
sudo-1.9.17p2/lib/util/getentropy.c:534:54: branch_true: following 'true' branch (when 'ii != 6')...
sudo-1.9.17p2/lib/util/getentropy.c:536:49: branch_true: ...to here
sudo-1.9.17p2/lib/util/getentropy.c:543:41: branch_true: following 'true' branch...
sudo-1.9.17p2/lib/util/getentropy.c:543:41: branch_true: ...to here
sudo-1.9.17p2/lib/util/getentropy.c:543:41: danger: 'results' leaks here; was allocated at [(9)](sarif:/runs/0/results/28/codeFlows/0/threadFlows/0/locations/8)
#  541|   #endif /* HAVE_CLOCK_GETTIME */
#  542|   
#  543|-> 					HX((e = getrusage(RUSAGE_SELF,
#  544|   					    &ru)) == -1, ru);
#  545|   					if (e != -1) {

Error: GCC_ANALYZER_WARNING (CWE-401): [#def51]
sudo-1.9.17p2/lib/util/getgrouplist.c:105:13: warning[-Wanalyzer-malloc-leak]: leak of 'groups'
sudo-1.9.17p2/lib/util/getgrouplist.c:82:8: branch_false: following 'false' branch (when 'groups' is NULL)...
sudo-1.9.17p2/lib/util/getgrouplist.c:91:15: branch_false: ...to here
sudo-1.9.17p2/lib/util/getgrouplist.c:99:21: branch_true: following 'true' branch (when 'tries != 10')...
sudo-1.9.17p2/lib/util/getgrouplist.c:100:9: branch_true: ...to here
sudo-1.9.17p2/lib/util/getgrouplist.c:101:18: acquire_memory: allocated here
sudo-1.9.17p2/lib/util/getgrouplist.c:102:12: branch_false: following 'false' branch (when 'groups' is non-NULL)...
sudo-1.9.17p2/lib/util/getgrouplist.c:104:19: branch_false: ...to here
sudo-1.9.17p2/lib/util/getgrouplist.c:105:13: danger: 'groups' leaks here; was allocated at [(5)](sarif:/runs/0/results/0/codeFlows/0/threadFlows/0/locations/4)
#  103|   	    debug_return_int(-1);
#  104|   	ngroups = (int)grpsize;
#  105|-> 	if (getgrouplist(name, basegid, groups, &ngroups) != -1) {
#  106|   	    *groupsp = groups;
#  107|   	    *ngroupsp = ngroups;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def52]
sudo-1.9.17p2/lib/util/gidlist.c:74:41: warning[-Wanalyzer-malloc-leak]: leak of 'gids'
sudo-1.9.17p2/lib/util/gidlist.c:63:8: branch_true: following 'true' branch (when 'ngids != 0')...
sudo-1.9.17p2/lib/util/gidlist.c:64:16: branch_true: ...to here
sudo-1.9.17p2/lib/util/gidlist.c:64:16: acquire_memory: allocated here
sudo-1.9.17p2/lib/util/gidlist.c:65:12: branch_false: following 'false' branch (when 'gids' is non-NULL)...
sudo-1.9.17p2/lib/util/gidlist.c:70:12: branch_false: ...to here
sudo-1.9.17p2/lib/util/gidlist.c:74:41: danger: 'gids' leaks here; was allocated at [(3)](sarif:/runs/0/results/0/codeFlows/0/threadFlows/0/locations/2)
#   72|   	cp = gidstr;
#   73|   	do {
#   74|-> 	    gids[ngids] = (GETGROUPS_T) sudo_strtoidx(cp, ",", &ep, &errstr);
#   75|   	    if (errstr != NULL) {
#   76|   		sudo_warnx(U_("%s: %s"), cp, U_(errstr));

Error: GCC_ANALYZER_WARNING (CWE-401): [#def53]
sudo-1.9.17p2/lib/util/gidlist.c:76:17: warning[-Wanalyzer-malloc-leak]: leak of 'gids'
sudo-1.9.17p2/lib/util/gidlist.c:63:8: branch_true: following 'true' branch (when 'ngids != 0')...
sudo-1.9.17p2/lib/util/gidlist.c:64:16: branch_true: ...to here
sudo-1.9.17p2/lib/util/gidlist.c:64:16: acquire_memory: allocated here
sudo-1.9.17p2/lib/util/gidlist.c:65:12: branch_false: following 'false' branch (when 'gids' is non-NULL)...
sudo-1.9.17p2/lib/util/gidlist.c:70:12: branch_false: ...to here
sudo-1.9.17p2/lib/util/gidlist.c:76:17: danger: 'gids' leaks here; was allocated at [(3)](sarif:/runs/0/results/1/codeFlows/0/threadFlows/0/locations/2)
#   74|   	    gids[ngids] = (GETGROUPS_T) sudo_strtoidx(cp, ",", &ep, &errstr);
#   75|   	    if (errstr != NULL) {
#   76|-> 		sudo_warnx(U_("%s: %s"), cp, U_(errstr));
#   77|   		free(gids);
#   78|   		debug_return_int(-1);

Error: GCC_ANALYZER_WARNING (CWE-404): [#def54]
sudo-1.9.17p2/lib/util/lbuf.c:75:5: warning[-Wanalyzer-va-list-leak]: missing call to 'va_end'
sudo-1.9.17p2/lib/util/lbuf.c:223:1: enter_function: entry to 'sudo_lbuf_append_quoted_v1'
sudo-1.9.17p2/lib/util/lbuf.c:232:9: call_function: calling 'sudo_lbuf_error_v1' from 'sudo_lbuf_append_quoted_v1'
sudo-1.9.17p2/lib/util/lbuf.c:232:9: return_function: returning to 'sudo_lbuf_append_quoted_v1' from 'sudo_lbuf_error_v1'
sudo-1.9.17p2/lib/util/lbuf.c:232:8: branch_false: following 'false' branch...
sudo-1.9.17p2/lib/util/lbuf.c:235:5: branch_false: ...to here
sudo-1.9.17p2/lib/util/lbuf.c:235:5: acquire_resource: 'va_start' called here
sudo-1.9.17p2/lib/util/lbuf.c:236:12: branch_true: following 'true' branch...
sudo-1.9.17p2/lib/util/lbuf.c:237:12: branch_true: ...to here
sudo-1.9.17p2/lib/util/lbuf.c:260:14: call_function: calling 'sudo_lbuf_expand' from 'sudo_lbuf_append_quoted_v1'
#   73|   sudo_lbuf_expand(struct sudo_lbuf *lbuf, unsigned int extra)
#   74|   {
#   75|->     debug_decl(sudo_lbuf_expand, SUDO_DEBUG_UTIL);
#   76|   
#   77|       if (lbuf->len + extra + 1 <= lbuf->len) {

Error: GCC_ANALYZER_WARNING (CWE-404): [#def55]
sudo-1.9.17p2/lib/util/lbuf.c:79:9: warning[-Wanalyzer-va-list-leak]: missing call to 'va_end'
sudo-1.9.17p2/lib/util/lbuf.c:223:1: enter_function: entry to 'sudo_lbuf_append_quoted_v1'
sudo-1.9.17p2/lib/util/lbuf.c:232:9: call_function: calling 'sudo_lbuf_error_v1' from 'sudo_lbuf_append_quoted_v1'
sudo-1.9.17p2/lib/util/lbuf.c:232:9: return_function: returning to 'sudo_lbuf_append_quoted_v1' from 'sudo_lbuf_error_v1'
sudo-1.9.17p2/lib/util/lbuf.c:232:8: branch_false: following 'false' branch...
sudo-1.9.17p2/lib/util/lbuf.c:235:5: branch_false: ...to here
sudo-1.9.17p2/lib/util/lbuf.c:235:5: acquire_resource: 'va_start' called here
sudo-1.9.17p2/lib/util/lbuf.c:236:12: branch_true: following 'true' branch...
sudo-1.9.17p2/lib/util/lbuf.c:237:12: branch_true: ...to here
sudo-1.9.17p2/lib/util/lbuf.c:260:14: call_function: calling 'sudo_lbuf_expand' from 'sudo_lbuf_append_quoted_v1'
#   77|       if (lbuf->len + extra + 1 <= lbuf->len) {
#   78|   	errno = ENOMEM;
#   79|-> 	sudo_debug_printf(SUDO_DEBUG_ERROR|SUDO_DEBUG_LINENO,
#   80|   	    "integer overflow updating lbuf->len");
#   81|   	lbuf->error = 1;

Error: GCC_ANALYZER_WARNING (CWE-404): [#def56]
sudo-1.9.17p2/lib/util/lbuf.c:82:9: warning[-Wanalyzer-va-list-leak]: missing call to 'va_end'
sudo-1.9.17p2/lib/util/lbuf.c:223:1: enter_function: entry to 'sudo_lbuf_append_quoted_v1'
sudo-1.9.17p2/lib/util/lbuf.c:232:9: call_function: calling 'sudo_lbuf_error_v1' from 'sudo_lbuf_append_quoted_v1'
sudo-1.9.17p2/lib/util/lbuf.c:232:9: return_function: returning to 'sudo_lbuf_append_quoted_v1' from 'sudo_lbuf_error_v1'
sudo-1.9.17p2/lib/util/lbuf.c:232:8: branch_false: following 'false' branch...
sudo-1.9.17p2/lib/util/lbuf.c:235:5: branch_false: ...to here
sudo-1.9.17p2/lib/util/lbuf.c:235:5: acquire_resource: 'va_start' called here
sudo-1.9.17p2/lib/util/lbuf.c:236:12: branch_true: following 'true' branch...
sudo-1.9.17p2/lib/util/lbuf.c:237:12: branch_true: ...to here
sudo-1.9.17p2/lib/util/lbuf.c:260:14: call_function: calling 'sudo_lbuf_expand' from 'sudo_lbuf_append_quoted_v1'
#   80|   	    "integer overflow updating lbuf->len");
#   81|   	lbuf->error = 1;
#   82|-> 	debug_return_bool(false);
#   83|       }
#   84|   

Error: GCC_ANALYZER_WARNING (CWE-404): [#def57]
sudo-1.9.17p2/lib/util/lbuf.c:87:27: warning[-Wanalyzer-va-list-leak]: missing call to 'va_end'
sudo-1.9.17p2/lib/util/lbuf.c:223:1: enter_function: entry to 'sudo_lbuf_append_quoted_v1'
sudo-1.9.17p2/lib/util/lbuf.c:232:9: call_function: calling 'sudo_lbuf_error_v1' from 'sudo_lbuf_append_quoted_v1'
sudo-1.9.17p2/lib/util/lbuf.c:232:9: return_function: returning to 'sudo_lbuf_append_quoted_v1' from 'sudo_lbuf_error_v1'
sudo-1.9.17p2/lib/util/lbuf.c:232:8: branch_false: following 'false' branch...
sudo-1.9.17p2/lib/util/lbuf.c:235:5: branch_false: ...to here
sudo-1.9.17p2/lib/util/lbuf.c:235:5: acquire_resource: 'va_start' called here
sudo-1.9.17p2/lib/util/lbuf.c:236:12: branch_true: following 'true' branch...
sudo-1.9.17p2/lib/util/lbuf.c:237:12: branch_true: ...to here
sudo-1.9.17p2/lib/util/lbuf.c:260:14: call_function: calling 'sudo_lbuf_expand' from 'sudo_lbuf_append_quoted_v1'
#   85|       if (lbuf->len + extra + 1 > lbuf->size) {
#   86|   	const size_t size = lbuf->len + extra + 1;
#   87|-> 	size_t new_size = sudo_pow2_roundup(size);
#   88|   	char *new_buf;
#   89|   

Error: GCC_ANALYZER_WARNING (CWE-404): [#def58]
sudo-1.9.17p2/lib/util/lbuf.c:92:13: warning[-Wanalyzer-va-list-leak]: missing call to 'va_end'
sudo-1.9.17p2/lib/util/lbuf.c:223:1: enter_function: entry to 'sudo_lbuf_append_quoted_v1'
sudo-1.9.17p2/lib/util/lbuf.c:232:9: call_function: calling 'sudo_lbuf_error_v1' from 'sudo_lbuf_append_quoted_v1'
sudo-1.9.17p2/lib/util/lbuf.c:232:9: return_function: returning to 'sudo_lbuf_append_quoted_v1' from 'sudo_lbuf_error_v1'
sudo-1.9.17p2/lib/util/lbuf.c:232:8: branch_false: following 'false' branch...
sudo-1.9.17p2/lib/util/lbuf.c:235:5: branch_false: ...to here
sudo-1.9.17p2/lib/util/lbuf.c:235:5: acquire_resource: 'va_start' called here
sudo-1.9.17p2/lib/util/lbuf.c:236:12: branch_true: following 'true' branch...
sudo-1.9.17p2/lib/util/lbuf.c:237:12: branch_true: ...to here
sudo-1.9.17p2/lib/util/lbuf.c:260:14: call_function: calling 'sudo_lbuf_expand' from 'sudo_lbuf_append_quoted_v1'
#   90|   	if (new_size > UINT_MAX || new_size < lbuf->size) {
#   91|   	    errno = ENOMEM;
#   92|-> 	    sudo_debug_printf(SUDO_DEBUG_ERROR|SUDO_DEBUG_LINENO,
#   93|   		"integer overflow updating lbuf->size");
#   94|   	    lbuf->error = 1;

Error: GCC_ANALYZER_WARNING (CWE-404): [#def59]
sudo-1.9.17p2/lib/util/lbuf.c:95:13: warning[-Wanalyzer-va-list-leak]: missing call to 'va_end'
sudo-1.9.17p2/lib/util/lbuf.c:223:1: enter_function: entry to 'sudo_lbuf_append_quoted_v1'
sudo-1.9.17p2/lib/util/lbuf.c:232:9: call_function: calling 'sudo_lbuf_error_v1' from 'sudo_lbuf_append_quoted_v1'
sudo-1.9.17p2/lib/util/lbuf.c:232:9: return_function: returning to 'sudo_lbuf_append_quoted_v1' from 'sudo_lbuf_error_v1'
sudo-1.9.17p2/lib/util/lbuf.c:232:8: branch_false: following 'false' branch...
sudo-1.9.17p2/lib/util/lbuf.c:235:5: branch_false: ...to here
sudo-1.9.17p2/lib/util/lbuf.c:235:5: acquire_resource: 'va_start' called here
sudo-1.9.17p2/lib/util/lbuf.c:236:12: branch_true: following 'true' branch...
sudo-1.9.17p2/lib/util/lbuf.c:237:12: branch_true: ...to here
sudo-1.9.17p2/lib/util/lbuf.c:260:14: call_function: calling 'sudo_lbuf_expand' from 'sudo_lbuf_append_quoted_v1'
#   93|   		"integer overflow updating lbuf->size");
#   94|   	    lbuf->error = 1;
#   95|-> 	    debug_return_bool(false);
#   96|   	}
#   97|   	if (new_size < 1024)

Error: GCC_ANALYZER_WARNING (CWE-404): [#def60]
sudo-1.9.17p2/lib/util/lbuf.c:100:13: warning[-Wanalyzer-va-list-leak]: missing call to 'va_end'
sudo-1.9.17p2/lib/util/lbuf.c:223:1: enter_function: entry to 'sudo_lbuf_append_quoted_v1'
sudo-1.9.17p2/lib/util/lbuf.c:232:9: call_function: calling 'sudo_lbuf_error_v1' from 'sudo_lbuf_append_quoted_v1'
sudo-1.9.17p2/lib/util/lbuf.c:232:9: return_function: returning to 'sudo_lbuf_append_quoted_v1' from 'sudo_lbuf_error_v1'
sudo-1.9.17p2/lib/util/lbuf.c:232:8: branch_false: following 'false' branch...
sudo-1.9.17p2/lib/util/lbuf.c:235:5: branch_false: ...to here
sudo-1.9.17p2/lib/util/lbuf.c:235:5: acquire_resource: 'va_start' called here
sudo-1.9.17p2/lib/util/lbuf.c:236:12: branch_true: following 'true' branch...
sudo-1.9.17p2/lib/util/lbuf.c:237:12: branch_true: ...to here
sudo-1.9.17p2/lib/util/lbuf.c:260:14: call_function: calling 'sudo_lbuf_expand' from 'sudo_lbuf_append_quoted_v1'
#   98|   	    new_size = 1024;
#   99|   	if ((new_buf = realloc(lbuf->buf, new_size)) == NULL) {
#  100|-> 	    sudo_debug_printf(SUDO_DEBUG_ERROR|SUDO_DEBUG_LINENO,
#  101|   		"unable to allocate memory");
#  102|   	    lbuf->error = 1;

Error: GCC_ANALYZER_WARNING (CWE-404): [#def61]
sudo-1.9.17p2/lib/util/lbuf.c:103:13: warning[-Wanalyzer-va-list-leak]: missing call to 'va_end'
sudo-1.9.17p2/lib/util/lbuf.c:223:1: enter_function: entry to 'sudo_lbuf_append_quoted_v1'
sudo-1.9.17p2/lib/util/lbuf.c:232:9: call_function: calling 'sudo_lbuf_error_v1' from 'sudo_lbuf_append_quoted_v1'
sudo-1.9.17p2/lib/util/lbuf.c:232:9: return_function: returning to 'sudo_lbuf_append_quoted_v1' from 'sudo_lbuf_error_v1'
sudo-1.9.17p2/lib/util/lbuf.c:232:8: branch_false: following 'false' branch...
sudo-1.9.17p2/lib/util/lbuf.c:235:5: branch_false: ...to here
sudo-1.9.17p2/lib/util/lbuf.c:235:5: acquire_resource: 'va_start' called here
sudo-1.9.17p2/lib/util/lbuf.c:236:12: branch_true: following 'true' branch...
sudo-1.9.17p2/lib/util/lbuf.c:237:12: branch_true: ...to here
sudo-1.9.17p2/lib/util/lbuf.c:260:14: call_function: calling 'sudo_lbuf_expand' from 'sudo_lbuf_append_quoted_v1'
#  101|   		"unable to allocate memory");
#  102|   	    lbuf->error = 1;
#  103|-> 	    debug_return_bool(false);
#  104|   	}
#  105|   	lbuf->buf = new_buf;

Error: GCC_ANALYZER_WARNING (CWE-404): [#def62]
sudo-1.9.17p2/lib/util/lbuf.c:309:21: warning[-Wanalyzer-va-list-leak]: missing call to 'va_end'
sudo-1.9.17p2/lib/util/lbuf.c:282:1: enter_function: entry to 'sudo_lbuf_append_v1'
sudo-1.9.17p2/lib/util/lbuf.c:291:9: call_function: calling 'sudo_lbuf_error_v1' from 'sudo_lbuf_append_v1'
sudo-1.9.17p2/lib/util/lbuf.c:291:9: return_function: returning to 'sudo_lbuf_append_v1' from 'sudo_lbuf_error_v1'
sudo-1.9.17p2/lib/util/lbuf.c:291:8: branch_false: following 'false' branch...
sudo-1.9.17p2/lib/util/lbuf.c:294:5: branch_false: ...to here
sudo-1.9.17p2/lib/util/lbuf.c:294:5: acquire_resource: 'va_start' called here
sudo-1.9.17p2/lib/util/lbuf.c:295:12: branch_true: following 'true' branch...
sudo-1.9.17p2/lib/util/lbuf.c:296:12: branch_true: ...to here
sudo-1.9.17p2/lib/util/lbuf.c:296:12: branch_true: following 'true' branch...
sudo-1.9.17p2/lib/util/lbuf.c:303:16: branch_true: following 'true' branch...
sudo-1.9.17p2/lib/util/lbuf.c:307:20: branch_true: following 'true' branch (when 'len > 11')...
sudo-1.9.17p2/lib/util/lbuf.c:308:21: branch_true: ...to here
sudo-1.9.17p2/lib/util/lbuf.c:309:21: danger: missing call to 'va_end' to match 'va_start' at [(9)](sarif:/runs/0/results/8/codeFlows/0/threadFlows/0/locations/8)
#  307|   		if (len >= sizeof(numbuf)) {
#  308|   		    errno = EINVAL;
#  309|-> 		    sudo_debug_printf(SUDO_DEBUG_ERROR|SUDO_DEBUG_LINENO,
#  310|   			"integer overflow parsing $n");
#  311|   		    lbuf->error = 1;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def63]
sudo-1.9.17p2/lib/util/rcstr.c:72:5: warning[-Wanalyzer-malloc-leak]: leak of 'rcs'
sudo-1.9.17p2/lib/util/rcstr.c:65:11: acquire_memory: allocated here
sudo-1.9.17p2/lib/util/rcstr.c:66:8: branch_false: following 'false' branch (when 'rcs' is non-NULL)...
sudo-1.9.17p2/lib/util/rcstr.c:69:5: branch_false: ...to here
sudo-1.9.17p2/lib/util/rcstr.c:72:5: danger: 'rcs' leaks here; was allocated at [(1)](sarif:/runs/0/results/0/codeFlows/0/threadFlows/0/locations/0)
#   70|       rcs->str[0] = '\0';
#   71|       /* cppcheck-suppress memleak */
#   72|->     debug_return_ptr(rcs->str); // -V773
#   73|   }
#   74|   

Error: GCC_ANALYZER_WARNING (CWE-401): [#def64]
sudo-1.9.17p2/lib/util/sudo_conf.c:304:5: warning[-Wanalyzer-malloc-leak]: leak of '<unknown>'
sudo-1.9.17p2/lib/util/sudo_conf.c:257:8: branch_false: following 'false' branch...
sudo-1.9.17p2/lib/util/sudo_conf.c:259:27: branch_false: ...to here
sudo-1.9.17p2/lib/util/sudo_conf.c:263:8: branch_false: following 'false' branch...
sudo-1.9.17p2/lib/util/sudo_conf.c:265:23: branch_false: ...to here
sudo-1.9.17p2/lib/util/sudo_conf.c:269:8: branch_false: following 'false' branch...
sudo-1.9.17p2/lib/util/sudo_conf.c:273:5: branch_false: ...to here
sudo-1.9.17p2/lib/util/sudo_conf.c:273:5: branch_true: following 'true' branch (when 'debug_spec' is non-NULL)...
sudo-1.9.17p2/lib/util/sudo_conf.c:274:21: branch_true: ...to here
sudo-1.9.17p2/lib/util/sudo_conf.c:278:8: branch_false: following 'false' branch (when 'debug_spec' is non-NULL)...
sudo-1.9.17p2/lib/util/sudo_conf.c:291:18: branch_false: ...to here
sudo-1.9.17p2/lib/util/sudo_conf.c:292:8: branch_false: following 'false' branch (when 'debug_file' is non-NULL)...
sudo-1.9.17p2/lib/util/sudo_conf.c:294:30: branch_false: ...to here
sudo-1.9.17p2/lib/util/sudo_conf.c:294:30: acquire_memory: allocated here
sudo-1.9.17p2/lib/util/sudo_conf.c:295:8: branch_false: following 'false' branch...
sudo-1.9.17p2/lib/util/sudo_conf.c:297:31: branch_false: ...to here
sudo-1.9.17p2/lib/util/sudo_conf.c:298:8: branch_true: following 'true' branch...
sudo-1.9.17p2/lib/util/sudo_conf.c:299:9: branch_true: ...to here
sudo-1.9.17p2/lib/util/sudo_conf.c:304:5: danger: '<unknown>' leaks here; was allocated at [(13)](sarif:/runs/0/results/2/codeFlows/0/threadFlows/0/locations/12)
#  302|       debug_return_int(true);
#  303|   oom:
#  304|->     sudo_warnx(U_("%s: %s"), __func__, U_("unable to allocate memory"));
#  305|       if (debug_file != NULL) {
#  306|   	free(debug_file->debug_file);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def65]
sudo-1.9.17p2/lib/util/sudo_conf.c:304:5: warning[-Wanalyzer-malloc-leak]: leak of 'debug_file'
sudo-1.9.17p2/lib/util/sudo_conf.c:257:8: branch_false: following 'false' branch...
sudo-1.9.17p2/lib/util/sudo_conf.c:259:27: branch_false: ...to here
sudo-1.9.17p2/lib/util/sudo_conf.c:263:8: branch_false: following 'false' branch...
sudo-1.9.17p2/lib/util/sudo_conf.c:265:23: branch_false: ...to here
sudo-1.9.17p2/lib/util/sudo_conf.c:269:8: branch_false: following 'false' branch...
sudo-1.9.17p2/lib/util/sudo_conf.c:273:5: branch_false: ...to here
sudo-1.9.17p2/lib/util/sudo_conf.c:273:5: branch_true: following 'true' branch (when 'debug_spec' is non-NULL)...
sudo-1.9.17p2/lib/util/sudo_conf.c:274:21: branch_true: ...to here
sudo-1.9.17p2/lib/util/sudo_conf.c:278:8: branch_false: following 'false' branch (when 'debug_spec' is non-NULL)...
sudo-1.9.17p2/lib/util/sudo_conf.c:291:18: branch_false: ...to here
sudo-1.9.17p2/lib/util/sudo_conf.c:291:18: acquire_memory: allocated here
sudo-1.9.17p2/lib/util/sudo_conf.c:292:8: branch_false: following 'false' branch (when 'debug_file' is non-NULL)...
sudo-1.9.17p2/lib/util/sudo_conf.c:294:30: branch_false: ...to here
sudo-1.9.17p2/lib/util/sudo_conf.c:295:8: branch_true: following 'true' branch...
sudo-1.9.17p2/lib/util/sudo_conf.c:296:9: branch_true: ...to here
sudo-1.9.17p2/lib/util/sudo_conf.c:304:5: danger: 'debug_file' leaks here; was allocated at [(11)](sarif:/runs/0/results/0/codeFlows/0/threadFlows/0/locations/10)
#  302|       debug_return_int(true);
#  303|   oom:
#  304|->     sudo_warnx(U_("%s: %s"), __func__, U_("unable to allocate memory"));
#  305|       if (debug_file != NULL) {
#  306|   	free(debug_file->debug_file);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def66]
sudo-1.9.17p2/lib/util/sudo_conf.c:304:16: warning[-Wanalyzer-malloc-leak]: leak of '<unknown>'
sudo-1.9.17p2/lib/util/sudo_conf.c:257:8: branch_false: following 'false' branch...
sudo-1.9.17p2/lib/util/sudo_conf.c:259:27: branch_false: ...to here
sudo-1.9.17p2/lib/util/sudo_conf.c:263:8: branch_false: following 'false' branch...
sudo-1.9.17p2/lib/util/sudo_conf.c:265:23: branch_false: ...to here
sudo-1.9.17p2/lib/util/sudo_conf.c:269:8: branch_false: following 'false' branch...
sudo-1.9.17p2/lib/util/sudo_conf.c:273:5: branch_false: ...to here
sudo-1.9.17p2/lib/util/sudo_conf.c:273:5: branch_true: following 'true' branch (when 'debug_spec' is non-NULL)...
sudo-1.9.17p2/lib/util/sudo_conf.c:274:21: branch_true: ...to here
sudo-1.9.17p2/lib/util/sudo_conf.c:278:8: branch_false: following 'false' branch (when 'debug_spec' is non-NULL)...
sudo-1.9.17p2/lib/util/sudo_conf.c:291:18: branch_false: ...to here
sudo-1.9.17p2/lib/util/sudo_conf.c:292:8: branch_false: following 'false' branch (when 'debug_file' is non-NULL)...
sudo-1.9.17p2/lib/util/sudo_conf.c:294:30: branch_false: ...to here
sudo-1.9.17p2/lib/util/sudo_conf.c:294:30: acquire_memory: allocated here
sudo-1.9.17p2/lib/util/sudo_conf.c:295:8: branch_false: following 'false' branch...
sudo-1.9.17p2/lib/util/sudo_conf.c:297:31: branch_false: ...to here
sudo-1.9.17p2/lib/util/sudo_conf.c:298:8: branch_true: following 'true' branch...
sudo-1.9.17p2/lib/util/sudo_conf.c:299:9: branch_true: ...to here
sudo-1.9.17p2/lib/util/sudo_conf.c:304:16: danger: '<unknown>' leaks here; was allocated at [(13)](sarif:/runs/0/results/5/codeFlows/0/threadFlows/0/locations/12)
#  302|       debug_return_int(true);
#  303|   oom:
#  304|->     sudo_warnx(U_("%s: %s"), __func__, U_("unable to allocate memory"));
#  305|       if (debug_file != NULL) {
#  306|   	free(debug_file->debug_file);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def67]
sudo-1.9.17p2/lib/util/sudo_conf.c:304:16: warning[-Wanalyzer-malloc-leak]: leak of 'debug_file'
sudo-1.9.17p2/lib/util/sudo_conf.c:257:8: branch_false: following 'false' branch...
sudo-1.9.17p2/lib/util/sudo_conf.c:259:27: branch_false: ...to here
sudo-1.9.17p2/lib/util/sudo_conf.c:263:8: branch_false: following 'false' branch...
sudo-1.9.17p2/lib/util/sudo_conf.c:265:23: branch_false: ...to here
sudo-1.9.17p2/lib/util/sudo_conf.c:269:8: branch_false: following 'false' branch...
sudo-1.9.17p2/lib/util/sudo_conf.c:273:5: branch_false: ...to here
sudo-1.9.17p2/lib/util/sudo_conf.c:273:5: branch_true: following 'true' branch (when 'debug_spec' is non-NULL)...
sudo-1.9.17p2/lib/util/sudo_conf.c:274:21: branch_true: ...to here
sudo-1.9.17p2/lib/util/sudo_conf.c:278:8: branch_false: following 'false' branch (when 'debug_spec' is non-NULL)...
sudo-1.9.17p2/lib/util/sudo_conf.c:291:18: branch_false: ...to here
sudo-1.9.17p2/lib/util/sudo_conf.c:291:18: acquire_memory: allocated here
sudo-1.9.17p2/lib/util/sudo_conf.c:292:8: branch_false: following 'false' branch (when 'debug_file' is non-NULL)...
sudo-1.9.17p2/lib/util/sudo_conf.c:294:30: branch_false: ...to here
sudo-1.9.17p2/lib/util/sudo_conf.c:295:8: branch_true: following 'true' branch...
sudo-1.9.17p2/lib/util/sudo_conf.c:296:9: branch_true: ...to here
sudo-1.9.17p2/lib/util/sudo_conf.c:304:16: danger: 'debug_file' leaks here; was allocated at [(11)](sarif:/runs/0/results/4/codeFlows/0/threadFlows/0/locations/10)
#  302|       debug_return_int(true);
#  303|   oom:
#  304|->     sudo_warnx(U_("%s: %s"), __func__, U_("unable to allocate memory"));
#  305|       if (debug_file != NULL) {
#  306|   	free(debug_file->debug_file);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def68]
sudo-1.9.17p2/lib/util/sudo_conf.c:356:30: warning[-Wanalyzer-malloc-leak]: leak of 'options'
sudo-1.9.17p2/lib/util/sudo_conf.c:329:8: branch_false: following 'false' branch...
sudo-1.9.17p2/lib/util/sudo_conf.c:331:22: branch_false: ...to here
sudo-1.9.17p2/lib/util/sudo_conf.c:335:8: branch_false: following 'false' branch...
sudo-1.9.17p2/lib/util/sudo_conf.c:337:23: branch_false: ...to here
sudo-1.9.17p2/lib/util/sudo_conf.c:342:8: branch_true: following 'true' branch...
sudo-1.9.17p2/lib/util/sudo_conf.c:347:30: branch_true: ...to here
sudo-1.9.17p2/lib/util/sudo_conf.c:351:19: acquire_memory: allocated here
sudo-1.9.17p2/lib/util/sudo_conf.c:352:12: branch_false: following 'false' branch (when 'options' is non-NULL)...
sudo-1.9.17p2/lib/util/sudo_conf.c:356:30: branch_false: ...to here
sudo-1.9.17p2/lib/util/sudo_conf.c:356:30: danger: 'options' leaks here; was allocated at [(7)](sarif:/runs/0/results/6/codeFlows/0/threadFlows/0/locations/6)
#  354|   
#  355|   	/* Fill in options array. */
#  356|-> 	for (nopts = 0, cp = sudo_strsplit(opt, entry_end, " \t", &ep);
#  357|   	    cp != NULL; cp = sudo_strsplit(NULL, entry_end, " \t", &ep)) {
#  358|   	    options[nopts] = strndup(cp, (size_t)(ep - cp));

Error: GCC_ANALYZER_WARNING (CWE-401): [#def69]
sudo-1.9.17p2/lib/util/sudo_conf.c:357:30: warning[-Wanalyzer-malloc-leak]: leak of 'options'
sudo-1.9.17p2/lib/util/sudo_conf.c:329:8: branch_false: following 'false' branch...
sudo-1.9.17p2/lib/util/sudo_conf.c:331:22: branch_false: ...to here
sudo-1.9.17p2/lib/util/sudo_conf.c:335:8: branch_false: following 'false' branch...
sudo-1.9.17p2/lib/util/sudo_conf.c:337:23: branch_false: ...to here
sudo-1.9.17p2/lib/util/sudo_conf.c:342:8: branch_true: following 'true' branch...
sudo-1.9.17p2/lib/util/sudo_conf.c:347:30: branch_true: ...to here
sudo-1.9.17p2/lib/util/sudo_conf.c:351:19: acquire_memory: allocated here
sudo-1.9.17p2/lib/util/sudo_conf.c:352:12: branch_false: following 'false' branch (when 'options' is non-NULL)...
sudo-1.9.17p2/lib/util/sudo_conf.c:356:30: branch_false: ...to here
sudo-1.9.17p2/lib/util/sudo_conf.c:357:13: branch_true: following 'true' branch (when 'cp' is non-NULL)...
sudo-1.9.17p2/lib/util/sudo_conf.c:358:50: branch_true: ...to here
sudo-1.9.17p2/lib/util/sudo_conf.c:359:16: branch_false: following 'false' branch...
sudo-1.9.17p2/lib/util/sudo_conf.c:361:13: branch_false: ...to here
sudo-1.9.17p2/lib/util/sudo_conf.c:357:30: danger: 'options' leaks here; was allocated at [(7)](sarif:/runs/0/results/7/codeFlows/0/threadFlows/0/locations/6)
#  355|   	/* Fill in options array. */
#  356|   	for (nopts = 0, cp = sudo_strsplit(opt, entry_end, " \t", &ep);
#  357|-> 	    cp != NULL; cp = sudo_strsplit(NULL, entry_end, " \t", &ep)) {
#  358|   	    options[nopts] = strndup(cp, (size_t)(ep - cp));
#  359|   	    if (options[nopts] == NULL)

Error: GCC_ANALYZER_WARNING (CWE-401): [#def70]
sudo-1.9.17p2/lib/util/sudo_conf.c:381:5: warning[-Wanalyzer-malloc-leak]: leak of 'options'
sudo-1.9.17p2/lib/util/sudo_conf.c:329:8: branch_false: following 'false' branch...
sudo-1.9.17p2/lib/util/sudo_conf.c:331:22: branch_false: ...to here
sudo-1.9.17p2/lib/util/sudo_conf.c:335:8: branch_false: following 'false' branch...
sudo-1.9.17p2/lib/util/sudo_conf.c:337:23: branch_false: ...to here
sudo-1.9.17p2/lib/util/sudo_conf.c:342:8: branch_true: following 'true' branch...
sudo-1.9.17p2/lib/util/sudo_conf.c:347:30: branch_true: ...to here
sudo-1.9.17p2/lib/util/sudo_conf.c:351:19: acquire_memory: allocated here
sudo-1.9.17p2/lib/util/sudo_conf.c:352:12: branch_false: following 'false' branch (when 'options' is non-NULL)...
sudo-1.9.17p2/lib/util/sudo_conf.c:356:30: branch_false: ...to here
sudo-1.9.17p2/lib/util/sudo_conf.c:367:8: branch_true: following 'true' branch (when 'info' is NULL)...
sudo-1.9.17p2/lib/util/sudo_conf.c:368:13: branch_true: ...to here
sudo-1.9.17p2/lib/util/sudo_conf.c:381:5: danger: 'options' leaks here; was allocated at [(7)](sarif:/runs/0/results/8/codeFlows/0/threadFlows/0/locations/6)
#  379|       debug_return_int(true);
#  380|   oom:
#  381|->     sudo_warnx(U_("%s: %s"), __func__, U_("unable to allocate memory"));
#  382|       if (options != NULL) {
#  383|   	while (nopts)

Error: GCC_ANALYZER_WARNING (CWE-401): [#def71]
sudo-1.9.17p2/lib/util/sudo_conf.c:381:16: warning[-Wanalyzer-malloc-leak]: leak of 'options'
sudo-1.9.17p2/lib/util/sudo_conf.c:329:8: branch_false: following 'false' branch...
sudo-1.9.17p2/lib/util/sudo_conf.c:331:22: branch_false: ...to here
sudo-1.9.17p2/lib/util/sudo_conf.c:335:8: branch_false: following 'false' branch...
sudo-1.9.17p2/lib/util/sudo_conf.c:337:23: branch_false: ...to here
sudo-1.9.17p2/lib/util/sudo_conf.c:342:8: branch_true: following 'true' branch...
sudo-1.9.17p2/lib/util/sudo_conf.c:347:30: branch_true: ...to here
sudo-1.9.17p2/lib/util/sudo_conf.c:351:19: acquire_memory: allocated here
sudo-1.9.17p2/lib/util/sudo_conf.c:352:12: branch_false: following 'false' branch (when 'options' is non-NULL)...
sudo-1.9.17p2/lib/util/sudo_conf.c:356:30: branch_false: ...to here
sudo-1.9.17p2/lib/util/sudo_conf.c:367:8: branch_true: following 'true' branch (when 'info' is NULL)...
sudo-1.9.17p2/lib/util/sudo_conf.c:368:13: branch_true: ...to here
sudo-1.9.17p2/lib/util/sudo_conf.c:381:16: danger: 'options' leaks here; was allocated at [(7)](sarif:/runs/0/results/12/codeFlows/0/threadFlows/0/locations/6)
#  379|       debug_return_int(true);
#  380|   oom:
#  381|->     sudo_warnx(U_("%s: %s"), __func__, U_("unable to allocate memory"));
#  382|       if (options != NULL) {
#  383|   	while (nopts)

Error: GCC_ANALYZER_WARNING (CWE-401): [#def72]
sudo-1.9.17p2/lib/util/sudo_conf.c:604:5: warning[-Wanalyzer-malloc-leak]: leak of 'fp'
sudo-1.9.17p2/lib/util/sudo_conf.c:657:1: enter_function: entry to 'sudo_conf_read_v1'
sudo-1.9.17p2/lib/util/sudo_conf.c:667:8: branch_false: following 'false' branch (when 'prev_locale' is non-NULL)...
sudo-1.9.17p2/lib/util/sudo_conf.c:671:24: branch_false: ...to here
sudo-1.9.17p2/lib/util/sudo_conf.c:671:8: branch_false: following 'false' branch (when 'prev_locale' is non-NULL)...
sudo-1.9.17p2/lib/util/sudo_conf.c:677:9: branch_false: ...to here
sudo-1.9.17p2/lib/util/sudo_conf.c:682:12: branch_false: following 'false' branch...
sudo-1.9.17p2/lib/util/sudo_conf.c:687:14: call_function: inlined call to 'open' from 'sudo_conf_read_v1'
sudo-1.9.17p2/lib/util/sudo_conf.c:688:12: branch_false: following 'false' branch...
sudo-1.9.17p2/lib/util/sudo_conf.c:734:15: branch_false: ...to here
sudo-1.9.17p2/lib/util/sudo_conf.c:734:15: acquire_memory: allocated here
sudo-1.9.17p2/lib/util/sudo_conf.c:734:8: branch_false: following 'false' branch (when 'fp' is non-NULL)...
sudo-1.9.17p2/lib/util/sudo_conf.c:740:9: branch_false: ...to here
sudo-1.9.17p2/lib/util/sudo_conf.c:740:8: branch_true: following 'true' branch...
sudo-1.9.17p2/lib/util/sudo_conf.c:741:9: branch_true: ...to here
sudo-1.9.17p2/lib/util/sudo_conf.c:741:9: call_function: calling 'sudo_conf_init' from 'sudo_conf_read_v1'
#  602|       struct plugin_info *plugin_info;
#  603|       size_t i;
#  604|->     debug_decl(sudo_conf_init, SUDO_DEBUG_UTIL);
#  605|   
#  606|       /* Free and reset paths. */

Error: GCC_ANALYZER_WARNING (CWE-401): [#def73]
sudo-1.9.17p2/lib/util/sudo_conf.c:604:5: warning[-Wanalyzer-malloc-leak]: leak of 'prev_locale'
sudo-1.9.17p2/lib/util/sudo_conf.c:657:1: enter_function: entry to 'sudo_conf_read_v1'
sudo-1.9.17p2/lib/util/sudo_conf.c:667:8: branch_false: following 'false' branch (when 'prev_locale' is non-NULL)...
sudo-1.9.17p2/lib/util/sudo_conf.c:671:24: branch_false: ...to here
sudo-1.9.17p2/lib/util/sudo_conf.c:671:24: acquire_memory: allocated here
sudo-1.9.17p2/lib/util/sudo_conf.c:671:8: branch_false: following 'false' branch (when 'prev_locale' is non-NULL)...
sudo-1.9.17p2/lib/util/sudo_conf.c:677:9: branch_false: ...to here
sudo-1.9.17p2/lib/util/sudo_conf.c:682:12: branch_false: following 'false' branch...
sudo-1.9.17p2/lib/util/sudo_conf.c:687:14: call_function: inlined call to 'open' from 'sudo_conf_read_v1'
sudo-1.9.17p2/lib/util/sudo_conf.c:688:12: branch_false: following 'false' branch...
sudo-1.9.17p2/lib/util/sudo_conf.c:734:15: branch_false: ...to here
sudo-1.9.17p2/lib/util/sudo_conf.c:734:8: branch_false: following 'false' branch (when 'fp' is non-NULL)...
sudo-1.9.17p2/lib/util/sudo_conf.c:740:9: branch_false: ...to here
sudo-1.9.17p2/lib/util/sudo_conf.c:740:8: branch_true: following 'true' branch...
sudo-1.9.17p2/lib/util/sudo_conf.c:741:9: branch_true: ...to here
sudo-1.9.17p2/lib/util/sudo_conf.c:741:9: call_function: calling 'sudo_conf_init' from 'sudo_conf_read_v1'
#  602|       struct plugin_info *plugin_info;
#  603|       size_t i;
#  604|->     debug_decl(sudo_conf_init, SUDO_DEBUG_UTIL);
#  605|   
#  606|       /* Free and reset paths. */

Error: GCC_ANALYZER_WARNING (CWE-401): [#def74]
sudo-1.9.17p2/lib/util/sudo_conf.c:650:5: warning[-Wanalyzer-malloc-leak]: leak of 'fp'
sudo-1.9.17p2/lib/util/sudo_conf.c:657:1: enter_function: entry to 'sudo_conf_read_v1'
sudo-1.9.17p2/lib/util/sudo_conf.c:667:8: branch_false: following 'false' branch (when 'prev_locale' is non-NULL)...
sudo-1.9.17p2/lib/util/sudo_conf.c:671:24: branch_false: ...to here
sudo-1.9.17p2/lib/util/sudo_conf.c:671:8: branch_false: following 'false' branch (when 'prev_locale' is non-NULL)...
sudo-1.9.17p2/lib/util/sudo_conf.c:677:9: branch_false: ...to here
sudo-1.9.17p2/lib/util/sudo_conf.c:682:12: branch_false: following 'false' branch...
sudo-1.9.17p2/lib/util/sudo_conf.c:687:14: call_function: inlined call to 'open' from 'sudo_conf_read_v1'
sudo-1.9.17p2/lib/util/sudo_conf.c:688:12: branch_false: following 'false' branch...
sudo-1.9.17p2/lib/util/sudo_conf.c:734:15: branch_false: ...to here
sudo-1.9.17p2/lib/util/sudo_conf.c:734:15: acquire_memory: allocated here
sudo-1.9.17p2/lib/util/sudo_conf.c:734:8: branch_false: following 'false' branch (when 'fp' is non-NULL)...
sudo-1.9.17p2/lib/util/sudo_conf.c:740:9: branch_false: ...to here
sudo-1.9.17p2/lib/util/sudo_conf.c:740:8: branch_true: following 'true' branch...
sudo-1.9.17p2/lib/util/sudo_conf.c:741:9: branch_true: ...to here
sudo-1.9.17p2/lib/util/sudo_conf.c:741:9: call_function: calling 'sudo_conf_init' from 'sudo_conf_read_v1'
#  648|       }
#  649|   
#  650|->     debug_return;
#  651|   }
#  652|   

Error: GCC_ANALYZER_WARNING (CWE-401): [#def75]
sudo-1.9.17p2/lib/util/sudo_conf.c:650:5: warning[-Wanalyzer-malloc-leak]: leak of 'prev_locale'
sudo-1.9.17p2/lib/util/sudo_conf.c:657:1: enter_function: entry to 'sudo_conf_read_v1'
sudo-1.9.17p2/lib/util/sudo_conf.c:667:8: branch_false: following 'false' branch (when 'prev_locale' is non-NULL)...
sudo-1.9.17p2/lib/util/sudo_conf.c:671:24: branch_false: ...to here
sudo-1.9.17p2/lib/util/sudo_conf.c:671:24: acquire_memory: allocated here
sudo-1.9.17p2/lib/util/sudo_conf.c:671:8: branch_false: following 'false' branch (when 'prev_locale' is non-NULL)...
sudo-1.9.17p2/lib/util/sudo_conf.c:677:9: branch_false: ...to here
sudo-1.9.17p2/lib/util/sudo_conf.c:682:12: branch_false: following 'false' branch...
sudo-1.9.17p2/lib/util/sudo_conf.c:687:14: call_function: inlined call to 'open' from 'sudo_conf_read_v1'
sudo-1.9.17p2/lib/util/sudo_conf.c:688:12: branch_false: following 'false' branch...
sudo-1.9.17p2/lib/util/sudo_conf.c:734:15: branch_false: ...to here
sudo-1.9.17p2/lib/util/sudo_conf.c:734:8: branch_false: following 'false' branch (when 'fp' is non-NULL)...
sudo-1.9.17p2/lib/util/sudo_conf.c:740:9: branch_false: ...to here
sudo-1.9.17p2/lib/util/sudo_conf.c:740:8: branch_true: following 'true' branch...
sudo-1.9.17p2/lib/util/sudo_conf.c:741:9: branch_true: ...to here
sudo-1.9.17p2/lib/util/sudo_conf.c:741:9: call_function: calling 'sudo_conf_init' from 'sudo_conf_read_v1'
#  648|       }
#  649|   
#  650|->     debug_return;
#  651|   }
#  652|   

Error: GCC_ANALYZER_WARNING (CWE-401): [#def76]
sudo-1.9.17p2/lib/util/sudo_conf.c:684:13: warning[-Wanalyzer-malloc-leak]: leak of 'prev_locale'
sudo-1.9.17p2/lib/util/sudo_conf.c:657:1: enter_function: entry to 'sudo_conf_read_v1'
sudo-1.9.17p2/lib/util/sudo_conf.c:667:8: branch_false: following 'false' branch (when 'prev_locale' is non-NULL)...
sudo-1.9.17p2/lib/util/sudo_conf.c:671:24: branch_false: ...to here
sudo-1.9.17p2/lib/util/sudo_conf.c:671:24: acquire_memory: allocated here
sudo-1.9.17p2/lib/util/sudo_conf.c:671:8: branch_false: following 'false' branch (when 'prev_locale' is non-NULL)...
sudo-1.9.17p2/lib/util/sudo_conf.c:677:9: branch_false: ...to here
sudo-1.9.17p2/lib/util/sudo_conf.c:680:8: branch_true: following 'true' branch (when 'path' is non-NULL)...
sudo-1.9.17p2/lib/util/sudo_conf.c:682:13: call_function: inlined call to 'strlcpy' from 'sudo_conf_read_v1'
sudo-1.9.17p2/lib/util/sudo_conf.c:682:12: branch_true: following 'true' branch...
sudo-1.9.17p2/lib/util/sudo_conf.c:683:13: branch_true: ...to here
sudo-1.9.17p2/lib/util/sudo_conf.c:684:13: danger: 'prev_locale' leaks here; was allocated at [(4)](sarif:/runs/0/results/18/codeFlows/0/threadFlows/0/locations/3)
#  682|   	if (strlcpy(conf_file, path, sizeof(conf_file)) >= sizeof(conf_file)) {
#  683|   	    errno = ENAMETOOLONG;
#  684|-> 	    sudo_warn("%s", path);
#  685|   	    goto done;
#  686|   	}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def77]
sudo-1.9.17p2/lib/util/sudo_conf.c:689:13: warning[-Wanalyzer-malloc-leak]: leak of 'prev_locale'
sudo-1.9.17p2/lib/util/sudo_conf.c:657:1: enter_function: entry to 'sudo_conf_read_v1'
sudo-1.9.17p2/lib/util/sudo_conf.c:667:8: branch_false: following 'false' branch (when 'prev_locale' is non-NULL)...
sudo-1.9.17p2/lib/util/sudo_conf.c:671:24: branch_false: ...to here
sudo-1.9.17p2/lib/util/sudo_conf.c:671:24: acquire_memory: allocated here
sudo-1.9.17p2/lib/util/sudo_conf.c:671:8: branch_false: following 'false' branch (when 'prev_locale' is non-NULL)...
sudo-1.9.17p2/lib/util/sudo_conf.c:677:9: branch_false: ...to here
sudo-1.9.17p2/lib/util/sudo_conf.c:680:8: branch_true: following 'true' branch (when 'path' is non-NULL)...
sudo-1.9.17p2/lib/util/sudo_conf.c:682:13: call_function: inlined call to 'strlcpy' from 'sudo_conf_read_v1'
sudo-1.9.17p2/lib/util/sudo_conf.c:682:12: branch_false: following 'false' branch...
sudo-1.9.17p2/lib/util/sudo_conf.c:687:14: call_function: inlined call to 'open' from 'sudo_conf_read_v1'
sudo-1.9.17p2/lib/util/sudo_conf.c:688:12: branch_true: following 'true' branch...
sudo-1.9.17p2/lib/util/sudo_conf.c:689:23: branch_true: ...to here
sudo-1.9.17p2/lib/util/sudo_conf.c:689:13: danger: 'prev_locale' leaks here; was allocated at [(4)](sarif:/runs/0/results/19/codeFlows/0/threadFlows/0/locations/3)
#  687|   	fd = open(conf_file, O_RDONLY);
#  688|   	if (fd == -1) {
#  689|-> 	    sudo_warn(U_("unable to open %s"), conf_file);
#  690|   	    goto done;
#  691|   	}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def78]
sudo-1.9.17p2/lib/util/sudo_conf.c:689:23: warning[-Wanalyzer-malloc-leak]: leak of 'prev_locale'
sudo-1.9.17p2/lib/util/sudo_conf.c:657:1: enter_function: entry to 'sudo_conf_read_v1'
sudo-1.9.17p2/lib/util/sudo_conf.c:667:8: branch_false: following 'false' branch (when 'prev_locale' is non-NULL)...
sudo-1.9.17p2/lib/util/sudo_conf.c:671:24: branch_false: ...to here
sudo-1.9.17p2/lib/util/sudo_conf.c:671:24: acquire_memory: allocated here
sudo-1.9.17p2/lib/util/sudo_conf.c:671:8: branch_false: following 'false' branch (when 'prev_locale' is non-NULL)...
sudo-1.9.17p2/lib/util/sudo_conf.c:677:9: branch_false: ...to here
sudo-1.9.17p2/lib/util/sudo_conf.c:680:8: branch_true: following 'true' branch (when 'path' is non-NULL)...
sudo-1.9.17p2/lib/util/sudo_conf.c:682:13: call_function: inlined call to 'strlcpy' from 'sudo_conf_read_v1'
sudo-1.9.17p2/lib/util/sudo_conf.c:682:12: branch_false: following 'false' branch...
sudo-1.9.17p2/lib/util/sudo_conf.c:687:14: call_function: inlined call to 'open' from 'sudo_conf_read_v1'
sudo-1.9.17p2/lib/util/sudo_conf.c:688:12: branch_true: following 'true' branch...
sudo-1.9.17p2/lib/util/sudo_conf.c:689:23: branch_true: ...to here
sudo-1.9.17p2/lib/util/sudo_conf.c:689:23: danger: 'prev_locale' leaks here; was allocated at [(4)](sarif:/runs/0/results/20/codeFlows/0/threadFlows/0/locations/3)
#  687|   	fd = open(conf_file, O_RDONLY);
#  688|   	if (fd == -1) {
#  689|-> 	    sudo_warn(U_("unable to open %s"), conf_file);
#  690|   	    goto done;
#  691|   	}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def79]
sudo-1.9.17p2/lib/util/sudo_conf.c:698:14: warning[-Wanalyzer-malloc-leak]: leak of 'prev_locale'
sudo-1.9.17p2/lib/util/sudo_conf.c:667:8: branch_false: following 'false' branch (when 'prev_locale' is non-NULL)...
sudo-1.9.17p2/lib/util/sudo_conf.c:671:24: branch_false: ...to here
sudo-1.9.17p2/lib/util/sudo_conf.c:671:24: acquire_memory: allocated here
sudo-1.9.17p2/lib/util/sudo_conf.c:671:8: branch_false: following 'false' branch (when 'prev_locale' is non-NULL)...
sudo-1.9.17p2/lib/util/sudo_conf.c:677:9: branch_false: ...to here
sudo-1.9.17p2/lib/util/sudo_conf.c:680:8: branch_false: following 'false' branch (when 'path' is NULL)...
sudo-1.9.17p2/lib/util/sudo_conf.c:698:14: branch_false: ...to here
sudo-1.9.17p2/lib/util/sudo_conf.c:698:14: danger: 'prev_locale' leaks here; was allocated at [(3)](sarif:/runs/0/results/21/codeFlows/0/threadFlows/0/locations/2)
#  696|   
#  697|   	/* _PATH_SUDO_CONF is a colon-separated list of path. */
#  698|-> 	fd = sudo_open_conf_path(_PATH_SUDO_CONF, conf_file,
#  699|   	    sizeof(conf_file), NULL);
#  700|   	error = sudo_secure_fd(fd, S_IFREG, ROOT_UID, (gid_t)-1, &sb);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def80]
sudo-1.9.17p2/lib/util/sudo_conf.c:700:17: warning[-Wanalyzer-malloc-leak]: leak of 'prev_locale'
sudo-1.9.17p2/lib/util/sudo_conf.c:667:8: branch_false: following 'false' branch (when 'prev_locale' is non-NULL)...
sudo-1.9.17p2/lib/util/sudo_conf.c:671:24: branch_false: ...to here
sudo-1.9.17p2/lib/util/sudo_conf.c:671:24: acquire_memory: allocated here
sudo-1.9.17p2/lib/util/sudo_conf.c:671:8: branch_false: following 'false' branch (when 'prev_locale' is non-NULL)...
sudo-1.9.17p2/lib/util/sudo_conf.c:677:9: branch_false: ...to here
sudo-1.9.17p2/lib/util/sudo_conf.c:680:8: branch_false: following 'false' branch (when 'path' is NULL)...
sudo-1.9.17p2/lib/util/sudo_conf.c:698:14: branch_false: ...to here
sudo-1.9.17p2/lib/util/sudo_conf.c:700:17: danger: 'prev_locale' leaks here; was allocated at [(3)](sarif:/runs/0/results/22/codeFlows/0/threadFlows/0/locations/2)
#  698|   	fd = sudo_open_conf_path(_PATH_SUDO_CONF, conf_file,
#  699|   	    sizeof(conf_file), NULL);
#  700|-> 	error = sudo_secure_fd(fd, S_IFREG, ROOT_UID, (gid_t)-1, &sb);
#  701|   	switch (error) {
#  702|   	case SUDO_PATH_SECURE:

Error: GCC_ANALYZER_WARNING (CWE-401): [#def81]
sudo-1.9.17p2/lib/util/sudo_conf.c:708:17: warning[-Wanalyzer-malloc-leak]: leak of 'prev_locale'
sudo-1.9.17p2/lib/util/sudo_conf.c:667:8: branch_false: following 'false' branch (when 'prev_locale' is non-NULL)...
sudo-1.9.17p2/lib/util/sudo_conf.c:671:24: branch_false: ...to here
sudo-1.9.17p2/lib/util/sudo_conf.c:671:24: acquire_memory: allocated here
sudo-1.9.17p2/lib/util/sudo_conf.c:671:8: branch_false: following 'false' branch (when 'prev_locale' is non-NULL)...
sudo-1.9.17p2/lib/util/sudo_conf.c:677:9: branch_false: ...to here
sudo-1.9.17p2/lib/util/sudo_conf.c:680:8: branch_false: following 'false' branch (when 'path' is NULL)...
sudo-1.9.17p2/lib/util/sudo_conf.c:698:14: branch_false: ...to here
sudo-1.9.17p2/lib/util/sudo_conf.c:707:16: branch_true: following 'true' branch...
sudo-1.9.17p2/lib/util/sudo_conf.c:708:17: danger: 'prev_locale' leaks here; was allocated at [(3)](sarif:/runs/0/results/23/codeFlows/0/threadFlows/0/locations/2)
#  706|   	    /* Root should always be able to read sudo.conf. */
#  707|   	    if (errno != ENOENT && geteuid() == ROOT_UID)
#  708|-> 		sudo_warn(U_("unable to open %s"), conf_file);
#  709|   	    goto done;
#  710|   	case SUDO_PATH_BAD_TYPE:

Error: GCC_ANALYZER_WARNING (CWE-401): [#def82]
sudo-1.9.17p2/lib/util/sudo_conf.c:708:27: warning[-Wanalyzer-malloc-leak]: leak of 'prev_locale'
sudo-1.9.17p2/lib/util/sudo_conf.c:667:8: branch_false: following 'false' branch (when 'prev_locale' is non-NULL)...
sudo-1.9.17p2/lib/util/sudo_conf.c:671:24: branch_false: ...to here
sudo-1.9.17p2/lib/util/sudo_conf.c:671:24: acquire_memory: allocated here
sudo-1.9.17p2/lib/util/sudo_conf.c:671:8: branch_false: following 'false' branch (when 'prev_locale' is non-NULL)...
sudo-1.9.17p2/lib/util/sudo_conf.c:677:9: branch_false: ...to here
sudo-1.9.17p2/lib/util/sudo_conf.c:680:8: branch_false: following 'false' branch (when 'path' is NULL)...
sudo-1.9.17p2/lib/util/sudo_conf.c:698:14: branch_false: ...to here
sudo-1.9.17p2/lib/util/sudo_conf.c:707:16: branch_true: following 'true' branch...
sudo-1.9.17p2/lib/util/sudo_conf.c:708:27: danger: 'prev_locale' leaks here; was allocated at [(3)](sarif:/runs/0/results/24/codeFlows/0/threadFlows/0/locations/2)
#  706|   	    /* Root should always be able to read sudo.conf. */
#  707|   	    if (errno != ENOENT && geteuid() == ROOT_UID)
#  708|-> 		sudo_warn(U_("unable to open %s"), conf_file);
#  709|   	    goto done;
#  710|   	case SUDO_PATH_BAD_TYPE:

Error: GCC_ANALYZER_WARNING (CWE-401): [#def83]
sudo-1.9.17p2/lib/util/sudo_conf.c:711:13: warning[-Wanalyzer-malloc-leak]: leak of 'prev_locale'
sudo-1.9.17p2/lib/util/sudo_conf.c:667:8: branch_false: following 'false' branch (when 'prev_locale' is non-NULL)...
sudo-1.9.17p2/lib/util/sudo_conf.c:671:24: branch_false: ...to here
sudo-1.9.17p2/lib/util/sudo_conf.c:671:24: acquire_memory: allocated here
sudo-1.9.17p2/lib/util/sudo_conf.c:671:8: branch_false: following 'false' branch (when 'prev_locale' is non-NULL)...
sudo-1.9.17p2/lib/util/sudo_conf.c:677:9: branch_false: ...to here
sudo-1.9.17p2/lib/util/sudo_conf.c:680:8: branch_false: following 'false' branch (when 'path' is NULL)...
sudo-1.9.17p2/lib/util/sudo_conf.c:698:14: branch_false: ...to here
sudo-1.9.17p2/lib/util/sudo_conf.c:711:13: danger: 'prev_locale' leaks here; was allocated at [(3)](sarif:/runs/0/results/25/codeFlows/0/threadFlows/0/locations/2)
#  709|   	    goto done;
#  710|   	case SUDO_PATH_BAD_TYPE:
#  711|-> 	    sudo_warnx(U_("%s is not a regular file"), conf_file);
#  712|   	    goto done;
#  713|   	case SUDO_PATH_WRONG_OWNER:

Error: GCC_ANALYZER_WARNING (CWE-401): [#def84]
sudo-1.9.17p2/lib/util/sudo_conf.c:711:24: warning[-Wanalyzer-malloc-leak]: leak of 'prev_locale'
sudo-1.9.17p2/lib/util/sudo_conf.c:667:8: branch_false: following 'false' branch (when 'prev_locale' is non-NULL)...
sudo-1.9.17p2/lib/util/sudo_conf.c:671:24: branch_false: ...to here
sudo-1.9.17p2/lib/util/sudo_conf.c:671:24: acquire_memory: allocated here
sudo-1.9.17p2/lib/util/sudo_conf.c:671:8: branch_false: following 'false' branch (when 'prev_locale' is non-NULL)...
sudo-1.9.17p2/lib/util/sudo_conf.c:677:9: branch_false: ...to here
sudo-1.9.17p2/lib/util/sudo_conf.c:680:8: branch_false: following 'false' branch (when 'path' is NULL)...
sudo-1.9.17p2/lib/util/sudo_conf.c:698:14: branch_false: ...to here
sudo-1.9.17p2/lib/util/sudo_conf.c:711:24: danger: 'prev_locale' leaks here; was allocated at [(3)](sarif:/runs/0/results/26/codeFlows/0/threadFlows/0/locations/2)
#  709|   	    goto done;
#  710|   	case SUDO_PATH_BAD_TYPE:
#  711|-> 	    sudo_warnx(U_("%s is not a regular file"), conf_file);
#  712|   	    goto done;
#  713|   	case SUDO_PATH_WRONG_OWNER:

Error: GCC_ANALYZER_WARNING (CWE-401): [#def85]
sudo-1.9.17p2/lib/util/sudo_conf.c:714:13: warning[-Wanalyzer-malloc-leak]: leak of 'prev_locale'
sudo-1.9.17p2/lib/util/sudo_conf.c:667:8: branch_false: following 'false' branch (when 'prev_locale' is non-NULL)...
sudo-1.9.17p2/lib/util/sudo_conf.c:671:24: branch_false: ...to here
sudo-1.9.17p2/lib/util/sudo_conf.c:671:24: acquire_memory: allocated here
sudo-1.9.17p2/lib/util/sudo_conf.c:671:8: branch_false: following 'false' branch (when 'prev_locale' is non-NULL)...
sudo-1.9.17p2/lib/util/sudo_conf.c:677:9: branch_false: ...to here
sudo-1.9.17p2/lib/util/sudo_conf.c:680:8: branch_false: following 'false' branch (when 'path' is NULL)...
sudo-1.9.17p2/lib/util/sudo_conf.c:698:14: branch_false: ...to here
sudo-1.9.17p2/lib/util/sudo_conf.c:714:13: danger: 'prev_locale' leaks here; was allocated at [(3)](sarif:/runs/0/results/27/codeFlows/0/threadFlows/0/locations/2)
#  712|   	    goto done;
#  713|   	case SUDO_PATH_WRONG_OWNER:
#  714|-> 	    sudo_warnx(U_("%s is owned by uid %u, should be %u"),
#  715|   		conf_file, (unsigned int) sb.st_uid, ROOT_UID);
#  716|   	    goto done;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def86]
sudo-1.9.17p2/lib/util/sudo_conf.c:714:24: warning[-Wanalyzer-malloc-leak]: leak of 'prev_locale'
sudo-1.9.17p2/lib/util/sudo_conf.c:667:8: branch_false: following 'false' branch (when 'prev_locale' is non-NULL)...
sudo-1.9.17p2/lib/util/sudo_conf.c:671:24: branch_false: ...to here
sudo-1.9.17p2/lib/util/sudo_conf.c:671:24: acquire_memory: allocated here
sudo-1.9.17p2/lib/util/sudo_conf.c:671:8: branch_false: following 'false' branch (when 'prev_locale' is non-NULL)...
sudo-1.9.17p2/lib/util/sudo_conf.c:677:9: branch_false: ...to here
sudo-1.9.17p2/lib/util/sudo_conf.c:680:8: branch_false: following 'false' branch (when 'path' is NULL)...
sudo-1.9.17p2/lib/util/sudo_conf.c:698:14: branch_false: ...to here
sudo-1.9.17p2/lib/util/sudo_conf.c:714:24: danger: 'prev_locale' leaks here; was allocated at [(3)](sarif:/runs/0/results/28/codeFlows/0/threadFlows/0/locations/2)
#  712|   	    goto done;
#  713|   	case SUDO_PATH_WRONG_OWNER:
#  714|-> 	    sudo_warnx(U_("%s is owned by uid %u, should be %u"),
#  715|   		conf_file, (unsigned int) sb.st_uid, ROOT_UID);
#  716|   	    goto done;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def87]
sudo-1.9.17p2/lib/util/sudo_conf.c:718:13: warning[-Wanalyzer-malloc-leak]: leak of 'prev_locale'
sudo-1.9.17p2/lib/util/sudo_conf.c:667:8: branch_false: following 'false' branch (when 'prev_locale' is non-NULL)...
sudo-1.9.17p2/lib/util/sudo_conf.c:671:24: branch_false: ...to here
sudo-1.9.17p2/lib/util/sudo_conf.c:671:24: acquire_memory: allocated here
sudo-1.9.17p2/lib/util/sudo_conf.c:671:8: branch_false: following 'false' branch (when 'prev_locale' is non-NULL)...
sudo-1.9.17p2/lib/util/sudo_conf.c:677:9: branch_false: ...to here
sudo-1.9.17p2/lib/util/sudo_conf.c:680:8: branch_false: following 'false' branch (when 'path' is NULL)...
sudo-1.9.17p2/lib/util/sudo_conf.c:698:14: branch_false: ...to here
sudo-1.9.17p2/lib/util/sudo_conf.c:718:13: danger: 'prev_locale' leaks here; was allocated at [(3)](sarif:/runs/0/results/29/codeFlows/0/threadFlows/0/locations/2)
#  716|   	    goto done;
#  717|   	case SUDO_PATH_WORLD_WRITABLE:
#  718|-> 	    sudo_warnx(U_("%s is world writable"), conf_file);
#  719|   	    goto done;
#  720|   	case SUDO_PATH_GROUP_WRITABLE:

Error: GCC_ANALYZER_WARNING (CWE-401): [#def88]
sudo-1.9.17p2/lib/util/sudo_conf.c:718:24: warning[-Wanalyzer-malloc-leak]: leak of 'prev_locale'
sudo-1.9.17p2/lib/util/sudo_conf.c:667:8: branch_false: following 'false' branch (when 'prev_locale' is non-NULL)...
sudo-1.9.17p2/lib/util/sudo_conf.c:671:24: branch_false: ...to here
sudo-1.9.17p2/lib/util/sudo_conf.c:671:24: acquire_memory: allocated here
sudo-1.9.17p2/lib/util/sudo_conf.c:671:8: branch_false: following 'false' branch (when 'prev_locale' is non-NULL)...
sudo-1.9.17p2/lib/util/sudo_conf.c:677:9: branch_false: ...to here
sudo-1.9.17p2/lib/util/sudo_conf.c:680:8: branch_false: following 'false' branch (when 'path' is NULL)...
sudo-1.9.17p2/lib/util/sudo_conf.c:698:14: branch_false: ...to here
sudo-1.9.17p2/lib/util/sudo_conf.c:718:24: danger: 'prev_locale' leaks here; was allocated at [(3)](sarif:/runs/0/results/30/codeFlows/0/threadFlows/0/locations/2)
#  716|   	    goto done;
#  717|   	case SUDO_PATH_WORLD_WRITABLE:
#  718|-> 	    sudo_warnx(U_("%s is world writable"), conf_file);
#  719|   	    goto done;
#  720|   	case SUDO_PATH_GROUP_WRITABLE:

Error: GCC_ANALYZER_WARNING (CWE-401): [#def89]
sudo-1.9.17p2/lib/util/sudo_conf.c:721:13: warning[-Wanalyzer-malloc-leak]: leak of 'prev_locale'
sudo-1.9.17p2/lib/util/sudo_conf.c:667:8: branch_false: following 'false' branch (when 'prev_locale' is non-NULL)...
sudo-1.9.17p2/lib/util/sudo_conf.c:671:24: branch_false: ...to here
sudo-1.9.17p2/lib/util/sudo_conf.c:671:24: acquire_memory: allocated here
sudo-1.9.17p2/lib/util/sudo_conf.c:671:8: branch_false: following 'false' branch (when 'prev_locale' is non-NULL)...
sudo-1.9.17p2/lib/util/sudo_conf.c:677:9: branch_false: ...to here
sudo-1.9.17p2/lib/util/sudo_conf.c:680:8: branch_false: following 'false' branch (when 'path' is NULL)...
sudo-1.9.17p2/lib/util/sudo_conf.c:698:14: branch_false: ...to here
sudo-1.9.17p2/lib/util/sudo_conf.c:721:13: danger: 'prev_locale' leaks here; was allocated at [(3)](sarif:/runs/0/results/31/codeFlows/0/threadFlows/0/locations/2)
#  719|   	    goto done;
#  720|   	case SUDO_PATH_GROUP_WRITABLE:
#  721|-> 	    sudo_warnx(U_("%s is group writable"), conf_file);
#  722|   	    goto done;
#  723|   	default:

Error: GCC_ANALYZER_WARNING (CWE-401): [#def90]
sudo-1.9.17p2/lib/util/sudo_conf.c:721:24: warning[-Wanalyzer-malloc-leak]: leak of 'prev_locale'
sudo-1.9.17p2/lib/util/sudo_conf.c:667:8: branch_false: following 'false' branch (when 'prev_locale' is non-NULL)...
sudo-1.9.17p2/lib/util/sudo_conf.c:671:24: branch_false: ...to here
sudo-1.9.17p2/lib/util/sudo_conf.c:671:24: acquire_memory: allocated here
sudo-1.9.17p2/lib/util/sudo_conf.c:671:8: branch_false: following 'false' branch (when 'prev_locale' is non-NULL)...
sudo-1.9.17p2/lib/util/sudo_conf.c:677:9: branch_false: ...to here
sudo-1.9.17p2/lib/util/sudo_conf.c:680:8: branch_false: following 'false' branch (when 'path' is NULL)...
sudo-1.9.17p2/lib/util/sudo_conf.c:698:14: branch_false: ...to here
sudo-1.9.17p2/lib/util/sudo_conf.c:721:24: danger: 'prev_locale' leaks here; was allocated at [(3)](sarif:/runs/0/results/32/codeFlows/0/threadFlows/0/locations/2)
#  719|   	    goto done;
#  720|   	case SUDO_PATH_GROUP_WRITABLE:
#  721|-> 	    sudo_warnx(U_("%s is group writable"), conf_file);
#  722|   	    goto done;
#  723|   	default:

Error: GCC_ANALYZER_WARNING (CWE-401): [#def91]
sudo-1.9.17p2/lib/util/sudo_conf.c:724:13: warning[-Wanalyzer-malloc-leak]: leak of 'prev_locale'
sudo-1.9.17p2/lib/util/sudo_conf.c:667:8: branch_false: following 'false' branch (when 'prev_locale' is non-NULL)...
sudo-1.9.17p2/lib/util/sudo_conf.c:671:24: branch_false: ...to here
sudo-1.9.17p2/lib/util/sudo_conf.c:671:24: acquire_memory: allocated here
sudo-1.9.17p2/lib/util/sudo_conf.c:671:8: branch_false: following 'false' branch (when 'prev_locale' is non-NULL)...
sudo-1.9.17p2/lib/util/sudo_conf.c:677:9: branch_false: ...to here
sudo-1.9.17p2/lib/util/sudo_conf.c:680:8: branch_false: following 'false' branch (when 'path' is NULL)...
sudo-1.9.17p2/lib/util/sudo_conf.c:698:14: branch_false: ...to here
sudo-1.9.17p2/lib/util/sudo_conf.c:724:13: danger: 'prev_locale' leaks here; was allocated at [(3)](sarif:/runs/0/results/33/codeFlows/0/threadFlows/0/locations/2)
#  722|   	    goto done;
#  723|   	default:
#  724|-> 	    sudo_warnx("%s: internal error, unexpected error %d",
#  725|   		__func__, error);
#  726|   	    goto done;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def92]
sudo-1.9.17p2/lib/util/sudo_conf.c:735:9: warning[-Wanalyzer-malloc-leak]: leak of 'prev_locale'
sudo-1.9.17p2/lib/util/sudo_conf.c:657:1: enter_function: entry to 'sudo_conf_read_v1'
sudo-1.9.17p2/lib/util/sudo_conf.c:667:8: branch_false: following 'false' branch (when 'prev_locale' is non-NULL)...
sudo-1.9.17p2/lib/util/sudo_conf.c:671:24: branch_false: ...to here
sudo-1.9.17p2/lib/util/sudo_conf.c:671:24: acquire_memory: allocated here
sudo-1.9.17p2/lib/util/sudo_conf.c:671:8: branch_false: following 'false' branch (when 'prev_locale' is non-NULL)...
sudo-1.9.17p2/lib/util/sudo_conf.c:677:9: branch_false: ...to here
sudo-1.9.17p2/lib/util/sudo_conf.c:682:12: branch_false: following 'false' branch...
sudo-1.9.17p2/lib/util/sudo_conf.c:687:14: call_function: inlined call to 'open' from 'sudo_conf_read_v1'
sudo-1.9.17p2/lib/util/sudo_conf.c:688:12: branch_false: following 'false' branch...
sudo-1.9.17p2/lib/util/sudo_conf.c:734:15: branch_false: ...to here
sudo-1.9.17p2/lib/util/sudo_conf.c:734:8: branch_true: following 'true' branch (when 'fp' is NULL)...
sudo-1.9.17p2/lib/util/sudo_conf.c:735:19: branch_true: ...to here
sudo-1.9.17p2/lib/util/sudo_conf.c:735:9: danger: 'prev_locale' leaks here; was allocated at [(4)](sarif:/runs/0/results/34/codeFlows/0/threadFlows/0/locations/3)
#  733|   
#  734|       if ((fp = fdopen(fd, "r")) == NULL) {
#  735|-> 	sudo_warn(U_("unable to open %s"), conf_file);
#  736|   	goto done;
#  737|       }

Error: GCC_ANALYZER_WARNING (CWE-401): [#def93]
sudo-1.9.17p2/lib/util/sudo_conf.c:735:19: warning[-Wanalyzer-malloc-leak]: leak of 'prev_locale'
sudo-1.9.17p2/lib/util/sudo_conf.c:657:1: enter_function: entry to 'sudo_conf_read_v1'
sudo-1.9.17p2/lib/util/sudo_conf.c:667:8: branch_false: following 'false' branch (when 'prev_locale' is non-NULL)...
sudo-1.9.17p2/lib/util/sudo_conf.c:671:24: branch_false: ...to here
sudo-1.9.17p2/lib/util/sudo_conf.c:671:24: acquire_memory: allocated here
sudo-1.9.17p2/lib/util/sudo_conf.c:671:8: branch_false: following 'false' branch (when 'prev_locale' is non-NULL)...
sudo-1.9.17p2/lib/util/sudo_conf.c:677:9: branch_false: ...to here
sudo-1.9.17p2/lib/util/sudo_conf.c:682:12: branch_false: following 'false' branch...
sudo-1.9.17p2/lib/util/sudo_conf.c:687:14: call_function: inlined call to 'open' from 'sudo_conf_read_v1'
sudo-1.9.17p2/lib/util/sudo_conf.c:688:12: branch_false: following 'false' branch...
sudo-1.9.17p2/lib/util/sudo_conf.c:734:15: branch_false: ...to here
sudo-1.9.17p2/lib/util/sudo_conf.c:734:8: branch_true: following 'true' branch (when 'fp' is NULL)...
sudo-1.9.17p2/lib/util/sudo_conf.c:735:19: branch_true: ...to here
sudo-1.9.17p2/lib/util/sudo_conf.c:735:19: danger: 'prev_locale' leaks here; was allocated at [(4)](sarif:/runs/0/results/35/codeFlows/0/threadFlows/0/locations/3)
#  733|   
#  734|       if ((fp = fdopen(fd, "r")) == NULL) {
#  735|-> 	sudo_warn(U_("unable to open %s"), conf_file);
#  736|   	goto done;
#  737|       }

Error: GCC_ANALYZER_WARNING (CWE-401): [#def94]
sudo-1.9.17p2/lib/util/sudo_conf.c:743:12: warning[-Wanalyzer-malloc-leak]: leak of 'fp'
sudo-1.9.17p2/lib/util/sudo_conf.c:657:1: enter_function: entry to 'sudo_conf_read_v1'
sudo-1.9.17p2/lib/util/sudo_conf.c:667:8: branch_false: following 'false' branch (when 'prev_locale' is non-NULL)...
sudo-1.9.17p2/lib/util/sudo_conf.c:671:24: branch_false: ...to here
sudo-1.9.17p2/lib/util/sudo_conf.c:671:8: branch_false: following 'false' branch (when 'prev_locale' is non-NULL)...
sudo-1.9.17p2/lib/util/sudo_conf.c:677:9: branch_false: ...to here
sudo-1.9.17p2/lib/util/sudo_conf.c:682:12: branch_false: following 'false' branch...
sudo-1.9.17p2/lib/util/sudo_conf.c:687:14: call_function: inlined call to 'open' from 'sudo_conf_read_v1'
sudo-1.9.17p2/lib/util/sudo_conf.c:688:12: branch_false: following 'false' branch...
sudo-1.9.17p2/lib/util/sudo_conf.c:734:15: branch_false: ...to here
sudo-1.9.17p2/lib/util/sudo_conf.c:734:15: acquire_memory: allocated here
sudo-1.9.17p2/lib/util/sudo_conf.c:734:8: branch_false: following 'false' branch (when 'fp' is non-NULL)...
sudo-1.9.17p2/lib/util/sudo_conf.c:740:9: branch_false: ...to here
sudo-1.9.17p2/lib/util/sudo_conf.c:743:12: danger: 'fp' leaks here; was allocated at [(11)](sarif:/runs/0/results/36/codeFlows/0/threadFlows/0/locations/10)
#  741|   	sudo_conf_init(conf_types);
#  742|   
#  743|->     while (sudo_parseln(&line, &linesize, &conf_lineno, fp, 0) != -1) {
#  744|   	struct sudo_conf_table *cur;
#  745|   	size_t i;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def95]
sudo-1.9.17p2/lib/util/sudo_conf.c:743:12: warning[-Wanalyzer-malloc-leak]: leak of 'prev_locale'
sudo-1.9.17p2/lib/util/sudo_conf.c:657:1: enter_function: entry to 'sudo_conf_read_v1'
sudo-1.9.17p2/lib/util/sudo_conf.c:667:8: branch_false: following 'false' branch (when 'prev_locale' is non-NULL)...
sudo-1.9.17p2/lib/util/sudo_conf.c:671:24: branch_false: ...to here
sudo-1.9.17p2/lib/util/sudo_conf.c:671:24: acquire_memory: allocated here
sudo-1.9.17p2/lib/util/sudo_conf.c:671:8: branch_false: following 'false' branch (when 'prev_locale' is non-NULL)...
sudo-1.9.17p2/lib/util/sudo_conf.c:677:9: branch_false: ...to here
sudo-1.9.17p2/lib/util/sudo_conf.c:682:12: branch_false: following 'false' branch...
sudo-1.9.17p2/lib/util/sudo_conf.c:687:14: call_function: inlined call to 'open' from 'sudo_conf_read_v1'
sudo-1.9.17p2/lib/util/sudo_conf.c:688:12: branch_false: following 'false' branch...
sudo-1.9.17p2/lib/util/sudo_conf.c:734:15: branch_false: ...to here
sudo-1.9.17p2/lib/util/sudo_conf.c:734:8: branch_false: following 'false' branch (when 'fp' is non-NULL)...
sudo-1.9.17p2/lib/util/sudo_conf.c:740:9: branch_false: ...to here
sudo-1.9.17p2/lib/util/sudo_conf.c:743:12: danger: 'prev_locale' leaks here; was allocated at [(4)](sarif:/runs/0/results/37/codeFlows/0/threadFlows/0/locations/3)
#  741|   	sudo_conf_init(conf_types);
#  742|   
#  743|->     while (sudo_parseln(&line, &linesize, &conf_lineno, fp, 0) != -1) {
#  744|   	struct sudo_conf_table *cur;
#  745|   	size_t i;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def96]
sudo-1.9.17p2/lib/util/sudo_conf.c:758:27: warning[-Wanalyzer-malloc-leak]: leak of 'prev_locale'
sudo-1.9.17p2/lib/util/sudo_conf.c:657:1: enter_function: entry to 'sudo_conf_read_v1'
sudo-1.9.17p2/lib/util/sudo_conf.c:667:8: branch_false: following 'false' branch (when 'prev_locale' is non-NULL)...
sudo-1.9.17p2/lib/util/sudo_conf.c:671:24: branch_false: ...to here
sudo-1.9.17p2/lib/util/sudo_conf.c:671:24: acquire_memory: allocated here
sudo-1.9.17p2/lib/util/sudo_conf.c:671:8: branch_false: following 'false' branch (when 'prev_locale' is non-NULL)...
sudo-1.9.17p2/lib/util/sudo_conf.c:677:9: branch_false: ...to here
sudo-1.9.17p2/lib/util/sudo_conf.c:682:12: branch_false: following 'false' branch...
sudo-1.9.17p2/lib/util/sudo_conf.c:687:14: call_function: inlined call to 'open' from 'sudo_conf_read_v1'
sudo-1.9.17p2/lib/util/sudo_conf.c:688:12: branch_false: following 'false' branch...
sudo-1.9.17p2/lib/util/sudo_conf.c:734:15: branch_false: ...to here
sudo-1.9.17p2/lib/util/sudo_conf.c:734:8: branch_false: following 'false' branch (when 'fp' is non-NULL)...
sudo-1.9.17p2/lib/util/sudo_conf.c:740:9: branch_false: ...to here
sudo-1.9.17p2/lib/util/sudo_conf.c:743:12: branch_true: following 'true' branch...
sudo-1.9.17p2/lib/util/sudo_conf.c:748:14: branch_true: ...to here
sudo-1.9.17p2/lib/util/sudo_conf.c:758:27: danger: 'prev_locale' leaks here; was allocated at [(4)](sarif:/runs/0/results/38/codeFlows/0/threadFlows/0/locations/3)
#  756|   		    while (isblank((unsigned char)*cp))
#  757|   			cp++;
#  758|-> 		    ret = cur->parser(cp, conf_file, conf_lineno);
#  759|   		    switch (ret) {
#  760|   		    case true:

Error: GCC_ANALYZER_WARNING (CWE-401): [#def97]
sudo-1.9.17p2/lib/util/sudo_conf.c:773:13: warning[-Wanalyzer-malloc-leak]: leak of 'prev_locale'
sudo-1.9.17p2/lib/util/sudo_conf.c:657:1: enter_function: entry to 'sudo_conf_read_v1'
sudo-1.9.17p2/lib/util/sudo_conf.c:667:8: branch_false: following 'false' branch (when 'prev_locale' is non-NULL)...
sudo-1.9.17p2/lib/util/sudo_conf.c:671:24: branch_false: ...to here
sudo-1.9.17p2/lib/util/sudo_conf.c:671:24: acquire_memory: allocated here
sudo-1.9.17p2/lib/util/sudo_conf.c:671:8: branch_false: following 'false' branch (when 'prev_locale' is non-NULL)...
sudo-1.9.17p2/lib/util/sudo_conf.c:677:9: branch_false: ...to here
sudo-1.9.17p2/lib/util/sudo_conf.c:682:12: branch_false: following 'false' branch...
sudo-1.9.17p2/lib/util/sudo_conf.c:687:14: call_function: inlined call to 'open' from 'sudo_conf_read_v1'
sudo-1.9.17p2/lib/util/sudo_conf.c:688:12: branch_false: following 'false' branch...
sudo-1.9.17p2/lib/util/sudo_conf.c:734:15: branch_false: ...to here
sudo-1.9.17p2/lib/util/sudo_conf.c:734:8: branch_false: following 'false' branch (when 'fp' is non-NULL)...
sudo-1.9.17p2/lib/util/sudo_conf.c:740:9: branch_false: ...to here
sudo-1.9.17p2/lib/util/sudo_conf.c:743:12: branch_true: following 'true' branch...
sudo-1.9.17p2/lib/util/sudo_conf.c:748:14: branch_true: ...to here
sudo-1.9.17p2/lib/util/sudo_conf.c:773:13: danger: 'prev_locale' leaks here; was allocated at [(4)](sarif:/runs/0/results/39/codeFlows/0/threadFlows/0/locations/3)
#  771|   	}
#  772|   	if (cur->name == NULL) {
#  773|-> 	    sudo_debug_printf(SUDO_DEBUG_WARN,
#  774|   		"%s: %s:%u: unsupported entry: %s", __func__, conf_file,
#  775|   		conf_lineno, line);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def98]
sudo-1.9.17p2/lib/util/sudo_conf.c:784:9: warning[-Wanalyzer-malloc-leak]: leak of 'prev_locale'
sudo-1.9.17p2/lib/util/sudo_conf.c:667:8: branch_false: following 'false' branch (when 'prev_locale' is non-NULL)...
sudo-1.9.17p2/lib/util/sudo_conf.c:671:24: branch_false: ...to here
sudo-1.9.17p2/lib/util/sudo_conf.c:671:24: acquire_memory: allocated here
sudo-1.9.17p2/lib/util/sudo_conf.c:671:8: branch_false: following 'false' branch (when 'prev_locale' is non-NULL)...
sudo-1.9.17p2/lib/util/sudo_conf.c:677:9: branch_false: ...to here
sudo-1.9.17p2/lib/util/sudo_conf.c:783:13: branch_true: following 'true' branch (when 'fd != -1')...
sudo-1.9.17p2/lib/util/sudo_conf.c:784:9: branch_true: ...to here
sudo-1.9.17p2/lib/util/sudo_conf.c:784:9: danger: 'prev_locale' leaks here; was allocated at [(3)](sarif:/runs/0/results/40/codeFlows/0/threadFlows/0/locations/2)
#  782|   	fclose(fp);
#  783|       else if (fd != -1)
#  784|-> 	close(fd);
#  785|       free(line);
#  786|   

Error: GCC_ANALYZER_WARNING (CWE-401): [#def99]
sudo-1.9.17p2/lib/util/sudo_conf.c:801:5: warning[-Wanalyzer-malloc-leak]: leak of 'fp'
sudo-1.9.17p2/lib/util/sudo_conf.c:657:1: enter_function: entry to 'sudo_conf_read_v1'
sudo-1.9.17p2/lib/util/sudo_conf.c:667:8: branch_false: following 'false' branch (when 'prev_locale' is non-NULL)...
sudo-1.9.17p2/lib/util/sudo_conf.c:671:24: branch_false: ...to here
sudo-1.9.17p2/lib/util/sudo_conf.c:671:8: branch_false: following 'false' branch (when 'prev_locale' is non-NULL)...
sudo-1.9.17p2/lib/util/sudo_conf.c:677:9: branch_false: ...to here
sudo-1.9.17p2/lib/util/sudo_conf.c:682:12: branch_false: following 'false' branch...
sudo-1.9.17p2/lib/util/sudo_conf.c:687:14: call_function: inlined call to 'open' from 'sudo_conf_read_v1'
sudo-1.9.17p2/lib/util/sudo_conf.c:688:12: branch_false: following 'false' branch...
sudo-1.9.17p2/lib/util/sudo_conf.c:734:15: branch_false: ...to here
sudo-1.9.17p2/lib/util/sudo_conf.c:734:15: acquire_memory: allocated here
sudo-1.9.17p2/lib/util/sudo_conf.c:734:8: branch_false: following 'false' branch (when 'fp' is non-NULL)...
sudo-1.9.17p2/lib/util/sudo_conf.c:740:9: branch_false: ...to here
sudo-1.9.17p2/lib/util/sudo_conf.c:740:8: branch_true: following 'true' branch...
sudo-1.9.17p2/lib/util/sudo_conf.c:741:9: branch_true: ...to here
sudo-1.9.17p2/lib/util/sudo_conf.c:741:9: call_function: calling 'sudo_conf_init' from 'sudo_conf_read_v1'
#  799|   {
#  800|       struct sudo_conf_path_table *cur;
#  801|->     debug_decl(sudo_conf_clear_paths, SUDO_DEBUG_UTIL);
#  802|   
#  803|       for (cur = sudo_conf_data.path_table; cur->pname != NULL; cur++) {

Error: GCC_ANALYZER_WARNING (CWE-401): [#def100]
sudo-1.9.17p2/lib/util/sudo_conf.c:801:5: warning[-Wanalyzer-malloc-leak]: leak of 'prev_locale'
sudo-1.9.17p2/lib/util/sudo_conf.c:657:1: enter_function: entry to 'sudo_conf_read_v1'
sudo-1.9.17p2/lib/util/sudo_conf.c:667:8: branch_false: following 'false' branch (when 'prev_locale' is non-NULL)...
sudo-1.9.17p2/lib/util/sudo_conf.c:671:24: branch_false: ...to here
sudo-1.9.17p2/lib/util/sudo_conf.c:671:24: acquire_memory: allocated here
sudo-1.9.17p2/lib/util/sudo_conf.c:671:8: branch_false: following 'false' branch (when 'prev_locale' is non-NULL)...
sudo-1.9.17p2/lib/util/sudo_conf.c:677:9: branch_false: ...to here
sudo-1.9.17p2/lib/util/sudo_conf.c:682:12: branch_false: following 'false' branch...
sudo-1.9.17p2/lib/util/sudo_conf.c:687:14: call_function: inlined call to 'open' from 'sudo_conf_read_v1'
sudo-1.9.17p2/lib/util/sudo_conf.c:688:12: branch_false: following 'false' branch...
sudo-1.9.17p2/lib/util/sudo_conf.c:734:15: branch_false: ...to here
sudo-1.9.17p2/lib/util/sudo_conf.c:734:8: branch_false: following 'false' branch (when 'fp' is non-NULL)...
sudo-1.9.17p2/lib/util/sudo_conf.c:740:9: branch_false: ...to here
sudo-1.9.17p2/lib/util/sudo_conf.c:740:8: branch_true: following 'true' branch...
sudo-1.9.17p2/lib/util/sudo_conf.c:741:9: branch_true: ...to here
sudo-1.9.17p2/lib/util/sudo_conf.c:741:9: call_function: calling 'sudo_conf_init' from 'sudo_conf_read_v1'
#  799|   {
#  800|       struct sudo_conf_path_table *cur;
#  801|->     debug_decl(sudo_conf_clear_paths, SUDO_DEBUG_UTIL);
#  802|   
#  803|       for (cur = sudo_conf_data.path_table; cur->pname != NULL; cur++) {

Error: GCC_ANALYZER_WARNING (CWE-404): [#def101]
sudo-1.9.17p2/lib/util/sudo_debug.c:750:9: warning[-Wanalyzer-va-list-leak]: missing call to 'va_end'
sudo-1.9.17p2/lib/util/sudo_debug.c:813:1: enter_function: entry to 'sudo_debug_printf2_v1'
sudo-1.9.17p2/lib/util/sudo_debug.c:818:5: acquire_resource: 'va_start' called here
sudo-1.9.17p2/lib/util/sudo_debug.c:819:5: call_function: calling 'sudo_debug_vprintf2_v1' from 'sudo_debug_printf2_v1'
#  748|       /* Find matching instance. */
#  749|       if (sudo_debug_active_instance > sudo_debug_last_instance) {
#  750|-> 	sudo_warnx_nodebug("%s: invalid instance ID %d, max %d",
#  751|   	    __func__, sudo_debug_active_instance, sudo_debug_last_instance);
#  752|   	goto out;

Error: GCC_ANALYZER_WARNING (CWE-404): [#def102]
sudo-1.9.17p2/lib/util/sudo_debug.c:756:9: warning[-Wanalyzer-va-list-leak]: missing call to 'va_end'
sudo-1.9.17p2/lib/util/sudo_debug.c:813:1: enter_function: entry to 'sudo_debug_printf2_v1'
sudo-1.9.17p2/lib/util/sudo_debug.c:818:5: acquire_resource: 'va_start' called here
sudo-1.9.17p2/lib/util/sudo_debug.c:819:5: call_function: calling 'sudo_debug_vprintf2_v1' from 'sudo_debug_printf2_v1'
#  754|       instance = sudo_debug_instances[sudo_debug_active_instance];
#  755|       if (instance == NULL) {
#  756|-> 	sudo_warnx_nodebug("%s: unregistered instance index %d", __func__,
#  757|   	    sudo_debug_active_instance);
#  758|   	goto out;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def103]
sudo-1.9.17p2/logsrvd/iolog_writer.c:100:13: warning[-Wanalyzer-malloc-leak]: leak of ‘dst’
sudo-1.9.17p2/logsrvd/iolog_writer.c:93:11: acquire_memory: allocated here
sudo-1.9.17p2/logsrvd/iolog_writer.c:94:8: branch_false: following ‘false’ branch (when ‘dst’ is non-NULL)...
 branch_false: ...to here
sudo-1.9.17p2/logsrvd/iolog_writer.c:98:17: branch_true: following ‘true’ branch (when ‘i < len’)...
sudo-1.9.17p2/logsrvd/iolog_writer.c:99:33: branch_true: ...to here
sudo-1.9.17p2/logsrvd/iolog_writer.c:99:12: branch_true: following ‘true’ branch...
sudo-1.9.17p2/logsrvd/iolog_writer.c:100:13: branch_true: ...to here
sudo-1.9.17p2/logsrvd/iolog_writer.c:100:13: danger: ‘dst’ leaks here; was allocated at [(1)](sarif:/runs/0/results/0/codeFlows/0/threadFlows/0/locations/0)
#   98|       for (i = 0; i < len; i++) {
#   99|   	if ((dst[i] = strdup(src[i])) == NULL) {
#  100|-> 	    sudo_warnx(U_("%s: %s"), __func__, U_("unable to allocate memory"));
#  101|   	    goto bad;
#  102|   	}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def104]
sudo-1.9.17p2/logsrvd/iolog_writer.c:105:5: warning[-Wanalyzer-malloc-leak]: leak of ‘dst’
sudo-1.9.17p2/logsrvd/iolog_writer.c:93:11: acquire_memory: allocated here
sudo-1.9.17p2/logsrvd/iolog_writer.c:94:8: branch_false: following ‘false’ branch (when ‘dst’ is non-NULL)...
 branch_false: ...to here
sudo-1.9.17p2/logsrvd/iolog_writer.c:98:17: branch_false: following ‘false’ branch (when ‘i >= len’)...
sudo-1.9.17p2/logsrvd/iolog_writer.c:104:8: branch_false: ...to here
sudo-1.9.17p2/logsrvd/iolog_writer.c:105:5: danger: ‘dst’ leaks here; was allocated at [(1)](sarif:/runs/0/results/6/codeFlows/0/threadFlows/0/locations/0)
#  103|       }
#  104|       dst[i] = NULL;
#  105|->     debug_return_ptr(dst);
#  106|   
#  107|   bad:

Error: GCC_ANALYZER_WARNING (CWE-401): [#def105]
sudo-1.9.17p2/logsrvd/iolog_writer.c:153:5: warning[-Wanalyzer-malloc-leak]: leak of ‘evlog’
sudo-1.9.17p2/logsrvd/iolog_writer.c:146:13: acquire_memory: allocated here
sudo-1.9.17p2/logsrvd/iolog_writer.c:147:8: branch_false: following ‘false’ branch (when ‘evlog’ is non-NULL)...
sudo-1.9.17p2/logsrvd/iolog_writer.c:153:5: branch_false: ...to here
sudo-1.9.17p2/logsrvd/iolog_writer.c:153:5: danger: ‘evlog’ leaks here; was allocated at [(1)](sarif:/runs/0/results/7/codeFlows/0/threadFlows/0/locations/0)
#  151|   
#  152|       /* Create a UUID to store in the event log. */
#  153|->     sudo_uuid_create(uuid);
#  154|       if (sudo_uuid_to_string(uuid, evlog->uuid_str, sizeof(evlog->uuid_str)) == NULL) {
#  155|          sudo_warnx("%s", U_("unable to generate UUID"));

Error: GCC_ANALYZER_WARNING (CWE-401): [#def106]
sudo-1.9.17p2/logsrvd/iolog_writer.c:154:9: warning[-Wanalyzer-malloc-leak]: leak of ‘evlog’
sudo-1.9.17p2/logsrvd/iolog_writer.c:146:13: acquire_memory: allocated here
sudo-1.9.17p2/logsrvd/iolog_writer.c:147:8: branch_false: following ‘false’ branch (when ‘evlog’ is non-NULL)...
sudo-1.9.17p2/logsrvd/iolog_writer.c:153:5: branch_false: ...to here
sudo-1.9.17p2/logsrvd/iolog_writer.c:154:9: danger: ‘evlog’ leaks here; was allocated at [(1)](sarif:/runs/0/results/8/codeFlows/0/threadFlows/0/locations/0)
#  152|       /* Create a UUID to store in the event log. */
#  153|       sudo_uuid_create(uuid);
#  154|->     if (sudo_uuid_to_string(uuid, evlog->uuid_str, sizeof(evlog->uuid_str)) == NULL) {
#  155|          sudo_warnx("%s", U_("unable to generate UUID"));
#  156|          goto bad;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def107]
sudo-1.9.17p2/logsrvd/iolog_writer.c:622:5: warning[-Wanalyzer-malloc-leak]: leak of ‘*evlog.iolog_path’
sudo-1.9.17p2/logsrvd/iolog_writer.c:574:1: enter_function: entry to ‘create_iolog_path’
sudo-1.9.17p2/logsrvd/iolog_writer.c:585:8: branch_true: following ‘true’ branch...
sudo-1.9.17p2/logsrvd/iolog_writer.c:592:10: branch_true: ...to here
sudo-1.9.17p2/logsrvd/iolog_writer.c:592:8: branch_true: following ‘true’ branch...
sudo-1.9.17p2/logsrvd/iolog_writer.c:599:11: call_function: inlined call to ‘snprintf’ from ‘create_iolog_path’
sudo-1.9.17p2/logsrvd/iolog_writer.c:601:8: branch_false: following ‘false’ branch...
sudo-1.9.17p2/logsrvd/iolog_writer.c:611:10: branch_false: ...to here
sudo-1.9.17p2/logsrvd/iolog_writer.c:611:8: branch_true: following ‘true’ branch...
sudo-1.9.17p2/logsrvd/iolog_writer.c:615:30: branch_true: ...to here
sudo-1.9.17p2/logsrvd/iolog_writer.c:615:30: acquire_memory: allocated here
sudo-1.9.17p2/logsrvd/iolog_writer.c:615:8: branch_false: following ‘false’ branch...
sudo-1.9.17p2/logsrvd/iolog_writer.c:619:45: branch_false: ...to here
sudo-1.9.17p2/logsrvd/iolog_writer.c:622:5: danger: ‘*evlog.iolog_path’ leaks here; was allocated at [(11)](sarif:/runs/0/results/9/codeFlows/0/threadFlows/0/locations/10)
#  620|   
#  621|       /* We use iolog_dir_fd in calls to openat(2) */
#  622|->     closure->iolog_dir_fd =
#  623|   	iolog_openat(AT_FDCWD, evlog->iolog_path, O_RDONLY);
#  624|       if (closure->iolog_dir_fd == -1) {

Error: GCC_ANALYZER_WARNING (CWE-415): [#def108]
sudo-1.9.17p2/logsrvd/logsrvd.c:152:13: warning[-Wanalyzer-double-free]: double-‘free’ of ‘*buf.data’
sudo-1.9.17p2/logsrvd/logsrvd.c:1429:1: enter_function: entry to ‘new_connection’
sudo-1.9.17p2/logsrvd/logsrvd.c:1435:20: call_function: calling ‘connection_closure_alloc’ from ‘new_connection’
#  150|   	while ((buf = TAILQ_FIRST(&closure->free_bufs)) != NULL) {
#  151|   	    TAILQ_REMOVE(&closure->free_bufs, buf, entries);
#  152|-> 	    free(buf->data);
#  153|   	    free(buf);
#  154|   	}

Error: GCC_ANALYZER_WARNING (CWE-416): [#def109]
sudo-1.9.17p2/logsrvd/logsrvd.c:152:18: warning[-Wanalyzer-use-after-free]: use after ‘free’ of ‘buf’
sudo-1.9.17p2/logsrvd/logsrvd.c:1429:1: enter_function: entry to ‘new_connection’
sudo-1.9.17p2/logsrvd/logsrvd.c:1435:20: call_function: calling ‘connection_closure_alloc’ from ‘new_connection’
#  150|   	while ((buf = TAILQ_FIRST(&closure->free_bufs)) != NULL) {
#  151|   	    TAILQ_REMOVE(&closure->free_bufs, buf, entries);
#  152|-> 	    free(buf->data);
#  153|   	    free(buf);
#  154|   	}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def110]
sudo-1.9.17p2/logsrvd/logsrvd.c:189:16: warning[-Wanalyzer-malloc-leak]: leak of ‘closure’
sudo-1.9.17p2/logsrvd/logsrvd.c:1429:1: enter_function: entry to ‘new_connection’
sudo-1.9.17p2/logsrvd/logsrvd.c:1435:20: call_function: calling ‘connection_closure_alloc’ from ‘new_connection’
#  187|       if (relay_only) {
#  188|   	closure->cms = &cms_relay;
#  189|->     } else if (logsrvd_conf_relay_store_first()) {
#  190|   	closure->store_first = true;
#  191|   	closure->cms = &cms_journal;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def111]
sudo-1.9.17p2/logsrvd/logsrvd.c:306:33: warning[-Wanalyzer-malloc-leak]: leak of ‘buf’
sudo-1.9.17p2/logsrvd/logsrvd.c:1170:1: enter_function: entry to ‘schedule_commit_point’
sudo-1.9.17p2/logsrvd/logsrvd.c:1175:8: branch_true: following ‘true’ branch...
sudo-1.9.17p2/logsrvd/logsrvd.c:1177:23: branch_true: ...to here
sudo-1.9.17p2/logsrvd/logsrvd.c:1185:14: call_function: calling ‘fmt_server_message’ from ‘schedule_commit_point’
#  304|   
#  305|       if (len > buf->size) {
#  306|-> 	const size_t new_size = sudo_pow2_roundup(len);
#  307|   	if (new_size < len) {
#  308|   	    /* overflow */

Error: GCC_ANALYZER_WARNING (CWE-401): [#def112]
sudo-1.9.17p2/logsrvd/logsrvd.c:313:12: warning[-Wanalyzer-malloc-leak]: leak of ‘*buf.data’
sudo-1.9.17p2/logsrvd/logsrvd.c:1170:1: enter_function: entry to ‘schedule_commit_point’
sudo-1.9.17p2/logsrvd/logsrvd.c:1175:8: branch_true: following ‘true’ branch...
sudo-1.9.17p2/logsrvd/logsrvd.c:1177:23: branch_true: ...to here
sudo-1.9.17p2/logsrvd/logsrvd.c:1185:14: call_function: calling ‘fmt_server_message’ from ‘schedule_commit_point’
#  311|   	}
#  312|   	free(buf->data);
#  313|-> 	if ((buf->data = malloc(new_size)) == NULL)
#  314|   	    goto oom;
#  315|   	buf->size = new_size;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def113]
sudo-1.9.17p2/logsrvd/logsrvd.c:318:5: warning[-Wanalyzer-malloc-leak]: leak of ‘<unknown>’
sudo-1.9.17p2/logsrvd/logsrvd.c:1170:1: enter_function: entry to ‘schedule_commit_point’
sudo-1.9.17p2/logsrvd/logsrvd.c:1175:8: branch_true: following ‘true’ branch...
sudo-1.9.17p2/logsrvd/logsrvd.c:1177:23: branch_true: ...to here
sudo-1.9.17p2/logsrvd/logsrvd.c:1185:14: call_function: calling ‘fmt_server_message’ from ‘schedule_commit_point’
#  316|       }
#  317|   
#  318|->     debug_return_ptr(buf);
#  319|   oom:
#  320|       if (buf != NULL) {

Error: GCC_ANALYZER_WARNING (CWE-401): [#def114]
sudo-1.9.17p2/logsrvd/logsrvd.c:318:5: warning[-Wanalyzer-malloc-leak]: leak of ‘buf’
sudo-1.9.17p2/logsrvd/logsrvd.c:1170:1: enter_function: entry to ‘schedule_commit_point’
sudo-1.9.17p2/logsrvd/logsrvd.c:1175:8: branch_true: following ‘true’ branch...
sudo-1.9.17p2/logsrvd/logsrvd.c:1177:23: branch_true: ...to here
sudo-1.9.17p2/logsrvd/logsrvd.c:1185:14: call_function: calling ‘fmt_server_message’ from ‘schedule_commit_point’
#  316|       }
#  317|   
#  318|->     debug_return_ptr(buf);
#  319|   oom:
#  320|       if (buf != NULL) {

Error: GCC_ANALYZER_WARNING (CWE-775): [#def115]
sudo-1.9.17p2/logsrvd/logsrvd.c:1540:9: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘sock’
sudo-1.9.17p2/logsrvd/logsrvd.c:1517:17: acquire_resource: stream socket created here
sudo-1.9.17p2/logsrvd/logsrvd.c:1517:8: branch_false: following ‘false’ branch (when ‘sock != -1’)...
sudo-1.9.17p2/logsrvd/logsrvd.c:1521:5: branch_false: ...to here
sudo-1.9.17p2/logsrvd/logsrvd.c:1534:8: branch_false: following ‘false’ branch...
sudo-1.9.17p2/logsrvd/logsrvd.c:1539:9: branch_false: ...to here
sudo-1.9.17p2/logsrvd/logsrvd.c:1539:8: branch_true: following ‘true’ branch...
sudo-1.9.17p2/logsrvd/logsrvd.c:1540:9: branch_true: ...to here
sudo-1.9.17p2/logsrvd/logsrvd.c:1540:9: danger: ‘sock’ leaks here
# 1538|       }
# 1539|       if (listen(sock, SOMAXCONN) == -1) {
# 1540|-> 	sudo_warn("listen");
# 1541|   	goto bad;
# 1542|       }

Error: GCC_ANALYZER_WARNING (CWE-775): [#def116]
sudo-1.9.17p2/logsrvd/logsrvd.c:1543:13: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘sock’
sudo-1.9.17p2/logsrvd/logsrvd.c:1517:17: acquire_resource: stream socket created here
sudo-1.9.17p2/logsrvd/logsrvd.c:1517:8: branch_false: following ‘false’ branch (when ‘sock != -1’)...
sudo-1.9.17p2/logsrvd/logsrvd.c:1521:5: branch_false: ...to here
sudo-1.9.17p2/logsrvd/logsrvd.c:1534:8: branch_false: following ‘false’ branch...
sudo-1.9.17p2/logsrvd/logsrvd.c:1539:9: branch_false: ...to here
sudo-1.9.17p2/logsrvd/logsrvd.c:1539:8: branch_false: following ‘false’ branch...
sudo-1.9.17p2/logsrvd/logsrvd.c:1543:13: branch_false: ...to here
sudo-1.9.17p2/logsrvd/logsrvd.c:1543:13: danger: ‘sock’ leaks here
# 1541|   	goto bad;
# 1542|       }
# 1543|->     flags = fcntl(sock, F_GETFL, 0);
# 1544|       if (flags == -1 || fcntl(sock, F_SETFL, flags | O_NONBLOCK) == -1) {
# 1545|   	sudo_warn("fcntl(O_NONBLOCK)");

Error: GCC_ANALYZER_WARNING (CWE-775): [#def117]
sudo-1.9.17p2/logsrvd/logsrvd.c:1554:9: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘sock’
sudo-1.9.17p2/logsrvd/logsrvd.c:1517:17: acquire_resource: stream socket created here
sudo-1.9.17p2/logsrvd/logsrvd.c:1517:8: branch_false: following ‘false’ branch (when ‘sock != -1’)...
sudo-1.9.17p2/logsrvd/logsrvd.c:1521:5: branch_false: ...to here
sudo-1.9.17p2/logsrvd/logsrvd.c:1534:8: branch_false: following ‘false’ branch...
sudo-1.9.17p2/logsrvd/logsrvd.c:1539:9: branch_false: ...to here
sudo-1.9.17p2/logsrvd/logsrvd.c:1539:8: branch_true: following ‘true’ branch...
sudo-1.9.17p2/logsrvd/logsrvd.c:1540:9: branch_true: ...to here
sudo-1.9.17p2/logsrvd/logsrvd.c:1553:8: branch_true: following ‘true’ branch (when ‘sock != -1’)...
sudo-1.9.17p2/logsrvd/logsrvd.c:1554:9: branch_true: ...to here
sudo-1.9.17p2/logsrvd/logsrvd.c:1554:9: danger: ‘sock’ leaks here
# 1552|   bad:
# 1553|       if (sock != -1)
# 1554|-> 	close(sock);
# 1555|       debug_return_int(-1);
# 1556|   }

Error: GCC_ANALYZER_WARNING (CWE-401): [#def118]
sudo-1.9.17p2/logsrvd/logsrvd_conf.c:516:10: warning[-Wanalyzer-malloc-leak]: leak of ‘copy’
sudo-1.9.17p2/logsrvd/logsrvd_conf.c:510:17: acquire_memory: allocated here
sudo-1.9.17p2/logsrvd/logsrvd_conf.c:510:8: branch_false: following ‘false’ branch (when ‘copy’ is non-NULL)...
sudo-1.9.17p2/logsrvd/logsrvd_conf.c:516:10: branch_false: ...to here
sudo-1.9.17p2/logsrvd/logsrvd_conf.c:516:10: danger: ‘copy’ leaks here; was allocated at [(1)](sarif:/runs/0/results/0/codeFlows/0/threadFlows/0/locations/0)
#  514|   
#  515|       /* Parse host[:port] */
#  516|->     if (!iolog_parse_host_port(copy, &host, &port, &tls, DEFAULT_PORT,
#  517|   	    DEFAULT_PORT_TLS))
#  518|   	goto done;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def119]
sudo-1.9.17p2/logsrvd/logsrvd_conf.c:559:24: warning[-Wanalyzer-malloc-leak]: leak of ‘addr’
sudo-1.9.17p2/logsrvd/logsrvd_conf.c:500:1: enter_function: entry to ‘append_address’
sudo-1.9.17p2/logsrvd/logsrvd_conf.c:510:8: branch_false: following ‘false’ branch (when ‘copy’ is non-NULL)...
sudo-1.9.17p2/logsrvd/logsrvd_conf.c:516:10: branch_false: ...to here
sudo-1.9.17p2/logsrvd/logsrvd_conf.c:516:8: branch_true: following ‘true’ branch...
sudo-1.9.17p2/logsrvd/logsrvd_conf.c:519:9: branch_true: ...to here
sudo-1.9.17p2/logsrvd/logsrvd_conf.c:533:8: branch_false: following ‘false’ branch...
sudo-1.9.17p2/logsrvd/logsrvd_conf.c:537:9: branch_false: ...to here
sudo-1.9.17p2/logsrvd/logsrvd_conf.c:537:8: branch_false: following ‘false’ branch...
sudo-1.9.17p2/logsrvd/logsrvd_conf.c:543:5: call_function: inlined call to ‘memset’ from ‘append_address’
sudo-1.9.17p2/logsrvd/logsrvd_conf.c:548:8: branch_false: following ‘false’ branch...
sudo-1.9.17p2/logsrvd/logsrvd_conf.c:552:10: branch_false: ...to here
sudo-1.9.17p2/logsrvd/logsrvd_conf.c:552:22: branch_true: following ‘true’ branch (when ‘res’ is non-NULL)...
sudo-1.9.17p2/logsrvd/logsrvd_conf.c:555:21: branch_true: ...to here
sudo-1.9.17p2/logsrvd/logsrvd_conf.c:555:21: acquire_memory: allocated here
sudo-1.9.17p2/logsrvd/logsrvd_conf.c:555:12: branch_false: following ‘false’ branch (when ‘addr’ is non-NULL)...
sudo-1.9.17p2/logsrvd/logsrvd_conf.c:559:24: branch_false: ...to here
sudo-1.9.17p2/logsrvd/logsrvd_conf.c:559:24: danger: ‘addr’ leaks here; was allocated at [(15)](sarif:/runs/0/results/1/codeFlows/0/threadFlows/0/locations/14)
#  557|   	    goto done;
#  558|   	}
#  559|-> 	addr->sa_str = sudo_rcstr_addref(sa_str);
#  560|   	addr->sa_host = sudo_rcstr_addref(sa_host);
#  561|   

Error: GCC_ANALYZER_WARNING (CWE-401): [#def120]
sudo-1.9.17p2/logsrvd/logsrvd_conf.c:560:25: warning[-Wanalyzer-malloc-leak]: leak of ‘addr’
sudo-1.9.17p2/logsrvd/logsrvd_conf.c:500:1: enter_function: entry to ‘append_address’
sudo-1.9.17p2/logsrvd/logsrvd_conf.c:510:8: branch_false: following ‘false’ branch (when ‘copy’ is non-NULL)...
sudo-1.9.17p2/logsrvd/logsrvd_conf.c:516:10: branch_false: ...to here
sudo-1.9.17p2/logsrvd/logsrvd_conf.c:516:8: branch_true: following ‘true’ branch...
sudo-1.9.17p2/logsrvd/logsrvd_conf.c:519:9: branch_true: ...to here
sudo-1.9.17p2/logsrvd/logsrvd_conf.c:533:8: branch_false: following ‘false’ branch...
sudo-1.9.17p2/logsrvd/logsrvd_conf.c:537:9: branch_false: ...to here
sudo-1.9.17p2/logsrvd/logsrvd_conf.c:537:8: branch_false: following ‘false’ branch...
sudo-1.9.17p2/logsrvd/logsrvd_conf.c:543:5: call_function: inlined call to ‘memset’ from ‘append_address’
sudo-1.9.17p2/logsrvd/logsrvd_conf.c:548:8: branch_false: following ‘false’ branch...
sudo-1.9.17p2/logsrvd/logsrvd_conf.c:552:10: branch_false: ...to here
sudo-1.9.17p2/logsrvd/logsrvd_conf.c:552:22: branch_true: following ‘true’ branch (when ‘res’ is non-NULL)...
sudo-1.9.17p2/logsrvd/logsrvd_conf.c:555:21: branch_true: ...to here
sudo-1.9.17p2/logsrvd/logsrvd_conf.c:555:21: acquire_memory: allocated here
sudo-1.9.17p2/logsrvd/logsrvd_conf.c:555:12: branch_false: following ‘false’ branch (when ‘addr’ is non-NULL)...
sudo-1.9.17p2/logsrvd/logsrvd_conf.c:559:24: branch_false: ...to here
sudo-1.9.17p2/logsrvd/logsrvd_conf.c:560:25: danger: ‘addr’ leaks here; was allocated at [(15)](sarif:/runs/0/results/2/codeFlows/0/threadFlows/0/locations/14)
#  558|   	}
#  559|   	addr->sa_str = sudo_rcstr_addref(sa_str);
#  560|-> 	addr->sa_host = sudo_rcstr_addref(sa_host);
#  561|   
#  562|   	memcpy(&addr->sa_un, res->ai_addr, res->ai_addrlen);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def121]
sudo-1.9.17p2/logsrvd/logsrvd_conf.c:826:5: warning[-Wanalyzer-malloc-leak]: leak of ‘config’
sudo-1.9.17p2/logsrvd/logsrvd_conf.c:1594:1: enter_function: entry to ‘logsrvd_conf_alloc’
sudo-1.9.17p2/logsrvd/logsrvd_conf.c:1599:19: acquire_memory: allocated here
sudo-1.9.17p2/logsrvd/logsrvd_conf.c:1599:8: branch_false: following ‘false’ branch (when ‘config’ is non-NULL)...
sudo-1.9.17p2/logsrvd/logsrvd_conf.c:1605:5: branch_false: ...to here
sudo-1.9.17p2/logsrvd/logsrvd_conf.c:1611:10: call_function: calling ‘cb_relay_dir’ from ‘logsrvd_conf_alloc’
#  824|   {
#  825|       char *copy = NULL;
#  826|->     debug_decl(cb_relay_dir, SUDO_DEBUG_UTIL);
#  827|   
#  828|       if ((copy = strdup(str)) == NULL) {

Error: GCC_ANALYZER_WARNING (CWE-401): [#def122]
sudo-1.9.17p2/logsrvd/logsrvd_conf.c:829:9: warning[-Wanalyzer-malloc-leak]: leak of ‘config’
sudo-1.9.17p2/logsrvd/logsrvd_conf.c:1594:1: enter_function: entry to ‘logsrvd_conf_alloc’
sudo-1.9.17p2/logsrvd/logsrvd_conf.c:1599:19: acquire_memory: allocated here
sudo-1.9.17p2/logsrvd/logsrvd_conf.c:1599:8: branch_false: following ‘false’ branch (when ‘config’ is non-NULL)...
sudo-1.9.17p2/logsrvd/logsrvd_conf.c:1605:5: branch_false: ...to here
sudo-1.9.17p2/logsrvd/logsrvd_conf.c:1611:10: call_function: calling ‘cb_relay_dir’ from ‘logsrvd_conf_alloc’
#  827|   
#  828|       if ((copy = strdup(str)) == NULL) {
#  829|-> 	sudo_warnx(U_("%s: %s"), __func__, U_("unable to allocate memory"));
#  830|   	debug_return_bool(false);
#  831|       }

Error: GCC_ANALYZER_WARNING (CWE-401): [#def123]
sudo-1.9.17p2/logsrvd/logsrvd_conf.c:830:9: warning[-Wanalyzer-malloc-leak]: leak of ‘config’
sudo-1.9.17p2/logsrvd/logsrvd_conf.c:1594:1: enter_function: entry to ‘logsrvd_conf_alloc’
sudo-1.9.17p2/logsrvd/logsrvd_conf.c:1599:19: acquire_memory: allocated here
sudo-1.9.17p2/logsrvd/logsrvd_conf.c:1599:8: branch_false: following ‘false’ branch (when ‘config’ is non-NULL)...
sudo-1.9.17p2/logsrvd/logsrvd_conf.c:1605:5: branch_false: ...to here
sudo-1.9.17p2/logsrvd/logsrvd_conf.c:1611:10: call_function: calling ‘cb_relay_dir’ from ‘logsrvd_conf_alloc’
#  828|       if ((copy = strdup(str)) == NULL) {
#  829|   	sudo_warnx(U_("%s: %s"), __func__, U_("unable to allocate memory"));
#  830|-> 	debug_return_bool(false);
#  831|       }
#  832|   

Error: GCC_ANALYZER_WARNING (CWE-401): [#def124]
sudo-1.9.17p2/logsrvd/logsrvd_conf.c:1291:5: warning[-Wanalyzer-malloc-leak]: leak of ‘fp’
sudo-1.9.17p2/logsrvd/logsrvd_conf.c:1285:8: branch_false: following ‘false’ branch...
sudo-1.9.17p2/logsrvd/logsrvd_conf.c:1285:27: branch_false: ...to here
sudo-1.9.17p2/logsrvd/logsrvd_conf.c:1285:27: acquire_memory: allocated here
sudo-1.9.17p2/logsrvd/logsrvd_conf.c:1285:9: branch_false: following ‘false’ branch (when ‘fp’ is non-NULL)...
sudo-1.9.17p2/logsrvd/logsrvd_conf.c:1291:5: branch_false: ...to here
sudo-1.9.17p2/logsrvd/logsrvd_conf.c:1291:5: danger: ‘fp’ leaks here; was allocated at [(3)](sarif:/runs/0/results/11/codeFlows/0/threadFlows/0/locations/2)
# 1289|       }
# 1290|   
# 1291|->     debug_return_ptr(fp);
# 1292|   }
# 1293|   

Error: GCC_ANALYZER_WARNING (CWE-401): [#def125]
sudo-1.9.17p2/logsrvd/logsrvd_conf.c:1465:9: warning[-Wanalyzer-malloc-leak]: leak of ‘buf’
sudo-1.9.17p2/logsrvd/logsrvd_conf.c:1398:1: enter_function: entry to ‘logsrvd_conv_syslog’
sudo-1.9.17p2/logsrvd/logsrvd_conf.c:1407:8: branch_false: following ‘false’ branch...
sudo-1.9.17p2/logsrvd/logsrvd_conf.c:1412:9: branch_false: ...to here
sudo-1.9.17p2/logsrvd/logsrvd_conf.c:1421:17: branch_true: following ‘true’ branch (when ‘i < num_msgs’)...
sudo-1.9.17p2/logsrvd/logsrvd_conf.c:1422:31: branch_true: ...to here
sudo-1.9.17p2/logsrvd/logsrvd_conf.c:1446:12: branch_false: following ‘false’ branch (when ‘len != 0’)...
sudo-1.9.17p2/logsrvd/logsrvd_conf.c:1449:20: branch_false: ...to here
sudo-1.9.17p2/logsrvd/logsrvd_conf.c:1449:12: branch_false: following ‘false’ branch...
sudo-1.9.17p2/logsrvd/logsrvd_conf.c:1460:9: call_function: inlined call to ‘memcpy’ from ‘logsrvd_conv_syslog’
sudo-1.9.17p2/logsrvd/logsrvd_conf.c:1421:17: branch_true: following ‘true’ branch (when ‘i < num_msgs’)...
sudo-1.9.17p2/logsrvd/logsrvd_conf.c:1422:31: branch_true: ...to here
sudo-1.9.17p2/logsrvd/logsrvd_conf.c:1452:16: branch_false: following ‘false’ branch (when ‘tmp’ is non-NULL)...
sudo-1.9.17p2/logsrvd/logsrvd_conf.c:1458:13: branch_false: ...to here
sudo-1.9.17p2/logsrvd/logsrvd_conf.c:1421:17: branch_false: following ‘false’ branch (when ‘i >= num_msgs’)...
sudo-1.9.17p2/logsrvd/logsrvd_conf.c:1464:8: branch_false: ...to here
sudo-1.9.17p2/logsrvd/logsrvd_conf.c:1464:8: branch_true: following ‘true’ branch (when ‘buf’ is non-NULL)...
sudo-1.9.17p2/logsrvd/logsrvd_conf.c:1465:44: branch_true: ...to here
sudo-1.9.17p2/logsrvd/logsrvd_conf.c:1465:9: danger: ‘buf’ leaks here; was allocated at [(13)](sarif:/runs/0/results/12/codeFlows/0/threadFlows/0/locations/12)
# 1463|       }
# 1464|       if (buf != NULL) {
# 1465|-> 	openlog(progname, 0, logsrvd_config->syslog.server_facility);
# 1466|   	syslog(LOG_ERR, "%s", buf);
# 1467|   	free(buf);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def126]
sudo-1.9.17p2/logsrvd/logsrvd_local.c:419:12: warning[-Wanalyzer-malloc-leak]: leak of ‘*evlog.signal_name’
sudo-1.9.17p2/logsrvd/logsrvd_local.c:413:8: branch_true: following ‘true’ branch...
sudo-1.9.17p2/logsrvd/logsrvd_local.c:418:30: acquire_memory: allocated here
sudo-1.9.17p2/logsrvd/logsrvd_local.c:419:12: danger: ‘*evlog.signal_name’ leaks here; was allocated at [(3)](sarif:/runs/0/results/0/codeFlows/0/threadFlows/0/locations/2)
#  417|   	free(evlog->signal_name);
#  418|   	evlog->signal_name = strdup(msg->signal);
#  419|-> 	if (evlog->signal_name == NULL) {
#  420|   	    closure->errstr = _("unable to allocate memory");
#  421|   	    debug_return_bool(false);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def127]
sudo-1.9.17p2/logsrvd/logsrvd_queue.c:121:19: warning[-Wanalyzer-malloc-leak]: leak of ‘fp’
sudo-1.9.17p2/logsrvd/logsrvd_queue.c:91:8: branch_false: following ‘false’ branch...
sudo-1.9.17p2/logsrvd/logsrvd_queue.c:95:5: branch_false: ...to here
sudo-1.9.17p2/logsrvd/logsrvd_queue.c:95:5: branch_true: following ‘true’ branch (when ‘oj’ is non-NULL)...
sudo-1.9.17p2/logsrvd/logsrvd_queue.c:95:5: branch_true: ...to here
sudo-1.9.17p2/logsrvd/logsrvd_queue.c:100:12: branch_false: following ‘false’ branch...
sudo-1.9.17p2/logsrvd/logsrvd_queue.c:108:14: branch_false: ...to here
sudo-1.9.17p2/logsrvd/logsrvd_queue.c:108:12: branch_true: following ‘true’ branch...
sudo-1.9.17p2/logsrvd/logsrvd_queue.c:113:14: branch_true: ...to here
sudo-1.9.17p2/logsrvd/logsrvd_queue.c:113:14: acquire_memory: allocated here
sudo-1.9.17p2/logsrvd/logsrvd_queue.c:114:12: branch_false: following ‘false’ branch (when ‘fp’ is non-NULL)...
sudo-1.9.17p2/logsrvd/logsrvd_queue.c:121:19: branch_false: ...to here
sudo-1.9.17p2/logsrvd/logsrvd_queue.c:121:19: danger: ‘fp’ leaks here; was allocated at [(9)](sarif:/runs/0/results/0/codeFlows/0/threadFlows/0/locations/8)
#  119|   
#  120|   	/* Allocate a connection closure and fill in journal vars. */
#  121|-> 	closure = connection_closure_alloc(fd, false, true, evbase);
#  122|   	if (closure == NULL) {
#  123|   	    fclose(fp);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def128]
sudo-1.9.17p2/logsrvd/logsrvd_queue.c:237:20: warning[-Wanalyzer-malloc-leak]: leak of ‘opendir(&path)’
sudo-1.9.17p2/logsrvd/logsrvd_queue.c:218:8: branch_false: following ‘false’ branch...
sudo-1.9.17p2/logsrvd/logsrvd_queue.c:221:14: branch_false: ...to here
sudo-1.9.17p2/logsrvd/logsrvd_queue.c:223:8: branch_false: following ‘false’ branch...
sudo-1.9.17p2/logsrvd/logsrvd_queue.c:228:5: branch_false: ...to here
sudo-1.9.17p2/logsrvd/logsrvd_queue.c:231:12: acquire_memory: allocated here
sudo-1.9.17p2/logsrvd/logsrvd_queue.c:232:8: branch_false: following ‘false’ branch...
 branch_false: ...to here
sudo-1.9.17p2/logsrvd/logsrvd_queue.c:237:20: danger: ‘opendir(&path)’ leaks here; was allocated at [(5)](sarif:/runs/0/results/1/codeFlows/0/threadFlows/0/locations/4)
#  235|       }
#  236|       prefix_len = strcspn(RELAY_TEMPLATE, "X");
#  237|->     while ((dent = readdir(dirp)) != NULL) {
#  238|   	struct outgoing_journal *oj;
#  239|   

Error: GCC_ANALYZER_WARNING (CWE-401): [#def129]
sudo-1.9.17p2/logsrvd/logsrvd_relay.c:78:5: warning[-Wanalyzer-malloc-leak]: leak of ‘relay_closure’
sudo-1.9.17p2/logsrvd/logsrvd_relay.c:476:1: enter_function: entry to ‘connect_relay’
sudo-1.9.17p2/logsrvd/logsrvd_relay.c:482:46: call_function: calling ‘relay_closure_alloc’ from ‘connect_relay’
#   76|   {
#   77|       struct connection_buffer *buf;
#   78|->     debug_decl(relay_closure_free, SUDO_DEBUG_UTIL);
#   79|   
#   80|   #if defined(HAVE_OPENSSL)

Error: GCC_ANALYZER_WARNING (CWE-401): [#def130]
sudo-1.9.17p2/logsrvd/logsrvd_relay.c:91:9: warning[-Wanalyzer-malloc-leak]: leak of ‘relay_closure’
sudo-1.9.17p2/logsrvd/logsrvd_relay.c:476:1: enter_function: entry to ‘connect_relay’
sudo-1.9.17p2/logsrvd/logsrvd_relay.c:482:46: call_function: calling ‘relay_closure_alloc’ from ‘connect_relay’
#   89|   #endif
#   90|       if (relay_closure->relays != NULL)
#   91|-> 	address_list_delref(relay_closure->relays);
#   92|       sudo_rcstr_delref(relay_closure->relay_name.name);
#   93|       sudo_ev_free(relay_closure->read_ev);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def131]
sudo-1.9.17p2/logsrvd/logsrvd_relay.c:92:5: warning[-Wanalyzer-malloc-leak]: leak of ‘relay_closure’
sudo-1.9.17p2/logsrvd/logsrvd_relay.c:476:1: enter_function: entry to ‘connect_relay’
sudo-1.9.17p2/logsrvd/logsrvd_relay.c:482:46: call_function: calling ‘relay_closure_alloc’ from ‘connect_relay’
#   90|       if (relay_closure->relays != NULL)
#   91|   	address_list_delref(relay_closure->relays);
#   92|->     sudo_rcstr_delref(relay_closure->relay_name.name);
#   93|       sudo_ev_free(relay_closure->read_ev);
#   94|       sudo_ev_free(relay_closure->write_ev);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def132]
sudo-1.9.17p2/logsrvd/logsrvd_relay.c:93:5: warning[-Wanalyzer-malloc-leak]: leak of ‘relay_closure’
sudo-1.9.17p2/logsrvd/logsrvd_relay.c:476:1: enter_function: entry to ‘connect_relay’
sudo-1.9.17p2/logsrvd/logsrvd_relay.c:482:46: call_function: calling ‘relay_closure_alloc’ from ‘connect_relay’
#   91|   	address_list_delref(relay_closure->relays);
#   92|       sudo_rcstr_delref(relay_closure->relay_name.name);
#   93|->     sudo_ev_free(relay_closure->read_ev);
#   94|       sudo_ev_free(relay_closure->write_ev);
#   95|       sudo_ev_free(relay_closure->connect_ev);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def133]
sudo-1.9.17p2/logsrvd/logsrvd_relay.c:94:5: warning[-Wanalyzer-malloc-leak]: leak of ‘relay_closure’
sudo-1.9.17p2/logsrvd/logsrvd_relay.c:476:1: enter_function: entry to ‘connect_relay’
sudo-1.9.17p2/logsrvd/logsrvd_relay.c:482:46: call_function: calling ‘relay_closure_alloc’ from ‘connect_relay’
#   92|       sudo_rcstr_delref(relay_closure->relay_name.name);
#   93|       sudo_ev_free(relay_closure->read_ev);
#   94|->     sudo_ev_free(relay_closure->write_ev);
#   95|       sudo_ev_free(relay_closure->connect_ev);
#   96|       free(relay_closure->read_buf.data);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def134]
sudo-1.9.17p2/logsrvd/logsrvd_relay.c:95:5: warning[-Wanalyzer-malloc-leak]: leak of ‘relay_closure’
sudo-1.9.17p2/logsrvd/logsrvd_relay.c:476:1: enter_function: entry to ‘connect_relay’
sudo-1.9.17p2/logsrvd/logsrvd_relay.c:482:46: call_function: calling ‘relay_closure_alloc’ from ‘connect_relay’
#   93|       sudo_ev_free(relay_closure->read_ev);
#   94|       sudo_ev_free(relay_closure->write_ev);
#   95|->     sudo_ev_free(relay_closure->connect_ev);
#   96|       free(relay_closure->read_buf.data);
#   97|       while ((buf = TAILQ_FIRST(&relay_closure->write_bufs)) != NULL) {

Error: GCC_ANALYZER_WARNING (CWE-401): [#def135]
sudo-1.9.17p2/logsrvd/logsrvd_relay.c:126:29: warning[-Wanalyzer-malloc-leak]: leak of ‘relay_closure’
sudo-1.9.17p2/logsrvd/logsrvd_relay.c:476:1: enter_function: entry to ‘connect_relay’
sudo-1.9.17p2/logsrvd/logsrvd_relay.c:482:46: call_function: calling ‘relay_closure_alloc’ from ‘connect_relay’
#  124|       /* We take a reference to relays so it doesn't change while connecting. */
#  125|       relay_closure->sock = -1;
#  126|->     relay_closure->relays = logsrvd_conf_relay_address();
#  127|       address_list_addref(relay_closure->relays);
#  128|       TAILQ_INIT(&relay_closure->write_bufs);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def136]
sudo-1.9.17p2/logsrvd/logsrvd_relay.c:127:5: warning[-Wanalyzer-malloc-leak]: leak of ‘relay_closure’
sudo-1.9.17p2/logsrvd/logsrvd_relay.c:476:1: enter_function: entry to ‘connect_relay’
sudo-1.9.17p2/logsrvd/logsrvd_relay.c:482:46: call_function: calling ‘relay_closure_alloc’ from ‘connect_relay’
#  125|       relay_closure->sock = -1;
#  126|       relay_closure->relays = logsrvd_conf_relay_address();
#  127|->     address_list_addref(relay_closure->relays);
#  128|       TAILQ_INIT(&relay_closure->write_bufs);
#  129|   

Error: GCC_ANALYZER_WARNING (CWE-401): [#def137]
sudo-1.9.17p2/logsrvd/logsrvd_relay.c:135:5: warning[-Wanalyzer-malloc-leak]: leak of ‘<unknown>’
sudo-1.9.17p2/logsrvd/logsrvd_relay.c:476:1: enter_function: entry to ‘connect_relay’
sudo-1.9.17p2/logsrvd/logsrvd_relay.c:482:46: call_function: calling ‘relay_closure_alloc’ from ‘connect_relay’
#  133|   	goto bad;
#  134|   
#  135|->     debug_return_ptr(relay_closure);
#  136|   bad:
#  137|       relay_closure_free(relay_closure);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def138]
sudo-1.9.17p2/logsrvd/logsrvd_relay.c:135:5: warning[-Wanalyzer-malloc-leak]: leak of ‘relay_closure’
sudo-1.9.17p2/logsrvd/logsrvd_relay.c:476:1: enter_function: entry to ‘connect_relay’
sudo-1.9.17p2/logsrvd/logsrvd_relay.c:482:46: call_function: calling ‘relay_closure_alloc’ from ‘connect_relay’
#  133|   	goto bad;
#  134|   
#  135|->     debug_return_ptr(relay_closure);
#  136|   bad:
#  137|       relay_closure_free(relay_closure);

Error: GCC_ANALYZER_WARNING (CWE-775): [#def139]
sudo-1.9.17p2/logsrvd/logsrvd_relay.c:329:9: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘sock’
sudo-1.9.17p2/logsrvd/logsrvd_relay.c:318:8: branch_false: following ‘false’ branch (when ‘relay’ is non-NULL)...
sudo-1.9.17p2/logsrvd/logsrvd_relay.c:322:5: branch_false: ...to here
sudo-1.9.17p2/logsrvd/logsrvd_relay.c:324:12: acquire_resource: stream socket created here
sudo-1.9.17p2/logsrvd/logsrvd_relay.c:325:8: branch_false: following ‘false’ branch (when ‘sock != -1’)...
sudo-1.9.17p2/logsrvd/logsrvd_relay.c:329:9: branch_false: ...to here
sudo-1.9.17p2/logsrvd/logsrvd_relay.c:329:9: danger: ‘sock’ leaks here
#  327|   	goto bad;
#  328|       }
#  329|->     if (logsrvd_conf_relay_tcp_keepalive()) {
#  330|   	int keepalive = 1;
#  331|   	if (setsockopt(sock, SOL_SOCKET, SO_KEEPALIVE, &keepalive,

Error: GCC_ANALYZER_WARNING (CWE-775): [#def140]
sudo-1.9.17p2/logsrvd/logsrvd_relay.c:336:11: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘sock’
sudo-1.9.17p2/logsrvd/logsrvd_relay.c:318:8: branch_false: following ‘false’ branch (when ‘relay’ is non-NULL)...
sudo-1.9.17p2/logsrvd/logsrvd_relay.c:322:5: branch_false: ...to here
sudo-1.9.17p2/logsrvd/logsrvd_relay.c:324:12: acquire_resource: stream socket created here
sudo-1.9.17p2/logsrvd/logsrvd_relay.c:325:8: branch_false: following ‘false’ branch (when ‘sock != -1’)...
sudo-1.9.17p2/logsrvd/logsrvd_relay.c:329:9: branch_false: ...to here
sudo-1.9.17p2/logsrvd/logsrvd_relay.c:329:8: branch_false: following ‘false’ branch...
sudo-1.9.17p2/logsrvd/logsrvd_relay.c:336:11: branch_false: ...to here
sudo-1.9.17p2/logsrvd/logsrvd_relay.c:336:11: danger: ‘sock’ leaks here
#  334|   	}
#  335|       }
#  336|->     ret = fcntl(sock, F_GETFL, 0);
#  337|       if (ret == -1 || fcntl(sock, F_SETFL, ret | O_NONBLOCK) == -1) {
#  338|   	sudo_warn("fcntl(O_NONBLOCK)");

Error: GCC_ANALYZER_WARNING (CWE-775): [#def141]
sudo-1.9.17p2/logsrvd/sendlog.c:193:13: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘sock’
sudo-1.9.17p2/logsrvd/sendlog.c:1720:1: enter_function: entry to ‘main’
sudo-1.9.17p2/logsrvd/sendlog.c:1751:8: branch_false: following ‘false’ branch...
sudo-1.9.17p2/logsrvd/sendlog.c:1753:5: branch_false: ...to here
sudo-1.9.17p2/logsrvd/sendlog.c:1756:8: branch_false: following ‘false’ branch...
 branch_false: ...to here
sudo-1.9.17p2/logsrvd/sendlog.c:1831:8: branch_true: following ‘true’ branch (when ‘port’ is NULL)...
sudo-1.9.17p2/logsrvd/sendlog.c:1834:9: branch_true: ...to here
sudo-1.9.17p2/logsrvd/sendlog.c:1834:9: branch_false: following ‘false’ branch...
sudo-1.9.17p2/logsrvd/sendlog.c:1838:8: branch_false: following ‘false’ branch...
sudo-1.9.17p2/logsrvd/sendlog.c:1844:8: branch_false: following ‘false’ branch (when ‘argc == 1’)...
sudo-1.9.17p2/logsrvd/sendlog.c:1846:17: branch_false: ...to here
sudo-1.9.17p2/logsrvd/sendlog.c:1847:8: branch_false: following ‘false’ branch...
sudo-1.9.17p2/logsrvd/sendlog.c:1853:18: branch_false: ...to here
sudo-1.9.17p2/logsrvd/sendlog.c:1853:8: branch_false: following ‘false’ branch...
sudo-1.9.17p2/logsrvd/sendlog.c:1856:19: branch_false: ...to here
sudo-1.9.17p2/logsrvd/sendlog.c:1856:8: branch_false: following ‘false’ branch...
sudo-1.9.17p2/logsrvd/sendlog.c:1859:9: branch_false: ...to here
sudo-1.9.17p2/logsrvd/sendlog.c:1862:21: branch_true: following ‘true’ branch...
sudo-1.9.17p2/logsrvd/sendlog.c:1863:16: branch_true: ...to here
sudo-1.9.17p2/logsrvd/sendlog.c:1863:16: call_function: calling ‘connect_server’ from ‘main’
#  191|   	    continue;
#  192|   	}
#  193|-> 	if (connect(sock, res->ai_addr, res->ai_addrlen) == -1) {
#  194|   	    cause = "connect";
#  195|   	    save_errno = errno;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def142]
sudo-1.9.17p2/logsrvd/sendlog.c:263:21: warning[-Wanalyzer-malloc-leak]: leak of ‘buf’
sudo-1.9.17p2/logsrvd/sendlog.c:1622:1: enter_function: entry to ‘client_closure_alloc’
sudo-1.9.17p2/logsrvd/sendlog.c:1630:8: branch_false: following ‘false’ branch (when ‘closure’ is non-NULL)...
sudo-1.9.17p2/logsrvd/sendlog.c:1633:5: branch_false: ...to here
sudo-1.9.17p2/logsrvd/sendlog.c:1654:8: branch_false: following ‘false’ branch...
sudo-1.9.17p2/logsrvd/sendlog.c:1657:24: branch_false: ...to here
sudo-1.9.17p2/logsrvd/sendlog.c:1659:8: branch_false: following ‘false’ branch...
sudo-1.9.17p2/logsrvd/sendlog.c:1662:11: branch_false: ...to here
sudo-1.9.17p2/logsrvd/sendlog.c:1662:11: call_function: calling ‘get_free_buf’ from ‘client_closure_alloc’
#  261|       if (len > buf->size) {
#  262|   	free(buf->data);
#  263|-> 	buf->size = sudo_pow2_roundup(len);
#  264|   	if (buf->size < len || (buf->data = malloc(buf->size)) == NULL) {
#  265|   	    sudo_warnx(U_("%s: %s"), __func__, U_("unable to allocate memory"));

Error: GCC_ANALYZER_WARNING (CWE-401): [#def143]
sudo-1.9.17p2/logsrvd/sendlog.c:264:13: warning[-Wanalyzer-malloc-leak]: leak of ‘*buf.data’
sudo-1.9.17p2/logsrvd/sendlog.c:1622:1: enter_function: entry to ‘client_closure_alloc’
sudo-1.9.17p2/logsrvd/sendlog.c:1630:8: branch_false: following ‘false’ branch (when ‘closure’ is non-NULL)...
sudo-1.9.17p2/logsrvd/sendlog.c:1633:5: branch_false: ...to here
sudo-1.9.17p2/logsrvd/sendlog.c:1654:8: branch_false: following ‘false’ branch...
sudo-1.9.17p2/logsrvd/sendlog.c:1657:24: branch_false: ...to here
sudo-1.9.17p2/logsrvd/sendlog.c:1659:8: branch_false: following ‘false’ branch...
sudo-1.9.17p2/logsrvd/sendlog.c:1662:11: branch_false: ...to here
sudo-1.9.17p2/logsrvd/sendlog.c:1662:11: call_function: calling ‘get_free_buf’ from ‘client_closure_alloc’
#  262|   	free(buf->data);
#  263|   	buf->size = sudo_pow2_roundup(len);
#  264|-> 	if (buf->size < len || (buf->data = malloc(buf->size)) == NULL) {
#  265|   	    sudo_warnx(U_("%s: %s"), __func__, U_("unable to allocate memory"));
#  266|   	    free(buf);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def144]
sudo-1.9.17p2/logsrvd/sendlog.c:265:13: warning[-Wanalyzer-malloc-leak]: leak of ‘buf’
sudo-1.9.17p2/logsrvd/sendlog.c:1622:1: enter_function: entry to ‘client_closure_alloc’
sudo-1.9.17p2/logsrvd/sendlog.c:1630:8: branch_false: following ‘false’ branch (when ‘closure’ is non-NULL)...
sudo-1.9.17p2/logsrvd/sendlog.c:1633:5: branch_false: ...to here
sudo-1.9.17p2/logsrvd/sendlog.c:1654:8: branch_false: following ‘false’ branch...
sudo-1.9.17p2/logsrvd/sendlog.c:1657:24: branch_false: ...to here
sudo-1.9.17p2/logsrvd/sendlog.c:1659:8: branch_false: following ‘false’ branch...
sudo-1.9.17p2/logsrvd/sendlog.c:1662:11: branch_false: ...to here
sudo-1.9.17p2/logsrvd/sendlog.c:1662:11: call_function: calling ‘get_free_buf’ from ‘client_closure_alloc’
#  263|   	buf->size = sudo_pow2_roundup(len);
#  264|   	if (buf->size < len || (buf->data = malloc(buf->size)) == NULL) {
#  265|-> 	    sudo_warnx(U_("%s: %s"), __func__, U_("unable to allocate memory"));
#  266|   	    free(buf);
#  267|   	    buf = NULL;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def145]
sudo-1.9.17p2/logsrvd/sendlog.c:271:5: warning[-Wanalyzer-malloc-leak]: leak of ‘buf’
sudo-1.9.17p2/logsrvd/sendlog.c:1435:1: enter_function: entry to ‘client_msg_cb’
sudo-1.9.17p2/logsrvd/sendlog.c:1442:8: branch_false: following ‘false’ branch (when ‘buf’ is non-NULL)...
sudo-1.9.17p2/logsrvd/sendlog.c:1448:9: branch_false: ...to here
sudo-1.9.17p2/logsrvd/sendlog.c:1448:8: branch_false: following ‘false’ branch...
sudo-1.9.17p2/logsrvd/sendlog.c:1459:8: branch_false: ...to here
sudo-1.9.17p2/logsrvd/sendlog.c:1459:8: branch_false: following ‘false’ branch (when ‘what != 1’)...
sudo-1.9.17p2/logsrvd/sendlog.c:1464:5: branch_false: ...to here
sudo-1.9.17p2/logsrvd/sendlog.c:1472:12: branch_false: following ‘false’ branch...
sudo-1.9.17p2/logsrvd/sendlog.c:1513:31: branch_false: ...to here
sudo-1.9.17p2/logsrvd/sendlog.c:1513:8: branch_false: following ‘false’ branch...
sudo-1.9.17p2/logsrvd/sendlog.c:1517:14: branch_false: ...to here
sudo-1.9.17p2/logsrvd/sendlog.c:1519:8: branch_true: following ‘true’ branch...
sudo-1.9.17p2/logsrvd/sendlog.c:1521:9: branch_true: ...to here
sudo-1.9.17p2/logsrvd/sendlog.c:1527:12: branch_true: following ‘true’ branch...
sudo-1.9.17p2/logsrvd/sendlog.c:1529:18: branch_true: ...to here
sudo-1.9.17p2/logsrvd/sendlog.c:1529:18: call_function: calling ‘client_message_completion’ from ‘client_msg_cb’
#  269|       }
#  270|   
#  271|->     debug_return_ptr(buf);
#  272|   }
#  273|   

Error: GCC_ANALYZER_WARNING (CWE-415): [#def146]
sudo-1.9.17p2/logsrvd/sendlog.c:1607:13: warning[-Wanalyzer-double-free]: double-‘free’ of ‘*buf.data’
sudo-1.9.17p2/logsrvd/sendlog.c:1622:1: enter_function: entry to ‘client_closure_alloc’
sudo-1.9.17p2/logsrvd/sendlog.c:1630:8: branch_false: following ‘false’ branch (when ‘closure’ is non-NULL)...
sudo-1.9.17p2/logsrvd/sendlog.c:1633:5: branch_false: ...to here
sudo-1.9.17p2/logsrvd/sendlog.c:1654:8: branch_false: following ‘false’ branch...
sudo-1.9.17p2/logsrvd/sendlog.c:1657:24: branch_false: ...to here
sudo-1.9.17p2/logsrvd/sendlog.c:1659:8: branch_true: following ‘true’ branch...
sudo-1.9.17p2/logsrvd/sendlog.c:1660:9: branch_true: ...to here
sudo-1.9.17p2/logsrvd/sendlog.c:1688:5: call_function: calling ‘client_closure_free’ from ‘client_closure_alloc’
# 1605|   	while ((buf = TAILQ_FIRST(&closure->free_bufs)) != NULL) {
# 1606|   	    TAILQ_REMOVE(&closure->free_bufs, buf, entries);
# 1607|-> 	    free(buf->data);
# 1608|   	    free(buf);
# 1609|   	}

Error: GCC_ANALYZER_WARNING (CWE-416): [#def147]
sudo-1.9.17p2/logsrvd/sendlog.c:1607:18: warning[-Wanalyzer-use-after-free]: use after ‘free’ of ‘buf’
sudo-1.9.17p2/logsrvd/sendlog.c:1622:1: enter_function: entry to ‘client_closure_alloc’
sudo-1.9.17p2/logsrvd/sendlog.c:1630:8: branch_false: following ‘false’ branch (when ‘closure’ is non-NULL)...
sudo-1.9.17p2/logsrvd/sendlog.c:1633:5: branch_false: ...to here
sudo-1.9.17p2/logsrvd/sendlog.c:1654:8: branch_false: following ‘false’ branch...
sudo-1.9.17p2/logsrvd/sendlog.c:1657:24: branch_false: ...to here
sudo-1.9.17p2/logsrvd/sendlog.c:1659:8: branch_true: following ‘true’ branch...
sudo-1.9.17p2/logsrvd/sendlog.c:1660:9: branch_true: ...to here
sudo-1.9.17p2/logsrvd/sendlog.c:1688:5: call_function: calling ‘client_closure_free’ from ‘client_closure_alloc’
# 1605|   	while ((buf = TAILQ_FIRST(&closure->free_bufs)) != NULL) {
# 1606|   	    TAILQ_REMOVE(&closure->free_bufs, buf, entries);
# 1607|-> 	    free(buf->data);
# 1608|   	    free(buf);
# 1609|   	}

Error: CPPCHECK_WARNING (CWE-457): [#def148]
sudo-1.9.17p2/plugins/audit_json/audit_json.c:89: error[legacyUninitvar]: Uninitialized variable: debug_files
#   87|   {
#   88|       struct sudo_conf_debug_file_list debug_files =
#   89|-> 	TAILQ_HEAD_INITIALIZER(debug_files);
#   90|       struct sudo_debug_file *debug_file;
#   91|       const char *cp, *plugin_path = NULL;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def149]
sudo-1.9.17p2/plugins/python/pyhelpers.c:214:30: warning[-Wanalyzer-malloc-leak]: leak of 'result'
sudo-1.9.17p2/plugins/python/pyhelpers.c:199:8: branch_false: following 'false' branch...
sudo-1.9.17p2/plugins/python/pyhelpers.c:205:29: branch_false: ...to here
sudo-1.9.17p2/plugins/python/pyhelpers.c:208:21: acquire_memory: allocated here
sudo-1.9.17p2/plugins/python/pyhelpers.c:209:8: branch_false: following 'false' branch...
 branch_false: ...to here
sudo-1.9.17p2/plugins/python/pyhelpers.c:213:21: branch_true: following 'true' branch...
sudo-1.9.17p2/plugins/python/pyhelpers.c:214:30: branch_true: ...to here
sudo-1.9.17p2/plugins/python/pyhelpers.c:214:30: danger: 'result' leaks here; was allocated at [(3)](sarif:/runs/0/results/0/codeFlows/0/threadFlows/0/locations/2)
#  212|   
#  213|       for (int i = 0; i < tuple_size; ++i) {
#  214|->         PyObject *py_value = PyTuple_GetItem(py_tuple, i);
#  215|           if (py_value == NULL) {
#  216|               str_array_free(&result);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def150]
sudo-1.9.17p2/plugins/python/pyhelpers.c:230:5: warning[-Wanalyzer-malloc-leak]: leak of 'result'
sudo-1.9.17p2/plugins/python/pyhelpers.c:199:8: branch_false: following 'false' branch...
sudo-1.9.17p2/plugins/python/pyhelpers.c:205:29: branch_false: ...to here
sudo-1.9.17p2/plugins/python/pyhelpers.c:208:21: acquire_memory: allocated here
sudo-1.9.17p2/plugins/python/pyhelpers.c:209:8: branch_false: following 'false' branch...
 branch_false: ...to here
sudo-1.9.17p2/plugins/python/pyhelpers.c:213:21: branch_false: following 'false' branch...
sudo-1.9.17p2/plugins/python/pyhelpers.c:230:5: branch_false: ...to here
sudo-1.9.17p2/plugins/python/pyhelpers.c:230:5: danger: 'result' leaks here; was allocated at [(3)](sarif:/runs/0/results/1/codeFlows/0/threadFlows/0/locations/2)
#  228|       }
#  229|   
#  230|->     debug_return_ptr(result);
#  231|   }
#  232|   

Error: GCC_ANALYZER_WARNING (CWE-401): [#def151]
sudo-1.9.17p2/plugins/python/pyhelpers.c:281:5: warning[-Wanalyzer-malloc-leak]: leak of 'result'
sudo-1.9.17p2/plugins/python/pyhelpers.c:195:1: enter_function: entry to 'py_str_array_from_tuple'
sudo-1.9.17p2/plugins/python/pyhelpers.c:199:8: branch_false: following 'false' branch...
sudo-1.9.17p2/plugins/python/pyhelpers.c:205:29: branch_false: ...to here
sudo-1.9.17p2/plugins/python/pyhelpers.c:208:21: acquire_memory: allocated here
sudo-1.9.17p2/plugins/python/pyhelpers.c:209:8: branch_false: following 'false' branch...
 branch_false: ...to here
sudo-1.9.17p2/plugins/python/pyhelpers.c:213:21: branch_true: following 'true' branch...
sudo-1.9.17p2/plugins/python/pyhelpers.c:214:30: branch_true: ...to here
sudo-1.9.17p2/plugins/python/pyhelpers.c:215:12: branch_false: following 'false' branch...
sudo-1.9.17p2/plugins/python/pyhelpers.c:221:23: branch_false: ...to here
sudo-1.9.17p2/plugins/python/pyhelpers.c:221:23: call_function: calling 'py_create_string_rep' from 'py_str_array_from_tuple'
#  279|   py_create_string_rep(PyObject *py_object)
#  280|   {
#  281|->     debug_decl(py_create_string_rep, PYTHON_DEBUG_INTERNAL);
#  282|       char *result = NULL;
#  283|   

Error: GCC_ANALYZER_WARNING (CWE-401): [#def152]
sudo-1.9.17p2/plugins/python/pyhelpers.c:287:27: warning[-Wanalyzer-malloc-leak]: leak of 'result'
sudo-1.9.17p2/plugins/python/pyhelpers.c:195:1: enter_function: entry to 'py_str_array_from_tuple'
sudo-1.9.17p2/plugins/python/pyhelpers.c:199:8: branch_false: following 'false' branch...
sudo-1.9.17p2/plugins/python/pyhelpers.c:205:29: branch_false: ...to here
sudo-1.9.17p2/plugins/python/pyhelpers.c:208:21: acquire_memory: allocated here
sudo-1.9.17p2/plugins/python/pyhelpers.c:209:8: branch_false: following 'false' branch...
 branch_false: ...to here
sudo-1.9.17p2/plugins/python/pyhelpers.c:213:21: branch_true: following 'true' branch...
sudo-1.9.17p2/plugins/python/pyhelpers.c:214:30: branch_true: ...to here
sudo-1.9.17p2/plugins/python/pyhelpers.c:215:12: branch_false: following 'false' branch...
sudo-1.9.17p2/plugins/python/pyhelpers.c:221:23: branch_false: ...to here
sudo-1.9.17p2/plugins/python/pyhelpers.c:221:23: call_function: calling 'py_create_string_rep' from 'py_str_array_from_tuple'
#  285|           debug_return_ptr(NULL);
#  286|   
#  287|->     PyObject *py_string = PyObject_Str(py_object);
#  288|       if (py_string != NULL) {
#  289|           const char *bytes = PyUnicode_AsUTF8(py_string);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def153]
sudo-1.9.17p2/plugins/python/pyhelpers.c:289:29: warning[-Wanalyzer-malloc-leak]: leak of 'result'
sudo-1.9.17p2/plugins/python/pyhelpers.c:195:1: enter_function: entry to 'py_str_array_from_tuple'
sudo-1.9.17p2/plugins/python/pyhelpers.c:199:8: branch_false: following 'false' branch...
sudo-1.9.17p2/plugins/python/pyhelpers.c:205:29: branch_false: ...to here
sudo-1.9.17p2/plugins/python/pyhelpers.c:208:21: acquire_memory: allocated here
sudo-1.9.17p2/plugins/python/pyhelpers.c:209:8: branch_false: following 'false' branch...
 branch_false: ...to here
sudo-1.9.17p2/plugins/python/pyhelpers.c:213:21: branch_true: following 'true' branch...
sudo-1.9.17p2/plugins/python/pyhelpers.c:214:30: branch_true: ...to here
sudo-1.9.17p2/plugins/python/pyhelpers.c:215:12: branch_false: following 'false' branch...
sudo-1.9.17p2/plugins/python/pyhelpers.c:221:23: branch_false: ...to here
sudo-1.9.17p2/plugins/python/pyhelpers.c:221:23: call_function: calling 'py_create_string_rep' from 'py_str_array_from_tuple'
#  287|       PyObject *py_string = PyObject_Str(py_object);
#  288|       if (py_string != NULL) {
#  289|->         const char *bytes = PyUnicode_AsUTF8(py_string);
#  290|           if (bytes != NULL) {
#  291|   	    /*

Error: GCC_ANALYZER_WARNING (CWE-401): [#def154]
sudo-1.9.17p2/plugins/python/pyhelpers.c:319:5: warning[-Wanalyzer-malloc-leak]: leak of 'result'
sudo-1.9.17p2/plugins/python/pyhelpers.c:195:1: enter_function: entry to 'py_str_array_from_tuple'
sudo-1.9.17p2/plugins/python/pyhelpers.c:199:8: branch_false: following 'false' branch...
sudo-1.9.17p2/plugins/python/pyhelpers.c:205:29: branch_false: ...to here
sudo-1.9.17p2/plugins/python/pyhelpers.c:208:21: acquire_memory: allocated here
sudo-1.9.17p2/plugins/python/pyhelpers.c:209:8: branch_false: following 'false' branch...
 branch_false: ...to here
sudo-1.9.17p2/plugins/python/pyhelpers.c:213:21: branch_true: following 'true' branch...
sudo-1.9.17p2/plugins/python/pyhelpers.c:214:30: branch_true: ...to here
sudo-1.9.17p2/plugins/python/pyhelpers.c:215:12: branch_false: following 'false' branch...
sudo-1.9.17p2/plugins/python/pyhelpers.c:221:23: branch_false: ...to here
sudo-1.9.17p2/plugins/python/pyhelpers.c:221:23: call_function: calling 'py_create_string_rep' from 'py_str_array_from_tuple'
#  317|   done:
#  318|       Py_XDECREF(py_string);
#  319|->     debug_return_ptr(result);
#  320|   }
#  321|   

Error: GCC_ANALYZER_WARNING (CWE-401): [#def155]
sudo-1.9.17p2/plugins/python/pyhelpers.c:414:5: warning[-Wanalyzer-malloc-leak]: leak of 'result'
sudo-1.9.17p2/plugins/python/pyhelpers.c:195:1: enter_function: entry to 'py_str_array_from_tuple'
sudo-1.9.17p2/plugins/python/pyhelpers.c:199:8: branch_false: following 'false' branch...
sudo-1.9.17p2/plugins/python/pyhelpers.c:205:29: branch_false: ...to here
sudo-1.9.17p2/plugins/python/pyhelpers.c:208:21: acquire_memory: allocated here
sudo-1.9.17p2/plugins/python/pyhelpers.c:209:8: branch_false: following 'false' branch...
 branch_false: ...to here
sudo-1.9.17p2/plugins/python/pyhelpers.c:213:21: branch_true: following 'true' branch...
sudo-1.9.17p2/plugins/python/pyhelpers.c:214:30: branch_true: ...to here
sudo-1.9.17p2/plugins/python/pyhelpers.c:215:12: branch_true: following 'true' branch...
sudo-1.9.17p2/plugins/python/pyhelpers.c:216:13: branch_true: ...to here
sudo-1.9.17p2/plugins/python/pyhelpers.c:216:13: call_function: calling 'str_array_free' from 'py_str_array_from_tuple'
#  412|   str_array_free(char ***array)
#  413|   {
#  414|->     debug_decl(str_array_free, PYTHON_DEBUG_INTERNAL);
#  415|   
#  416|       if (*array == NULL)

Error: CPPCHECK_WARNING (CWE-457): [#def156]
sudo-1.9.17p2/plugins/python/python_plugin_common.c:336: error[legacyUninitvar]: Uninitialized variable: debug_files
#  334|           py_ctx.sudo_log = sudo_printf;
#  335|   
#  336|->     struct sudo_conf_debug_file_list debug_files = TAILQ_HEAD_INITIALIZER(debug_files);
#  337|       struct sudo_conf_debug_file_list *debug_files_ptr = &debug_files;
#  338|   

Error: GCC_ANALYZER_WARNING (CWE-401): [#def157]
sudo-1.9.17p2/plugins/python/sudo_python_module.c:360:17: warning[-Wanalyzer-malloc-leak]: leak of 'replies'
sudo-1.9.17p2/plugins/python/sudo_python_module.c:333:8: branch_false: following 'false' branch...
sudo-1.9.17p2/plugins/python/sudo_python_module.c:337:8: branch_false: ...to here
sudo-1.9.17p2/plugins/python/sudo_python_module.c:337:8: branch_false: following 'false' branch (when 'py_kwargs' is NULL)...
sudo-1.9.17p2/plugins/python/sudo_python_module.c:342:9: branch_false: ...to here
sudo-1.9.17p2/plugins/python/sudo_python_module.c:342:8: branch_false: following 'false' branch...
sudo-1.9.17p2/plugins/python/sudo_python_module.c:347:9: branch_false: ...to here
sudo-1.9.17p2/plugins/python/sudo_python_module.c:347:8: branch_false: following 'false' branch...
sudo-1.9.17p2/plugins/python/sudo_python_module.c:353:9: branch_false: ...to here
sudo-1.9.17p2/plugins/python/sudo_python_module.c:353:8: branch_false: following 'false' branch...
sudo-1.9.17p2/plugins/python/sudo_python_module.c:357:15: branch_false: ...to here
sudo-1.9.17p2/plugins/python/sudo_python_module.c:357:15: acquire_memory: allocated here
sudo-1.9.17p2/plugins/python/sudo_python_module.c:358:8: branch_false: following 'false' branch (when 'replies' is non-NULL)...
sudo-1.9.17p2/plugins/python/sudo_python_module.c:360:17: branch_false: ...to here
sudo-1.9.17p2/plugins/python/sudo_python_module.c:360:17: danger: 'replies' leaks here; was allocated at [(11)](sarif:/runs/0/results/1/codeFlows/0/threadFlows/0/locations/10)
#  358|       if (replies == NULL)
#  359|           goto cleanup;
#  360|->     py_result = PyTuple_New(num_msgs);
#  361|       if (py_result == NULL)
#  362|           goto cleanup;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def158]
sudo-1.9.17p2/plugins/python/sudo_python_module.c:365:9: warning[-Wanalyzer-malloc-leak]: leak of 'replies'
sudo-1.9.17p2/plugins/python/sudo_python_module.c:333:8: branch_false: following 'false' branch...
sudo-1.9.17p2/plugins/python/sudo_python_module.c:337:8: branch_false: ...to here
sudo-1.9.17p2/plugins/python/sudo_python_module.c:337:8: branch_false: following 'false' branch (when 'py_kwargs' is NULL)...
sudo-1.9.17p2/plugins/python/sudo_python_module.c:342:9: branch_false: ...to here
sudo-1.9.17p2/plugins/python/sudo_python_module.c:342:8: branch_false: following 'false' branch...
sudo-1.9.17p2/plugins/python/sudo_python_module.c:347:9: branch_false: ...to here
sudo-1.9.17p2/plugins/python/sudo_python_module.c:347:8: branch_false: following 'false' branch...
sudo-1.9.17p2/plugins/python/sudo_python_module.c:353:9: branch_false: ...to here
sudo-1.9.17p2/plugins/python/sudo_python_module.c:353:8: branch_false: following 'false' branch...
sudo-1.9.17p2/plugins/python/sudo_python_module.c:357:15: branch_false: ...to here
sudo-1.9.17p2/plugins/python/sudo_python_module.c:357:15: acquire_memory: allocated here
sudo-1.9.17p2/plugins/python/sudo_python_module.c:358:8: branch_false: following 'false' branch (when 'replies' is non-NULL)...
sudo-1.9.17p2/plugins/python/sudo_python_module.c:360:17: branch_false: ...to here
sudo-1.9.17p2/plugins/python/sudo_python_module.c:361:8: branch_false: following 'false' branch...
sudo-1.9.17p2/plugins/python/sudo_python_module.c:364:9: branch_false: ...to here
sudo-1.9.17p2/plugins/python/sudo_python_module.c:364:8: branch_true: following 'true' branch...
sudo-1.9.17p2/plugins/python/sudo_python_module.c:365:9: branch_true: ...to here
sudo-1.9.17p2/plugins/python/sudo_python_module.c:365:9: danger: 'replies' leaks here; was allocated at [(11)](sarif:/runs/0/results/2/codeFlows/0/threadFlows/0/locations/10)
#  363|   
#  364|       if (py_ctx.sudo_conv == NULL) {
#  365|->         PyErr_Format(sudo_exc_SudoException, "%s: conversation is unavailable",
#  366|                        __func__);
#  367|           goto cleanup;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def159]
sudo-1.9.17p2/plugins/python/sudo_python_module.c:370:14: warning[-Wanalyzer-malloc-leak]: leak of 'replies'
sudo-1.9.17p2/plugins/python/sudo_python_module.c:333:8: branch_false: following 'false' branch...
sudo-1.9.17p2/plugins/python/sudo_python_module.c:337:8: branch_false: ...to here
sudo-1.9.17p2/plugins/python/sudo_python_module.c:337:8: branch_false: following 'false' branch (when 'py_kwargs' is NULL)...
sudo-1.9.17p2/plugins/python/sudo_python_module.c:342:9: branch_false: ...to here
sudo-1.9.17p2/plugins/python/sudo_python_module.c:342:8: branch_false: following 'false' branch...
sudo-1.9.17p2/plugins/python/sudo_python_module.c:347:9: branch_false: ...to here
sudo-1.9.17p2/plugins/python/sudo_python_module.c:347:8: branch_false: following 'false' branch...
sudo-1.9.17p2/plugins/python/sudo_python_module.c:353:9: branch_false: ...to here
sudo-1.9.17p2/plugins/python/sudo_python_module.c:353:8: branch_false: following 'false' branch...
sudo-1.9.17p2/plugins/python/sudo_python_module.c:357:15: branch_false: ...to here
sudo-1.9.17p2/plugins/python/sudo_python_module.c:357:15: acquire_memory: allocated here
sudo-1.9.17p2/plugins/python/sudo_python_module.c:358:8: branch_false: following 'false' branch (when 'replies' is non-NULL)...
sudo-1.9.17p2/plugins/python/sudo_python_module.c:360:17: branch_false: ...to here
sudo-1.9.17p2/plugins/python/sudo_python_module.c:361:8: branch_false: following 'false' branch...
sudo-1.9.17p2/plugins/python/sudo_python_module.c:364:9: branch_false: ...to here
sudo-1.9.17p2/plugins/python/sudo_python_module.c:364:8: branch_false: following 'false' branch...
sudo-1.9.17p2/plugins/python/sudo_python_module.c:370:14: branch_false: ...to here
sudo-1.9.17p2/plugins/python/sudo_python_module.c:370:14: danger: 'replies' leaks here; was allocated at [(11)](sarif:/runs/0/results/3/codeFlows/0/threadFlows/0/locations/10)
#  368|       }
#  369|   
#  370|->     int rc = py_sudo_conv((int)num_msgs, msgs, replies, &callback);
#  371|       if (rc != 0) {
#  372|           PyErr_Format(sudo_exc_ConversationInterrupted,

Error: CPPCHECK_WARNING (CWE-476): [#def160]
sudo-1.9.17p2/plugins/sample/sample_plugin.c:162: warning[nullPointerOutOfMemory]: If memory allocation fails, then there is a possible null pointer dereference: path
#  160|       path = path0 = strdup(path ? path : _PATH_DEFPATH);
#  161|       do {
#  162|-> 	if ((cp = strchr(path, ':')))
#  163|   	    *cp = '\0';
#  164|   	snprintf(pathbuf, sizeof(pathbuf), "%s/%s", *path ? path : ".",

Error: GCC_ANALYZER_WARNING (CWE-688): [#def161]
sudo-1.9.17p2/plugins/sample/sample_plugin.c:162:19: warning[-Wanalyzer-possible-null-argument]: use of possibly-NULL 'path' where non-null expected
sudo-1.9.17p2/plugins/sample/sample_plugin.c:160:20: acquire_memory: this call could return NULL
sudo-1.9.17p2/plugins/sample/sample_plugin.c:162:19: danger: argument 1 ('path') from [(1)](sarif:/runs/0/results/0/codeFlows/0/threadFlows/0/locations/0) could be NULL where non-null expected
#argument 1 of '__builtin_strchr' must be non-null
#  160|       path = path0 = strdup(path ? path : _PATH_DEFPATH);
#  161|       do {
#  162|-> 	if ((cp = strchr(path, ':')))
#  163|   	    *cp = '\0';
#  164|   	snprintf(pathbuf, sizeof(pathbuf), "%s/%s", *path ? path : ".",

Error: CPPCHECK_WARNING (CWE-476): [#def162]
sudo-1.9.17p2/plugins/sample/sample_plugin.c:164: warning[nullPointerOutOfMemory]: If memory allocation fails, then there is a possible null pointer dereference: path
#  162|   	if ((cp = strchr(path, ':')))
#  163|   	    *cp = '\0';
#  164|-> 	snprintf(pathbuf, sizeof(pathbuf), "%s/%s", *path ? path : ".",
#  165|   	    command);
#  166|   	if (stat(pathbuf, &sb) == 0) {

Error: GCC_ANALYZER_WARNING (CWE-401): [#def163]
sudo-1.9.17p2/plugins/sample/sample_plugin.c:211:28: warning[-Wanalyzer-malloc-leak]: leak of 'command'
sudo-1.9.17p2/plugins/sample/sample_plugin.c:314:1: enter_function: entry to 'policy_check'
sudo-1.9.17p2/plugins/sample/sample_plugin.c:320:8: branch_false: following 'false' branch...
sudo-1.9.17p2/plugins/sample/sample_plugin.c:325:8: branch_false: following 'false' branch...
sudo-1.9.17p2/plugins/sample/sample_plugin.c:328:15: branch_false: ...to here
sudo-1.9.17p2/plugins/sample/sample_plugin.c:328:15: call_function: calling 'find_in_path' from 'policy_check'
sudo-1.9.17p2/plugins/sample/sample_plugin.c:328:15: return_function: returning to 'policy_check' from 'find_in_path'
sudo-1.9.17p2/plugins/sample/sample_plugin.c:329:8: branch_false: following 'false' branch...
sudo-1.9.17p2/plugins/sample/sample_plugin.c:335:9: branch_false: ...to here
sudo-1.9.17p2/plugins/sample/sample_plugin.c:338:8: branch_false: following 'false' branch...
sudo-1.9.17p2/plugins/sample/sample_plugin.c:349:9: branch_false: ...to here
sudo-1.9.17p2/plugins/sample/sample_plugin.c:356:25: call_function: calling 'build_command_info' from 'policy_check'
#  209|       if (command_info == NULL)
#  210|   	goto oom;
#  211|->     if ((command_info[i] = sudo_new_key_val("command", command)) == NULL)
#  212|   	goto oom;
#  213|       i++;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def164]
sudo-1.9.17p2/plugins/sample/sample_plugin.c:211:28: warning[-Wanalyzer-malloc-leak]: leak of 'command_info'
sudo-1.9.17p2/plugins/sample/sample_plugin.c:208:20: acquire_memory: allocated here
sudo-1.9.17p2/plugins/sample/sample_plugin.c:209:8: branch_false: following 'false' branch (when 'command_info' is non-NULL)...
sudo-1.9.17p2/plugins/sample/sample_plugin.c:211:28: branch_false: ...to here
sudo-1.9.17p2/plugins/sample/sample_plugin.c:211:28: danger: 'command_info' leaks here; was allocated at [(1)](sarif:/runs/0/results/1/codeFlows/0/threadFlows/0/locations/0)
#  209|       if (command_info == NULL)
#  210|   	goto oom;
#  211|->     if ((command_info[i] = sudo_new_key_val("command", command)) == NULL)
#  212|   	goto oom;
#  213|       i++;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def165]
sudo-1.9.17p2/plugins/sample/sample_plugin.c:292:9: warning[-Wanalyzer-malloc-leak]: leak of 'find_in_path(editor,  plugin_state.envp)'
sudo-1.9.17p2/plugins/sample/sample_plugin.c:247:1: enter_function: entry to 'find_editor'
sudo-1.9.17p2/plugins/sample/sample_plugin.c:261:8: branch_false: following 'false' branch (when 'editor' is non-NULL)...
 branch_false: ...to here
sudo-1.9.17p2/plugins/sample/sample_plugin.c:282:8: branch_false: following 'false' branch (when 'cp' is non-NULL)...
sudo-1.9.17p2/plugins/sample/sample_plugin.c:283:24: branch_false: ...to here
sudo-1.9.17p2/plugins/sample/sample_plugin.c:283:24: call_function: calling 'find_in_path' from 'find_editor'
sudo-1.9.17p2/plugins/sample/sample_plugin.c:283:24: return_function: returning to 'find_editor' from 'find_in_path'
sudo-1.9.17p2/plugins/sample/sample_plugin.c:282:9: branch_false: following 'false' branch...
sudo-1.9.17p2/plugins/sample/sample_plugin.c:287:8: branch_false: ...to here
sudo-1.9.17p2/plugins/sample/sample_plugin.c:287:8: branch_true: following 'true' branch...
sudo-1.9.17p2/plugins/sample/sample_plugin.c:288:9: branch_true: ...to here
sudo-1.9.17p2/plugins/sample/sample_plugin.c:291:8: branch_true: following 'true' branch (when 'nargv' is NULL)...
sudo-1.9.17p2/plugins/sample/sample_plugin.c:292:9: branch_true: ...to here
sudo-1.9.17p2/plugins/sample/sample_plugin.c:292:9: danger: 'find_in_path(editor,  plugin_state.envp)' leaks here; was allocated at [(27)](sarif:/runs/0/results/3/codeFlows/0/threadFlows/0/locations/26)
#  290|   	sizeof(char *));
#  291|       if (nargv == NULL) {
#  292|-> 	sudo_log(SUDO_CONV_ERROR_MSG, "unable to allocate memory\n");
#  293|   	free(editor_path);
#  294|   	return NULL;

Error: CPPCHECK_WARNING (CWE-457): [#def166]
sudo-1.9.17p2/plugins/sample_approval/sample_approval.c:56: error[legacyUninitvar]: Uninitialized variable: debug_files
#   54|   {
#   55|       struct sudo_conf_debug_file_list debug_files =
#   56|-> 	TAILQ_HEAD_INITIALIZER(debug_files);
#   57|       struct sudo_debug_file *debug_file;
#   58|       const char *cp, *plugin_path = NULL;

Error: GCC_ANALYZER_WARNING (CWE-404): [#def167]
sudo-1.9.17p2/plugins/sudoers/audit.c:112:5: warning[-Wanalyzer-va-list-leak]: missing call to 'va_end'
sudo-1.9.17p2/plugins/sudoers/audit.c:134:1: enter_function: entry to 'audit_failure'
sudo-1.9.17p2/plugins/sudoers/audit.c:141:5: acquire_resource: 'va_start' called here
sudo-1.9.17p2/plugins/sudoers/audit.c:142:11: call_function: calling 'vaudit_failure' from 'audit_failure'
#  110|       int oldlocale, ret;
#  111|       char *message;
#  112|->     debug_decl(vaudit_failure, SUDOERS_DEBUG_AUDIT);
#  113|   
#  114|       /* Audit messages should be in the sudoers locale. */

Error: GCC_ANALYZER_WARNING (CWE-404): [#def168]
sudo-1.9.17p2/plugins/sudoers/audit.c:115:5: warning[-Wanalyzer-va-list-leak]: missing call to 'va_end'
sudo-1.9.17p2/plugins/sudoers/audit.c:134:1: enter_function: entry to 'audit_failure'
sudo-1.9.17p2/plugins/sudoers/audit.c:141:5: acquire_resource: 'va_start' called here
sudo-1.9.17p2/plugins/sudoers/audit.c:142:11: call_function: calling 'vaudit_failure' from 'audit_failure'
#  113|   
#  114|       /* Audit messages should be in the sudoers locale. */
#  115|->     sudoers_setlocale(SUDOERS_LOCALE_SUDOERS, &oldlocale);
#  116|   
#  117|       if ((ret = vasprintf(&message, _(fmt), ap)) == -1)

Error: CPPCHECK_WARNING (CWE-457): [#def169]
sudo-1.9.17p2/plugins/sudoers/audit.c:155: error[legacyUninitvar]: Uninitialized variable: debug_files
#  153|       const char **errstr)
#  154|   {
#  155|->     struct sudo_conf_debug_file_list debug_files = TAILQ_HEAD_INITIALIZER(debug_files);
#  156|       struct sudoers_open_info info;
#  157|       const char *cp, *plugin_path = NULL;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def170]
sudo-1.9.17p2/plugins/sudoers/auth/pam.c:632:5: warning[-Wanalyzer-malloc-leak]: leak of 'reply'
sudo-1.9.17p2/plugins/sudoers/auth/pam.c:687:1: enter_function: entry to 'converse'
sudo-1.9.17p2/plugins/sudoers/auth/pam.c:698:8: branch_false: following 'false' branch...
sudo-1.9.17p2/plugins/sudoers/auth/pam.c:703:5: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/auth/pam.c:706:13: acquire_memory: allocated here
sudo-1.9.17p2/plugins/sudoers/auth/pam.c:707:8: branch_false: following 'false' branch (when 'reply' is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/auth/pam.c:712:8: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/auth/pam.c:712:8: branch_false: following 'false' branch (when 'appdata_ptr' is NULL)...
sudo-1.9.17p2/plugins/sudoers/auth/pam.c:715:5: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/auth/pam.c:715:17: branch_true: following 'true' branch (when 'n < num_msg')...
sudo-1.9.17p2/plugins/sudoers/auth/pam.c:716:44: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/auth/pam.c:725:16: branch_false: following 'false' branch...
sudo-1.9.17p2/plugins/sudoers/auth/pam.c:729:17: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/auth/pam.c:729:16: branch_false: following 'false' branch...
sudo-1.9.17p2/plugins/sudoers/auth/pam.c:735:37: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/auth/pam.c:735:22: call_function: calling 'use_pam_prompt' from 'converse'
#  630|   {
#  631|       size_t user_len;
#  632|->     debug_decl(use_pam_prompt, SUDOERS_DEBUG_AUTH);
#  633|   
#  634|       /* Always use sudo prompt if passprompt_override is set. */

Error: GCC_ANALYZER_WARNING (CWE-401): [#def171]
sudo-1.9.17p2/plugins/sudoers/auth/pam.c:636:9: warning[-Wanalyzer-malloc-leak]: leak of 'reply'
sudo-1.9.17p2/plugins/sudoers/auth/pam.c:687:1: enter_function: entry to 'converse'
sudo-1.9.17p2/plugins/sudoers/auth/pam.c:698:8: branch_false: following 'false' branch...
sudo-1.9.17p2/plugins/sudoers/auth/pam.c:703:5: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/auth/pam.c:706:13: acquire_memory: allocated here
sudo-1.9.17p2/plugins/sudoers/auth/pam.c:707:8: branch_false: following 'false' branch (when 'reply' is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/auth/pam.c:712:8: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/auth/pam.c:712:8: branch_false: following 'false' branch (when 'appdata_ptr' is NULL)...
sudo-1.9.17p2/plugins/sudoers/auth/pam.c:715:5: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/auth/pam.c:715:17: branch_true: following 'true' branch (when 'n < num_msg')...
sudo-1.9.17p2/plugins/sudoers/auth/pam.c:716:44: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/auth/pam.c:725:16: branch_false: following 'false' branch...
sudo-1.9.17p2/plugins/sudoers/auth/pam.c:729:17: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/auth/pam.c:729:16: branch_false: following 'false' branch...
sudo-1.9.17p2/plugins/sudoers/auth/pam.c:735:37: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/auth/pam.c:735:22: call_function: calling 'use_pam_prompt' from 'converse'
#  634|       /* Always use sudo prompt if passprompt_override is set. */
#  635|       if (def_passprompt_override)
#  636|-> 	debug_return_bool(false);
#  637|   
#  638|       /* If sudo prompt matches "^Password: ?$", use PAM prompt. */

Error: GCC_ANALYZER_WARNING (CWE-401): [#def172]
sudo-1.9.17p2/plugins/sudoers/auth/pam.c:640:9: warning[-Wanalyzer-malloc-leak]: leak of 'reply'
sudo-1.9.17p2/plugins/sudoers/auth/pam.c:687:1: enter_function: entry to 'converse'
sudo-1.9.17p2/plugins/sudoers/auth/pam.c:698:8: branch_false: following 'false' branch...
sudo-1.9.17p2/plugins/sudoers/auth/pam.c:703:5: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/auth/pam.c:706:13: acquire_memory: allocated here
sudo-1.9.17p2/plugins/sudoers/auth/pam.c:707:8: branch_false: following 'false' branch (when 'reply' is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/auth/pam.c:712:8: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/auth/pam.c:712:8: branch_true: following 'true' branch (when 'appdata_ptr' is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/auth/pam.c:713:9: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/auth/pam.c:715:17: branch_true: following 'true' branch (when 'n < num_msg')...
sudo-1.9.17p2/plugins/sudoers/auth/pam.c:716:44: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/auth/pam.c:725:16: branch_false: following 'false' branch...
sudo-1.9.17p2/plugins/sudoers/auth/pam.c:729:17: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/auth/pam.c:729:16: branch_false: following 'false' branch...
sudo-1.9.17p2/plugins/sudoers/auth/pam.c:735:37: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/auth/pam.c:735:22: call_function: calling 'use_pam_prompt' from 'converse'
#  638|       /* If sudo prompt matches "^Password: ?$", use PAM prompt. */
#  639|       if (PROMPT_IS_PASSWORD(def_prompt))
#  640|-> 	debug_return_bool(true);
#  641|   
#  642|       /* If PAM prompt matches "^Password: ?$", use sudo prompt. */

Error: GCC_ANALYZER_WARNING (CWE-401): [#def173]
sudo-1.9.17p2/plugins/sudoers/auth/pam.c:644:9: warning[-Wanalyzer-malloc-leak]: leak of 'reply'
sudo-1.9.17p2/plugins/sudoers/auth/pam.c:687:1: enter_function: entry to 'converse'
sudo-1.9.17p2/plugins/sudoers/auth/pam.c:698:8: branch_false: following 'false' branch...
sudo-1.9.17p2/plugins/sudoers/auth/pam.c:703:5: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/auth/pam.c:706:13: acquire_memory: allocated here
sudo-1.9.17p2/plugins/sudoers/auth/pam.c:707:8: branch_false: following 'false' branch (when 'reply' is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/auth/pam.c:712:8: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/auth/pam.c:712:8: branch_true: following 'true' branch (when 'appdata_ptr' is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/auth/pam.c:713:9: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/auth/pam.c:715:17: branch_true: following 'true' branch (when 'n < num_msg')...
sudo-1.9.17p2/plugins/sudoers/auth/pam.c:716:44: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/auth/pam.c:725:16: branch_false: following 'false' branch...
sudo-1.9.17p2/plugins/sudoers/auth/pam.c:729:17: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/auth/pam.c:729:16: branch_false: following 'false' branch...
sudo-1.9.17p2/plugins/sudoers/auth/pam.c:735:37: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/auth/pam.c:735:22: call_function: calling 'use_pam_prompt' from 'converse'
#  642|       /* If PAM prompt matches "^Password: ?$", use sudo prompt. */
#  643|       if (PAM_PROMPT_IS_PASSWORD(pam_prompt))
#  644|-> 	debug_return_bool(false);
#  645|   
#  646|       /*

Error: GCC_ANALYZER_WARNING (CWE-401): [#def174]
sudo-1.9.17p2/plugins/sudoers/auth/pam.c:657:17: warning[-Wanalyzer-malloc-leak]: leak of 'reply'
sudo-1.9.17p2/plugins/sudoers/auth/pam.c:687:1: enter_function: entry to 'converse'
sudo-1.9.17p2/plugins/sudoers/auth/pam.c:698:8: branch_false: following 'false' branch...
sudo-1.9.17p2/plugins/sudoers/auth/pam.c:703:5: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/auth/pam.c:706:13: acquire_memory: allocated here
sudo-1.9.17p2/plugins/sudoers/auth/pam.c:707:8: branch_false: following 'false' branch (when 'reply' is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/auth/pam.c:712:8: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/auth/pam.c:712:8: branch_true: following 'true' branch (when 'appdata_ptr' is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/auth/pam.c:713:9: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/auth/pam.c:715:17: branch_true: following 'true' branch (when 'n < num_msg')...
sudo-1.9.17p2/plugins/sudoers/auth/pam.c:716:44: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/auth/pam.c:725:16: branch_false: following 'false' branch...
sudo-1.9.17p2/plugins/sudoers/auth/pam.c:729:17: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/auth/pam.c:729:16: branch_false: following 'false' branch...
sudo-1.9.17p2/plugins/sudoers/auth/pam.c:735:37: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/auth/pam.c:735:22: call_function: calling 'use_pam_prompt' from 'converse'
#  655|   	    if (strncmp(cp, "'s Password:", 12) == 0 &&
#  656|   		(cp[12] == '\0' || (cp[12] == ' ' && cp[13] == '\0')))
#  657|-> 		debug_return_bool(false);
#  658|   	}
#  659|       }

Error: GCC_ANALYZER_WARNING (CWE-401): [#def175]
sudo-1.9.17p2/plugins/sudoers/auth/pam.c:662:5: warning[-Wanalyzer-malloc-leak]: leak of 'reply'
sudo-1.9.17p2/plugins/sudoers/auth/pam.c:687:1: enter_function: entry to 'converse'
sudo-1.9.17p2/plugins/sudoers/auth/pam.c:698:8: branch_false: following 'false' branch...
sudo-1.9.17p2/plugins/sudoers/auth/pam.c:703:5: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/auth/pam.c:706:13: acquire_memory: allocated here
sudo-1.9.17p2/plugins/sudoers/auth/pam.c:707:8: branch_false: following 'false' branch (when 'reply' is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/auth/pam.c:712:8: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/auth/pam.c:712:8: branch_true: following 'true' branch (when 'appdata_ptr' is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/auth/pam.c:713:9: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/auth/pam.c:715:17: branch_true: following 'true' branch (when 'n < num_msg')...
sudo-1.9.17p2/plugins/sudoers/auth/pam.c:716:44: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/auth/pam.c:725:16: branch_false: following 'false' branch...
sudo-1.9.17p2/plugins/sudoers/auth/pam.c:729:17: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/auth/pam.c:729:16: branch_false: following 'false' branch...
sudo-1.9.17p2/plugins/sudoers/auth/pam.c:735:37: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/auth/pam.c:735:22: call_function: calling 'use_pam_prompt' from 'converse'
#  660|   
#  661|       /* Otherwise, use the PAM prompt. */
#  662|->     debug_return_bool(true);
#  663|   }
#  664|   

Error: GCC_ANALYZER_WARNING (CWE-401): [#def176]
sudo-1.9.17p2/plugins/sudoers/auth/pam.c:755:17: warning[-Wanalyzer-malloc-leak]: leak of 'reply'
sudo-1.9.17p2/plugins/sudoers/auth/pam.c:698:8: branch_false: following 'false' branch...
sudo-1.9.17p2/plugins/sudoers/auth/pam.c:703:5: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/auth/pam.c:706:13: acquire_memory: allocated here
sudo-1.9.17p2/plugins/sudoers/auth/pam.c:707:8: branch_false: following 'false' branch (when 'reply' is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/auth/pam.c:712:8: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/auth/pam.c:712:8: branch_false: following 'false' branch (when 'appdata_ptr' is NULL)...
sudo-1.9.17p2/plugins/sudoers/auth/pam.c:715:5: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/auth/pam.c:715:17: branch_true: following 'true' branch (when 'n < num_msg')...
sudo-1.9.17p2/plugins/sudoers/auth/pam.c:716:44: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/auth/pam.c:754:16: branch_true: following 'true' branch...
sudo-1.9.17p2/plugins/sudoers/auth/pam.c:754:37: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/auth/pam.c:754:17: branch_false: following 'false' branch...
sudo-1.9.17p2/plugins/sudoers/auth/pam.c:755:17: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/auth/pam.c:755:17: danger: 'reply' leaks here; was allocated at [(3)](sarif:/runs/0/results/6/codeFlows/0/threadFlows/0/locations/2)
#  753|   	case PAM_TEXT_INFO:
#  754|   	    if (pm->msg != NULL && !is_filtered(pm->msg))
#  755|-> 		sudo_printf(SUDO_CONV_INFO_MSG|SUDO_CONV_PREFER_TTY,
#  756|   		    "%s\n", pm->msg);
#  757|   	    break;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def177]
sudo-1.9.17p2/plugins/sudoers/auth/pam.c:760:17: warning[-Wanalyzer-malloc-leak]: leak of 'reply'
sudo-1.9.17p2/plugins/sudoers/auth/pam.c:698:8: branch_false: following 'false' branch...
sudo-1.9.17p2/plugins/sudoers/auth/pam.c:703:5: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/auth/pam.c:706:13: acquire_memory: allocated here
sudo-1.9.17p2/plugins/sudoers/auth/pam.c:707:8: branch_false: following 'false' branch (when 'reply' is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/auth/pam.c:712:8: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/auth/pam.c:712:8: branch_false: following 'false' branch (when 'appdata_ptr' is NULL)...
sudo-1.9.17p2/plugins/sudoers/auth/pam.c:715:5: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/auth/pam.c:715:17: branch_true: following 'true' branch (when 'n < num_msg')...
sudo-1.9.17p2/plugins/sudoers/auth/pam.c:716:44: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/auth/pam.c:759:16: branch_true: following 'true' branch...
sudo-1.9.17p2/plugins/sudoers/auth/pam.c:760:17: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/auth/pam.c:760:17: danger: 'reply' leaks here; was allocated at [(3)](sarif:/runs/0/results/7/codeFlows/0/threadFlows/0/locations/2)
#  758|   	case PAM_ERROR_MSG:
#  759|   	    if (pm->msg != NULL)
#  760|-> 		sudo_printf(SUDO_CONV_ERROR_MSG|SUDO_CONV_PREFER_TTY,
#  761|   		    "%s\n", pm->msg);
#  762|   	    break;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def178]
sudo-1.9.17p2/plugins/sudoers/auth/pam.c:764:13: warning[-Wanalyzer-malloc-leak]: leak of 'reply'
sudo-1.9.17p2/plugins/sudoers/auth/pam.c:698:8: branch_false: following 'false' branch...
sudo-1.9.17p2/plugins/sudoers/auth/pam.c:703:5: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/auth/pam.c:706:13: acquire_memory: allocated here
sudo-1.9.17p2/plugins/sudoers/auth/pam.c:707:8: branch_false: following 'false' branch (when 'reply' is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/auth/pam.c:712:8: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/auth/pam.c:712:8: branch_false: following 'false' branch (when 'appdata_ptr' is NULL)...
sudo-1.9.17p2/plugins/sudoers/auth/pam.c:715:5: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/auth/pam.c:715:17: branch_true: following 'true' branch (when 'n < num_msg')...
sudo-1.9.17p2/plugins/sudoers/auth/pam.c:716:44: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/auth/pam.c:764:13: danger: 'reply' leaks here; was allocated at [(3)](sarif:/runs/0/results/8/codeFlows/0/threadFlows/0/locations/2)
#  762|   	    break;
#  763|   	default:
#  764|-> 	    sudo_debug_printf(SUDO_DEBUG_ERROR|SUDO_DEBUG_LINENO,
#  765|   		"unsupported message style: %d", pm->msg_style);
#  766|   	    goto bad;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def179]
sudo-1.9.17p2/plugins/sudoers/auth/pam.c:779:13: warning[-Wanalyzer-malloc-leak]: leak of 'reply'
sudo-1.9.17p2/plugins/sudoers/auth/pam.c:698:8: branch_false: following 'false' branch...
sudo-1.9.17p2/plugins/sudoers/auth/pam.c:703:5: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/auth/pam.c:706:13: acquire_memory: allocated here
sudo-1.9.17p2/plugins/sudoers/auth/pam.c:707:8: branch_false: following 'false' branch (when 'reply' is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/auth/pam.c:712:8: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/auth/pam.c:712:8: branch_false: following 'false' branch (when 'appdata_ptr' is NULL)...
sudo-1.9.17p2/plugins/sudoers/auth/pam.c:715:5: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/auth/pam.c:715:17: branch_true: following 'true' branch (when 'n < num_msg')...
sudo-1.9.17p2/plugins/sudoers/auth/pam.c:716:44: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/auth/pam.c:775:17: branch_true: following 'true' branch (when 'n < num_msg')...
sudo-1.9.17p2/plugins/sudoers/auth/pam.c:776:41: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/auth/pam.c:778:12: branch_true: following 'true' branch...
sudo-1.9.17p2/plugins/sudoers/auth/pam.c:779:13: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/auth/pam.c:779:13: danger: 'reply' leaks here; was allocated at [(3)](sarif:/runs/0/results/9/codeFlows/0/threadFlows/0/locations/2)
#  777|   
#  778|   	if (pr->resp != NULL) {
#  779|-> 	    freezero(pr->resp, strlen(pr->resp));
#  780|   	    pr->resp = NULL;
#  781|   	}

Error: GCC_ANALYZER_WARNING (CWE-775): [#def180]
sudo-1.9.17p2/plugins/sudoers/boottime.c:67:23: warning[-Wanalyzer-file-leak]: leak of FILE 'fopen("/proc/stat", "r")'
sudo-1.9.17p2/plugins/sudoers/boottime.c:65:10: acquire_resource: opened here
sudo-1.9.17p2/plugins/sudoers/boottime.c:66:8: branch_true: following 'true' branch...
 branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/boottime.c:67:23: danger: 'fopen("/proc/stat", "r")' leaks here; was opened at [(1)](sarif:/runs/0/results/0/codeFlows/0/threadFlows/0/locations/0)
#   65|       fp = fopen("/proc/stat", "r");
#   66|       if (fp != NULL) {
#   67|-> 	while ((len = getdelim(&line, &linesize, '\n', fp)) != -1) {
#   68|   	    if (strncmp(line, "btime ", 6) == 0) {
#   69|   		if (line[len - 1] == '\n')

Error: GCC_ANALYZER_WARNING (CWE-401): [#def181]
sudo-1.9.17p2/plugins/sudoers/boottime.c:67:23: warning[-Wanalyzer-malloc-leak]: leak of 'fopen("/proc/stat", "r")'
sudo-1.9.17p2/plugins/sudoers/boottime.c:65:10: acquire_memory: allocated here
sudo-1.9.17p2/plugins/sudoers/boottime.c:66:8: branch_true: following 'true' branch...
 branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/boottime.c:67:23: danger: 'fopen("/proc/stat", "r")' leaks here; was allocated at [(1)](sarif:/runs/0/results/1/codeFlows/0/threadFlows/0/locations/0)
#   65|       fp = fopen("/proc/stat", "r");
#   66|       if (fp != NULL) {
#   67|-> 	while ((len = getdelim(&line, &linesize, '\n', fp)) != -1) {
#   68|   	    if (strncmp(line, "btime ", 6) == 0) {
#   69|   		if (line[len - 1] == '\n')

Error: CPPCHECK_WARNING (CWE-457): [#def182]
sudo-1.9.17p2/plugins/sudoers/cvtsudoers.c:108: error[legacyUninitvar]: Uninitialized variable: parse_trees
#  106|   main(int argc, char *argv[])
#  107|   {
#  108|->     struct sudoers_parse_tree_list parse_trees = TAILQ_HEAD_INITIALIZER(parse_trees);
#  109|       struct sudoers_context ctx = SUDOERS_CONTEXT_INITIALIZER;
#  110|       struct sudoers_parse_tree merged_tree, *parse_tree = NULL;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def183]
sudo-1.9.17p2/plugins/sudoers/cvtsudoers.c:898:17: warning[-Wanalyzer-malloc-leak]: leak of ‘shosts’
sudo-1.9.17p2/plugins/sudoers/cvtsudoers.c:1410:1: enter_function: entry to ‘alias_prune_helper’
sudo-1.9.17p2/plugins/sudoers/cvtsudoers.c:1421:9: call_function: calling ‘hostlist_matches_filter’ from ‘alias_prune_helper’
#  896|   	    shost = strndup(lhost, (size_t)(shost - lhost));
#  897|   	    if (shost == NULL) {
#  898|-> 		sudo_fatalx(U_("%s: %s"), __func__,
#  899|   		    U_("unable to allocate memory"));
#  900|   	    }

Error: GCC_ANALYZER_WARNING (CWE-401): [#def184]
sudo-1.9.17p2/plugins/sudoers/cvtsudoers.c:925:17: warning[-Wanalyzer-malloc-leak]: leak of ‘shosts’
sudo-1.9.17p2/plugins/sudoers/cvtsudoers.c:1410:1: enter_function: entry to ‘alias_prune_helper’
sudo-1.9.17p2/plugins/sudoers/cvtsudoers.c:1421:9: call_function: calling ‘hostlist_matches_filter’ from ‘alias_prune_helper’
#  923|   	    /* Only need one host in the filter to match. */
#  924|   	    /* XXX - can't use netgroup_tuple with NULL pw */
#  925|-> 	    if (host_matches(parse_tree, NULL, lhost, shost, m) == ALLOW) {
#  926|   		matched = true;
#  927|   		break;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def185]
sudo-1.9.17p2/plugins/sudoers/cvtsudoers.c:935:13: warning[-Wanalyzer-malloc-leak]: leak of ‘shosts’
sudo-1.9.17p2/plugins/sudoers/cvtsudoers.c:1410:1: enter_function: entry to ‘alias_prune_helper’
sudo-1.9.17p2/plugins/sudoers/cvtsudoers.c:1421:9: call_function: calling ‘hostlist_matches_filter’ from ‘alias_prune_helper’
#  933|   	} else if (conf->prune_matches) {
#  934|   	    TAILQ_REMOVE(hostlist, m, entries);
#  935|-> 	    free_member(m);
#  936|   	}
#  937|       }

Error: CPPCHECK_WARNING (CWE-457): [#def186]
sudo-1.9.17p2/plugins/sudoers/cvtsudoers.c:1279: error[legacyUninitvar]: Uninitialized variable: user_aliases
# 1277|       struct cvtsudoers_config *conf)
# 1278|   {
# 1279|->     struct member_list user_aliases = TAILQ_HEAD_INITIALIZER(user_aliases);
# 1280|       struct member_list runas_aliases = TAILQ_HEAD_INITIALIZER(runas_aliases);
# 1281|       struct member_list host_aliases = TAILQ_HEAD_INITIALIZER(host_aliases);

Error: CPPCHECK_WARNING (CWE-457): [#def187]
sudo-1.9.17p2/plugins/sudoers/cvtsudoers.c:1280: error[legacyUninitvar]: Uninitialized variable: runas_aliases
# 1278|   {
# 1279|       struct member_list user_aliases = TAILQ_HEAD_INITIALIZER(user_aliases);
# 1280|->     struct member_list runas_aliases = TAILQ_HEAD_INITIALIZER(runas_aliases);
# 1281|       struct member_list host_aliases = TAILQ_HEAD_INITIALIZER(host_aliases);
# 1282|       struct member_list cmnd_aliases = TAILQ_HEAD_INITIALIZER(cmnd_aliases);

Error: CPPCHECK_WARNING (CWE-457): [#def188]
sudo-1.9.17p2/plugins/sudoers/cvtsudoers.c:1281: error[legacyUninitvar]: Uninitialized variable: host_aliases
# 1279|       struct member_list user_aliases = TAILQ_HEAD_INITIALIZER(user_aliases);
# 1280|       struct member_list runas_aliases = TAILQ_HEAD_INITIALIZER(runas_aliases);
# 1281|->     struct member_list host_aliases = TAILQ_HEAD_INITIALIZER(host_aliases);
# 1282|       struct member_list cmnd_aliases = TAILQ_HEAD_INITIALIZER(cmnd_aliases);
# 1283|       struct defaults *def, *def_next;

Error: CPPCHECK_WARNING (CWE-457): [#def189]
sudo-1.9.17p2/plugins/sudoers/cvtsudoers.c:1282: error[legacyUninitvar]: Uninitialized variable: cmnd_aliases
# 1280|       struct member_list runas_aliases = TAILQ_HEAD_INITIALIZER(runas_aliases);
# 1281|       struct member_list host_aliases = TAILQ_HEAD_INITIALIZER(host_aliases);
# 1282|->     struct member_list cmnd_aliases = TAILQ_HEAD_INITIALIZER(cmnd_aliases);
# 1283|       struct defaults *def, *def_next;
# 1284|       struct member *m, *m_next;

Error: GCC_ANALYZER_WARNING (CWE-775): [#def190]
sudo-1.9.17p2/plugins/sudoers/cvtsudoers_csv.c:426:5: warning[-Wanalyzer-file-leak]: leak of FILE ‘output_fp’
sudo-1.9.17p2/plugins/sudoers/cvtsudoers_csv.c:713:1: enter_function: entry to ‘convert_sudoers_csv’
sudo-1.9.17p2/plugins/sudoers/cvtsudoers_csv.c:720:8: branch_true: following ‘true’ branch...
sudo-1.9.17p2/plugins/sudoers/cvtsudoers_csv.c:721:26: acquire_resource: opened here
sudo-1.9.17p2/plugins/sudoers/cvtsudoers_csv.c:721:12: branch_false: following ‘false’ branch...
sudo-1.9.17p2/plugins/sudoers/cvtsudoers_csv.c:728:10: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/cvtsudoers_csv.c:728:8: branch_false: following ‘false’ branch...
sudo-1.9.17p2/plugins/sudoers/cvtsudoers_csv.c:735:10: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/cvtsudoers_csv.c:735:8: branch_false: following ‘false’ branch...
sudo-1.9.17p2/plugins/sudoers/cvtsudoers_csv.c:735:35: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/cvtsudoers_csv.c:735:9: branch_true: following ‘true’ branch...
sudo-1.9.17p2/plugins/sudoers/cvtsudoers_csv.c:736:14: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/cvtsudoers_csv.c:736:14: call_function: calling ‘print_aliases_csv’ from ‘convert_sudoers_csv’
#  424|   print_aliases_csv(FILE *fp, const struct sudoers_parse_tree *parse_tree)
#  425|   {
#  426|->     debug_decl(print_aliases_csv, SUDOERS_DEBUG_UTIL);
#  427|   
#  428|       if (TAILQ_EMPTY(&parse_tree->defaults))

Error: GCC_ANALYZER_WARNING (CWE-401): [#def191]
sudo-1.9.17p2/plugins/sudoers/cvtsudoers_csv.c:426:5: warning[-Wanalyzer-malloc-leak]: leak of ‘output_fp’
sudo-1.9.17p2/plugins/sudoers/cvtsudoers_csv.c:713:1: enter_function: entry to ‘convert_sudoers_csv’
sudo-1.9.17p2/plugins/sudoers/cvtsudoers_csv.c:720:8: branch_true: following ‘true’ branch...
sudo-1.9.17p2/plugins/sudoers/cvtsudoers_csv.c:721:26: acquire_memory: allocated here
sudo-1.9.17p2/plugins/sudoers/cvtsudoers_csv.c:721:12: branch_false: following ‘false’ branch...
sudo-1.9.17p2/plugins/sudoers/cvtsudoers_csv.c:728:10: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/cvtsudoers_csv.c:728:8: branch_false: following ‘false’ branch...
sudo-1.9.17p2/plugins/sudoers/cvtsudoers_csv.c:735:10: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/cvtsudoers_csv.c:735:8: branch_false: following ‘false’ branch...
sudo-1.9.17p2/plugins/sudoers/cvtsudoers_csv.c:735:35: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/cvtsudoers_csv.c:735:9: branch_true: following ‘true’ branch...
sudo-1.9.17p2/plugins/sudoers/cvtsudoers_csv.c:736:14: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/cvtsudoers_csv.c:736:14: call_function: calling ‘print_aliases_csv’ from ‘convert_sudoers_csv’
#  424|   print_aliases_csv(FILE *fp, const struct sudoers_parse_tree *parse_tree)
#  425|   {
#  426|->     debug_decl(print_aliases_csv, SUDOERS_DEBUG_UTIL);
#  427|   
#  428|       if (TAILQ_EMPTY(&parse_tree->defaults))

Error: GCC_ANALYZER_WARNING (CWE-775): [#def192]
sudo-1.9.17p2/plugins/sudoers/cvtsudoers_csv.c:429:9: warning[-Wanalyzer-file-leak]: leak of FILE ‘output_fp’
sudo-1.9.17p2/plugins/sudoers/cvtsudoers_csv.c:713:1: enter_function: entry to ‘convert_sudoers_csv’
sudo-1.9.17p2/plugins/sudoers/cvtsudoers_csv.c:720:8: branch_true: following ‘true’ branch...
sudo-1.9.17p2/plugins/sudoers/cvtsudoers_csv.c:721:26: acquire_resource: opened here
sudo-1.9.17p2/plugins/sudoers/cvtsudoers_csv.c:721:12: branch_false: following ‘false’ branch...
sudo-1.9.17p2/plugins/sudoers/cvtsudoers_csv.c:728:10: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/cvtsudoers_csv.c:728:8: branch_false: following ‘false’ branch...
sudo-1.9.17p2/plugins/sudoers/cvtsudoers_csv.c:735:10: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/cvtsudoers_csv.c:735:8: branch_false: following ‘false’ branch...
sudo-1.9.17p2/plugins/sudoers/cvtsudoers_csv.c:735:35: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/cvtsudoers_csv.c:735:9: branch_true: following ‘true’ branch...
sudo-1.9.17p2/plugins/sudoers/cvtsudoers_csv.c:736:14: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/cvtsudoers_csv.c:736:14: call_function: calling ‘print_aliases_csv’ from ‘convert_sudoers_csv’
#  427|   
#  428|       if (TAILQ_EMPTY(&parse_tree->defaults))
#  429|-> 	debug_return_bool(true);
#  430|   
#  431|       /* Heading line. */

Error: GCC_ANALYZER_WARNING (CWE-401): [#def193]
sudo-1.9.17p2/plugins/sudoers/cvtsudoers_csv.c:429:9: warning[-Wanalyzer-malloc-leak]: leak of ‘output_fp’
sudo-1.9.17p2/plugins/sudoers/cvtsudoers_csv.c:713:1: enter_function: entry to ‘convert_sudoers_csv’
sudo-1.9.17p2/plugins/sudoers/cvtsudoers_csv.c:720:8: branch_true: following ‘true’ branch...
sudo-1.9.17p2/plugins/sudoers/cvtsudoers_csv.c:721:26: acquire_memory: allocated here
sudo-1.9.17p2/plugins/sudoers/cvtsudoers_csv.c:721:12: branch_false: following ‘false’ branch...
sudo-1.9.17p2/plugins/sudoers/cvtsudoers_csv.c:728:10: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/cvtsudoers_csv.c:728:8: branch_false: following ‘false’ branch...
sudo-1.9.17p2/plugins/sudoers/cvtsudoers_csv.c:735:10: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/cvtsudoers_csv.c:735:8: branch_false: following ‘false’ branch...
sudo-1.9.17p2/plugins/sudoers/cvtsudoers_csv.c:735:35: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/cvtsudoers_csv.c:735:9: branch_true: following ‘true’ branch...
sudo-1.9.17p2/plugins/sudoers/cvtsudoers_csv.c:736:14: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/cvtsudoers_csv.c:736:14: call_function: calling ‘print_aliases_csv’ from ‘convert_sudoers_csv’
#  427|   
#  428|       if (TAILQ_EMPTY(&parse_tree->defaults))
#  429|-> 	debug_return_bool(true);
#  430|   
#  431|       /* Heading line. */

Error: GCC_ANALYZER_WARNING (CWE-775): [#def194]
sudo-1.9.17p2/plugins/sudoers/cvtsudoers_csv.c:435:10: warning[-Wanalyzer-file-leak]: leak of FILE ‘output_fp’
sudo-1.9.17p2/plugins/sudoers/cvtsudoers_csv.c:713:1: enter_function: entry to ‘convert_sudoers_csv’
sudo-1.9.17p2/plugins/sudoers/cvtsudoers_csv.c:720:8: branch_true: following ‘true’ branch...
sudo-1.9.17p2/plugins/sudoers/cvtsudoers_csv.c:721:26: acquire_resource: opened here
sudo-1.9.17p2/plugins/sudoers/cvtsudoers_csv.c:721:12: branch_false: following ‘false’ branch...
sudo-1.9.17p2/plugins/sudoers/cvtsudoers_csv.c:728:10: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/cvtsudoers_csv.c:728:8: branch_false: following ‘false’ branch...
sudo-1.9.17p2/plugins/sudoers/cvtsudoers_csv.c:735:10: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/cvtsudoers_csv.c:735:8: branch_false: following ‘false’ branch...
sudo-1.9.17p2/plugins/sudoers/cvtsudoers_csv.c:735:35: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/cvtsudoers_csv.c:735:9: branch_true: following ‘true’ branch...
sudo-1.9.17p2/plugins/sudoers/cvtsudoers_csv.c:736:14: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/cvtsudoers_csv.c:736:14: call_function: calling ‘print_aliases_csv’ from ‘convert_sudoers_csv’
#  433|   
#  434|       /* print_alias_csv() does not modify parse_tree. */
#  435|->     if (!alias_apply((struct sudoers_parse_tree *)parse_tree, print_alias_csv,
#  436|   	    fp)) {
#  437|   	debug_return_bool(false);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def195]
sudo-1.9.17p2/plugins/sudoers/cvtsudoers_csv.c:435:10: warning[-Wanalyzer-malloc-leak]: leak of ‘output_fp’
sudo-1.9.17p2/plugins/sudoers/cvtsudoers_csv.c:713:1: enter_function: entry to ‘convert_sudoers_csv’
sudo-1.9.17p2/plugins/sudoers/cvtsudoers_csv.c:720:8: branch_true: following ‘true’ branch...
sudo-1.9.17p2/plugins/sudoers/cvtsudoers_csv.c:721:26: acquire_memory: allocated here
sudo-1.9.17p2/plugins/sudoers/cvtsudoers_csv.c:721:12: branch_false: following ‘false’ branch...
sudo-1.9.17p2/plugins/sudoers/cvtsudoers_csv.c:728:10: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/cvtsudoers_csv.c:728:8: branch_false: following ‘false’ branch...
sudo-1.9.17p2/plugins/sudoers/cvtsudoers_csv.c:735:10: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/cvtsudoers_csv.c:735:8: branch_false: following ‘false’ branch...
sudo-1.9.17p2/plugins/sudoers/cvtsudoers_csv.c:735:35: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/cvtsudoers_csv.c:735:9: branch_true: following ‘true’ branch...
sudo-1.9.17p2/plugins/sudoers/cvtsudoers_csv.c:736:14: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/cvtsudoers_csv.c:736:14: call_function: calling ‘print_aliases_csv’ from ‘convert_sudoers_csv’
#  433|   
#  434|       /* print_alias_csv() does not modify parse_tree. */
#  435|->     if (!alias_apply((struct sudoers_parse_tree *)parse_tree, print_alias_csv,
#  436|   	    fp)) {
#  437|   	debug_return_bool(false);

Error: GCC_ANALYZER_WARNING (CWE-775): [#def196]
sudo-1.9.17p2/plugins/sudoers/cvtsudoers_csv.c:749:11: warning[-Wanalyzer-file-leak]: leak of FILE ‘output_fp’
sudo-1.9.17p2/plugins/sudoers/cvtsudoers_csv.c:720:8: branch_true: following ‘true’ branch...
sudo-1.9.17p2/plugins/sudoers/cvtsudoers_csv.c:721:26: acquire_resource: opened here
sudo-1.9.17p2/plugins/sudoers/cvtsudoers_csv.c:721:12: branch_false: following ‘false’ branch...
sudo-1.9.17p2/plugins/sudoers/cvtsudoers_csv.c:728:10: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/cvtsudoers_csv.c:728:8: branch_false: following ‘false’ branch...
sudo-1.9.17p2/plugins/sudoers/cvtsudoers_csv.c:735:10: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/cvtsudoers_csv.c:742:8: branch_false: following ‘false’ branch...
sudo-1.9.17p2/plugins/sudoers/cvtsudoers_csv.c:748:1: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/cvtsudoers_csv.c:749:11: danger: ‘output_fp’ leaks here; was opened at [(3)](sarif:/runs/0/results/6/codeFlows/0/threadFlows/0/locations/2)
#  747|   
#  748|   cleanup:
#  749|->     (void)fflush(output_fp);
#  750|       if (ferror(output_fp)) {
#  751|   	sudo_warn("%s", output_file);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def197]
sudo-1.9.17p2/plugins/sudoers/cvtsudoers_csv.c:749:11: warning[-Wanalyzer-malloc-leak]: leak of ‘output_fp’
sudo-1.9.17p2/plugins/sudoers/cvtsudoers_csv.c:720:8: branch_true: following ‘true’ branch...
sudo-1.9.17p2/plugins/sudoers/cvtsudoers_csv.c:721:26: acquire_memory: allocated here
sudo-1.9.17p2/plugins/sudoers/cvtsudoers_csv.c:721:12: branch_false: following ‘false’ branch...
sudo-1.9.17p2/plugins/sudoers/cvtsudoers_csv.c:728:10: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/cvtsudoers_csv.c:728:8: branch_false: following ‘false’ branch...
sudo-1.9.17p2/plugins/sudoers/cvtsudoers_csv.c:735:10: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/cvtsudoers_csv.c:742:8: branch_false: following ‘false’ branch...
sudo-1.9.17p2/plugins/sudoers/cvtsudoers_csv.c:748:1: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/cvtsudoers_csv.c:749:11: danger: ‘output_fp’ leaks here; was allocated at [(3)](sarif:/runs/0/results/7/codeFlows/0/threadFlows/0/locations/2)
#  747|   
#  748|   cleanup:
#  749|->     (void)fflush(output_fp);
#  750|       if (ferror(output_fp)) {
#  751|   	sudo_warn("%s", output_file);

Error: GCC_ANALYZER_WARNING (CWE-775): [#def198]
sudo-1.9.17p2/plugins/sudoers/cvtsudoers_csv.c:751:9: warning[-Wanalyzer-file-leak]: leak of FILE ‘output_fp’
sudo-1.9.17p2/plugins/sudoers/cvtsudoers_csv.c:720:8: branch_true: following ‘true’ branch...
sudo-1.9.17p2/plugins/sudoers/cvtsudoers_csv.c:721:26: acquire_resource: opened here
sudo-1.9.17p2/plugins/sudoers/cvtsudoers_csv.c:721:12: branch_false: following ‘false’ branch...
sudo-1.9.17p2/plugins/sudoers/cvtsudoers_csv.c:728:10: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/cvtsudoers_csv.c:728:8: branch_false: following ‘false’ branch...
sudo-1.9.17p2/plugins/sudoers/cvtsudoers_csv.c:735:10: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/cvtsudoers_csv.c:742:8: branch_false: following ‘false’ branch...
sudo-1.9.17p2/plugins/sudoers/cvtsudoers_csv.c:748:1: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/cvtsudoers_csv.c:750:8: branch_true: following ‘true’ branch...
sudo-1.9.17p2/plugins/sudoers/cvtsudoers_csv.c:751:9: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/cvtsudoers_csv.c:751:9: danger: ‘output_fp’ leaks here; was opened at [(3)](sarif:/runs/0/results/8/codeFlows/0/threadFlows/0/locations/2)
#  749|       (void)fflush(output_fp);
#  750|       if (ferror(output_fp)) {
#  751|-> 	sudo_warn("%s", output_file);
#  752|   	ret = false;
#  753|       }

Error: GCC_ANALYZER_WARNING (CWE-401): [#def199]
sudo-1.9.17p2/plugins/sudoers/cvtsudoers_csv.c:751:9: warning[-Wanalyzer-malloc-leak]: leak of ‘output_fp’
sudo-1.9.17p2/plugins/sudoers/cvtsudoers_csv.c:720:8: branch_true: following ‘true’ branch...
sudo-1.9.17p2/plugins/sudoers/cvtsudoers_csv.c:721:26: acquire_memory: allocated here
sudo-1.9.17p2/plugins/sudoers/cvtsudoers_csv.c:721:12: branch_false: following ‘false’ branch...
sudo-1.9.17p2/plugins/sudoers/cvtsudoers_csv.c:728:10: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/cvtsudoers_csv.c:728:8: branch_false: following ‘false’ branch...
sudo-1.9.17p2/plugins/sudoers/cvtsudoers_csv.c:735:10: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/cvtsudoers_csv.c:742:8: branch_false: following ‘false’ branch...
sudo-1.9.17p2/plugins/sudoers/cvtsudoers_csv.c:748:1: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/cvtsudoers_csv.c:750:8: branch_true: following ‘true’ branch...
sudo-1.9.17p2/plugins/sudoers/cvtsudoers_csv.c:751:9: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/cvtsudoers_csv.c:751:9: danger: ‘output_fp’ leaks here; was allocated at [(3)](sarif:/runs/0/results/9/codeFlows/0/threadFlows/0/locations/2)
#  749|       (void)fflush(output_fp);
#  750|       if (ferror(output_fp)) {
#  751|-> 	sudo_warn("%s", output_file);
#  752|   	ret = false;
#  753|       }

Error: GCC_ANALYZER_WARNING (CWE-775): [#def200]
sudo-1.9.17p2/plugins/sudoers/cvtsudoers_csv.c:757:5: warning[-Wanalyzer-file-leak]: leak of FILE ‘output_fp’
sudo-1.9.17p2/plugins/sudoers/cvtsudoers_csv.c:720:8: branch_true: following ‘true’ branch...
sudo-1.9.17p2/plugins/sudoers/cvtsudoers_csv.c:721:26: acquire_resource: opened here
sudo-1.9.17p2/plugins/sudoers/cvtsudoers_csv.c:721:12: branch_false: following ‘false’ branch...
sudo-1.9.17p2/plugins/sudoers/cvtsudoers_csv.c:728:10: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/cvtsudoers_csv.c:728:8: branch_false: following ‘false’ branch...
sudo-1.9.17p2/plugins/sudoers/cvtsudoers_csv.c:735:10: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/cvtsudoers_csv.c:742:8: branch_false: following ‘false’ branch...
sudo-1.9.17p2/plugins/sudoers/cvtsudoers_csv.c:748:1: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/cvtsudoers_csv.c:754:8: branch_false: following ‘false’ branch...
sudo-1.9.17p2/plugins/sudoers/cvtsudoers_csv.c:757:5: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/cvtsudoers_csv.c:757:5: danger: ‘output_fp’ leaks here; was opened at [(3)](sarif:/runs/0/results/12/codeFlows/0/threadFlows/0/locations/2)
#  755|   	fclose(output_fp);
#  756|   
#  757|->     debug_return_bool(ret);
#  758|   }

Error: GCC_ANALYZER_WARNING (CWE-401): [#def201]
sudo-1.9.17p2/plugins/sudoers/cvtsudoers_csv.c:757:5: warning[-Wanalyzer-malloc-leak]: leak of ‘output_fp’
sudo-1.9.17p2/plugins/sudoers/cvtsudoers_csv.c:720:8: branch_true: following ‘true’ branch...
sudo-1.9.17p2/plugins/sudoers/cvtsudoers_csv.c:721:26: acquire_memory: allocated here
sudo-1.9.17p2/plugins/sudoers/cvtsudoers_csv.c:721:12: branch_false: following ‘false’ branch...
sudo-1.9.17p2/plugins/sudoers/cvtsudoers_csv.c:728:10: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/cvtsudoers_csv.c:728:8: branch_false: following ‘false’ branch...
sudo-1.9.17p2/plugins/sudoers/cvtsudoers_csv.c:735:10: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/cvtsudoers_csv.c:742:8: branch_false: following ‘false’ branch...
sudo-1.9.17p2/plugins/sudoers/cvtsudoers_csv.c:748:1: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/cvtsudoers_csv.c:754:8: branch_false: following ‘false’ branch...
sudo-1.9.17p2/plugins/sudoers/cvtsudoers_csv.c:757:5: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/cvtsudoers_csv.c:757:5: danger: ‘output_fp’ leaks here; was allocated at [(3)](sarif:/runs/0/results/13/codeFlows/0/threadFlows/0/locations/2)
#  755|   	fclose(output_fp);
#  756|   
#  757|->     debug_return_bool(ret);
#  758|   }

Error: GCC_ANALYZER_WARNING (CWE-775): [#def202]
sudo-1.9.17p2/plugins/sudoers/cvtsudoers_json.c:1040:10: warning[-Wanalyzer-file-leak]: leak of FILE ‘output_fp’
sudo-1.9.17p2/plugins/sudoers/cvtsudoers_json.c:1032:8: branch_true: following ‘true’ branch (when the strings are non-equal)...
sudo-1.9.17p2/plugins/sudoers/cvtsudoers_json.c:1033:26: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/cvtsudoers_json.c:1033:26: acquire_resource: opened here
sudo-1.9.17p2/plugins/sudoers/cvtsudoers_json.c:1033:12: branch_false: following ‘false’ branch...
sudo-1.9.17p2/plugins/sudoers/cvtsudoers_json.c:1040:10: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/cvtsudoers_json.c:1040:10: danger: ‘output_fp’ leaks here; was opened at [(3)](sarif:/runs/0/results/0/codeFlows/0/threadFlows/0/locations/2)
# 1038|   
# 1039|       /* 4 space indent, non-compact, exit on memory allocation failure. */
# 1040|->     if (!sudo_json_init(&jsonc, 4, false, false, false)) {
# 1041|   	sudo_warnx(U_("%s: %s"), __func__, U_("unable to allocate memory"));
# 1042|   	goto cleanup;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def203]
sudo-1.9.17p2/plugins/sudoers/cvtsudoers_json.c:1040:10: warning[-Wanalyzer-malloc-leak]: leak of ‘output_fp’
sudo-1.9.17p2/plugins/sudoers/cvtsudoers_json.c:1032:8: branch_true: following ‘true’ branch (when the strings are non-equal)...
sudo-1.9.17p2/plugins/sudoers/cvtsudoers_json.c:1033:26: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/cvtsudoers_json.c:1033:26: acquire_memory: allocated here
sudo-1.9.17p2/plugins/sudoers/cvtsudoers_json.c:1033:12: branch_false: following ‘false’ branch...
sudo-1.9.17p2/plugins/sudoers/cvtsudoers_json.c:1040:10: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/cvtsudoers_json.c:1040:10: danger: ‘output_fp’ leaks here; was allocated at [(3)](sarif:/runs/0/results/1/codeFlows/0/threadFlows/0/locations/2)
# 1038|   
# 1039|       /* 4 space indent, non-compact, exit on memory allocation failure. */
# 1040|->     if (!sudo_json_init(&jsonc, 4, false, false, false)) {
# 1041|   	sudo_warnx(U_("%s: %s"), __func__, U_("unable to allocate memory"));
# 1042|   	goto cleanup;

Error: GCC_ANALYZER_WARNING (CWE-775): [#def204]
sudo-1.9.17p2/plugins/sudoers/cvtsudoers_json.c:1041:9: warning[-Wanalyzer-file-leak]: leak of FILE ‘output_fp’
sudo-1.9.17p2/plugins/sudoers/cvtsudoers_json.c:1032:8: branch_true: following ‘true’ branch (when the strings are non-equal)...
sudo-1.9.17p2/plugins/sudoers/cvtsudoers_json.c:1033:26: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/cvtsudoers_json.c:1033:26: acquire_resource: opened here
sudo-1.9.17p2/plugins/sudoers/cvtsudoers_json.c:1033:12: branch_false: following ‘false’ branch...
sudo-1.9.17p2/plugins/sudoers/cvtsudoers_json.c:1040:10: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/cvtsudoers_json.c:1040:8: branch_false: following ‘false’ branch...
sudo-1.9.17p2/plugins/sudoers/cvtsudoers_json.c:1041:9: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/cvtsudoers_json.c:1041:9: danger: ‘output_fp’ leaks here; was opened at [(3)](sarif:/runs/0/results/2/codeFlows/0/threadFlows/0/locations/2)
# 1039|       /* 4 space indent, non-compact, exit on memory allocation failure. */
# 1040|       if (!sudo_json_init(&jsonc, 4, false, false, false)) {
# 1041|-> 	sudo_warnx(U_("%s: %s"), __func__, U_("unable to allocate memory"));
# 1042|   	goto cleanup;
# 1043|       }

Error: GCC_ANALYZER_WARNING (CWE-401): [#def205]
sudo-1.9.17p2/plugins/sudoers/cvtsudoers_json.c:1041:9: warning[-Wanalyzer-malloc-leak]: leak of ‘output_fp’
sudo-1.9.17p2/plugins/sudoers/cvtsudoers_json.c:1032:8: branch_true: following ‘true’ branch (when the strings are non-equal)...
sudo-1.9.17p2/plugins/sudoers/cvtsudoers_json.c:1033:26: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/cvtsudoers_json.c:1033:26: acquire_memory: allocated here
sudo-1.9.17p2/plugins/sudoers/cvtsudoers_json.c:1033:12: branch_false: following ‘false’ branch...
sudo-1.9.17p2/plugins/sudoers/cvtsudoers_json.c:1040:10: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/cvtsudoers_json.c:1040:8: branch_false: following ‘false’ branch...
sudo-1.9.17p2/plugins/sudoers/cvtsudoers_json.c:1041:9: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/cvtsudoers_json.c:1041:9: danger: ‘output_fp’ leaks here; was allocated at [(3)](sarif:/runs/0/results/3/codeFlows/0/threadFlows/0/locations/2)
# 1039|       /* 4 space indent, non-compact, exit on memory allocation failure. */
# 1040|       if (!sudo_json_init(&jsonc, 4, false, false, false)) {
# 1041|-> 	sudo_warnx(U_("%s: %s"), __func__, U_("unable to allocate memory"));
# 1042|   	goto cleanup;
# 1043|       }

Error: GCC_ANALYZER_WARNING (CWE-401): [#def206]
sudo-1.9.17p2/plugins/sudoers/cvtsudoers_ldif.c:266:15: warning[-Wanalyzer-malloc-leak]: leak of ‘cp’
sudo-1.9.17p2/plugins/sudoers/cvtsudoers_ldif.c:350:1: enter_function: entry to ‘print_cmndspec_ldif’
sudo-1.9.17p2/plugins/sudoers/cvtsudoers_ldif.c:362:8: branch_true: following ‘true’ branch...
sudo-1.9.17p2/plugins/sudoers/cvtsudoers_ldif.c:363:9: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/cvtsudoers_ldif.c:363:9: branch_true: following ‘true’ branch (when ‘m’ is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/cvtsudoers_ldif.c:364:70: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/cvtsudoers_ldif.c:364:18: call_function: calling ‘print_member_ldif’ from ‘print_cmndspec_ldif’
#  264|       cp = buf;
#  265|       TAILQ_FOREACH(digest, &c->digests, entries) {
#  266|-> 	len = snprintf(cp, bufsiz - (size_t)(cp - buf), "%s:%s%s ", 
#  267|   	    digest_type_to_name(digest->digest_type), digest->digest_str,
#  268|   	    TAILQ_NEXT(digest, entries) ? "," : "");

Error: GCC_ANALYZER_WARNING (CWE-401): [#def207]
sudo-1.9.17p2/plugins/sudoers/cvtsudoers_ldif.c:581:12: warning[-Wanalyzer-malloc-leak]: leak of ‘cn’
sudo-1.9.17p2/plugins/sudoers/cvtsudoers_ldif.c:572:15: acquire_memory: allocated here
sudo-1.9.17p2/plugins/sudoers/cvtsudoers_ldif.c:572:8: branch_false: following ‘false’ branch (when ‘cn’ is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/cvtsudoers_ldif.c:580:5: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/cvtsudoers_ldif.c:581:12: danger: ‘cn’ leaks here; was allocated at [(1)](sarif:/runs/0/results/1/codeFlows/0/threadFlows/0/locations/0)
#  579|        */
#  580|       key.name = user;
#  581|->     node = rbfind(seen_users, &key);
#  582|       if (node != NULL) {
#  583|   	su = node->data;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def208]
sudo-1.9.17p2/plugins/sudoers/cvtsudoers_ldif.c:586:13: warning[-Wanalyzer-malloc-leak]: leak of ‘cn’
sudo-1.9.17p2/plugins/sudoers/cvtsudoers_ldif.c:572:15: acquire_memory: allocated here
sudo-1.9.17p2/plugins/sudoers/cvtsudoers_ldif.c:572:8: branch_false: following ‘false’ branch (when ‘cn’ is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/cvtsudoers_ldif.c:580:5: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/cvtsudoers_ldif.c:582:8: branch_false: following ‘false’ branch...
sudo-1.9.17p2/plugins/sudoers/cvtsudoers_ldif.c:585:19: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/cvtsudoers_ldif.c:585:12: branch_true: following ‘true’ branch (when ‘su’ is NULL)...
sudo-1.9.17p2/plugins/sudoers/cvtsudoers_ldif.c:586:13: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/cvtsudoers_ldif.c:586:13: danger: ‘cn’ leaks here; was allocated at [(1)](sarif:/runs/0/results/2/codeFlows/0/threadFlows/0/locations/0)
#  584|       } else {
#  585|   	if ((su = malloc(sizeof(*su))) == NULL) {
#  586|-> 	    sudo_warnx(U_("%s: %s"), __func__, U_("unable to allocate memory"));
#  587|   	    goto bad;
#  588|   	}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def209]
sudo-1.9.17p2/plugins/sudoers/cvtsudoers_ldif.c:591:13: warning[-Wanalyzer-malloc-leak]: leak of ‘cn’
sudo-1.9.17p2/plugins/sudoers/cvtsudoers_ldif.c:572:15: acquire_memory: allocated here
sudo-1.9.17p2/plugins/sudoers/cvtsudoers_ldif.c:572:8: branch_false: following ‘false’ branch (when ‘cn’ is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/cvtsudoers_ldif.c:580:5: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/cvtsudoers_ldif.c:582:8: branch_false: following ‘false’ branch...
sudo-1.9.17p2/plugins/sudoers/cvtsudoers_ldif.c:585:19: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/cvtsudoers_ldif.c:585:12: branch_false: following ‘false’ branch (when ‘su’ is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/cvtsudoers_ldif.c:589:9: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/cvtsudoers_ldif.c:590:12: branch_true: following ‘true’ branch...
sudo-1.9.17p2/plugins/sudoers/cvtsudoers_ldif.c:591:13: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/cvtsudoers_ldif.c:591:13: danger: ‘cn’ leaks here; was allocated at [(1)](sarif:/runs/0/results/8/codeFlows/0/threadFlows/0/locations/0)
#  589|   	su->count = 0;
#  590|   	if ((su->name = strdup(user)) == NULL) {
#  591|-> 	    sudo_warnx(U_("%s: %s"), __func__, U_("unable to allocate memory"));
#  592|   	    goto bad;
#  593|   	}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def210]
sudo-1.9.17p2/plugins/sudoers/cvtsudoers_ldif.c:591:13: warning[-Wanalyzer-malloc-leak]: leak of ‘su’
sudo-1.9.17p2/plugins/sudoers/cvtsudoers_ldif.c:572:8: branch_false: following ‘false’ branch (when ‘cn’ is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/cvtsudoers_ldif.c:580:5: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/cvtsudoers_ldif.c:582:8: branch_false: following ‘false’ branch...
sudo-1.9.17p2/plugins/sudoers/cvtsudoers_ldif.c:585:19: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/cvtsudoers_ldif.c:585:19: acquire_memory: allocated here
sudo-1.9.17p2/plugins/sudoers/cvtsudoers_ldif.c:585:12: branch_false: following ‘false’ branch (when ‘su’ is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/cvtsudoers_ldif.c:589:9: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/cvtsudoers_ldif.c:590:12: branch_true: following ‘true’ branch...
sudo-1.9.17p2/plugins/sudoers/cvtsudoers_ldif.c:591:13: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/cvtsudoers_ldif.c:591:13: danger: ‘su’ leaks here; was allocated at [(5)](sarif:/runs/0/results/9/codeFlows/0/threadFlows/0/locations/4)
#  589|   	su->count = 0;
#  590|   	if ((su->name = strdup(user)) == NULL) {
#  591|-> 	    sudo_warnx(U_("%s: %s"), __func__, U_("unable to allocate memory"));
#  592|   	    goto bad;
#  593|   	}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def211]
sudo-1.9.17p2/plugins/sudoers/cvtsudoers_ldif.c:594:13: warning[-Wanalyzer-malloc-leak]: leak of ‘<unknown>’
sudo-1.9.17p2/plugins/sudoers/cvtsudoers_ldif.c:572:8: branch_false: following ‘false’ branch (when ‘cn’ is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/cvtsudoers_ldif.c:580:5: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/cvtsudoers_ldif.c:582:8: branch_false: following ‘false’ branch...
sudo-1.9.17p2/plugins/sudoers/cvtsudoers_ldif.c:585:19: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/cvtsudoers_ldif.c:585:12: branch_false: following ‘false’ branch (when ‘su’ is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/cvtsudoers_ldif.c:589:9: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/cvtsudoers_ldif.c:590:25: acquire_memory: allocated here
sudo-1.9.17p2/plugins/sudoers/cvtsudoers_ldif.c:590:12: branch_false: following ‘false’ branch...
sudo-1.9.17p2/plugins/sudoers/cvtsudoers_ldif.c:594:13: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/cvtsudoers_ldif.c:594:13: danger: ‘<unknown>’ leaks here; was allocated at [(7)](sarif:/runs/0/results/21/codeFlows/0/threadFlows/0/locations/6)
#  592|   	    goto bad;
#  593|   	}
#  594|-> 	if (rbinsert(seen_users, su, NULL) != 0) {
#  595|   	    sudo_warnx(U_("internal error, unable insert user %s"), user);
#  596|   	    goto bad;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def212]
sudo-1.9.17p2/plugins/sudoers/cvtsudoers_ldif.c:594:13: warning[-Wanalyzer-malloc-leak]: leak of ‘cn’
sudo-1.9.17p2/plugins/sudoers/cvtsudoers_ldif.c:572:15: acquire_memory: allocated here
sudo-1.9.17p2/plugins/sudoers/cvtsudoers_ldif.c:572:8: branch_false: following ‘false’ branch (when ‘cn’ is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/cvtsudoers_ldif.c:580:5: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/cvtsudoers_ldif.c:582:8: branch_false: following ‘false’ branch...
sudo-1.9.17p2/plugins/sudoers/cvtsudoers_ldif.c:585:19: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/cvtsudoers_ldif.c:585:12: branch_false: following ‘false’ branch (when ‘su’ is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/cvtsudoers_ldif.c:589:9: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/cvtsudoers_ldif.c:590:12: branch_false: following ‘false’ branch...
sudo-1.9.17p2/plugins/sudoers/cvtsudoers_ldif.c:594:13: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/cvtsudoers_ldif.c:594:13: danger: ‘cn’ leaks here; was allocated at [(1)](sarif:/runs/0/results/20/codeFlows/0/threadFlows/0/locations/0)
#  592|   	    goto bad;
#  593|   	}
#  594|-> 	if (rbinsert(seen_users, su, NULL) != 0) {
#  595|   	    sudo_warnx(U_("internal error, unable insert user %s"), user);
#  596|   	    goto bad;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def213]
sudo-1.9.17p2/plugins/sudoers/cvtsudoers_ldif.c:594:13: warning[-Wanalyzer-malloc-leak]: leak of ‘su’
sudo-1.9.17p2/plugins/sudoers/cvtsudoers_ldif.c:572:8: branch_false: following ‘false’ branch (when ‘cn’ is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/cvtsudoers_ldif.c:580:5: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/cvtsudoers_ldif.c:582:8: branch_false: following ‘false’ branch...
sudo-1.9.17p2/plugins/sudoers/cvtsudoers_ldif.c:585:19: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/cvtsudoers_ldif.c:585:19: acquire_memory: allocated here
sudo-1.9.17p2/plugins/sudoers/cvtsudoers_ldif.c:585:12: branch_false: following ‘false’ branch (when ‘su’ is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/cvtsudoers_ldif.c:589:9: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/cvtsudoers_ldif.c:590:12: branch_false: following ‘false’ branch...
sudo-1.9.17p2/plugins/sudoers/cvtsudoers_ldif.c:594:13: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/cvtsudoers_ldif.c:594:13: danger: ‘su’ leaks here; was allocated at [(5)](sarif:/runs/0/results/22/codeFlows/0/threadFlows/0/locations/4)
#  592|   	    goto bad;
#  593|   	}
#  594|-> 	if (rbinsert(seen_users, su, NULL) != 0) {
#  595|   	    sudo_warnx(U_("internal error, unable insert user %s"), user);
#  596|   	    goto bad;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def214]
sudo-1.9.17p2/plugins/sudoers/cvtsudoers_ldif.c:595:13: warning[-Wanalyzer-malloc-leak]: leak of ‘cn’
sudo-1.9.17p2/plugins/sudoers/cvtsudoers_ldif.c:572:15: acquire_memory: allocated here
sudo-1.9.17p2/plugins/sudoers/cvtsudoers_ldif.c:572:8: branch_false: following ‘false’ branch (when ‘cn’ is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/cvtsudoers_ldif.c:580:5: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/cvtsudoers_ldif.c:582:8: branch_false: following ‘false’ branch...
sudo-1.9.17p2/plugins/sudoers/cvtsudoers_ldif.c:585:19: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/cvtsudoers_ldif.c:585:12: branch_false: following ‘false’ branch (when ‘su’ is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/cvtsudoers_ldif.c:589:9: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/cvtsudoers_ldif.c:590:12: branch_false: following ‘false’ branch...
sudo-1.9.17p2/plugins/sudoers/cvtsudoers_ldif.c:594:13: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/cvtsudoers_ldif.c:594:12: branch_true: following ‘true’ branch...
sudo-1.9.17p2/plugins/sudoers/cvtsudoers_ldif.c:595:13: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/cvtsudoers_ldif.c:595:13: danger: ‘cn’ leaks here; was allocated at [(1)](sarif:/runs/0/results/23/codeFlows/0/threadFlows/0/locations/0)
#  593|   	}
#  594|   	if (rbinsert(seen_users, su, NULL) != 0) {
#  595|-> 	    sudo_warnx(U_("internal error, unable insert user %s"), user);
#  596|   	    goto bad;
#  597|   	}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def215]
sudo-1.9.17p2/plugins/sudoers/cvtsudoers_ldif.c:634:5: warning[-Wanalyzer-malloc-leak]: leak of ‘dst’
sudo-1.9.17p2/plugins/sudoers/cvtsudoers_ldif.c:572:15: acquire_memory: allocated here
sudo-1.9.17p2/plugins/sudoers/cvtsudoers_ldif.c:572:8: branch_false: following ‘false’ branch (when ‘cn’ is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/cvtsudoers_ldif.c:580:5: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/cvtsudoers_ldif.c:601:32: branch_false: following ‘false’ branch...
sudo-1.9.17p2/plugins/sudoers/cvtsudoers_ldif.c:622:5: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/cvtsudoers_ldif.c:625:8: branch_false: following ‘false’ branch...
sudo-1.9.17p2/plugins/sudoers/cvtsudoers_ldif.c:632:5: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/cvtsudoers_ldif.c:634:5: danger: ‘dst’ leaks here; was allocated at [(1)](sarif:/runs/0/results/27/codeFlows/0/threadFlows/0/locations/0)
#  632|       su->count++;
#  633|   
#  634|->     debug_return_str(cn);
#  635|   bad:
#  636|       if (su != NULL && su->count == 0)

Error: GCC_ANALYZER_WARNING (CWE-775): [#def216]
sudo-1.9.17p2/plugins/sudoers/cvtsudoers_ldif.c:759:18: warning[-Wanalyzer-file-leak]: leak of FILE ‘output_fp’
sudo-1.9.17p2/plugins/sudoers/cvtsudoers_ldif.c:746:8: branch_false: following ‘false’ branch...
sudo-1.9.17p2/plugins/sudoers/cvtsudoers_ldif.c:751:8: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/cvtsudoers_ldif.c:751:8: branch_true: following ‘true’ branch...
sudo-1.9.17p2/plugins/sudoers/cvtsudoers_ldif.c:752:26: acquire_resource: opened here
sudo-1.9.17p2/plugins/sudoers/cvtsudoers_ldif.c:752:12: branch_false: following ‘false’ branch...
sudo-1.9.17p2/plugins/sudoers/cvtsudoers_ldif.c:759:18: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/cvtsudoers_ldif.c:759:18: danger: ‘output_fp’ leaks here; was opened at [(5)](sarif:/runs/0/results/28/codeFlows/0/threadFlows/0/locations/4)
#  757|   
#  758|       /* Create a dictionary of already-seen users. */
#  759|->     seen_users = rbcreate(seen_user_compare);
#  760|       if (seen_users == NULL) {
#  761|   	sudo_warnx(U_("%s: %s"), __func__, U_("unable to allocate memory"));

Error: GCC_ANALYZER_WARNING (CWE-401): [#def217]
sudo-1.9.17p2/plugins/sudoers/cvtsudoers_ldif.c:759:18: warning[-Wanalyzer-malloc-leak]: leak of ‘output_fp’
sudo-1.9.17p2/plugins/sudoers/cvtsudoers_ldif.c:746:8: branch_false: following ‘false’ branch...
sudo-1.9.17p2/plugins/sudoers/cvtsudoers_ldif.c:751:8: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/cvtsudoers_ldif.c:751:8: branch_true: following ‘true’ branch...
sudo-1.9.17p2/plugins/sudoers/cvtsudoers_ldif.c:752:26: acquire_memory: allocated here
sudo-1.9.17p2/plugins/sudoers/cvtsudoers_ldif.c:752:12: branch_false: following ‘false’ branch...
sudo-1.9.17p2/plugins/sudoers/cvtsudoers_ldif.c:759:18: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/cvtsudoers_ldif.c:759:18: danger: ‘output_fp’ leaks here; was allocated at [(5)](sarif:/runs/0/results/29/codeFlows/0/threadFlows/0/locations/4)
#  757|   
#  758|       /* Create a dictionary of already-seen users. */
#  759|->     seen_users = rbcreate(seen_user_compare);
#  760|       if (seen_users == NULL) {
#  761|   	sudo_warnx(U_("%s: %s"), __func__, U_("unable to allocate memory"));

Error: GCC_ANALYZER_WARNING (CWE-775): [#def218]
sudo-1.9.17p2/plugins/sudoers/cvtsudoers_ldif.c:761:9: warning[-Wanalyzer-file-leak]: leak of FILE ‘output_fp’
sudo-1.9.17p2/plugins/sudoers/cvtsudoers_ldif.c:746:8: branch_false: following ‘false’ branch...
sudo-1.9.17p2/plugins/sudoers/cvtsudoers_ldif.c:751:8: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/cvtsudoers_ldif.c:751:8: branch_true: following ‘true’ branch...
sudo-1.9.17p2/plugins/sudoers/cvtsudoers_ldif.c:752:26: acquire_resource: opened here
sudo-1.9.17p2/plugins/sudoers/cvtsudoers_ldif.c:752:12: branch_false: following ‘false’ branch...
sudo-1.9.17p2/plugins/sudoers/cvtsudoers_ldif.c:759:18: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/cvtsudoers_ldif.c:760:8: branch_true: following ‘true’ branch...
sudo-1.9.17p2/plugins/sudoers/cvtsudoers_ldif.c:761:9: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/cvtsudoers_ldif.c:761:9: danger: ‘output_fp’ leaks here; was opened at [(5)](sarif:/runs/0/results/30/codeFlows/0/threadFlows/0/locations/4)
#  759|       seen_users = rbcreate(seen_user_compare);
#  760|       if (seen_users == NULL) {
#  761|-> 	sudo_warnx(U_("%s: %s"), __func__, U_("unable to allocate memory"));
#  762|   	goto cleanup;
#  763|       }

Error: GCC_ANALYZER_WARNING (CWE-401): [#def219]
sudo-1.9.17p2/plugins/sudoers/cvtsudoers_ldif.c:761:9: warning[-Wanalyzer-malloc-leak]: leak of ‘output_fp’
sudo-1.9.17p2/plugins/sudoers/cvtsudoers_ldif.c:746:8: branch_false: following ‘false’ branch...
sudo-1.9.17p2/plugins/sudoers/cvtsudoers_ldif.c:751:8: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/cvtsudoers_ldif.c:751:8: branch_true: following ‘true’ branch...
sudo-1.9.17p2/plugins/sudoers/cvtsudoers_ldif.c:752:26: acquire_memory: allocated here
sudo-1.9.17p2/plugins/sudoers/cvtsudoers_ldif.c:752:12: branch_false: following ‘false’ branch...
sudo-1.9.17p2/plugins/sudoers/cvtsudoers_ldif.c:759:18: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/cvtsudoers_ldif.c:760:8: branch_true: following ‘true’ branch...
sudo-1.9.17p2/plugins/sudoers/cvtsudoers_ldif.c:761:9: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/cvtsudoers_ldif.c:761:9: danger: ‘output_fp’ leaks here; was allocated at [(5)](sarif:/runs/0/results/31/codeFlows/0/threadFlows/0/locations/4)
#  759|       seen_users = rbcreate(seen_user_compare);
#  760|       if (seen_users == NULL) {
#  761|-> 	sudo_warnx(U_("%s: %s"), __func__, U_("unable to allocate memory"));
#  762|   	goto cleanup;
#  763|       }

Error: GCC_ANALYZER_WARNING (CWE-775): [#def220]
sudo-1.9.17p2/plugins/sudoers/cvtsudoers_ldif.c:781:9: warning[-Wanalyzer-file-leak]: leak of FILE ‘output_fp’
sudo-1.9.17p2/plugins/sudoers/cvtsudoers_ldif.c:746:8: branch_false: following ‘false’ branch...
sudo-1.9.17p2/plugins/sudoers/cvtsudoers_ldif.c:751:8: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/cvtsudoers_ldif.c:751:8: branch_true: following ‘true’ branch...
sudo-1.9.17p2/plugins/sudoers/cvtsudoers_ldif.c:752:26: acquire_resource: opened here
sudo-1.9.17p2/plugins/sudoers/cvtsudoers_ldif.c:752:12: branch_false: following ‘false’ branch...
sudo-1.9.17p2/plugins/sudoers/cvtsudoers_ldif.c:759:18: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/cvtsudoers_ldif.c:766:8: branch_false: following ‘false’ branch...
sudo-1.9.17p2/plugins/sudoers/cvtsudoers_ldif.c:772:10: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/cvtsudoers_ldif.c:772:8: branch_false: following ‘false’ branch...
 branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/cvtsudoers_ldif.c:780:8: branch_true: following ‘true’ branch...
sudo-1.9.17p2/plugins/sudoers/cvtsudoers_ldif.c:781:9: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/cvtsudoers_ldif.c:781:9: danger: ‘output_fp’ leaks here; was opened at [(5)](sarif:/runs/0/results/42/codeFlows/0/threadFlows/0/locations/4)
#  779|   cleanup:
#  780|       if (seen_users != NULL)
#  781|-> 	rbdestroy(seen_users, seen_user_free);
#  782|   
#  783|       (void)fflush(output_fp);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def221]
sudo-1.9.17p2/plugins/sudoers/cvtsudoers_ldif.c:781:9: warning[-Wanalyzer-malloc-leak]: leak of ‘output_fp’
sudo-1.9.17p2/plugins/sudoers/cvtsudoers_ldif.c:746:8: branch_false: following ‘false’ branch...
sudo-1.9.17p2/plugins/sudoers/cvtsudoers_ldif.c:751:8: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/cvtsudoers_ldif.c:751:8: branch_true: following ‘true’ branch...
sudo-1.9.17p2/plugins/sudoers/cvtsudoers_ldif.c:752:26: acquire_memory: allocated here
sudo-1.9.17p2/plugins/sudoers/cvtsudoers_ldif.c:752:12: branch_false: following ‘false’ branch...
sudo-1.9.17p2/plugins/sudoers/cvtsudoers_ldif.c:759:18: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/cvtsudoers_ldif.c:766:8: branch_false: following ‘false’ branch...
sudo-1.9.17p2/plugins/sudoers/cvtsudoers_ldif.c:772:10: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/cvtsudoers_ldif.c:772:8: branch_false: following ‘false’ branch...
 branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/cvtsudoers_ldif.c:780:8: branch_true: following ‘true’ branch...
sudo-1.9.17p2/plugins/sudoers/cvtsudoers_ldif.c:781:9: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/cvtsudoers_ldif.c:781:9: danger: ‘output_fp’ leaks here; was allocated at [(5)](sarif:/runs/0/results/43/codeFlows/0/threadFlows/0/locations/4)
#  779|   cleanup:
#  780|       if (seen_users != NULL)
#  781|-> 	rbdestroy(seen_users, seen_user_free);
#  782|   
#  783|       (void)fflush(output_fp);

Error: GCC_ANALYZER_WARNING (CWE-775): [#def222]
sudo-1.9.17p2/plugins/sudoers/cvtsudoers_ldif.c:783:11: warning[-Wanalyzer-file-leak]: leak of FILE ‘output_fp’
sudo-1.9.17p2/plugins/sudoers/cvtsudoers_ldif.c:746:8: branch_false: following ‘false’ branch...
sudo-1.9.17p2/plugins/sudoers/cvtsudoers_ldif.c:751:8: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/cvtsudoers_ldif.c:751:8: branch_true: following ‘true’ branch...
sudo-1.9.17p2/plugins/sudoers/cvtsudoers_ldif.c:752:26: acquire_resource: opened here
sudo-1.9.17p2/plugins/sudoers/cvtsudoers_ldif.c:752:12: branch_false: following ‘false’ branch...
sudo-1.9.17p2/plugins/sudoers/cvtsudoers_ldif.c:759:18: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/cvtsudoers_ldif.c:766:8: branch_false: following ‘false’ branch...
sudo-1.9.17p2/plugins/sudoers/cvtsudoers_ldif.c:772:10: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/cvtsudoers_ldif.c:772:8: branch_false: following ‘false’ branch...
 branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/cvtsudoers_ldif.c:783:11: danger: ‘output_fp’ leaks here; was opened at [(5)](sarif:/runs/0/results/44/codeFlows/0/threadFlows/0/locations/4)
#  781|   	rbdestroy(seen_users, seen_user_free);
#  782|   
#  783|->     (void)fflush(output_fp);
#  784|       if (ferror(output_fp)) {
#  785|   	sudo_warn("%s", output_file);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def223]
sudo-1.9.17p2/plugins/sudoers/cvtsudoers_ldif.c:783:11: warning[-Wanalyzer-malloc-leak]: leak of ‘output_fp’
sudo-1.9.17p2/plugins/sudoers/cvtsudoers_ldif.c:746:8: branch_false: following ‘false’ branch...
sudo-1.9.17p2/plugins/sudoers/cvtsudoers_ldif.c:751:8: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/cvtsudoers_ldif.c:751:8: branch_true: following ‘true’ branch...
sudo-1.9.17p2/plugins/sudoers/cvtsudoers_ldif.c:752:26: acquire_memory: allocated here
sudo-1.9.17p2/plugins/sudoers/cvtsudoers_ldif.c:752:12: branch_false: following ‘false’ branch...
sudo-1.9.17p2/plugins/sudoers/cvtsudoers_ldif.c:759:18: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/cvtsudoers_ldif.c:766:8: branch_false: following ‘false’ branch...
sudo-1.9.17p2/plugins/sudoers/cvtsudoers_ldif.c:772:10: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/cvtsudoers_ldif.c:772:8: branch_false: following ‘false’ branch...
 branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/cvtsudoers_ldif.c:783:11: danger: ‘output_fp’ leaks here; was allocated at [(5)](sarif:/runs/0/results/45/codeFlows/0/threadFlows/0/locations/4)
#  781|   	rbdestroy(seen_users, seen_user_free);
#  782|   
#  783|->     (void)fflush(output_fp);
#  784|       if (ferror(output_fp)) {
#  785|   	sudo_warn("%s", output_file);

Error: GCC_ANALYZER_WARNING (CWE-775): [#def224]
sudo-1.9.17p2/plugins/sudoers/cvtsudoers_ldif.c:785:9: warning[-Wanalyzer-file-leak]: leak of FILE ‘output_fp’
sudo-1.9.17p2/plugins/sudoers/cvtsudoers_ldif.c:746:8: branch_false: following ‘false’ branch...
sudo-1.9.17p2/plugins/sudoers/cvtsudoers_ldif.c:751:8: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/cvtsudoers_ldif.c:751:8: branch_true: following ‘true’ branch...
sudo-1.9.17p2/plugins/sudoers/cvtsudoers_ldif.c:752:26: acquire_resource: opened here
sudo-1.9.17p2/plugins/sudoers/cvtsudoers_ldif.c:752:12: branch_false: following ‘false’ branch...
sudo-1.9.17p2/plugins/sudoers/cvtsudoers_ldif.c:759:18: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/cvtsudoers_ldif.c:766:8: branch_false: following ‘false’ branch...
sudo-1.9.17p2/plugins/sudoers/cvtsudoers_ldif.c:772:10: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/cvtsudoers_ldif.c:772:8: branch_false: following ‘false’ branch...
 branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/cvtsudoers_ldif.c:784:8: branch_true: following ‘true’ branch...
sudo-1.9.17p2/plugins/sudoers/cvtsudoers_ldif.c:785:9: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/cvtsudoers_ldif.c:785:9: danger: ‘output_fp’ leaks here; was opened at [(5)](sarif:/runs/0/results/46/codeFlows/0/threadFlows/0/locations/4)
#  783|       (void)fflush(output_fp);
#  784|       if (ferror(output_fp)) {
#  785|-> 	sudo_warn("%s", output_file);
#  786|   	ret = false;
#  787|       }

Error: GCC_ANALYZER_WARNING (CWE-401): [#def225]
sudo-1.9.17p2/plugins/sudoers/cvtsudoers_ldif.c:785:9: warning[-Wanalyzer-malloc-leak]: leak of ‘output_fp’
sudo-1.9.17p2/plugins/sudoers/cvtsudoers_ldif.c:746:8: branch_false: following ‘false’ branch...
sudo-1.9.17p2/plugins/sudoers/cvtsudoers_ldif.c:751:8: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/cvtsudoers_ldif.c:751:8: branch_true: following ‘true’ branch...
sudo-1.9.17p2/plugins/sudoers/cvtsudoers_ldif.c:752:26: acquire_memory: allocated here
sudo-1.9.17p2/plugins/sudoers/cvtsudoers_ldif.c:752:12: branch_false: following ‘false’ branch...
sudo-1.9.17p2/plugins/sudoers/cvtsudoers_ldif.c:759:18: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/cvtsudoers_ldif.c:766:8: branch_false: following ‘false’ branch...
sudo-1.9.17p2/plugins/sudoers/cvtsudoers_ldif.c:772:10: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/cvtsudoers_ldif.c:772:8: branch_false: following ‘false’ branch...
 branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/cvtsudoers_ldif.c:784:8: branch_true: following ‘true’ branch...
sudo-1.9.17p2/plugins/sudoers/cvtsudoers_ldif.c:785:9: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/cvtsudoers_ldif.c:785:9: danger: ‘output_fp’ leaks here; was allocated at [(5)](sarif:/runs/0/results/47/codeFlows/0/threadFlows/0/locations/4)
#  783|       (void)fflush(output_fp);
#  784|       if (ferror(output_fp)) {
#  785|-> 	sudo_warn("%s", output_file);
#  786|   	ret = false;
#  787|       }

Error: GCC_ANALYZER_WARNING (CWE-775): [#def226]
sudo-1.9.17p2/plugins/sudoers/cvtsudoers_ldif.c:791:5: warning[-Wanalyzer-file-leak]: leak of FILE ‘output_fp’
sudo-1.9.17p2/plugins/sudoers/cvtsudoers_ldif.c:746:8: branch_false: following ‘false’ branch...
sudo-1.9.17p2/plugins/sudoers/cvtsudoers_ldif.c:751:8: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/cvtsudoers_ldif.c:751:8: branch_true: following ‘true’ branch...
sudo-1.9.17p2/plugins/sudoers/cvtsudoers_ldif.c:752:26: acquire_resource: opened here
sudo-1.9.17p2/plugins/sudoers/cvtsudoers_ldif.c:752:12: branch_false: following ‘false’ branch...
sudo-1.9.17p2/plugins/sudoers/cvtsudoers_ldif.c:759:18: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/cvtsudoers_ldif.c:766:8: branch_false: following ‘false’ branch...
sudo-1.9.17p2/plugins/sudoers/cvtsudoers_ldif.c:772:10: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/cvtsudoers_ldif.c:772:8: branch_false: following ‘false’ branch...
 branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/cvtsudoers_ldif.c:788:8: branch_false: following ‘false’ branch...
sudo-1.9.17p2/plugins/sudoers/cvtsudoers_ldif.c:791:5: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/cvtsudoers_ldif.c:791:5: danger: ‘output_fp’ leaks here; was opened at [(5)](sarif:/runs/0/results/50/codeFlows/0/threadFlows/0/locations/4)
#  789|   	fclose(output_fp);
#  790|   
#  791|->     debug_return_bool(ret);
#  792|   }

Error: GCC_ANALYZER_WARNING (CWE-401): [#def227]
sudo-1.9.17p2/plugins/sudoers/cvtsudoers_ldif.c:791:5: warning[-Wanalyzer-malloc-leak]: leak of ‘output_fp’
sudo-1.9.17p2/plugins/sudoers/cvtsudoers_ldif.c:746:8: branch_false: following ‘false’ branch...
sudo-1.9.17p2/plugins/sudoers/cvtsudoers_ldif.c:751:8: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/cvtsudoers_ldif.c:751:8: branch_true: following ‘true’ branch...
sudo-1.9.17p2/plugins/sudoers/cvtsudoers_ldif.c:752:26: acquire_memory: allocated here
sudo-1.9.17p2/plugins/sudoers/cvtsudoers_ldif.c:752:12: branch_false: following ‘false’ branch...
sudo-1.9.17p2/plugins/sudoers/cvtsudoers_ldif.c:759:18: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/cvtsudoers_ldif.c:766:8: branch_false: following ‘false’ branch...
sudo-1.9.17p2/plugins/sudoers/cvtsudoers_ldif.c:772:10: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/cvtsudoers_ldif.c:772:8: branch_false: following ‘false’ branch...
 branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/cvtsudoers_ldif.c:788:8: branch_false: following ‘false’ branch...
sudo-1.9.17p2/plugins/sudoers/cvtsudoers_ldif.c:791:5: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/cvtsudoers_ldif.c:791:5: danger: ‘output_fp’ leaks here; was allocated at [(5)](sarif:/runs/0/results/51/codeFlows/0/threadFlows/0/locations/4)
#  789|   	fclose(output_fp);
#  790|   
#  791|->     debug_return_bool(ret);
#  792|   }

Error: GCC_ANALYZER_WARNING (CWE-401): [#def228]
sudo-1.9.17p2/plugins/sudoers/cvtsudoers_merge.c:55:5: warning[-Wanalyzer-malloc-leak]: leak of ‘<unknown>’
sudo-1.9.17p2/plugins/sudoers/cvtsudoers_merge.c:886:1: enter_function: entry to ‘merge_defaults’
sudo-1.9.17p2/plugins/sudoers/cvtsudoers_merge.c:894:5: branch_true: following ‘true’ branch (when ‘parse_tree’ is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/cvtsudoers_merge.c:899:9: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/cvtsudoers_merge.c:899:9: branch_true: following ‘true’ branch (when ‘def’ is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/cvtsudoers_merge.c:900:17: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/cvtsudoers_merge.c:900:16: branch_true: following ‘true’ branch...
sudo-1.9.17p2/plugins/sudoers/cvtsudoers_merge.c:901:21: call_function: calling ‘new_member’ from ‘merge_defaults’
#   53|       m->type = type;
#   54|   
#   55|->     debug_return_ptr(m);
#   56|   oom:
#   57|       sudo_warnx(U_("%s: %s"), __func__, U_("unable to allocate memory"));

Error: GCC_ANALYZER_WARNING (CWE-401): [#def229]
sudo-1.9.17p2/plugins/sudoers/cvtsudoers_merge.c:55:5: warning[-Wanalyzer-malloc-leak]: leak of ‘m’
sudo-1.9.17p2/plugins/sudoers/cvtsudoers_merge.c:886:1: enter_function: entry to ‘merge_defaults’
sudo-1.9.17p2/plugins/sudoers/cvtsudoers_merge.c:894:5: branch_true: following ‘true’ branch (when ‘parse_tree’ is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/cvtsudoers_merge.c:899:9: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/cvtsudoers_merge.c:899:9: branch_true: following ‘true’ branch (when ‘def’ is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/cvtsudoers_merge.c:900:17: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/cvtsudoers_merge.c:900:16: branch_true: following ‘true’ branch...
sudo-1.9.17p2/plugins/sudoers/cvtsudoers_merge.c:901:21: call_function: calling ‘new_member’ from ‘merge_defaults’
#   53|       m->type = type;
#   54|   
#   55|->     debug_return_ptr(m);
#   56|   oom:
#   57|       sudo_warnx(U_("%s: %s"), __func__, U_("unable to allocate memory"));

Error: GCC_ANALYZER_WARNING (CWE-401): [#def230]
sudo-1.9.17p2/plugins/sudoers/cvtsudoers_merge.c:57:5: warning[-Wanalyzer-malloc-leak]: leak of ‘m’
sudo-1.9.17p2/plugins/sudoers/cvtsudoers_merge.c:886:1: enter_function: entry to ‘merge_defaults’
sudo-1.9.17p2/plugins/sudoers/cvtsudoers_merge.c:894:5: branch_true: following ‘true’ branch (when ‘parse_tree’ is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/cvtsudoers_merge.c:899:9: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/cvtsudoers_merge.c:899:9: branch_true: following ‘true’ branch (when ‘def’ is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/cvtsudoers_merge.c:900:17: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/cvtsudoers_merge.c:900:16: branch_true: following ‘true’ branch...
sudo-1.9.17p2/plugins/sudoers/cvtsudoers_merge.c:901:21: call_function: calling ‘new_member’ from ‘merge_defaults’
#   55|       debug_return_ptr(m);
#   56|   oom:
#   57|->     sudo_warnx(U_("%s: %s"), __func__, U_("unable to allocate memory"));
#   58|       free(m);
#   59|       debug_return_ptr(NULL);

Error: CPPCHECK_WARNING (CWE-457): [#def231]
sudo-1.9.17p2/plugins/sudoers/cvtsudoers_merge.c:1258: error[legacyUninitvar]: Uninitialized variable: bound_hosts
# 1256|       struct sudoers_parse_tree *merged_tree)
# 1257|   {
# 1258|->     struct member_list bound_hosts = TAILQ_HEAD_INITIALIZER(bound_hosts);
# 1259|       struct sudoers_parse_tree *parse_tree;
# 1260|       debug_decl(merge_sudoers, SUDOERS_DEBUG_UTIL);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def232]
sudo-1.9.17p2/plugins/sudoers/cvtsudoers_pwutil.c:330:29: warning[-Wanalyzer-malloc-leak]: leak of ‘gids’
sudo-1.9.17p2/plugins/sudoers/cvtsudoers_pwutil.c:307:8: branch_false: following ‘false’ branch...
sudo-1.9.17p2/plugins/sudoers/cvtsudoers_pwutil.c:313:5: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/cvtsudoers_pwutil.c:319:8: branch_true: following ‘true’ branch (when ‘ngids != 0’)...
sudo-1.9.17p2/plugins/sudoers/cvtsudoers_pwutil.c:320:16: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/cvtsudoers_pwutil.c:320:16: acquire_memory: allocated here
sudo-1.9.17p2/plugins/sudoers/cvtsudoers_pwutil.c:321:12: branch_false: following ‘false’ branch (when ‘gids’ is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/cvtsudoers_pwutil.c:327:9: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/cvtsudoers_pwutil.c:327:9: branch_true: following ‘true’ branch (when ‘s’ is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/cvtsudoers_pwutil.c:328:17: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/cvtsudoers_pwutil.c:328:16: branch_true: following ‘true’ branch...
sudo-1.9.17p2/plugins/sudoers/cvtsudoers_pwutil.c:330:29: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/cvtsudoers_pwutil.c:330:29: danger: ‘gids’ leaks here; was allocated at [(5)](sarif:/runs/0/results/0/codeFlows/0/threadFlows/0/locations/4)
#  328|   	    if (s->str[0] == '#') {
#  329|   		const char *errstr;
#  330|-> 		gid_t gid = sudo_strtoid(s->str + 1, &errstr);
#  331|   		if (errstr == NULL) {
#  332|   		    /* Valid gid. */

Error: GCC_ANALYZER_WARNING (CWE-401): [#def233]
sudo-1.9.17p2/plugins/sudoers/cvtsudoers_pwutil.c:350:9: warning[-Wanalyzer-malloc-leak]: leak of ‘gids’
sudo-1.9.17p2/plugins/sudoers/cvtsudoers_pwutil.c:307:8: branch_false: following ‘false’ branch...
sudo-1.9.17p2/plugins/sudoers/cvtsudoers_pwutil.c:313:5: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/cvtsudoers_pwutil.c:319:8: branch_true: following ‘true’ branch (when ‘ngids != 0’)...
sudo-1.9.17p2/plugins/sudoers/cvtsudoers_pwutil.c:320:16: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/cvtsudoers_pwutil.c:320:16: acquire_memory: allocated here
sudo-1.9.17p2/plugins/sudoers/cvtsudoers_pwutil.c:321:12: branch_false: following ‘false’ branch (when ‘gids’ is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/cvtsudoers_pwutil.c:327:9: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/cvtsudoers_pwutil.c:338:8: branch_false: following ‘false’ branch (when ‘ngids != 0’)...
sudo-1.9.17p2/plugins/sudoers/cvtsudoers_pwutil.c:345:20: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/cvtsudoers_pwutil.c:349:8: branch_true: following ‘true’ branch (when ‘glitem’ is NULL)...
sudo-1.9.17p2/plugins/sudoers/cvtsudoers_pwutil.c:350:9: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/cvtsudoers_pwutil.c:350:9: danger: ‘gids’ leaks here; was allocated at [(5)](sarif:/runs/0/results/1/codeFlows/0/threadFlows/0/locations/4)
#  348|   
#  349|       if ((glitem = calloc(1, total)) == NULL) {
#  350|-> 	sudo_debug_printf(SUDO_DEBUG_ERROR|SUDO_DEBUG_LINENO,
#  351|   	    "unable to allocate memory");
#  352|   	free(gids);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def234]
sudo-1.9.17p2/plugins/sudoers/cvtsudoers_pwutil.c:451:13: warning[-Wanalyzer-malloc-leak]: leak of ‘grlitem’
sudo-1.9.17p2/plugins/sudoers/cvtsudoers_pwutil.c:404:8: branch_false: following ‘false’ branch...
sudo-1.9.17p2/plugins/sudoers/cvtsudoers_pwutil.c:411:5: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/cvtsudoers_pwutil.c:421:20: acquire_memory: allocated here
sudo-1.9.17p2/plugins/sudoers/cvtsudoers_pwutil.c:421:8: branch_false: following ‘false’ branch (when ‘grlitem’ is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/cvtsudoers_pwutil.c:432:5: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/cvtsudoers_pwutil.c:448:5: branch_true: following ‘true’ branch (when ‘s’ is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/cvtsudoers_pwutil.c:449:13: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/cvtsudoers_pwutil.c:458:12: branch_true: following ‘true’ branch...
sudo-1.9.17p2/plugins/sudoers/cvtsudoers_pwutil.c:459:22: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/cvtsudoers_pwutil.c:421:20: acquire_memory: allocated here
sudo-1.9.17p2/plugins/sudoers/cvtsudoers_pwutil.c:421:8: branch_false: following ‘false’ branch (when ‘grlitem’ is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/cvtsudoers_pwutil.c:432:5: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/cvtsudoers_pwutil.c:448:5: branch_true: following ‘true’ branch (when ‘s’ is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/cvtsudoers_pwutil.c:449:13: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/cvtsudoers_pwutil.c:451:13: danger: ‘grlitem’ leaks here; was allocated at [(11)](sarif:/runs/0/results/2/codeFlows/0/threadFlows/0/locations/10)
#  449|   	if (s->str[0] == '#') {
#  450|   	    const char *errstr;
#  451|-> 	    sudo_strtoid(s->str + 1, &errstr);
#  452|   	    if (errstr == NULL) {
#  453|   		/* Group ID not name, ignore it. */

Error: GCC_ANALYZER_WARNING (CWE-401): [#def235]
sudo-1.9.17p2/plugins/sudoers/cvtsudoers_pwutil.c:469:5: warning[-Wanalyzer-malloc-leak]: leak of ‘grlitem’
sudo-1.9.17p2/plugins/sudoers/cvtsudoers_pwutil.c:404:8: branch_false: following ‘false’ branch...
sudo-1.9.17p2/plugins/sudoers/cvtsudoers_pwutil.c:411:5: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/cvtsudoers_pwutil.c:421:20: acquire_memory: allocated here
sudo-1.9.17p2/plugins/sudoers/cvtsudoers_pwutil.c:421:8: branch_false: following ‘false’ branch (when ‘grlitem’ is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/cvtsudoers_pwutil.c:432:5: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/cvtsudoers_pwutil.c:448:5: branch_true: following ‘true’ branch (when ‘s’ is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/cvtsudoers_pwutil.c:449:13: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/cvtsudoers_pwutil.c:421:20: acquire_memory: allocated here
sudo-1.9.17p2/plugins/sudoers/cvtsudoers_pwutil.c:421:8: branch_false: following ‘false’ branch (when ‘grlitem’ is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/cvtsudoers_pwutil.c:432:5: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/cvtsudoers_pwutil.c:469:5: danger: ‘grlitem’ leaks here; was allocated at [(9)](sarif:/runs/0/results/3/codeFlows/0/threadFlows/0/locations/8)
#  467|       grlist->ngroups = (int)ngroups;
#  468|   
#  469|->     debug_return_ptr(&grlitem->cache);
#  470|   }

Error: GCC_ANALYZER_WARNING (CWE-404): [#def236]
sudo-1.9.17p2/plugins/sudoers/defaults.c:186:11: warning[-Wanalyzer-va-list-leak]: missing call to 'va_end'
sudo-1.9.17p2/plugins/sudoers/defaults.c:1183:1: enter_function: entry to 'valid_path'
sudo-1.9.17p2/plugins/sudoers/defaults.c:1189:8: branch_true: following 'true' branch...
sudo-1.9.17p2/plugins/sudoers/defaults.c:1191:50: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/defaults.c:1190:9: call_function: calling 'defaults_warnx' from 'valid_path'
#  184|   
#  185|       va_start(ap, fmt);
#  186|->     ret = parser_vwarnx(ctx, file, line, column, true, quiet, fmt, ap);
#  187|       va_end(ap);
#  188|   

Error: GCC_ANALYZER_WARNING (CWE-401): [#def237]
sudo-1.9.17p2/plugins/sudoers/defaults.c:1250:13: warning[-Wanalyzer-malloc-leak]: leak of 'cur'
sudo-1.9.17p2/plugins/sudoers/defaults.c:1219:8: branch_false: following 'false' branch (when 'op != 2')...
sudo-1.9.17p2/plugins/sudoers/defaults.c:1228:5: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/defaults.c:1247:8: branch_true: following 'true' branch (when 'op == 0')...
sudo-1.9.17p2/plugins/sudoers/defaults.c:1248:15: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/defaults.c:1248:15: acquire_memory: allocated here
sudo-1.9.17p2/plugins/sudoers/defaults.c:1249:12: branch_false: following 'false' branch (when 'cur' is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/defaults.c:1249:42: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/defaults.c:1249:13: branch_true: following 'true' branch...
sudo-1.9.17p2/plugins/sudoers/defaults.c:1250:13: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/defaults.c:1250:13: danger: 'cur' leaks here; was allocated at [(5)](sarif:/runs/0/results/1/codeFlows/0/threadFlows/0/locations/4)
# 1248|   	cur = calloc(1, sizeof(struct list_member));
# 1249|   	if (cur == NULL || (cur->value = strndup(str, len)) == NULL) {
# 1250|-> 	    sudo_warnx(U_("%s: %s"), __func__, U_("unable to allocate memory"));
# 1251|   	    free(cur);
# 1252|   	    debug_return_bool(false);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def238]
sudo-1.9.17p2/plugins/sudoers/defaults.c:1279:5: warning[-Wanalyzer-malloc-leak]: leak of '<unknown>'
sudo-1.9.17p2/plugins/sudoers/defaults.c:1266:8: branch_false: following 'false' branch (when 'def' is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/defaults.c:1269:5: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/defaults.c:1271:21: acquire_memory: allocated here
sudo-1.9.17p2/plugins/sudoers/defaults.c:1271:8: branch_false: following 'false' branch...
sudo-1.9.17p2/plugins/sudoers/defaults.c:1274:8: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/defaults.c:1274:8: branch_false: following 'false' branch (when 'val' is NULL)...
sudo-1.9.17p2/plugins/sudoers/defaults.c:1278:5: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/defaults.c:1279:5: danger: '<unknown>' leaks here; was allocated at [(3)](sarif:/runs/0/results/7/codeFlows/0/threadFlows/0/locations/2)
# 1277|       }
# 1278|       def->file = source;
# 1279|->     sudo_rcstr_addref(source);
# 1280|       TAILQ_INSERT_TAIL(defs, def, entries);
# 1281|       debug_return_bool(true);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def239]
sudo-1.9.17p2/plugins/sudoers/defaults.c:1279:5: warning[-Wanalyzer-malloc-leak]: leak of 'def'
sudo-1.9.17p2/plugins/sudoers/defaults.c:1266:16: acquire_memory: allocated here
sudo-1.9.17p2/plugins/sudoers/defaults.c:1266:8: branch_false: following 'false' branch (when 'def' is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/defaults.c:1269:5: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/defaults.c:1271:8: branch_false: following 'false' branch...
sudo-1.9.17p2/plugins/sudoers/defaults.c:1274:8: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/defaults.c:1274:8: branch_false: following 'false' branch (when 'val' is NULL)...
sudo-1.9.17p2/plugins/sudoers/defaults.c:1278:5: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/defaults.c:1279:5: danger: 'def' leaks here; was allocated at [(1)](sarif:/runs/0/results/8/codeFlows/0/threadFlows/0/locations/0)
# 1277|       }
# 1278|       def->file = source;
# 1279|->     sudo_rcstr_addref(source);
# 1280|       TAILQ_INSERT_TAIL(defs, def, entries);
# 1281|       debug_return_bool(true);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def240]
sudo-1.9.17p2/plugins/sudoers/editor.c:104:9: warning[-Wanalyzer-malloc-leak]: leak of 'copy'
sudo-1.9.17p2/plugins/sudoers/editor.c:223:1: enter_function: entry to 'find_editor'
sudo-1.9.17p2/plugins/sudoers/editor.c:238:17: branch_true: following 'true' branch (when 'i != 3')...
sudo-1.9.17p2/plugins/sudoers/editor.c:239:24: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/editor.c:241:12: branch_true: following 'true' branch...
sudo-1.9.17p2/plugins/sudoers/editor.c:243:27: call_function: calling 'resolve_editor' from 'find_editor'
#  102|   
#  103|       if ((copy = malloc(len + 1)) != NULL) {
#  104|-> 	sudoers_gc_add(GC_PTR, copy);
#  105|   	for (dst = copy; src < src_end; ) {
#  106|   	    if (src[0] == '\\' && src[1] != '\0')

Error: GCC_ANALYZER_WARNING (CWE-401): [#def241]
sudo-1.9.17p2/plugins/sudoers/env.c:375:9: warning[-Wanalyzer-malloc-leak]: leak of 'nenvp'
sudo-1.9.17p2/plugins/sudoers/env.c:1149:1: enter_function: entry to 'insert_env_vars'
sudo-1.9.17p2/plugins/sudoers/env.c:1156:8: branch_true: following 'true' branch (when 'envp' is non-NULL)...
 branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/env.c:1157:25: branch_true: following 'true' branch...
sudo-1.9.17p2/plugins/sudoers/env.c:1159:17: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/env.c:1159:17: call_function: calling 'sudo_putenv' from 'insert_env_vars'
#  373|   	    return -1;
#  374|   	}
#  375|-> 	sudoers_gc_add(GC_PTR, nenvp);
#  376|   	env.envp = nenvp;
#  377|   	env.env_size = nsize;

Error: GCC_ANALYZER_WARNING (CWE-775): [#def242]
sudo-1.9.17p2/plugins/sudoers/env.c:1240:5: warning[-Wanalyzer-file-leak]: leak of FILE
sudo-1.9.17p2/plugins/sudoers/env.c:1232:8: branch_true: following 'true' branch (when 'efl' is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/env.c:1233:24: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/env.c:1233:24: acquire_resource: opened here
sudo-1.9.17p2/plugins/sudoers/env.c:1233:12: branch_false: following 'false' branch...
sudo-1.9.17p2/plugins/sudoers/env.c:1240:5: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/env.c:1240:5: danger: leaks here; was opened at [(3)](sarif:/runs/0/results/1/codeFlows/0/threadFlows/0/locations/2)
# 1238|   	}
# 1239|       }
# 1240|->     debug_return_ptr(efl);
# 1241|   }
# 1242|   

Error: GCC_ANALYZER_WARNING (CWE-401): [#def243]
sudo-1.9.17p2/plugins/sudoers/env.c:1240:5: warning[-Wanalyzer-malloc-leak]: leak of '<unknown>'
sudo-1.9.17p2/plugins/sudoers/env.c:1232:8: branch_true: following 'true' branch (when 'efl' is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/env.c:1233:24: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/env.c:1233:24: acquire_memory: allocated here
sudo-1.9.17p2/plugins/sudoers/env.c:1233:12: branch_false: following 'false' branch...
sudo-1.9.17p2/plugins/sudoers/env.c:1240:5: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/env.c:1240:5: danger: '<unknown>' leaks here; was allocated at [(3)](sarif:/runs/0/results/2/codeFlows/0/threadFlows/0/locations/2)
# 1238|   	}
# 1239|       }
# 1240|->     debug_return_ptr(efl);
# 1241|   }
# 1242|   

Error: GCC_ANALYZER_WARNING (CWE-401): [#def244]
sudo-1.9.17p2/plugins/sudoers/env.c:1240:5: warning[-Wanalyzer-malloc-leak]: leak of 'efl'
sudo-1.9.17p2/plugins/sudoers/env.c:1231:11: acquire_memory: allocated here
sudo-1.9.17p2/plugins/sudoers/env.c:1232:8: branch_true: following 'true' branch (when 'efl' is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/env.c:1233:24: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/env.c:1233:12: branch_false: following 'false' branch...
sudo-1.9.17p2/plugins/sudoers/env.c:1240:5: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/env.c:1240:5: danger: 'efl' leaks here; was allocated at [(1)](sarif:/runs/0/results/3/codeFlows/0/threadFlows/0/locations/0)
# 1238|   	}
# 1239|       }
# 1240|->     debug_return_ptr(efl);
# 1241|   }
# 1242|   

Error: GCC_ANALYZER_WARNING (CWE-401): [#def245]
sudo-1.9.17p2/plugins/sudoers/env.c:1415:13: warning[-Wanalyzer-malloc-leak]: leak of 'cur'
sudo-1.9.17p2/plugins/sudoers/env.c:1412:36: branch_true: following 'true' branch...
sudo-1.9.17p2/plugins/sudoers/env.c:1413:15: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/env.c:1413:15: acquire_memory: allocated here
sudo-1.9.17p2/plugins/sudoers/env.c:1414:12: branch_false: following 'false' branch (when 'cur' is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/env.c:1414:42: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/env.c:1414:13: branch_true: following 'true' branch...
sudo-1.9.17p2/plugins/sudoers/env.c:1415:13: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/env.c:1415:13: danger: 'cur' leaks here; was allocated at [(3)](sarif:/runs/0/results/4/codeFlows/0/threadFlows/0/locations/2)
# 1413|   	cur = calloc(1, sizeof(struct list_member));
# 1414|   	if (cur == NULL || (cur->value = strdup(*p)) == NULL) {
# 1415|-> 	    sudo_debug_printf(SUDO_DEBUG_ERROR|SUDO_DEBUG_LINENO,
# 1416|   		"unable to allocate memory");
# 1417|   	    free(cur);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def246]
sudo-1.9.17p2/plugins/sudoers/file.c:75:9: warning[-Wanalyzer-malloc-leak]: leak of 'handle'
sudo-1.9.17p2/plugins/sudoers/file.c:64:8: branch_false: following 'false' branch...
sudo-1.9.17p2/plugins/sudoers/file.c:67:9: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/file.c:73:14: acquire_memory: allocated here
sudo-1.9.17p2/plugins/sudoers/file.c:74:8: branch_true: following 'true' branch (when 'handle' is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/file.c:75:9: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/file.c:75:9: danger: 'handle' leaks here; was allocated at [(3)](sarif:/runs/0/results/0/codeFlows/0/threadFlows/0/locations/2)
#   73|       handle = malloc(sizeof(*handle));
#   74|       if (handle != NULL) {
#   75|-> 	init_parser(ctx, NULL);
#   76|   	handle->fp = open_sudoers(ctx->parser_conf.sudoers_path, &outfile,
#   77|   	    false, NULL);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def247]
sudo-1.9.17p2/plugins/sudoers/file.c:76:22: warning[-Wanalyzer-malloc-leak]: leak of 'handle'
sudo-1.9.17p2/plugins/sudoers/file.c:64:8: branch_false: following 'false' branch...
sudo-1.9.17p2/plugins/sudoers/file.c:67:9: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/file.c:73:14: acquire_memory: allocated here
sudo-1.9.17p2/plugins/sudoers/file.c:74:8: branch_true: following 'true' branch (when 'handle' is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/file.c:75:9: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/file.c:76:22: danger: 'handle' leaks here; was allocated at [(3)](sarif:/runs/0/results/1/codeFlows/0/threadFlows/0/locations/2)
#   74|       if (handle != NULL) {
#   75|   	init_parser(ctx, NULL);
#   76|-> 	handle->fp = open_sudoers(ctx->parser_conf.sudoers_path, &outfile,
#   77|   	    false, NULL);
#   78|   	if (handle->fp != NULL) {

Error: GCC_ANALYZER_WARNING (CWE-401): [#def248]
sudo-1.9.17p2/plugins/sudoers/file.c:79:13: warning[-Wanalyzer-malloc-leak]: leak of 'handle'
sudo-1.9.17p2/plugins/sudoers/file.c:64:8: branch_false: following 'false' branch...
sudo-1.9.17p2/plugins/sudoers/file.c:67:9: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/file.c:73:14: acquire_memory: allocated here
sudo-1.9.17p2/plugins/sudoers/file.c:74:8: branch_true: following 'true' branch (when 'handle' is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/file.c:75:9: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/file.c:78:12: branch_true: following 'true' branch...
sudo-1.9.17p2/plugins/sudoers/file.c:79:13: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/file.c:79:13: danger: 'handle' leaks here; was allocated at [(3)](sarif:/runs/0/results/2/codeFlows/0/threadFlows/0/locations/2)
#   77|   	    false, NULL);
#   78|   	if (handle->fp != NULL) {
#   79|-> 	    init_parse_tree(&handle->parse_tree, NULL, NULL, ctx, nss);
#   80|   	    if (outfile != NULL) {
#   81|   		/* Update path to open sudoers file. */

Error: GCC_ANALYZER_WARNING (CWE-401): [#def249]
sudo-1.9.17p2/plugins/sudoers/filedigest.c:66:9: warning[-Wanalyzer-malloc-leak]: leak of 'fp'
sudo-1.9.17p2/plugins/sudoers/filedigest.c:49:8: branch_false: following 'false' branch...
sudo-1.9.17p2/plugins/sudoers/filedigest.c:54:16: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/filedigest.c:54:8: branch_false: following 'false' branch (when 'fd2 != -1')...
sudo-1.9.17p2/plugins/sudoers/filedigest.c:59:15: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/filedigest.c:59:15: acquire_memory: allocated here
sudo-1.9.17p2/plugins/sudoers/filedigest.c:59:8: branch_false: following 'false' branch (when 'fp' is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/filedigest.c:65:24: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/filedigest.c:65:8: branch_true: following 'true' branch (when 'file_digest' is NULL)...
sudo-1.9.17p2/plugins/sudoers/filedigest.c:66:9: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/filedigest.c:66:9: danger: 'fp' leaks here; was allocated at [(5)](sarif:/runs/0/results/0/codeFlows/0/threadFlows/0/locations/4)
#   64|       }
#   65|       if ((file_digest = malloc(*digest_len)) == NULL) {
#   66|-> 	sudo_warnx(U_("%s: %s"), __func__, U_("unable to allocate memory"));
#   67|   	goto bad;
#   68|       }

Error: GCC_ANALYZER_WARNING (CWE-401): [#def250]
sudo-1.9.17p2/plugins/sudoers/filedigest.c:69:16: warning[-Wanalyzer-malloc-leak]: leak of 'file_digest'
sudo-1.9.17p2/plugins/sudoers/filedigest.c:49:8: branch_false: following 'false' branch...
sudo-1.9.17p2/plugins/sudoers/filedigest.c:54:16: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/filedigest.c:54:8: branch_false: following 'false' branch (when 'fd2 != -1')...
sudo-1.9.17p2/plugins/sudoers/filedigest.c:59:15: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/filedigest.c:59:8: branch_false: following 'false' branch (when 'fp' is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/filedigest.c:65:24: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/filedigest.c:65:24: acquire_memory: allocated here
sudo-1.9.17p2/plugins/sudoers/filedigest.c:65:8: branch_false: following 'false' branch (when 'file_digest' is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/filedigest.c:69:16: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/filedigest.c:69:16: danger: 'file_digest' leaks here; was allocated at [(7)](sarif:/runs/0/results/6/codeFlows/0/threadFlows/0/locations/6)
#   67|   	goto bad;
#   68|       }
#   69|->     if ((dig = sudo_digest_alloc(digest_type)) == NULL) {
#   70|   	sudo_warnx(U_("%s: %s"), __func__, U_("unable to allocate memory"));
#   71|   	goto bad;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def251]
sudo-1.9.17p2/plugins/sudoers/filedigest.c:69:16: warning[-Wanalyzer-malloc-leak]: leak of 'fp'
sudo-1.9.17p2/plugins/sudoers/filedigest.c:49:8: branch_false: following 'false' branch...
sudo-1.9.17p2/plugins/sudoers/filedigest.c:54:16: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/filedigest.c:54:8: branch_false: following 'false' branch (when 'fd2 != -1')...
sudo-1.9.17p2/plugins/sudoers/filedigest.c:59:15: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/filedigest.c:59:15: acquire_memory: allocated here
sudo-1.9.17p2/plugins/sudoers/filedigest.c:59:8: branch_false: following 'false' branch (when 'fp' is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/filedigest.c:65:24: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/filedigest.c:65:8: branch_false: following 'false' branch (when 'file_digest' is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/filedigest.c:69:16: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/filedigest.c:69:16: danger: 'fp' leaks here; was allocated at [(5)](sarif:/runs/0/results/7/codeFlows/0/threadFlows/0/locations/4)
#   67|   	goto bad;
#   68|       }
#   69|->     if ((dig = sudo_digest_alloc(digest_type)) == NULL) {
#   70|   	sudo_warnx(U_("%s: %s"), __func__, U_("unable to allocate memory"));
#   71|   	goto bad;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def252]
sudo-1.9.17p2/plugins/sudoers/filedigest.c:70:9: warning[-Wanalyzer-malloc-leak]: leak of 'file_digest'
sudo-1.9.17p2/plugins/sudoers/filedigest.c:49:8: branch_false: following 'false' branch...
sudo-1.9.17p2/plugins/sudoers/filedigest.c:54:16: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/filedigest.c:54:8: branch_false: following 'false' branch (when 'fd2 != -1')...
sudo-1.9.17p2/plugins/sudoers/filedigest.c:59:15: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/filedigest.c:59:8: branch_false: following 'false' branch (when 'fp' is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/filedigest.c:65:24: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/filedigest.c:65:24: acquire_memory: allocated here
sudo-1.9.17p2/plugins/sudoers/filedigest.c:65:8: branch_false: following 'false' branch (when 'file_digest' is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/filedigest.c:69:16: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/filedigest.c:69:8: branch_true: following 'true' branch...
sudo-1.9.17p2/plugins/sudoers/filedigest.c:70:9: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/filedigest.c:70:9: danger: 'file_digest' leaks here; was allocated at [(7)](sarif:/runs/0/results/9/codeFlows/0/threadFlows/0/locations/6)
#   68|       }
#   69|       if ((dig = sudo_digest_alloc(digest_type)) == NULL) {
#   70|-> 	sudo_warnx(U_("%s: %s"), __func__, U_("unable to allocate memory"));
#   71|   	goto bad;
#   72|       }

Error: GCC_ANALYZER_WARNING (CWE-401): [#def253]
sudo-1.9.17p2/plugins/sudoers/filedigest.c:70:9: warning[-Wanalyzer-malloc-leak]: leak of 'fp'
sudo-1.9.17p2/plugins/sudoers/filedigest.c:49:8: branch_false: following 'false' branch...
sudo-1.9.17p2/plugins/sudoers/filedigest.c:54:16: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/filedigest.c:54:8: branch_false: following 'false' branch (when 'fd2 != -1')...
sudo-1.9.17p2/plugins/sudoers/filedigest.c:59:15: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/filedigest.c:59:15: acquire_memory: allocated here
sudo-1.9.17p2/plugins/sudoers/filedigest.c:59:8: branch_false: following 'false' branch (when 'fp' is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/filedigest.c:65:24: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/filedigest.c:65:8: branch_false: following 'false' branch (when 'file_digest' is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/filedigest.c:69:16: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/filedigest.c:69:8: branch_true: following 'true' branch...
sudo-1.9.17p2/plugins/sudoers/filedigest.c:70:9: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/filedigest.c:70:9: danger: 'fp' leaks here; was allocated at [(5)](sarif:/runs/0/results/8/codeFlows/0/threadFlows/0/locations/4)
#   68|       }
#   69|       if ((dig = sudo_digest_alloc(digest_type)) == NULL) {
#   70|-> 	sudo_warnx(U_("%s: %s"), __func__, U_("unable to allocate memory"));
#   71|   	goto bad;
#   72|       }

Error: GCC_ANALYZER_WARNING (CWE-401): [#def254]
sudo-1.9.17p2/plugins/sudoers/filedigest.c:74:9: warning[-Wanalyzer-malloc-leak]: leak of 'file_digest'
sudo-1.9.17p2/plugins/sudoers/filedigest.c:49:8: branch_false: following 'false' branch...
sudo-1.9.17p2/plugins/sudoers/filedigest.c:54:16: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/filedigest.c:54:8: branch_false: following 'false' branch (when 'fd2 != -1')...
sudo-1.9.17p2/plugins/sudoers/filedigest.c:59:15: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/filedigest.c:59:8: branch_false: following 'false' branch (when 'fp' is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/filedigest.c:65:24: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/filedigest.c:65:24: acquire_memory: allocated here
sudo-1.9.17p2/plugins/sudoers/filedigest.c:65:8: branch_false: following 'false' branch (when 'file_digest' is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/filedigest.c:69:16: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/filedigest.c:69:8: branch_false: following 'false' branch...
 branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/filedigest.c:73:12: branch_true: following 'true' branch...
sudo-1.9.17p2/plugins/sudoers/filedigest.c:74:9: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/filedigest.c:74:9: danger: 'file_digest' leaks here; was allocated at [(7)](sarif:/runs/0/results/20/codeFlows/0/threadFlows/0/locations/6)
#   72|       }
#   73|       while ((nread = fread(buf, 1, sizeof(buf), fp)) != 0) {
#   74|-> 	sudo_digest_update(dig, buf, nread);
#   75|       }
#   76|       if (ferror(fp)) {

Error: GCC_ANALYZER_WARNING (CWE-401): [#def255]
sudo-1.9.17p2/plugins/sudoers/filedigest.c:77:9: warning[-Wanalyzer-malloc-leak]: leak of 'file_digest'
sudo-1.9.17p2/plugins/sudoers/filedigest.c:49:8: branch_false: following 'false' branch...
sudo-1.9.17p2/plugins/sudoers/filedigest.c:54:16: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/filedigest.c:54:8: branch_false: following 'false' branch (when 'fd2 != -1')...
sudo-1.9.17p2/plugins/sudoers/filedigest.c:59:15: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/filedigest.c:59:8: branch_false: following 'false' branch (when 'fp' is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/filedigest.c:65:24: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/filedigest.c:65:24: acquire_memory: allocated here
sudo-1.9.17p2/plugins/sudoers/filedigest.c:65:8: branch_false: following 'false' branch (when 'file_digest' is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/filedigest.c:69:16: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/filedigest.c:69:8: branch_false: following 'false' branch...
 branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/filedigest.c:76:8: branch_true: following 'true' branch...
sudo-1.9.17p2/plugins/sudoers/filedigest.c:77:9: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/filedigest.c:77:9: danger: 'file_digest' leaks here; was allocated at [(7)](sarif:/runs/0/results/21/codeFlows/0/threadFlows/0/locations/6)
#   75|       }
#   76|       if (ferror(fp)) {
#   77|-> 	sudo_warnx(U_("%s: read error"), file);
#   78|   	goto bad;
#   79|       }

Error: GCC_ANALYZER_WARNING (CWE-401): [#def256]
sudo-1.9.17p2/plugins/sudoers/filedigest.c:80:5: warning[-Wanalyzer-malloc-leak]: leak of 'file_digest'
sudo-1.9.17p2/plugins/sudoers/filedigest.c:49:8: branch_false: following 'false' branch...
sudo-1.9.17p2/plugins/sudoers/filedigest.c:54:16: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/filedigest.c:54:8: branch_false: following 'false' branch (when 'fd2 != -1')...
sudo-1.9.17p2/plugins/sudoers/filedigest.c:59:15: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/filedigest.c:59:8: branch_false: following 'false' branch (when 'fp' is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/filedigest.c:65:24: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/filedigest.c:65:24: acquire_memory: allocated here
sudo-1.9.17p2/plugins/sudoers/filedigest.c:65:8: branch_false: following 'false' branch (when 'file_digest' is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/filedigest.c:69:16: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/filedigest.c:69:8: branch_false: following 'false' branch...
 branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/filedigest.c:76:8: branch_false: following 'false' branch...
sudo-1.9.17p2/plugins/sudoers/filedigest.c:80:5: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/filedigest.c:80:5: danger: 'file_digest' leaks here; was allocated at [(7)](sarif:/runs/0/results/25/codeFlows/0/threadFlows/0/locations/6)
#   78|   	goto bad;
#   79|       }
#   80|->     sudo_digest_final(dig, file_digest);
#   81|       sudo_digest_free(dig);
#   82|       fclose(fp);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def257]
sudo-1.9.17p2/plugins/sudoers/filedigest.c:86:5: warning[-Wanalyzer-malloc-leak]: leak of 'file_digest'
sudo-1.9.17p2/plugins/sudoers/filedigest.c:49:8: branch_false: following 'false' branch...
sudo-1.9.17p2/plugins/sudoers/filedigest.c:54:16: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/filedigest.c:54:8: branch_false: following 'false' branch (when 'fd2 != -1')...
sudo-1.9.17p2/plugins/sudoers/filedigest.c:59:15: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/filedigest.c:59:8: branch_false: following 'false' branch (when 'fp' is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/filedigest.c:65:24: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/filedigest.c:65:24: acquire_memory: allocated here
sudo-1.9.17p2/plugins/sudoers/filedigest.c:65:8: branch_false: following 'false' branch (when 'file_digest' is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/filedigest.c:69:16: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/filedigest.c:69:8: branch_true: following 'true' branch...
sudo-1.9.17p2/plugins/sudoers/filedigest.c:70:9: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/filedigest.c:86:5: danger: 'file_digest' leaks here; was allocated at [(7)](sarif:/runs/0/results/27/codeFlows/0/threadFlows/0/locations/6)
#   84|       debug_return_ptr(file_digest);
#   85|   bad:
#   86|->     sudo_digest_free(dig);
#   87|       free(file_digest);
#   88|       if (fp != NULL)

Error: GCC_ANALYZER_WARNING (CWE-401): [#def258]
sudo-1.9.17p2/plugins/sudoers/filedigest.c:86:5: warning[-Wanalyzer-malloc-leak]: leak of 'fp'
sudo-1.9.17p2/plugins/sudoers/filedigest.c:49:8: branch_false: following 'false' branch...
sudo-1.9.17p2/plugins/sudoers/filedigest.c:54:16: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/filedigest.c:54:8: branch_false: following 'false' branch (when 'fd2 != -1')...
sudo-1.9.17p2/plugins/sudoers/filedigest.c:59:15: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/filedigest.c:59:15: acquire_memory: allocated here
sudo-1.9.17p2/plugins/sudoers/filedigest.c:59:8: branch_false: following 'false' branch (when 'fp' is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/filedigest.c:65:24: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/filedigest.c:65:8: branch_true: following 'true' branch (when 'file_digest' is NULL)...
sudo-1.9.17p2/plugins/sudoers/filedigest.c:66:9: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/filedigest.c:86:5: danger: 'fp' leaks here; was allocated at [(5)](sarif:/runs/0/results/26/codeFlows/0/threadFlows/0/locations/4)
#   84|       debug_return_ptr(file_digest);
#   85|   bad:
#   86|->     sudo_digest_free(dig);
#   87|       free(file_digest);
#   88|       if (fp != NULL)

Error: GCC_ANALYZER_WARNING (CWE-457): [#def259]
sudo-1.9.17p2/plugins/sudoers/getdate.c:1151:9: warning[-Wanalyzer-use-of-uninitialized-value]: use of uninitialized value ‘yyss’
sudo-1.9.17p2/plugins/sudoers/getdate.c:1109:6: branch_true: following ‘true’ branch...
sudo-1.9.17p2/plugins/sudoers/getdate.c:1115:28: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/getdate.c:1138:10: branch_false: following ‘false’ branch (when ‘yystacksize <= 9999’)...
sudo-1.9.17p2/plugins/sudoers/getdate.c:1140:7: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/getdate.c:1149:12: branch_false: following ‘false’ branch (when ‘yyptr’ is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/getdate.c:1151:9: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/getdate.c:1151:9: danger: use of uninitialized value ‘yyss’ here
# 1149|   
# 1150|         {
# 1151|->         yy_state_t *yyss1 = yyss;
# 1152|           union yyalloc *yyptr =
# 1153|             YY_CAST (union yyalloc *,

Error: GCC_ANALYZER_WARNING (CWE-457): [#def260]
sudo-1.9.17p2/plugins/sudoers/getdate.c:1278:3: warning[-Wanalyzer-use-of-uninitialized-value]: use of uninitialized value ‘*<unknown>’
sudo-1.9.17p2/plugins/sudoers/getdate.c:1109:6: branch_false: following ‘false’ branch...
sudo-1.9.17p2/plugins/sudoers/getdate.c:1173:6: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/getdate.c:1173:6: branch_false: following ‘false’ branch (when ‘yystate != 2’)...
sudo-1.9.17p2/plugins/sudoers/getdate.c:1176:3: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/getdate.c:1188:6: branch_true: following ‘true’ branch (when ‘yyn == -12’)...
sudo-1.9.17p2/plugins/sudoers/getdate.c:1189:5: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/getdate.c:1258:6: branch_false: following ‘false’ branch (when ‘yyn != 0’)...
sudo-1.9.17p2/plugins/sudoers/getdate.c:1260:3: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/getdate.c:1278:3: danger: use of uninitialized value ‘*<unknown>’ here
# 1276|     /* If YYLEN is nonzero, implement the default value of the action:
# 1277|        '$$ = $1'.
# 1278|-> 
# 1279|        Otherwise, the following line sets YYVAL to garbage.
# 1280|        This behavior is undocumented and Bison

Error: GCC_ANALYZER_WARNING (CWE-404): [#def261]
sudo-1.9.17p2/plugins/sudoers/gram.y:1173:9: warning[-Wanalyzer-va-list-leak]: missing call to 'va_end'
sudo-1.9.17p2/plugins/sudoers/gram.y:1231:1: enter_function: entry to 'sudoerserror'
sudo-1.9.17p2/plugins/sudoers/gram.y:1243:9: call_function: calling 'sudoerserrorf' from 'sudoerserror'
# 1171|       if (sudoers_error_hook != NULL) {
# 1172|   	va_start(ap, fmt);
# 1173|-> 	sudoers_error_hook(parsed_policy.ctx, sudoers, this_lineno, column,
# 1174|   	    fmt, ap);
# 1175|   	va_end(ap);

Error: GCC_ANALYZER_WARNING (CWE-404): [#def262]
sudo-1.9.17p2/plugins/sudoers/gram.y:1200:13: warning[-Wanalyzer-va-list-leak]: missing call to 'va_end'
sudo-1.9.17p2/plugins/sudoers/gram.y:1251:1: enter_function: entry to 'alias_error'
sudo-1.9.17p2/plugins/sudoers/gram.y:1255:12: branch_true: following 'true' branch...
sudo-1.9.17p2/plugins/sudoers/gram.y:1256:13: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/gram.y:1256:13: call_function: calling 'sudoerserrorf' from 'alias_error'
# 1198|   		}
# 1199|   	    }
# 1200|-> 	    sudo_printf(SUDO_CONV_ERROR_MSG, _("%s:%d:%zu: %s\n"), sudoers,
# 1201|   		this_lineno, sudolinebuf.toke_start + 1, s);
# 1202|   	    free(tofree);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def263]
sudo-1.9.17p2/plugins/sudoers/group_plugin.c:225:10: warning[-Wanalyzer-malloc-leak]: leak of 'argv'
sudo-1.9.17p2/plugins/sudoers/group_plugin.c:145:8: branch_true: following 'true' branch (when 'args' is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/group_plugin.c:148:18: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/group_plugin.c:154:8: branch_false: following 'false' branch...
 branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/group_plugin.c:180:8: branch_false: following 'false' branch...
sudo-1.9.17p2/plugins/sudoers/group_plugin.c:185:9: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/group_plugin.c:185:8: branch_false: following 'false' branch...
sudo-1.9.17p2/plugins/sudoers/group_plugin.c:195:8: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/group_plugin.c:195:8: branch_true: following 'true' branch (when 'args' is non-NULL)...
 branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/group_plugin.c:208:12: branch_true: following 'true' branch (when 'ac != 0')...
sudo-1.9.17p2/plugins/sudoers/group_plugin.c:209:39: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/group_plugin.c:209:20: acquire_memory: allocated here
sudo-1.9.17p2/plugins/sudoers/group_plugin.c:210:16: branch_false: following 'false' branch (when 'argv' is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/group_plugin.c:216:18: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/group_plugin.c:225:10: danger: 'argv' leaks here; was allocated at [(13)](sarif:/runs/0/results/0/codeFlows/0/threadFlows/0/locations/12)
#  223|       }
#  224|   
#  225|->     rc = (group_plugin->init)(GROUP_API_VERSION, sudo_printf, argv);
#  226|   
#  227|   done:

Error: GCC_ANALYZER_WARNING (CWE-401): [#def264]
sudo-1.9.17p2/plugins/sudoers/iolog.c:190:5: warning[-Wanalyzer-malloc-leak]: leak of 'copy'
sudo-1.9.17p2/plugins/sudoers/iolog.c:774:1: enter_function: entry to 'sudoers_io_open'
sudo-1.9.17p2/plugins/sudoers/iolog.c:807:8: branch_true: following 'true' branch...
sudo-1.9.17p2/plugins/sudoers/iolog.c:811:8: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/iolog.c:811:8: branch_false: following 'false' branch (when 'argc != 0')...
sudo-1.9.17p2/plugins/sudoers/iolog.c:817:11: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/iolog.c:817:11: call_function: calling 'iolog_deserialize_info' from 'sudoers_io_open'
#  188|       }
#  189|   
#  190|->     debug_return_ptr(copy);
#  191|   }
#  192|   

Error: GCC_ANALYZER_WARNING (CWE-401): [#def265]
sudo-1.9.17p2/plugins/sudoers/iolog.c:243:9: warning[-Wanalyzer-malloc-leak]: leak of '<unknown>'
sudo-1.9.17p2/plugins/sudoers/iolog.c:294:1: enter_function: entry to 'iolog_deserialize_info'
sudo-1.9.17p2/plugins/sudoers/iolog.c:309:8: branch_false: following 'false' branch (when 'evlog' is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/iolog.c:311:5: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/iolog.c:376:30: branch_true: following 'true' branch...
sudo-1.9.17p2/plugins/sudoers/iolog.c:377:17: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/iolog.c:486:16: branch_false: following 'false' branch...
sudo-1.9.17p2/plugins/sudoers/iolog.c:496:17: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/iolog.c:496:16: branch_true: following 'true' branch...
sudo-1.9.17p2/plugins/sudoers/iolog.c:498:21: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/iolog.c:498:21: call_function: calling 'deserialize_stringlist' from 'iolog_deserialize_info'
#  241|   	    goto bad;
#  242|   	}
#  243|-> 	unescape_string(str->str);
#  244|   	STAILQ_INSERT_TAIL(strlist, str, entries);
#  245|       }

Error: GCC_ANALYZER_WARNING (CWE-401): [#def266]
sudo-1.9.17p2/plugins/sudoers/iolog.c:243:9: warning[-Wanalyzer-malloc-leak]: leak of 'str'
sudo-1.9.17p2/plugins/sudoers/iolog.c:294:1: enter_function: entry to 'iolog_deserialize_info'
sudo-1.9.17p2/plugins/sudoers/iolog.c:309:8: branch_false: following 'false' branch (when 'evlog' is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/iolog.c:311:5: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/iolog.c:376:30: branch_true: following 'true' branch...
sudo-1.9.17p2/plugins/sudoers/iolog.c:377:17: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/iolog.c:486:16: branch_false: following 'false' branch...
sudo-1.9.17p2/plugins/sudoers/iolog.c:496:17: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/iolog.c:496:16: branch_true: following 'true' branch...
sudo-1.9.17p2/plugins/sudoers/iolog.c:498:21: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/iolog.c:498:21: call_function: calling 'deserialize_stringlist' from 'iolog_deserialize_info'
#  241|   	    goto bad;
#  242|   	}
#  243|-> 	unescape_string(str->str);
#  244|   	STAILQ_INSERT_TAIL(strlist, str, entries);
#  245|       }

Error: GCC_ANALYZER_WARNING (CWE-401): [#def267]
sudo-1.9.17p2/plugins/sudoers/iolog.c:270:9: warning[-Wanalyzer-malloc-leak]: leak of 'str'
sudo-1.9.17p2/plugins/sudoers/iolog.c:294:1: enter_function: entry to 'iolog_deserialize_info'
sudo-1.9.17p2/plugins/sudoers/iolog.c:309:8: branch_false: following 'false' branch (when 'evlog' is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/iolog.c:311:5: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/iolog.c:376:30: branch_true: following 'true' branch...
sudo-1.9.17p2/plugins/sudoers/iolog.c:377:17: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/iolog.c:562:16: branch_true: following 'true' branch...
sudo-1.9.17p2/plugins/sudoers/iolog.c:563:17: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/iolog.c:565:21: call_function: calling 'set_passprompt_regex' from 'iolog_deserialize_info'
#  268|       str = strdup(cstr);
#  269|       if (handle == NULL || str == NULL) {
#  270|-> 	sudo_warnx(U_("%s: %s"), __func__, U_("unable to allocate memory"));
#  271|   	goto bad;
#  272|       }

Error: CPPCHECK_WARNING (CWE-457): [#def268]
sudo-1.9.17p2/plugins/sudoers/iolog.c:780: error[legacyUninitvar]: Uninitialized variable: debug_files
#  778|       const char **errstr)
#  779|   {
#  780|->     struct sudo_conf_debug_file_list debug_files = TAILQ_HEAD_INITIALIZER(debug_files);
#  781|       char * const *cur;
#  782|       const char *cp, *plugin_path = NULL;

Error: GCC_ANALYZER_WARNING (CWE-124): [#def269]
sudo-1.9.17p2/plugins/sudoers/ldap.c:169:9: warning[-Wanalyzer-out-of-bounds]: heap-based buffer underwrite
sudo-1.9.17p2/plugins/sudoers/ldap.c:1559:1: enter_function: entry to 'sudo_ldap_open'
sudo-1.9.17p2/plugins/sudoers/ldap.c:1573:8: branch_true: following 'true' branch...
sudo-1.9.17p2/plugins/sudoers/ldap.c:1577:9: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap.c:1583:8: branch_false: following 'false' branch...
sudo-1.9.17p2/plugins/sudoers/ldap.c:1588:10: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap.c:1588:8: branch_true: following 'true' branch...
sudo-1.9.17p2/plugins/sudoers/ldap.c:1589:21: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap.c:1589:21: call_function: calling 'sudo_ldap_join_uri' from 'sudo_ldap_open'
#  167|   	    *cp++ = ' ';
#  168|   	}
#  169|-> 	cp[-1] = '\0';
#  170|       }
#  171|       debug_return_str(buf);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def270]
sudo-1.9.17p2/plugins/sudoers/ldap.c:171:5: warning[-Wanalyzer-malloc-leak]: leak of 'buf'
sudo-1.9.17p2/plugins/sudoers/ldap.c:1559:1: enter_function: entry to 'sudo_ldap_open'
sudo-1.9.17p2/plugins/sudoers/ldap.c:1573:8: branch_true: following 'true' branch...
sudo-1.9.17p2/plugins/sudoers/ldap.c:1577:9: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap.c:1583:8: branch_false: following 'false' branch...
sudo-1.9.17p2/plugins/sudoers/ldap.c:1588:10: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap.c:1588:8: branch_true: following 'true' branch...
sudo-1.9.17p2/plugins/sudoers/ldap.c:1589:21: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap.c:1589:21: call_function: calling 'sudo_ldap_join_uri' from 'sudo_ldap_open'
#  169|   	cp[-1] = '\0';
#  170|       }
#  171|->     debug_return_str(buf);
#  172|   }
#  173|   #endif /* HAVE_LDAP_INITIALIZE */

Error: GCC_ANALYZER_WARNING (CWE-401): [#def271]
sudo-1.9.17p2/plugins/sudoers/ldap.c:532:9: warning[-Wanalyzer-malloc-leak]: leak of 'sudo_debug_ret'
sudo-1.9.17p2/plugins/sudoers/ldap.c:1662:1: enter_function: entry to 'sudo_ldap_getdefs'
sudo-1.9.17p2/plugins/sudoers/ldap.c:1673:8: branch_false: following 'false' branch (when 'handle' is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/ldap.c:1680:9: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap.c:1680:8: branch_false: following 'false' branch...
sudo-1.9.17p2/plugins/sudoers/ldap.c:1683:12: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap.c:1683:12: call_function: calling 'sudo_ldap_build_default_filter' from 'sudo_ldap_getdefs'
#  530|   
#  531|       if (!ldap_conf.search_filter)
#  532|-> 	debug_return_str(strdup("cn=defaults"));
#  533|   
#  534|       if (asprintf(&filt, "(&%s(cn=defaults))", ldap_conf.search_filter) == -1)

Error: GCC_ANALYZER_WARNING (CWE-401): [#def272]
sudo-1.9.17p2/plugins/sudoers/ldap.c:899:5: warning[-Wanalyzer-malloc-leak]: leak of 'notbuf'
sudo-1.9.17p2/plugins/sudoers/ldap.c:864:8: branch_false: following 'false' branch...
 branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap.c:881:14: acquire_memory: allocated here
sudo-1.9.17p2/plugins/sudoers/ldap.c:882:8: branch_false: following 'false' branch...
sudo-1.9.17p2/plugins/sudoers/ldap.c:884:5: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap.c:898:5: branch_false: following 'false' branch...
sudo-1.9.17p2/plugins/sudoers/ldap.c:899:5: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap.c:899:5: danger: 'notbuf' leaks here; was allocated at [(3)](sarif:/runs/0/results/3/codeFlows/0/threadFlows/0/locations/2)
#  897|       /* Global OR + sudoUser=user_name filter */
#  898|       CHECK_STRLCAT(buf, "(|(sudoUser=", sz);
#  899|->     CHECK_LDAP_VCAT(buf, pw->pw_name, sz);
#  900|       CHECK_STRLCAT(buf, ")", sz);
#  901|       CHECK_STRLCAT(notbuf, "(sudoUser=!", sz);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def273]
sudo-1.9.17p2/plugins/sudoers/ldap.c:1003:5: warning[-Wanalyzer-malloc-leak]: leak of 'notbuf'
sudo-1.9.17p2/plugins/sudoers/ldap.c:864:8: branch_false: following 'false' branch...
 branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap.c:881:14: acquire_memory: allocated here
sudo-1.9.17p2/plugins/sudoers/ldap.c:882:8: branch_false: following 'false' branch...
sudo-1.9.17p2/plugins/sudoers/ldap.c:884:5: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap.c:1003:5: danger: 'notbuf' leaks here; was allocated at [(3)](sarif:/runs/0/results/4/codeFlows/0/threadFlows/0/locations/2)
# 1001|       debug_return_str(buf);
# 1002|   overflow:
# 1003|->     sudo_warnx(U_("internal error, %s overflow"), __func__);
# 1004|       if (ng != NULL) {
# 1005|   	/* Overflow while traversing netgroups. */

Error: GCC_ANALYZER_WARNING (CWE-401): [#def274]
sudo-1.9.17p2/plugins/sudoers/ldap.c:1187:16: warning[-Wanalyzer-malloc-leak]: leak of 'us'
sudo-1.9.17p2/plugins/sudoers/ldap.c:1185:15: acquire_memory: allocated here
sudo-1.9.17p2/plugins/sudoers/ldap.c:1185:8: branch_false: following 'false' branch (when 'us' is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/ldap.c:1187:16: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap.c:1187:16: danger: 'us' leaks here; was allocated at [(1)](sarif:/runs/0/results/8/codeFlows/0/threadFlows/0/locations/0)
# 1185|       if ((us = calloc(1, sizeof(*us))) == NULL)
# 1186|   	goto oom;
# 1187|->     us->file = sudo_rcstr_dup("LDAP");
# 1188|       TAILQ_INIT(&us->users);
# 1189|       TAILQ_INIT(&us->privileges);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def275]
sudo-1.9.17p2/plugins/sudoers/ldap.c:1385:5: warning[-Wanalyzer-malloc-leak]: leak of 'result'
sudo-1.9.17p2/plugins/sudoers/ldap.c:1381:14: acquire_memory: allocated here
sudo-1.9.17p2/plugins/sudoers/ldap.c:1382:8: branch_true: following 'true' branch (when 'result' is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/ldap.c:1383:9: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap.c:1385:5: danger: 'result' leaks here; was allocated at [(1)](sarif:/runs/0/results/9/codeFlows/0/threadFlows/0/locations/0)
# 1383|   	STAILQ_INIT(&result->searches);
# 1384|   
# 1385|->     debug_return_ptr(result);
# 1386|   }
# 1387|   

Error: GCC_ANALYZER_WARNING (CWE-401): [#def276]
sudo-1.9.17p2/plugins/sudoers/ldap_conf.c:337:19: warning[-Wanalyzer-malloc-leak]: leak of 'result'
sudo-1.9.17p2/plugins/sudoers/ldap_conf.c:326:8: branch_true: following 'true' branch...
sudo-1.9.17p2/plugins/sudoers/ldap_conf.c:331:9: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_conf.c:333:18: acquire_memory: allocated here
sudo-1.9.17p2/plugins/sudoers/ldap_conf.c:334:12: branch_false: following 'false' branch (when 'result' is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/ldap_conf.c:337:19: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_conf.c:337:19: danger: 'result' leaks here; was allocated at [(3)](sarif:/runs/0/results/0/codeFlows/0/threadFlows/0/locations/2)
#  335|   	    sudo_warnx(U_("%s: %s"), __func__, U_("unable to allocate memory"));
#  336|   	} else {
#  337|-> 	    len = base64_decode(secret, result, reslen);
#  338|   	    if (len == (size_t)-1) {
#  339|   		free(result);

Error: GCC_ANALYZER_WARNING (CWE-775): [#def277]
sudo-1.9.17p2/plugins/sudoers/ldap_conf.c:359:15: warning[-Wanalyzer-file-leak]: leak of FILE 'fopen(path, "r")'
sudo-1.9.17p2/plugins/sudoers/ldap_conf.c:358:15: acquire_resource: opened here
sudo-1.9.17p2/plugins/sudoers/ldap_conf.c:358:8: branch_true: following 'true' branch...
sudo-1.9.17p2/plugins/sudoers/ldap_conf.c:359:15: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_conf.c:359:15: danger: 'fopen(path, "r")' leaks here; was opened at [(1)](sarif:/runs/0/results/1/codeFlows/0/threadFlows/0/locations/0)
#  357|   
#  358|       if ((fp = fopen(path, "r")) != NULL) {
#  359|-> 	len = getdelim(&line, &linesize, '\n', fp);
#  360|   	if (len != -1) {
#  361|   	    /* trim newline */

Error: GCC_ANALYZER_WARNING (CWE-401): [#def278]
sudo-1.9.17p2/plugins/sudoers/ldap_conf.c:359:15: warning[-Wanalyzer-malloc-leak]: leak of 'fopen(path, "r")'
sudo-1.9.17p2/plugins/sudoers/ldap_conf.c:358:15: acquire_memory: allocated here
sudo-1.9.17p2/plugins/sudoers/ldap_conf.c:358:8: branch_true: following 'true' branch...
sudo-1.9.17p2/plugins/sudoers/ldap_conf.c:359:15: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_conf.c:359:15: danger: 'fopen(path, "r")' leaks here; was allocated at [(1)](sarif:/runs/0/results/2/codeFlows/0/threadFlows/0/locations/0)
#  357|   
#  358|       if ((fp = fopen(path, "r")) != NULL) {
#  359|-> 	len = getdelim(&line, &linesize, '\n', fp);
#  360|   	if (len != -1) {
#  361|   	    /* trim newline */

Error: GCC_ANALYZER_WARNING (CWE-401): [#def279]
sudo-1.9.17p2/plugins/sudoers/ldap_conf.c:442:25: warning[-Wanalyzer-malloc-leak]: leak of 'cp'
sudo-1.9.17p2/plugins/sudoers/ldap_conf.c:395:23: branch_true: following 'true' branch...
sudo-1.9.17p2/plugins/sudoers/ldap_conf.c:396:13: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_conf.c:396:12: branch_true: following 'true' branch...
sudo-1.9.17p2/plugins/sudoers/ldap_conf.c:397:21: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_conf.c:440:24: branch_true: following 'true' branch...
sudo-1.9.17p2/plugins/sudoers/ldap_conf.c:440:41: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_conf.c:440:41: acquire_memory: allocated here
sudo-1.9.17p2/plugins/sudoers/ldap_conf.c:440:25: branch_false: following 'false' branch (when 'cp' is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/ldap_conf.c:444:31: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_conf.c:442:25: danger: 'cp' leaks here; was allocated at [(9)](sarif:/runs/0/results/3/codeFlows/0/threadFlows/0/locations/8)
#  440|   		    if (*value && (cp = strdup(value)) == NULL) {
#  441|   			sudo_warnx(U_("%s: %s"), __func__, U_("unable to allocate memory"));
#  442|-> 			debug_return_bool(false);
#  443|   		    }
#  444|   		    *(char **)(cur->valp) = cp;

Error: GCC_ANALYZER_WARNING (CWE-775): [#def280]
sudo-1.9.17p2/plugins/sudoers/ldap_conf.c:572:12: warning[-Wanalyzer-file-leak]: leak of FILE 'fopen(*ctx.settings.ldap_conf, "r")'
sudo-1.9.17p2/plugins/sudoers/ldap_conf.c:564:8: branch_false: following 'false' branch...
sudo-1.9.17p2/plugins/sudoers/ldap_conf.c:569:15: acquire_resource: opened here
sudo-1.9.17p2/plugins/sudoers/ldap_conf.c:569:8: branch_false: following 'false' branch...
 branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_conf.c:572:12: danger: 'fopen(*ctx.settings.ldap_conf, "r")' leaks here; was opened at [(3)](sarif:/runs/0/results/4/codeFlows/0/threadFlows/0/locations/2)
#  570|   	debug_return_bool(false);
#  571|   
#  572|->     while (sudo_parseln(&line, &linesize, NULL, fp, PARSELN_COMM_BOL|PARSELN_CONT_IGN) != -1) {
#  573|   	if (*line == '\0')
#  574|   	    continue;		/* skip empty line */

Error: GCC_ANALYZER_WARNING (CWE-401): [#def281]
sudo-1.9.17p2/plugins/sudoers/ldap_conf.c:572:12: warning[-Wanalyzer-malloc-leak]: leak of 'fopen(*ctx.settings.ldap_conf, "r")'
sudo-1.9.17p2/plugins/sudoers/ldap_conf.c:564:8: branch_false: following 'false' branch...
sudo-1.9.17p2/plugins/sudoers/ldap_conf.c:569:15: acquire_memory: allocated here
sudo-1.9.17p2/plugins/sudoers/ldap_conf.c:569:8: branch_false: following 'false' branch...
 branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_conf.c:572:12: danger: 'fopen(*ctx.settings.ldap_conf, "r")' leaks here; was allocated at [(3)](sarif:/runs/0/results/5/codeFlows/0/threadFlows/0/locations/2)
#  570|   	debug_return_bool(false);
#  571|   
#  572|->     while (sudo_parseln(&line, &linesize, NULL, fp, PARSELN_COMM_BOL|PARSELN_CONT_IGN) != -1) {
#  573|   	if (*line == '\0')
#  574|   	    continue;		/* skip empty line */

Error: GCC_ANALYZER_WARNING (CWE-401): [#def282]
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:54:5: warning[-Wanalyzer-malloc-leak]: leak of '<unknown>'
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:355:1: enter_function: entry to 'sudo_ldap_role_to_priv'
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:368:8: branch_false: following 'false' branch (when 'priv' is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:370:5: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:374:23: acquire_memory: allocated here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:375:8: branch_false: following 'false' branch...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:378:9: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:378:8: branch_false: following 'false' branch...
 branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:385:16: branch_true: following 'true' branch...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:386:22: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:386:22: call_function: calling 'host_to_member' from 'sudo_ldap_role_to_priv'
#   52|       char *val = *valp;
#   53|       bool ret = false;
#   54|->     debug_decl(sudo_ldap_is_negated, SUDOERS_DEBUG_LDAP);
#   55|   
#   56|       while (*val == '!') {

Error: GCC_ANALYZER_WARNING (CWE-401): [#def283]
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:54:5: warning[-Wanalyzer-malloc-leak]: leak of 'm'
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:208:1: enter_function: entry to 'host_to_member'
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:213:14: acquire_memory: allocated here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:213:8: branch_false: following 'false' branch (when 'm' is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:215:18: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:215:18: call_function: calling 'sudo_ldap_is_negated' from 'host_to_member'
#   52|       char *val = *valp;
#   53|       bool ret = false;
#   54|->     debug_decl(sudo_ldap_is_negated, SUDOERS_DEBUG_LDAP);
#   55|   
#   56|       while (*val == '!') {

Error: GCC_ANALYZER_WARNING (CWE-401): [#def284]
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:54:5: warning[-Wanalyzer-malloc-leak]: leak of 'members'
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:121:1: enter_function: entry to 'array_to_member_list'
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:130:20: acquire_memory: allocated here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:130:8: branch_false: following 'false' branch (when 'members' is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:132:5: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:134:12: branch_true: following 'true' branch...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:135:18: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:135:12: branch_false: following 'false' branch (when 'm' is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:137:22: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:137:22: call_function: calling 'sudo_ldap_is_negated' from 'array_to_member_list'
#   52|       char *val = *valp;
#   53|       bool ret = false;
#   54|->     debug_decl(sudo_ldap_is_negated, SUDOERS_DEBUG_LDAP);
#   55|   
#   56|       while (*val == '!') {

Error: GCC_ANALYZER_WARNING (CWE-401): [#def285]
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:54:5: warning[-Wanalyzer-malloc-leak]: leak of 'negated_members.tqh_first'
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:121:1: enter_function: entry to 'array_to_member_list'
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:130:8: branch_false: following 'false' branch (when 'members' is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:132:5: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:134:12: branch_true: following 'true' branch...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:135:18: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:135:18: acquire_memory: allocated here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:135:12: branch_false: following 'false' branch (when 'm' is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:137:22: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:160:12: branch_false: following 'false' branch...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:166:12: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:166:12: branch_true: following 'true' branch...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:167:13: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:134:12: branch_true: following 'true' branch...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:135:18: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:135:12: branch_false: following 'false' branch (when 'm' is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:137:22: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:137:22: call_function: calling 'sudo_ldap_is_negated' from 'array_to_member_list'
#   52|       char *val = *valp;
#   53|       bool ret = false;
#   54|->     debug_decl(sudo_ldap_is_negated, SUDOERS_DEBUG_LDAP);
#   55|   
#   56|       while (*val == '!') {

Error: GCC_ANALYZER_WARNING (CWE-401): [#def286]
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:54:5: warning[-Wanalyzer-malloc-leak]: leak of 'priv'
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:355:1: enter_function: entry to 'sudo_ldap_role_to_priv'
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:368:17: acquire_memory: allocated here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:368:8: branch_false: following 'false' branch (when 'priv' is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:370:5: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:375:8: branch_false: following 'false' branch...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:378:9: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:378:8: branch_false: following 'false' branch...
 branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:385:16: branch_true: following 'true' branch...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:386:22: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:386:22: call_function: calling 'host_to_member' from 'sudo_ldap_role_to_priv'
#   52|       char *val = *valp;
#   53|       bool ret = false;
#   54|->     debug_decl(sudo_ldap_is_negated, SUDOERS_DEBUG_LDAP);
#   55|   
#   56|       while (*val == '!') {

Error: GCC_ANALYZER_WARNING (CWE-401): [#def287]
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:63:5: warning[-Wanalyzer-malloc-leak]: leak of '<unknown>'
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:355:1: enter_function: entry to 'sudo_ldap_role_to_priv'
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:368:8: branch_false: following 'false' branch (when 'priv' is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:370:5: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:374:23: acquire_memory: allocated here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:375:8: branch_false: following 'false' branch...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:378:9: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:378:8: branch_false: following 'false' branch...
 branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:385:16: branch_true: following 'true' branch...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:386:22: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:386:22: call_function: calling 'host_to_member' from 'sudo_ldap_role_to_priv'
#   61|       }
#   62|       *valp = val;
#   63|->     debug_return_bool(ret);
#   64|   }
#   65|   

Error: GCC_ANALYZER_WARNING (CWE-401): [#def288]
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:63:5: warning[-Wanalyzer-malloc-leak]: leak of 'm'
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:208:1: enter_function: entry to 'host_to_member'
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:213:14: acquire_memory: allocated here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:213:8: branch_false: following 'false' branch (when 'm' is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:215:18: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:215:18: call_function: calling 'sudo_ldap_is_negated' from 'host_to_member'
#   61|       }
#   62|       *valp = val;
#   63|->     debug_return_bool(ret);
#   64|   }
#   65|   

Error: GCC_ANALYZER_WARNING (CWE-401): [#def289]
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:63:5: warning[-Wanalyzer-malloc-leak]: leak of 'members'
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:121:1: enter_function: entry to 'array_to_member_list'
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:130:20: acquire_memory: allocated here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:130:8: branch_false: following 'false' branch (when 'members' is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:132:5: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:134:12: branch_true: following 'true' branch...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:135:18: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:135:12: branch_false: following 'false' branch (when 'm' is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:137:22: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:137:22: call_function: calling 'sudo_ldap_is_negated' from 'array_to_member_list'
#   61|       }
#   62|       *valp = val;
#   63|->     debug_return_bool(ret);
#   64|   }
#   65|   

Error: GCC_ANALYZER_WARNING (CWE-401): [#def290]
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:63:5: warning[-Wanalyzer-malloc-leak]: leak of 'priv'
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:355:1: enter_function: entry to 'sudo_ldap_role_to_priv'
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:368:17: acquire_memory: allocated here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:368:8: branch_false: following 'false' branch (when 'priv' is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:370:5: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:375:8: branch_false: following 'false' branch...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:378:9: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:378:8: branch_false: following 'false' branch...
 branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:385:16: branch_true: following 'true' branch...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:386:22: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:386:22: call_function: calling 'host_to_member' from 'sudo_ldap_role_to_priv'
#   61|       }
#   62|       *valp = val;
#   63|->     debug_return_bool(ret);
#   64|   }
#   65|   

Error: GCC_ANALYZER_WARNING (CWE-476): [#def291]
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:82:14: warning[-Wanalyzer-null-dereference]: dereference of NULL 'cp'
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:80:8: branch_true: following 'true' branch (when 'optstr < cp')...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:81:9: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:82:14: danger: dereference of NULL 'cp'
#   80|       if (cp != NULL && cp > var) {
#   81|   	val = cp + 1;
#   82|-> 	op = cp[-1];	/* peek for += or -= cases */
#   83|   	if (op == '+' || op == '-') {
#   84|   	    /* case var+=val or var-=val */

Error: CPPCHECK_WARNING (CWE-457): [#def292]
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:124: error[legacyUninitvar]: Uninitialized variable: negated_members
#  122|   {
#  123|       struct member_list negated_members =
#  124|-> 	TAILQ_HEAD_INITIALIZER(negated_members);
#  125|       struct member_list *members;
#  126|       struct member *m;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def293]
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:134:19: warning[-Wanalyzer-malloc-leak]: leak of 'm'
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:130:8: branch_false: following 'false' branch (when 'members' is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:132:5: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:134:12: branch_true: following 'true' branch...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:135:18: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:135:18: acquire_memory: allocated here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:135:12: branch_false: following 'false' branch (when 'm' is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:137:22: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:160:12: branch_false: following 'false' branch...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:166:12: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:166:12: branch_false: following 'false' branch...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:169:13: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:134:19: danger: 'm' leaks here; was allocated at [(5)](sarif:/runs/0/results/13/codeFlows/0/threadFlows/0/locations/4)
#  132|       TAILQ_INIT(members);                      
#  133|   
#  134|->     while ((val = iter(&a)) != NULL) {
#  135|   	if ((m = calloc(1, sizeof(*m))) == NULL)
#  136|   	    goto bad;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def294]
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:134:19: warning[-Wanalyzer-malloc-leak]: leak of 'members'
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:130:20: acquire_memory: allocated here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:130:8: branch_false: following 'false' branch (when 'members' is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:132:5: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:134:19: danger: 'members' leaks here; was allocated at [(1)](sarif:/runs/0/results/12/codeFlows/0/threadFlows/0/locations/0)
#  132|       TAILQ_INIT(members);                      
#  133|   
#  134|->     while ((val = iter(&a)) != NULL) {
#  135|   	if ((m = calloc(1, sizeof(*m))) == NULL)
#  136|   	    goto bad;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def295]
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:174:5: warning[-Wanalyzer-malloc-leak]: leak of 'm'
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:130:8: branch_false: following 'false' branch (when 'members' is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:132:5: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:134:12: branch_true: following 'true' branch...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:135:18: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:135:18: acquire_memory: allocated here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:135:12: branch_false: following 'false' branch (when 'm' is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:137:22: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:160:12: branch_false: following 'false' branch...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:166:12: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:134:12: branch_false: following 'false' branch...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:173:5: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:173:5: branch_false: following 'false' branch...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:174:5: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:174:5: danger: 'm' leaks here; was allocated at [(5)](sarif:/runs/0/results/15/codeFlows/0/threadFlows/0/locations/4)
#  172|       /* Negated members take precedence so we insert them at the end. */
#  173|       TAILQ_CONCAT(members, &negated_members, entries);
#  174|->     debug_return_ptr(members);
#  175|   bad:
#  176|       free_members(&negated_members);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def296]
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:174:5: warning[-Wanalyzer-malloc-leak]: leak of 'members'
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:130:20: acquire_memory: allocated here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:130:8: branch_false: following 'false' branch (when 'members' is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:132:5: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:134:12: branch_false: following 'false' branch...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:173:5: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:173:5: branch_false: following 'false' branch...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:174:5: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:174:5: danger: 'members' leaks here; was allocated at [(1)](sarif:/runs/0/results/14/codeFlows/0/threadFlows/0/locations/0)
#  172|       /* Negated members take precedence so we insert them at the end. */
#  173|       TAILQ_CONCAT(members, &negated_members, entries);
#  174|->     debug_return_ptr(members);
#  175|   bad:
#  176|       free_members(&negated_members);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def297]
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:176:5: warning[-Wanalyzer-malloc-leak]: leak of '<unknown>'
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:130:8: branch_false: following 'false' branch (when 'members' is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:132:5: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:134:12: branch_true: following 'true' branch...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:135:18: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:135:18: acquire_memory: allocated here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:135:12: branch_false: following 'false' branch (when 'm' is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:137:22: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:160:12: branch_false: following 'false' branch...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:166:12: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:166:12: branch_false: following 'false' branch...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:169:13: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:134:12: branch_true: following 'true' branch...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:135:18: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:135:12: branch_true: following 'true' branch (when 'm' is NULL)...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:136:13: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:176:5: danger: '<unknown>' leaks here; was allocated at [(5)](sarif:/runs/0/results/18/codeFlows/0/threadFlows/0/locations/4)
#  174|       debug_return_ptr(members);
#  175|   bad:
#  176|->     free_members(&negated_members);
#  177|       free_members(members);
#  178|       free(members);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def298]
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:176:5: warning[-Wanalyzer-malloc-leak]: leak of 'members'
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:130:20: acquire_memory: allocated here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:130:8: branch_false: following 'false' branch (when 'members' is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:132:5: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:134:12: branch_true: following 'true' branch...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:135:18: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:176:5: danger: 'members' leaks here; was allocated at [(1)](sarif:/runs/0/results/17/codeFlows/0/threadFlows/0/locations/0)
#  174|       debug_return_ptr(members);
#  175|   bad:
#  176|->     free_members(&negated_members);
#  177|       free_members(members);
#  178|       free(members);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def299]
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:176:5: warning[-Wanalyzer-malloc-leak]: leak of 'negated_members.tqh_first'
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:130:8: branch_false: following 'false' branch (when 'members' is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:132:5: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:134:12: branch_true: following 'true' branch...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:135:18: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:135:18: acquire_memory: allocated here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:135:12: branch_false: following 'false' branch (when 'm' is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:137:22: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:160:12: branch_false: following 'false' branch...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:166:12: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:166:12: branch_true: following 'true' branch...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:167:13: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:134:12: branch_true: following 'true' branch...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:135:18: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:176:5: danger: 'negated_members.tqh_first' leaks here; was allocated at [(5)](sarif:/runs/0/results/16/codeFlows/0/threadFlows/0/locations/4)
#  174|       debug_return_ptr(members);
#  175|   bad:
#  176|->     free_members(&negated_members);
#  177|       free_members(members);
#  178|       free(members);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def300]
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:177:5: warning[-Wanalyzer-malloc-leak]: leak of '<unknown>'
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:130:8: branch_false: following 'false' branch (when 'members' is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:132:5: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:134:12: branch_true: following 'true' branch...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:135:18: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:135:18: acquire_memory: allocated here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:135:12: branch_false: following 'false' branch (when 'm' is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:137:22: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:160:12: branch_false: following 'false' branch...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:166:12: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:166:12: branch_false: following 'false' branch...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:169:13: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:134:12: branch_true: following 'true' branch...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:135:18: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:135:12: branch_true: following 'true' branch (when 'm' is NULL)...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:136:13: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:177:5: danger: '<unknown>' leaks here; was allocated at [(5)](sarif:/runs/0/results/20/codeFlows/0/threadFlows/0/locations/4)
#  175|   bad:
#  176|       free_members(&negated_members);
#  177|->     free_members(members);
#  178|       free(members);
#  179|       debug_return_ptr(NULL);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def301]
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:177:5: warning[-Wanalyzer-malloc-leak]: leak of 'members'
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:130:20: acquire_memory: allocated here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:130:8: branch_false: following 'false' branch (when 'members' is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:132:5: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:134:12: branch_true: following 'true' branch...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:135:18: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:177:5: danger: 'members' leaks here; was allocated at [(1)](sarif:/runs/0/results/19/codeFlows/0/threadFlows/0/locations/0)
#  175|   bad:
#  176|       free_members(&negated_members);
#  177|->     free_members(members);
#  178|       free(members);
#  179|       debug_return_ptr(NULL);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def302]
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:188:5: warning[-Wanalyzer-malloc-leak]: leak of '<unknown>'
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:355:1: enter_function: entry to 'sudo_ldap_role_to_priv'
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:368:8: branch_false: following 'false' branch (when 'priv' is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:370:5: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:374:23: acquire_memory: allocated here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:375:8: branch_false: following 'false' branch...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:378:9: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:378:8: branch_false: following 'false' branch...
 branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:385:16: branch_true: following 'true' branch...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:386:22: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:386:22: call_function: calling 'host_to_member' from 'sudo_ldap_role_to_priv'
#  186|       bool ret = false;
#  187|       char *slash;
#  188|->     debug_decl(is_address, SUDOERS_DEBUG_LDAP);
#  189|   
#  190|       /* Check for mask, not currently parsed. */

Error: GCC_ANALYZER_WARNING (CWE-401): [#def303]
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:188:5: warning[-Wanalyzer-malloc-leak]: leak of 'm'
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:208:1: enter_function: entry to 'host_to_member'
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:213:14: acquire_memory: allocated here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:213:8: branch_false: following 'false' branch (when 'm' is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:215:18: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:227:13: call_function: calling 'is_address' from 'host_to_member'
#  186|       bool ret = false;
#  187|       char *slash;
#  188|->     debug_decl(is_address, SUDOERS_DEBUG_LDAP);
#  189|   
#  190|       /* Check for mask, not currently parsed. */

Error: GCC_ANALYZER_WARNING (CWE-401): [#def304]
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:188:5: warning[-Wanalyzer-malloc-leak]: leak of 'priv'
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:355:1: enter_function: entry to 'sudo_ldap_role_to_priv'
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:368:17: acquire_memory: allocated here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:368:8: branch_false: following 'false' branch (when 'priv' is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:370:5: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:375:8: branch_false: following 'false' branch...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:378:9: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:378:8: branch_false: following 'false' branch...
 branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:385:16: branch_true: following 'true' branch...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:386:22: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:386:22: call_function: calling 'host_to_member' from 'sudo_ldap_role_to_priv'
#  186|       bool ret = false;
#  187|       char *slash;
#  188|->     debug_decl(is_address, SUDOERS_DEBUG_LDAP);
#  189|   
#  190|       /* Check for mask, not currently parsed. */

Error: GCC_ANALYZER_WARNING (CWE-401): [#def305]
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:204:5: warning[-Wanalyzer-malloc-leak]: leak of '<unknown>'
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:355:1: enter_function: entry to 'sudo_ldap_role_to_priv'
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:368:8: branch_false: following 'false' branch (when 'priv' is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:370:5: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:374:23: acquire_memory: allocated here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:375:8: branch_false: following 'false' branch...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:378:9: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:378:8: branch_false: following 'false' branch...
 branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:385:16: branch_true: following 'true' branch...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:386:22: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:386:22: call_function: calling 'host_to_member' from 'sudo_ldap_role_to_priv'
#  202|   	*slash = '/';
#  203|   
#  204|->     debug_return_bool(ret);
#  205|   }
#  206|   

Error: GCC_ANALYZER_WARNING (CWE-401): [#def306]
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:204:5: warning[-Wanalyzer-malloc-leak]: leak of 'm'
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:208:1: enter_function: entry to 'host_to_member'
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:213:14: acquire_memory: allocated here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:213:8: branch_false: following 'false' branch (when 'm' is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:215:18: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:227:13: call_function: calling 'is_address' from 'host_to_member'
#  202|   	*slash = '/';
#  203|   
#  204|->     debug_return_bool(ret);
#  205|   }
#  206|   

Error: GCC_ANALYZER_WARNING (CWE-401): [#def307]
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:204:5: warning[-Wanalyzer-malloc-leak]: leak of 'priv'
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:355:1: enter_function: entry to 'sudo_ldap_role_to_priv'
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:368:17: acquire_memory: allocated here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:368:8: branch_false: following 'false' branch (when 'priv' is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:370:5: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:375:8: branch_false: following 'false' branch...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:378:9: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:378:8: branch_false: following 'false' branch...
 branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:385:16: branch_true: following 'true' branch...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:386:22: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:386:22: call_function: calling 'host_to_member' from 'sudo_ldap_role_to_priv'
#  202|   	*slash = '/';
#  203|   
#  204|->     debug_return_bool(ret);
#  205|   }
#  206|   

Error: GCC_ANALYZER_WARNING (CWE-401): [#def308]
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:211:5: warning[-Wanalyzer-malloc-leak]: leak of '<unknown>'
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:355:1: enter_function: entry to 'sudo_ldap_role_to_priv'
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:368:8: branch_false: following 'false' branch (when 'priv' is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:370:5: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:374:23: acquire_memory: allocated here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:375:8: branch_false: following 'false' branch...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:378:9: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:378:8: branch_false: following 'false' branch...
 branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:385:16: branch_true: following 'true' branch...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:386:22: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:386:22: call_function: calling 'host_to_member' from 'sudo_ldap_role_to_priv'
#  209|   {
#  210|       struct member *m;
#  211|->     debug_decl(host_to_member, SUDOERS_DEBUG_LDAP);
#  212|   
#  213|       if ((m = calloc(1, sizeof(*m))) == NULL)

Error: GCC_ANALYZER_WARNING (CWE-401): [#def309]
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:211:5: warning[-Wanalyzer-malloc-leak]: leak of 'priv'
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:355:1: enter_function: entry to 'sudo_ldap_role_to_priv'
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:368:17: acquire_memory: allocated here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:368:8: branch_false: following 'false' branch (when 'priv' is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:370:5: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:375:8: branch_false: following 'false' branch...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:378:9: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:378:8: branch_false: following 'false' branch...
 branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:385:16: branch_true: following 'true' branch...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:386:22: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:386:22: call_function: calling 'host_to_member' from 'sudo_ldap_role_to_priv'
#  209|   {
#  210|       struct member *m;
#  211|->     debug_decl(host_to_member, SUDOERS_DEBUG_LDAP);
#  212|   
#  213|       if ((m = calloc(1, sizeof(*m))) == NULL)

Error: GCC_ANALYZER_WARNING (CWE-401): [#def310]
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:239:5: warning[-Wanalyzer-malloc-leak]: leak of '<unknown>'
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:213:8: branch_false: following 'false' branch (when 'm' is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:215:18: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:234:8: branch_true: following 'true' branch...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:235:24: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:235:24: acquire_memory: allocated here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:235:12: branch_false: following 'false' branch...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:239:5: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:239:5: danger: '<unknown>' leaks here; was allocated at [(5)](sarif:/runs/0/results/30/codeFlows/0/threadFlows/0/locations/4)
#  237|       }
#  238|   
#  239|->     debug_return_ptr(m);
#  240|   oom:
#  241|       free(m);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def311]
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:239:5: warning[-Wanalyzer-malloc-leak]: leak of 'm'
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:213:14: acquire_memory: allocated here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:213:8: branch_false: following 'false' branch (when 'm' is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:215:18: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:234:8: branch_false: following 'false' branch...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:239:5: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:239:5: danger: 'm' leaks here; was allocated at [(1)](sarif:/runs/0/results/29/codeFlows/0/threadFlows/0/locations/0)
#  237|       }
#  238|   
#  239|->     debug_return_ptr(m);
#  240|   oom:
#  241|       free(m);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def312]
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:300:25: warning[-Wanalyzer-malloc-leak]: leak of 'digest'
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:263:8: branch_true: following 'true' branch...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:276:16: branch_true: following 'true' branch...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:284:16: branch_true: following 'true' branch...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:285:17: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:292:35: acquire_memory: allocated here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:292:24: branch_false: following 'false' branch (when 'digest' is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:297:21: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:299:24: branch_true: following 'true' branch...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:300:25: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:300:25: danger: 'digest' leaks here; was allocated at [(7)](sarif:/runs/0/results/31/codeFlows/0/threadFlows/0/locations/6)
#  298|   		    digest->digest_str = strndup(cp, (size_t)(ep - cp));
#  299|   		    if (digest->digest_str == NULL) {
#  300|-> 			sudo_warnx(U_("%s: %s"), __func__,
#  301|   			    U_("unable to allocate memory"));
#  302|   			free(digest);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def313]
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:308:21: warning[-Wanalyzer-malloc-leak]: leak of '<unknown>'
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:263:8: branch_true: following 'true' branch...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:276:16: branch_true: following 'true' branch...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:284:16: branch_true: following 'true' branch...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:285:17: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:292:24: branch_false: following 'false' branch (when 'digest' is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:297:21: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:298:42: acquire_memory: allocated here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:299:24: branch_false: following 'false' branch...
 branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:308:21: danger: '<unknown>' leaks here; was allocated at [(9)](sarif:/runs/0/results/40/codeFlows/0/threadFlows/0/locations/8)
#  306|   			ep++;
#  307|   		    *endptr = (char *)ep;
#  308|-> 		    sudo_debug_printf(SUDO_DEBUG_INFO,
#  309|   			"%s digest %s for %s",
#  310|   			digest_type_to_name(digest_type),

Error: GCC_ANALYZER_WARNING (CWE-401): [#def314]
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:308:21: warning[-Wanalyzer-malloc-leak]: leak of 'digest'
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:263:8: branch_true: following 'true' branch...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:276:16: branch_true: following 'true' branch...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:284:16: branch_true: following 'true' branch...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:285:17: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:292:35: acquire_memory: allocated here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:292:24: branch_false: following 'false' branch (when 'digest' is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:297:21: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:299:24: branch_false: following 'false' branch...
 branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:308:21: danger: 'digest' leaks here; was allocated at [(7)](sarif:/runs/0/results/37/codeFlows/0/threadFlows/0/locations/6)
#  306|   			ep++;
#  307|   		    *endptr = (char *)ep;
#  308|-> 		    sudo_debug_printf(SUDO_DEBUG_INFO,
#  309|   			"%s digest %s for %s",
#  310|   			digest_type_to_name(digest_type),

Error: GCC_ANALYZER_WARNING (CWE-401): [#def315]
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:308:21: warning[-Wanalyzer-malloc-leak]: leak of 'strndup(cp, (long unsigned int)(ep - cp))'
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:263:8: branch_true: following 'true' branch...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:276:16: branch_true: following 'true' branch...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:284:16: branch_true: following 'true' branch...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:285:17: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:292:24: branch_false: following 'false' branch (when 'digest' is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:297:21: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:298:42: acquire_memory: allocated here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:299:24: branch_false: following 'false' branch...
 branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:308:21: danger: 'strndup(cp, (long unsigned int)(ep - cp))' leaks here; was allocated at [(9)](sarif:/runs/0/results/38/codeFlows/0/threadFlows/0/locations/8)
#  306|   			ep++;
#  307|   		    *endptr = (char *)ep;
#  308|-> 		    sudo_debug_printf(SUDO_DEBUG_INFO,
#  309|   			"%s digest %s for %s",
#  310|   			digest_type_to_name(digest_type),

Error: CPPCHECK_WARNING (CWE-457): [#def316]
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:360: error[legacyUninitvar]: Uninitialized variable: negated_cmnds
#  358|       sudo_ldap_iter_t iter)
#  359|   {
#  360|->     struct cmndspec_list negated_cmnds = TAILQ_HEAD_INITIALIZER(negated_cmnds);
#  361|       struct member_list negated_hosts = TAILQ_HEAD_INITIALIZER(negated_hosts);
#  362|       struct cmndspec *prev_cmndspec = NULL;

Error: CPPCHECK_WARNING (CWE-457): [#def317]
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:361: error[legacyUninitvar]: Uninitialized variable: negated_hosts
#  359|   {
#  360|       struct cmndspec_list negated_cmnds = TAILQ_HEAD_INITIALIZER(negated_cmnds);
#  361|->     struct member_list negated_hosts = TAILQ_HEAD_INITIALIZER(negated_hosts);
#  362|       struct cmndspec *prev_cmndspec = NULL;
#  363|       struct privilege *priv;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def318]
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:385:24: warning[-Wanalyzer-malloc-leak]: leak of '<unknown>'
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:368:8: branch_false: following 'false' branch (when 'priv' is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:370:5: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:374:23: acquire_memory: allocated here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:375:8: branch_false: following 'false' branch...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:378:9: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:378:8: branch_false: following 'false' branch...
 branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:385:24: danger: '<unknown>' leaks here; was allocated at [(3)](sarif:/runs/0/results/41/codeFlows/0/threadFlows/0/locations/2)
#  383|       } else {
#  384|   	char *host;
#  385|-> 	while ((host = iter(&hosts)) != NULL) {
#  386|   	    if ((m = host_to_member(host)) == NULL)
#  387|   		goto oom;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def319]
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:385:24: warning[-Wanalyzer-malloc-leak]: leak of 'priv'
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:368:17: acquire_memory: allocated here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:368:8: branch_false: following 'false' branch (when 'priv' is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:370:5: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:375:8: branch_false: following 'false' branch...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:378:9: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:378:8: branch_false: following 'false' branch...
 branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:385:24: danger: 'priv' leaks here; was allocated at [(1)](sarif:/runs/0/results/42/codeFlows/0/threadFlows/0/locations/0)
#  383|       } else {
#  384|   	char *host;
#  385|-> 	while ((host = iter(&hosts)) != NULL) {
#  386|   	    if ((m = host_to_member(host)) == NULL)
#  387|   		goto oom;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def320]
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:400:20: warning[-Wanalyzer-malloc-leak]: leak of '<unknown>'
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:368:8: branch_false: following 'false' branch (when 'priv' is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:370:5: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:374:23: acquire_memory: allocated here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:375:8: branch_false: following 'false' branch...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:378:9: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:378:8: branch_false: following 'false' branch...
 branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:385:16: branch_false: following 'false' branch...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:394:9: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:394:9: branch_false: following 'false' branch...
 branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:400:20: danger: '<unknown>' leaks here; was allocated at [(3)](sarif:/runs/0/results/44/codeFlows/0/threadFlows/0/locations/2)
#  398|        * Parse sudoCommands and add to cmndlist.
#  399|        */
#  400|->     while ((cmnd = iter(&cmnds)) != NULL) {
#  401|   	bool negated = sudo_ldap_is_negated(&cmnd);
#  402|   	struct sudo_command *c = NULL;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def321]
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:400:20: warning[-Wanalyzer-malloc-leak]: leak of 'priv'
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:368:17: acquire_memory: allocated here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:368:8: branch_false: following 'false' branch (when 'priv' is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:370:5: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:375:8: branch_false: following 'false' branch...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:378:9: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:378:8: branch_false: following 'false' branch...
 branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:385:16: branch_false: following 'false' branch...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:394:9: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:394:9: branch_false: following 'false' branch...
 branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:400:20: danger: 'priv' leaks here; was allocated at [(1)](sarif:/runs/0/results/43/codeFlows/0/threadFlows/0/locations/0)
#  398|        * Parse sudoCommands and add to cmndlist.
#  399|        */
#  400|->     while ((cmnd = iter(&cmnds)) != NULL) {
#  401|   	bool negated = sudo_ldap_is_negated(&cmnd);
#  402|   	struct sudo_command *c = NULL;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def322]
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:469:39: warning[-Wanalyzer-malloc-leak]: leak of '<unknown>'
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:368:8: branch_false: following 'false' branch (when 'priv' is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:370:5: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:374:23: acquire_memory: allocated here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:375:8: branch_false: following 'false' branch...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:378:9: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:378:8: branch_false: following 'false' branch...
 branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:385:16: branch_false: following 'false' branch...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:394:9: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:394:9: branch_false: following 'false' branch...
 branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:400:12: branch_true: following 'true' branch...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:401:24: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:406:12: branch_false: following 'false' branch (when 'cmndspec' is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:408:18: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:408:12: branch_false: following 'false' branch (when 'm' is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:412:18: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:412:12: branch_false: following 'false' branch (when 'c' is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:417:9: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:421:12: branch_false: following 'false' branch...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:424:13: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:433:12: branch_false: following 'false' branch (when 'prev_cmndspec' is NULL)...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:452:16: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:452:16: branch_false: following 'false' branch (when 'runasusers' is NULL)...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:460:16: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:460:16: branch_false: following 'false' branch (when 'runasgroups' is NULL)...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:468:16: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:468:16: branch_true: following 'true' branch (when 'notbefore' is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:469:39: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:469:39: danger: '<unknown>' leaks here; was allocated at [(3)](sarif:/runs/0/results/48/codeFlows/0/threadFlows/0/locations/2)
#  467|   	    /* Parse sudoNotBefore / sudoNotAfter */
#  468|   	    if (notbefore != NULL)
#  469|-> 		cmndspec->notbefore = parse_gentime(notbefore);
#  470|   	    if (notafter != NULL)
#  471|   		cmndspec->notafter = parse_gentime(notafter);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def323]
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:469:39: warning[-Wanalyzer-malloc-leak]: leak of 'c'
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:368:8: branch_false: following 'false' branch (when 'priv' is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:370:5: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:375:8: branch_false: following 'false' branch...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:378:9: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:378:8: branch_false: following 'false' branch...
 branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:385:16: branch_false: following 'false' branch...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:394:9: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:394:9: branch_false: following 'false' branch...
 branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:400:12: branch_true: following 'true' branch...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:401:24: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:406:12: branch_false: following 'false' branch (when 'cmndspec' is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:408:18: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:408:12: branch_false: following 'false' branch (when 'm' is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:412:18: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:412:18: acquire_memory: allocated here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:412:12: branch_false: following 'false' branch (when 'c' is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:417:9: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:421:12: branch_false: following 'false' branch...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:424:13: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:433:12: branch_false: following 'false' branch (when 'prev_cmndspec' is NULL)...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:452:16: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:452:16: branch_false: following 'false' branch (when 'runasusers' is NULL)...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:460:16: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:460:16: branch_false: following 'false' branch (when 'runasgroups' is NULL)...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:468:16: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:468:16: branch_true: following 'true' branch (when 'notbefore' is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:469:39: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:469:39: danger: 'c' leaks here; was allocated at [(17)](sarif:/runs/0/results/47/codeFlows/0/threadFlows/0/locations/16)
#  467|   	    /* Parse sudoNotBefore / sudoNotAfter */
#  468|   	    if (notbefore != NULL)
#  469|-> 		cmndspec->notbefore = parse_gentime(notbefore);
#  470|   	    if (notafter != NULL)
#  471|   		cmndspec->notafter = parse_gentime(notafter);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def324]
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:469:39: warning[-Wanalyzer-malloc-leak]: leak of 'cmndspec'
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:368:8: branch_false: following 'false' branch (when 'priv' is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:370:5: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:375:8: branch_false: following 'false' branch...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:378:9: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:378:8: branch_false: following 'false' branch...
 branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:385:16: branch_false: following 'false' branch...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:394:9: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:394:9: branch_false: following 'false' branch...
 branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:400:12: branch_true: following 'true' branch...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:401:24: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:406:25: acquire_memory: allocated here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:406:12: branch_false: following 'false' branch (when 'cmndspec' is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:408:18: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:408:12: branch_false: following 'false' branch (when 'm' is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:412:18: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:412:12: branch_false: following 'false' branch (when 'c' is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:417:9: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:421:12: branch_false: following 'false' branch...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:424:13: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:433:12: branch_false: following 'false' branch (when 'prev_cmndspec' is NULL)...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:452:16: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:452:16: branch_false: following 'false' branch (when 'runasusers' is NULL)...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:460:16: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:460:16: branch_false: following 'false' branch (when 'runasgroups' is NULL)...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:468:16: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:468:16: branch_true: following 'true' branch (when 'notbefore' is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:469:39: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:469:39: danger: 'cmndspec' leaks here; was allocated at [(13)](sarif:/runs/0/results/49/codeFlows/0/threadFlows/0/locations/12)
#  467|   	    /* Parse sudoNotBefore / sudoNotAfter */
#  468|   	    if (notbefore != NULL)
#  469|-> 		cmndspec->notbefore = parse_gentime(notbefore);
#  470|   	    if (notafter != NULL)
#  471|   		cmndspec->notafter = parse_gentime(notafter);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def325]
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:469:39: warning[-Wanalyzer-malloc-leak]: leak of 'm'
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:368:8: branch_false: following 'false' branch (when 'priv' is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:370:5: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:375:8: branch_false: following 'false' branch...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:378:9: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:378:8: branch_false: following 'false' branch...
 branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:385:16: branch_false: following 'false' branch...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:394:9: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:394:9: branch_false: following 'false' branch...
 branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:400:12: branch_true: following 'true' branch...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:401:24: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:406:12: branch_false: following 'false' branch (when 'cmndspec' is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:408:18: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:408:18: acquire_memory: allocated here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:408:12: branch_false: following 'false' branch (when 'm' is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:412:18: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:412:12: branch_false: following 'false' branch (when 'c' is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:417:9: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:421:12: branch_false: following 'false' branch...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:424:13: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:433:12: branch_false: following 'false' branch (when 'prev_cmndspec' is NULL)...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:452:16: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:452:16: branch_false: following 'false' branch (when 'runasusers' is NULL)...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:460:16: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:460:16: branch_false: following 'false' branch (when 'runasgroups' is NULL)...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:468:16: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:468:16: branch_true: following 'true' branch (when 'notbefore' is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:469:39: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:469:39: danger: 'm' leaks here; was allocated at [(15)](sarif:/runs/0/results/45/codeFlows/0/threadFlows/0/locations/14)
#  467|   	    /* Parse sudoNotBefore / sudoNotAfter */
#  468|   	    if (notbefore != NULL)
#  469|-> 		cmndspec->notbefore = parse_gentime(notbefore);
#  470|   	    if (notafter != NULL)
#  471|   		cmndspec->notafter = parse_gentime(notafter);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def326]
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:469:39: warning[-Wanalyzer-malloc-leak]: leak of 'priv'
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:368:17: acquire_memory: allocated here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:368:8: branch_false: following 'false' branch (when 'priv' is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:370:5: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:375:8: branch_false: following 'false' branch...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:378:9: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:378:8: branch_false: following 'false' branch...
 branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:385:16: branch_false: following 'false' branch...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:394:9: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:394:9: branch_false: following 'false' branch...
 branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:400:12: branch_true: following 'true' branch...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:401:24: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:406:12: branch_false: following 'false' branch (when 'cmndspec' is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:408:18: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:408:12: branch_false: following 'false' branch (when 'm' is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:412:18: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:412:12: branch_false: following 'false' branch (when 'c' is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:417:9: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:421:12: branch_false: following 'false' branch...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:424:13: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:433:12: branch_false: following 'false' branch (when 'prev_cmndspec' is NULL)...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:452:16: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:452:16: branch_false: following 'false' branch (when 'runasusers' is NULL)...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:460:16: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:460:16: branch_false: following 'false' branch (when 'runasgroups' is NULL)...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:468:16: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:468:16: branch_true: following 'true' branch (when 'notbefore' is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:469:39: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:469:39: danger: 'priv' leaks here; was allocated at [(1)](sarif:/runs/0/results/46/codeFlows/0/threadFlows/0/locations/0)
#  467|   	    /* Parse sudoNotBefore / sudoNotAfter */
#  468|   	    if (notbefore != NULL)
#  469|-> 		cmndspec->notbefore = parse_gentime(notbefore);
#  470|   	    if (notafter != NULL)
#  471|   		cmndspec->notafter = parse_gentime(notafter);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def327]
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:471:38: warning[-Wanalyzer-malloc-leak]: leak of '<unknown>'
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:368:8: branch_false: following 'false' branch (when 'priv' is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:370:5: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:374:23: acquire_memory: allocated here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:375:8: branch_false: following 'false' branch...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:378:9: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:378:8: branch_false: following 'false' branch...
 branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:385:16: branch_false: following 'false' branch...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:394:9: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:394:9: branch_false: following 'false' branch...
 branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:400:12: branch_true: following 'true' branch...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:401:24: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:406:12: branch_false: following 'false' branch (when 'cmndspec' is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:408:18: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:408:12: branch_false: following 'false' branch (when 'm' is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:412:18: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:412:12: branch_false: following 'false' branch (when 'c' is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:417:9: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:421:12: branch_false: following 'false' branch...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:424:13: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:433:12: branch_false: following 'false' branch (when 'prev_cmndspec' is NULL)...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:452:16: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:452:16: branch_false: following 'false' branch (when 'runasusers' is NULL)...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:460:16: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:460:16: branch_false: following 'false' branch (when 'runasgroups' is NULL)...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:468:16: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:470:16: branch_true: following 'true' branch (when 'notafter' is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:471:38: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:471:38: danger: '<unknown>' leaks here; was allocated at [(3)](sarif:/runs/0/results/50/codeFlows/0/threadFlows/0/locations/2)
#  469|   		cmndspec->notbefore = parse_gentime(notbefore);
#  470|   	    if (notafter != NULL)
#  471|-> 		cmndspec->notafter = parse_gentime(notafter);
#  472|   
#  473|   	    /* Parse sudoOptions. */

Error: GCC_ANALYZER_WARNING (CWE-401): [#def328]
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:471:38: warning[-Wanalyzer-malloc-leak]: leak of 'c'
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:368:8: branch_false: following 'false' branch (when 'priv' is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:370:5: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:375:8: branch_false: following 'false' branch...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:378:9: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:378:8: branch_false: following 'false' branch...
 branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:385:16: branch_false: following 'false' branch...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:394:9: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:394:9: branch_false: following 'false' branch...
 branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:400:12: branch_true: following 'true' branch...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:401:24: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:406:12: branch_false: following 'false' branch (when 'cmndspec' is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:408:18: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:408:12: branch_false: following 'false' branch (when 'm' is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:412:18: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:412:18: acquire_memory: allocated here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:412:12: branch_false: following 'false' branch (when 'c' is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:417:9: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:421:12: branch_false: following 'false' branch...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:424:13: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:433:12: branch_false: following 'false' branch (when 'prev_cmndspec' is NULL)...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:452:16: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:452:16: branch_false: following 'false' branch (when 'runasusers' is NULL)...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:460:16: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:460:16: branch_false: following 'false' branch (when 'runasgroups' is NULL)...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:468:16: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:470:16: branch_true: following 'true' branch (when 'notafter' is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:471:38: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:471:38: danger: 'c' leaks here; was allocated at [(17)](sarif:/runs/0/results/52/codeFlows/0/threadFlows/0/locations/16)
#  469|   		cmndspec->notbefore = parse_gentime(notbefore);
#  470|   	    if (notafter != NULL)
#  471|-> 		cmndspec->notafter = parse_gentime(notafter);
#  472|   
#  473|   	    /* Parse sudoOptions. */

Error: GCC_ANALYZER_WARNING (CWE-401): [#def329]
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:471:38: warning[-Wanalyzer-malloc-leak]: leak of 'cmndspec'
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:368:8: branch_false: following 'false' branch (when 'priv' is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:370:5: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:375:8: branch_false: following 'false' branch...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:378:9: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:378:8: branch_false: following 'false' branch...
 branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:385:16: branch_false: following 'false' branch...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:394:9: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:394:9: branch_false: following 'false' branch...
 branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:400:12: branch_true: following 'true' branch...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:401:24: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:406:25: acquire_memory: allocated here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:406:12: branch_false: following 'false' branch (when 'cmndspec' is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:408:18: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:408:12: branch_false: following 'false' branch (when 'm' is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:412:18: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:412:12: branch_false: following 'false' branch (when 'c' is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:417:9: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:421:12: branch_false: following 'false' branch...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:424:13: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:433:12: branch_false: following 'false' branch (when 'prev_cmndspec' is NULL)...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:452:16: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:452:16: branch_false: following 'false' branch (when 'runasusers' is NULL)...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:460:16: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:460:16: branch_false: following 'false' branch (when 'runasgroups' is NULL)...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:468:16: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:470:16: branch_true: following 'true' branch (when 'notafter' is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:471:38: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:471:38: danger: 'cmndspec' leaks here; was allocated at [(13)](sarif:/runs/0/results/51/codeFlows/0/threadFlows/0/locations/12)
#  469|   		cmndspec->notbefore = parse_gentime(notbefore);
#  470|   	    if (notafter != NULL)
#  471|-> 		cmndspec->notafter = parse_gentime(notafter);
#  472|   
#  473|   	    /* Parse sudoOptions. */

Error: GCC_ANALYZER_WARNING (CWE-401): [#def330]
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:471:38: warning[-Wanalyzer-malloc-leak]: leak of 'm'
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:368:8: branch_false: following 'false' branch (when 'priv' is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:370:5: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:375:8: branch_false: following 'false' branch...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:378:9: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:378:8: branch_false: following 'false' branch...
 branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:385:16: branch_false: following 'false' branch...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:394:9: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:394:9: branch_false: following 'false' branch...
 branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:400:12: branch_true: following 'true' branch...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:401:24: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:406:12: branch_false: following 'false' branch (when 'cmndspec' is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:408:18: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:408:18: acquire_memory: allocated here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:408:12: branch_false: following 'false' branch (when 'm' is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:412:18: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:412:12: branch_false: following 'false' branch (when 'c' is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:417:9: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:421:12: branch_false: following 'false' branch...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:424:13: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:433:12: branch_false: following 'false' branch (when 'prev_cmndspec' is NULL)...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:452:16: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:452:16: branch_false: following 'false' branch (when 'runasusers' is NULL)...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:460:16: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:460:16: branch_false: following 'false' branch (when 'runasgroups' is NULL)...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:468:16: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:470:16: branch_true: following 'true' branch (when 'notafter' is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:471:38: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:471:38: danger: 'm' leaks here; was allocated at [(15)](sarif:/runs/0/results/53/codeFlows/0/threadFlows/0/locations/14)
#  469|   		cmndspec->notbefore = parse_gentime(notbefore);
#  470|   	    if (notafter != NULL)
#  471|-> 		cmndspec->notafter = parse_gentime(notafter);
#  472|   
#  473|   	    /* Parse sudoOptions. */

Error: GCC_ANALYZER_WARNING (CWE-401): [#def331]
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:471:38: warning[-Wanalyzer-malloc-leak]: leak of 'priv'
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:368:17: acquire_memory: allocated here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:368:8: branch_false: following 'false' branch (when 'priv' is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:370:5: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:375:8: branch_false: following 'false' branch...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:378:9: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:378:8: branch_false: following 'false' branch...
 branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:385:16: branch_false: following 'false' branch...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:394:9: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:394:9: branch_false: following 'false' branch...
 branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:400:12: branch_true: following 'true' branch...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:401:24: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:406:12: branch_false: following 'false' branch (when 'cmndspec' is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:408:18: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:408:12: branch_false: following 'false' branch (when 'm' is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:412:18: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:412:12: branch_false: following 'false' branch (when 'c' is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:417:9: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:421:12: branch_false: following 'false' branch...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:424:13: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:433:12: branch_false: following 'false' branch (when 'prev_cmndspec' is NULL)...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:452:16: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:452:16: branch_false: following 'false' branch (when 'runasusers' is NULL)...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:460:16: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:460:16: branch_false: following 'false' branch (when 'runasgroups' is NULL)...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:468:16: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:470:16: branch_true: following 'true' branch (when 'notafter' is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:471:38: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:471:38: danger: 'priv' leaks here; was allocated at [(1)](sarif:/runs/0/results/54/codeFlows/0/threadFlows/0/locations/0)
#  469|   		cmndspec->notbefore = parse_gentime(notbefore);
#  470|   	    if (notafter != NULL)
#  471|-> 		cmndspec->notafter = parse_gentime(notafter);
#  472|   
#  473|   	    /* Parse sudoOptions. */

Error: GCC_ANALYZER_WARNING (CWE-401): [#def332]
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:480:35: warning[-Wanalyzer-malloc-leak]: leak of '<unknown>'
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:368:8: branch_false: following 'false' branch (when 'priv' is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:370:5: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:374:23: acquire_memory: allocated here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:375:8: branch_false: following 'false' branch...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:378:9: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:378:8: branch_false: following 'false' branch...
 branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:385:16: branch_false: following 'false' branch...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:394:9: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:394:9: branch_false: following 'false' branch...
 branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:400:12: branch_true: following 'true' branch...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:401:24: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:406:12: branch_false: following 'false' branch (when 'cmndspec' is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:408:18: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:408:12: branch_false: following 'false' branch (when 'm' is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:412:18: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:412:12: branch_false: following 'false' branch (when 'c' is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:417:9: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:421:12: branch_true: following 'true' branch...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:422:13: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:433:12: branch_false: following 'false' branch (when 'prev_cmndspec' is NULL)...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:452:16: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:452:16: branch_false: following 'false' branch (when 'runasusers' is NULL)...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:460:16: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:460:16: branch_false: following 'false' branch (when 'runasgroups' is NULL)...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:468:16: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:474:16: branch_true: following 'true' branch...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:477:20: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:477:20: branch_true: following 'true' branch (when 'store_options != 0')...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:479:68: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:480:35: danger: '<unknown>' leaks here; was allocated at [(3)](sarif:/runs/0/results/56/codeFlows/0/threadFlows/0/locations/2)
#  478|   		    /* Use sudoRole in place of file name in defaults. */
#  479|   		    size_t slen = sizeof("sudoRole ") - 1 + strlen(priv->ldap_role);
#  480|-> 		    if ((source = sudo_rcstr_alloc(slen)) == NULL)
#  481|   			goto oom;
#  482|   		    if ((size_t)snprintf(source, slen + 1, "sudoRole %s", priv->ldap_role) != slen) {

Error: GCC_ANALYZER_WARNING (CWE-401): [#def333]
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:480:35: warning[-Wanalyzer-malloc-leak]: leak of 'c'
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:368:8: branch_false: following 'false' branch (when 'priv' is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:370:5: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:375:8: branch_false: following 'false' branch...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:378:9: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:378:8: branch_false: following 'false' branch...
 branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:385:16: branch_false: following 'false' branch...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:394:9: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:394:9: branch_false: following 'false' branch...
 branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:400:12: branch_true: following 'true' branch...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:401:24: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:406:12: branch_false: following 'false' branch (when 'cmndspec' is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:408:18: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:408:12: branch_false: following 'false' branch (when 'm' is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:412:18: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:412:18: acquire_memory: allocated here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:412:12: branch_false: following 'false' branch (when 'c' is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:417:9: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:421:12: branch_true: following 'true' branch...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:422:13: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:433:12: branch_false: following 'false' branch (when 'prev_cmndspec' is NULL)...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:452:16: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:452:16: branch_false: following 'false' branch (when 'runasusers' is NULL)...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:460:16: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:460:16: branch_false: following 'false' branch (when 'runasgroups' is NULL)...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:468:16: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:474:16: branch_true: following 'true' branch...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:477:20: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:477:20: branch_true: following 'true' branch (when 'store_options != 0')...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:479:68: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:480:35: danger: 'c' leaks here; was allocated at [(17)](sarif:/runs/0/results/59/codeFlows/0/threadFlows/0/locations/16)
#  478|   		    /* Use sudoRole in place of file name in defaults. */
#  479|   		    size_t slen = sizeof("sudoRole ") - 1 + strlen(priv->ldap_role);
#  480|-> 		    if ((source = sudo_rcstr_alloc(slen)) == NULL)
#  481|   			goto oom;
#  482|   		    if ((size_t)snprintf(source, slen + 1, "sudoRole %s", priv->ldap_role) != slen) {

Error: GCC_ANALYZER_WARNING (CWE-401): [#def334]
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:480:35: warning[-Wanalyzer-malloc-leak]: leak of 'cmndspec'
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:368:8: branch_false: following 'false' branch (when 'priv' is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:370:5: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:375:8: branch_false: following 'false' branch...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:378:9: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:378:8: branch_false: following 'false' branch...
 branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:385:16: branch_false: following 'false' branch...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:394:9: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:394:9: branch_false: following 'false' branch...
 branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:400:12: branch_true: following 'true' branch...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:401:24: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:406:25: acquire_memory: allocated here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:406:12: branch_false: following 'false' branch (when 'cmndspec' is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:408:18: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:408:12: branch_false: following 'false' branch (when 'm' is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:412:18: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:412:12: branch_false: following 'false' branch (when 'c' is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:417:9: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:421:12: branch_true: following 'true' branch...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:422:13: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:433:12: branch_false: following 'false' branch (when 'prev_cmndspec' is NULL)...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:452:16: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:452:16: branch_false: following 'false' branch (when 'runasusers' is NULL)...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:460:16: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:460:16: branch_false: following 'false' branch (when 'runasgroups' is NULL)...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:468:16: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:474:16: branch_true: following 'true' branch...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:477:20: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:477:20: branch_true: following 'true' branch (when 'store_options != 0')...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:479:68: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:480:35: danger: 'cmndspec' leaks here; was allocated at [(13)](sarif:/runs/0/results/55/codeFlows/0/threadFlows/0/locations/12)
#  478|   		    /* Use sudoRole in place of file name in defaults. */
#  479|   		    size_t slen = sizeof("sudoRole ") - 1 + strlen(priv->ldap_role);
#  480|-> 		    if ((source = sudo_rcstr_alloc(slen)) == NULL)
#  481|   			goto oom;
#  482|   		    if ((size_t)snprintf(source, slen + 1, "sudoRole %s", priv->ldap_role) != slen) {

Error: GCC_ANALYZER_WARNING (CWE-401): [#def335]
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:480:35: warning[-Wanalyzer-malloc-leak]: leak of 'm'
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:368:8: branch_false: following 'false' branch (when 'priv' is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:370:5: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:375:8: branch_false: following 'false' branch...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:378:9: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:378:8: branch_false: following 'false' branch...
 branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:385:16: branch_false: following 'false' branch...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:394:9: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:394:9: branch_false: following 'false' branch...
 branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:400:12: branch_true: following 'true' branch...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:401:24: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:406:12: branch_false: following 'false' branch (when 'cmndspec' is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:408:18: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:408:18: acquire_memory: allocated here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:408:12: branch_false: following 'false' branch (when 'm' is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:412:18: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:412:12: branch_false: following 'false' branch (when 'c' is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:417:9: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:421:12: branch_true: following 'true' branch...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:422:13: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:433:12: branch_false: following 'false' branch (when 'prev_cmndspec' is NULL)...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:452:16: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:452:16: branch_false: following 'false' branch (when 'runasusers' is NULL)...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:460:16: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:460:16: branch_false: following 'false' branch (when 'runasgroups' is NULL)...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:468:16: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:474:16: branch_true: following 'true' branch...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:477:20: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:477:20: branch_true: following 'true' branch (when 'store_options != 0')...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:479:68: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:480:35: danger: 'm' leaks here; was allocated at [(15)](sarif:/runs/0/results/57/codeFlows/0/threadFlows/0/locations/14)
#  478|   		    /* Use sudoRole in place of file name in defaults. */
#  479|   		    size_t slen = sizeof("sudoRole ") - 1 + strlen(priv->ldap_role);
#  480|-> 		    if ((source = sudo_rcstr_alloc(slen)) == NULL)
#  481|   			goto oom;
#  482|   		    if ((size_t)snprintf(source, slen + 1, "sudoRole %s", priv->ldap_role) != slen) {

Error: GCC_ANALYZER_WARNING (CWE-401): [#def336]
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:480:35: warning[-Wanalyzer-malloc-leak]: leak of 'priv'
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:368:17: acquire_memory: allocated here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:368:8: branch_false: following 'false' branch (when 'priv' is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:370:5: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:375:8: branch_false: following 'false' branch...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:378:9: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:378:8: branch_false: following 'false' branch...
 branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:385:16: branch_false: following 'false' branch...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:394:9: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:394:9: branch_false: following 'false' branch...
 branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:400:12: branch_true: following 'true' branch...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:401:24: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:406:12: branch_false: following 'false' branch (when 'cmndspec' is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:408:18: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:408:12: branch_false: following 'false' branch (when 'm' is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:412:18: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:412:12: branch_false: following 'false' branch (when 'c' is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:417:9: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:421:12: branch_true: following 'true' branch...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:422:13: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:433:12: branch_false: following 'false' branch (when 'prev_cmndspec' is NULL)...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:452:16: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:452:16: branch_false: following 'false' branch (when 'runasusers' is NULL)...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:460:16: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:460:16: branch_false: following 'false' branch (when 'runasgroups' is NULL)...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:468:16: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:474:16: branch_true: following 'true' branch...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:477:20: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:477:20: branch_true: following 'true' branch (when 'store_options != 0')...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:479:68: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:480:35: danger: 'priv' leaks here; was allocated at [(1)](sarif:/runs/0/results/58/codeFlows/0/threadFlows/0/locations/0)
#  478|   		    /* Use sudoRole in place of file name in defaults. */
#  479|   		    size_t slen = sizeof("sudoRole ") - 1 + strlen(priv->ldap_role);
#  480|-> 		    if ((source = sudo_rcstr_alloc(slen)) == NULL)
#  481|   			goto oom;
#  482|   		    if ((size_t)snprintf(source, slen + 1, "sudoRole %s", priv->ldap_role) != slen) {

Error: GCC_ANALYZER_WARNING (CWE-401): [#def337]
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:483:25: warning[-Wanalyzer-malloc-leak]: leak of 'c'
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:368:8: branch_false: following 'false' branch (when 'priv' is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:370:5: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:375:8: branch_false: following 'false' branch...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:378:9: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:378:8: branch_false: following 'false' branch...
 branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:385:16: branch_false: following 'false' branch...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:394:9: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:394:9: branch_false: following 'false' branch...
 branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:400:12: branch_true: following 'true' branch...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:401:24: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:406:12: branch_false: following 'false' branch (when 'cmndspec' is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:408:18: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:408:12: branch_false: following 'false' branch (when 'm' is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:412:18: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:412:18: acquire_memory: allocated here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:412:12: branch_false: following 'false' branch (when 'c' is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:417:9: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:421:12: branch_true: following 'true' branch...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:422:13: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:433:12: branch_false: following 'false' branch (when 'prev_cmndspec' is NULL)...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:452:16: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:452:16: branch_false: following 'false' branch (when 'runasusers' is NULL)...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:460:16: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:460:16: branch_false: following 'false' branch (when 'runasgroups' is NULL)...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:468:16: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:474:16: branch_true: following 'true' branch...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:477:20: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:477:20: branch_true: following 'true' branch (when 'store_options != 0')...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:479:68: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:480:24: branch_false: following 'false' branch...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:482:33: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:482:24: branch_true: following 'true' branch...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:483:25: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:483:25: danger: 'c' leaks here; was allocated at [(17)](sarif:/runs/0/results/62/codeFlows/0/threadFlows/0/locations/16)
#  481|   			goto oom;
#  482|   		    if ((size_t)snprintf(source, slen + 1, "sudoRole %s", priv->ldap_role) != slen) {
#  483|-> 			sudo_warnx(U_("internal error, %s overflow"), __func__);
#  484|   			sudo_rcstr_delref(source);
#  485|   			goto bad;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def338]
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:483:25: warning[-Wanalyzer-malloc-leak]: leak of 'cmndspec'
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:368:8: branch_false: following 'false' branch (when 'priv' is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:370:5: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:375:8: branch_false: following 'false' branch...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:378:9: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:378:8: branch_false: following 'false' branch...
 branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:385:16: branch_false: following 'false' branch...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:394:9: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:394:9: branch_false: following 'false' branch...
 branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:400:12: branch_true: following 'true' branch...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:401:24: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:406:25: acquire_memory: allocated here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:406:12: branch_false: following 'false' branch (when 'cmndspec' is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:408:18: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:408:12: branch_false: following 'false' branch (when 'm' is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:412:18: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:412:12: branch_false: following 'false' branch (when 'c' is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:417:9: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:421:12: branch_true: following 'true' branch...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:422:13: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:433:12: branch_false: following 'false' branch (when 'prev_cmndspec' is NULL)...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:452:16: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:452:16: branch_false: following 'false' branch (when 'runasusers' is NULL)...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:460:16: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:460:16: branch_false: following 'false' branch (when 'runasgroups' is NULL)...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:468:16: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:474:16: branch_true: following 'true' branch...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:477:20: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:477:20: branch_true: following 'true' branch (when 'store_options != 0')...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:479:68: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:480:24: branch_false: following 'false' branch...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:482:33: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:482:24: branch_true: following 'true' branch...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:483:25: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:483:25: danger: 'cmndspec' leaks here; was allocated at [(13)](sarif:/runs/0/results/61/codeFlows/0/threadFlows/0/locations/12)
#  481|   			goto oom;
#  482|   		    if ((size_t)snprintf(source, slen + 1, "sudoRole %s", priv->ldap_role) != slen) {
#  483|-> 			sudo_warnx(U_("internal error, %s overflow"), __func__);
#  484|   			sudo_rcstr_delref(source);
#  485|   			goto bad;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def339]
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:483:25: warning[-Wanalyzer-malloc-leak]: leak of 'm'
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:368:8: branch_false: following 'false' branch (when 'priv' is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:370:5: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:375:8: branch_false: following 'false' branch...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:378:9: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:378:8: branch_false: following 'false' branch...
 branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:385:16: branch_false: following 'false' branch...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:394:9: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:394:9: branch_false: following 'false' branch...
 branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:400:12: branch_true: following 'true' branch...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:401:24: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:406:12: branch_false: following 'false' branch (when 'cmndspec' is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:408:18: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:408:18: acquire_memory: allocated here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:408:12: branch_false: following 'false' branch (when 'm' is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:412:18: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:412:12: branch_false: following 'false' branch (when 'c' is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:417:9: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:421:12: branch_true: following 'true' branch...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:422:13: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:433:12: branch_false: following 'false' branch (when 'prev_cmndspec' is NULL)...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:452:16: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:452:16: branch_false: following 'false' branch (when 'runasusers' is NULL)...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:460:16: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:460:16: branch_false: following 'false' branch (when 'runasgroups' is NULL)...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:468:16: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:474:16: branch_true: following 'true' branch...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:477:20: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:477:20: branch_true: following 'true' branch (when 'store_options != 0')...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:479:68: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:480:24: branch_false: following 'false' branch...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:482:33: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:482:24: branch_true: following 'true' branch...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:483:25: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:483:25: danger: 'm' leaks here; was allocated at [(15)](sarif:/runs/0/results/60/codeFlows/0/threadFlows/0/locations/14)
#  481|   			goto oom;
#  482|   		    if ((size_t)snprintf(source, slen + 1, "sudoRole %s", priv->ldap_role) != slen) {
#  483|-> 			sudo_warnx(U_("internal error, %s overflow"), __func__);
#  484|   			sudo_rcstr_delref(source);
#  485|   			goto bad;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def340]
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:483:25: warning[-Wanalyzer-malloc-leak]: leak of 'priv'
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:368:17: acquire_memory: allocated here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:368:8: branch_false: following 'false' branch (when 'priv' is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:370:5: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:375:8: branch_false: following 'false' branch...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:378:9: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:378:8: branch_false: following 'false' branch...
 branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:385:16: branch_false: following 'false' branch...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:394:9: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:394:9: branch_false: following 'false' branch...
 branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:400:12: branch_true: following 'true' branch...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:401:24: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:406:12: branch_false: following 'false' branch (when 'cmndspec' is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:408:18: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:408:12: branch_false: following 'false' branch (when 'm' is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:412:18: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:412:12: branch_false: following 'false' branch (when 'c' is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:417:9: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:421:12: branch_true: following 'true' branch...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:422:13: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:433:12: branch_false: following 'false' branch (when 'prev_cmndspec' is NULL)...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:452:16: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:452:16: branch_false: following 'false' branch (when 'runasusers' is NULL)...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:460:16: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:460:16: branch_false: following 'false' branch (when 'runasgroups' is NULL)...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:468:16: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:474:16: branch_true: following 'true' branch...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:477:20: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:477:20: branch_true: following 'true' branch (when 'store_options != 0')...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:479:68: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:480:24: branch_false: following 'false' branch...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:482:33: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:482:24: branch_true: following 'true' branch...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:483:25: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:483:25: danger: 'priv' leaks here; was allocated at [(1)](sarif:/runs/0/results/63/codeFlows/0/threadFlows/0/locations/0)
#  481|   			goto oom;
#  482|   		    if ((size_t)snprintf(source, slen + 1, "sudoRole %s", priv->ldap_role) != slen) {
#  483|-> 			sudo_warnx(U_("internal error, %s overflow"), __func__);
#  484|   			sudo_rcstr_delref(source);
#  485|   			goto bad;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def341]
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:484:25: warning[-Wanalyzer-malloc-leak]: leak of 'c'
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:368:8: branch_false: following 'false' branch (when 'priv' is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:370:5: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:375:8: branch_false: following 'false' branch...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:378:9: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:378:8: branch_false: following 'false' branch...
 branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:385:16: branch_false: following 'false' branch...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:394:9: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:394:9: branch_false: following 'false' branch...
 branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:400:12: branch_true: following 'true' branch...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:401:24: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:406:12: branch_false: following 'false' branch (when 'cmndspec' is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:408:18: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:408:12: branch_false: following 'false' branch (when 'm' is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:412:18: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:412:18: acquire_memory: allocated here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:412:12: branch_false: following 'false' branch (when 'c' is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:417:9: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:421:12: branch_true: following 'true' branch...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:422:13: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:433:12: branch_false: following 'false' branch (when 'prev_cmndspec' is NULL)...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:452:16: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:452:16: branch_false: following 'false' branch (when 'runasusers' is NULL)...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:460:16: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:460:16: branch_false: following 'false' branch (when 'runasgroups' is NULL)...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:468:16: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:474:16: branch_true: following 'true' branch...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:477:20: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:477:20: branch_true: following 'true' branch (when 'store_options != 0')...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:479:68: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:480:24: branch_false: following 'false' branch...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:482:33: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:482:24: branch_true: following 'true' branch...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:483:25: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:484:25: danger: 'c' leaks here; was allocated at [(17)](sarif:/runs/0/results/76/codeFlows/0/threadFlows/0/locations/16)
#  482|   		    if ((size_t)snprintf(source, slen + 1, "sudoRole %s", priv->ldap_role) != slen) {
#  483|   			sudo_warnx(U_("internal error, %s overflow"), __func__);
#  484|-> 			sudo_rcstr_delref(source);
#  485|   			goto bad;
#  486|   		    }

Error: GCC_ANALYZER_WARNING (CWE-401): [#def342]
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:484:25: warning[-Wanalyzer-malloc-leak]: leak of 'cmndspec'
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:368:8: branch_false: following 'false' branch (when 'priv' is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:370:5: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:375:8: branch_false: following 'false' branch...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:378:9: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:378:8: branch_false: following 'false' branch...
 branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:385:16: branch_false: following 'false' branch...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:394:9: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:394:9: branch_false: following 'false' branch...
 branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:400:12: branch_true: following 'true' branch...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:401:24: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:406:25: acquire_memory: allocated here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:406:12: branch_false: following 'false' branch (when 'cmndspec' is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:408:18: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:408:12: branch_false: following 'false' branch (when 'm' is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:412:18: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:412:12: branch_false: following 'false' branch (when 'c' is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:417:9: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:421:12: branch_true: following 'true' branch...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:422:13: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:433:12: branch_false: following 'false' branch (when 'prev_cmndspec' is NULL)...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:452:16: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:452:16: branch_false: following 'false' branch (when 'runasusers' is NULL)...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:460:16: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:460:16: branch_false: following 'false' branch (when 'runasgroups' is NULL)...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:468:16: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:474:16: branch_true: following 'true' branch...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:477:20: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:477:20: branch_true: following 'true' branch (when 'store_options != 0')...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:479:68: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:480:24: branch_false: following 'false' branch...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:482:33: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:482:24: branch_true: following 'true' branch...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:483:25: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:484:25: danger: 'cmndspec' leaks here; was allocated at [(13)](sarif:/runs/0/results/77/codeFlows/0/threadFlows/0/locations/12)
#  482|   		    if ((size_t)snprintf(source, slen + 1, "sudoRole %s", priv->ldap_role) != slen) {
#  483|   			sudo_warnx(U_("internal error, %s overflow"), __func__);
#  484|-> 			sudo_rcstr_delref(source);
#  485|   			goto bad;
#  486|   		    }

Error: GCC_ANALYZER_WARNING (CWE-401): [#def343]
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:484:25: warning[-Wanalyzer-malloc-leak]: leak of 'm'
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:368:8: branch_false: following 'false' branch (when 'priv' is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:370:5: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:375:8: branch_false: following 'false' branch...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:378:9: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:378:8: branch_false: following 'false' branch...
 branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:385:16: branch_false: following 'false' branch...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:394:9: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:394:9: branch_false: following 'false' branch...
 branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:400:12: branch_true: following 'true' branch...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:401:24: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:406:12: branch_false: following 'false' branch (when 'cmndspec' is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:408:18: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:408:18: acquire_memory: allocated here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:408:12: branch_false: following 'false' branch (when 'm' is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:412:18: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:412:12: branch_false: following 'false' branch (when 'c' is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:417:9: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:421:12: branch_true: following 'true' branch...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:422:13: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:433:12: branch_false: following 'false' branch (when 'prev_cmndspec' is NULL)...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:452:16: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:452:16: branch_false: following 'false' branch (when 'runasusers' is NULL)...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:460:16: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:460:16: branch_false: following 'false' branch (when 'runasgroups' is NULL)...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:468:16: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:474:16: branch_true: following 'true' branch...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:477:20: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:477:20: branch_true: following 'true' branch (when 'store_options != 0')...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:479:68: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:480:24: branch_false: following 'false' branch...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:482:33: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:482:24: branch_true: following 'true' branch...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:483:25: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:484:25: danger: 'm' leaks here; was allocated at [(15)](sarif:/runs/0/results/79/codeFlows/0/threadFlows/0/locations/14)
#  482|   		    if ((size_t)snprintf(source, slen + 1, "sudoRole %s", priv->ldap_role) != slen) {
#  483|   			sudo_warnx(U_("internal error, %s overflow"), __func__);
#  484|-> 			sudo_rcstr_delref(source);
#  485|   			goto bad;
#  486|   		    }

Error: GCC_ANALYZER_WARNING (CWE-401): [#def344]
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:484:25: warning[-Wanalyzer-malloc-leak]: leak of 'priv'
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:368:17: acquire_memory: allocated here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:368:8: branch_false: following 'false' branch (when 'priv' is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:370:5: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:375:8: branch_false: following 'false' branch...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:378:9: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:378:8: branch_false: following 'false' branch...
 branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:385:16: branch_false: following 'false' branch...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:394:9: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:394:9: branch_false: following 'false' branch...
 branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:400:12: branch_true: following 'true' branch...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:401:24: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:406:12: branch_false: following 'false' branch (when 'cmndspec' is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:408:18: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:408:12: branch_false: following 'false' branch (when 'm' is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:412:18: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:412:12: branch_false: following 'false' branch (when 'c' is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:417:9: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:421:12: branch_true: following 'true' branch...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:422:13: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:433:12: branch_false: following 'false' branch (when 'prev_cmndspec' is NULL)...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:452:16: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:452:16: branch_false: following 'false' branch (when 'runasusers' is NULL)...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:460:16: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:460:16: branch_false: following 'false' branch (when 'runasgroups' is NULL)...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:468:16: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:474:16: branch_true: following 'true' branch...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:477:20: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:477:20: branch_true: following 'true' branch (when 'store_options != 0')...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:479:68: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:480:24: branch_false: following 'false' branch...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:482:33: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:482:24: branch_true: following 'true' branch...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:483:25: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:484:25: danger: 'priv' leaks here; was allocated at [(1)](sarif:/runs/0/results/78/codeFlows/0/threadFlows/0/locations/0)
#  482|   		    if ((size_t)snprintf(source, slen + 1, "sudoRole %s", priv->ldap_role) != slen) {
#  483|   			sudo_warnx(U_("internal error, %s overflow"), __func__);
#  484|-> 			sudo_rcstr_delref(source);
#  485|   			goto bad;
#  486|   		    }

Error: GCC_ANALYZER_WARNING (CWE-401): [#def345]
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:489:31: warning[-Wanalyzer-malloc-leak]: leak of '<unknown>'
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:368:8: branch_false: following 'false' branch (when 'priv' is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:370:5: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:374:23: acquire_memory: allocated here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:375:8: branch_false: following 'false' branch...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:378:9: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:378:8: branch_false: following 'false' branch...
 branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:385:16: branch_false: following 'false' branch...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:394:9: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:394:9: branch_false: following 'false' branch...
 branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:400:12: branch_true: following 'true' branch...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:401:24: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:406:12: branch_false: following 'false' branch (when 'cmndspec' is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:408:18: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:408:12: branch_false: following 'false' branch (when 'm' is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:412:18: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:412:12: branch_false: following 'false' branch (when 'c' is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:417:9: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:421:12: branch_true: following 'true' branch...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:422:13: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:433:12: branch_false: following 'false' branch (when 'prev_cmndspec' is NULL)...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:452:16: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:452:16: branch_false: following 'false' branch (when 'runasusers' is NULL)...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:460:16: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:460:16: branch_false: following 'false' branch (when 'runasgroups' is NULL)...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:468:16: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:474:16: branch_true: following 'true' branch...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:477:20: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:477:20: branch_false: following 'false' branch (when 'store_options == 0')...
 branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:489:31: danger: '<unknown>' leaks here; was allocated at [(3)](sarif:/runs/0/results/82/codeFlows/0/threadFlows/0/locations/2)
#  487|   		}
#  488|   
#  489|-> 		while ((opt = iter(&opts)) != NULL) {
#  490|   		    char *var, *val;
#  491|   		    int op;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def346]
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:489:31: warning[-Wanalyzer-malloc-leak]: leak of 'c'
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:368:8: branch_false: following 'false' branch (when 'priv' is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:370:5: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:375:8: branch_false: following 'false' branch...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:378:9: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:378:8: branch_false: following 'false' branch...
 branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:385:16: branch_false: following 'false' branch...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:394:9: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:394:9: branch_false: following 'false' branch...
 branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:400:12: branch_true: following 'true' branch...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:401:24: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:406:12: branch_false: following 'false' branch (when 'cmndspec' is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:408:18: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:408:12: branch_false: following 'false' branch (when 'm' is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:412:18: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:412:18: acquire_memory: allocated here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:412:12: branch_false: following 'false' branch (when 'c' is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:417:9: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:421:12: branch_true: following 'true' branch...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:422:13: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:433:12: branch_false: following 'false' branch (when 'prev_cmndspec' is NULL)...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:452:16: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:452:16: branch_false: following 'false' branch (when 'runasusers' is NULL)...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:460:16: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:460:16: branch_false: following 'false' branch (when 'runasgroups' is NULL)...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:468:16: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:474:16: branch_true: following 'true' branch...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:477:20: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:477:20: branch_false: following 'false' branch (when 'store_options == 0')...
 branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:489:31: danger: 'c' leaks here; was allocated at [(17)](sarif:/runs/0/results/80/codeFlows/0/threadFlows/0/locations/16)
#  487|   		}
#  488|   
#  489|-> 		while ((opt = iter(&opts)) != NULL) {
#  490|   		    char *var, *val;
#  491|   		    int op;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def347]
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:489:31: warning[-Wanalyzer-malloc-leak]: leak of 'cmndspec'
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:368:8: branch_false: following 'false' branch (when 'priv' is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:370:5: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:375:8: branch_false: following 'false' branch...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:378:9: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:378:8: branch_false: following 'false' branch...
 branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:385:16: branch_false: following 'false' branch...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:394:9: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:394:9: branch_false: following 'false' branch...
 branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:400:12: branch_true: following 'true' branch...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:401:24: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:406:25: acquire_memory: allocated here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:406:12: branch_false: following 'false' branch (when 'cmndspec' is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:408:18: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:408:12: branch_false: following 'false' branch (when 'm' is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:412:18: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:412:12: branch_false: following 'false' branch (when 'c' is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:417:9: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:421:12: branch_true: following 'true' branch...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:422:13: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:433:12: branch_false: following 'false' branch (when 'prev_cmndspec' is NULL)...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:452:16: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:452:16: branch_false: following 'false' branch (when 'runasusers' is NULL)...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:460:16: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:460:16: branch_false: following 'false' branch (when 'runasgroups' is NULL)...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:468:16: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:474:16: branch_true: following 'true' branch...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:477:20: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:477:20: branch_false: following 'false' branch (when 'store_options == 0')...
 branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:489:31: danger: 'cmndspec' leaks here; was allocated at [(13)](sarif:/runs/0/results/83/codeFlows/0/threadFlows/0/locations/12)
#  487|   		}
#  488|   
#  489|-> 		while ((opt = iter(&opts)) != NULL) {
#  490|   		    char *var, *val;
#  491|   		    int op;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def348]
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:489:31: warning[-Wanalyzer-malloc-leak]: leak of 'm'
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:368:8: branch_false: following 'false' branch (when 'priv' is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:370:5: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:375:8: branch_false: following 'false' branch...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:378:9: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:378:8: branch_false: following 'false' branch...
 branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:385:16: branch_false: following 'false' branch...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:394:9: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:394:9: branch_false: following 'false' branch...
 branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:400:12: branch_true: following 'true' branch...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:401:24: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:406:12: branch_false: following 'false' branch (when 'cmndspec' is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:408:18: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:408:18: acquire_memory: allocated here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:408:12: branch_false: following 'false' branch (when 'm' is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:412:18: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:412:12: branch_false: following 'false' branch (when 'c' is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:417:9: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:421:12: branch_true: following 'true' branch...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:422:13: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:433:12: branch_false: following 'false' branch (when 'prev_cmndspec' is NULL)...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:452:16: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:452:16: branch_false: following 'false' branch (when 'runasusers' is NULL)...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:460:16: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:460:16: branch_false: following 'false' branch (when 'runasgroups' is NULL)...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:468:16: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:474:16: branch_true: following 'true' branch...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:477:20: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:477:20: branch_false: following 'false' branch (when 'store_options == 0')...
 branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:489:31: danger: 'm' leaks here; was allocated at [(15)](sarif:/runs/0/results/81/codeFlows/0/threadFlows/0/locations/14)
#  487|   		}
#  488|   
#  489|-> 		while ((opt = iter(&opts)) != NULL) {
#  490|   		    char *var, *val;
#  491|   		    int op;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def349]
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:489:31: warning[-Wanalyzer-malloc-leak]: leak of 'priv'
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:368:17: acquire_memory: allocated here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:368:8: branch_false: following 'false' branch (when 'priv' is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:370:5: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:375:8: branch_false: following 'false' branch...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:378:9: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:378:8: branch_false: following 'false' branch...
 branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:385:16: branch_false: following 'false' branch...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:394:9: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:394:9: branch_false: following 'false' branch...
 branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:400:12: branch_true: following 'true' branch...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:401:24: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:406:12: branch_false: following 'false' branch (when 'cmndspec' is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:408:18: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:408:12: branch_false: following 'false' branch (when 'm' is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:412:18: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:412:12: branch_false: following 'false' branch (when 'c' is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:417:9: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:421:12: branch_true: following 'true' branch...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:422:13: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:433:12: branch_false: following 'false' branch (when 'prev_cmndspec' is NULL)...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:452:16: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:452:16: branch_false: following 'false' branch (when 'runasusers' is NULL)...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:460:16: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:460:16: branch_false: following 'false' branch (when 'runasgroups' is NULL)...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:468:16: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:474:16: branch_true: following 'true' branch...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:477:20: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:477:20: branch_false: following 'false' branch (when 'store_options == 0')...
 branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:489:31: danger: 'priv' leaks here; was allocated at [(1)](sarif:/runs/0/results/84/codeFlows/0/threadFlows/0/locations/0)
#  487|   		}
#  488|   
#  489|-> 		while ((opt = iter(&opts)) != NULL) {
#  490|   		    char *var, *val;
#  491|   		    int op;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def350]
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:578:17: warning[-Wanalyzer-malloc-leak]: leak of '<unknown>'
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:368:8: branch_false: following 'false' branch (when 'priv' is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:370:5: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:374:23: acquire_memory: allocated here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:375:8: branch_false: following 'false' branch...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:378:9: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:378:8: branch_false: following 'false' branch...
 branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:385:16: branch_false: following 'false' branch...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:394:9: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:394:9: branch_false: following 'false' branch...
 branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:400:12: branch_true: following 'true' branch...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:401:24: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:406:12: branch_false: following 'false' branch (when 'cmndspec' is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:408:18: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:408:12: branch_false: following 'false' branch (when 'm' is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:412:18: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:412:12: branch_false: following 'false' branch (when 'c' is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:417:9: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:421:12: branch_true: following 'true' branch...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:422:13: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:433:12: branch_false: following 'false' branch (when 'prev_cmndspec' is NULL)...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:452:16: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:452:16: branch_false: following 'false' branch (when 'runasusers' is NULL)...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:460:16: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:460:16: branch_false: following 'false' branch (when 'runasgroups' is NULL)...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:468:16: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:474:16: branch_true: following 'true' branch...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:477:20: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:477:20: branch_false: following 'false' branch (when 'store_options == 0')...
 branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:489:24: branch_false: following 'false' branch...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:578:17: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:578:17: danger: '<unknown>' leaks here; was allocated at [(3)](sarif:/runs/0/results/89/codeFlows/0/threadFlows/0/locations/2)
#  576|   		    }
#  577|   		}
#  578|-> 		sudo_rcstr_delref(source);
#  579|   		if (opt != NULL) {
#  580|   		    /* Defer oom until we drop the ref on source. */

Error: GCC_ANALYZER_WARNING (CWE-401): [#def351]
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:578:17: warning[-Wanalyzer-malloc-leak]: leak of 'c'
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:368:8: branch_false: following 'false' branch (when 'priv' is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:370:5: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:375:8: branch_false: following 'false' branch...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:378:9: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:378:8: branch_false: following 'false' branch...
 branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:385:16: branch_false: following 'false' branch...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:394:9: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:394:9: branch_false: following 'false' branch...
 branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:400:12: branch_true: following 'true' branch...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:401:24: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:406:12: branch_false: following 'false' branch (when 'cmndspec' is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:408:18: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:408:12: branch_false: following 'false' branch (when 'm' is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:412:18: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:412:18: acquire_memory: allocated here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:412:12: branch_false: following 'false' branch (when 'c' is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:417:9: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:421:12: branch_true: following 'true' branch...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:422:13: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:433:12: branch_false: following 'false' branch (when 'prev_cmndspec' is NULL)...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:452:16: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:452:16: branch_false: following 'false' branch (when 'runasusers' is NULL)...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:460:16: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:460:16: branch_false: following 'false' branch (when 'runasgroups' is NULL)...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:468:16: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:474:16: branch_true: following 'true' branch...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:477:20: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:477:20: branch_false: following 'false' branch (when 'store_options == 0')...
 branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:489:24: branch_false: following 'false' branch...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:578:17: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:578:17: danger: 'c' leaks here; was allocated at [(17)](sarif:/runs/0/results/85/codeFlows/0/threadFlows/0/locations/16)
#  576|   		    }
#  577|   		}
#  578|-> 		sudo_rcstr_delref(source);
#  579|   		if (opt != NULL) {
#  580|   		    /* Defer oom until we drop the ref on source. */

Error: GCC_ANALYZER_WARNING (CWE-401): [#def352]
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:578:17: warning[-Wanalyzer-malloc-leak]: leak of 'cmndspec'
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:368:8: branch_false: following 'false' branch (when 'priv' is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:370:5: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:375:8: branch_false: following 'false' branch...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:378:9: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:378:8: branch_false: following 'false' branch...
 branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:385:16: branch_false: following 'false' branch...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:394:9: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:394:9: branch_false: following 'false' branch...
 branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:400:12: branch_true: following 'true' branch...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:401:24: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:406:25: acquire_memory: allocated here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:406:12: branch_false: following 'false' branch (when 'cmndspec' is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:408:18: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:408:12: branch_false: following 'false' branch (when 'm' is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:412:18: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:412:12: branch_false: following 'false' branch (when 'c' is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:417:9: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:421:12: branch_true: following 'true' branch...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:422:13: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:433:12: branch_false: following 'false' branch (when 'prev_cmndspec' is NULL)...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:452:16: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:452:16: branch_false: following 'false' branch (when 'runasusers' is NULL)...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:460:16: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:460:16: branch_false: following 'false' branch (when 'runasgroups' is NULL)...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:468:16: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:474:16: branch_true: following 'true' branch...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:477:20: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:477:20: branch_false: following 'false' branch (when 'store_options == 0')...
 branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:489:24: branch_false: following 'false' branch...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:578:17: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:578:17: danger: 'cmndspec' leaks here; was allocated at [(13)](sarif:/runs/0/results/86/codeFlows/0/threadFlows/0/locations/12)
#  576|   		    }
#  577|   		}
#  578|-> 		sudo_rcstr_delref(source);
#  579|   		if (opt != NULL) {
#  580|   		    /* Defer oom until we drop the ref on source. */

Error: GCC_ANALYZER_WARNING (CWE-401): [#def353]
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:578:17: warning[-Wanalyzer-malloc-leak]: leak of 'm'
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:368:8: branch_false: following 'false' branch (when 'priv' is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:370:5: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:375:8: branch_false: following 'false' branch...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:378:9: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:378:8: branch_false: following 'false' branch...
 branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:385:16: branch_false: following 'false' branch...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:394:9: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:394:9: branch_false: following 'false' branch...
 branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:400:12: branch_true: following 'true' branch...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:401:24: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:406:12: branch_false: following 'false' branch (when 'cmndspec' is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:408:18: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:408:18: acquire_memory: allocated here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:408:12: branch_false: following 'false' branch (when 'm' is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:412:18: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:412:12: branch_false: following 'false' branch (when 'c' is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:417:9: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:421:12: branch_true: following 'true' branch...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:422:13: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:433:12: branch_false: following 'false' branch (when 'prev_cmndspec' is NULL)...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:452:16: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:452:16: branch_false: following 'false' branch (when 'runasusers' is NULL)...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:460:16: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:460:16: branch_false: following 'false' branch (when 'runasgroups' is NULL)...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:468:16: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:474:16: branch_true: following 'true' branch...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:477:20: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:477:20: branch_false: following 'false' branch (when 'store_options == 0')...
 branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:489:24: branch_false: following 'false' branch...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:578:17: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:578:17: danger: 'm' leaks here; was allocated at [(15)](sarif:/runs/0/results/88/codeFlows/0/threadFlows/0/locations/14)
#  576|   		    }
#  577|   		}
#  578|-> 		sudo_rcstr_delref(source);
#  579|   		if (opt != NULL) {
#  580|   		    /* Defer oom until we drop the ref on source. */

Error: GCC_ANALYZER_WARNING (CWE-401): [#def354]
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:578:17: warning[-Wanalyzer-malloc-leak]: leak of 'priv'
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:368:17: acquire_memory: allocated here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:368:8: branch_false: following 'false' branch (when 'priv' is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:370:5: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:375:8: branch_false: following 'false' branch...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:378:9: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:378:8: branch_false: following 'false' branch...
 branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:385:16: branch_false: following 'false' branch...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:394:9: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:394:9: branch_false: following 'false' branch...
 branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:400:12: branch_true: following 'true' branch...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:401:24: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:406:12: branch_false: following 'false' branch (when 'cmndspec' is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:408:18: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:408:12: branch_false: following 'false' branch (when 'm' is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:412:18: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:412:12: branch_false: following 'false' branch (when 'c' is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:417:9: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:421:12: branch_true: following 'true' branch...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:422:13: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:433:12: branch_false: following 'false' branch (when 'prev_cmndspec' is NULL)...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:452:16: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:452:16: branch_false: following 'false' branch (when 'runasusers' is NULL)...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:460:16: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:460:16: branch_false: following 'false' branch (when 'runasgroups' is NULL)...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:468:16: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:474:16: branch_true: following 'true' branch...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:477:20: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:477:20: branch_false: following 'false' branch (when 'store_options == 0')...
 branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:489:24: branch_false: following 'false' branch...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:578:17: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:578:17: danger: 'priv' leaks here; was allocated at [(1)](sarif:/runs/0/results/87/codeFlows/0/threadFlows/0/locations/0)
#  576|   		    }
#  577|   		}
#  578|-> 		sudo_rcstr_delref(source);
#  579|   		if (opt != NULL) {
#  580|   		    /* Defer oom until we drop the ref on source. */

Error: GCC_ANALYZER_WARNING (CWE-401): [#def355]
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:612:5: warning[-Wanalyzer-malloc-leak]: leak of '<unknown>'
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:368:8: branch_false: following 'false' branch (when 'priv' is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:370:5: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:374:23: acquire_memory: allocated here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:375:8: branch_false: following 'false' branch...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:378:9: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:378:8: branch_false: following 'false' branch...
 branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:385:16: branch_false: following 'false' branch...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:394:9: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:394:9: branch_false: following 'false' branch...
 branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:400:12: branch_false: following 'false' branch...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:610:5: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:610:5: branch_false: following 'false' branch...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:612:5: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:612:5: danger: '<unknown>' leaks here; was allocated at [(3)](sarif:/runs/0/results/91/codeFlows/0/threadFlows/0/locations/2)
#  610|       TAILQ_CONCAT(&priv->cmndlist, &negated_cmnds, entries);
#  611|   
#  612|->     debug_return_ptr(priv);
#  613|   
#  614|   oom:

Error: GCC_ANALYZER_WARNING (CWE-401): [#def356]
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:612:5: warning[-Wanalyzer-malloc-leak]: leak of 'priv'
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:368:17: acquire_memory: allocated here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:368:8: branch_false: following 'false' branch (when 'priv' is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:370:5: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:375:8: branch_false: following 'false' branch...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:378:9: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:378:8: branch_false: following 'false' branch...
 branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:385:16: branch_false: following 'false' branch...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:394:9: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:394:9: branch_false: following 'false' branch...
 branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:400:12: branch_false: following 'false' branch...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:610:5: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:610:5: branch_false: following 'false' branch...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:612:5: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:612:5: danger: 'priv' leaks here; was allocated at [(1)](sarif:/runs/0/results/90/codeFlows/0/threadFlows/0/locations/0)
#  610|       TAILQ_CONCAT(&priv->cmndlist, &negated_cmnds, entries);
#  611|   
#  612|->     debug_return_ptr(priv);
#  613|   
#  614|   oom:

Error: GCC_ANALYZER_WARNING (CWE-401): [#def357]
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:615:5: warning[-Wanalyzer-malloc-leak]: leak of '<unknown>'
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:368:8: branch_false: following 'false' branch (when 'priv' is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:370:5: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:374:23: acquire_memory: allocated here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:375:8: branch_false: following 'false' branch...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:378:9: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:378:8: branch_false: following 'false' branch...
 branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:385:16: branch_false: following 'false' branch...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:394:9: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:394:9: branch_false: following 'false' branch...
 branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:400:12: branch_true: following 'true' branch...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:401:24: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:615:5: danger: '<unknown>' leaks here; was allocated at [(3)](sarif:/runs/0/results/92/codeFlows/0/threadFlows/0/locations/2)
#  613|   
#  614|   oom:
#  615|->     sudo_warnx(U_("%s: %s"), __func__, U_("unable to allocate memory"));
#  616|   bad:
#  617|       if (priv != NULL) {

Error: GCC_ANALYZER_WARNING (CWE-401): [#def358]
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:615:5: warning[-Wanalyzer-malloc-leak]: leak of 'priv'
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:368:17: acquire_memory: allocated here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:368:8: branch_false: following 'false' branch (when 'priv' is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:370:5: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:375:8: branch_true: following 'true' branch...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:376:9: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:615:5: danger: 'priv' leaks here; was allocated at [(1)](sarif:/runs/0/results/93/codeFlows/0/threadFlows/0/locations/0)
#  613|   
#  614|   oom:
#  615|->     sudo_warnx(U_("%s: %s"), __func__, U_("unable to allocate memory"));
#  616|   bad:
#  617|       if (priv != NULL) {

Error: GCC_ANALYZER_WARNING (CWE-401): [#def359]
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:620:9: warning[-Wanalyzer-malloc-leak]: leak of '<unknown>'
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:368:8: branch_false: following 'false' branch (when 'priv' is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:370:5: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:374:23: acquire_memory: allocated here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:375:8: branch_false: following 'false' branch...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:378:9: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:378:8: branch_false: following 'false' branch...
 branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:385:16: branch_false: following 'false' branch...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:394:9: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:394:9: branch_false: following 'false' branch...
 branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:400:12: branch_true: following 'true' branch...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:401:24: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:617:8: branch_true: following 'true' branch (when 'priv' is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:618:9: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:618:9: branch_false: following 'false' branch...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:619:9: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:619:9: branch_false: following 'false' branch...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:620:9: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:620:9: danger: '<unknown>' leaks here; was allocated at [(3)](sarif:/runs/0/results/105/codeFlows/0/threadFlows/0/locations/2)
#  618|   	TAILQ_CONCAT(&priv->hostlist, &negated_hosts, entries);
#  619|   	TAILQ_CONCAT(&priv->cmndlist, &negated_cmnds, entries);
#  620|-> 	free_privilege(priv);
#  621|       }
#  622|       debug_return_ptr(NULL);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def360]
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:620:9: warning[-Wanalyzer-malloc-leak]: leak of 'priv'
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:368:17: acquire_memory: allocated here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:368:8: branch_false: following 'false' branch (when 'priv' is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:370:5: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:375:8: branch_true: following 'true' branch...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:376:9: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:617:8: branch_true: following 'true' branch (when 'priv' is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:618:9: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:618:9: branch_false: following 'false' branch...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:619:9: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:619:9: branch_false: following 'false' branch...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:620:9: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:620:9: danger: 'priv' leaks here; was allocated at [(1)](sarif:/runs/0/results/104/codeFlows/0/threadFlows/0/locations/0)
#  618|   	TAILQ_CONCAT(&priv->hostlist, &negated_hosts, entries);
#  619|   	TAILQ_CONCAT(&priv->cmndlist, &negated_cmnds, entries);
#  620|-> 	free_privilege(priv);
#  621|       }
#  622|       debug_return_ptr(NULL);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def361]
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:630:5: warning[-Wanalyzer-malloc-leak]: leak of '<unknown>'
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:355:1: enter_function: entry to 'sudo_ldap_role_to_priv'
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:368:8: branch_false: following 'false' branch (when 'priv' is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:370:5: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:374:23: acquire_memory: allocated here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:375:8: branch_false: following 'false' branch...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:378:9: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:378:8: branch_true: following 'true' branch...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:380:18: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:380:18: call_function: calling 'sudo_ldap_new_member_all' from 'sudo_ldap_role_to_priv'
#  628|   {
#  629|       struct member *m;
#  630|->     debug_decl(sudo_ldap_new_member_all, SUDOERS_DEBUG_LDAP);
#  631|   
#  632|       if ((m = calloc(1, sizeof(*m))) != NULL)

Error: GCC_ANALYZER_WARNING (CWE-401): [#def362]
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:630:5: warning[-Wanalyzer-malloc-leak]: leak of 'priv'
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:355:1: enter_function: entry to 'sudo_ldap_role_to_priv'
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:368:17: acquire_memory: allocated here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:368:8: branch_false: following 'false' branch (when 'priv' is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:370:5: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:375:8: branch_false: following 'false' branch...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:378:9: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:378:8: branch_true: following 'true' branch...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:380:18: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:380:18: call_function: calling 'sudo_ldap_new_member_all' from 'sudo_ldap_role_to_priv'
#  628|   {
#  629|       struct member *m;
#  630|->     debug_decl(sudo_ldap_new_member_all, SUDOERS_DEBUG_LDAP);
#  631|   
#  632|       if ((m = calloc(1, sizeof(*m))) != NULL)

Error: GCC_ANALYZER_WARNING (CWE-401): [#def363]
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:634:5: warning[-Wanalyzer-malloc-leak]: leak of '<unknown>'
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:355:1: enter_function: entry to 'sudo_ldap_role_to_priv'
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:368:8: branch_false: following 'false' branch (when 'priv' is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:370:5: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:374:23: acquire_memory: allocated here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:375:8: branch_false: following 'false' branch...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:378:9: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:378:8: branch_true: following 'true' branch...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:380:18: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:380:18: call_function: calling 'sudo_ldap_new_member_all' from 'sudo_ldap_role_to_priv'
#  632|       if ((m = calloc(1, sizeof(*m))) != NULL)
#  633|   	m->type = ALL;
#  634|->     debug_return_ptr(m);
#  635|   }
#  636|   

Error: GCC_ANALYZER_WARNING (CWE-401): [#def364]
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:634:5: warning[-Wanalyzer-malloc-leak]: leak of 'm'
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:632:14: acquire_memory: allocated here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:632:8: branch_true: following 'true' branch (when 'm' is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:633:9: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:634:5: danger: 'm' leaks here; was allocated at [(1)](sarif:/runs/0/results/108/codeFlows/0/threadFlows/0/locations/0)
#  632|       if ((m = calloc(1, sizeof(*m))) != NULL)
#  633|   	m->type = ALL;
#  634|->     debug_return_ptr(m);
#  635|   }
#  636|   

Error: GCC_ANALYZER_WARNING (CWE-401): [#def365]
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:634:5: warning[-Wanalyzer-malloc-leak]: leak of 'priv'
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:355:1: enter_function: entry to 'sudo_ldap_role_to_priv'
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:368:17: acquire_memory: allocated here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:368:8: branch_false: following 'false' branch (when 'priv' is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:370:5: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:375:8: branch_false: following 'false' branch...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:378:9: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:378:8: branch_true: following 'true' branch...
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:380:18: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/ldap_util.c:380:18: call_function: calling 'sudo_ldap_new_member_all' from 'sudo_ldap_role_to_priv'
#  632|       if ((m = calloc(1, sizeof(*m))) != NULL)
#  633|   	m->type = ALL;
#  634|->     debug_return_ptr(m);
#  635|   }
#  636|   

Error: GCC_ANALYZER_WARNING (CWE-401): [#def366]
sudo-1.9.17p2/plugins/sudoers/log_client.c:654:5: warning[-Wanalyzer-malloc-leak]: leak of '<unknown>'
sudo-1.9.17p2/plugins/sudoers/log_client.c:1981:1: enter_function: entry to 'client_closure_alloc'
sudo-1.9.17p2/plugins/sudoers/log_client.c:1987:8: branch_false: following 'false' branch...
sudo-1.9.17p2/plugins/sudoers/log_client.c:1993:20: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/log_client.c:1993:8: branch_false: following 'false' branch (when 'closure' is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/log_client.c:1996:5: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/log_client.c:2002:8: branch_true: following 'true' branch (when 'start_time' is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/log_client.c:2003:38: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/log_client.c:2011:30: acquire_memory: allocated here
sudo-1.9.17p2/plugins/sudoers/log_client.c:2012:8: branch_false: following 'false' branch...
sudo-1.9.17p2/plugins/sudoers/log_client.c:2015:29: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/log_client.c:2015:8: branch_true: following 'true' branch...
sudo-1.9.17p2/plugins/sudoers/log_client.c:2016:9: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/log_client.c:2026:5: call_function: calling 'client_closure_free' from 'client_closure_alloc'
#  652|   {
#  653|       struct connection_buffer *buf;
#  654|->     debug_decl(client_closure_free, SUDOERS_DEBUG_UTIL);
#  655|   
#  656|       if (closure == NULL)

Error: GCC_ANALYZER_WARNING (CWE-401): [#def367]
sudo-1.9.17p2/plugins/sudoers/log_client.c:654:5: warning[-Wanalyzer-malloc-leak]: leak of 'closure'
sudo-1.9.17p2/plugins/sudoers/log_client.c:1981:1: enter_function: entry to 'client_closure_alloc'
sudo-1.9.17p2/plugins/sudoers/log_client.c:1987:8: branch_false: following 'false' branch...
sudo-1.9.17p2/plugins/sudoers/log_client.c:1993:20: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/log_client.c:1993:20: acquire_memory: allocated here
sudo-1.9.17p2/plugins/sudoers/log_client.c:1993:8: branch_false: following 'false' branch (when 'closure' is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/log_client.c:1996:5: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/log_client.c:2002:8: branch_true: following 'true' branch (when 'start_time' is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/log_client.c:2003:38: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/log_client.c:2012:8: branch_false: following 'false' branch...
sudo-1.9.17p2/plugins/sudoers/log_client.c:2015:29: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/log_client.c:2015:8: branch_true: following 'true' branch...
sudo-1.9.17p2/plugins/sudoers/log_client.c:2016:9: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/log_client.c:2026:5: call_function: calling 'client_closure_free' from 'client_closure_alloc'
#  652|   {
#  653|       struct connection_buffer *buf;
#  654|->     debug_decl(client_closure_free, SUDOERS_DEBUG_UTIL);
#  655|   
#  656|       if (closure == NULL)

Error: GCC_ANALYZER_WARNING (CWE-401): [#def368]
sudo-1.9.17p2/plugins/sudoers/log_client.c:666:5: warning[-Wanalyzer-malloc-leak]: leak of '<unknown>'
sudo-1.9.17p2/plugins/sudoers/log_client.c:1981:1: enter_function: entry to 'client_closure_alloc'
sudo-1.9.17p2/plugins/sudoers/log_client.c:1987:8: branch_false: following 'false' branch...
sudo-1.9.17p2/plugins/sudoers/log_client.c:1993:20: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/log_client.c:1993:8: branch_false: following 'false' branch (when 'closure' is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/log_client.c:1996:5: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/log_client.c:2002:8: branch_true: following 'true' branch (when 'start_time' is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/log_client.c:2003:38: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/log_client.c:2011:30: acquire_memory: allocated here
sudo-1.9.17p2/plugins/sudoers/log_client.c:2012:8: branch_false: following 'false' branch...
sudo-1.9.17p2/plugins/sudoers/log_client.c:2015:29: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/log_client.c:2015:8: branch_true: following 'true' branch...
sudo-1.9.17p2/plugins/sudoers/log_client.c:2016:9: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/log_client.c:2026:5: call_function: calling 'client_closure_free' from 'client_closure_alloc'
#  664|   	SSL_free(closure->ssl);
#  665|       }
#  666|->     SSL_CTX_free(closure->ssl_ctx);
#  667|   #endif
#  668|   

Error: GCC_ANALYZER_WARNING (CWE-401): [#def369]
sudo-1.9.17p2/plugins/sudoers/log_client.c:666:5: warning[-Wanalyzer-malloc-leak]: leak of 'closure'
sudo-1.9.17p2/plugins/sudoers/log_client.c:1981:1: enter_function: entry to 'client_closure_alloc'
sudo-1.9.17p2/plugins/sudoers/log_client.c:1987:8: branch_false: following 'false' branch...
sudo-1.9.17p2/plugins/sudoers/log_client.c:1993:20: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/log_client.c:1993:20: acquire_memory: allocated here
sudo-1.9.17p2/plugins/sudoers/log_client.c:1993:8: branch_false: following 'false' branch (when 'closure' is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/log_client.c:1996:5: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/log_client.c:2002:8: branch_true: following 'true' branch (when 'start_time' is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/log_client.c:2003:38: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/log_client.c:2012:8: branch_false: following 'false' branch...
sudo-1.9.17p2/plugins/sudoers/log_client.c:2015:29: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/log_client.c:2015:8: branch_true: following 'true' branch...
sudo-1.9.17p2/plugins/sudoers/log_client.c:2016:9: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/log_client.c:2026:5: call_function: calling 'client_closure_free' from 'client_closure_alloc'
#  664|   	SSL_free(closure->ssl);
#  665|       }
#  666|->     SSL_CTX_free(closure->ssl_ctx);
#  667|   #endif
#  668|   

Error: GCC_ANALYZER_WARNING (CWE-401): [#def370]
sudo-1.9.17p2/plugins/sudoers/log_client.c:685:9: warning[-Wanalyzer-malloc-leak]: leak of '<unknown>'
sudo-1.9.17p2/plugins/sudoers/log_client.c:1981:1: enter_function: entry to 'client_closure_alloc'
sudo-1.9.17p2/plugins/sudoers/log_client.c:1987:8: branch_false: following 'false' branch...
sudo-1.9.17p2/plugins/sudoers/log_client.c:1993:20: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/log_client.c:1993:8: branch_false: following 'false' branch (when 'closure' is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/log_client.c:1996:5: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/log_client.c:2002:8: branch_true: following 'true' branch (when 'start_time' is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/log_client.c:2003:38: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/log_client.c:2011:30: acquire_memory: allocated here
sudo-1.9.17p2/plugins/sudoers/log_client.c:2012:8: branch_false: following 'false' branch...
sudo-1.9.17p2/plugins/sudoers/log_client.c:2015:29: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/log_client.c:2015:8: branch_false: following 'false' branch...
sudo-1.9.17p2/plugins/sudoers/log_client.c:2018:30: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/log_client.c:2018:8: branch_true: following 'true' branch...
sudo-1.9.17p2/plugins/sudoers/log_client.c:2019:9: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/log_client.c:2026:5: call_function: calling 'client_closure_free' from 'client_closure_alloc'
#  683|       }
#  684|       if (closure->read_ev != NULL)
#  685|-> 	closure->read_ev->free(closure->read_ev);
#  686|       if (closure->write_ev != NULL)
#  687|   	closure->write_ev->free(closure->write_ev);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def371]
sudo-1.9.17p2/plugins/sudoers/log_client.c:685:9: warning[-Wanalyzer-malloc-leak]: leak of 'closure'
sudo-1.9.17p2/plugins/sudoers/log_client.c:1981:1: enter_function: entry to 'client_closure_alloc'
sudo-1.9.17p2/plugins/sudoers/log_client.c:1987:8: branch_false: following 'false' branch...
sudo-1.9.17p2/plugins/sudoers/log_client.c:1993:20: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/log_client.c:1993:20: acquire_memory: allocated here
sudo-1.9.17p2/plugins/sudoers/log_client.c:1993:8: branch_false: following 'false' branch (when 'closure' is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/log_client.c:1996:5: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/log_client.c:2002:8: branch_true: following 'true' branch (when 'start_time' is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/log_client.c:2003:38: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/log_client.c:2012:8: branch_false: following 'false' branch...
sudo-1.9.17p2/plugins/sudoers/log_client.c:2015:29: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/log_client.c:2015:8: branch_false: following 'false' branch...
sudo-1.9.17p2/plugins/sudoers/log_client.c:2018:30: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/log_client.c:2018:8: branch_true: following 'true' branch...
sudo-1.9.17p2/plugins/sudoers/log_client.c:2019:9: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/log_client.c:2026:5: call_function: calling 'client_closure_free' from 'client_closure_alloc'
#  683|       }
#  684|       if (closure->read_ev != NULL)
#  685|-> 	closure->read_ev->free(closure->read_ev);
#  686|       if (closure->write_ev != NULL)
#  687|   	closure->write_ev->free(closure->write_ev);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def372]
sudo-1.9.17p2/plugins/sudoers/log_client.c:708:5: warning[-Wanalyzer-malloc-leak]: leak of 'buf'
sudo-1.9.17p2/plugins/sudoers/log_client.c:1350:1: enter_function: entry to 'fmt_suspend'
sudo-1.9.17p2/plugins/sudoers/log_client.c:1370:10: call_function: calling 'fmt_client_message' from 'fmt_suspend'
#  706|   	buf = calloc(1, sizeof(*buf));
#  707|   
#  708|->     debug_return_ptr(buf);
#  709|   }
#  710|   

Error: GCC_ANALYZER_WARNING (CWE-401): [#def373]
sudo-1.9.17p2/plugins/sudoers/log_client.c:839:9: warning[-Wanalyzer-malloc-leak]: leak of 'submitenv'
sudo-1.9.17p2/plugins/sudoers/log_client.c:836:8: branch_true: following 'true' branch...
sudo-1.9.17p2/plugins/sudoers/log_client.c:837:26: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/log_client.c:837:26: acquire_memory: allocated here
sudo-1.9.17p2/plugins/sudoers/log_client.c:837:12: branch_false: following 'false' branch (when 'submitenv' is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/log_client.c:839:9: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/log_client.c:839:9: danger: 'submitenv' leaks here; was allocated at [(3)](sarif:/runs/0/results/7/codeFlows/0/threadFlows/0/locations/2)
#  837|   	if ((submitenv = malloc(sizeof(*submitenv))) == NULL)
#  838|   	    goto bad;
#  839|-> 	info_message__string_list__init(submitenv);
#  840|   	submitenv->strings = evlog->submitenv;
#  841|   	while (submitenv->strings[submitenv->n_strings] != NULL)

Error: GCC_ANALYZER_WARNING (CWE-401): [#def374]
sudo-1.9.17p2/plugins/sudoers/log_client.c:848:9: warning[-Wanalyzer-malloc-leak]: leak of 'runargv'
sudo-1.9.17p2/plugins/sudoers/log_client.c:836:8: branch_false: following 'false' branch...
sudo-1.9.17p2/plugins/sudoers/log_client.c:845:9: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/log_client.c:845:8: branch_true: following 'true' branch...
sudo-1.9.17p2/plugins/sudoers/log_client.c:846:24: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/log_client.c:846:24: acquire_memory: allocated here
sudo-1.9.17p2/plugins/sudoers/log_client.c:846:12: branch_false: following 'false' branch (when 'runargv' is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/log_client.c:848:9: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/log_client.c:848:9: danger: 'runargv' leaks here; was allocated at [(5)](sarif:/runs/0/results/8/codeFlows/0/threadFlows/0/locations/4)
#  846|   	if ((runargv = malloc(sizeof(*runargv))) == NULL)
#  847|   	    goto bad;
#  848|-> 	info_message__string_list__init(runargv);
#  849|   	runargv->strings = evlog->runargv;
#  850|   	while (runargv->strings[runargv->n_strings] != NULL)

Error: GCC_ANALYZER_WARNING (CWE-401): [#def375]
sudo-1.9.17p2/plugins/sudoers/log_client.c:857:9: warning[-Wanalyzer-malloc-leak]: leak of 'runenv'
sudo-1.9.17p2/plugins/sudoers/log_client.c:836:8: branch_false: following 'false' branch...
sudo-1.9.17p2/plugins/sudoers/log_client.c:845:9: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/log_client.c:845:8: branch_false: following 'false' branch...
sudo-1.9.17p2/plugins/sudoers/log_client.c:854:9: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/log_client.c:854:8: branch_true: following 'true' branch...
sudo-1.9.17p2/plugins/sudoers/log_client.c:855:23: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/log_client.c:855:23: acquire_memory: allocated here
sudo-1.9.17p2/plugins/sudoers/log_client.c:855:12: branch_false: following 'false' branch (when 'runenv' is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/log_client.c:857:9: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/log_client.c:857:9: danger: 'runenv' leaks here; was allocated at [(7)](sarif:/runs/0/results/9/codeFlows/0/threadFlows/0/locations/6)
#  855|   	if ((runenv = malloc(sizeof(*runenv))) == NULL)
#  856|   	    goto bad;
#  857|-> 	info_message__string_list__init(runenv);
#  858|   	runenv->strings = evlog->runenv;
#  859|   	while (runenv->strings[runenv->n_strings] != NULL)

Error: GCC_ANALYZER_WARNING (CWE-401): [#def376]
sudo-1.9.17p2/plugins/sudoers/log_client.c:872:9: warning[-Wanalyzer-malloc-leak]: leak of '<unknown>'
sudo-1.9.17p2/plugins/sudoers/log_client.c:836:8: branch_false: following 'false' branch...
sudo-1.9.17p2/plugins/sudoers/log_client.c:845:9: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/log_client.c:845:8: branch_false: following 'false' branch...
sudo-1.9.17p2/plugins/sudoers/log_client.c:854:9: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/log_client.c:854:8: branch_true: following 'true' branch...
sudo-1.9.17p2/plugins/sudoers/log_client.c:855:23: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/log_client.c:855:12: branch_false: following 'false' branch (when 'runenv' is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/log_client.c:857:9: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/log_client.c:866:8: branch_false: following 'false' branch (when 'info_msgs' is non-NULL)...
 branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/log_client.c:868:17: branch_true: following 'true' branch (when 'n != 24')...
sudo-1.9.17p2/plugins/sudoers/log_client.c:869:18: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/log_client.c:869:24: acquire_memory: allocated here
sudo-1.9.17p2/plugins/sudoers/log_client.c:870:12: branch_false: following 'false' branch...
sudo-1.9.17p2/plugins/sudoers/log_client.c:872:9: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/log_client.c:872:9: danger: '<unknown>' leaks here; was allocated at [(13)](sarif:/runs/0/results/11/codeFlows/0/threadFlows/0/locations/12)
#  870|   	if (info_msgs[n] == NULL)
#  871|   	    goto bad;
#  872|-> 	info_message__init(info_msgs[n]);
#  873|       }
#  874|   

Error: GCC_ANALYZER_WARNING (CWE-401): [#def377]
sudo-1.9.17p2/plugins/sudoers/log_client.c:872:9: warning[-Wanalyzer-malloc-leak]: leak of 'info_msgs'
sudo-1.9.17p2/plugins/sudoers/log_client.c:836:8: branch_false: following 'false' branch...
sudo-1.9.17p2/plugins/sudoers/log_client.c:845:9: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/log_client.c:845:8: branch_false: following 'false' branch...
sudo-1.9.17p2/plugins/sudoers/log_client.c:854:9: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/log_client.c:854:8: branch_true: following 'true' branch...
sudo-1.9.17p2/plugins/sudoers/log_client.c:855:23: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/log_client.c:855:12: branch_false: following 'false' branch (when 'runenv' is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/log_client.c:857:9: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/log_client.c:865:17: acquire_memory: allocated here
sudo-1.9.17p2/plugins/sudoers/log_client.c:866:8: branch_false: following 'false' branch (when 'info_msgs' is non-NULL)...
 branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/log_client.c:868:17: branch_true: following 'true' branch (when 'n != 24')...
sudo-1.9.17p2/plugins/sudoers/log_client.c:869:18: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/log_client.c:870:12: branch_false: following 'false' branch...
sudo-1.9.17p2/plugins/sudoers/log_client.c:872:9: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/log_client.c:872:9: danger: 'info_msgs' leaks here; was allocated at [(9)](sarif:/runs/0/results/10/codeFlows/0/threadFlows/0/locations/8)
#  870|   	if (info_msgs[n] == NULL)
#  871|   	    goto bad;
#  872|-> 	info_message__init(info_msgs[n]);
#  873|       }
#  874|   

Error: GCC_ANALYZER_WARNING (CWE-401): [#def378]
sudo-1.9.17p2/plugins/sudoers/log_client.c:2015:29: warning[-Wanalyzer-malloc-leak]: leak of '<unknown>'
sudo-1.9.17p2/plugins/sudoers/log_client.c:1987:8: branch_false: following 'false' branch...
sudo-1.9.17p2/plugins/sudoers/log_client.c:1993:20: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/log_client.c:1993:8: branch_false: following 'false' branch (when 'closure' is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/log_client.c:1996:5: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/log_client.c:2002:8: branch_false: following 'false' branch (when 'start_time' is NULL)...
sudo-1.9.17p2/plugins/sudoers/log_client.c:2007:5: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/log_client.c:2011:30: acquire_memory: allocated here
sudo-1.9.17p2/plugins/sudoers/log_client.c:2012:8: branch_false: following 'false' branch...
sudo-1.9.17p2/plugins/sudoers/log_client.c:2015:29: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/log_client.c:2015:29: danger: '<unknown>' leaks here; was allocated at [(7)](sarif:/runs/0/results/12/codeFlows/0/threadFlows/0/locations/6)
# 2013|   	goto oom;
# 2014|   
# 2015|->     if ((closure->read_ev = plugin_event_alloc()) == NULL)
# 2016|   	goto oom;
# 2017|   

Error: GCC_ANALYZER_WARNING (CWE-401): [#def379]
sudo-1.9.17p2/plugins/sudoers/log_client.c:2015:29: warning[-Wanalyzer-malloc-leak]: leak of 'closure'
sudo-1.9.17p2/plugins/sudoers/log_client.c:1987:8: branch_false: following 'false' branch...
sudo-1.9.17p2/plugins/sudoers/log_client.c:1993:20: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/log_client.c:1993:20: acquire_memory: allocated here
sudo-1.9.17p2/plugins/sudoers/log_client.c:1993:8: branch_false: following 'false' branch (when 'closure' is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/log_client.c:1996:5: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/log_client.c:2002:8: branch_false: following 'false' branch (when 'start_time' is NULL)...
sudo-1.9.17p2/plugins/sudoers/log_client.c:2007:5: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/log_client.c:2012:8: branch_false: following 'false' branch...
sudo-1.9.17p2/plugins/sudoers/log_client.c:2015:29: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/log_client.c:2015:29: danger: 'closure' leaks here; was allocated at [(3)](sarif:/runs/0/results/13/codeFlows/0/threadFlows/0/locations/2)
# 2013|   	goto oom;
# 2014|   
# 2015|->     if ((closure->read_ev = plugin_event_alloc()) == NULL)
# 2016|   	goto oom;
# 2017|   

Error: GCC_ANALYZER_WARNING (CWE-401): [#def380]
sudo-1.9.17p2/plugins/sudoers/log_client.c:2018:30: warning[-Wanalyzer-malloc-leak]: leak of '<unknown>'
sudo-1.9.17p2/plugins/sudoers/log_client.c:1987:8: branch_false: following 'false' branch...
sudo-1.9.17p2/plugins/sudoers/log_client.c:1993:20: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/log_client.c:1993:8: branch_false: following 'false' branch (when 'closure' is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/log_client.c:1996:5: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/log_client.c:2002:8: branch_false: following 'false' branch (when 'start_time' is NULL)...
sudo-1.9.17p2/plugins/sudoers/log_client.c:2007:5: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/log_client.c:2011:30: acquire_memory: allocated here
sudo-1.9.17p2/plugins/sudoers/log_client.c:2012:8: branch_false: following 'false' branch...
sudo-1.9.17p2/plugins/sudoers/log_client.c:2015:29: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/log_client.c:2015:8: branch_false: following 'false' branch...
sudo-1.9.17p2/plugins/sudoers/log_client.c:2018:30: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/log_client.c:2018:30: danger: '<unknown>' leaks here; was allocated at [(7)](sarif:/runs/0/results/15/codeFlows/0/threadFlows/0/locations/6)
# 2016|   	goto oom;
# 2017|   
# 2018|->     if ((closure->write_ev = plugin_event_alloc()) == NULL)
# 2019|   	goto oom;
# 2020|   

Error: GCC_ANALYZER_WARNING (CWE-401): [#def381]
sudo-1.9.17p2/plugins/sudoers/log_client.c:2018:30: warning[-Wanalyzer-malloc-leak]: leak of 'closure'
sudo-1.9.17p2/plugins/sudoers/log_client.c:1987:8: branch_false: following 'false' branch...
sudo-1.9.17p2/plugins/sudoers/log_client.c:1993:20: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/log_client.c:1993:20: acquire_memory: allocated here
sudo-1.9.17p2/plugins/sudoers/log_client.c:1993:8: branch_false: following 'false' branch (when 'closure' is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/log_client.c:1996:5: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/log_client.c:2002:8: branch_false: following 'false' branch (when 'start_time' is NULL)...
sudo-1.9.17p2/plugins/sudoers/log_client.c:2007:5: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/log_client.c:2012:8: branch_false: following 'false' branch...
sudo-1.9.17p2/plugins/sudoers/log_client.c:2015:29: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/log_client.c:2015:8: branch_false: following 'false' branch...
sudo-1.9.17p2/plugins/sudoers/log_client.c:2018:30: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/log_client.c:2018:30: danger: 'closure' leaks here; was allocated at [(3)](sarif:/runs/0/results/14/codeFlows/0/threadFlows/0/locations/2)
# 2016|   	goto oom;
# 2017|   
# 2018|->     if ((closure->write_ev = plugin_event_alloc()) == NULL)
# 2019|   	goto oom;
# 2020|   

Error: GCC_ANALYZER_WARNING (CWE-401): [#def382]
sudo-1.9.17p2/plugins/sudoers/log_client.c:2023:5: warning[-Wanalyzer-malloc-leak]: leak of '<unknown>'
sudo-1.9.17p2/plugins/sudoers/log_client.c:1987:8: branch_false: following 'false' branch...
sudo-1.9.17p2/plugins/sudoers/log_client.c:1993:20: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/log_client.c:1993:8: branch_false: following 'false' branch (when 'closure' is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/log_client.c:1996:5: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/log_client.c:2002:8: branch_false: following 'false' branch (when 'start_time' is NULL)...
sudo-1.9.17p2/plugins/sudoers/log_client.c:2007:5: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/log_client.c:2011:30: acquire_memory: allocated here
sudo-1.9.17p2/plugins/sudoers/log_client.c:2012:8: branch_false: following 'false' branch...
sudo-1.9.17p2/plugins/sudoers/log_client.c:2015:29: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/log_client.c:2015:8: branch_false: following 'false' branch...
sudo-1.9.17p2/plugins/sudoers/log_client.c:2018:30: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/log_client.c:2018:8: branch_false: following 'false' branch...
sudo-1.9.17p2/plugins/sudoers/log_client.c:2021:5: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/log_client.c:2023:5: danger: '<unknown>' leaks here; was allocated at [(7)](sarif:/runs/0/results/17/codeFlows/0/threadFlows/0/locations/6)
# 2021|       closure->log_details = details;
# 2022|   
# 2023|->     debug_return_ptr(closure);
# 2024|   oom:
# 2025|       sudo_warnx(U_("%s: %s"), __func__, U_("unable to allocate memory"));

Error: GCC_ANALYZER_WARNING (CWE-401): [#def383]
sudo-1.9.17p2/plugins/sudoers/log_client.c:2023:5: warning[-Wanalyzer-malloc-leak]: leak of 'closure'
sudo-1.9.17p2/plugins/sudoers/log_client.c:1987:8: branch_false: following 'false' branch...
sudo-1.9.17p2/plugins/sudoers/log_client.c:1993:20: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/log_client.c:1993:20: acquire_memory: allocated here
sudo-1.9.17p2/plugins/sudoers/log_client.c:1993:8: branch_false: following 'false' branch (when 'closure' is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/log_client.c:1996:5: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/log_client.c:2002:8: branch_false: following 'false' branch (when 'start_time' is NULL)...
sudo-1.9.17p2/plugins/sudoers/log_client.c:2007:5: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/log_client.c:2012:8: branch_false: following 'false' branch...
sudo-1.9.17p2/plugins/sudoers/log_client.c:2015:29: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/log_client.c:2015:8: branch_false: following 'false' branch...
sudo-1.9.17p2/plugins/sudoers/log_client.c:2018:30: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/log_client.c:2018:8: branch_false: following 'false' branch...
sudo-1.9.17p2/plugins/sudoers/log_client.c:2021:5: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/log_client.c:2023:5: danger: 'closure' leaks here; was allocated at [(3)](sarif:/runs/0/results/16/codeFlows/0/threadFlows/0/locations/2)
# 2021|       closure->log_details = details;
# 2022|   
# 2023|->     debug_return_ptr(closure);
# 2024|   oom:
# 2025|       sudo_warnx(U_("%s: %s"), __func__, U_("unable to allocate memory"));

Error: GCC_ANALYZER_WARNING (CWE-401): [#def384]
sudo-1.9.17p2/plugins/sudoers/log_client.c:2025:5: warning[-Wanalyzer-malloc-leak]: leak of '<unknown>'
sudo-1.9.17p2/plugins/sudoers/log_client.c:1987:8: branch_false: following 'false' branch...
sudo-1.9.17p2/plugins/sudoers/log_client.c:1993:20: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/log_client.c:1993:8: branch_false: following 'false' branch (when 'closure' is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/log_client.c:1996:5: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/log_client.c:2002:8: branch_true: following 'true' branch (when 'start_time' is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/log_client.c:2003:38: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/log_client.c:2011:30: acquire_memory: allocated here
sudo-1.9.17p2/plugins/sudoers/log_client.c:2012:8: branch_false: following 'false' branch...
sudo-1.9.17p2/plugins/sudoers/log_client.c:2015:29: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/log_client.c:2015:8: branch_true: following 'true' branch...
sudo-1.9.17p2/plugins/sudoers/log_client.c:2016:9: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/log_client.c:2025:5: danger: '<unknown>' leaks here; was allocated at [(7)](sarif:/runs/0/results/18/codeFlows/0/threadFlows/0/locations/6)
# 2023|       debug_return_ptr(closure);
# 2024|   oom:
# 2025|->     sudo_warnx(U_("%s: %s"), __func__, U_("unable to allocate memory"));
# 2026|       client_closure_free(closure);
# 2027|       debug_return_ptr(NULL);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def385]
sudo-1.9.17p2/plugins/sudoers/log_client.c:2025:5: warning[-Wanalyzer-malloc-leak]: leak of 'closure'
sudo-1.9.17p2/plugins/sudoers/log_client.c:1987:8: branch_false: following 'false' branch...
sudo-1.9.17p2/plugins/sudoers/log_client.c:1993:20: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/log_client.c:1993:20: acquire_memory: allocated here
sudo-1.9.17p2/plugins/sudoers/log_client.c:1993:8: branch_false: following 'false' branch (when 'closure' is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/log_client.c:1996:5: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/log_client.c:2002:8: branch_true: following 'true' branch (when 'start_time' is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/log_client.c:2003:38: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/log_client.c:2012:8: branch_true: following 'true' branch...
sudo-1.9.17p2/plugins/sudoers/log_client.c:2013:9: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/log_client.c:2025:5: danger: 'closure' leaks here; was allocated at [(3)](sarif:/runs/0/results/19/codeFlows/0/threadFlows/0/locations/2)
# 2023|       debug_return_ptr(closure);
# 2024|   oom:
# 2025|->     sudo_warnx(U_("%s: %s"), __func__, U_("unable to allocate memory"));
# 2026|       client_closure_free(closure);
# 2027|       debug_return_ptr(NULL);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def386]
sudo-1.9.17p2/plugins/sudoers/logging.c:691:5: warning[-Wanalyzer-malloc-leak]: leak of 'copy'
sudo-1.9.17p2/plugins/sudoers/logging.c:705:1: enter_function: entry to 'vlog_warning'
sudo-1.9.17p2/plugins/sudoers/logging.c:732:8: branch_false: following 'false' branch...
sudo-1.9.17p2/plugins/sudoers/logging.c:738:9: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/logging.c:752:8: branch_false: following 'false' branch...
sudo-1.9.17p2/plugins/sudoers/logging.c:768:8: branch_true: following 'true' branch...
sudo-1.9.17p2/plugins/sudoers/logging.c:772:12: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/logging.c:772:12: branch_false: following 'false' branch (when 'errstr' is NULL)...
sudo-1.9.17p2/plugins/sudoers/logging.c:776:20: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/logging.c:776:20: acquire_memory: allocated here
sudo-1.9.17p2/plugins/sudoers/logging.c:778:12: branch_true: following 'true' branch...
sudo-1.9.17p2/plugins/sudoers/logging.c:780:18: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/logging.c:780:18: call_function: calling 'journal_parse_error' from 'vlog_warning'
#  689|   {
#  690|       struct parse_error *pe;
#  691|->     debug_decl(journal_parse_error, SUDOERS_DEBUG_LOGGING);
#  692|   
#  693|       pe = malloc(sizeof(*pe));

Error: GCC_ANALYZER_WARNING (CWE-404): [#def387]
sudo-1.9.17p2/plugins/sudoers/logging.c:691:5: warning[-Wanalyzer-va-list-leak]: missing call to 'va_end'
sudo-1.9.17p2/plugins/sudoers/logging.c:842:1: enter_function: entry to 'gai_log_warning'
sudo-1.9.17p2/plugins/sudoers/logging.c:851:11: call_function: calling 'vlog_warning' from 'gai_log_warning'
#  689|   {
#  690|       struct parse_error *pe;
#  691|->     debug_decl(journal_parse_error, SUDOERS_DEBUG_LOGGING);
#  692|   
#  693|       pe = malloc(sizeof(*pe));

Error: GCC_ANALYZER_WARNING (CWE-401): [#def388]
sudo-1.9.17p2/plugins/sudoers/logging.c:695:9: warning[-Wanalyzer-malloc-leak]: leak of 'copy'
sudo-1.9.17p2/plugins/sudoers/logging.c:705:1: enter_function: entry to 'vlog_warning'
sudo-1.9.17p2/plugins/sudoers/logging.c:732:8: branch_false: following 'false' branch...
sudo-1.9.17p2/plugins/sudoers/logging.c:738:9: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/logging.c:752:8: branch_false: following 'false' branch...
sudo-1.9.17p2/plugins/sudoers/logging.c:768:8: branch_true: following 'true' branch...
sudo-1.9.17p2/plugins/sudoers/logging.c:772:12: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/logging.c:772:12: branch_false: following 'false' branch (when 'errstr' is NULL)...
sudo-1.9.17p2/plugins/sudoers/logging.c:776:20: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/logging.c:776:20: acquire_memory: allocated here
sudo-1.9.17p2/plugins/sudoers/logging.c:778:12: branch_true: following 'true' branch...
sudo-1.9.17p2/plugins/sudoers/logging.c:780:18: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/logging.c:780:18: call_function: calling 'journal_parse_error' from 'vlog_warning'
#  693|       pe = malloc(sizeof(*pe));
#  694|       if (pe == NULL)
#  695|-> 	debug_return_bool(false);
#  696|       pe->errstr = message;
#  697|       STAILQ_INSERT_TAIL(&parse_error_list, pe, entries);

Error: GCC_ANALYZER_WARNING (CWE-404): [#def389]
sudo-1.9.17p2/plugins/sudoers/logging.c:695:9: warning[-Wanalyzer-va-list-leak]: missing call to 'va_end'
sudo-1.9.17p2/plugins/sudoers/logging.c:842:1: enter_function: entry to 'gai_log_warning'
sudo-1.9.17p2/plugins/sudoers/logging.c:851:11: call_function: calling 'vlog_warning' from 'gai_log_warning'
#  693|       pe = malloc(sizeof(*pe));
#  694|       if (pe == NULL)
#  695|-> 	debug_return_bool(false);
#  696|       pe->errstr = message;
#  697|       STAILQ_INSERT_TAIL(&parse_error_list, pe, entries);

Error: GCC_ANALYZER_WARNING (CWE-404): [#def390]
sudo-1.9.17p2/plugins/sudoers/logging.c:698:5: warning[-Wanalyzer-va-list-leak]: missing call to 'va_end'
sudo-1.9.17p2/plugins/sudoers/logging.c:842:1: enter_function: entry to 'gai_log_warning'
sudo-1.9.17p2/plugins/sudoers/logging.c:851:11: call_function: calling 'vlog_warning' from 'gai_log_warning'
#  696|       pe->errstr = message;
#  697|       STAILQ_INSERT_TAIL(&parse_error_list, pe, entries);
#  698|->     debug_return_bool(true);
#  699|   }
#  700|   

Error: GCC_ANALYZER_WARNING (CWE-404): [#def391]
sudo-1.9.17p2/plugins/sudoers/logging.c:715:5: warning[-Wanalyzer-va-list-leak]: missing call to 'va_end'
sudo-1.9.17p2/plugins/sudoers/logging.c:842:1: enter_function: entry to 'gai_log_warning'
sudo-1.9.17p2/plugins/sudoers/logging.c:850:5: acquire_resource: 'va_start' called here
sudo-1.9.17p2/plugins/sudoers/logging.c:851:11: call_function: calling 'vlog_warning' from 'gai_log_warning'
#  713|       int evl_flags = 0;
#  714|       va_list ap2;
#  715|->     debug_decl(vlog_warning, SUDOERS_DEBUG_LOGGING);
#  716|   
#  717|       /* Do auditing first (audit_failure() handles the locale itself). */

Error: GCC_ANALYZER_WARNING (CWE-404): [#def392]
sudo-1.9.17p2/plugins/sudoers/logging.c:720:9: warning[-Wanalyzer-va-list-leak]: missing call to 'va_end'
sudo-1.9.17p2/plugins/sudoers/logging.c:718:8: branch_true: following 'true' branch...
sudo-1.9.17p2/plugins/sudoers/logging.c:719:9: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/logging.c:719:9: acquire_resource: 'va_copy' called here
sudo-1.9.17p2/plugins/sudoers/logging.c:720:9: danger: missing call to 'va_end' to match 'va_copy' at [(3)](sarif:/runs/0/results/6/codeFlows/0/threadFlows/0/locations/2)
#  718|       if (ISSET(flags, SLOG_AUDIT)) {
#  719|   	va_copy(ap2, ap);
#  720|-> 	vaudit_failure(ctx, ctx->runas.argv, fmt, ap2);
#  721|   	va_end(ap2);
#  722|       }

Error: GCC_ANALYZER_WARNING (CWE-404): [#def393]
sudo-1.9.17p2/plugins/sudoers/logging.c:728:5: warning[-Wanalyzer-va-list-leak]: missing call to 'va_end'
sudo-1.9.17p2/plugins/sudoers/logging.c:725:5: acquire_resource: 'va_copy' called here
sudo-1.9.17p2/plugins/sudoers/logging.c:728:5: danger: missing call to 'va_end' to match 'va_copy' at [(1)](sarif:/runs/0/results/7/codeFlows/0/threadFlows/0/locations/0)
#  726|   
#  727|       /* Log messages should be in the sudoers locale. */
#  728|->     sudoers_setlocale(SUDOERS_LOCALE_SUDOERS, &oldlocale);
#  729|   
#  730|       /* Expand printf-style format + args. */

Error: GCC_ANALYZER_WARNING (CWE-404): [#def394]
sudo-1.9.17p2/plugins/sudoers/logging.c:733:9: warning[-Wanalyzer-va-list-leak]: missing call to 'va_end'
sudo-1.9.17p2/plugins/sudoers/logging.c:842:1: enter_function: entry to 'gai_log_warning'
sudo-1.9.17p2/plugins/sudoers/logging.c:851:11: call_function: calling 'vlog_warning' from 'gai_log_warning'
#  731|       len = vasprintf(&message, _(fmt), ap);
#  732|       if (len == -1) {
#  733|-> 	sudo_warnx(U_("%s: %s"), __func__, U_("unable to allocate memory"));
#  734|   	ret = false;
#  735|   	goto done;

Error: GCC_ANALYZER_WARNING (CWE-404): [#def395]
sudo-1.9.17p2/plugins/sudoers/logging.c:745:9: warning[-Wanalyzer-va-list-leak]: missing call to 'va_end'
sudo-1.9.17p2/plugins/sudoers/logging.c:842:1: enter_function: entry to 'gai_log_warning'
sudo-1.9.17p2/plugins/sudoers/logging.c:851:11: call_function: calling 'vlog_warning' from 'gai_log_warning'
#  743|       /* Log to debug file. */
#  744|       if (errstr != NULL) {
#  745|-> 	sudo_debug_printf2(NULL, NULL, 0,
#  746|   	    SUDO_DEBUG_WARN|sudo_debug_subsys, "%s: %s", message, errstr);
#  747|       } else {

Error: GCC_ANALYZER_WARNING (CWE-404): [#def396]
sudo-1.9.17p2/plugins/sudoers/logging.c:748:9: warning[-Wanalyzer-va-list-leak]: missing call to 'va_end'
sudo-1.9.17p2/plugins/sudoers/logging.c:842:1: enter_function: entry to 'gai_log_warning'
sudo-1.9.17p2/plugins/sudoers/logging.c:851:11: call_function: calling 'vlog_warning' from 'gai_log_warning'
#  746|   	    SUDO_DEBUG_WARN|sudo_debug_subsys, "%s: %s", message, errstr);
#  747|       } else {
#  748|-> 	sudo_debug_printf2(NULL, NULL, 0,
#  749|   	    SUDO_DEBUG_WARN|sudo_debug_subsys, "%s", message);
#  750|       }

Error: GCC_ANALYZER_WARNING (CWE-404): [#def397]
sudo-1.9.17p2/plugins/sudoers/logging.c:762:14: warning[-Wanalyzer-va-list-leak]: missing call to 'va_end'
sudo-1.9.17p2/plugins/sudoers/logging.c:918:1: enter_function: entry to 'log_parse_error'
sudo-1.9.17p2/plugins/sudoers/logging.c:939:8: branch_true: following 'true' branch (when 'line > 0')...
sudo-1.9.17p2/plugins/sudoers/logging.c:940:15: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/logging.c:940:15: call_function: calling 'log_warningx' from 'log_parse_error'
#  760|   	sudoers_to_eventlog(ctx, &evlog, ctx->runas.cmnd, ctx->runas.argv,
#  761|   	    NULL, ctx->uuid_str);
#  762|-> 	if (!eventlog_alert(&evlog, evl_flags, &evlog.event_time, message, errstr))
#  763|   	    ret = false;
#  764|   	if (!log_server_alert(ctx, &evlog, message, errstr))

Error: GCC_ANALYZER_WARNING (CWE-404): [#def398]
sudo-1.9.17p2/plugins/sudoers/logging.c:773:33: warning[-Wanalyzer-va-list-leak]: missing call to 'va_end'
sudo-1.9.17p2/plugins/sudoers/logging.c:842:1: enter_function: entry to 'gai_log_warning'
sudo-1.9.17p2/plugins/sudoers/logging.c:851:11: call_function: calling 'vlog_warning' from 'gai_log_warning'
#  771|   	/* Journal parse error for later mailing. */
#  772|   	if (errstr != NULL) {
#  773|-> 	    if (asprintf(&copy, U_("%s: %s"), message, errstr) == -1)
#  774|   		copy = NULL;
#  775|   	} else {

Error: GCC_ANALYZER_WARNING (CWE-404): [#def399]
sudo-1.9.17p2/plugins/sudoers/logging.c:791:9: warning[-Wanalyzer-va-list-leak]: missing call to 'va_end'
sudo-1.9.17p2/plugins/sudoers/logging.c:842:1: enter_function: entry to 'gai_log_warning'
sudo-1.9.17p2/plugins/sudoers/logging.c:851:11: call_function: calling 'vlog_warning' from 'gai_log_warning'
#  789|        */
#  790|       if (!ISSET(flags, SLOG_NO_STDERR)) {
#  791|-> 	sudoers_setlocale(SUDOERS_LOCALE_USER, NULL);
#  792|   	if (ISSET(flags, SLOG_USE_ERRNO)) {
#  793|   	    errno = errnum;

Error: GCC_ANALYZER_WARNING (CWE-404): [#def400]
sudo-1.9.17p2/plugins/sudoers/logging.c:794:13: warning[-Wanalyzer-va-list-leak]: missing call to 'va_end'
sudo-1.9.17p2/plugins/sudoers/logging.c:842:1: enter_function: entry to 'gai_log_warning'
sudo-1.9.17p2/plugins/sudoers/logging.c:851:11: call_function: calling 'vlog_warning' from 'gai_log_warning'
#  792|   	if (ISSET(flags, SLOG_USE_ERRNO)) {
#  793|   	    errno = errnum;
#  794|-> 	    sudo_vwarn_nodebug(_(fmt), ap2);
#  795|   	} else if (ISSET(flags, SLOG_GAI_ERRNO)) {
#  796|   	    sudo_gai_vwarn_nodebug(errnum, _(fmt), ap2);

Error: GCC_ANALYZER_WARNING (CWE-404): [#def401]
sudo-1.9.17p2/plugins/sudoers/logging.c:796:13: warning[-Wanalyzer-va-list-leak]: missing call to 'va_end'
sudo-1.9.17p2/plugins/sudoers/logging.c:842:1: enter_function: entry to 'gai_log_warning'
sudo-1.9.17p2/plugins/sudoers/logging.c:851:11: call_function: calling 'vlog_warning' from 'gai_log_warning'
#  794|   	    sudo_vwarn_nodebug(_(fmt), ap2);
#  795|   	} else if (ISSET(flags, SLOG_GAI_ERRNO)) {
#  796|-> 	    sudo_gai_vwarn_nodebug(errnum, _(fmt), ap2);
#  797|   	} else {
#  798|   	    sudo_vwarnx_nodebug(_(fmt), ap2);

Error: GCC_ANALYZER_WARNING (CWE-404): [#def402]
sudo-1.9.17p2/plugins/sudoers/logging.c:798:13: warning[-Wanalyzer-va-list-leak]: missing call to 'va_end'
sudo-1.9.17p2/plugins/sudoers/logging.c:842:1: enter_function: entry to 'gai_log_warning'
sudo-1.9.17p2/plugins/sudoers/logging.c:851:11: call_function: calling 'vlog_warning' from 'gai_log_warning'
#  796|   	    sudo_gai_vwarn_nodebug(errnum, _(fmt), ap2);
#  797|   	} else {
#  798|-> 	    sudo_vwarnx_nodebug(_(fmt), ap2);
#  799|   	}
#  800|       }

Error: GCC_ANALYZER_WARNING (CWE-404): [#def403]
sudo-1.9.17p2/plugins/sudoers/logging.c:994:5: warning[-Wanalyzer-va-list-leak]: missing call to 'va_end'
sudo-1.9.17p2/plugins/sudoers/logging.c:918:1: enter_function: entry to 'log_parse_error'
sudo-1.9.17p2/plugins/sudoers/logging.c:939:8: branch_true: following 'true' branch (when 'line > 0')...
sudo-1.9.17p2/plugins/sudoers/logging.c:940:15: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/logging.c:940:15: call_function: calling 'log_warningx' from 'log_parse_error'
#  992|   {
#  993|       struct group *grp;
#  994|->     debug_decl(sudoers_to_eventlog, SUDOERS_DEBUG_LOGGING);
#  995|   
#  996|       /* We rely on the reference held by the group cache. */

Error: GCC_ANALYZER_WARNING (CWE-404): [#def404]
sudo-1.9.17p2/plugins/sudoers/logging.c:997:16: warning[-Wanalyzer-va-list-leak]: missing call to 'va_end'
sudo-1.9.17p2/plugins/sudoers/logging.c:918:1: enter_function: entry to 'log_parse_error'
sudo-1.9.17p2/plugins/sudoers/logging.c:939:8: branch_true: following 'true' branch (when 'line > 0')...
sudo-1.9.17p2/plugins/sudoers/logging.c:940:15: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/logging.c:940:15: call_function: calling 'log_warningx' from 'log_parse_error'
#  995|   
#  996|       /* We rely on the reference held by the group cache. */
#  997|->     if ((grp = sudo_getgrgid(ctx->user.pw->pw_gid)) != NULL)
#  998|   	sudo_gr_delref(grp);
#  999|   

Error: GCC_ANALYZER_WARNING (CWE-404): [#def405]
sudo-1.9.17p2/plugins/sudoers/logging.c:998:9: warning[-Wanalyzer-va-list-leak]: missing call to 'va_end'
sudo-1.9.17p2/plugins/sudoers/logging.c:918:1: enter_function: entry to 'log_parse_error'
sudo-1.9.17p2/plugins/sudoers/logging.c:939:8: branch_true: following 'true' branch (when 'line > 0')...
sudo-1.9.17p2/plugins/sudoers/logging.c:940:15: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/logging.c:940:15: call_function: calling 'log_warningx' from 'log_parse_error'
#  996|       /* We rely on the reference held by the group cache. */
#  997|       if ((grp = sudo_getgrgid(ctx->user.pw->pw_gid)) != NULL)
#  998|-> 	sudo_gr_delref(grp);
#  999|   
# 1000|       memset(evlog, 0, sizeof(*evlog));

Error: GCC_ANALYZER_WARNING (CWE-404): [#def406]
sudo-1.9.17p2/plugins/sudoers/logging.c:1026:9: warning[-Wanalyzer-va-list-leak]: missing call to 'va_end'
sudo-1.9.17p2/plugins/sudoers/logging.c:918:1: enter_function: entry to 'log_parse_error'
sudo-1.9.17p2/plugins/sudoers/logging.c:939:8: branch_true: following 'true' branch (when 'line > 0')...
sudo-1.9.17p2/plugins/sudoers/logging.c:940:15: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/logging.c:940:15: call_function: calling 'log_warningx' from 'log_parse_error'
# 1024|       evlog->runenv = (char **)runenv;
# 1025|       evlog->submitenv = (char **)ctx->user.envp;
# 1026|->     if (sudo_gettime_real(&evlog->event_time) == -1) {
# 1027|   	sudo_warn("%s", U_("unable to get time of day"));
# 1028|       }

Error: GCC_ANALYZER_WARNING (CWE-401): [#def407]
sudo-1.9.17p2/plugins/sudoers/logging.c:1109:5: warning[-Wanalyzer-malloc-leak]: leak of 'fp'
sudo-1.9.17p2/plugins/sudoers/logging.c:1094:16: branch_false: following 'false' branch (when 'fd != -1')...
sudo-1.9.17p2/plugins/sudoers/logging.c:1094:35: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/logging.c:1094:35: acquire_memory: allocated here
sudo-1.9.17p2/plugins/sudoers/logging.c:1094:17: branch_false: following 'false' branch (when 'fp' is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/logging.c:1109:5: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/logging.c:1109:5: danger: 'fp' leaks here; was allocated at [(5)](sarif:/runs/0/results/26/codeFlows/0/threadFlows/0/locations/4)
# 1107|       }
# 1108|   
# 1109|->     debug_return_ptr(fp);
# 1110|   }
# 1111|   

Error: CPPCHECK_WARNING (CWE-457): [#def408]
sudo-1.9.17p2/plugins/sudoers/match.c:310: error[legacyUninitvar]: Uninitialized variable: _user_list
#  308|   {
#  309|       const struct sudoers_context *ctx = parse_tree->ctx;
#  310|->     struct member_list _user_list = TAILQ_HEAD_INITIALIZER(_user_list);
#  311|       int user_matched, group_matched = UNSPEC;
#  312|       struct member m_user;

Error: CPPCHECK_WARNING (CWE-457): [#def409]
sudo-1.9.17p2/plugins/sudoers/match.c:320: error[uninitvar]: Uninitialized variable: &m_user.entries
#  318|   	m_user.type = WORD;
#  319|   	m_user.negated = false;
#  320|-> 	TAILQ_INSERT_HEAD(&_user_list, &m_user, entries);
#  321|   	user_list = &_user_list;
#  322|   	matching_user = NULL;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def410]
sudo-1.9.17p2/plugins/sudoers/match_digest.c:108:31: warning[-Wanalyzer-malloc-leak]: leak of 'sudoers_digest'
sudo-1.9.17p2/plugins/sudoers/match_digest.c:56:8: branch_false: following 'false' branch...
sudo-1.9.17p2/plugins/sudoers/match_digest.c:61:8: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/match_digest.c:82:5: branch_true: following 'true' branch (when 'digest' is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/match_digest.c:84:13: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/match_digest.c:84:12: branch_true: following 'true' branch...
sudo-1.9.17p2/plugins/sudoers/match_digest.c:85:13: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/match_digest.c:94:12: branch_false: following 'false' branch (when 'file_digest' is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/match_digest.c:100:31: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/match_digest.c:100:31: acquire_memory: allocated here
sudo-1.9.17p2/plugins/sudoers/match_digest.c:100:12: branch_false: following 'false' branch (when 'sudoers_digest' is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/match_digest.c:104:20: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/match_digest.c:108:31: danger: 'sudoers_digest' leaks here; was allocated at [(9)](sarif:/runs/0/results/0/codeFlows/0/threadFlows/0/locations/8)
#  106|   	    size_t i;
#  107|   	    for (i = 0; i < digest_len; i++) {
#  108|-> 		const int h = sudo_hexchar(&digest->digest_str[2 * i]);
#  109|   		if (h == -1)
#  110|   		    goto bad_format;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def411]
sudo-1.9.17p2/plugins/sudoers/match_digest.c:115:26: warning[-Wanalyzer-malloc-leak]: leak of 'sudoers_digest'
sudo-1.9.17p2/plugins/sudoers/match_digest.c:56:8: branch_false: following 'false' branch...
sudo-1.9.17p2/plugins/sudoers/match_digest.c:61:8: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/match_digest.c:82:5: branch_true: following 'true' branch (when 'digest' is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/match_digest.c:84:13: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/match_digest.c:84:12: branch_true: following 'true' branch...
sudo-1.9.17p2/plugins/sudoers/match_digest.c:85:13: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/match_digest.c:94:12: branch_false: following 'false' branch (when 'file_digest' is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/match_digest.c:100:31: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/match_digest.c:100:31: acquire_memory: allocated here
sudo-1.9.17p2/plugins/sudoers/match_digest.c:100:12: branch_false: following 'false' branch (when 'sudoers_digest' is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/match_digest.c:104:20: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/match_digest.c:115:26: danger: 'sudoers_digest' leaks here; was allocated at [(9)](sarif:/runs/0/results/1/codeFlows/0/threadFlows/0/locations/8)
#  113|   	} else {
#  114|   	    /* Convert base64 to binary. */
#  115|-> 	    size_t len = base64_decode(digest->digest_str, sudoers_digest, digest_len);
#  116|   	    if (len == (size_t)-1)
#  117|   		goto bad_format;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def412]
sudo-1.9.17p2/plugins/sudoers/match_digest.c:130:9: warning[-Wanalyzer-malloc-leak]: leak of 'sudoers_digest'
sudo-1.9.17p2/plugins/sudoers/match_digest.c:56:8: branch_false: following 'false' branch...
sudo-1.9.17p2/plugins/sudoers/match_digest.c:61:8: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/match_digest.c:82:5: branch_true: following 'true' branch (when 'digest' is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/match_digest.c:84:13: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/match_digest.c:84:12: branch_true: following 'true' branch...
sudo-1.9.17p2/plugins/sudoers/match_digest.c:85:13: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/match_digest.c:94:12: branch_false: following 'false' branch (when 'file_digest' is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/match_digest.c:100:31: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/match_digest.c:100:31: acquire_memory: allocated here
sudo-1.9.17p2/plugins/sudoers/match_digest.c:100:12: branch_false: following 'false' branch (when 'sudoers_digest' is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/match_digest.c:104:20: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/match_digest.c:125:12: branch_false: following 'false' branch...
sudo-1.9.17p2/plugins/sudoers/match_digest.c:130:9: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/match_digest.c:130:9: danger: 'sudoers_digest' leaks here; was allocated at [(9)](sarif:/runs/0/results/2/codeFlows/0/threadFlows/0/locations/8)
#  128|   	}
#  129|   
#  130|-> 	sudo_debug_printf(SUDO_DEBUG_DIAG|SUDO_DEBUG_LINENO,
#  131|   	    "%s digest mismatch for %s, expecting %s",
#  132|   	    digest_type_to_name(digest->digest_type), path, digest->digest_str);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def413]
sudo-1.9.17p2/plugins/sudoers/match_digest.c:139:5: warning[-Wanalyzer-malloc-leak]: leak of 'sudoers_digest'
sudo-1.9.17p2/plugins/sudoers/match_digest.c:56:8: branch_false: following 'false' branch...
sudo-1.9.17p2/plugins/sudoers/match_digest.c:61:8: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/match_digest.c:82:5: branch_true: following 'true' branch (when 'digest' is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/match_digest.c:84:13: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/match_digest.c:84:12: branch_true: following 'true' branch...
sudo-1.9.17p2/plugins/sudoers/match_digest.c:85:13: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/match_digest.c:94:12: branch_false: following 'false' branch (when 'file_digest' is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/match_digest.c:100:31: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/match_digest.c:100:31: acquire_memory: allocated here
sudo-1.9.17p2/plugins/sudoers/match_digest.c:100:12: branch_false: following 'false' branch (when 'sudoers_digest' is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/match_digest.c:104:20: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/match_digest.c:139:5: danger: 'sudoers_digest' leaks here; was allocated at [(9)](sarif:/runs/0/results/4/codeFlows/0/threadFlows/0/locations/8)
#  137|   
#  138|   bad_format:
#  139|->     sudo_warnx(U_("digest for %s (%s) is not in %s form"), path,
#  140|   	digest->digest_str, digest_type_to_name(digest->digest_type));
#  141|   done:

Error: GCC_ANALYZER_WARNING (CWE-401): [#def414]
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:58:5: warning[-Wanalyzer-malloc-leak]: leak of ‘role’
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:77:1: enter_function: entry to ‘sudo_role_alloc’
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:82:12: acquire_memory: allocated here
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:83:8: branch_true: following ‘true’ branch (when ‘role’ is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:84:23: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:90:12: branch_true: following ‘true’ branch...
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:93:13: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:93:13: call_function: calling ‘sudo_role_free’ from ‘sudo_role_alloc’
#   56|   sudo_role_free(struct sudo_role *role)
#   57|   {
#   58|->     debug_decl(sudo_role_free, SUDOERS_DEBUG_UTIL);
#   59|   
#   60|       if (role != NULL) {

Error: GCC_ANALYZER_WARNING (CWE-401): [#def415]
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:64:9: warning[-Wanalyzer-malloc-leak]: leak of ‘role’
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:77:1: enter_function: entry to ‘sudo_role_alloc’
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:82:12: acquire_memory: allocated here
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:83:8: branch_true: following ‘true’ branch (when ‘role’ is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:84:23: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:90:12: branch_true: following ‘true’ branch...
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:93:13: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:93:13: call_function: calling ‘sudo_role_free’ from ‘sudo_role_alloc’
#   62|   	free(role->notbefore);
#   63|   	free(role->notafter);
#   64|-> 	str_list_free(role->cmnds);
#   65|   	str_list_free(role->hosts);
#   66|   	str_list_free(role->users);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def416]
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:65:9: warning[-Wanalyzer-malloc-leak]: leak of ‘role’
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:77:1: enter_function: entry to ‘sudo_role_alloc’
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:82:12: acquire_memory: allocated here
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:83:8: branch_true: following ‘true’ branch (when ‘role’ is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:84:23: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:90:12: branch_true: following ‘true’ branch...
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:93:13: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:93:13: call_function: calling ‘sudo_role_free’ from ‘sudo_role_alloc’
#   63|   	free(role->notafter);
#   64|   	str_list_free(role->cmnds);
#   65|-> 	str_list_free(role->hosts);
#   66|   	str_list_free(role->users);
#   67|   	str_list_free(role->runasusers);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def417]
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:66:9: warning[-Wanalyzer-malloc-leak]: leak of ‘role’
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:77:1: enter_function: entry to ‘sudo_role_alloc’
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:82:12: acquire_memory: allocated here
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:83:8: branch_true: following ‘true’ branch (when ‘role’ is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:84:23: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:90:12: branch_true: following ‘true’ branch...
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:93:13: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:93:13: call_function: calling ‘sudo_role_free’ from ‘sudo_role_alloc’
#   64|   	str_list_free(role->cmnds);
#   65|   	str_list_free(role->hosts);
#   66|-> 	str_list_free(role->users);
#   67|   	str_list_free(role->runasusers);
#   68|   	str_list_free(role->runasgroups);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def418]
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:67:9: warning[-Wanalyzer-malloc-leak]: leak of ‘role’
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:77:1: enter_function: entry to ‘sudo_role_alloc’
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:82:12: acquire_memory: allocated here
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:83:8: branch_true: following ‘true’ branch (when ‘role’ is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:84:23: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:90:12: branch_true: following ‘true’ branch...
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:93:13: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:93:13: call_function: calling ‘sudo_role_free’ from ‘sudo_role_alloc’
#   65|   	str_list_free(role->hosts);
#   66|   	str_list_free(role->users);
#   67|-> 	str_list_free(role->runasusers);
#   68|   	str_list_free(role->runasgroups);
#   69|   	str_list_free(role->options);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def419]
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:68:9: warning[-Wanalyzer-malloc-leak]: leak of ‘role’
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:77:1: enter_function: entry to ‘sudo_role_alloc’
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:82:12: acquire_memory: allocated here
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:83:8: branch_true: following ‘true’ branch (when ‘role’ is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:84:23: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:90:12: branch_true: following ‘true’ branch...
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:93:13: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:93:13: call_function: calling ‘sudo_role_free’ from ‘sudo_role_alloc’
#   66|   	str_list_free(role->users);
#   67|   	str_list_free(role->runasusers);
#   68|-> 	str_list_free(role->runasgroups);
#   69|   	str_list_free(role->options);
#   70|   	free(role);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def420]
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:69:9: warning[-Wanalyzer-malloc-leak]: leak of ‘role’
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:77:1: enter_function: entry to ‘sudo_role_alloc’
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:82:12: acquire_memory: allocated here
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:83:8: branch_true: following ‘true’ branch (when ‘role’ is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:84:23: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:90:12: branch_true: following ‘true’ branch...
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:93:13: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:93:13: call_function: calling ‘sudo_role_free’ from ‘sudo_role_alloc’
#   67|   	str_list_free(role->runasusers);
#   68|   	str_list_free(role->runasgroups);
#   69|-> 	str_list_free(role->options);
#   70|   	free(role);
#   71|       }

Error: GCC_ANALYZER_WARNING (CWE-401): [#def421]
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:84:23: warning[-Wanalyzer-malloc-leak]: leak of ‘role’
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:82:12: acquire_memory: allocated here
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:83:8: branch_true: following ‘true’ branch (when ‘role’ is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:84:23: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:84:23: danger: ‘role’ leaks here; was allocated at [(1)](sarif:/runs/0/results/7/codeFlows/0/threadFlows/0/locations/0)
#   82|       role = calloc(1, sizeof(*role));
#   83|       if (role != NULL) {
#   84|-> 	role->cmnds = str_list_alloc();
#   85|   	role->hosts = str_list_alloc();
#   86|   	role->users = str_list_alloc();

Error: GCC_ANALYZER_WARNING (CWE-401): [#def422]
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:85:23: warning[-Wanalyzer-malloc-leak]: leak of ‘role’
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:82:12: acquire_memory: allocated here
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:83:8: branch_true: following ‘true’ branch (when ‘role’ is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:84:23: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:85:23: danger: ‘role’ leaks here; was allocated at [(1)](sarif:/runs/0/results/8/codeFlows/0/threadFlows/0/locations/0)
#   83|       if (role != NULL) {
#   84|   	role->cmnds = str_list_alloc();
#   85|-> 	role->hosts = str_list_alloc();
#   86|   	role->users = str_list_alloc();
#   87|   	role->runasusers = str_list_alloc();

Error: GCC_ANALYZER_WARNING (CWE-401): [#def423]
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:86:23: warning[-Wanalyzer-malloc-leak]: leak of ‘role’
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:82:12: acquire_memory: allocated here
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:83:8: branch_true: following ‘true’ branch (when ‘role’ is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:84:23: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:86:23: danger: ‘role’ leaks here; was allocated at [(1)](sarif:/runs/0/results/9/codeFlows/0/threadFlows/0/locations/0)
#   84|   	role->cmnds = str_list_alloc();
#   85|   	role->hosts = str_list_alloc();
#   86|-> 	role->users = str_list_alloc();
#   87|   	role->runasusers = str_list_alloc();
#   88|   	role->runasgroups = str_list_alloc();

Error: GCC_ANALYZER_WARNING (CWE-401): [#def424]
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:87:28: warning[-Wanalyzer-malloc-leak]: leak of ‘role’
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:82:12: acquire_memory: allocated here
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:83:8: branch_true: following ‘true’ branch (when ‘role’ is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:84:23: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:87:28: danger: ‘role’ leaks here; was allocated at [(1)](sarif:/runs/0/results/10/codeFlows/0/threadFlows/0/locations/0)
#   85|   	role->hosts = str_list_alloc();
#   86|   	role->users = str_list_alloc();
#   87|-> 	role->runasusers = str_list_alloc();
#   88|   	role->runasgroups = str_list_alloc();
#   89|   	role->options = str_list_alloc();

Error: GCC_ANALYZER_WARNING (CWE-401): [#def425]
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:88:29: warning[-Wanalyzer-malloc-leak]: leak of ‘role’
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:82:12: acquire_memory: allocated here
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:83:8: branch_true: following ‘true’ branch (when ‘role’ is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:84:23: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:88:29: danger: ‘role’ leaks here; was allocated at [(1)](sarif:/runs/0/results/11/codeFlows/0/threadFlows/0/locations/0)
#   86|   	role->users = str_list_alloc();
#   87|   	role->runasusers = str_list_alloc();
#   88|-> 	role->runasgroups = str_list_alloc();
#   89|   	role->options = str_list_alloc();
#   90|   	if (role->cmnds == NULL || role->hosts == NULL ||

Error: GCC_ANALYZER_WARNING (CWE-401): [#def426]
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:89:25: warning[-Wanalyzer-malloc-leak]: leak of ‘role’
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:82:12: acquire_memory: allocated here
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:83:8: branch_true: following ‘true’ branch (when ‘role’ is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:84:23: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:89:25: danger: ‘role’ leaks here; was allocated at [(1)](sarif:/runs/0/results/12/codeFlows/0/threadFlows/0/locations/0)
#   87|   	role->runasusers = str_list_alloc();
#   88|   	role->runasgroups = str_list_alloc();
#   89|-> 	role->options = str_list_alloc();
#   90|   	if (role->cmnds == NULL || role->hosts == NULL ||
#   91|   	    role->users == NULL || role->runasusers == NULL ||

Error: GCC_ANALYZER_WARNING (CWE-401): [#def427]
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:98:5: warning[-Wanalyzer-malloc-leak]: leak of ‘role’
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:82:12: acquire_memory: allocated here
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:83:8: branch_true: following ‘true’ branch (when ‘role’ is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:84:23: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:90:12: branch_false: following ‘false’ branch...
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:90:13: branch_false: following ‘false’ branch...
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:92:13: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:90:13: branch_false: following ‘false’ branch...
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:90:13: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:90:13: branch_false: following ‘false’ branch...
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:98:5: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:98:5: danger: ‘role’ leaks here; was allocated at [(1)](sarif:/runs/0/results/13/codeFlows/0/threadFlows/0/locations/0)
#   96|       }
#   97|   
#   98|->     debug_return_ptr(role);
#   99|   }
#  100|   

Error: GCC_ANALYZER_WARNING (CWE-401): [#def428]
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:155:15: warning[-Wanalyzer-malloc-leak]: leak of ‘copy’
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:115:8: branch_false: following ‘false’ branch...
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:117:10: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:121:8: branch_false: following ‘false’ branch...
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:123:13: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:145:8: branch_true: following ‘true’ branch (when ‘encoded != 0’)...
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:150:22: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:150:22: acquire_memory: allocated here
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:151:12: branch_false: following ‘false’ branch (when ‘copy’ is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:155:15: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:155:15: danger: ‘copy’ leaks here; was allocated at [(7)](sarif:/runs/0/results/14/codeFlows/0/threadFlows/0/locations/6)
#  153|   		U_("unable to allocate memory"));
#  154|   	}
#  155|-> 	len = base64_decode(attr, (unsigned char *)copy, strlen(copy));
#  156|   	if (len == (size_t)-1) {
#  157|   	    free(copy);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def429]
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:252:13: warning[-Wanalyzer-malloc-leak]: leak of ‘d’
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:249:5: branch_true: following ‘true’ branch (when ‘ls’ is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:250:18: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:250:18: acquire_memory: allocated here
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:250:12: branch_false: following ‘false’ branch (when ‘d’ is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:251:27: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:250:13: branch_true: following ‘true’ branch...
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:252:13: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:252:13: danger: ‘d’ leaks here; was allocated at [(3)](sarif:/runs/0/results/15/codeFlows/0/threadFlows/0/locations/2)
#  250|   	if ((d = calloc(1, sizeof(*d))) == NULL ||
#  251|   	    (d->binding = malloc(sizeof(*d->binding))) == NULL) {
#  252|-> 	    sudo_fatalx(U_("%s: %s"), __func__,
#  253|   		U_("unable to allocate memory"));
#  254|   	}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def430]
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:258:17: warning[-Wanalyzer-malloc-leak]: leak of ‘<unknown>’
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:249:5: branch_true: following ‘true’ branch (when ‘ls’ is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:250:18: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:250:12: branch_false: following ‘false’ branch (when ‘d’ is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:251:27: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:251:27: acquire_memory: allocated here
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:250:13: branch_false: following ‘false’ branch...
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:255:9: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:258:17: danger: ‘<unknown>’ leaks here; was allocated at [(5)](sarif:/runs/0/results/21/codeFlows/0/threadFlows/0/locations/4)
#  256|   	d->binding->refcnt = 1;
#  257|   	d->type = DEFAULTS;
#  258|-> 	d->op = sudo_ldap_parse_option(ls->str, &var, &val);
#  259|   	if ((d->var = strdup(var)) == NULL) {
#  260|   	    sudo_fatalx(U_("%s: %s"), __func__,

Error: GCC_ANALYZER_WARNING (CWE-401): [#def431]
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:258:17: warning[-Wanalyzer-malloc-leak]: leak of ‘d’
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:249:5: branch_true: following ‘true’ branch (when ‘ls’ is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:250:18: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:250:18: acquire_memory: allocated here
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:250:12: branch_false: following ‘false’ branch (when ‘d’ is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:251:27: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:250:13: branch_false: following ‘false’ branch...
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:255:9: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:258:17: danger: ‘d’ leaks here; was allocated at [(3)](sarif:/runs/0/results/22/codeFlows/0/threadFlows/0/locations/2)
#  256|   	d->binding->refcnt = 1;
#  257|   	d->type = DEFAULTS;
#  258|-> 	d->op = sudo_ldap_parse_option(ls->str, &var, &val);
#  259|   	if ((d->var = strdup(var)) == NULL) {
#  260|   	    sudo_fatalx(U_("%s: %s"), __func__,

Error: GCC_ANALYZER_WARNING (CWE-401): [#def432]
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:260:13: warning[-Wanalyzer-malloc-leak]: leak of ‘<unknown>’
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:249:5: branch_true: following ‘true’ branch (when ‘ls’ is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:250:18: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:250:12: branch_false: following ‘false’ branch (when ‘d’ is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:251:27: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:251:27: acquire_memory: allocated here
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:250:13: branch_false: following ‘false’ branch...
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:255:9: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:259:12: branch_true: following ‘true’ branch...
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:260:13: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:260:13: danger: ‘<unknown>’ leaks here; was allocated at [(5)](sarif:/runs/0/results/24/codeFlows/0/threadFlows/0/locations/4)
#  258|   	d->op = sudo_ldap_parse_option(ls->str, &var, &val);
#  259|   	if ((d->var = strdup(var)) == NULL) {
#  260|-> 	    sudo_fatalx(U_("%s: %s"), __func__,
#  261|   		U_("unable to allocate memory"));
#  262|   	}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def433]
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:260:13: warning[-Wanalyzer-malloc-leak]: leak of ‘d’
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:249:5: branch_true: following ‘true’ branch (when ‘ls’ is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:250:18: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:250:18: acquire_memory: allocated here
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:250:12: branch_false: following ‘false’ branch (when ‘d’ is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:251:27: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:250:13: branch_false: following ‘false’ branch...
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:255:9: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:259:12: branch_true: following ‘true’ branch...
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:260:13: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:260:13: danger: ‘d’ leaks here; was allocated at [(3)](sarif:/runs/0/results/23/codeFlows/0/threadFlows/0/locations/2)
#  258|   	d->op = sudo_ldap_parse_option(ls->str, &var, &val);
#  259|   	if ((d->var = strdup(var)) == NULL) {
#  260|-> 	    sudo_fatalx(U_("%s: %s"), __func__,
#  261|   		U_("unable to allocate memory"));
#  262|   	}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def434]
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:265:17: warning[-Wanalyzer-malloc-leak]: leak of ‘<unknown>’
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:249:5: branch_true: following ‘true’ branch (when ‘ls’ is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:250:18: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:250:12: branch_false: following ‘false’ branch (when ‘d’ is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:251:27: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:251:27: acquire_memory: allocated here
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:250:13: branch_false: following ‘false’ branch...
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:255:9: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:259:12: branch_false: following ‘false’ branch...
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:263:13: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:263:12: branch_true: following ‘true’ branch...
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:264:27: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:264:16: branch_true: following ‘true’ branch...
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:265:17: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:265:17: danger: ‘<unknown>’ leaks here; was allocated at [(5)](sarif:/runs/0/results/36/codeFlows/0/threadFlows/0/locations/4)
#  263|   	if (val != NULL) {
#  264|   	    if ((d->val = strdup(val)) == NULL) {
#  265|-> 		sudo_fatalx(U_("%s: %s"), __func__,
#  266|   		    U_("unable to allocate memory"));
#  267|   	    }

Error: GCC_ANALYZER_WARNING (CWE-401): [#def435]
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:265:17: warning[-Wanalyzer-malloc-leak]: leak of ‘d’
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:249:5: branch_true: following ‘true’ branch (when ‘ls’ is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:250:18: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:250:18: acquire_memory: allocated here
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:250:12: branch_false: following ‘false’ branch (when ‘d’ is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:251:27: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:250:13: branch_false: following ‘false’ branch...
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:255:9: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:259:12: branch_false: following ‘false’ branch...
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:263:13: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:263:12: branch_true: following ‘true’ branch...
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:264:27: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:264:16: branch_true: following ‘true’ branch...
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:265:17: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:265:17: danger: ‘d’ leaks here; was allocated at [(3)](sarif:/runs/0/results/35/codeFlows/0/threadFlows/0/locations/2)
#  263|   	if (val != NULL) {
#  264|   	    if ((d->val = strdup(val)) == NULL) {
#  265|-> 		sudo_fatalx(U_("%s: %s"), __func__,
#  266|   		    U_("unable to allocate memory"));
#  267|   	    }

Error: GCC_ANALYZER_WARNING (CWE-401): [#def436]
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:352:17: warning[-Wanalyzer-malloc-leak]: leak of ‘<unknown>’
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:335:8: branch_false: following ‘false’ branch (when ‘reuse_userspec == 0’)...
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:340:19: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:340:12: branch_false: following ‘false’ branch (when ‘us’ is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:344:9: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:348:9: branch_true: following ‘true’ branch (when ‘ls’ is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:349:26: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:351:22: acquire_memory: allocated here
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:351:16: branch_false: following ‘false’ branch (when ‘m’ is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:355:26: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:377:16: branch_false: following ‘false’ branch...
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:383:13: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:348:9: branch_true: following ‘true’ branch (when ‘ls’ is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:349:26: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:351:16: branch_true: following ‘true’ branch (when ‘m’ is NULL)...
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:352:17: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:352:17: danger: ‘<unknown>’ leaks here; was allocated at [(7)](sarif:/runs/0/results/49/codeFlows/0/threadFlows/0/locations/6)
#  350|   
#  351|   	    if ((m = calloc(1, sizeof(*m))) == NULL) {
#  352|-> 		sudo_fatalx(U_("%s: %s"), __func__,
#  353|   		    U_("unable to allocate memory"));
#  354|   	    }

Error: GCC_ANALYZER_WARNING (CWE-401): [#def437]
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:352:17: warning[-Wanalyzer-malloc-leak]: leak of ‘us’
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:335:8: branch_false: following ‘false’ branch (when ‘reuse_userspec == 0’)...
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:340:19: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:340:19: acquire_memory: allocated here
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:340:12: branch_false: following ‘false’ branch (when ‘us’ is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:344:9: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:348:9: branch_true: following ‘true’ branch (when ‘ls’ is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:349:26: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:351:16: branch_true: following ‘true’ branch (when ‘m’ is NULL)...
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:352:17: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:352:17: danger: ‘us’ leaks here; was allocated at [(3)](sarif:/runs/0/results/47/codeFlows/0/threadFlows/0/locations/2)
#  350|   
#  351|   	    if ((m = calloc(1, sizeof(*m))) == NULL) {
#  352|-> 		sudo_fatalx(U_("%s: %s"), __func__,
#  353|   		    U_("unable to allocate memory"));
#  354|   	    }

Error: GCC_ANALYZER_WARNING (CWE-401): [#def438]
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:355:26: warning[-Wanalyzer-malloc-leak]: leak of ‘<unknown>’
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:335:8: branch_false: following ‘false’ branch (when ‘reuse_userspec == 0’)...
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:340:19: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:340:12: branch_false: following ‘false’ branch (when ‘us’ is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:344:9: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:348:9: branch_true: following ‘true’ branch (when ‘ls’ is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:349:26: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:351:22: acquire_memory: allocated here
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:351:16: branch_false: following ‘false’ branch (when ‘m’ is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:355:26: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:377:16: branch_false: following ‘false’ branch...
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:383:13: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:348:9: branch_true: following ‘true’ branch (when ‘ls’ is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:349:26: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:351:16: branch_false: following ‘false’ branch (when ‘m’ is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:355:26: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:355:26: danger: ‘<unknown>’ leaks here; was allocated at [(7)](sarif:/runs/0/results/61/codeFlows/0/threadFlows/0/locations/6)
#  353|   		    U_("unable to allocate memory"));
#  354|   	    }
#  355|-> 	    m->negated = sudo_ldap_is_negated(&user);
#  356|   	    switch (*user) {
#  357|   	    case '\0':

Error: GCC_ANALYZER_WARNING (CWE-401): [#def439]
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:355:26: warning[-Wanalyzer-malloc-leak]: leak of ‘m’
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:335:8: branch_false: following ‘false’ branch (when ‘reuse_userspec == 0’)...
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:340:19: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:340:12: branch_false: following ‘false’ branch (when ‘us’ is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:344:9: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:348:9: branch_true: following ‘true’ branch (when ‘ls’ is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:349:26: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:351:22: acquire_memory: allocated here
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:351:16: branch_false: following ‘false’ branch (when ‘m’ is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:355:26: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:355:26: danger: ‘m’ leaks here; was allocated at [(7)](sarif:/runs/0/results/59/codeFlows/0/threadFlows/0/locations/6)
#  353|   		    U_("unable to allocate memory"));
#  354|   	    }
#  355|-> 	    m->negated = sudo_ldap_is_negated(&user);
#  356|   	    switch (*user) {
#  357|   	    case '\0':

Error: GCC_ANALYZER_WARNING (CWE-401): [#def440]
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:355:26: warning[-Wanalyzer-malloc-leak]: leak of ‘us’
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:335:8: branch_false: following ‘false’ branch (when ‘reuse_userspec == 0’)...
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:340:19: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:340:19: acquire_memory: allocated here
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:340:12: branch_false: following ‘false’ branch (when ‘us’ is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:344:9: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:348:9: branch_true: following ‘true’ branch (when ‘ls’ is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:349:26: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:351:16: branch_false: following ‘false’ branch (when ‘m’ is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:355:26: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:355:26: danger: ‘us’ leaks here; was allocated at [(3)](sarif:/runs/0/results/60/codeFlows/0/threadFlows/0/locations/2)
#  353|   		    U_("unable to allocate memory"));
#  354|   	    }
#  355|-> 	    m->negated = sudo_ldap_is_negated(&user);
#  356|   	    switch (*user) {
#  357|   	    case '\0':

Error: GCC_ANALYZER_WARNING (CWE-401): [#def441]
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:379:21: warning[-Wanalyzer-malloc-leak]: leak of ‘<unknown>’
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:335:8: branch_false: following ‘false’ branch (when ‘reuse_userspec == 0’)...
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:340:19: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:340:12: branch_false: following ‘false’ branch (when ‘us’ is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:344:9: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:348:9: branch_true: following ‘true’ branch (when ‘ls’ is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:349:26: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:351:22: acquire_memory: allocated here
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:351:16: branch_false: following ‘false’ branch (when ‘m’ is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:355:26: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:377:16: branch_false: following ‘false’ branch...
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:383:13: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:348:9: branch_true: following ‘true’ branch (when ‘ls’ is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:349:26: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:351:16: branch_false: following ‘false’ branch (when ‘m’ is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:355:26: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:377:16: branch_true: following ‘true’ branch...
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:378:32: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:378:20: branch_true: following ‘true’ branch...
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:379:21: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:379:21: danger: ‘<unknown>’ leaks here; was allocated at [(7)](sarif:/runs/0/results/66/codeFlows/0/threadFlows/0/locations/6)
#  377|   	    if (m->type != ALL && m->type != MYSELF) {
#  378|   		if ((m->name = strdup(user)) == NULL) {
#  379|-> 		    sudo_fatalx(U_("%s: %s"), __func__,
#  380|   			U_("unable to allocate memory"));
#  381|   		}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def442]
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:379:21: warning[-Wanalyzer-malloc-leak]: leak of ‘m’
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:335:8: branch_false: following ‘false’ branch (when ‘reuse_userspec == 0’)...
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:340:19: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:340:12: branch_false: following ‘false’ branch (when ‘us’ is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:344:9: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:348:9: branch_true: following ‘true’ branch (when ‘ls’ is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:349:26: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:351:22: acquire_memory: allocated here
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:351:16: branch_false: following ‘false’ branch (when ‘m’ is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:355:26: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:377:16: branch_true: following ‘true’ branch...
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:378:32: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:378:20: branch_true: following ‘true’ branch...
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:379:21: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:379:21: danger: ‘m’ leaks here; was allocated at [(7)](sarif:/runs/0/results/62/codeFlows/0/threadFlows/0/locations/6)
#  377|   	    if (m->type != ALL && m->type != MYSELF) {
#  378|   		if ((m->name = strdup(user)) == NULL) {
#  379|-> 		    sudo_fatalx(U_("%s: %s"), __func__,
#  380|   			U_("unable to allocate memory"));
#  381|   		}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def443]
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:379:21: warning[-Wanalyzer-malloc-leak]: leak of ‘us’
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:335:8: branch_false: following ‘false’ branch (when ‘reuse_userspec == 0’)...
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:340:19: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:340:19: acquire_memory: allocated here
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:340:12: branch_false: following ‘false’ branch (when ‘us’ is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:344:9: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:348:9: branch_true: following ‘true’ branch (when ‘ls’ is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:349:26: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:351:16: branch_false: following ‘false’ branch (when ‘m’ is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:355:26: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:377:16: branch_true: following ‘true’ branch...
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:378:32: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:378:20: branch_true: following ‘true’ branch...
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:379:21: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:379:21: danger: ‘us’ leaks here; was allocated at [(3)](sarif:/runs/0/results/63/codeFlows/0/threadFlows/0/locations/2)
#  377|   	    if (m->type != ALL && m->type != MYSELF) {
#  378|   		if ((m->name = strdup(user)) == NULL) {
#  379|-> 		    sudo_fatalx(U_("%s: %s"), __func__,
#  380|   			U_("unable to allocate memory"));
#  381|   		}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def444]
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:408:17: warning[-Wanalyzer-malloc-leak]: leak of ‘<unknown>’
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:335:8: branch_false: following ‘false’ branch (when ‘reuse_userspec == 0’)...
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:340:19: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:340:12: branch_false: following ‘false’ branch (when ‘us’ is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:344:9: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:348:9: branch_true: following ‘true’ branch (when ‘ls’ is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:349:26: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:351:22: acquire_memory: allocated here
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:351:16: branch_false: following ‘false’ branch (when ‘m’ is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:355:26: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:377:16: branch_false: following ‘false’ branch...
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:383:13: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:348:9: branch_true: following ‘true’ branch (when ‘ls’ is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:349:26: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:351:16: branch_false: following ‘false’ branch (when ‘m’ is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:355:26: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:377:16: branch_false: following ‘false’ branch...
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:383:13: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:348:9: branch_false: following ‘false’ branch (when ‘ls’ is NULL)...
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:388:9: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:388:8: branch_true: following ‘true’ branch...
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:390:12: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:390:12: branch_false: following ‘false’ branch (when ‘reuse_userspec == 0’)...
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:407:28: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:407:16: branch_true: following ‘true’ branch (when ‘comment’ is NULL)...
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:408:17: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:408:17: danger: ‘<unknown>’ leaks here; was allocated at [(7)](sarif:/runs/0/results/84/codeFlows/0/threadFlows/0/locations/6)
#  406|   	    /* Create a new comment. */
#  407|   	    if ((comment = malloc(sizeof(*comment))) == NULL) {
#  408|-> 		sudo_fatalx(U_("%s: %s"), __func__,
#  409|   		    U_("unable to allocate memory"));
#  410|   	    }

Error: GCC_ANALYZER_WARNING (CWE-401): [#def445]
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:408:17: warning[-Wanalyzer-malloc-leak]: leak of ‘m’
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:474:1: enter_function: entry to ‘ldif_to_sudoers’
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:483:8: branch_false: following ‘false’ branch (when ‘role_array’ is non-NULL)...
 branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:497:30: branch_true: following ‘true’ branch (when ‘n < numroles’)...
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:503:26: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:506:12: branch_false: following ‘false’ branch (when ‘role’ is NULL)...
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:526:9: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:526:9: call_function: calling ‘role_to_sudoers’ from ‘ldif_to_sudoers’
#  406|   	    /* Create a new comment. */
#  407|   	    if ((comment = malloc(sizeof(*comment))) == NULL) {
#  408|-> 		sudo_fatalx(U_("%s: %s"), __func__,
#  409|   		    U_("unable to allocate memory"));
#  410|   	    }

Error: GCC_ANALYZER_WARNING (CWE-401): [#def446]
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:408:17: warning[-Wanalyzer-malloc-leak]: leak of ‘us’
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:474:1: enter_function: entry to ‘ldif_to_sudoers’
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:483:8: branch_false: following ‘false’ branch (when ‘role_array’ is non-NULL)...
 branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:497:30: branch_true: following ‘true’ branch (when ‘n < numroles’)...
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:503:26: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:506:12: branch_false: following ‘false’ branch (when ‘role’ is NULL)...
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:526:9: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:526:9: call_function: calling ‘role_to_sudoers’ from ‘ldif_to_sudoers’
#  406|   	    /* Create a new comment. */
#  407|   	    if ((comment = malloc(sizeof(*comment))) == NULL) {
#  408|-> 		sudo_fatalx(U_("%s: %s"), __func__,
#  409|   		    U_("unable to allocate memory"));
#  410|   	    }

Error: GCC_ANALYZER_WARNING (CWE-401): [#def447]
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:412:17: warning[-Wanalyzer-malloc-leak]: leak of ‘<unknown>’
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:335:8: branch_false: following ‘false’ branch (when ‘reuse_userspec == 0’)...
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:340:19: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:340:12: branch_false: following ‘false’ branch (when ‘us’ is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:344:9: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:348:9: branch_true: following ‘true’ branch (when ‘ls’ is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:349:26: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:351:22: acquire_memory: allocated here
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:351:16: branch_false: following ‘false’ branch (when ‘m’ is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:355:26: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:377:16: branch_false: following ‘false’ branch...
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:383:13: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:348:9: branch_true: following ‘true’ branch (when ‘ls’ is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:349:26: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:351:16: branch_false: following ‘false’ branch (when ‘m’ is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:355:26: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:377:16: branch_false: following ‘false’ branch...
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:383:13: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:348:9: branch_false: following ‘false’ branch (when ‘ls’ is NULL)...
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:388:9: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:388:8: branch_true: following ‘true’ branch...
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:390:12: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:390:12: branch_false: following ‘false’ branch (when ‘reuse_userspec == 0’)...
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:407:28: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:407:16: branch_false: following ‘false’ branch (when ‘comment’ is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:411:17: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:411:16: branch_true: following ‘true’ branch...
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:412:17: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:412:17: danger: ‘<unknown>’ leaks here; was allocated at [(7)](sarif:/runs/0/results/102/codeFlows/0/threadFlows/0/locations/6)
#  410|   	    }
#  411|   	    if (asprintf(&comment->str, "sudoRole %s", role->cn) == -1) {
#  412|-> 		sudo_fatalx(U_("%s: %s"), __func__,
#  413|   		    U_("unable to allocate memory"));
#  414|   	    }

Error: GCC_ANALYZER_WARNING (CWE-401): [#def448]
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:412:17: warning[-Wanalyzer-malloc-leak]: leak of ‘m’
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:335:8: branch_false: following ‘false’ branch (when ‘reuse_userspec == 0’)...
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:340:19: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:340:12: branch_false: following ‘false’ branch (when ‘us’ is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:344:9: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:348:9: branch_true: following ‘true’ branch (when ‘ls’ is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:349:26: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:351:22: acquire_memory: allocated here
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:351:16: branch_false: following ‘false’ branch (when ‘m’ is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:355:26: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:377:16: branch_false: following ‘false’ branch...
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:383:13: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:348:9: branch_false: following ‘false’ branch (when ‘ls’ is NULL)...
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:388:9: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:388:8: branch_true: following ‘true’ branch...
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:390:12: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:390:12: branch_false: following ‘false’ branch (when ‘reuse_userspec == 0’)...
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:407:28: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:407:16: branch_false: following ‘false’ branch (when ‘comment’ is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:411:17: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:411:16: branch_true: following ‘true’ branch...
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:412:17: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:412:17: danger: ‘m’ leaks here; was allocated at [(7)](sarif:/runs/0/results/100/codeFlows/0/threadFlows/0/locations/6)
#  410|   	    }
#  411|   	    if (asprintf(&comment->str, "sudoRole %s", role->cn) == -1) {
#  412|-> 		sudo_fatalx(U_("%s: %s"), __func__,
#  413|   		    U_("unable to allocate memory"));
#  414|   	    }

Error: GCC_ANALYZER_WARNING (CWE-401): [#def449]
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:412:17: warning[-Wanalyzer-malloc-leak]: leak of ‘us’
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:335:8: branch_false: following ‘false’ branch (when ‘reuse_userspec == 0’)...
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:340:19: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:340:19: acquire_memory: allocated here
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:340:12: branch_false: following ‘false’ branch (when ‘us’ is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:344:9: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:348:9: branch_false: following ‘false’ branch (when ‘ls’ is NULL)...
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:388:9: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:388:8: branch_true: following ‘true’ branch...
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:390:12: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:390:12: branch_false: following ‘false’ branch (when ‘reuse_userspec == 0’)...
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:407:28: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:407:16: branch_false: following ‘false’ branch (when ‘comment’ is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:411:17: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:411:16: branch_true: following ‘true’ branch...
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:412:17: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:412:17: danger: ‘us’ leaks here; was allocated at [(3)](sarif:/runs/0/results/98/codeFlows/0/threadFlows/0/locations/2)
#  410|   	    }
#  411|   	    if (asprintf(&comment->str, "sudoRole %s", role->cn) == -1) {
#  412|-> 		sudo_fatalx(U_("%s: %s"), __func__,
#  413|   		    U_("unable to allocate memory"));
#  414|   	    }

Error: GCC_ANALYZER_WARNING (CWE-401): [#def450]
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:420:12: warning[-Wanalyzer-malloc-leak]: leak of ‘<unknown>’
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:335:8: branch_false: following ‘false’ branch (when ‘reuse_userspec == 0’)...
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:340:19: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:340:12: branch_false: following ‘false’ branch (when ‘us’ is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:344:9: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:348:9: branch_true: following ‘true’ branch (when ‘ls’ is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:349:26: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:351:22: acquire_memory: allocated here
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:351:16: branch_false: following ‘false’ branch (when ‘m’ is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:355:26: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:377:16: branch_false: following ‘false’ branch...
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:383:13: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:348:9: branch_true: following ‘true’ branch (when ‘ls’ is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:349:26: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:351:16: branch_false: following ‘false’ branch (when ‘m’ is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:355:26: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:377:16: branch_false: following ‘false’ branch...
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:383:13: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:348:9: branch_false: following ‘false’ branch (when ‘ls’ is NULL)...
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:388:9: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:388:8: branch_false: following ‘false’ branch...
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:423:26: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:420:12: danger: ‘<unknown>’ leaks here; was allocated at [(7)](sarif:/runs/0/results/118/codeFlows/0/threadFlows/0/locations/6)
#  418|   
#  419|       /* Convert role to sudoers privilege. */
#  420|->     priv = sudo_ldap_role_to_priv(role->cn, STAILQ_FIRST(role->hosts),
#  421|   	STAILQ_FIRST(role->runasusers), STAILQ_FIRST(role->runasgroups),
#  422|   	STAILQ_FIRST(role->cmnds), STAILQ_FIRST(role->options),

Error: GCC_ANALYZER_WARNING (CWE-401): [#def451]
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:420:12: warning[-Wanalyzer-malloc-leak]: leak of ‘m’
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:335:8: branch_false: following ‘false’ branch (when ‘reuse_userspec == 0’)...
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:340:19: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:340:12: branch_false: following ‘false’ branch (when ‘us’ is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:344:9: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:348:9: branch_true: following ‘true’ branch (when ‘ls’ is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:349:26: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:351:22: acquire_memory: allocated here
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:351:16: branch_false: following ‘false’ branch (when ‘m’ is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:355:26: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:377:16: branch_false: following ‘false’ branch...
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:383:13: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:348:9: branch_false: following ‘false’ branch (when ‘ls’ is NULL)...
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:388:9: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:388:8: branch_false: following ‘false’ branch...
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:423:26: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:420:12: danger: ‘m’ leaks here; was allocated at [(7)](sarif:/runs/0/results/117/codeFlows/0/threadFlows/0/locations/6)
#  418|   
#  419|       /* Convert role to sudoers privilege. */
#  420|->     priv = sudo_ldap_role_to_priv(role->cn, STAILQ_FIRST(role->hosts),
#  421|   	STAILQ_FIRST(role->runasusers), STAILQ_FIRST(role->runasgroups),
#  422|   	STAILQ_FIRST(role->cmnds), STAILQ_FIRST(role->options),

Error: GCC_ANALYZER_WARNING (CWE-401): [#def452]
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:420:12: warning[-Wanalyzer-malloc-leak]: leak of ‘us’
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:335:8: branch_false: following ‘false’ branch (when ‘reuse_userspec == 0’)...
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:340:19: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:340:19: acquire_memory: allocated here
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:340:12: branch_false: following ‘false’ branch (when ‘us’ is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:344:9: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:348:9: branch_false: following ‘false’ branch (when ‘ls’ is NULL)...
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:388:9: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:388:8: branch_false: following ‘false’ branch...
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:423:26: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:420:12: danger: ‘us’ leaks here; was allocated at [(3)](sarif:/runs/0/results/116/codeFlows/0/threadFlows/0/locations/2)
#  418|   
#  419|       /* Convert role to sudoers privilege. */
#  420|->     priv = sudo_ldap_role_to_priv(role->cn, STAILQ_FIRST(role->hosts),
#  421|   	STAILQ_FIRST(role->runasusers), STAILQ_FIRST(role->runasgroups),
#  422|   	STAILQ_FIRST(role->cmnds), STAILQ_FIRST(role->options),

Error: GCC_ANALYZER_WARNING (CWE-401): [#def453]
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:426:9: warning[-Wanalyzer-malloc-leak]: leak of ‘<unknown>’
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:335:8: branch_false: following ‘false’ branch (when ‘reuse_userspec == 0’)...
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:340:19: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:340:12: branch_false: following ‘false’ branch (when ‘us’ is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:344:9: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:348:9: branch_true: following ‘true’ branch (when ‘ls’ is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:349:26: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:351:22: acquire_memory: allocated here
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:351:16: branch_false: following ‘false’ branch (when ‘m’ is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:355:26: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:377:16: branch_false: following ‘false’ branch...
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:383:13: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:348:9: branch_true: following ‘true’ branch (when ‘ls’ is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:349:26: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:351:16: branch_false: following ‘false’ branch (when ‘m’ is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:355:26: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:377:16: branch_false: following ‘false’ branch...
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:383:13: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:348:9: branch_false: following ‘false’ branch (when ‘ls’ is NULL)...
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:388:9: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:388:8: branch_false: following ‘false’ branch...
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:423:26: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:425:8: branch_true: following ‘true’ branch...
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:426:9: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:426:9: danger: ‘<unknown>’ leaks here; was allocated at [(7)](sarif:/runs/0/results/123/codeFlows/0/threadFlows/0/locations/6)
#  424|   	sudoers_string_iter);
#  425|       if (priv == NULL) {
#  426|-> 	sudo_fatalx(U_("%s: %s"), __func__,
#  427|   	    U_("unable to allocate memory"));
#  428|       }

Error: GCC_ANALYZER_WARNING (CWE-401): [#def454]
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:426:9: warning[-Wanalyzer-malloc-leak]: leak of ‘m’
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:335:8: branch_false: following ‘false’ branch (when ‘reuse_userspec == 0’)...
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:340:19: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:340:12: branch_false: following ‘false’ branch (when ‘us’ is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:344:9: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:348:9: branch_true: following ‘true’ branch (when ‘ls’ is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:349:26: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:351:22: acquire_memory: allocated here
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:351:16: branch_false: following ‘false’ branch (when ‘m’ is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:355:26: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:377:16: branch_false: following ‘false’ branch...
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:383:13: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:348:9: branch_false: following ‘false’ branch (when ‘ls’ is NULL)...
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:388:9: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:388:8: branch_false: following ‘false’ branch...
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:423:26: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:425:8: branch_true: following ‘true’ branch...
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:426:9: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:426:9: danger: ‘m’ leaks here; was allocated at [(7)](sarif:/runs/0/results/121/codeFlows/0/threadFlows/0/locations/6)
#  424|   	sudoers_string_iter);
#  425|       if (priv == NULL) {
#  426|-> 	sudo_fatalx(U_("%s: %s"), __func__,
#  427|   	    U_("unable to allocate memory"));
#  428|       }

Error: GCC_ANALYZER_WARNING (CWE-401): [#def455]
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:426:9: warning[-Wanalyzer-malloc-leak]: leak of ‘us’
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:335:8: branch_false: following ‘false’ branch (when ‘reuse_userspec == 0’)...
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:340:19: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:340:19: acquire_memory: allocated here
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:340:12: branch_false: following ‘false’ branch (when ‘us’ is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:344:9: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:348:9: branch_false: following ‘false’ branch (when ‘ls’ is NULL)...
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:388:9: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:388:8: branch_false: following ‘false’ branch...
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:423:26: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:425:8: branch_true: following ‘true’ branch...
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:426:9: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:426:9: danger: ‘us’ leaks here; was allocated at [(3)](sarif:/runs/0/results/119/codeFlows/0/threadFlows/0/locations/2)
#  424|   	sudoers_string_iter);
#  425|       if (priv == NULL) {
#  426|-> 	sudo_fatalx(U_("%s: %s"), __func__,
#  427|   	    U_("unable to allocate memory"));
#  428|       }

Error: GCC_ANALYZER_WARNING (CWE-401): [#def456]
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:492:5: warning[-Wanalyzer-malloc-leak]: leak of ‘role_array’
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:482:18: acquire_memory: allocated here
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:483:8: branch_false: following ‘false’ branch (when ‘role_array’ is non-NULL)...
 branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:492:5: danger: ‘role_array’ leaks here; was allocated at [(1)](sarif:/runs/0/results/137/codeFlows/0/threadFlows/0/locations/0)
#  490|       }
#  491|       role_array[n] = NULL;
#  492|->     qsort(role_array, numroles, sizeof(*role_array), role_order_cmp);
#  493|   
#  494|       /*

Error: GCC_ANALYZER_WARNING (CWE-401): [#def457]
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:561:5: warning[-Wanalyzer-malloc-leak]: leak of ‘dst’
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:551:19: acquire_memory: allocated here
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:551:8: branch_false: following ‘false’ branch (when ‘new_cn’ is non-NULL)...
 branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:554:24: branch_false: following ‘false’ branch...
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:559:5: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:561:5: danger: ‘dst’ leaks here; was allocated at [(1)](sarif:/runs/0/results/138/codeFlows/0/threadFlows/0/locations/0)
#  559|       *dst = '\0';
#  560|   
#  561|->     debug_return_str(new_cn);
#  562|   }
#  563|   

Error: GCC_ANALYZER_WARNING (CWE-401): [#def458]
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:561:5: warning[-Wanalyzer-malloc-leak]: leak of ‘new_cn’
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:551:19: acquire_memory: allocated here
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:551:8: branch_false: following ‘false’ branch (when ‘new_cn’ is non-NULL)...
 branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:554:24: branch_true: following ‘true’ branch...
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:555:12: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:561:5: danger: ‘new_cn’ leaks here; was allocated at [(1)](sarif:/runs/0/results/139/codeFlows/0/threadFlows/0/locations/0)
#  559|       *dst = '\0';
#  560|   
#  561|->     debug_return_str(new_cn);
#  562|   }
#  563|   

Error: CPPCHECK_WARNING (CWE-457): [#def459]
sudo-1.9.17p2/plugins/sudoers/parse_ldif.c:573: error[legacyUninitvar]: Uninitialized variable: roles
#  571|       FILE *fp, const char *sudoers_base, bool store_options)
#  572|   {
#  573|->     struct sudo_role_list roles = STAILQ_HEAD_INITIALIZER(roles);
#  574|       struct sudo_role *role = NULL;
#  575|       struct rbtree *usercache, *groupcache, *hostcache;

Error: GCC_ANALYZER_WARNING (CWE-404): [#def460]
sudo-1.9.17p2/plugins/sudoers/parser_warnx.c:37:5: warning[-Wanalyzer-va-list-leak]: missing call to 'va_end'
sudo-1.9.17p2/plugins/sudoers/parser_warnx.c:70:1: enter_function: entry to 'parser_warnx'
sudo-1.9.17p2/plugins/sudoers/parser_warnx.c:77:5: acquire_resource: 'va_start' called here
sudo-1.9.17p2/plugins/sudoers/parser_warnx.c:78:11: call_function: calling 'parser_vwarnx' from 'parser_warnx'
#   35|   {
#   36|       bool ret = true;
#   37|->     debug_decl(parser_warnx, SUDOERS_DEBUG_DEFAULTS);
#   38|   
#   39|       if (strict && sudoers_error_hook != NULL) {

Error: GCC_ANALYZER_WARNING (CWE-404): [#def461]
sudo-1.9.17p2/plugins/sudoers/parser_warnx.c:43:15: warning[-Wanalyzer-va-list-leak]: missing call to 'va_end'
sudo-1.9.17p2/plugins/sudoers/parser_warnx.c:39:8: branch_true: following 'true' branch...
sudo-1.9.17p2/plugins/sudoers/parser_warnx.c:42:9: acquire_resource: 'va_copy' called here
sudo-1.9.17p2/plugins/sudoers/parser_warnx.c:43:15: danger: missing call to 'va_end' to match 'va_copy' at [(3)](sarif:/runs/0/results/1/codeFlows/0/threadFlows/0/locations/2)
#   41|   
#   42|   	va_copy(ap2, ap);
#   43|-> 	ret = sudoers_error_hook(ctx, file, line, column, fmt, ap2);
#   44|   	va_end(ap2);
#   45|       }

Error: GCC_ANALYZER_WARNING (CWE-404): [#def462]
sudo-1.9.17p2/plugins/sudoers/parser_warnx.c:51:9: warning[-Wanalyzer-va-list-leak]: missing call to 'va_end'
sudo-1.9.17p2/plugins/sudoers/parser_warnx.c:70:1: enter_function: entry to 'parser_warnx'
sudo-1.9.17p2/plugins/sudoers/parser_warnx.c:77:5: acquire_resource: 'va_start' called here
sudo-1.9.17p2/plugins/sudoers/parser_warnx.c:78:11: call_function: calling 'parser_vwarnx' from 'parser_warnx'
#   49|   	char *errstr;
#   50|   
#   51|-> 	sudoers_setlocale(SUDOERS_LOCALE_USER, &oldlocale);
#   52|   	if (vasprintf(&errstr, _(fmt), ap) == -1) {
#   53|   	    errstr = NULL;

Error: CPPCHECK_WARNING (CWE-457): [#def463]
sudo-1.9.17p2/plugins/sudoers/policy.c:1106: error[legacyUninitvar]: Uninitialized variable: debug_files
# 1104|       const char **errstr)
# 1105|   {
# 1106|->     struct sudo_conf_debug_file_list debug_files = TAILQ_HEAD_INITIALIZER(debug_files);
# 1107|       struct sudoers_open_info info;
# 1108|       const char *cp, *plugin_path = NULL;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def464]
sudo-1.9.17p2/plugins/sudoers/pwutil.c:738:17: warning[-Wanalyzer-malloc-leak]: leak of 'gritem'
sudo-1.9.17p2/plugins/sudoers/pwutil.c:678:8: branch_false: following 'false' branch...
sudo-1.9.17p2/plugins/sudoers/pwutil.c:693:17: branch_true: following 'true' branch (when 'i != 2')...
sudo-1.9.17p2/plugins/sudoers/pwutil.c:702:18: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/pwutil.c:702:18: acquire_memory: allocated here
sudo-1.9.17p2/plugins/sudoers/pwutil.c:703:12: branch_false: following 'false' branch (when 'gritem' is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/pwutil.c:707:9: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/pwutil.c:728:12: branch_true: following 'true' branch (when 'i == 0')...
sudo-1.9.17p2/plugins/sudoers/pwutil.c:730:27: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/pwutil.c:738:17: danger: 'gritem' leaks here; was allocated at [(5)](sarif:/runs/0/results/0/codeFlows/0/threadFlows/0/locations/4)
#  736|   	}
#  737|   	getauthregistry(NULL, item->registry);
#  738|-> 	switch (rbinsert(grcache, item, &node)) {
#  739|   	case 1:
#  740|   	    /* Already exists. */

Error: GCC_ANALYZER_WARNING (CWE-401): [#def465]
sudo-1.9.17p2/plugins/sudoers/pwutil_impl.c:294:17: warning[-Wanalyzer-malloc-leak]: leak of 'gids'
sudo-1.9.17p2/plugins/sudoers/pwutil_impl.c:286:12: branch_true: following 'true' branch...
sudo-1.9.17p2/plugins/sudoers/pwutil_impl.c:287:20: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/pwutil_impl.c:287:20: acquire_memory: allocated here
sudo-1.9.17p2/plugins/sudoers/pwutil_impl.c:288:16: branch_false: following 'false' branch...
sudo-1.9.17p2/plugins/sudoers/pwutil_impl.c:294:17: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/pwutil_impl.c:294:17: danger: 'gids' leaks here; was allocated at [(3)](sarif:/runs/0/results/0/codeFlows/0/threadFlows/0/locations/2)
#  292|   	    }
#  293|   	    /* Clamp to max_groups if insufficient space for all groups. */
#  294|-> 	    if (PREFIX(getgrouplist2)(pw->pw_name, pw->pw_gid, &gids, &ngids) == -1)
#  295|   		ngids = sudo_pwutil_get_max_groups();
#  296|   	} else {

Error: GCC_ANALYZER_WARNING (CWE-401): [#def466]
sudo-1.9.17p2/plugins/sudoers/pwutil_impl.c:294:17: warning[-Wanalyzer-malloc-leak]: leak of ‘gids’
sudo-1.9.17p2/plugins/sudoers/pwutil_impl.c:286:12: branch_true: following ‘true’ branch...
sudo-1.9.17p2/plugins/sudoers/pwutil_impl.c:287:20: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/pwutil_impl.c:287:20: acquire_memory: allocated here
sudo-1.9.17p2/plugins/sudoers/pwutil_impl.c:288:16: branch_false: following ‘false’ branch...
sudo-1.9.17p2/plugins/sudoers/pwutil_impl.c:294:52: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/pwutil_impl.c:294:17: danger: ‘gids’ leaks here; was allocated at [(3)](sarif:/runs/0/results/0/codeFlows/0/threadFlows/0/locations/2)
#  292|   	    }
#  293|   	    /* Clamp to max_groups if insufficient space for all groups. */
#  294|-> 	    if (PREFIX(getgrouplist2)(pw->pw_name, pw->pw_gid, &gids, &ngids) == -1)
#  295|   		ngids = sudo_pwutil_get_max_groups();
#  296|   	} else {

Error: GCC_ANALYZER_WARNING (CWE-401): [#def467]
sudo-1.9.17p2/plugins/sudoers/pwutil_impl.c:348:5: warning[-Wanalyzer-malloc-leak]: leak of 'glitem'
sudo-1.9.17p2/plugins/sudoers/pwutil_impl.c:298:16: branch_false: following 'false' branch...
 branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/pwutil_impl.c:305:8: branch_false: following 'false' branch...
sudo-1.9.17p2/plugins/sudoers/pwutil_impl.c:312:20: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/pwutil_impl.c:316:19: acquire_memory: allocated here
sudo-1.9.17p2/plugins/sudoers/pwutil_impl.c:316:8: branch_false: following 'false' branch (when 'glitem' is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/pwutil_impl.c:328:5: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/pwutil_impl.c:348:5: danger: 'glitem' leaks here; was allocated at [(5)](sarif:/runs/0/results/1/codeFlows/0/threadFlows/0/locations/4)
#  346|       free(gids);
#  347|   
#  348|->     debug_return_ptr(&glitem->cache);
#  349|   }
#  350|   

Error: GCC_ANALYZER_WARNING (CWE-401): [#def468]
sudo-1.9.17p2/plugins/sudoers/pwutil_impl.c:348:5: warning[-Wanalyzer-malloc-leak]: leak of ‘glitem’
sudo-1.9.17p2/plugins/sudoers/pwutil_impl.c:298:16: branch_false: following ‘false’ branch...
 branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/pwutil_impl.c:305:8: branch_false: following ‘false’ branch...
sudo-1.9.17p2/plugins/sudoers/pwutil_impl.c:312:20: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/pwutil_impl.c:316:19: acquire_memory: allocated here
sudo-1.9.17p2/plugins/sudoers/pwutil_impl.c:316:8: branch_false: following ‘false’ branch (when ‘glitem’ is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/pwutil_impl.c:328:5: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/pwutil_impl.c:348:5: danger: ‘glitem’ leaks here; was allocated at [(5)](sarif:/runs/0/results/1/codeFlows/0/threadFlows/0/locations/4)
#  346|       free(gids);
#  347|   
#  348|->     debug_return_ptr(&glitem->cache);
#  349|   }
#  350|   

Error: GCC_ANALYZER_WARNING (CWE-401): [#def469]
sudo-1.9.17p2/plugins/sudoers/redblack.c:204:35: warning[-Wanalyzer-malloc-leak]: leak of 'node'
sudo-1.9.17p2/plugins/sudoers/redblack.c:187:12: branch_false: following 'false' branch...
sudo-1.9.17p2/plugins/sudoers/redblack.c:192:16: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/redblack.c:195:12: acquire_memory: allocated here
sudo-1.9.17p2/plugins/sudoers/redblack.c:196:8: branch_false: following 'false' branch (when 'node' is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/redblack.c:201:5: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/redblack.c:204:8: branch_false: following 'false' branch (when 'parent != parent')...
sudo-1.9.17p2/plugins/sudoers/redblack.c:204:35: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/redblack.c:204:35: danger: 'node' leaks here; was allocated at [(3)](sarif:/runs/0/results/0/codeFlows/0/threadFlows/0/locations/2)
#  202|       node->left = node->right = rbnil(tree);
#  203|       node->parent = parent;
#  204|->     if (parent == rbroot(tree) || tree->compar(data, parent->data) < 0)
#  205|   	parent->left = node;
#  206|       else

Error: GCC_ANALYZER_WARNING (CWE-401): [#def470]
sudo-1.9.17p2/plugins/sudoers/sssd.c:102:5: warning[-Wanalyzer-malloc-leak]: leak of 'handle'
sudo-1.9.17p2/plugins/sudoers/sssd.c:555:1: enter_function: entry to 'sudo_sss_open'
sudo-1.9.17p2/plugins/sudoers/sssd.c:568:14: acquire_memory: allocated here
sudo-1.9.17p2/plugins/sudoers/sssd.c:569:8: branch_false: following 'false' branch (when 'handle' is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/sssd.c:575:22: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/sssd.c:576:8: branch_false: following 'false' branch...
sudo-1.9.17p2/plugins/sudoers/sssd.c:587:9: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/sssd.c:588:8: branch_false: following 'false' branch...
sudo-1.9.17p2/plugins/sudoers/sssd.c:596:9: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/sssd.c:597:8: branch_false: following 'false' branch...
sudo-1.9.17p2/plugins/sudoers/sssd.c:605:9: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/sssd.c:606:8: branch_false: following 'false' branch...
sudo-1.9.17p2/plugins/sudoers/sssd.c:614:9: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/sssd.c:615:8: branch_false: following 'false' branch...
sudo-1.9.17p2/plugins/sudoers/sssd.c:623:9: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/sssd.c:624:8: branch_false: following 'false' branch...
sudo-1.9.17p2/plugins/sudoers/sssd.c:635:37: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/sssd.c:635:8: branch_true: following 'true' branch...
sudo-1.9.17p2/plugins/sudoers/sssd.c:636:13: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/sssd.c:636:13: call_function: calling 'get_ipa_hostname' from 'sudo_sss_open'
#  100|       ssize_t len;
#  101|       FILE *fp;
#  102|->     debug_decl(get_ipa_hostname, SUDOERS_DEBUG_SSSD);
#  103|   
#  104|       fp = fopen(_PATH_SSSD_CONF, "r");

Error: GCC_ANALYZER_WARNING (CWE-775): [#def471]
sudo-1.9.17p2/plugins/sudoers/sssd.c:106:23: warning[-Wanalyzer-file-leak]: leak of FILE 'fopen("/etc/sssd/sssd.conf", "r")'
sudo-1.9.17p2/plugins/sudoers/sssd.c:104:10: acquire_resource: opened here
sudo-1.9.17p2/plugins/sudoers/sssd.c:105:8: branch_true: following 'true' branch...
 branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/sssd.c:106:23: danger: 'fopen("/etc/sssd/sssd.conf", "r")' leaks here; was opened at [(1)](sarif:/runs/0/results/1/codeFlows/0/threadFlows/0/locations/0)
#  104|       fp = fopen(_PATH_SSSD_CONF, "r");
#  105|       if (fp != NULL) {
#  106|-> 	while ((len = getdelim(&line, &linesize, '\n', fp)) != -1) {
#  107|   	    char *cp = line;
#  108|   

Error: GCC_ANALYZER_WARNING (CWE-401): [#def472]
sudo-1.9.17p2/plugins/sudoers/sssd.c:106:23: warning[-Wanalyzer-malloc-leak]: leak of 'fopen("/etc/sssd/sssd.conf", "r")'
sudo-1.9.17p2/plugins/sudoers/sssd.c:104:10: acquire_memory: allocated here
sudo-1.9.17p2/plugins/sudoers/sssd.c:105:8: branch_true: following 'true' branch...
 branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/sssd.c:106:23: danger: 'fopen("/etc/sssd/sssd.conf", "r")' leaks here; was allocated at [(1)](sarif:/runs/0/results/3/codeFlows/0/threadFlows/0/locations/0)
#  104|       fp = fopen(_PATH_SSSD_CONF, "r");
#  105|       if (fp != NULL) {
#  106|-> 	while ((len = getdelim(&line, &linesize, '\n', fp)) != -1) {
#  107|   	    char *cp = line;
#  108|   

Error: GCC_ANALYZER_WARNING (CWE-401): [#def473]
sudo-1.9.17p2/plugins/sudoers/sssd.c:106:23: warning[-Wanalyzer-malloc-leak]: leak of 'handle'
sudo-1.9.17p2/plugins/sudoers/sssd.c:555:1: enter_function: entry to 'sudo_sss_open'
sudo-1.9.17p2/plugins/sudoers/sssd.c:568:14: acquire_memory: allocated here
sudo-1.9.17p2/plugins/sudoers/sssd.c:569:8: branch_false: following 'false' branch (when 'handle' is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/sssd.c:575:22: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/sssd.c:576:8: branch_false: following 'false' branch...
sudo-1.9.17p2/plugins/sudoers/sssd.c:587:9: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/sssd.c:588:8: branch_false: following 'false' branch...
sudo-1.9.17p2/plugins/sudoers/sssd.c:596:9: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/sssd.c:597:8: branch_false: following 'false' branch...
sudo-1.9.17p2/plugins/sudoers/sssd.c:605:9: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/sssd.c:606:8: branch_false: following 'false' branch...
sudo-1.9.17p2/plugins/sudoers/sssd.c:614:9: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/sssd.c:615:8: branch_false: following 'false' branch...
sudo-1.9.17p2/plugins/sudoers/sssd.c:623:9: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/sssd.c:624:8: branch_false: following 'false' branch...
sudo-1.9.17p2/plugins/sudoers/sssd.c:635:37: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/sssd.c:635:8: branch_true: following 'true' branch...
sudo-1.9.17p2/plugins/sudoers/sssd.c:636:13: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/sssd.c:636:13: call_function: calling 'get_ipa_hostname' from 'sudo_sss_open'
#  104|       fp = fopen(_PATH_SSSD_CONF, "r");
#  105|       if (fp != NULL) {
#  106|-> 	while ((len = getdelim(&line, &linesize, '\n', fp)) != -1) {
#  107|   	    char *cp = line;
#  108|   

Error: GCC_ANALYZER_WARNING (CWE-401): [#def474]
sudo-1.9.17p2/plugins/sudoers/sssd.c:138:21: warning[-Wanalyzer-malloc-leak]: leak of 'handle'
sudo-1.9.17p2/plugins/sudoers/sssd.c:555:1: enter_function: entry to 'sudo_sss_open'
sudo-1.9.17p2/plugins/sudoers/sssd.c:568:14: acquire_memory: allocated here
sudo-1.9.17p2/plugins/sudoers/sssd.c:569:8: branch_false: following 'false' branch (when 'handle' is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/sssd.c:575:22: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/sssd.c:576:8: branch_false: following 'false' branch...
sudo-1.9.17p2/plugins/sudoers/sssd.c:587:9: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/sssd.c:588:8: branch_false: following 'false' branch...
sudo-1.9.17p2/plugins/sudoers/sssd.c:596:9: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/sssd.c:597:8: branch_false: following 'false' branch...
sudo-1.9.17p2/plugins/sudoers/sssd.c:605:9: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/sssd.c:606:8: branch_false: following 'false' branch...
sudo-1.9.17p2/plugins/sudoers/sssd.c:614:9: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/sssd.c:615:8: branch_false: following 'false' branch...
sudo-1.9.17p2/plugins/sudoers/sssd.c:623:9: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/sssd.c:624:8: branch_false: following 'false' branch...
sudo-1.9.17p2/plugins/sudoers/sssd.c:635:37: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/sssd.c:635:8: branch_true: following 'true' branch...
sudo-1.9.17p2/plugins/sudoers/sssd.c:636:13: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/sssd.c:636:13: call_function: calling 'get_ipa_hostname' from 'sudo_sss_open'
#  136|   		}
#  137|   		if (shost != NULL && lhost != NULL) {
#  138|-> 		    sudo_debug_printf(SUDO_DEBUG_INFO,
#  139|   			"ipa_hostname %s overrides %s", lhost, ctx->user.host);
#  140|   		    *shostp = shost;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def475]
sudo-1.9.17p2/plugins/sudoers/sssd.c:138:21: warning[-Wanalyzer-malloc-leak]: leak of 'lhost'
sudo-1.9.17p2/plugins/sudoers/sssd.c:105:8: branch_true: following 'true' branch...
 branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/sssd.c:106:16: branch_true: following 'true' branch...
sudo-1.9.17p2/plugins/sudoers/sssd.c:107:19: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/sssd.c:131:25: acquire_memory: allocated here
sudo-1.9.17p2/plugins/sudoers/sssd.c:132:20: branch_true: following 'true' branch (when 'lhost' is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/sssd.c:132:44: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/sssd.c:132:21: branch_true: following 'true' branch (when 'cp' is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/sssd.c:133:52: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/sssd.c:137:20: branch_true: following 'true' branch...
sudo-1.9.17p2/plugins/sudoers/sssd.c:138:21: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/sssd.c:138:21: danger: 'lhost' leaks here; was allocated at [(5)](sarif:/runs/0/results/6/codeFlows/0/threadFlows/0/locations/4)
#  136|   		}
#  137|   		if (shost != NULL && lhost != NULL) {
#  138|-> 		    sudo_debug_printf(SUDO_DEBUG_INFO,
#  139|   			"ipa_hostname %s overrides %s", lhost, ctx->user.host);
#  140|   		    *shostp = shost;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def476]
sudo-1.9.17p2/plugins/sudoers/sssd.c:138:21: warning[-Wanalyzer-malloc-leak]: leak of 'shost'
sudo-1.9.17p2/plugins/sudoers/sssd.c:105:8: branch_true: following 'true' branch...
 branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/sssd.c:106:16: branch_true: following 'true' branch...
sudo-1.9.17p2/plugins/sudoers/sssd.c:107:19: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/sssd.c:131:25: acquire_memory: allocated here
sudo-1.9.17p2/plugins/sudoers/sssd.c:132:20: branch_true: following 'true' branch (when 'lhost' is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/sssd.c:132:44: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/sssd.c:132:21: branch_false: following 'false' branch (when 'cp' is NULL)...
sudo-1.9.17p2/plugins/sudoers/sssd.c:137:21: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/sssd.c:137:20: branch_true: following 'true' branch...
sudo-1.9.17p2/plugins/sudoers/sssd.c:138:21: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/sssd.c:138:21: danger: 'shost' leaks here; was allocated at [(5)](sarif:/runs/0/results/4/codeFlows/0/threadFlows/0/locations/4)
#  136|   		}
#  137|   		if (shost != NULL && lhost != NULL) {
#  138|-> 		    sudo_debug_printf(SUDO_DEBUG_INFO,
#  139|   			"ipa_hostname %s overrides %s", lhost, ctx->user.host);
#  140|   		    *shostp = shost;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def477]
sudo-1.9.17p2/plugins/sudoers/sssd.c:144:21: warning[-Wanalyzer-malloc-leak]: leak of 'handle'
sudo-1.9.17p2/plugins/sudoers/sssd.c:555:1: enter_function: entry to 'sudo_sss_open'
sudo-1.9.17p2/plugins/sudoers/sssd.c:568:14: acquire_memory: allocated here
sudo-1.9.17p2/plugins/sudoers/sssd.c:569:8: branch_false: following 'false' branch (when 'handle' is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/sssd.c:575:22: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/sssd.c:576:8: branch_false: following 'false' branch...
sudo-1.9.17p2/plugins/sudoers/sssd.c:587:9: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/sssd.c:588:8: branch_false: following 'false' branch...
sudo-1.9.17p2/plugins/sudoers/sssd.c:596:9: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/sssd.c:597:8: branch_false: following 'false' branch...
sudo-1.9.17p2/plugins/sudoers/sssd.c:605:9: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/sssd.c:606:8: branch_false: following 'false' branch...
sudo-1.9.17p2/plugins/sudoers/sssd.c:614:9: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/sssd.c:615:8: branch_false: following 'false' branch...
sudo-1.9.17p2/plugins/sudoers/sssd.c:623:9: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/sssd.c:624:8: branch_false: following 'false' branch...
sudo-1.9.17p2/plugins/sudoers/sssd.c:635:37: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/sssd.c:635:8: branch_true: following 'true' branch...
sudo-1.9.17p2/plugins/sudoers/sssd.c:636:13: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/sssd.c:636:13: call_function: calling 'get_ipa_hostname' from 'sudo_sss_open'
#  142|   		    ret = true;
#  143|   		} else {
#  144|-> 		    sudo_warnx(U_("%s: %s"), __func__,
#  145|   			U_("unable to allocate memory"));
#  146|   		    free(shost);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def478]
sudo-1.9.17p2/plugins/sudoers/sssd.c:144:21: warning[-Wanalyzer-malloc-leak]: leak of 'lhost'
sudo-1.9.17p2/plugins/sudoers/sssd.c:105:8: branch_true: following 'true' branch...
 branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/sssd.c:106:16: branch_true: following 'true' branch...
sudo-1.9.17p2/plugins/sudoers/sssd.c:107:19: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/sssd.c:131:25: acquire_memory: allocated here
sudo-1.9.17p2/plugins/sudoers/sssd.c:132:20: branch_true: following 'true' branch (when 'lhost' is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/sssd.c:132:44: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/sssd.c:132:21: branch_true: following 'true' branch (when 'cp' is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/sssd.c:133:52: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/sssd.c:137:20: branch_false: following 'false' branch...
sudo-1.9.17p2/plugins/sudoers/sssd.c:144:21: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/sssd.c:144:21: danger: 'lhost' leaks here; was allocated at [(5)](sarif:/runs/0/results/8/codeFlows/0/threadFlows/0/locations/4)
#  142|   		    ret = true;
#  143|   		} else {
#  144|-> 		    sudo_warnx(U_("%s: %s"), __func__,
#  145|   			U_("unable to allocate memory"));
#  146|   		    free(shost);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def479]
sudo-1.9.17p2/plugins/sudoers/sssd.c:374:16: warning[-Wanalyzer-malloc-leak]: leak of 'us'
sudo-1.9.17p2/plugins/sudoers/sssd.c:372:15: acquire_memory: allocated here
sudo-1.9.17p2/plugins/sudoers/sssd.c:372:8: branch_false: following 'false' branch (when 'us' is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/sssd.c:374:16: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/sssd.c:374:16: danger: 'us' leaks here; was allocated at [(1)](sarif:/runs/0/results/14/codeFlows/0/threadFlows/0/locations/0)
#  372|       if ((us = calloc(1, sizeof(*us))) == NULL)
#  373|   	goto oom;
#  374|->     us->file = sudo_rcstr_dup("SSSD");
#  375|       TAILQ_INIT(&us->users);
#  376|       TAILQ_INIT(&us->privileges);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def480]
sudo-1.9.17p2/plugins/sudoers/sssd.c:575:22: warning[-Wanalyzer-malloc-leak]: leak of 'handle'
sudo-1.9.17p2/plugins/sudoers/sssd.c:568:14: acquire_memory: allocated here
sudo-1.9.17p2/plugins/sudoers/sssd.c:569:8: branch_false: following 'false' branch (when 'handle' is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/sssd.c:575:22: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/sssd.c:575:22: danger: 'handle' leaks here; was allocated at [(1)](sarif:/runs/0/results/15/codeFlows/0/threadFlows/0/locations/0)
#  573|   
#  574|       /* Load symbols */
#  575|->     handle->ssslib = sudo_dso_load(path, SUDO_DSO_LAZY);
#  576|       if (handle->ssslib == NULL) {
#  577|   	const char *errstr = sudo_dso_strerror();

Error: GCC_ANALYZER_WARNING (CWE-401): [#def481]
sudo-1.9.17p2/plugins/sudoers/sssd.c:577:30: warning[-Wanalyzer-malloc-leak]: leak of 'handle'
sudo-1.9.17p2/plugins/sudoers/sssd.c:568:14: acquire_memory: allocated here
sudo-1.9.17p2/plugins/sudoers/sssd.c:569:8: branch_false: following 'false' branch (when 'handle' is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/sssd.c:575:22: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/sssd.c:576:8: branch_true: following 'true' branch...
sudo-1.9.17p2/plugins/sudoers/sssd.c:577:30: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/sssd.c:577:30: danger: 'handle' leaks here; was allocated at [(1)](sarif:/runs/0/results/16/codeFlows/0/threadFlows/0/locations/0)
#  575|       handle->ssslib = sudo_dso_load(path, SUDO_DSO_LAZY);
#  576|       if (handle->ssslib == NULL) {
#  577|-> 	const char *errstr = sudo_dso_strerror();
#  578|   	sudo_warnx(U_("unable to load %s: %s"), path,
#  579|   	    errstr ? errstr : "unknown error");

Error: GCC_ANALYZER_WARNING (CWE-401): [#def482]
sudo-1.9.17p2/plugins/sudoers/sssd.c:578:9: warning[-Wanalyzer-malloc-leak]: leak of 'handle'
sudo-1.9.17p2/plugins/sudoers/sssd.c:568:14: acquire_memory: allocated here
sudo-1.9.17p2/plugins/sudoers/sssd.c:569:8: branch_false: following 'false' branch (when 'handle' is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/sssd.c:575:22: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/sssd.c:576:8: branch_true: following 'true' branch...
sudo-1.9.17p2/plugins/sudoers/sssd.c:577:30: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/sssd.c:578:9: danger: 'handle' leaks here; was allocated at [(1)](sarif:/runs/0/results/17/codeFlows/0/threadFlows/0/locations/0)
#  576|       if (handle->ssslib == NULL) {
#  577|   	const char *errstr = sudo_dso_strerror();
#  578|-> 	sudo_warnx(U_("unable to load %s: %s"), path,
#  579|   	    errstr ? errstr : "unknown error");
#  580|   	sudo_warnx("%s",

Error: GCC_ANALYZER_WARNING (CWE-401): [#def483]
sudo-1.9.17p2/plugins/sudoers/sssd.c:580:9: warning[-Wanalyzer-malloc-leak]: leak of 'handle'
sudo-1.9.17p2/plugins/sudoers/sssd.c:568:14: acquire_memory: allocated here
sudo-1.9.17p2/plugins/sudoers/sssd.c:569:8: branch_false: following 'false' branch (when 'handle' is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/sssd.c:575:22: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/sssd.c:576:8: branch_true: following 'true' branch...
sudo-1.9.17p2/plugins/sudoers/sssd.c:577:30: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/sssd.c:580:9: danger: 'handle' leaks here; was allocated at [(1)](sarif:/runs/0/results/21/codeFlows/0/threadFlows/0/locations/0)
#  578|   	sudo_warnx(U_("unable to load %s: %s"), path,
#  579|   	    errstr ? errstr : "unknown error");
#  580|-> 	sudo_warnx("%s",
#  581|   	    U_("unable to initialize SSS source. Is SSSD installed on your machine?"));
#  582|   	free(handle);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def484]
sudo-1.9.17p2/plugins/sudoers/sssd.c:587:9: warning[-Wanalyzer-malloc-leak]: leak of 'handle'
sudo-1.9.17p2/plugins/sudoers/sssd.c:568:14: acquire_memory: allocated here
sudo-1.9.17p2/plugins/sudoers/sssd.c:569:8: branch_false: following 'false' branch (when 'handle' is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/sssd.c:575:22: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/sssd.c:576:8: branch_false: following 'false' branch...
sudo-1.9.17p2/plugins/sudoers/sssd.c:587:9: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/sssd.c:587:9: danger: 'handle' leaks here; was allocated at [(1)](sarif:/runs/0/results/25/codeFlows/0/threadFlows/0/locations/0)
#  585|   
#  586|       handle->fn_send_recv =
#  587|-> 	sudo_dso_findsym(handle->ssslib, "sss_sudo_send_recv");
#  588|       if (handle->fn_send_recv == NULL) {
#  589|   	sudo_warnx(U_("unable to find symbol \"%s\" in %s"), path,

Error: GCC_ANALYZER_WARNING (CWE-401): [#def485]
sudo-1.9.17p2/plugins/sudoers/sssd.c:589:9: warning[-Wanalyzer-malloc-leak]: leak of 'handle'
sudo-1.9.17p2/plugins/sudoers/sssd.c:568:14: acquire_memory: allocated here
sudo-1.9.17p2/plugins/sudoers/sssd.c:569:8: branch_false: following 'false' branch (when 'handle' is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/sssd.c:575:22: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/sssd.c:576:8: branch_false: following 'false' branch...
sudo-1.9.17p2/plugins/sudoers/sssd.c:587:9: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/sssd.c:588:8: branch_true: following 'true' branch...
sudo-1.9.17p2/plugins/sudoers/sssd.c:589:9: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/sssd.c:589:9: danger: 'handle' leaks here; was allocated at [(1)](sarif:/runs/0/results/26/codeFlows/0/threadFlows/0/locations/0)
#  587|   	sudo_dso_findsym(handle->ssslib, "sss_sudo_send_recv");
#  588|       if (handle->fn_send_recv == NULL) {
#  589|-> 	sudo_warnx(U_("unable to find symbol \"%s\" in %s"), path,
#  590|   	   "sss_sudo_send_recv");
#  591|   	free(handle);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def486]
sudo-1.9.17p2/plugins/sudoers/sssd.c:596:9: warning[-Wanalyzer-malloc-leak]: leak of 'handle'
sudo-1.9.17p2/plugins/sudoers/sssd.c:568:14: acquire_memory: allocated here
sudo-1.9.17p2/plugins/sudoers/sssd.c:569:8: branch_false: following 'false' branch (when 'handle' is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/sssd.c:575:22: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/sssd.c:576:8: branch_false: following 'false' branch...
sudo-1.9.17p2/plugins/sudoers/sssd.c:587:9: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/sssd.c:588:8: branch_false: following 'false' branch...
sudo-1.9.17p2/plugins/sudoers/sssd.c:596:9: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/sssd.c:596:9: danger: 'handle' leaks here; was allocated at [(1)](sarif:/runs/0/results/30/codeFlows/0/threadFlows/0/locations/0)
#  594|   
#  595|       handle->fn_send_recv_defaults =
#  596|-> 	sudo_dso_findsym(handle->ssslib, "sss_sudo_send_recv_defaults");
#  597|       if (handle->fn_send_recv_defaults == NULL) {
#  598|   	sudo_warnx(U_("unable to find symbol \"%s\" in %s"), path,

Error: GCC_ANALYZER_WARNING (CWE-401): [#def487]
sudo-1.9.17p2/plugins/sudoers/sssd.c:598:9: warning[-Wanalyzer-malloc-leak]: leak of 'handle'
sudo-1.9.17p2/plugins/sudoers/sssd.c:568:14: acquire_memory: allocated here
sudo-1.9.17p2/plugins/sudoers/sssd.c:569:8: branch_false: following 'false' branch (when 'handle' is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/sssd.c:575:22: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/sssd.c:576:8: branch_false: following 'false' branch...
sudo-1.9.17p2/plugins/sudoers/sssd.c:587:9: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/sssd.c:588:8: branch_false: following 'false' branch...
sudo-1.9.17p2/plugins/sudoers/sssd.c:596:9: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/sssd.c:597:8: branch_true: following 'true' branch...
sudo-1.9.17p2/plugins/sudoers/sssd.c:598:9: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/sssd.c:598:9: danger: 'handle' leaks here; was allocated at [(1)](sarif:/runs/0/results/31/codeFlows/0/threadFlows/0/locations/0)
#  596|   	sudo_dso_findsym(handle->ssslib, "sss_sudo_send_recv_defaults");
#  597|       if (handle->fn_send_recv_defaults == NULL) {
#  598|-> 	sudo_warnx(U_("unable to find symbol \"%s\" in %s"), path,
#  599|   	   "sss_sudo_send_recv_defaults");
#  600|   	free(handle);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def488]
sudo-1.9.17p2/plugins/sudoers/sssd.c:605:9: warning[-Wanalyzer-malloc-leak]: leak of 'handle'
sudo-1.9.17p2/plugins/sudoers/sssd.c:568:14: acquire_memory: allocated here
sudo-1.9.17p2/plugins/sudoers/sssd.c:569:8: branch_false: following 'false' branch (when 'handle' is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/sssd.c:575:22: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/sssd.c:576:8: branch_false: following 'false' branch...
sudo-1.9.17p2/plugins/sudoers/sssd.c:587:9: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/sssd.c:588:8: branch_false: following 'false' branch...
sudo-1.9.17p2/plugins/sudoers/sssd.c:596:9: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/sssd.c:597:8: branch_false: following 'false' branch...
sudo-1.9.17p2/plugins/sudoers/sssd.c:605:9: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/sssd.c:605:9: danger: 'handle' leaks here; was allocated at [(1)](sarif:/runs/0/results/35/codeFlows/0/threadFlows/0/locations/0)
#  603|   
#  604|       handle->fn_free_result =
#  605|-> 	sudo_dso_findsym(handle->ssslib, "sss_sudo_free_result");
#  606|       if (handle->fn_free_result == NULL) {
#  607|   	sudo_warnx(U_("unable to find symbol \"%s\" in %s"), path,

Error: GCC_ANALYZER_WARNING (CWE-401): [#def489]
sudo-1.9.17p2/plugins/sudoers/sssd.c:607:9: warning[-Wanalyzer-malloc-leak]: leak of 'handle'
sudo-1.9.17p2/plugins/sudoers/sssd.c:568:14: acquire_memory: allocated here
sudo-1.9.17p2/plugins/sudoers/sssd.c:569:8: branch_false: following 'false' branch (when 'handle' is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/sssd.c:575:22: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/sssd.c:576:8: branch_false: following 'false' branch...
sudo-1.9.17p2/plugins/sudoers/sssd.c:587:9: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/sssd.c:588:8: branch_false: following 'false' branch...
sudo-1.9.17p2/plugins/sudoers/sssd.c:596:9: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/sssd.c:597:8: branch_false: following 'false' branch...
sudo-1.9.17p2/plugins/sudoers/sssd.c:605:9: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/sssd.c:606:8: branch_true: following 'true' branch...
sudo-1.9.17p2/plugins/sudoers/sssd.c:607:9: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/sssd.c:607:9: danger: 'handle' leaks here; was allocated at [(1)](sarif:/runs/0/results/36/codeFlows/0/threadFlows/0/locations/0)
#  605|   	sudo_dso_findsym(handle->ssslib, "sss_sudo_free_result");
#  606|       if (handle->fn_free_result == NULL) {
#  607|-> 	sudo_warnx(U_("unable to find symbol \"%s\" in %s"), path,
#  608|   	   "sss_sudo_free_result");
#  609|   	free(handle);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def490]
sudo-1.9.17p2/plugins/sudoers/sssd.c:614:9: warning[-Wanalyzer-malloc-leak]: leak of 'handle'
sudo-1.9.17p2/plugins/sudoers/sssd.c:568:14: acquire_memory: allocated here
sudo-1.9.17p2/plugins/sudoers/sssd.c:569:8: branch_false: following 'false' branch (when 'handle' is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/sssd.c:575:22: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/sssd.c:576:8: branch_false: following 'false' branch...
sudo-1.9.17p2/plugins/sudoers/sssd.c:587:9: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/sssd.c:588:8: branch_false: following 'false' branch...
sudo-1.9.17p2/plugins/sudoers/sssd.c:596:9: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/sssd.c:597:8: branch_false: following 'false' branch...
sudo-1.9.17p2/plugins/sudoers/sssd.c:605:9: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/sssd.c:606:8: branch_false: following 'false' branch...
sudo-1.9.17p2/plugins/sudoers/sssd.c:614:9: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/sssd.c:614:9: danger: 'handle' leaks here; was allocated at [(1)](sarif:/runs/0/results/40/codeFlows/0/threadFlows/0/locations/0)
#  612|   
#  613|       handle->fn_get_values =
#  614|-> 	sudo_dso_findsym(handle->ssslib, "sss_sudo_get_values");
#  615|       if (handle->fn_get_values == NULL) {
#  616|   	sudo_warnx(U_("unable to find symbol \"%s\" in %s"), path,

Error: GCC_ANALYZER_WARNING (CWE-401): [#def491]
sudo-1.9.17p2/plugins/sudoers/sssd.c:616:9: warning[-Wanalyzer-malloc-leak]: leak of 'handle'
sudo-1.9.17p2/plugins/sudoers/sssd.c:568:14: acquire_memory: allocated here
sudo-1.9.17p2/plugins/sudoers/sssd.c:569:8: branch_false: following 'false' branch (when 'handle' is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/sssd.c:575:22: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/sssd.c:576:8: branch_false: following 'false' branch...
sudo-1.9.17p2/plugins/sudoers/sssd.c:587:9: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/sssd.c:588:8: branch_false: following 'false' branch...
sudo-1.9.17p2/plugins/sudoers/sssd.c:596:9: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/sssd.c:597:8: branch_false: following 'false' branch...
sudo-1.9.17p2/plugins/sudoers/sssd.c:605:9: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/sssd.c:606:8: branch_false: following 'false' branch...
sudo-1.9.17p2/plugins/sudoers/sssd.c:614:9: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/sssd.c:615:8: branch_true: following 'true' branch...
sudo-1.9.17p2/plugins/sudoers/sssd.c:616:9: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/sssd.c:616:9: danger: 'handle' leaks here; was allocated at [(1)](sarif:/runs/0/results/41/codeFlows/0/threadFlows/0/locations/0)
#  614|   	sudo_dso_findsym(handle->ssslib, "sss_sudo_get_values");
#  615|       if (handle->fn_get_values == NULL) {
#  616|-> 	sudo_warnx(U_("unable to find symbol \"%s\" in %s"), path,
#  617|   	   "sss_sudo_get_values");
#  618|   	free(handle);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def492]
sudo-1.9.17p2/plugins/sudoers/sssd.c:623:9: warning[-Wanalyzer-malloc-leak]: leak of 'handle'
sudo-1.9.17p2/plugins/sudoers/sssd.c:568:14: acquire_memory: allocated here
sudo-1.9.17p2/plugins/sudoers/sssd.c:569:8: branch_false: following 'false' branch (when 'handle' is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/sssd.c:575:22: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/sssd.c:576:8: branch_false: following 'false' branch...
sudo-1.9.17p2/plugins/sudoers/sssd.c:587:9: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/sssd.c:588:8: branch_false: following 'false' branch...
sudo-1.9.17p2/plugins/sudoers/sssd.c:596:9: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/sssd.c:597:8: branch_false: following 'false' branch...
sudo-1.9.17p2/plugins/sudoers/sssd.c:605:9: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/sssd.c:606:8: branch_false: following 'false' branch...
sudo-1.9.17p2/plugins/sudoers/sssd.c:614:9: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/sssd.c:615:8: branch_false: following 'false' branch...
sudo-1.9.17p2/plugins/sudoers/sssd.c:623:9: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/sssd.c:623:9: danger: 'handle' leaks here; was allocated at [(1)](sarif:/runs/0/results/45/codeFlows/0/threadFlows/0/locations/0)
#  621|   
#  622|       handle->fn_free_values =
#  623|-> 	sudo_dso_findsym(handle->ssslib, "sss_sudo_free_values");
#  624|       if (handle->fn_free_values == NULL) {
#  625|   	sudo_warnx(U_("unable to find symbol \"%s\" in %s"), path,

Error: GCC_ANALYZER_WARNING (CWE-401): [#def493]
sudo-1.9.17p2/plugins/sudoers/sssd.c:625:9: warning[-Wanalyzer-malloc-leak]: leak of 'handle'
sudo-1.9.17p2/plugins/sudoers/sssd.c:568:14: acquire_memory: allocated here
sudo-1.9.17p2/plugins/sudoers/sssd.c:569:8: branch_false: following 'false' branch (when 'handle' is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/sssd.c:575:22: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/sssd.c:576:8: branch_false: following 'false' branch...
sudo-1.9.17p2/plugins/sudoers/sssd.c:587:9: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/sssd.c:588:8: branch_false: following 'false' branch...
sudo-1.9.17p2/plugins/sudoers/sssd.c:596:9: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/sssd.c:597:8: branch_false: following 'false' branch...
sudo-1.9.17p2/plugins/sudoers/sssd.c:605:9: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/sssd.c:606:8: branch_false: following 'false' branch...
sudo-1.9.17p2/plugins/sudoers/sssd.c:614:9: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/sssd.c:615:8: branch_false: following 'false' branch...
sudo-1.9.17p2/plugins/sudoers/sssd.c:623:9: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/sssd.c:624:8: branch_true: following 'true' branch...
sudo-1.9.17p2/plugins/sudoers/sssd.c:625:9: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/sssd.c:625:9: danger: 'handle' leaks here; was allocated at [(1)](sarif:/runs/0/results/46/codeFlows/0/threadFlows/0/locations/0)
#  623|   	sudo_dso_findsym(handle->ssslib, "sss_sudo_free_values");
#  624|       if (handle->fn_free_values == NULL) {
#  625|-> 	sudo_warnx(U_("unable to find symbol \"%s\" in %s"), path,
#  626|   	   "sss_sudo_free_values");
#  627|   	free(handle);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def494]
sudo-1.9.17p2/plugins/sudoers/sssd.c:643:5: warning[-Wanalyzer-malloc-leak]: leak of 'handle'
sudo-1.9.17p2/plugins/sudoers/sssd.c:568:14: acquire_memory: allocated here
sudo-1.9.17p2/plugins/sudoers/sssd.c:569:8: branch_false: following 'false' branch (when 'handle' is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/sssd.c:575:22: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/sssd.c:576:8: branch_false: following 'false' branch...
sudo-1.9.17p2/plugins/sudoers/sssd.c:587:9: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/sssd.c:588:8: branch_false: following 'false' branch...
sudo-1.9.17p2/plugins/sudoers/sssd.c:596:9: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/sssd.c:597:8: branch_false: following 'false' branch...
sudo-1.9.17p2/plugins/sudoers/sssd.c:605:9: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/sssd.c:606:8: branch_false: following 'false' branch...
sudo-1.9.17p2/plugins/sudoers/sssd.c:614:9: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/sssd.c:615:8: branch_false: following 'false' branch...
sudo-1.9.17p2/plugins/sudoers/sssd.c:623:9: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/sssd.c:624:8: branch_false: following 'false' branch...
sudo-1.9.17p2/plugins/sudoers/sssd.c:635:37: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/sssd.c:635:8: branch_false: following 'false' branch...
sudo-1.9.17p2/plugins/sudoers/sssd.c:643:5: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/sssd.c:643:5: danger: 'handle' leaks here; was allocated at [(1)](sarif:/runs/0/results/50/codeFlows/0/threadFlows/0/locations/0)
#  641|   
#  642|       /* The "parse tree" contains userspecs, defaults, aliases and hostnames. */
#  643|->     init_parse_tree(&handle->parse_tree, handle->ipa_host, handle->ipa_shost,
#  644|   	ctx, nss);
#  645|       nss->handle = handle;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def495]
sudo-1.9.17p2/plugins/sudoers/strlist.c:48:5: warning[-Wanalyzer-malloc-leak]: leak of '<unknown>'
sudo-1.9.17p2/plugins/sudoers/strlist.c:41:8: branch_true: following 'true' branch (when 'cs' is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/strlist.c:42:24: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/strlist.c:42:24: acquire_memory: allocated here
sudo-1.9.17p2/plugins/sudoers/strlist.c:42:12: branch_false: following 'false' branch...
sudo-1.9.17p2/plugins/sudoers/strlist.c:48:5: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/strlist.c:48:5: danger: '<unknown>' leaks here; was allocated at [(3)](sarif:/runs/0/results/0/codeFlows/0/threadFlows/0/locations/2)
#   46|       }
#   47|   
#   48|->     debug_return_ptr(cs);
#   49|   }
#   50|   

Error: GCC_ANALYZER_WARNING (CWE-401): [#def496]
sudo-1.9.17p2/plugins/sudoers/strlist.c:48:5: warning[-Wanalyzer-malloc-leak]: leak of 'cs'
sudo-1.9.17p2/plugins/sudoers/strlist.c:41:15: acquire_memory: allocated here
sudo-1.9.17p2/plugins/sudoers/strlist.c:41:8: branch_true: following 'true' branch (when 'cs' is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/strlist.c:42:24: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/strlist.c:42:12: branch_false: following 'false' branch...
sudo-1.9.17p2/plugins/sudoers/strlist.c:48:5: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/strlist.c:48:5: danger: 'cs' leaks here; was allocated at [(1)](sarif:/runs/0/results/1/codeFlows/0/threadFlows/0/locations/0)
#   46|       }
#   47|   
#   48|->     debug_return_ptr(cs);
#   49|   }
#   50|   

Error: GCC_ANALYZER_WARNING (CWE-401): [#def497]
sudo-1.9.17p2/plugins/sudoers/strlist.c:72:5: warning[-Wanalyzer-malloc-leak]: leak of 'strlist'
sudo-1.9.17p2/plugins/sudoers/strlist.c:66:15: acquire_memory: allocated here
sudo-1.9.17p2/plugins/sudoers/strlist.c:67:8: branch_true: following 'true' branch (when 'strlist' is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/strlist.c:68:9: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/strlist.c:72:5: danger: 'strlist' leaks here; was allocated at [(1)](sarif:/runs/0/results/2/codeFlows/0/threadFlows/0/locations/0)
#   70|       }
#   71|   
#   72|->     debug_return_ptr(strlist);
#   73|   }
#   74|   

Error: GCC_ANALYZER_WARNING (CWE-401): [#def498]
sudo-1.9.17p2/plugins/sudoers/strvec_join.c:60:13: warning[-Wanalyzer-malloc-leak]: leak of 'dst'
sudo-1.9.17p2/plugins/sudoers/strvec_join.c:52:8: branch_false: following 'false' branch (when 'size != 0')...
sudo-1.9.17p2/plugins/sudoers/strvec_join.c:52:32: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/strvec_join.c:52:32: acquire_memory: allocated here
sudo-1.9.17p2/plugins/sudoers/strvec_join.c:52:9: branch_false: following 'false' branch (when 'result' is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/strvec_join.c:57:8: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/strvec_join.c:59:35: branch_true: following 'true' branch...
sudo-1.9.17p2/plugins/sudoers/strvec_join.c:60:13: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/strvec_join.c:60:13: danger: 'dst' leaks here; was allocated at [(3)](sarif:/runs/0/results/0/codeFlows/0/threadFlows/0/locations/2)
#   58|   	cpy = cpy_default;
#   59|       for (dst = result, av = argv; *av != NULL; av++) {
#   60|-> 	n = cpy(dst, *av, size);
#   61|   	if (n >= size) {
#   62|   	    sudo_warnx(U_("internal error, %s overflow"), __func__);

Error: GCC_ANALYZER_WARNING (CWE-775): [#def499]
sudo-1.9.17p2/plugins/sudoers/sudo_nss.c:77:12: warning[-Wanalyzer-file-leak]: leak of FILE 'fopen("/etc/nsswitch.conf", "r")'
sudo-1.9.17p2/plugins/sudoers/sudo_nss.c:74:15: acquire_resource: opened here
sudo-1.9.17p2/plugins/sudoers/sudo_nss.c:74:8: branch_false: following 'false' branch...
 branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/sudo_nss.c:77:12: danger: 'fopen("/etc/nsswitch.conf", "r")' leaks here; was opened at [(1)](sarif:/runs/0/results/0/codeFlows/0/threadFlows/0/locations/0)
#   75|   	goto nomatch;
#   76|   
#   77|->     while (sudo_parseln(&line, &linesize, NULL, fp, 0) != -1) {
#   78|   	char *cp, *last;
#   79|   

Error: GCC_ANALYZER_WARNING (CWE-401): [#def500]
sudo-1.9.17p2/plugins/sudoers/sudo_nss.c:77:12: warning[-Wanalyzer-malloc-leak]: leak of 'fopen("/etc/nsswitch.conf", "r")'
sudo-1.9.17p2/plugins/sudoers/sudo_nss.c:74:15: acquire_memory: allocated here
sudo-1.9.17p2/plugins/sudoers/sudo_nss.c:74:8: branch_false: following 'false' branch...
 branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/sudo_nss.c:77:12: danger: 'fopen("/etc/nsswitch.conf", "r")' leaks here; was allocated at [(1)](sarif:/runs/0/results/1/codeFlows/0/threadFlows/0/locations/0)
#   75|   	goto nomatch;
#   76|   
#   77|->     while (sudo_parseln(&line, &linesize, NULL, fp, 0) != -1) {
#   78|   	char *cp, *last;
#   79|   

Error: GCC_ANALYZER_WARNING (CWE-401): [#def501]
sudo-1.9.17p2/plugins/sudoers/sudoers.c:1311:36: warning[-Wanalyzer-malloc-leak]: leak of 'fp'
sudo-1.9.17p2/plugins/sudoers/sudoers.c:1292:12: branch_false: following 'false' branch...
sudo-1.9.17p2/plugins/sudoers/sudoers.c:1306:19: acquire_memory: allocated here
sudo-1.9.17p2/plugins/sudoers/sudoers.c:1306:12: branch_false: following 'false' branch (when 'fp' is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/sudoers.c:1311:17: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/sudoers.c:1311:16: branch_true: following 'true' branch...
sudo-1.9.17p2/plugins/sudoers/sudoers.c:1311:36: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/sudoers.c:1311:36: danger: 'fp' leaks here; was allocated at [(3)](sarif:/runs/0/results/0/codeFlows/0/threadFlows/0/locations/2)
# 1309|   	} else {
# 1310|   	    fd = -1;
# 1311|-> 	    if (sb.st_size != 0 && fgetc(fp) == EOF) {
# 1312|   		log_warning(&sudoers_ctx, SLOG_PARSE_ERROR,
# 1313|   		    N_("unable to read %s"), fname);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def502]
sudo-1.9.17p2/plugins/sudoers/sudoers.c:1312:17: warning[-Wanalyzer-malloc-leak]: leak of 'fp'
sudo-1.9.17p2/plugins/sudoers/sudoers.c:1292:12: branch_false: following 'false' branch...
sudo-1.9.17p2/plugins/sudoers/sudoers.c:1306:19: acquire_memory: allocated here
sudo-1.9.17p2/plugins/sudoers/sudoers.c:1306:12: branch_false: following 'false' branch (when 'fp' is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/sudoers.c:1311:17: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/sudoers.c:1311:16: branch_true: following 'true' branch...
sudo-1.9.17p2/plugins/sudoers/sudoers.c:1312:17: danger: 'fp' leaks here; was allocated at [(3)](sarif:/runs/0/results/1/codeFlows/0/threadFlows/0/locations/2)
# 1310|   	    fd = -1;
# 1311|   	    if (sb.st_size != 0 && fgetc(fp) == EOF) {
# 1312|-> 		log_warning(&sudoers_ctx, SLOG_PARSE_ERROR,
# 1313|   		    N_("unable to read %s"), fname);
# 1314|   		fclose(fp);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def503]
sudo-1.9.17p2/plugins/sudoers/sudoers.c:1318:17: warning[-Wanalyzer-malloc-leak]: leak of 'fp'
sudo-1.9.17p2/plugins/sudoers/sudoers.c:1292:12: branch_false: following 'false' branch...
sudo-1.9.17p2/plugins/sudoers/sudoers.c:1306:19: acquire_memory: allocated here
sudo-1.9.17p2/plugins/sudoers/sudoers.c:1306:12: branch_false: following 'false' branch (when 'fp' is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/sudoers.c:1311:17: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/sudoers.c:1318:17: danger: 'fp' leaks here; was allocated at [(3)](sarif:/runs/0/results/2/codeFlows/0/threadFlows/0/locations/2)
# 1316|   	    } else {
# 1317|   		/* Rewind fp and set close on exec flag. */
# 1318|-> 		rewind(fp);
# 1319|   		(void)fcntl(fileno(fp), F_SETFD, FD_CLOEXEC);
# 1320|   		if (outfile != NULL) {

Error: GCC_ANALYZER_WARNING (CWE-401): [#def504]
sudo-1.9.17p2/plugins/sudoers/sudoers.c:1319:23: warning[-Wanalyzer-malloc-leak]: leak of 'fp'
sudo-1.9.17p2/plugins/sudoers/sudoers.c:1292:12: branch_false: following 'false' branch...
sudo-1.9.17p2/plugins/sudoers/sudoers.c:1306:19: acquire_memory: allocated here
sudo-1.9.17p2/plugins/sudoers/sudoers.c:1306:12: branch_false: following 'false' branch (when 'fp' is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/sudoers.c:1311:17: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/sudoers.c:1319:23: danger: 'fp' leaks here; was allocated at [(3)](sarif:/runs/0/results/3/codeFlows/0/threadFlows/0/locations/2)
# 1317|   		/* Rewind fp and set close on exec flag. */
# 1318|   		rewind(fp);
# 1319|-> 		(void)fcntl(fileno(fp), F_SETFD, FD_CLOEXEC);
# 1320|   		if (outfile != NULL) {
# 1321|                       *outfile = sudo_rcstr_dup(fname);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def505]
sudo-1.9.17p2/plugins/sudoers/sudoers.c:1321:32: warning[-Wanalyzer-malloc-leak]: leak of 'fp'
sudo-1.9.17p2/plugins/sudoers/sudoers.c:1292:12: branch_false: following 'false' branch...
sudo-1.9.17p2/plugins/sudoers/sudoers.c:1306:19: acquire_memory: allocated here
sudo-1.9.17p2/plugins/sudoers/sudoers.c:1306:12: branch_false: following 'false' branch (when 'fp' is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/sudoers.c:1311:17: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/sudoers.c:1320:20: branch_true: following 'true' branch (when 'outfile' is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/sudoers.c:1321:32: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/sudoers.c:1321:32: danger: 'fp' leaks here; was allocated at [(3)](sarif:/runs/0/results/4/codeFlows/0/threadFlows/0/locations/2)
# 1319|   		(void)fcntl(fileno(fp), F_SETFD, FD_CLOEXEC);
# 1320|   		if (outfile != NULL) {
# 1321|->                     *outfile = sudo_rcstr_dup(fname);
# 1322|   		    if (*outfile == NULL) {
# 1323|   			sudo_warnx(U_("%s: %s"), __func__,

Error: GCC_ANALYZER_WARNING (CWE-401): [#def506]
sudo-1.9.17p2/plugins/sudoers/sudoers.c:1323:25: warning[-Wanalyzer-malloc-leak]: leak of 'fp'
sudo-1.9.17p2/plugins/sudoers/sudoers.c:1292:12: branch_false: following 'false' branch...
sudo-1.9.17p2/plugins/sudoers/sudoers.c:1306:19: acquire_memory: allocated here
sudo-1.9.17p2/plugins/sudoers/sudoers.c:1306:12: branch_false: following 'false' branch (when 'fp' is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/sudoers.c:1311:17: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/sudoers.c:1320:20: branch_true: following 'true' branch (when 'outfile' is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/sudoers.c:1321:32: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/sudoers.c:1322:24: branch_true: following 'true' branch...
sudo-1.9.17p2/plugins/sudoers/sudoers.c:1323:25: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/sudoers.c:1323:25: danger: 'fp' leaks here; was allocated at [(3)](sarif:/runs/0/results/5/codeFlows/0/threadFlows/0/locations/2)
# 1321|                       *outfile = sudo_rcstr_dup(fname);
# 1322|   		    if (*outfile == NULL) {
# 1323|-> 			sudo_warnx(U_("%s: %s"), __func__,
# 1324|   			    U_("unable to allocate memory"));
# 1325|   			fclose(fp);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def507]
sudo-1.9.17p2/plugins/sudoers/sudoers.c:1362:5: warning[-Wanalyzer-malloc-leak]: leak of 'fp'
sudo-1.9.17p2/plugins/sudoers/sudoers.c:1292:12: branch_false: following 'false' branch...
sudo-1.9.17p2/plugins/sudoers/sudoers.c:1306:19: acquire_memory: allocated here
sudo-1.9.17p2/plugins/sudoers/sudoers.c:1306:12: branch_false: following 'false' branch (when 'fp' is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/sudoers.c:1311:17: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/sudoers.c:1359:8: branch_false: following 'false' branch...
sudo-1.9.17p2/plugins/sudoers/sudoers.c:1362:5: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/sudoers.c:1362:5: danger: 'fp' leaks here; was allocated at [(3)](sarif:/runs/0/results/11/codeFlows/0/threadFlows/0/locations/2)
# 1360|   	close(fd);
# 1361|   
# 1362|->     debug_return_ptr(fp);
# 1363|   }
# 1364|   

Error: GCC_ANALYZER_WARNING (CWE-401): [#def508]
sudo-1.9.17p2/plugins/sudoers/sudoers_cb.c:93:5: warning[-Wanalyzer-malloc-leak]: leak of 'lhost'
sudo-1.9.17p2/plugins/sudoers/sudoers_cb.c:101:1: enter_function: entry to 'cb_fqdn'
sudo-1.9.17p2/plugins/sudoers/sudoers_cb.c:117:9: call_function: calling 'resolve_host' from 'cb_fqdn'
#   91|       *shortp = sname;
#   92|   
#   93|->     debug_return_int(0);
#   94|   }
#   95|   

Error: GCC_ANALYZER_WARNING (CWE-401): [#def509]
sudo-1.9.17p2/plugins/sudoers/sudoers_cb.c:93:5: warning[-Wanalyzer-malloc-leak]: leak of 'shost'
sudo-1.9.17p2/plugins/sudoers/sudoers_cb.c:101:1: enter_function: entry to 'cb_fqdn'
sudo-1.9.17p2/plugins/sudoers/sudoers_cb.c:117:9: call_function: calling 'resolve_host' from 'cb_fqdn'
#   91|       *shortp = sname;
#   92|   
#   93|->     debug_return_int(0);
#   94|   }
#   95|   

Error: GCC_ANALYZER_WARNING (CWE-401): [#def510]
sudo-1.9.17p2/plugins/sudoers/sudoers_hooks.c:78:11: warning[-Wanalyzer-malloc-leak]: leak of 'ep'
sudo-1.9.17p2/plugins/sudoers/sudoers_hooks.c:50:8: branch_false: following 'false' branch...
sudo-1.9.17p2/plugins/sudoers/sudoers_hooks.c:67:25: acquire_memory: allocated here
sudo-1.9.17p2/plugins/sudoers/sudoers_hooks.c:67:8: branch_false: following 'false' branch (when 'ep' is non-NULL)...
 branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/sudoers_hooks.c:69:20: branch_false: following 'false' branch...
sudo-1.9.17p2/plugins/sudoers/sudoers_hooks.c:71:6: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/sudoers_hooks.c:78:11: danger: 'ep' leaks here; was allocated at [(3)](sarif:/runs/0/results/0/codeFlows/0/threadFlows/0/locations/2)
#   76|       *ep = '\0';
#   77|   
#   78|->     ret = sudo_putenv_nodebug(estring, true, overwrite);
#   79|   done:
#   80|       if (ret == -1)

Error: GCC_ANALYZER_WARNING (CWE-401): [#def511]
sudo-1.9.17p2/plugins/sudoers/sudoreplay.c:1199:5: warning[-Wanalyzer-malloc-leak]: leak of ‘sn’
sudo-1.9.17p2/plugins/sudoers/sudoreplay.c:1575:1: enter_function: entry to ‘list_sessions’
sudo-1.9.17p2/plugins/sudoers/sudoreplay.c:1583:5: call_function: calling ‘parse_expr’ from ‘list_sessions’
# 1197|       char type, **av;
# 1198|       const char *errstr;
# 1199|->     debug_decl(parse_expr, SUDO_DEBUG_UTIL);
# 1200|   
# 1201|       for (av = argv; *av != NULL; av++) {

Error: GCC_ANALYZER_WARNING (CWE-401): [#def512]
sudo-1.9.17p2/plugins/sudoers/sudoreplay.c:1219:17: warning[-Wanalyzer-malloc-leak]: leak of ‘sn’
sudo-1.9.17p2/plugins/sudoers/sudoreplay.c:1575:1: enter_function: entry to ‘list_sessions’
sudo-1.9.17p2/plugins/sudoers/sudoreplay.c:1583:5: call_function: calling ‘parse_expr’ from ‘list_sessions’
# 1217|   	case 'c': /* cwd or command */
# 1218|   	    if (av[0][1] == '\0')
# 1219|-> 		sudo_fatalx(U_("ambiguous expression \"%s\""), *av);
# 1220|   	    if (strncmp(*av, "cwd", strlen(*av)) == 0)
# 1221|   		type = ST_CWD;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def513]
sudo-1.9.17p2/plugins/sudoers/sudoreplay.c:1249:17: warning[-Wanalyzer-malloc-leak]: leak of ‘sn’
sudo-1.9.17p2/plugins/sudoers/sudoreplay.c:1575:1: enter_function: entry to ‘list_sessions’
sudo-1.9.17p2/plugins/sudoers/sudoreplay.c:1583:5: call_function: calling ‘parse_expr’ from ‘list_sessions’
# 1247|   	case 't': /* tty or to date */
# 1248|   	    if (av[0][1] == '\0')
# 1249|-> 		sudo_fatalx(U_("ambiguous expression \"%s\""), *av);
# 1250|   	    if (strncmp(*av, "todate", strlen(*av)) == 0)
# 1251|   		type = ST_TODATE;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def514]
sudo-1.9.17p2/plugins/sudoers/sudoreplay.c:1290:17: warning[-Wanalyzer-malloc-leak]: leak of ‘sn’
sudo-1.9.17p2/plugins/sudoers/sudoreplay.c:1575:1: enter_function: entry to ‘list_sessions’
sudo-1.9.17p2/plugins/sudoers/sudoreplay.c:1583:5: call_function: calling ‘parse_expr’ from ‘list_sessions’
# 1288|   	} else {
# 1289|   	    if (*(++av) == NULL)
# 1290|-> 		sudo_fatalx(U_("%s requires an argument"), av[-1]);
# 1291|   	    if (type == ST_PATTERN) {
# 1292|   		if (!sudo_regex_compile(&sn->u.cmdre, *av, &errstr)) {

Error: GCC_ANALYZER_WARNING (CWE-401): [#def515]
sudo-1.9.17p2/plugins/sudoers/sudoreplay.c:1292:22: warning[-Wanalyzer-malloc-leak]: leak of ‘sn’
sudo-1.9.17p2/plugins/sudoers/sudoreplay.c:1575:1: enter_function: entry to ‘list_sessions’
sudo-1.9.17p2/plugins/sudoers/sudoreplay.c:1583:5: call_function: calling ‘parse_expr’ from ‘list_sessions’
# 1290|   		sudo_fatalx(U_("%s requires an argument"), av[-1]);
# 1291|   	    if (type == ST_PATTERN) {
# 1292|-> 		if (!sudo_regex_compile(&sn->u.cmdre, *av, &errstr)) {
# 1293|   		    sudo_fatalx(U_("invalid regular expression \"%s\": %s"),
# 1294|   			*av, U_(errstr));

Error: GCC_ANALYZER_WARNING (CWE-401): [#def516]
sudo-1.9.17p2/plugins/sudoers/sudoreplay.c:1297:39: warning[-Wanalyzer-malloc-leak]: leak of ‘sn’
sudo-1.9.17p2/plugins/sudoers/sudoreplay.c:1575:1: enter_function: entry to ‘list_sessions’
sudo-1.9.17p2/plugins/sudoers/sudoreplay.c:1583:5: call_function: calling ‘parse_expr’ from ‘list_sessions’
# 1295|   		}
# 1296|   	    } else if (type == ST_TODATE || type == ST_FROMDATE) {
# 1297|-> 		sn->u.tstamp.tv_sec = get_date(*av);
# 1298|   		sn->u.tstamp.tv_nsec = 0;
# 1299|   		if (sn->u.tstamp.tv_sec == -1)

Error: GCC_ANALYZER_WARNING (CWE-401): [#def517]
sudo-1.9.17p2/plugins/sudoers/sudoreplay.c:1300:21: warning[-Wanalyzer-malloc-leak]: leak of ‘sn’
sudo-1.9.17p2/plugins/sudoers/sudoreplay.c:1575:1: enter_function: entry to ‘list_sessions’
sudo-1.9.17p2/plugins/sudoers/sudoreplay.c:1583:5: call_function: calling ‘parse_expr’ from ‘list_sessions’
# 1298|   		sn->u.tstamp.tv_nsec = 0;
# 1299|   		if (sn->u.tstamp.tv_sec == -1)
# 1300|-> 		    sudo_fatalx(U_("could not parse date \"%s\""), *av);
# 1301|   	    } else {
# 1302|   		sn->u.ptr = *av;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def518]
sudo-1.9.17p2/plugins/sudoers/sudoreplay.c:1503:8: warning[-Wanalyzer-malloc-leak]: leak of ‘opendir(dir)’
sudo-1.9.17p2/plugins/sudoers/sudoreplay.c:1478:1: enter_function: entry to ‘find_sessions’
sudo-1.9.17p2/plugins/sudoers/sudoreplay.c:1497:9: acquire_memory: allocated here
sudo-1.9.17p2/plugins/sudoers/sudoreplay.c:1498:8: branch_false: following ‘false’ branch...
sudo-1.9.17p2/plugins/sudoers/sudoreplay.c:1502:13: call_function: inlined call to ‘strlcpy’ from ‘find_sessions’
sudo-1.9.17p2/plugins/sudoers/sudoreplay.c:1503:8: danger: ‘opendir(dir)’ leaks here; was allocated at [(2)](sarif:/runs/0/results/18/codeFlows/0/threadFlows/0/locations/1)
# 1501|       /* XXX - would be faster to use openat() and relative names */
# 1502|       sdlen = strlcpy(pathbuf, dir, sizeof(pathbuf));
# 1503|->     if (sdlen + 1 >= sizeof(pathbuf)) {
# 1504|   	errno = ENAMETOOLONG;
# 1505|   	sudo_fatal("%s/", dir);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def519]
sudo-1.9.17p2/plugins/sudoers/sudoreplay.c:1511:18: warning[-Wanalyzer-malloc-leak]: leak of ‘opendir(dir)’
sudo-1.9.17p2/plugins/sudoers/sudoreplay.c:1478:1: enter_function: entry to ‘find_sessions’
sudo-1.9.17p2/plugins/sudoers/sudoreplay.c:1497:9: acquire_memory: allocated here
sudo-1.9.17p2/plugins/sudoers/sudoreplay.c:1498:8: branch_false: following ‘false’ branch...
sudo-1.9.17p2/plugins/sudoers/sudoreplay.c:1502:13: call_function: inlined call to ‘strlcpy’ from ‘find_sessions’
sudo-1.9.17p2/plugins/sudoers/sudoreplay.c:1503:8: branch_false: following ‘false’ branch...
sudo-1.9.17p2/plugins/sudoers/sudoreplay.c:1507:5: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/sudoreplay.c:1511:18: danger: ‘opendir(dir)’ leaks here; was allocated at [(2)](sarif:/runs/0/results/19/codeFlows/0/threadFlows/0/locations/1)
# 1509|   
# 1510|       /* Store potential session dirs for sorting. */
# 1511|->     while ((dp = readdir(d)) != NULL) {
# 1512|   	/* Skip "." and ".." */
# 1513|   	if (dp->d_name[0] == '.' && (dp->d_name[1] == '\0' ||

Error: GCC_ANALYZER_WARNING (CWE-401): [#def520]
sudo-1.9.17p2/plugins/sudoers/sudoreplay.c:1511:18: warning[-Wanalyzer-malloc-leak]: leak of ‘sessions’
sudo-1.9.17p2/plugins/sudoers/sudoreplay.c:1478:1: enter_function: entry to ‘find_sessions’
sudo-1.9.17p2/plugins/sudoers/sudoreplay.c:1498:8: branch_false: following ‘false’ branch...
sudo-1.9.17p2/plugins/sudoers/sudoreplay.c:1502:13: call_function: inlined call to ‘strlcpy’ from ‘find_sessions’
sudo-1.9.17p2/plugins/sudoers/sudoreplay.c:1503:8: branch_false: following ‘false’ branch...
sudo-1.9.17p2/plugins/sudoers/sudoreplay.c:1507:5: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/sudoreplay.c:1511:12: branch_true: following ‘true’ branch...
sudo-1.9.17p2/plugins/sudoers/sudoreplay.c:1513:13: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/sudoreplay.c:1517:12: branch_true: following ‘true’ branch (when ‘checked_type != 0’)...
sudo-1.9.17p2/plugins/sudoers/sudoreplay.c:1518:17: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/sudoreplay.c:1528:12: branch_true: following ‘true’ branch...
sudo-1.9.17p2/plugins/sudoers/sudoreplay.c:1529:16: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/sudoreplay.c:1529:16: branch_true: following ‘true’ branch (when ‘sessions_size == 0’)...
 branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/sudoreplay.c:1531:24: acquire_memory: allocated here
sudo-1.9.17p2/plugins/sudoers/sudoreplay.c:1532:16: branch_false: following ‘false’ branch (when ‘sessions’ is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/sudoreplay.c:1534:13: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/sudoreplay.c:1536:12: branch_false: following ‘false’ branch...
 branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/sudoreplay.c:1511:18: danger: ‘sessions’ leaks here; was allocated at [(15)](sarif:/runs/0/results/20/codeFlows/0/threadFlows/0/locations/14)
# 1509|   
# 1510|       /* Store potential session dirs for sorting. */
# 1511|->     while ((dp = readdir(d)) != NULL) {
# 1512|   	/* Skip "." and ".." */
# 1513|   	if (dp->d_name[0] == '.' && (dp->d_name[1] == '\0' ||

Error: GCC_ANALYZER_WARNING (CWE-401): [#def521]
sudo-1.9.17p2/plugins/sudoers/sudoreplay.c:1533:17: warning[-Wanalyzer-malloc-leak]: leak of ‘sessions’
sudo-1.9.17p2/plugins/sudoers/sudoreplay.c:1478:1: enter_function: entry to ‘find_sessions’
sudo-1.9.17p2/plugins/sudoers/sudoreplay.c:1498:8: branch_false: following ‘false’ branch...
sudo-1.9.17p2/plugins/sudoers/sudoreplay.c:1502:13: call_function: inlined call to ‘strlcpy’ from ‘find_sessions’
sudo-1.9.17p2/plugins/sudoers/sudoreplay.c:1503:8: branch_false: following ‘false’ branch...
sudo-1.9.17p2/plugins/sudoers/sudoreplay.c:1507:5: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/sudoreplay.c:1511:12: branch_true: following ‘true’ branch...
sudo-1.9.17p2/plugins/sudoers/sudoreplay.c:1513:13: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/sudoreplay.c:1517:12: branch_true: following ‘true’ branch (when ‘checked_type != 0’)...
sudo-1.9.17p2/plugins/sudoers/sudoreplay.c:1518:17: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/sudoreplay.c:1528:12: branch_true: following ‘true’ branch...
sudo-1.9.17p2/plugins/sudoers/sudoreplay.c:1529:16: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/sudoreplay.c:1529:16: branch_true: following ‘true’ branch (when ‘sessions_size == 0’)...
 branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/sudoreplay.c:1531:24: acquire_memory: allocated here
sudo-1.9.17p2/plugins/sudoers/sudoreplay.c:1532:16: branch_false: following ‘false’ branch (when ‘sessions’ is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/sudoreplay.c:1534:13: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/sudoreplay.c:1536:12: branch_false: following ‘false’ branch...
 branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/sudoreplay.c:1511:12: branch_true: following ‘true’ branch...
sudo-1.9.17p2/plugins/sudoers/sudoreplay.c:1513:13: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/sudoreplay.c:1528:12: branch_false: following ‘false’ branch...
sudo-1.9.17p2/plugins/sudoers/sudoreplay.c:1536:46: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/sudoreplay.c:1536:12: branch_false: following ‘false’ branch...
 branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/sudoreplay.c:1511:12: branch_true: following ‘true’ branch...
sudo-1.9.17p2/plugins/sudoers/sudoreplay.c:1513:13: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/sudoreplay.c:1528:12: branch_true: following ‘true’ branch...
sudo-1.9.17p2/plugins/sudoers/sudoreplay.c:1529:16: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/sudoreplay.c:1529:16: branch_false: following ‘false’ branch (when ‘sessions_size != 0’)...
sudo-1.9.17p2/plugins/sudoers/sudoreplay.c:1531:24: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/sudoreplay.c:1532:16: branch_true: following ‘true’ branch (when ‘sessions’ is NULL)...
sudo-1.9.17p2/plugins/sudoers/sudoreplay.c:1533:17: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/sudoreplay.c:1533:17: danger: ‘sessions’ leaks here; was allocated at [(15)](sarif:/runs/0/results/21/codeFlows/0/threadFlows/0/locations/14)
# 1531|   	    sessions = reallocarray(sessions, sessions_size, 2 * sizeof(char *));
# 1532|   	    if (sessions == NULL)
# 1533|-> 		sudo_fatalx(U_("%s: %s"), __func__, U_("unable to allocate memory"));
# 1534|   	    sessions_size *= 2;
# 1535|   	}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def522]
sudo-1.9.17p2/plugins/sudoers/sudoreplay.c:1537:13: warning[-Wanalyzer-malloc-leak]: leak of ‘sessions’
sudo-1.9.17p2/plugins/sudoers/sudoreplay.c:1478:1: enter_function: entry to ‘find_sessions’
sudo-1.9.17p2/plugins/sudoers/sudoreplay.c:1498:8: branch_false: following ‘false’ branch...
sudo-1.9.17p2/plugins/sudoers/sudoreplay.c:1502:13: call_function: inlined call to ‘strlcpy’ from ‘find_sessions’
sudo-1.9.17p2/plugins/sudoers/sudoreplay.c:1503:8: branch_false: following ‘false’ branch...
sudo-1.9.17p2/plugins/sudoers/sudoreplay.c:1507:5: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/sudoreplay.c:1511:12: branch_true: following ‘true’ branch...
sudo-1.9.17p2/plugins/sudoers/sudoreplay.c:1513:13: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/sudoreplay.c:1517:12: branch_true: following ‘true’ branch (when ‘checked_type != 0’)...
sudo-1.9.17p2/plugins/sudoers/sudoreplay.c:1518:17: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/sudoreplay.c:1528:12: branch_true: following ‘true’ branch...
sudo-1.9.17p2/plugins/sudoers/sudoreplay.c:1529:16: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/sudoreplay.c:1529:16: branch_true: following ‘true’ branch (when ‘sessions_size == 0’)...
 branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/sudoreplay.c:1531:24: acquire_memory: allocated here
sudo-1.9.17p2/plugins/sudoers/sudoreplay.c:1532:16: branch_false: following ‘false’ branch (when ‘sessions’ is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/sudoreplay.c:1534:13: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/sudoreplay.c:1536:12: branch_true: following ‘true’ branch...
sudo-1.9.17p2/plugins/sudoers/sudoreplay.c:1537:13: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/sudoreplay.c:1537:13: danger: ‘sessions’ leaks here; was allocated at [(15)](sarif:/runs/0/results/27/codeFlows/0/threadFlows/0/locations/14)
# 1535|   	}
# 1536|   	if ((sessions[sessions_len] = strdup(dp->d_name)) == NULL)
# 1537|-> 	    sudo_fatalx(U_("%s: %s"), __func__, U_("unable to allocate memory"));
# 1538|   	sessions_len++;
# 1539|       }

Error: GCC_ANALYZER_WARNING (CWE-401): [#def523]
sudo-1.9.17p2/plugins/sudoers/sudoreplay.c:1540:5: warning[-Wanalyzer-malloc-leak]: leak of ‘sessions’
sudo-1.9.17p2/plugins/sudoers/sudoreplay.c:1478:1: enter_function: entry to ‘find_sessions’
sudo-1.9.17p2/plugins/sudoers/sudoreplay.c:1498:8: branch_false: following ‘false’ branch...
sudo-1.9.17p2/plugins/sudoers/sudoreplay.c:1502:13: call_function: inlined call to ‘strlcpy’ from ‘find_sessions’
sudo-1.9.17p2/plugins/sudoers/sudoreplay.c:1503:8: branch_false: following ‘false’ branch...
sudo-1.9.17p2/plugins/sudoers/sudoreplay.c:1507:5: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/sudoreplay.c:1511:12: branch_true: following ‘true’ branch...
sudo-1.9.17p2/plugins/sudoers/sudoreplay.c:1513:13: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/sudoreplay.c:1517:12: branch_true: following ‘true’ branch (when ‘checked_type != 0’)...
sudo-1.9.17p2/plugins/sudoers/sudoreplay.c:1518:17: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/sudoreplay.c:1528:12: branch_true: following ‘true’ branch...
sudo-1.9.17p2/plugins/sudoers/sudoreplay.c:1529:16: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/sudoreplay.c:1529:16: branch_true: following ‘true’ branch (when ‘sessions_size == 0’)...
 branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/sudoreplay.c:1531:24: acquire_memory: allocated here
sudo-1.9.17p2/plugins/sudoers/sudoreplay.c:1532:16: branch_false: following ‘false’ branch (when ‘sessions’ is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/sudoreplay.c:1534:13: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/sudoreplay.c:1536:12: branch_false: following ‘false’ branch...
 branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/sudoreplay.c:1540:5: danger: ‘sessions’ leaks here; was allocated at [(15)](sarif:/runs/0/results/33/codeFlows/0/threadFlows/0/locations/14)
# 1538|   	sessions_len++;
# 1539|       }
# 1540|->     closedir(d);
# 1541|   
# 1542|       /* Sort and list the sessions. */

Error: GCC_ANALYZER_WARNING (CWE-401): [#def524]
sudo-1.9.17p2/plugins/sudoers/sudoreplay.c:1544:9: warning[-Wanalyzer-malloc-leak]: leak of ‘sessions’
sudo-1.9.17p2/plugins/sudoers/sudoreplay.c:1478:1: enter_function: entry to ‘find_sessions’
sudo-1.9.17p2/plugins/sudoers/sudoreplay.c:1498:8: branch_false: following ‘false’ branch...
sudo-1.9.17p2/plugins/sudoers/sudoreplay.c:1502:13: call_function: inlined call to ‘strlcpy’ from ‘find_sessions’
sudo-1.9.17p2/plugins/sudoers/sudoreplay.c:1503:8: branch_false: following ‘false’ branch...
sudo-1.9.17p2/plugins/sudoers/sudoreplay.c:1507:5: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/sudoreplay.c:1511:12: branch_true: following ‘true’ branch...
sudo-1.9.17p2/plugins/sudoers/sudoreplay.c:1513:13: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/sudoreplay.c:1517:12: branch_true: following ‘true’ branch (when ‘checked_type != 0’)...
sudo-1.9.17p2/plugins/sudoers/sudoreplay.c:1518:17: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/sudoreplay.c:1528:12: branch_true: following ‘true’ branch...
sudo-1.9.17p2/plugins/sudoers/sudoreplay.c:1529:16: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/sudoreplay.c:1529:16: branch_true: following ‘true’ branch (when ‘sessions_size == 0’)...
 branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/sudoreplay.c:1531:24: acquire_memory: allocated here
sudo-1.9.17p2/plugins/sudoers/sudoreplay.c:1532:16: branch_false: following ‘false’ branch (when ‘sessions’ is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/sudoreplay.c:1534:13: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/sudoreplay.c:1536:12: branch_false: following ‘false’ branch...
 branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/sudoreplay.c:1543:8: branch_true: following ‘true’ branch (when ‘sessions’ is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/sudoreplay.c:1544:9: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/sudoreplay.c:1544:9: danger: ‘sessions’ leaks here; was allocated at [(15)](sarif:/runs/0/results/34/codeFlows/0/threadFlows/0/locations/14)
# 1542|       /* Sort and list the sessions. */
# 1543|       if (sessions != NULL) {
# 1544|-> 	qsort(sessions, sessions_len, sizeof(char *), session_compare);
# 1545|   	for (i = 0; i < sessions_len; i++) {
# 1546|   	    len = snprintf(&pathbuf[sdlen], sizeof(pathbuf) - sdlen,

Error: CPPCHECK_WARNING (CWE-457): [#def525]
sudo-1.9.17p2/plugins/sudoers/testsudoers.c:95: error[legacyUninitvar]: Uninitialized variable: snl
#   93|   {
#   94|       struct sudoers_context test_ctx = SUDOERS_CONTEXT_INITIALIZER;
#   95|->     struct sudo_nss_list snl = TAILQ_HEAD_INITIALIZER(snl);
#   96|       enum sudoers_formats input_format = format_sudoers;
#   97|       struct sudo_nss testsudoers_nss;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def526]
sudo-1.9.17p2/plugins/sudoers/testsudoers.c:275:9: warning[-Wanalyzer-malloc-leak]: leak of ‘test_ctx.user.name’
sudo-1.9.17p2/plugins/sudoers/testsudoers.c:119:8: branch_true: following ‘true’ branch...
sudo-1.9.17p2/plugins/sudoers/testsudoers.c:121:5: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/testsudoers.c:127:8: branch_false: following ‘false’ branch...
sudo-1.9.17p2/plugins/sudoers/testsudoers.c:129:10: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/testsudoers.c:129:8: branch_true: following ‘true’ branch...
sudo-1.9.17p2/plugins/sudoers/testsudoers.c:134:5: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/testsudoers.c:231:8: branch_false: following ‘false’ branch...
sudo-1.9.17p2/plugins/sudoers/testsudoers.c:262:30: acquire_memory: allocated here
sudo-1.9.17p2/plugins/sudoers/testsudoers.c:263:12: branch_false: following ‘false’ branch...
sudo-1.9.17p2/plugins/sudoers/testsudoers.c:267:9: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/testsudoers.c:274:8: branch_true: following ‘true’ branch...
sudo-1.9.17p2/plugins/sudoers/testsudoers.c:275:9: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/testsudoers.c:275:9: danger: ‘test_ctx.user.name’ leaks here; was allocated at [(9)](sarif:/runs/0/results/0/codeFlows/0/threadFlows/0/locations/8)
#  273|       test_ctx.user.cmnd = strdup(orig_cmnd);
#  274|       if (test_ctx.user.cmnd == NULL)
#  275|-> 	sudo_fatalx(U_("%s: %s"), __func__, U_("unable to allocate memory"));
#  276|       test_ctx.user.cmnd_base = sudo_basename(test_ctx.user.cmnd);
#  277|   

Error: GCC_ANALYZER_WARNING (CWE-401): [#def527]
sudo-1.9.17p2/plugins/sudoers/testsudoers.c:276:31: warning[-Wanalyzer-malloc-leak]: leak of ‘test_ctx.user.cmnd’
sudo-1.9.17p2/plugins/sudoers/testsudoers.c:119:8: branch_true: following ‘true’ branch...
sudo-1.9.17p2/plugins/sudoers/testsudoers.c:121:5: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/testsudoers.c:127:8: branch_false: following ‘false’ branch...
sudo-1.9.17p2/plugins/sudoers/testsudoers.c:129:10: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/testsudoers.c:129:8: branch_true: following ‘true’ branch...
sudo-1.9.17p2/plugins/sudoers/testsudoers.c:134:5: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/testsudoers.c:231:8: branch_false: following ‘false’ branch...
sudo-1.9.17p2/plugins/sudoers/testsudoers.c:263:12: branch_false: following ‘false’ branch...
sudo-1.9.17p2/plugins/sudoers/testsudoers.c:267:9: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/testsudoers.c:273:26: acquire_memory: allocated here
sudo-1.9.17p2/plugins/sudoers/testsudoers.c:274:8: branch_false: following ‘false’ branch...
sudo-1.9.17p2/plugins/sudoers/testsudoers.c:276:31: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/testsudoers.c:276:31: danger: ‘test_ctx.user.cmnd’ leaks here; was allocated at [(11)](sarif:/runs/0/results/7/codeFlows/0/threadFlows/0/locations/10)
#  274|       if (test_ctx.user.cmnd == NULL)
#  275|   	sudo_fatalx(U_("%s: %s"), __func__, U_("unable to allocate memory"));
#  276|->     test_ctx.user.cmnd_base = sudo_basename(test_ctx.user.cmnd);
#  277|   
#  278|       if (getcwd(cwdbuf, sizeof(cwdbuf)) == NULL)

Error: GCC_ANALYZER_WARNING (CWE-401): [#def528]
sudo-1.9.17p2/plugins/sudoers/testsudoers.c:276:31: warning[-Wanalyzer-malloc-leak]: leak of ‘test_ctx.user.name’
sudo-1.9.17p2/plugins/sudoers/testsudoers.c:119:8: branch_true: following ‘true’ branch...
sudo-1.9.17p2/plugins/sudoers/testsudoers.c:121:5: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/testsudoers.c:127:8: branch_false: following ‘false’ branch...
sudo-1.9.17p2/plugins/sudoers/testsudoers.c:129:10: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/testsudoers.c:129:8: branch_true: following ‘true’ branch...
sudo-1.9.17p2/plugins/sudoers/testsudoers.c:134:5: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/testsudoers.c:231:8: branch_false: following ‘false’ branch...
sudo-1.9.17p2/plugins/sudoers/testsudoers.c:262:30: acquire_memory: allocated here
sudo-1.9.17p2/plugins/sudoers/testsudoers.c:263:12: branch_false: following ‘false’ branch...
sudo-1.9.17p2/plugins/sudoers/testsudoers.c:267:9: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/testsudoers.c:274:8: branch_false: following ‘false’ branch...
sudo-1.9.17p2/plugins/sudoers/testsudoers.c:276:31: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/testsudoers.c:276:31: danger: ‘test_ctx.user.name’ leaks here; was allocated at [(9)](sarif:/runs/0/results/6/codeFlows/0/threadFlows/0/locations/8)
#  274|       if (test_ctx.user.cmnd == NULL)
#  275|   	sudo_fatalx(U_("%s: %s"), __func__, U_("unable to allocate memory"));
#  276|->     test_ctx.user.cmnd_base = sudo_basename(test_ctx.user.cmnd);
#  277|   
#  278|       if (getcwd(cwdbuf, sizeof(cwdbuf)) == NULL)

Error: GCC_ANALYZER_WARNING (CWE-401): [#def529]
sudo-1.9.17p2/plugins/sudoers/testsudoers.c:282:9: warning[-Wanalyzer-malloc-leak]: leak of ‘test_ctx.user.cmnd’
sudo-1.9.17p2/plugins/sudoers/testsudoers.c:119:8: branch_true: following ‘true’ branch...
sudo-1.9.17p2/plugins/sudoers/testsudoers.c:121:5: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/testsudoers.c:127:8: branch_false: following ‘false’ branch...
sudo-1.9.17p2/plugins/sudoers/testsudoers.c:129:10: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/testsudoers.c:129:8: branch_true: following ‘true’ branch...
sudo-1.9.17p2/plugins/sudoers/testsudoers.c:134:5: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/testsudoers.c:231:8: branch_false: following ‘false’ branch...
sudo-1.9.17p2/plugins/sudoers/testsudoers.c:263:12: branch_false: following ‘false’ branch...
sudo-1.9.17p2/plugins/sudoers/testsudoers.c:267:9: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/testsudoers.c:273:26: acquire_memory: allocated here
sudo-1.9.17p2/plugins/sudoers/testsudoers.c:274:8: branch_false: following ‘false’ branch...
sudo-1.9.17p2/plugins/sudoers/testsudoers.c:276:31: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/testsudoers.c:281:8: branch_true: following ‘true’ branch...
sudo-1.9.17p2/plugins/sudoers/testsudoers.c:282:9: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/testsudoers.c:282:9: danger: ‘test_ctx.user.cmnd’ leaks here; was allocated at [(11)](sarif:/runs/0/results/8/codeFlows/0/threadFlows/0/locations/10)
#  280|       test_ctx.user.cwd = strdup(cwdbuf);
#  281|       if (test_ctx.user.cwd == NULL)
#  282|-> 	sudo_fatalx(U_("%s: %s"), __func__, U_("unable to allocate memory"));
#  283|   
#  284|       if ((test_ctx.user.pw = sudo_getpwnam(test_ctx.user.name)) == NULL)

Error: GCC_ANALYZER_WARNING (CWE-401): [#def530]
sudo-1.9.17p2/plugins/sudoers/testsudoers.c:282:9: warning[-Wanalyzer-malloc-leak]: leak of ‘test_ctx.user.name’
sudo-1.9.17p2/plugins/sudoers/testsudoers.c:119:8: branch_true: following ‘true’ branch...
sudo-1.9.17p2/plugins/sudoers/testsudoers.c:121:5: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/testsudoers.c:127:8: branch_false: following ‘false’ branch...
sudo-1.9.17p2/plugins/sudoers/testsudoers.c:129:10: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/testsudoers.c:129:8: branch_true: following ‘true’ branch...
sudo-1.9.17p2/plugins/sudoers/testsudoers.c:134:5: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/testsudoers.c:231:8: branch_false: following ‘false’ branch...
sudo-1.9.17p2/plugins/sudoers/testsudoers.c:262:30: acquire_memory: allocated here
sudo-1.9.17p2/plugins/sudoers/testsudoers.c:263:12: branch_false: following ‘false’ branch...
sudo-1.9.17p2/plugins/sudoers/testsudoers.c:267:9: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/testsudoers.c:274:8: branch_false: following ‘false’ branch...
sudo-1.9.17p2/plugins/sudoers/testsudoers.c:276:31: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/testsudoers.c:281:8: branch_true: following ‘true’ branch...
sudo-1.9.17p2/plugins/sudoers/testsudoers.c:282:9: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/testsudoers.c:282:9: danger: ‘test_ctx.user.name’ leaks here; was allocated at [(9)](sarif:/runs/0/results/9/codeFlows/0/threadFlows/0/locations/8)
#  280|       test_ctx.user.cwd = strdup(cwdbuf);
#  281|       if (test_ctx.user.cwd == NULL)
#  282|-> 	sudo_fatalx(U_("%s: %s"), __func__, U_("unable to allocate memory"));
#  283|   
#  284|       if ((test_ctx.user.pw = sudo_getpwnam(test_ctx.user.name)) == NULL)

Error: GCC_ANALYZER_WARNING (CWE-401): [#def531]
sudo-1.9.17p2/plugins/sudoers/testsudoers.c:284:29: warning[-Wanalyzer-malloc-leak]: leak of ‘test_ctx.user.cmnd’
sudo-1.9.17p2/plugins/sudoers/testsudoers.c:119:8: branch_true: following ‘true’ branch...
sudo-1.9.17p2/plugins/sudoers/testsudoers.c:121:5: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/testsudoers.c:127:8: branch_false: following ‘false’ branch...
sudo-1.9.17p2/plugins/sudoers/testsudoers.c:129:10: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/testsudoers.c:129:8: branch_true: following ‘true’ branch...
sudo-1.9.17p2/plugins/sudoers/testsudoers.c:134:5: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/testsudoers.c:231:8: branch_false: following ‘false’ branch...
sudo-1.9.17p2/plugins/sudoers/testsudoers.c:263:12: branch_false: following ‘false’ branch...
sudo-1.9.17p2/plugins/sudoers/testsudoers.c:267:9: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/testsudoers.c:273:26: acquire_memory: allocated here
sudo-1.9.17p2/plugins/sudoers/testsudoers.c:274:8: branch_false: following ‘false’ branch...
sudo-1.9.17p2/plugins/sudoers/testsudoers.c:276:31: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/testsudoers.c:281:8: branch_false: following ‘false’ branch...
sudo-1.9.17p2/plugins/sudoers/testsudoers.c:284:43: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/testsudoers.c:284:29: danger: ‘test_ctx.user.cmnd’ leaks here; was allocated at [(11)](sarif:/runs/0/results/22/codeFlows/0/threadFlows/0/locations/10)
#  282|   	sudo_fatalx(U_("%s: %s"), __func__, U_("unable to allocate memory"));
#  283|   
#  284|->     if ((test_ctx.user.pw = sudo_getpwnam(test_ctx.user.name)) == NULL)
#  285|   	sudo_fatalx(U_("unknown user %s"), test_ctx.user.name);
#  286|       test_ctx.user.uid = test_ctx.user.pw->pw_uid;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def532]
sudo-1.9.17p2/plugins/sudoers/testsudoers.c:284:29: warning[-Wanalyzer-malloc-leak]: leak of ‘test_ctx.user.cwd’
sudo-1.9.17p2/plugins/sudoers/testsudoers.c:119:8: branch_true: following ‘true’ branch...
sudo-1.9.17p2/plugins/sudoers/testsudoers.c:121:5: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/testsudoers.c:127:8: branch_false: following ‘false’ branch...
sudo-1.9.17p2/plugins/sudoers/testsudoers.c:129:10: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/testsudoers.c:129:8: branch_true: following ‘true’ branch...
sudo-1.9.17p2/plugins/sudoers/testsudoers.c:134:5: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/testsudoers.c:231:8: branch_false: following ‘false’ branch...
sudo-1.9.17p2/plugins/sudoers/testsudoers.c:263:12: branch_false: following ‘false’ branch...
sudo-1.9.17p2/plugins/sudoers/testsudoers.c:267:9: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/testsudoers.c:274:8: branch_false: following ‘false’ branch...
sudo-1.9.17p2/plugins/sudoers/testsudoers.c:276:31: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/testsudoers.c:280:25: acquire_memory: allocated here
sudo-1.9.17p2/plugins/sudoers/testsudoers.c:281:8: branch_false: following ‘false’ branch...
sudo-1.9.17p2/plugins/sudoers/testsudoers.c:284:43: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/testsudoers.c:284:29: danger: ‘test_ctx.user.cwd’ leaks here; was allocated at [(13)](sarif:/runs/0/results/21/codeFlows/0/threadFlows/0/locations/12)
#  282|   	sudo_fatalx(U_("%s: %s"), __func__, U_("unable to allocate memory"));
#  283|   
#  284|->     if ((test_ctx.user.pw = sudo_getpwnam(test_ctx.user.name)) == NULL)
#  285|   	sudo_fatalx(U_("unknown user %s"), test_ctx.user.name);
#  286|       test_ctx.user.uid = test_ctx.user.pw->pw_uid;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def533]
sudo-1.9.17p2/plugins/sudoers/testsudoers.c:284:29: warning[-Wanalyzer-malloc-leak]: leak of ‘test_ctx.user.name’
sudo-1.9.17p2/plugins/sudoers/testsudoers.c:119:8: branch_true: following ‘true’ branch...
sudo-1.9.17p2/plugins/sudoers/testsudoers.c:121:5: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/testsudoers.c:127:8: branch_false: following ‘false’ branch...
sudo-1.9.17p2/plugins/sudoers/testsudoers.c:129:10: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/testsudoers.c:129:8: branch_true: following ‘true’ branch...
sudo-1.9.17p2/plugins/sudoers/testsudoers.c:134:5: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/testsudoers.c:231:8: branch_false: following ‘false’ branch...
sudo-1.9.17p2/plugins/sudoers/testsudoers.c:262:30: acquire_memory: allocated here
sudo-1.9.17p2/plugins/sudoers/testsudoers.c:263:12: branch_false: following ‘false’ branch...
sudo-1.9.17p2/plugins/sudoers/testsudoers.c:267:9: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/testsudoers.c:274:8: branch_false: following ‘false’ branch...
sudo-1.9.17p2/plugins/sudoers/testsudoers.c:276:31: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/testsudoers.c:281:8: branch_false: following ‘false’ branch...
sudo-1.9.17p2/plugins/sudoers/testsudoers.c:284:43: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/testsudoers.c:284:29: danger: ‘test_ctx.user.name’ leaks here; was allocated at [(9)](sarif:/runs/0/results/20/codeFlows/0/threadFlows/0/locations/8)
#  282|   	sudo_fatalx(U_("%s: %s"), __func__, U_("unable to allocate memory"));
#  283|   
#  284|->     if ((test_ctx.user.pw = sudo_getpwnam(test_ctx.user.name)) == NULL)
#  285|   	sudo_fatalx(U_("unknown user %s"), test_ctx.user.name);
#  286|       test_ctx.user.uid = test_ctx.user.pw->pw_uid;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def534]
sudo-1.9.17p2/plugins/sudoers/testsudoers.c:285:9: warning[-Wanalyzer-malloc-leak]: leak of ‘test_ctx.user.cmnd’
sudo-1.9.17p2/plugins/sudoers/testsudoers.c:119:8: branch_true: following ‘true’ branch...
sudo-1.9.17p2/plugins/sudoers/testsudoers.c:121:5: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/testsudoers.c:127:8: branch_false: following ‘false’ branch...
sudo-1.9.17p2/plugins/sudoers/testsudoers.c:129:10: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/testsudoers.c:129:8: branch_true: following ‘true’ branch...
sudo-1.9.17p2/plugins/sudoers/testsudoers.c:134:5: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/testsudoers.c:231:8: branch_false: following ‘false’ branch...
sudo-1.9.17p2/plugins/sudoers/testsudoers.c:263:12: branch_false: following ‘false’ branch...
sudo-1.9.17p2/plugins/sudoers/testsudoers.c:267:9: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/testsudoers.c:273:26: acquire_memory: allocated here
sudo-1.9.17p2/plugins/sudoers/testsudoers.c:274:8: branch_false: following ‘false’ branch...
sudo-1.9.17p2/plugins/sudoers/testsudoers.c:276:31: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/testsudoers.c:281:8: branch_false: following ‘false’ branch...
sudo-1.9.17p2/plugins/sudoers/testsudoers.c:284:43: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/testsudoers.c:284:8: branch_true: following ‘true’ branch...
sudo-1.9.17p2/plugins/sudoers/testsudoers.c:285:9: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/testsudoers.c:285:9: danger: ‘test_ctx.user.cmnd’ leaks here; was allocated at [(11)](sarif:/runs/0/results/25/codeFlows/0/threadFlows/0/locations/10)
#  283|   
#  284|       if ((test_ctx.user.pw = sudo_getpwnam(test_ctx.user.name)) == NULL)
#  285|-> 	sudo_fatalx(U_("unknown user %s"), test_ctx.user.name);
#  286|       test_ctx.user.uid = test_ctx.user.pw->pw_uid;
#  287|       test_ctx.user.gid = test_ctx.user.pw->pw_gid;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def535]
sudo-1.9.17p2/plugins/sudoers/testsudoers.c:285:9: warning[-Wanalyzer-malloc-leak]: leak of ‘test_ctx.user.cwd’
sudo-1.9.17p2/plugins/sudoers/testsudoers.c:119:8: branch_true: following ‘true’ branch...
sudo-1.9.17p2/plugins/sudoers/testsudoers.c:121:5: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/testsudoers.c:127:8: branch_false: following ‘false’ branch...
sudo-1.9.17p2/plugins/sudoers/testsudoers.c:129:10: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/testsudoers.c:129:8: branch_true: following ‘true’ branch...
sudo-1.9.17p2/plugins/sudoers/testsudoers.c:134:5: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/testsudoers.c:231:8: branch_false: following ‘false’ branch...
sudo-1.9.17p2/plugins/sudoers/testsudoers.c:263:12: branch_false: following ‘false’ branch...
sudo-1.9.17p2/plugins/sudoers/testsudoers.c:267:9: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/testsudoers.c:274:8: branch_false: following ‘false’ branch...
sudo-1.9.17p2/plugins/sudoers/testsudoers.c:276:31: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/testsudoers.c:280:25: acquire_memory: allocated here
sudo-1.9.17p2/plugins/sudoers/testsudoers.c:281:8: branch_false: following ‘false’ branch...
sudo-1.9.17p2/plugins/sudoers/testsudoers.c:284:43: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/testsudoers.c:284:8: branch_true: following ‘true’ branch...
sudo-1.9.17p2/plugins/sudoers/testsudoers.c:285:9: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/testsudoers.c:285:9: danger: ‘test_ctx.user.cwd’ leaks here; was allocated at [(13)](sarif:/runs/0/results/23/codeFlows/0/threadFlows/0/locations/12)
#  283|   
#  284|       if ((test_ctx.user.pw = sudo_getpwnam(test_ctx.user.name)) == NULL)
#  285|-> 	sudo_fatalx(U_("unknown user %s"), test_ctx.user.name);
#  286|       test_ctx.user.uid = test_ctx.user.pw->pw_uid;
#  287|       test_ctx.user.gid = test_ctx.user.pw->pw_gid;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def536]
sudo-1.9.17p2/plugins/sudoers/testsudoers.c:285:9: warning[-Wanalyzer-malloc-leak]: leak of ‘test_ctx.user.name’
sudo-1.9.17p2/plugins/sudoers/testsudoers.c:119:8: branch_true: following ‘true’ branch...
sudo-1.9.17p2/plugins/sudoers/testsudoers.c:121:5: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/testsudoers.c:127:8: branch_false: following ‘false’ branch...
sudo-1.9.17p2/plugins/sudoers/testsudoers.c:129:10: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/testsudoers.c:129:8: branch_true: following ‘true’ branch...
sudo-1.9.17p2/plugins/sudoers/testsudoers.c:134:5: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/testsudoers.c:231:8: branch_false: following ‘false’ branch...
sudo-1.9.17p2/plugins/sudoers/testsudoers.c:262:30: acquire_memory: allocated here
sudo-1.9.17p2/plugins/sudoers/testsudoers.c:263:12: branch_false: following ‘false’ branch...
sudo-1.9.17p2/plugins/sudoers/testsudoers.c:267:9: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/testsudoers.c:274:8: branch_false: following ‘false’ branch...
sudo-1.9.17p2/plugins/sudoers/testsudoers.c:276:31: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/testsudoers.c:281:8: branch_false: following ‘false’ branch...
sudo-1.9.17p2/plugins/sudoers/testsudoers.c:284:43: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/testsudoers.c:284:8: branch_true: following ‘true’ branch...
sudo-1.9.17p2/plugins/sudoers/testsudoers.c:285:9: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/testsudoers.c:285:9: danger: ‘test_ctx.user.name’ leaks here; was allocated at [(9)](sarif:/runs/0/results/24/codeFlows/0/threadFlows/0/locations/8)
#  283|   
#  284|       if ((test_ctx.user.pw = sudo_getpwnam(test_ctx.user.name)) == NULL)
#  285|-> 	sudo_fatalx(U_("unknown user %s"), test_ctx.user.name);
#  286|       test_ctx.user.uid = test_ctx.user.pw->pw_uid;
#  287|       test_ctx.user.gid = test_ctx.user.pw->pw_gid;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def537]
sudo-1.9.17p2/plugins/sudoers/testsudoers.c:289:10: warning[-Wanalyzer-malloc-leak]: leak of ‘test_ctx.user.cmnd’
sudo-1.9.17p2/plugins/sudoers/testsudoers.c:119:8: branch_true: following ‘true’ branch...
sudo-1.9.17p2/plugins/sudoers/testsudoers.c:121:5: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/testsudoers.c:127:8: branch_false: following ‘false’ branch...
sudo-1.9.17p2/plugins/sudoers/testsudoers.c:129:10: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/testsudoers.c:129:8: branch_true: following ‘true’ branch...
sudo-1.9.17p2/plugins/sudoers/testsudoers.c:134:5: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/testsudoers.c:231:8: branch_false: following ‘false’ branch...
sudo-1.9.17p2/plugins/sudoers/testsudoers.c:263:12: branch_false: following ‘false’ branch...
sudo-1.9.17p2/plugins/sudoers/testsudoers.c:267:9: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/testsudoers.c:273:26: acquire_memory: allocated here
sudo-1.9.17p2/plugins/sudoers/testsudoers.c:274:8: branch_false: following ‘false’ branch...
sudo-1.9.17p2/plugins/sudoers/testsudoers.c:276:31: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/testsudoers.c:281:8: branch_false: following ‘false’ branch...
sudo-1.9.17p2/plugins/sudoers/testsudoers.c:284:43: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/testsudoers.c:284:8: branch_false: following ‘false’ branch...
sudo-1.9.17p2/plugins/sudoers/testsudoers.c:286:25: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/testsudoers.c:289:10: danger: ‘test_ctx.user.cmnd’ leaks here; was allocated at [(11)](sarif:/runs/0/results/35/codeFlows/0/threadFlows/0/locations/10)
#  287|       test_ctx.user.gid = test_ctx.user.pw->pw_gid;
#  288|   
#  289|->     if (!sudoers_sethost(&test_ctx, host, NULL))
#  290|   	goto done;
#  291|   

Error: GCC_ANALYZER_WARNING (CWE-401): [#def538]
sudo-1.9.17p2/plugins/sudoers/testsudoers.c:289:10: warning[-Wanalyzer-malloc-leak]: leak of ‘test_ctx.user.cwd’
sudo-1.9.17p2/plugins/sudoers/testsudoers.c:119:8: branch_true: following ‘true’ branch...
sudo-1.9.17p2/plugins/sudoers/testsudoers.c:121:5: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/testsudoers.c:127:8: branch_false: following ‘false’ branch...
sudo-1.9.17p2/plugins/sudoers/testsudoers.c:129:10: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/testsudoers.c:129:8: branch_true: following ‘true’ branch...
sudo-1.9.17p2/plugins/sudoers/testsudoers.c:134:5: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/testsudoers.c:231:8: branch_false: following ‘false’ branch...
sudo-1.9.17p2/plugins/sudoers/testsudoers.c:263:12: branch_false: following ‘false’ branch...
sudo-1.9.17p2/plugins/sudoers/testsudoers.c:267:9: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/testsudoers.c:274:8: branch_false: following ‘false’ branch...
sudo-1.9.17p2/plugins/sudoers/testsudoers.c:276:31: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/testsudoers.c:280:25: acquire_memory: allocated here
sudo-1.9.17p2/plugins/sudoers/testsudoers.c:281:8: branch_false: following ‘false’ branch...
sudo-1.9.17p2/plugins/sudoers/testsudoers.c:284:43: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/testsudoers.c:284:8: branch_false: following ‘false’ branch...
sudo-1.9.17p2/plugins/sudoers/testsudoers.c:286:25: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/testsudoers.c:289:10: danger: ‘test_ctx.user.cwd’ leaks here; was allocated at [(13)](sarif:/runs/0/results/34/codeFlows/0/threadFlows/0/locations/12)
#  287|       test_ctx.user.gid = test_ctx.user.pw->pw_gid;
#  288|   
#  289|->     if (!sudoers_sethost(&test_ctx, host, NULL))
#  290|   	goto done;
#  291|   

Error: GCC_ANALYZER_WARNING (CWE-401): [#def539]
sudo-1.9.17p2/plugins/sudoers/testsudoers.c:289:10: warning[-Wanalyzer-malloc-leak]: leak of ‘test_ctx.user.name’
sudo-1.9.17p2/plugins/sudoers/testsudoers.c:119:8: branch_true: following ‘true’ branch...
sudo-1.9.17p2/plugins/sudoers/testsudoers.c:121:5: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/testsudoers.c:127:8: branch_false: following ‘false’ branch...
sudo-1.9.17p2/plugins/sudoers/testsudoers.c:129:10: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/testsudoers.c:129:8: branch_true: following ‘true’ branch...
sudo-1.9.17p2/plugins/sudoers/testsudoers.c:134:5: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/testsudoers.c:231:8: branch_false: following ‘false’ branch...
sudo-1.9.17p2/plugins/sudoers/testsudoers.c:262:30: acquire_memory: allocated here
sudo-1.9.17p2/plugins/sudoers/testsudoers.c:263:12: branch_false: following ‘false’ branch...
sudo-1.9.17p2/plugins/sudoers/testsudoers.c:267:9: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/testsudoers.c:274:8: branch_false: following ‘false’ branch...
sudo-1.9.17p2/plugins/sudoers/testsudoers.c:276:31: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/testsudoers.c:281:8: branch_false: following ‘false’ branch...
sudo-1.9.17p2/plugins/sudoers/testsudoers.c:284:43: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/testsudoers.c:284:8: branch_false: following ‘false’ branch...
sudo-1.9.17p2/plugins/sudoers/testsudoers.c:286:25: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/testsudoers.c:289:10: danger: ‘test_ctx.user.name’ leaks here; was allocated at [(9)](sarif:/runs/0/results/33/codeFlows/0/threadFlows/0/locations/8)
#  287|       test_ctx.user.gid = test_ctx.user.pw->pw_gid;
#  288|   
#  289|->     if (!sudoers_sethost(&test_ctx, host, NULL))
#  290|   	goto done;
#  291|   

Error: GCC_ANALYZER_WARNING (CWE-124): [#def540]
sudo-1.9.17p2/plugins/sudoers/testsudoers.c:310:9: warning[-Wanalyzer-out-of-bounds]: heap-based buffer underwrite
sudo-1.9.17p2/plugins/sudoers/testsudoers.c:119:8: branch_true: following ‘true’ branch...
sudo-1.9.17p2/plugins/sudoers/testsudoers.c:121:5: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/testsudoers.c:127:8: branch_false: following ‘false’ branch...
sudo-1.9.17p2/plugins/sudoers/testsudoers.c:129:10: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/testsudoers.c:129:8: branch_true: following ‘true’ branch...
sudo-1.9.17p2/plugins/sudoers/testsudoers.c:134:5: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/testsudoers.c:231:8: branch_false: following ‘false’ branch...
sudo-1.9.17p2/plugins/sudoers/testsudoers.c:263:12: branch_false: following ‘false’ branch...
sudo-1.9.17p2/plugins/sudoers/testsudoers.c:267:9: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/testsudoers.c:274:8: branch_false: following ‘false’ branch...
sudo-1.9.17p2/plugins/sudoers/testsudoers.c:276:31: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/testsudoers.c:281:8: branch_false: following ‘false’ branch...
sudo-1.9.17p2/plugins/sudoers/testsudoers.c:284:43: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/testsudoers.c:284:8: branch_false: following ‘false’ branch...
sudo-1.9.17p2/plugins/sudoers/testsudoers.c:286:25: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/testsudoers.c:289:8: branch_true: following ‘true’ branch...
sudo-1.9.17p2/plugins/sudoers/testsudoers.c:293:8: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/testsudoers.c:293:8: branch_true: following ‘true’ branch (when ‘argc != 0’)...
 branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/testsudoers.c:301:12: branch_false: following ‘false’ branch...
 branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/testsudoers.c:303:51: branch_false: following ‘false’ branch (when ‘argc <= i’)...
sudo-1.9.17p2/plugins/sudoers/testsudoers.c:310:9: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/testsudoers.c:310:9: danger: out-of-bounds write at byte -1 but region starts at byte 0
#  308|   	    *cp++ = ' ';
#  309|   	}
#  310|-> 	*--cp = '\0';
#  311|       }
#  312|   

Error: GCC_ANALYZER_WARNING (CWE-401): [#def541]
sudo-1.9.17p2/plugins/sudoers/testsudoers.c:314:10: warning[-Wanalyzer-malloc-leak]: leak of ‘cp’
sudo-1.9.17p2/plugins/sudoers/testsudoers.c:119:8: branch_true: following ‘true’ branch...
sudo-1.9.17p2/plugins/sudoers/testsudoers.c:121:5: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/testsudoers.c:127:8: branch_false: following ‘false’ branch...
sudo-1.9.17p2/plugins/sudoers/testsudoers.c:129:10: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/testsudoers.c:129:8: branch_true: following ‘true’ branch...
sudo-1.9.17p2/plugins/sudoers/testsudoers.c:134:5: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/testsudoers.c:231:8: branch_false: following ‘false’ branch...
sudo-1.9.17p2/plugins/sudoers/testsudoers.c:263:12: branch_false: following ‘false’ branch...
sudo-1.9.17p2/plugins/sudoers/testsudoers.c:267:9: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/testsudoers.c:274:8: branch_false: following ‘false’ branch...
sudo-1.9.17p2/plugins/sudoers/testsudoers.c:276:31: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/testsudoers.c:281:8: branch_false: following ‘false’ branch...
sudo-1.9.17p2/plugins/sudoers/testsudoers.c:284:43: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/testsudoers.c:284:8: branch_false: following ‘false’ branch...
sudo-1.9.17p2/plugins/sudoers/testsudoers.c:286:25: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/testsudoers.c:289:8: branch_true: following ‘true’ branch...
sudo-1.9.17p2/plugins/sudoers/testsudoers.c:293:8: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/testsudoers.c:293:8: branch_true: following ‘true’ branch (when ‘argc != 0’)...
 branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/testsudoers.c:301:40: acquire_memory: allocated here
sudo-1.9.17p2/plugins/sudoers/testsudoers.c:301:12: branch_false: following ‘false’ branch...
 branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/testsudoers.c:303:51: branch_false: following ‘false’ branch (when ‘argc <= i’)...
sudo-1.9.17p2/plugins/sudoers/testsudoers.c:310:9: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/testsudoers.c:314:10: danger: ‘cp’ leaks here; was allocated at [(21)](sarif:/runs/0/results/37/codeFlows/0/threadFlows/0/locations/20)
#  312|   
#  313|       /* Initialize default values. */
#  314|->     if (!init_defaults())
#  315|   	sudo_fatalx("%s", U_("unable to initialize sudoers default values"));
#  316|   

Error: GCC_ANALYZER_WARNING (CWE-401): [#def542]
sudo-1.9.17p2/plugins/sudoers/testsudoers.c:580:5: warning[-Wanalyzer-malloc-leak]: leak of ‘fp’
sudo-1.9.17p2/plugins/sudoers/testsudoers.c:549:8: branch_true: following ‘true’ branch...
sudo-1.9.17p2/plugins/sudoers/testsudoers.c:550:19: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/testsudoers.c:550:19: acquire_memory: allocated here
sudo-1.9.17p2/plugins/sudoers/testsudoers.c:550:12: branch_false: following ‘false’ branch (when ‘fp’ is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/testsudoers.c:580:5: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/testsudoers.c:580:5: danger: ‘fp’ leaks here; was allocated at [(3)](sarif:/runs/0/results/38/codeFlows/0/threadFlows/0/locations/2)
#  578|       }
#  579|   
#  580|->     debug_return_ptr(fp);
#  581|   }
#  582|   

Error: GCC_ANALYZER_WARNING (CWE-401): [#def543]
sudo-1.9.17p2/plugins/sudoers/toke.c:4898:5: warning[-Wanalyzer-malloc-leak]: leak of '*b.yy_ch_buf'
sudo-1.9.17p2/plugins/sudoers/toke.c:4831:12: enter_function: entry to 'yy_get_next_buffer'
sudo-1.9.17p2/plugins/sudoers/toke.c:4838:5: branch_false: following 'false' branch...
sudo-1.9.17p2/plugins/sudoers/toke.c:4842:14: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/toke.c:4842:12: branch_false: following 'false' branch...
sudo-1.9.17p2/plugins/sudoers/toke.c:4864:47: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/toke.c:4869:12: branch_false: following 'false' branch...
sudo-1.9.17p2/plugins/sudoers/toke.c:4878:18: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/toke.c:4880:11: branch_true: following 'true' branch (when 'num_to_read <= 0')...
sudo-1.9.17p2/plugins/sudoers/toke.c:4884:41: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/toke.c:4900:41: call_function: inlined call to 'sudoersrealloc' from 'yy_get_next_buffer'
sudo-1.9.17p2/plugins/sudoers/toke.c:4907:56: branch_false: following 'false' branch...
sudo-1.9.17p2/plugins/sudoers/toke.c:4911:47: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/toke.c:4880:11: branch_true: following 'true' branch (when 'num_to_read <= 0')...
sudo-1.9.17p2/plugins/sudoers/toke.c:4884:41: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/toke.c:4889:28: branch_true: following 'true' branch...
sudo-1.9.17p2/plugins/sudoers/toke.c:4891:20: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/toke.c:4900:41: call_function: inlined call to 'sudoersrealloc' from 'yy_get_next_buffer'
sudo-1.9.17p2/plugins/sudoers/toke.c:4898:5: danger: '*b.yy_ch_buf' leaks here; was allocated at [(11)](sarif:/runs/0/results/0/codeFlows/0/threadFlows/0/locations/10)
# 4896|   				{
# 4897|   				int new_size = b->yy_buf_size * 2;
# 4898|-> 
# 4899|   				if ( new_size <= 0 )
# 4900|   					b->yy_buf_size += b->yy_buf_size / 8;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def544]
sudo-1.9.17p2/plugins/sudoers/toke.c:5136:12: warning[-Wanalyzer-malloc-leak]: leak of '<unknown>'
sudo-1.9.17p2/plugins/sudoers/toke.l:1428:1: enter_function: entry to 'pop_include'
sudo-1.9.17p2/plugins/sudoers/toke.l:1434:8: branch_false: following 'false' branch...
sudo-1.9.17p2/plugins/sudoers/toke.l:1437:8: branch_true: following 'true' branch...
sudo-1.9.17p2/plugins/sudoers/toke.l:1439:27: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/toke.l:1439:5: branch_true: following 'true' branch...
sudo-1.9.17p2/plugins/sudoers/toke.l:1439:27: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/toke.l:1439:5: call_function: calling 'sudoers_delete_buffer' from 'pop_include'
sudo-1.9.17p2/plugins/sudoers/toke.l:1439:5: return_function: returning to 'pop_include' from 'sudoers_delete_buffer'
sudo-1.9.17p2/plugins/sudoers/toke.l:1441:12: branch_true: following 'true' branch (when 'pl' is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/toke.l:1442:9: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/toke.l:1444:12: branch_true: following 'true' branch...
sudo-1.9.17p2/plugins/sudoers/toke.l:1445:31: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/toke.l:1453:13: call_function: calling 'sudoers_create_buffer' from 'pop_include'
sudo-1.9.17p2/plugins/sudoers/toke.l:1453:13: return_function: returning to 'pop_include' from 'sudoers_create_buffer'
sudo-1.9.17p2/plugins/sudoers/toke.l:1453:13: call_function: calling 'sudoers_switch_to_buffer' from 'pop_include'
# 5134|   {
# 5135|       
# 5136|-> 	/* TODO. We should be able to replace this entire function body
# 5137|   	 * with
# 5138|   	 *		yypop_buffer_state();

Error: GCC_ANALYZER_WARNING (CWE-401): [#def545]
sudo-1.9.17p2/plugins/sudoers/toke.c:5186:12: warning[-Wanalyzer-malloc-leak]: leak of 'malloc(64)'
sudo-1.9.17p2/plugins/sudoers/toke.c:5172:21: enter_function: entry to 'sudoers_create_buffer'
sudo-1.9.17p2/plugins/sudoers/toke.c:5176:24: call_function: inlined call to 'sudoersalloc' from 'sudoers_create_buffer'
sudo-1.9.17p2/plugins/sudoers/toke.c:5177:5: branch_false: following 'false' branch...
sudo-1.9.17p2/plugins/sudoers/toke.c:5180:9: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/toke.c:5186:12: danger: 'malloc(64)' leaks here; was allocated at [(3)](sarif:/runs/0/results/2/codeFlows/0/threadFlows/0/locations/2)
# 5184|   		YY_FATAL_ERROR( "out of dynamic memory in yy_create_buffer()" );
# 5185|   
# 5186|-> 	b->yy_buf_size = size;
# 5187|   
# 5188|   	/* yy_ch_buf has to be 2 characters longer than the size given because

Error: CPPCHECK_WARNING (CWE-476): [#def546]
sudo-1.9.17p2/plugins/sudoers/toke.c:5226: warning[nullPointer]: Possible null pointer dereference: b
# 5224|    */
# 5225|       static void yy_init_buffer  (YY_BUFFER_STATE  b, FILE * file )
# 5226|-> 
# 5227|   {
# 5228|   	int oerrno = errno;

Error: GCC_ANALYZER_WARNING (CWE-476): [#def547]
sudo-1.9.17p2/plugins/sudoers/toke.c:5226:2: warning[-Wanalyzer-null-dereference]: dereference of NULL 'b'
sudo-1.9.17p2/plugins/sudoers/toke.c:5110:10: enter_function: entry to 'sudoersrestart'
sudo-1.9.17p2/plugins/sudoers/toke.c:5114:9: call_function: calling 'sudoersensure_buffer_stack' from 'sudoersrestart'
sudo-1.9.17p2/plugins/sudoers/toke.c:5114:9: return_function: returning to 'sudoersrestart' from 'sudoersensure_buffer_stack'
sudo-1.9.17p2/plugins/sudoers/toke.c:5116:13: call_function: calling 'sudoers_create_buffer' from 'sudoersrestart'
sudo-1.9.17p2/plugins/sudoers/toke.c:5116:13: return_function: returning to 'sudoersrestart' from 'sudoers_create_buffer'
sudo-1.9.17p2/plugins/sudoers/toke.c:5119:9: branch_false: following 'false' branch...
sudo-1.9.17p2/plugins/sudoers/toke.c:5119:9: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/toke.c:5119:9: call_function: calling 'sudoers_init_buffer' from 'sudoersrestart'
# 5224|    */
# 5225|       static void yy_init_buffer  (YY_BUFFER_STATE  b, FILE * file )
# 5226|-> 
# 5227|   {
# 5228|   	int oerrno = errno;

Error: CPPCHECK_WARNING (CWE-476): [#def548]
sudo-1.9.17p2/plugins/sudoers/toke.c:5227: warning[nullPointer]: Possible null pointer dereference: b
# 5225|       static void yy_init_buffer  (YY_BUFFER_STATE  b, FILE * file )
# 5226|   
# 5227|-> {
# 5228|   	int oerrno = errno;
# 5229|       

Error: GCC_ANALYZER_WARNING (CWE-401): [#def549]
sudo-1.9.17p2/plugins/sudoers/toke.c:5266:12: warning[-Wanalyzer-malloc-leak]: leak of 'sudoers_create_buffer(open_sudoers(*pl.path, 0, 0, & keepopen), 16384)'
sudo-1.9.17p2/plugins/sudoers/toke.l:1428:1: enter_function: entry to 'pop_include'
sudo-1.9.17p2/plugins/sudoers/toke.l:1434:8: branch_false: following 'false' branch...
sudo-1.9.17p2/plugins/sudoers/toke.l:1437:8: branch_true: following 'true' branch...
sudo-1.9.17p2/plugins/sudoers/toke.l:1439:27: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/toke.l:1439:5: branch_true: following 'true' branch...
sudo-1.9.17p2/plugins/sudoers/toke.l:1439:27: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/toke.l:1439:5: call_function: calling 'sudoers_delete_buffer' from 'pop_include'
sudo-1.9.17p2/plugins/sudoers/toke.l:1439:5: return_function: returning to 'pop_include' from 'sudoers_delete_buffer'
sudo-1.9.17p2/plugins/sudoers/toke.l:1441:12: branch_true: following 'true' branch (when 'pl' is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/toke.l:1442:9: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/toke.l:1444:12: branch_true: following 'true' branch...
sudo-1.9.17p2/plugins/sudoers/toke.l:1445:31: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/toke.l:1453:13: call_function: calling 'sudoers_create_buffer' from 'pop_include'
sudo-1.9.17p2/plugins/sudoers/toke.l:1453:13: return_function: returning to 'pop_include' from 'sudoers_create_buffer'
sudo-1.9.17p2/plugins/sudoers/toke.l:1453:13: call_function: calling 'sudoers_switch_to_buffer' from 'pop_include'
# 5264|   	b->yy_ch_buf[0] = YY_END_OF_BUFFER_CHAR;
# 5265|   	b->yy_ch_buf[1] = YY_END_OF_BUFFER_CHAR;
# 5266|-> 
# 5267|   	b->yy_buf_pos = &b->yy_ch_buf[0];
# 5268|   

Error: GCC_ANALYZER_WARNING (CWE-401): [#def550]
sudo-1.9.17p2/plugins/sudoers/toke.c:5440:33: warning[-Wanalyzer-malloc-leak]: leak of 'malloc(n)'
sudo-1.9.17p2/plugins/sudoers/toke.c:5424:17: enter_function: entry to 'sudoers_scan_bytes'
sudo-1.9.17p2/plugins/sudoers/toke.c:5433:24: call_function: inlined call to 'sudoersalloc' from 'sudoers_scan_bytes'
sudo-1.9.17p2/plugins/sudoers/toke.c:5434:12: branch_false: following 'false' branch...
 branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/toke.c:5442:6: call_function: calling 'sudoers_scan_buffer' from 'sudoers_scan_bytes'
# 5438|   	n = (yy_size_t) (_yybytes_len + 2);
# 5439|   	buf = (char *) yyalloc( n  );
# 5440|-> 	if ( ! buf )
# 5441|   		YY_FATAL_ERROR( "out of dynamic memory in yy_scan_bytes()" );
# 5442|   

Error: GCC_ANALYZER_WARNING (CWE-401): [#def551]
sudo-1.9.17p2/plugins/sudoers/toke.l:947:20: warning[-Wanalyzer-malloc-leak]: leak of 'opendir(dirpath)'
sudo-1.9.17p2/plugins/sudoers/toke.l:937:11: acquire_memory: allocated here
sudo-1.9.17p2/plugins/sudoers/toke.l:938:8: branch_false: following 'false' branch...
sudo-1.9.17p2/plugins/sudoers/toke.l:944:13: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/toke.l:945:8: branch_false: following 'false' branch (when 'paths' is non-NULL)...
 branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/toke.l:947:20: danger: 'opendir(dirpath)' leaks here; was allocated at [(1)](sarif:/runs/0/results/7/codeFlows/0/threadFlows/0/locations/0)
#  945|       if (paths == NULL)
#  946|   	goto oom;
#  947|->     while ((dent = readdir(dir)) != NULL) {
#  948|   	const size_t namelen = NAMLEN(dent);
#  949|   	const char *name = dent->d_name;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def552]
sudo-1.9.17p2/plugins/sudoers/toke.l:947:20: warning[-Wanalyzer-malloc-leak]: leak of 'paths'
sudo-1.9.17p2/plugins/sudoers/toke.l:938:8: branch_false: following 'false' branch...
sudo-1.9.17p2/plugins/sudoers/toke.l:944:13: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/toke.l:944:13: acquire_memory: allocated here
sudo-1.9.17p2/plugins/sudoers/toke.l:945:8: branch_false: following 'false' branch (when 'paths' is non-NULL)...
 branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/toke.l:947:20: danger: 'paths' leaks here; was allocated at [(3)](sarif:/runs/0/results/6/codeFlows/0/threadFlows/0/locations/2)
#  945|       if (paths == NULL)
#  946|   	goto oom;
#  947|->     while ((dent = readdir(dir)) != NULL) {
#  948|   	const size_t namelen = NAMLEN(dent);
#  949|   	const char *name = dent->d_name;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def553]
sudo-1.9.17p2/plugins/sudoers/toke.l:961:21: warning[-Wanalyzer-malloc-leak]: leak of 'paths'
sudo-1.9.17p2/plugins/sudoers/toke.l:938:8: branch_false: following 'false' branch...
sudo-1.9.17p2/plugins/sudoers/toke.l:944:13: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/toke.l:944:13: acquire_memory: allocated here
sudo-1.9.17p2/plugins/sudoers/toke.l:945:8: branch_false: following 'false' branch (when 'paths' is non-NULL)...
 branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/toke.l:947:12: branch_true: following 'true' branch...
sudo-1.9.17p2/plugins/sudoers/toke.l:948:32: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/toke.l:956:12: branch_false: following 'false' branch (when 'namelen != 0')...
sudo-1.9.17p2/plugins/sudoers/toke.l:956:34: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/toke.l:958:17: branch_true: following 'true' branch...
sudo-1.9.17p2/plugins/sudoers/toke.l:961:21: danger: 'paths' leaks here; was allocated at [(3)](sarif:/runs/0/results/9/codeFlows/0/threadFlows/0/locations/2)
#  959|   		if (name[namelen - 1] == '~' ||
#  960|   			(namelen > 4 && strcmp(&name[namelen - 4], ".bak") == 0)) {
#  961|-> 		    fprintf(stderr, U_("%s/%s: %s"), dirpath, name,
#  962|   			U_("ignoring editor backup file"));
#  963|   		} else {

Error: GCC_ANALYZER_WARNING (CWE-401): [#def554]
sudo-1.9.17p2/plugins/sudoers/toke.l:961:37: warning[-Wanalyzer-malloc-leak]: leak of 'paths'
sudo-1.9.17p2/plugins/sudoers/toke.l:938:8: branch_false: following 'false' branch...
sudo-1.9.17p2/plugins/sudoers/toke.l:944:13: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/toke.l:944:13: acquire_memory: allocated here
sudo-1.9.17p2/plugins/sudoers/toke.l:945:8: branch_false: following 'false' branch (when 'paths' is non-NULL)...
 branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/toke.l:947:12: branch_true: following 'true' branch...
sudo-1.9.17p2/plugins/sudoers/toke.l:948:32: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/toke.l:956:12: branch_false: following 'false' branch (when 'namelen != 0')...
sudo-1.9.17p2/plugins/sudoers/toke.l:956:34: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/toke.l:958:17: branch_true: following 'true' branch...
sudo-1.9.17p2/plugins/sudoers/toke.l:961:37: danger: 'paths' leaks here; was allocated at [(3)](sarif:/runs/0/results/11/codeFlows/0/threadFlows/0/locations/2)
#  959|   		if (name[namelen - 1] == '~' ||
#  960|   			(namelen > 4 && strcmp(&name[namelen - 4], ".bak") == 0)) {
#  961|-> 		    fprintf(stderr, U_("%s/%s: %s"), dirpath, name,
#  962|   			U_("ignoring editor backup file"));
#  963|   		} else {

Error: GCC_ANALYZER_WARNING (CWE-401): [#def555]
sudo-1.9.17p2/plugins/sudoers/toke.l:964:21: warning[-Wanalyzer-malloc-leak]: leak of 'paths'
sudo-1.9.17p2/plugins/sudoers/toke.l:938:8: branch_false: following 'false' branch...
sudo-1.9.17p2/plugins/sudoers/toke.l:944:13: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/toke.l:944:13: acquire_memory: allocated here
sudo-1.9.17p2/plugins/sudoers/toke.l:945:8: branch_false: following 'false' branch (when 'paths' is non-NULL)...
 branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/toke.l:947:12: branch_true: following 'true' branch...
sudo-1.9.17p2/plugins/sudoers/toke.l:948:32: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/toke.l:956:12: branch_false: following 'false' branch (when 'namelen != 0')...
sudo-1.9.17p2/plugins/sudoers/toke.l:956:34: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/toke.l:956:13: branch_true: following 'true' branch...
sudo-1.9.17p2/plugins/sudoers/toke.l:958:32: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/toke.l:958:17: branch_true: following 'true' branch...
sudo-1.9.17p2/plugins/sudoers/toke.l:959:20: branch_false: following 'false' branch...
sudo-1.9.17p2/plugins/sudoers/toke.l:959:21: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/toke.l:964:21: danger: 'paths' leaks here; was allocated at [(3)](sarif:/runs/0/results/13/codeFlows/0/threadFlows/0/locations/2)
#  962|   			U_("ignoring editor backup file"));
#  963|   		} else {
#  964|-> 		    fprintf(stderr, U_("%s/%s: %s"), dirpath, name,
#  965|   			U_("ignoring file name containing '.'"));
#  966|   		}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def556]
sudo-1.9.17p2/plugins/sudoers/toke.l:964:37: warning[-Wanalyzer-malloc-leak]: leak of 'paths'
sudo-1.9.17p2/plugins/sudoers/toke.l:938:8: branch_false: following 'false' branch...
sudo-1.9.17p2/plugins/sudoers/toke.l:944:13: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/toke.l:944:13: acquire_memory: allocated here
sudo-1.9.17p2/plugins/sudoers/toke.l:945:8: branch_false: following 'false' branch (when 'paths' is non-NULL)...
 branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/toke.l:947:12: branch_true: following 'true' branch...
sudo-1.9.17p2/plugins/sudoers/toke.l:948:32: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/toke.l:956:12: branch_false: following 'false' branch (when 'namelen != 0')...
sudo-1.9.17p2/plugins/sudoers/toke.l:956:34: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/toke.l:956:13: branch_true: following 'true' branch...
sudo-1.9.17p2/plugins/sudoers/toke.l:958:32: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/toke.l:958:17: branch_true: following 'true' branch...
sudo-1.9.17p2/plugins/sudoers/toke.l:959:20: branch_false: following 'false' branch...
sudo-1.9.17p2/plugins/sudoers/toke.l:959:21: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/toke.l:964:37: danger: 'paths' leaks here; was allocated at [(3)](sarif:/runs/0/results/15/codeFlows/0/threadFlows/0/locations/2)
#  962|   			U_("ignoring editor backup file"));
#  963|   		} else {
#  964|-> 		    fprintf(stderr, U_("%s/%s: %s"), dirpath, name,
#  965|   			U_("ignoring file name containing '.'"));
#  966|   		}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def557]
sudo-1.9.17p2/plugins/sudoers/toke.l:972:21: warning[-Wanalyzer-malloc-leak]: leak of 'paths'
sudo-1.9.17p2/plugins/sudoers/toke.l:938:8: branch_false: following 'false' branch...
sudo-1.9.17p2/plugins/sudoers/toke.l:944:13: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/toke.l:944:13: acquire_memory: allocated here
sudo-1.9.17p2/plugins/sudoers/toke.l:945:8: branch_false: following 'false' branch (when 'paths' is non-NULL)...
 branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/toke.l:947:12: branch_true: following 'true' branch...
sudo-1.9.17p2/plugins/sudoers/toke.l:948:32: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/toke.l:956:12: branch_false: following 'false' branch...
sudo-1.9.17p2/plugins/sudoers/toke.l:956:13: branch_false: following 'false' branch...
sudo-1.9.17p2/plugins/sudoers/toke.l:971:15: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/toke.l:972:21: danger: 'paths' leaks here; was allocated at [(3)](sarif:/runs/0/results/17/codeFlows/0/threadFlows/0/locations/2)
#  970|   	}
#  971|   	len = dirlen + 1 + namelen;
#  972|-> 	if ((path = sudo_rcstr_alloc(len)) == NULL)
#  973|   	    goto oom;
#  974|   	if ((size_t)snprintf(path, len + 1, "%s/%s", dirpath, name) != len) {

Error: GCC_ANALYZER_WARNING (CWE-401): [#def558]
sudo-1.9.17p2/plugins/sudoers/toke.l:975:13: warning[-Wanalyzer-malloc-leak]: leak of 'paths'
sudo-1.9.17p2/plugins/sudoers/toke.l:938:8: branch_false: following 'false' branch...
sudo-1.9.17p2/plugins/sudoers/toke.l:944:13: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/toke.l:944:13: acquire_memory: allocated here
sudo-1.9.17p2/plugins/sudoers/toke.l:945:8: branch_false: following 'false' branch (when 'paths' is non-NULL)...
 branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/toke.l:947:12: branch_true: following 'true' branch...
sudo-1.9.17p2/plugins/sudoers/toke.l:948:32: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/toke.l:956:12: branch_false: following 'false' branch...
sudo-1.9.17p2/plugins/sudoers/toke.l:956:13: branch_false: following 'false' branch...
sudo-1.9.17p2/plugins/sudoers/toke.l:971:15: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/toke.l:972:12: branch_false: following 'false' branch...
sudo-1.9.17p2/plugins/sudoers/toke.l:974:36: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/toke.l:974:12: branch_true: following 'true' branch...
sudo-1.9.17p2/plugins/sudoers/toke.l:975:13: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/toke.l:975:13: danger: 'paths' leaks here; was allocated at [(3)](sarif:/runs/0/results/19/codeFlows/0/threadFlows/0/locations/2)
#  973|   	    goto oom;
#  974|   	if ((size_t)snprintf(path, len + 1, "%s/%s", dirpath, name) != len) {
#  975|-> 	    sudo_warnx(U_("internal error, %s overflow"), __func__);
#  976|   	    sudo_rcstr_delref(path);
#  977|   	    goto bad;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def559]
sudo-1.9.17p2/plugins/sudoers/toke.l:976:13: warning[-Wanalyzer-malloc-leak]: leak of 'paths'
sudo-1.9.17p2/plugins/sudoers/toke.l:938:8: branch_false: following 'false' branch...
sudo-1.9.17p2/plugins/sudoers/toke.l:944:13: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/toke.l:944:13: acquire_memory: allocated here
sudo-1.9.17p2/plugins/sudoers/toke.l:945:8: branch_false: following 'false' branch (when 'paths' is non-NULL)...
 branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/toke.l:947:12: branch_true: following 'true' branch...
sudo-1.9.17p2/plugins/sudoers/toke.l:948:32: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/toke.l:956:12: branch_false: following 'false' branch...
sudo-1.9.17p2/plugins/sudoers/toke.l:956:13: branch_false: following 'false' branch...
sudo-1.9.17p2/plugins/sudoers/toke.l:971:15: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/toke.l:972:12: branch_false: following 'false' branch...
sudo-1.9.17p2/plugins/sudoers/toke.l:974:36: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/toke.l:974:12: branch_true: following 'true' branch...
sudo-1.9.17p2/plugins/sudoers/toke.l:975:13: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/toke.l:976:13: danger: 'paths' leaks here; was allocated at [(3)](sarif:/runs/0/results/27/codeFlows/0/threadFlows/0/locations/2)
#  974|   	if ((size_t)snprintf(path, len + 1, "%s/%s", dirpath, name) != len) {
#  975|   	    sudo_warnx(U_("internal error, %s overflow"), __func__);
#  976|-> 	    sudo_rcstr_delref(path);
#  977|   	    goto bad;
#  978|   	}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def560]
sudo-1.9.17p2/plugins/sudoers/toke.l:980:13: warning[-Wanalyzer-malloc-leak]: leak of 'paths'
sudo-1.9.17p2/plugins/sudoers/toke.l:938:8: branch_false: following 'false' branch...
sudo-1.9.17p2/plugins/sudoers/toke.l:944:13: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/toke.l:944:13: acquire_memory: allocated here
sudo-1.9.17p2/plugins/sudoers/toke.l:945:8: branch_false: following 'false' branch (when 'paths' is non-NULL)...
 branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/toke.l:947:12: branch_true: following 'true' branch...
sudo-1.9.17p2/plugins/sudoers/toke.l:948:32: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/toke.l:956:13: branch_false: following 'false' branch...
sudo-1.9.17p2/plugins/sudoers/toke.l:971:15: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/toke.l:972:12: branch_false: following 'false' branch...
sudo-1.9.17p2/plugins/sudoers/toke.l:974:36: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/toke.l:974:12: branch_false: following 'false' branch...
sudo-1.9.17p2/plugins/sudoers/toke.l:979:13: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/toke.l:980:13: danger: 'paths' leaks here; was allocated at [(3)](sarif:/runs/0/results/29/codeFlows/0/threadFlows/0/locations/2)
#  978|   	}
#  979|   	if (stat(path, &sb) != 0 || !S_ISREG(sb.st_mode)) {
#  980|-> 	    sudo_rcstr_delref(path);
#  981|   	    continue;
#  982|   	}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def561]
sudo-1.9.17p2/plugins/sudoers/toke.l:985:13: warning[-Wanalyzer-malloc-leak]: leak of 'paths'
sudo-1.9.17p2/plugins/sudoers/toke.l:938:8: branch_false: following 'false' branch...
sudo-1.9.17p2/plugins/sudoers/toke.l:944:13: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/toke.l:944:13: acquire_memory: allocated here
sudo-1.9.17p2/plugins/sudoers/toke.l:945:8: branch_false: following 'false' branch (when 'paths' is non-NULL)...
 branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/toke.l:947:12: branch_true: following 'true' branch...
sudo-1.9.17p2/plugins/sudoers/toke.l:948:32: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/toke.l:956:13: branch_false: following 'false' branch...
sudo-1.9.17p2/plugins/sudoers/toke.l:971:15: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/toke.l:972:12: branch_false: following 'false' branch...
sudo-1.9.17p2/plugins/sudoers/toke.l:974:36: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/toke.l:974:12: branch_false: following 'false' branch...
sudo-1.9.17p2/plugins/sudoers/toke.l:979:13: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/toke.l:984:12: branch_true: following 'true' branch (when 'pl' is NULL)...
sudo-1.9.17p2/plugins/sudoers/toke.l:985:13: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/toke.l:985:13: danger: 'paths' leaks here; was allocated at [(3)](sarif:/runs/0/results/31/codeFlows/0/threadFlows/0/locations/2)
#  983|   	pl = malloc(sizeof(*pl));
#  984|   	if (pl == NULL) {
#  985|-> 	    sudo_rcstr_delref(path);
#  986|   	    goto oom;
#  987|   	}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def562]
sudo-1.9.17p2/plugins/sudoers/toke.l:994:17: warning[-Wanalyzer-malloc-leak]: leak of 'pl'
sudo-1.9.17p2/plugins/sudoers/toke.l:938:8: branch_false: following 'false' branch...
sudo-1.9.17p2/plugins/sudoers/toke.l:944:13: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/toke.l:945:8: branch_false: following 'false' branch (when 'paths' is non-NULL)...
 branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/toke.l:947:12: branch_true: following 'true' branch...
sudo-1.9.17p2/plugins/sudoers/toke.l:948:32: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/toke.l:956:13: branch_false: following 'false' branch...
sudo-1.9.17p2/plugins/sudoers/toke.l:971:15: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/toke.l:972:12: branch_false: following 'false' branch...
sudo-1.9.17p2/plugins/sudoers/toke.l:974:36: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/toke.l:974:12: branch_false: following 'false' branch...
sudo-1.9.17p2/plugins/sudoers/toke.l:979:13: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/toke.l:984:12: branch_false: following 'false' branch (when 'pl' is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/toke.l:988:9: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/toke.l:989:12: branch_false: following 'false' branch (when 'count < max_paths')...
sudo-1.9.17p2/plugins/sudoers/toke.l:1000:15: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/toke.l:947:12: branch_true: following 'true' branch...
sudo-1.9.17p2/plugins/sudoers/toke.l:948:32: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/toke.l:956:13: branch_false: following 'false' branch...
sudo-1.9.17p2/plugins/sudoers/toke.l:971:15: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/toke.l:972:12: branch_false: following 'false' branch...
sudo-1.9.17p2/plugins/sudoers/toke.l:974:36: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/toke.l:974:12: branch_false: following 'false' branch...
sudo-1.9.17p2/plugins/sudoers/toke.l:979:13: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/toke.l:983:14: acquire_memory: allocated here
sudo-1.9.17p2/plugins/sudoers/toke.l:984:12: branch_false: following 'false' branch (when 'pl' is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/toke.l:988:9: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/toke.l:989:12: branch_true: following 'true' branch (when 'count >= max_paths')...
sudo-1.9.17p2/plugins/sudoers/toke.l:991:13: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/toke.l:993:16: branch_true: following 'true' branch (when 'tmp' is NULL)...
sudo-1.9.17p2/plugins/sudoers/toke.l:994:17: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/toke.l:994:17: danger: 'pl' leaks here; was allocated at [(27)](sarif:/runs/0/results/33/codeFlows/0/threadFlows/0/locations/26)
#  992|   	    tmp = reallocarray(paths, max_paths, sizeof(*paths));
#  993|   	    if (tmp == NULL) {
#  994|-> 		sudo_rcstr_delref(path);
#  995|   		free(pl);
#  996|   		goto oom;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def563]
sudo-1.9.17p2/plugins/sudoers/toke.l:1002:5: warning[-Wanalyzer-malloc-leak]: leak of 'paths'
sudo-1.9.17p2/plugins/sudoers/toke.l:938:8: branch_false: following 'false' branch...
sudo-1.9.17p2/plugins/sudoers/toke.l:944:13: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/toke.l:944:13: acquire_memory: allocated here
sudo-1.9.17p2/plugins/sudoers/toke.l:945:8: branch_false: following 'false' branch (when 'paths' is non-NULL)...
 branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/toke.l:1002:5: danger: 'paths' leaks here; was allocated at [(3)](sarif:/runs/0/results/34/codeFlows/0/threadFlows/0/locations/2)
# 1000|   	paths[count++] = pl;
# 1001|       }
# 1002|->     closedir(dir);
# 1003|       if (count == 0) {
# 1004|   	free(paths);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def564]
sudo-1.9.17p2/plugins/sudoers/toke.l:1011:5: warning[-Wanalyzer-malloc-leak]: leak of 'opendir(dirpath)'
sudo-1.9.17p2/plugins/sudoers/toke.l:937:11: acquire_memory: allocated here
sudo-1.9.17p2/plugins/sudoers/toke.l:938:8: branch_false: following 'false' branch...
sudo-1.9.17p2/plugins/sudoers/toke.l:944:13: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/toke.l:945:8: branch_true: following 'true' branch (when 'paths' is NULL)...
sudo-1.9.17p2/plugins/sudoers/toke.l:946:9: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/toke.l:1011:5: danger: 'opendir(dirpath)' leaks here; was allocated at [(1)](sarif:/runs/0/results/36/codeFlows/0/threadFlows/0/locations/0)
# 1009|       debug_return_size_t(count);
# 1010|   oom:
# 1011|->     sudo_warnx(U_("%s: %s"), __func__, U_("unable to allocate memory"));
# 1012|   bad:
# 1013|       sudoerserror(NULL);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def565]
sudo-1.9.17p2/plugins/sudoers/toke.l:1011:5: warning[-Wanalyzer-malloc-leak]: leak of 'paths'
sudo-1.9.17p2/plugins/sudoers/toke.l:938:8: branch_false: following 'false' branch...
sudo-1.9.17p2/plugins/sudoers/toke.l:944:13: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/toke.l:944:13: acquire_memory: allocated here
sudo-1.9.17p2/plugins/sudoers/toke.l:945:8: branch_false: following 'false' branch (when 'paths' is non-NULL)...
 branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/toke.l:947:12: branch_true: following 'true' branch...
sudo-1.9.17p2/plugins/sudoers/toke.l:948:32: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/toke.l:956:13: branch_false: following 'false' branch...
sudo-1.9.17p2/plugins/sudoers/toke.l:971:15: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/toke.l:1011:5: danger: 'paths' leaks here; was allocated at [(3)](sarif:/runs/0/results/38/codeFlows/0/threadFlows/0/locations/2)
# 1009|       debug_return_size_t(count);
# 1010|   oom:
# 1011|->     sudo_warnx(U_("%s: %s"), __func__, U_("unable to allocate memory"));
# 1012|   bad:
# 1013|       sudoerserror(NULL);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def566]
sudo-1.9.17p2/plugins/sudoers/toke.l:1013:5: warning[-Wanalyzer-malloc-leak]: leak of 'paths'
sudo-1.9.17p2/plugins/sudoers/toke.l:938:8: branch_false: following 'false' branch...
sudo-1.9.17p2/plugins/sudoers/toke.l:944:13: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/toke.l:944:13: acquire_memory: allocated here
sudo-1.9.17p2/plugins/sudoers/toke.l:945:8: branch_false: following 'false' branch (when 'paths' is non-NULL)...
 branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/toke.l:947:12: branch_true: following 'true' branch...
sudo-1.9.17p2/plugins/sudoers/toke.l:948:32: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/toke.l:956:13: branch_false: following 'false' branch...
sudo-1.9.17p2/plugins/sudoers/toke.l:971:15: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/toke.l:972:12: branch_false: following 'false' branch...
sudo-1.9.17p2/plugins/sudoers/toke.l:974:36: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/toke.l:1013:5: danger: 'paths' leaks here; was allocated at [(3)](sarif:/runs/0/results/48/codeFlows/0/threadFlows/0/locations/2)
# 1011|       sudo_warnx(U_("%s: %s"), __func__, U_("unable to allocate memory"));
# 1012|   bad:
# 1013|->     sudoerserror(NULL);
# 1014|       if (dir != NULL)
# 1015|   	closedir(dir);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def567]
sudo-1.9.17p2/plugins/sudoers/toke.l:1015:9: warning[-Wanalyzer-malloc-leak]: leak of 'paths'
sudo-1.9.17p2/plugins/sudoers/toke.l:938:8: branch_false: following 'false' branch...
sudo-1.9.17p2/plugins/sudoers/toke.l:944:13: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/toke.l:944:13: acquire_memory: allocated here
sudo-1.9.17p2/plugins/sudoers/toke.l:945:8: branch_false: following 'false' branch (when 'paths' is non-NULL)...
 branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/toke.l:947:12: branch_true: following 'true' branch...
sudo-1.9.17p2/plugins/sudoers/toke.l:948:32: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/toke.l:956:13: branch_false: following 'false' branch...
sudo-1.9.17p2/plugins/sudoers/toke.l:971:15: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/toke.l:1014:8: branch_true: following 'true' branch...
sudo-1.9.17p2/plugins/sudoers/toke.l:1015:9: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/toke.l:1015:9: danger: 'paths' leaks here; was allocated at [(3)](sarif:/runs/0/results/51/codeFlows/0/threadFlows/0/locations/2)
# 1013|       sudoerserror(NULL);
# 1014|       if (dir != NULL)
# 1015|-> 	closedir(dir);
# 1016|       for (i = 0; i < count; i++) {
# 1017|   	sudo_rcstr_delref(paths[i]->path);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def568]
sudo-1.9.17p2/plugins/sudoers/toke.l:1017:9: warning[-Wanalyzer-malloc-leak]: leak of 'paths'
sudo-1.9.17p2/plugins/sudoers/toke.l:1029:1: enter_function: entry to 'switch_dir'
sudo-1.9.17p2/plugins/sudoers/toke.l:1035:13: call_function: calling 'read_dir_files' from 'switch_dir'
# 1015|   	closedir(dir);
# 1016|       for (i = 0; i < count; i++) {
# 1017|-> 	sudo_rcstr_delref(paths[i]->path);
# 1018|   	free(paths[i]);
# 1019|       }

Error: GCC_ANALYZER_WARNING (CWE-416): [#def569]
sudo-1.9.17p2/plugins/sudoers/toke.l:1017:27: warning[-Wanalyzer-use-after-free]: use after 'reallocarray' of 'paths'
sudo-1.9.17p2/plugins/sudoers/toke.l:938:8: branch_false: following 'false' branch...
sudo-1.9.17p2/plugins/sudoers/toke.l:944:13: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/toke.l:944:13: acquire_memory: allocated here
sudo-1.9.17p2/plugins/sudoers/toke.l:945:8: branch_false: following 'false' branch (when 'paths' is non-NULL)...
 branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/toke.l:947:12: branch_true: following 'true' branch...
sudo-1.9.17p2/plugins/sudoers/toke.l:948:32: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/toke.l:956:13: branch_false: following 'false' branch...
sudo-1.9.17p2/plugins/sudoers/toke.l:971:15: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/toke.l:972:12: branch_false: following 'false' branch...
sudo-1.9.17p2/plugins/sudoers/toke.l:974:36: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/toke.l:974:12: branch_false: following 'false' branch...
sudo-1.9.17p2/plugins/sudoers/toke.l:979:13: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/toke.l:984:12: branch_false: following 'false' branch (when 'pl' is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/toke.l:988:9: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/toke.l:989:12: branch_false: following 'false' branch (when 'count < max_paths')...
sudo-1.9.17p2/plugins/sudoers/toke.l:1000:15: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/toke.l:947:12: branch_true: following 'true' branch...
sudo-1.9.17p2/plugins/sudoers/toke.l:948:32: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/toke.l:956:13: branch_false: following 'false' branch...
sudo-1.9.17p2/plugins/sudoers/toke.l:971:15: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/toke.l:972:12: branch_false: following 'false' branch...
sudo-1.9.17p2/plugins/sudoers/toke.l:974:36: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/toke.l:974:12: branch_false: following 'false' branch...
sudo-1.9.17p2/plugins/sudoers/toke.l:979:13: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/toke.l:984:12: branch_false: following 'false' branch (when 'pl' is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/toke.l:988:9: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/toke.l:989:12: branch_true: following 'true' branch (when 'count >= max_paths')...
sudo-1.9.17p2/plugins/sudoers/toke.l:991:13: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/toke.l:992:19: release_memory: deallocated here
sudo-1.9.17p2/plugins/sudoers/toke.l:993:16: branch_true: following 'true' branch (when 'tmp' is NULL)...
sudo-1.9.17p2/plugins/sudoers/toke.l:994:17: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/toke.l:1014:8: branch_true: following 'true' branch...
sudo-1.9.17p2/plugins/sudoers/toke.l:1015:9: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/toke.l:1016:17: branch_true: following 'true' branch (when 'i < count')...
sudo-1.9.17p2/plugins/sudoers/toke.l:1017:32: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/toke.l:1017:27: danger: use after 'reallocarray' of 'paths + i * 8'; deallocated at [(33)](sarif:/runs/0/results/54/codeFlows/0/threadFlows/0/locations/32)
# 1015|   	closedir(dir);
# 1016|       for (i = 0; i < count; i++) {
# 1017|-> 	sudo_rcstr_delref(paths[i]->path);
# 1018|   	free(paths[i]);
# 1019|       }

Error: GCC_ANALYZER_WARNING (CWE-401): [#def570]
sudo-1.9.17p2/plugins/sudoers/toke.l:1106:5: warning[-Wanalyzer-malloc-leak]: leak of 'dst'
sudo-1.9.17p2/plugins/sudoers/toke.l:1139:1: enter_function: entry to 'expand_include'
sudo-1.9.17p2/plugins/sudoers/toke.l:1155:8: branch_false: following 'false' branch (when 'src_len != 0')...
sudo-1.9.17p2/plugins/sudoers/toke.l:1160:10: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/toke.l:1171:8: branch_true: following 'true' branch (when 'nhost != 0')...
sudo-1.9.17p2/plugins/sudoers/toke.l:1171:23: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/toke.l:1171:9: branch_true: following 'true' branch...
sudo-1.9.17p2/plugins/sudoers/toke.l:1172:31: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/toke.l:1172:24: acquire_memory: allocated here
sudo-1.9.17p2/plugins/sudoers/toke.l:1173:12: branch_false: following 'false' branch (when 'dynamic_host' is non-NULL)...
 branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/toke.l:1177:34: branch_false: following 'false' branch...
sudo-1.9.17p2/plugins/sudoers/toke.l:1184:9: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/toke.l:1188:8: branch_true: following 'true' branch...
sudo-1.9.17p2/plugins/sudoers/toke.l:1190:39: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/toke.l:1192:12: branch_false: following 'false' branch...
sudo-1.9.17p2/plugins/sudoers/toke.l:1196:13: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/toke.l:1196:13: call_function: calling 'strlcpy_expand_host' from 'expand_include'
# 1104|       size_t len = 0;
# 1105|       char ch;
# 1106|->     debug_decl(strlcpy_expand_host, SUDOERS_DEBUG_PARSER);
# 1107|   
# 1108|       while ((ch = *src++) != '\0') {

Error: GCC_ANALYZER_WARNING (CWE-401): [#def571]
sudo-1.9.17p2/plugins/sudoers/toke.l:1130:5: warning[-Wanalyzer-malloc-leak]: leak of 'dst'
sudo-1.9.17p2/plugins/sudoers/toke.l:1139:1: enter_function: entry to 'expand_include'
sudo-1.9.17p2/plugins/sudoers/toke.l:1155:8: branch_false: following 'false' branch (when 'src_len != 0')...
sudo-1.9.17p2/plugins/sudoers/toke.l:1160:10: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/toke.l:1171:8: branch_true: following 'true' branch (when 'nhost != 0')...
sudo-1.9.17p2/plugins/sudoers/toke.l:1171:23: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/toke.l:1171:9: branch_true: following 'true' branch...
sudo-1.9.17p2/plugins/sudoers/toke.l:1172:31: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/toke.l:1172:24: acquire_memory: allocated here
sudo-1.9.17p2/plugins/sudoers/toke.l:1173:12: branch_false: following 'false' branch (when 'dynamic_host' is non-NULL)...
 branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/toke.l:1177:34: branch_false: following 'false' branch...
sudo-1.9.17p2/plugins/sudoers/toke.l:1184:9: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/toke.l:1188:8: branch_true: following 'true' branch...
sudo-1.9.17p2/plugins/sudoers/toke.l:1190:39: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/toke.l:1192:12: branch_false: following 'false' branch...
sudo-1.9.17p2/plugins/sudoers/toke.l:1196:13: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/toke.l:1196:13: call_function: calling 'strlcpy_expand_host' from 'expand_include'
# 1128|   	*dst = '\0';
# 1129|   
# 1130|->     debug_return_size_t(len);
# 1131|   }
# 1132|   

Error: GCC_ANALYZER_WARNING (CWE-401): [#def572]
sudo-1.9.17p2/plugins/sudoers/toke.l:1191:16: warning[-Wanalyzer-malloc-leak]: leak of 'dst'
sudo-1.9.17p2/plugins/sudoers/toke.l:1155:8: branch_false: following 'false' branch (when 'src_len != 0')...
sudo-1.9.17p2/plugins/sudoers/toke.l:1160:10: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/toke.l:1171:8: branch_true: following 'true' branch (when 'nhost != 0')...
sudo-1.9.17p2/plugins/sudoers/toke.l:1171:23: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/toke.l:1171:9: branch_true: following 'true' branch...
sudo-1.9.17p2/plugins/sudoers/toke.l:1172:31: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/toke.l:1172:24: acquire_memory: allocated here
sudo-1.9.17p2/plugins/sudoers/toke.l:1173:12: branch_false: following 'false' branch (when 'dynamic_host' is non-NULL)...
 branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/toke.l:1177:34: branch_false: following 'false' branch...
sudo-1.9.17p2/plugins/sudoers/toke.l:1184:9: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/toke.l:1188:8: branch_true: following 'true' branch...
sudo-1.9.17p2/plugins/sudoers/toke.l:1190:39: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/toke.l:1191:16: danger: 'dst' leaks here; was allocated at [(8)](sarif:/runs/0/results/57/codeFlows/0/threadFlows/0/locations/7)
# 1189|   	/* Fully-qualified path, make a copy and expand %h escapes. */
# 1190|   	dst_size = src_len + (nhost * strlen(host)) - (nhost * 2) + 1;
# 1191|-> 	dst0 = sudo_rcstr_alloc(dst_size - 1);
# 1192|   	if (dst0 == NULL) {
# 1193|   	    sudo_warnx(U_("%s: %s"), __func__, U_("unable to allocate memory"));

Error: GCC_ANALYZER_WARNING (CWE-401): [#def573]
sudo-1.9.17p2/plugins/sudoers/toke.l:1193:13: warning[-Wanalyzer-malloc-leak]: leak of 'dst'
sudo-1.9.17p2/plugins/sudoers/toke.l:1155:8: branch_false: following 'false' branch (when 'src_len != 0')...
sudo-1.9.17p2/plugins/sudoers/toke.l:1160:10: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/toke.l:1171:8: branch_true: following 'true' branch (when 'nhost != 0')...
sudo-1.9.17p2/plugins/sudoers/toke.l:1171:23: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/toke.l:1171:9: branch_true: following 'true' branch...
sudo-1.9.17p2/plugins/sudoers/toke.l:1172:31: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/toke.l:1172:24: acquire_memory: allocated here
sudo-1.9.17p2/plugins/sudoers/toke.l:1173:12: branch_false: following 'false' branch (when 'dynamic_host' is non-NULL)...
 branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/toke.l:1177:34: branch_false: following 'false' branch...
sudo-1.9.17p2/plugins/sudoers/toke.l:1184:9: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/toke.l:1188:8: branch_true: following 'true' branch...
sudo-1.9.17p2/plugins/sudoers/toke.l:1190:39: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/toke.l:1192:12: branch_true: following 'true' branch...
sudo-1.9.17p2/plugins/sudoers/toke.l:1193:13: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/toke.l:1193:13: danger: 'dst' leaks here; was allocated at [(8)](sarif:/runs/0/results/58/codeFlows/0/threadFlows/0/locations/7)
# 1191|   	dst0 = sudo_rcstr_alloc(dst_size - 1);
# 1192|   	if (dst0 == NULL) {
# 1193|-> 	    sudo_warnx(U_("%s: %s"), __func__, U_("unable to allocate memory"));
# 1194|   	    goto bad;
# 1195|   	}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def574]
sudo-1.9.17p2/plugins/sudoers/toke.l:1207:15: warning[-Wanalyzer-malloc-leak]: leak of 'dst'
sudo-1.9.17p2/plugins/sudoers/toke.l:1155:8: branch_false: following 'false' branch (when 'src_len != 0')...
sudo-1.9.17p2/plugins/sudoers/toke.l:1160:10: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/toke.l:1171:8: branch_true: following 'true' branch (when 'nhost != 0')...
sudo-1.9.17p2/plugins/sudoers/toke.l:1171:23: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/toke.l:1171:9: branch_true: following 'true' branch...
sudo-1.9.17p2/plugins/sudoers/toke.l:1172:31: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/toke.l:1172:24: acquire_memory: allocated here
sudo-1.9.17p2/plugins/sudoers/toke.l:1173:12: branch_false: following 'false' branch (when 'dynamic_host' is non-NULL)...
 branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/toke.l:1177:34: branch_false: following 'false' branch...
sudo-1.9.17p2/plugins/sudoers/toke.l:1184:9: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/toke.l:1188:8: branch_false: following 'false' branch...
sudo-1.9.17p2/plugins/sudoers/toke.l:1207:15: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/toke.l:1207:15: danger: 'dst' leaks here; was allocated at [(8)](sarif:/runs/0/results/64/codeFlows/0/threadFlows/0/locations/7)
# 1205|        */
# 1206|       dst_size = 1;
# 1207|->     for (cp = sudo_strsplit(path, path_end, ":", &ep); cp != NULL;
# 1208|   	    cp = sudo_strsplit(NULL, path_end, ":", &ep)) {
# 1209|   	char *dirend = memrchr(cp, '/', (size_t)(ep - cp));

Error: GCC_ANALYZER_WARNING (CWE-401): [#def575]
sudo-1.9.17p2/plugins/sudoers/toke.l:1208:18: warning[-Wanalyzer-malloc-leak]: leak of 'dst'
sudo-1.9.17p2/plugins/sudoers/toke.l:1155:8: branch_false: following 'false' branch (when 'src_len != 0')...
sudo-1.9.17p2/plugins/sudoers/toke.l:1160:10: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/toke.l:1171:8: branch_true: following 'true' branch (when 'nhost != 0')...
sudo-1.9.17p2/plugins/sudoers/toke.l:1171:23: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/toke.l:1171:9: branch_true: following 'true' branch...
sudo-1.9.17p2/plugins/sudoers/toke.l:1172:31: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/toke.l:1172:24: acquire_memory: allocated here
sudo-1.9.17p2/plugins/sudoers/toke.l:1173:12: branch_false: following 'false' branch (when 'dynamic_host' is non-NULL)...
 branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/toke.l:1177:34: branch_false: following 'false' branch...
sudo-1.9.17p2/plugins/sudoers/toke.l:1184:9: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/toke.l:1188:8: branch_false: following 'false' branch...
sudo-1.9.17p2/plugins/sudoers/toke.l:1207:15: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/toke.l:1207:56: branch_true: following 'true' branch (when 'cp' is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/toke.l:1209:49: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/toke.l:1208:18: danger: 'dst' leaks here; was allocated at [(8)](sarif:/runs/0/results/65/codeFlows/0/threadFlows/0/locations/7)
# 1206|       dst_size = 1;
# 1207|       for (cp = sudo_strsplit(path, path_end, ":", &ep); cp != NULL;
# 1208|-> 	    cp = sudo_strsplit(NULL, path_end, ":", &ep)) {
# 1209|   	char *dirend = memrchr(cp, '/', (size_t)(ep - cp));
# 1210|   	if (dirend != NULL) {

Error: GCC_ANALYZER_WARNING (CWE-401): [#def576]
sudo-1.9.17p2/plugins/sudoers/toke.l:1219:18: warning[-Wanalyzer-malloc-leak]: leak of 'dst'
sudo-1.9.17p2/plugins/sudoers/toke.l:1155:8: branch_false: following 'false' branch (when 'src_len != 0')...
sudo-1.9.17p2/plugins/sudoers/toke.l:1160:10: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/toke.l:1171:8: branch_true: following 'true' branch (when 'nhost != 0')...
sudo-1.9.17p2/plugins/sudoers/toke.l:1171:23: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/toke.l:1171:9: branch_true: following 'true' branch...
sudo-1.9.17p2/plugins/sudoers/toke.l:1172:31: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/toke.l:1172:24: acquire_memory: allocated here
sudo-1.9.17p2/plugins/sudoers/toke.l:1173:12: branch_false: following 'false' branch (when 'dynamic_host' is non-NULL)...
 branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/toke.l:1177:34: branch_false: following 'false' branch...
sudo-1.9.17p2/plugins/sudoers/toke.l:1184:9: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/toke.l:1188:8: branch_false: following 'false' branch...
sudo-1.9.17p2/plugins/sudoers/toke.l:1207:15: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/toke.l:1219:18: danger: 'dst' leaks here; was allocated at [(8)](sarif:/runs/0/results/66/codeFlows/0/threadFlows/0/locations/7)
# 1217|   
# 1218|       /* Make a copy of the fully-qualified path and return it. */
# 1219|->     dst = dst0 = sudo_rcstr_alloc(dst_size - 1);
# 1220|       if (dst0 == NULL) {
# 1221|   	sudo_warnx(U_("%s: %s"), __func__, U_("unable to allocate memory"));

Error: GCC_ANALYZER_WARNING (CWE-401): [#def577]
sudo-1.9.17p2/plugins/sudoers/toke.l:1221:9: warning[-Wanalyzer-malloc-leak]: leak of 'dst'
sudo-1.9.17p2/plugins/sudoers/toke.l:1155:8: branch_false: following 'false' branch (when 'src_len != 0')...
sudo-1.9.17p2/plugins/sudoers/toke.l:1160:10: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/toke.l:1171:8: branch_true: following 'true' branch (when 'nhost != 0')...
sudo-1.9.17p2/plugins/sudoers/toke.l:1171:23: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/toke.l:1171:9: branch_true: following 'true' branch...
sudo-1.9.17p2/plugins/sudoers/toke.l:1172:31: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/toke.l:1172:24: acquire_memory: allocated here
sudo-1.9.17p2/plugins/sudoers/toke.l:1173:12: branch_false: following 'false' branch (when 'dynamic_host' is non-NULL)...
 branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/toke.l:1177:34: branch_false: following 'false' branch...
sudo-1.9.17p2/plugins/sudoers/toke.l:1184:9: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/toke.l:1188:8: branch_false: following 'false' branch...
sudo-1.9.17p2/plugins/sudoers/toke.l:1207:15: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/toke.l:1220:8: branch_true: following 'true' branch...
sudo-1.9.17p2/plugins/sudoers/toke.l:1221:9: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/toke.l:1221:9: danger: 'dst' leaks here; was allocated at [(8)](sarif:/runs/0/results/67/codeFlows/0/threadFlows/0/locations/7)
# 1219|       dst = dst0 = sudo_rcstr_alloc(dst_size - 1);
# 1220|       if (dst0 == NULL) {
# 1221|-> 	sudo_warnx(U_("%s: %s"), __func__, U_("unable to allocate memory"));
# 1222|   	goto bad;
# 1223|       }

Error: GCC_ANALYZER_WARNING (CWE-401): [#def578]
sudo-1.9.17p2/plugins/sudoers/toke.l:1224:15: warning[-Wanalyzer-malloc-leak]: leak of 'dst'
sudo-1.9.17p2/plugins/sudoers/toke.l:1155:8: branch_false: following 'false' branch (when 'src_len != 0')...
sudo-1.9.17p2/plugins/sudoers/toke.l:1160:10: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/toke.l:1171:8: branch_true: following 'true' branch (when 'nhost != 0')...
sudo-1.9.17p2/plugins/sudoers/toke.l:1171:23: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/toke.l:1171:9: branch_true: following 'true' branch...
sudo-1.9.17p2/plugins/sudoers/toke.l:1172:31: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/toke.l:1172:24: acquire_memory: allocated here
sudo-1.9.17p2/plugins/sudoers/toke.l:1173:12: branch_false: following 'false' branch (when 'dynamic_host' is non-NULL)...
 branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/toke.l:1177:34: branch_false: following 'false' branch...
sudo-1.9.17p2/plugins/sudoers/toke.l:1184:9: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/toke.l:1188:8: branch_false: following 'false' branch...
sudo-1.9.17p2/plugins/sudoers/toke.l:1207:15: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/toke.l:1220:8: branch_false: following 'false' branch...
sudo-1.9.17p2/plugins/sudoers/toke.l:1224:15: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/toke.l:1224:15: danger: 'dst' leaks here; was allocated at [(8)](sarif:/runs/0/results/73/codeFlows/0/threadFlows/0/locations/7)
# 1222|   	goto bad;
# 1223|       }
# 1224|->     for (cp = sudo_strsplit(path, path_end, ":", &ep); cp != NULL;
# 1225|   	    cp = sudo_strsplit(NULL, path_end, ":", &ep)) {
# 1226|   	size_t len;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def579]
sudo-1.9.17p2/plugins/sudoers/toke.l:1258:5: warning[-Wanalyzer-malloc-leak]: leak of 'dst'
sudo-1.9.17p2/plugins/sudoers/toke.l:1155:8: branch_false: following 'false' branch (when 'src_len != 0')...
sudo-1.9.17p2/plugins/sudoers/toke.l:1160:10: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/toke.l:1171:8: branch_true: following 'true' branch (when 'nhost != 0')...
sudo-1.9.17p2/plugins/sudoers/toke.l:1171:23: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/toke.l:1171:9: branch_true: following 'true' branch...
sudo-1.9.17p2/plugins/sudoers/toke.l:1172:31: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/toke.l:1172:24: acquire_memory: allocated here
sudo-1.9.17p2/plugins/sudoers/toke.l:1173:12: branch_false: following 'false' branch (when 'dynamic_host' is non-NULL)...
 branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/toke.l:1177:34: branch_false: following 'false' branch...
sudo-1.9.17p2/plugins/sudoers/toke.l:1184:9: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/toke.l:1220:8: branch_false: following 'false' branch...
sudo-1.9.17p2/plugins/sudoers/toke.l:1224:15: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/toke.l:1224:56: branch_true: following 'true' branch (when 'cp' is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/toke.l:1229:12: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/toke.l:1230:16: branch_true: following 'true' branch (when 'dst_size <= 1')...
sudo-1.9.17p2/plugins/sudoers/toke.l:1231:17: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/toke.l:1258:5: danger: 'dst' leaks here; was allocated at [(8)](sarif:/runs/0/results/74/codeFlows/0/threadFlows/0/locations/7)
# 1256|       debug_return_str(dst0);
# 1257|   oflow:
# 1258|->     sudo_warnx(U_("internal error, %s overflow"), __func__);
# 1259|   bad:
# 1260|       sudoerserror(NULL);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def580]
sudo-1.9.17p2/plugins/sudoers/toke.l:1260:5: warning[-Wanalyzer-malloc-leak]: leak of 'dst'
sudo-1.9.17p2/plugins/sudoers/toke.l:1155:8: branch_false: following 'false' branch (when 'src_len != 0')...
sudo-1.9.17p2/plugins/sudoers/toke.l:1160:10: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/toke.l:1171:8: branch_true: following 'true' branch (when 'nhost != 0')...
sudo-1.9.17p2/plugins/sudoers/toke.l:1171:23: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/toke.l:1171:9: branch_true: following 'true' branch...
sudo-1.9.17p2/plugins/sudoers/toke.l:1172:31: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/toke.l:1172:24: acquire_memory: allocated here
sudo-1.9.17p2/plugins/sudoers/toke.l:1173:12: branch_false: following 'false' branch (when 'dynamic_host' is non-NULL)...
 branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/toke.l:1177:34: branch_false: following 'false' branch...
sudo-1.9.17p2/plugins/sudoers/toke.l:1184:9: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/toke.l:1192:12: branch_true: following 'true' branch...
sudo-1.9.17p2/plugins/sudoers/toke.l:1193:13: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/toke.l:1260:5: danger: 'dst' leaks here; was allocated at [(8)](sarif:/runs/0/results/78/codeFlows/0/threadFlows/0/locations/7)
# 1258|       sudo_warnx(U_("internal error, %s overflow"), __func__);
# 1259|   bad:
# 1260|->     sudoerserror(NULL);
# 1261|       free(dynamic_host);
# 1262|       free(dst0);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def581]
sudo-1.9.17p2/plugins/sudoers/toke_util.c:84:5: warning[-Wanalyzer-malloc-leak]: leak of 'dst'
sudo-1.9.17p2/plugins/sudoers/toke_util.c:78:11: acquire_memory: allocated here
sudo-1.9.17p2/plugins/sudoers/toke_util.c:79:8: branch_false: following 'false' branch (when 'dst' is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/toke_util.c:84:5: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/toke_util.c:84:5: danger: 'dst' leaks here; was allocated at [(1)](sarif:/runs/0/results/0/codeFlows/0/threadFlows/0/locations/0)
#   82|   	debug_return_bool(false);
#   83|       }
#   84|->     parser_leak_add(LEAK_PTR, dst);
#   85|       copy_string(dst, src, len);
#   86|       sudoerslval.string = dst;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def582]
sudo-1.9.17p2/plugins/sudoers/toke_util.c:113:5: warning[-Wanalyzer-malloc-leak]: leak of 'dst'
sudo-1.9.17p2/plugins/sudoers/toke_util.c:105:8: branch_false: following 'false' branch (when 'dst' is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/toke_util.c:113:5: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/toke_util.c:113:5: danger: 'dst' leaks here; was allocated at [(1)](sarif:/runs/0/results/1/codeFlows/0/threadFlows/0/locations/0)
#  111|   	debug_return_bool(false);
#  112|       }
#  113|->     parser_leak_add(LEAK_PTR, dst);
#  114|       copy_string(dst + olen, src, len);
#  115|       sudoerslval.string = dst;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def583]
sudo-1.9.17p2/plugins/sudoers/toke_util.c:208:9: warning[-Wanalyzer-malloc-leak]: leak of 'p'
sudo-1.9.17p2/plugins/sudoers/toke_util.c:184:8: branch_true: following 'true' branch...
sudo-1.9.17p2/plugins/sudoers/toke_util.c:198:8: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/toke_util.c:198:8: branch_true: following 'true' branch...
sudo-1.9.17p2/plugins/sudoers/toke_util.c:200:20: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/toke_util.c:204:12: branch_false: following 'false' branch (when 'p' is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/toke_util.c:208:9: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/toke_util.c:208:9: danger: 'p' leaks here; was allocated at [(5)](sarif:/runs/0/results/2/codeFlows/0/threadFlows/0/locations/4)
#  206|   	    goto bad;
#  207|   	}
#  208|-> 	parser_leak_add(LEAK_PTR, p);
#  209|   	sudoerslval.command.args = p;
#  210|       }

Error: GCC_ANALYZER_WARNING (CWE-401): [#def584]
sudo-1.9.17p2/plugins/sudoers/tsgetgrpw.c:219:17: warning[-Wanalyzer-malloc-leak]: leak of ‘groups’
sudo-1.9.17p2/plugins/sudoers/tsgetgrpw.c:349:1: enter_function: entry to ‘testsudoers_getgrouplist2’
sudo-1.9.17p2/plugins/sudoers/tsgetgrpw.c:358:8: branch_true: following ‘true’ branch (when ‘groups’ is NULL)...
sudo-1.9.17p2/plugins/sudoers/tsgetgrpw.c:360:19: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/tsgetgrpw.c:363:18: acquire_memory: allocated here
sudo-1.9.17p2/plugins/sudoers/tsgetgrpw.c:364:12: branch_false: following ‘false’ branch (when ‘groups’ is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/tsgetgrpw.c:366:9: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/tsgetgrpw.c:376:5: call_function: inlined call to ‘testsudoers_setgrent’ from ‘testsudoers_getgrouplist2’
#  217|   	grf = fopen(grfile, "r");
#  218|   	if (grf != NULL) {
#  219|-> 	    if (fcntl(fileno(grf), F_SETFD, FD_CLOEXEC) == -1) {
#  220|   		fclose(grf);
#  221|   		grf = NULL;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def585]
sudo-1.9.17p2/plugins/sudoers/tsgetgrpw.c:227:9: warning[-Wanalyzer-malloc-leak]: leak of ‘groups’
sudo-1.9.17p2/plugins/sudoers/tsgetgrpw.c:349:1: enter_function: entry to ‘testsudoers_getgrouplist2’
sudo-1.9.17p2/plugins/sudoers/tsgetgrpw.c:358:8: branch_true: following ‘true’ branch (when ‘groups’ is NULL)...
sudo-1.9.17p2/plugins/sudoers/tsgetgrpw.c:360:19: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/tsgetgrpw.c:363:18: acquire_memory: allocated here
sudo-1.9.17p2/plugins/sudoers/tsgetgrpw.c:364:12: branch_false: following ‘false’ branch (when ‘groups’ is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/tsgetgrpw.c:366:9: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/tsgetgrpw.c:376:5: call_function: inlined call to ‘testsudoers_setgrent’ from ‘testsudoers_getgrouplist2’
#  225|   	    return 0;
#  226|       } else if (reset) {
#  227|-> 	rewind(grf);
#  228|       }
#  229|       return 1;

Error: GCC_ANALYZER_WARNING (CWE-775): [#def586]
sudo-1.9.17p2/plugins/sudoers/tsgetusershell.c:71:12: warning[-Wanalyzer-file-leak]: leak of FILE ‘fopen(shellfile, "r")’
sudo-1.9.17p2/plugins/sudoers/tsgetusershell.c:102:1: enter_function: entry to ‘testsudoers_setusershell’
sudo-1.9.17p2/plugins/sudoers/tsgetusershell.c:106:21: call_function: calling ‘read_shells’ from ‘testsudoers_setusershell’
#   69|   	goto bad;
#   70|   
#   71|->     while (sudo_parseln(&line, &linesize, NULL, fp, PARSELN_CONT_IGN) != -1) {
#   72|   	if (nshells + 1 >= maxshells) {
#   73|   	    char **new_shells;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def587]
sudo-1.9.17p2/plugins/sudoers/tsgetusershell.c:71:12: warning[-Wanalyzer-malloc-leak]: leak of ‘fopen(shellfile, "r")’
sudo-1.9.17p2/plugins/sudoers/tsgetusershell.c:102:1: enter_function: entry to ‘testsudoers_setusershell’
sudo-1.9.17p2/plugins/sudoers/tsgetusershell.c:106:21: call_function: calling ‘read_shells’ from ‘testsudoers_setusershell’
#   69|   	goto bad;
#   70|   
#   71|->     while (sudo_parseln(&line, &linesize, NULL, fp, PARSELN_CONT_IGN) != -1) {
#   72|   	if (nshells + 1 >= maxshells) {
#   73|   	    char **new_shells;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def588]
sudo-1.9.17p2/plugins/sudoers/visudo.c:385:19: warning[-Wanalyzer-malloc-leak]: leak of ‘allowlist’
sudo-1.9.17p2/plugins/sudoers/visudo.c:372:8: branch_false: following ‘false’ branch...
sudo-1.9.17p2/plugins/sudoers/visudo.c:374:38: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/visudo.c:381:21: acquire_memory: allocated here
sudo-1.9.17p2/plugins/sudoers/visudo.c:382:12: branch_false: following ‘false’ branch (when ‘allowlist’ is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/visudo.c:385:19: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/visudo.c:385:19: danger: ‘allowlist’ leaks here; was allocated at [(3)](sarif:/runs/0/results/0/codeFlows/0/threadFlows/0/locations/2)
#  383|   	    sudo_fatalx(U_("%s: %s"), __func__, U_("unable to allocate memory"));
#  384|   	allowlist_len = 0;
#  385|-> 	for (cp = sudo_strsplit(def_editor, def_editor_end, ":", &ep);
#  386|   	    cp != NULL; cp = sudo_strsplit(NULL, def_editor_end, ":", &ep)) {
#  387|   	    allowlist[allowlist_len] = strndup(cp, (size_t)(ep - cp));

Error: GCC_ANALYZER_WARNING (CWE-401): [#def589]
sudo-1.9.17p2/plugins/sudoers/visudo.c:386:30: warning[-Wanalyzer-malloc-leak]: leak of ‘allowlist’
sudo-1.9.17p2/plugins/sudoers/visudo.c:372:8: branch_false: following ‘false’ branch...
sudo-1.9.17p2/plugins/sudoers/visudo.c:374:38: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/visudo.c:381:21: acquire_memory: allocated here
sudo-1.9.17p2/plugins/sudoers/visudo.c:382:12: branch_false: following ‘false’ branch (when ‘allowlist’ is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/visudo.c:385:19: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/visudo.c:386:13: branch_true: following ‘true’ branch (when ‘cp’ is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/visudo.c:387:60: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/visudo.c:388:16: branch_false: following ‘false’ branch...
sudo-1.9.17p2/plugins/sudoers/visudo.c:390:13: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/visudo.c:386:30: danger: ‘allowlist’ leaks here; was allocated at [(3)](sarif:/runs/0/results/1/codeFlows/0/threadFlows/0/locations/2)
#  384|   	allowlist_len = 0;
#  385|   	for (cp = sudo_strsplit(def_editor, def_editor_end, ":", &ep);
#  386|-> 	    cp != NULL; cp = sudo_strsplit(NULL, def_editor_end, ":", &ep)) {
#  387|   	    allowlist[allowlist_len] = strndup(cp, (size_t)(ep - cp));
#  388|   	    if (allowlist[allowlist_len] == NULL)

Error: GCC_ANALYZER_WARNING (CWE-401): [#def590]
sudo-1.9.17p2/plugins/sudoers/visudo.c:389:17: warning[-Wanalyzer-malloc-leak]: leak of ‘allowlist’
sudo-1.9.17p2/plugins/sudoers/visudo.c:372:8: branch_false: following ‘false’ branch...
sudo-1.9.17p2/plugins/sudoers/visudo.c:374:38: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/visudo.c:381:21: acquire_memory: allocated here
sudo-1.9.17p2/plugins/sudoers/visudo.c:382:12: branch_false: following ‘false’ branch (when ‘allowlist’ is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/visudo.c:385:19: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/visudo.c:386:13: branch_true: following ‘true’ branch (when ‘cp’ is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/visudo.c:387:60: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/visudo.c:388:16: branch_true: following ‘true’ branch...
sudo-1.9.17p2/plugins/sudoers/visudo.c:389:17: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/visudo.c:389:17: danger: ‘allowlist’ leaks here; was allocated at [(3)](sarif:/runs/0/results/2/codeFlows/0/threadFlows/0/locations/2)
#  387|   	    allowlist[allowlist_len] = strndup(cp, (size_t)(ep - cp));
#  388|   	    if (allowlist[allowlist_len] == NULL)
#  389|-> 		sudo_fatalx(U_("%s: %s"), __func__, U_("unable to allocate memory"));
#  390|   	    allowlist_len++;
#  391|   	}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def591]
sudo-1.9.17p2/plugins/sudoers/visudo.c:395:19: warning[-Wanalyzer-malloc-leak]: leak of ‘allowlist’
sudo-1.9.17p2/plugins/sudoers/visudo.c:372:8: branch_false: following ‘false’ branch...
sudo-1.9.17p2/plugins/sudoers/visudo.c:374:38: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/visudo.c:381:21: acquire_memory: allocated here
sudo-1.9.17p2/plugins/sudoers/visudo.c:382:12: branch_false: following ‘false’ branch (when ‘allowlist’ is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/visudo.c:385:19: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/visudo.c:386:13: branch_false: following ‘false’ branch (when ‘cp’ is NULL)...
sudo-1.9.17p2/plugins/sudoers/visudo.c:392:18: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/visudo.c:395:19: danger: ‘allowlist’ leaks here; was allocated at [(3)](sarif:/runs/0/results/8/codeFlows/0/threadFlows/0/locations/2)
#  393|       }
#  394|   
#  395|->     editor_path = find_editor(2, (char **)files, editor_argc, editor_argv,
#  396|   	allowlist, &env_editor);
#  397|       if (editor_path == NULL) {

Error: GCC_ANALYZER_WARNING (CWE-401): [#def592]
sudo-1.9.17p2/plugins/sudoers/visudo.c:401:17: warning[-Wanalyzer-malloc-leak]: leak of ‘allowlist’
sudo-1.9.17p2/plugins/sudoers/visudo.c:372:8: branch_false: following ‘false’ branch...
sudo-1.9.17p2/plugins/sudoers/visudo.c:374:38: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/visudo.c:381:21: acquire_memory: allocated here
sudo-1.9.17p2/plugins/sudoers/visudo.c:382:12: branch_false: following ‘false’ branch (when ‘allowlist’ is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/visudo.c:385:19: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/visudo.c:397:8: branch_true: following ‘true’ branch...
sudo-1.9.17p2/plugins/sudoers/visudo.c:398:13: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/visudo.c:398:12: branch_true: following ‘true’ branch...
sudo-1.9.17p2/plugins/sudoers/visudo.c:400:16: branch_true: following ‘true’ branch...
sudo-1.9.17p2/plugins/sudoers/visudo.c:401:17: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/visudo.c:401:17: danger: ‘allowlist’ leaks here; was allocated at [(3)](sarif:/runs/0/results/9/codeFlows/0/threadFlows/0/locations/2)
#  399|   	    /* We are honoring $EDITOR so this is a fatal error. */
#  400|   	    if (errno == ENOENT) {
#  401|-> 		sudo_warnx(U_("specified editor (%s) doesn't exist"),
#  402|   		    env_editor);
#  403|   	    }

Error: GCC_ANALYZER_WARNING (CWE-401): [#def593]
sudo-1.9.17p2/plugins/sudoers/visudo.c:406:9: warning[-Wanalyzer-malloc-leak]: leak of ‘allowlist’
sudo-1.9.17p2/plugins/sudoers/visudo.c:372:8: branch_false: following ‘false’ branch...
sudo-1.9.17p2/plugins/sudoers/visudo.c:374:38: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/visudo.c:381:21: acquire_memory: allocated here
sudo-1.9.17p2/plugins/sudoers/visudo.c:382:12: branch_false: following ‘false’ branch (when ‘allowlist’ is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/visudo.c:385:19: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/visudo.c:397:8: branch_true: following ‘true’ branch...
sudo-1.9.17p2/plugins/sudoers/visudo.c:398:13: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/visudo.c:406:9: danger: ‘allowlist’ leaks here; was allocated at [(3)](sarif:/runs/0/results/13/codeFlows/0/threadFlows/0/locations/2)
#  404|   	    exit(EXIT_FAILURE);
#  405|   	}
#  406|-> 	sudo_fatalx(U_("no editor found (editor path = %s)"), def_editor);
#  407|       }
#  408|   

Error: CPPCHECK_WARNING (CWE-562): [#def594]
sudo-1.9.17p2/plugins/sudoers/visudo.c:542: error[autoVariables]: Address of local auto-variable assigned to a function parameter.
#  540|       if (lineno > 0) {
#  541|   	(void)snprintf(linestr, sizeof(linestr), "+%d", lineno);
#  542|-> 	editor_argv[ac++] = linestr; // -V507
#  543|       }
#  544|       editor_argv[ac++] = (char *)"--";

Error: GCC_ANALYZER_WARNING (CWE-775): [#def595]
sudo-1.9.17p2/plugins/sudoers/visudo.c:665:12: warning[-Wanalyzer-file-leak]: leak of FILE ‘fopen(*sp.tpath, "r+")’
sudo-1.9.17p2/plugins/sudoers/visudo.c:657:12: branch_true: following ‘true’ branch (when ‘sp’ is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/visudo.c:658:16: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/visudo.c:659:14: acquire_resource: opened here
sudo-1.9.17p2/plugins/sudoers/visudo.c:660:12: branch_false: following ‘false’ branch...
sudo-1.9.17p2/plugins/sudoers/visudo.c:665:14: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/visudo.c:665:12: danger: ‘fopen(*sp.tpath, "r+")’ leaks here; was opened at [(3)](sarif:/runs/0/results/17/codeFlows/0/threadFlows/0/locations/2)
#  663|   
#  664|   	/* Clean slate for each parse */
#  665|-> 	if (!init_defaults())
#  666|   	    sudo_fatalx("%s", U_("unable to initialize sudoers default values"));
#  667|   	init_parser(ctx, sp->opath);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def596]
sudo-1.9.17p2/plugins/sudoers/visudo.c:665:12: warning[-Wanalyzer-malloc-leak]: leak of ‘fopen(*sp.tpath, "r+")’
sudo-1.9.17p2/plugins/sudoers/visudo.c:657:12: branch_true: following ‘true’ branch (when ‘sp’ is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/visudo.c:658:16: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/visudo.c:659:14: acquire_memory: allocated here
sudo-1.9.17p2/plugins/sudoers/visudo.c:660:12: branch_false: following ‘false’ branch...
sudo-1.9.17p2/plugins/sudoers/visudo.c:665:14: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/visudo.c:665:12: danger: ‘fopen(*sp.tpath, "r+")’ leaks here; was allocated at [(3)](sarif:/runs/0/results/18/codeFlows/0/threadFlows/0/locations/2)
#  663|   
#  664|   	/* Clean slate for each parse */
#  665|-> 	if (!init_defaults())
#  666|   	    sudo_fatalx("%s", U_("unable to initialize sudoers default values"));
#  667|   	init_parser(ctx, sp->opath);

Error: GCC_ANALYZER_WARNING (CWE-775): [#def597]
sudo-1.9.17p2/plugins/sudoers/visudo.c:665:14: warning[-Wanalyzer-file-leak]: leak of FILE ‘fopen(*sp.tpath, "r+")’
sudo-1.9.17p2/plugins/sudoers/visudo.c:657:12: branch_true: following ‘true’ branch (when ‘sp’ is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/visudo.c:658:16: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/visudo.c:659:14: acquire_resource: opened here
sudo-1.9.17p2/plugins/sudoers/visudo.c:660:12: branch_false: following ‘false’ branch...
sudo-1.9.17p2/plugins/sudoers/visudo.c:665:14: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/visudo.c:665:14: danger: ‘fopen(*sp.tpath, "r+")’ leaks here; was opened at [(3)](sarif:/runs/0/results/19/codeFlows/0/threadFlows/0/locations/2)
#  663|   
#  664|   	/* Clean slate for each parse */
#  665|-> 	if (!init_defaults())
#  666|   	    sudo_fatalx("%s", U_("unable to initialize sudoers default values"));
#  667|   	init_parser(ctx, sp->opath);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def598]
sudo-1.9.17p2/plugins/sudoers/visudo.c:665:14: warning[-Wanalyzer-malloc-leak]: leak of ‘fopen(*sp.tpath, "r+")’
sudo-1.9.17p2/plugins/sudoers/visudo.c:657:12: branch_true: following ‘true’ branch (when ‘sp’ is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/visudo.c:658:16: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/visudo.c:659:14: acquire_memory: allocated here
sudo-1.9.17p2/plugins/sudoers/visudo.c:660:12: branch_false: following ‘false’ branch...
sudo-1.9.17p2/plugins/sudoers/visudo.c:665:14: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/visudo.c:665:14: danger: ‘fopen(*sp.tpath, "r+")’ leaks here; was allocated at [(3)](sarif:/runs/0/results/20/codeFlows/0/threadFlows/0/locations/2)
#  663|   
#  664|   	/* Clean slate for each parse */
#  665|-> 	if (!init_defaults())
#  666|   	    sudo_fatalx("%s", U_("unable to initialize sudoers default values"));
#  667|   	init_parser(ctx, sp->opath);

Error: GCC_ANALYZER_WARNING (CWE-775): [#def599]
sudo-1.9.17p2/plugins/sudoers/visudo.c:667:9: warning[-Wanalyzer-file-leak]: leak of FILE ‘fopen(*sp.tpath, "r+")’
sudo-1.9.17p2/plugins/sudoers/visudo.c:657:12: branch_true: following ‘true’ branch (when ‘sp’ is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/visudo.c:658:16: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/visudo.c:659:14: acquire_resource: opened here
sudo-1.9.17p2/plugins/sudoers/visudo.c:660:12: branch_false: following ‘false’ branch...
sudo-1.9.17p2/plugins/sudoers/visudo.c:665:14: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/visudo.c:665:12: branch_true: following ‘true’ branch...
sudo-1.9.17p2/plugins/sudoers/visudo.c:667:26: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/visudo.c:667:9: danger: ‘fopen(*sp.tpath, "r+")’ leaks here; was opened at [(3)](sarif:/runs/0/results/21/codeFlows/0/threadFlows/0/locations/2)
#  665|   	if (!init_defaults())
#  666|   	    sudo_fatalx("%s", U_("unable to initialize sudoers default values"));
#  667|-> 	init_parser(ctx, sp->opath);
#  668|   	sp->errorline = -1;
#  669|   

Error: GCC_ANALYZER_WARNING (CWE-401): [#def600]
sudo-1.9.17p2/plugins/sudoers/visudo.c:667:9: warning[-Wanalyzer-malloc-leak]: leak of ‘fopen(*sp.tpath, "r+")’
sudo-1.9.17p2/plugins/sudoers/visudo.c:657:12: branch_true: following ‘true’ branch (when ‘sp’ is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/visudo.c:658:16: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/visudo.c:659:14: acquire_memory: allocated here
sudo-1.9.17p2/plugins/sudoers/visudo.c:660:12: branch_false: following ‘false’ branch...
sudo-1.9.17p2/plugins/sudoers/visudo.c:665:14: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/visudo.c:665:12: branch_true: following ‘true’ branch...
sudo-1.9.17p2/plugins/sudoers/visudo.c:667:26: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/visudo.c:667:9: danger: ‘fopen(*sp.tpath, "r+")’ leaks here; was allocated at [(3)](sarif:/runs/0/results/22/codeFlows/0/threadFlows/0/locations/2)
#  665|   	if (!init_defaults())
#  666|   	    sudo_fatalx("%s", U_("unable to initialize sudoers default values"));
#  667|-> 	init_parser(ctx, sp->opath);
#  668|   	sp->errorline = -1;
#  669|   

Error: GCC_ANALYZER_WARNING (CWE-775): [#def601]
sudo-1.9.17p2/plugins/sudoers/visudo.c:672:9: warning[-Wanalyzer-file-leak]: leak of FILE ‘fopen(*sp.tpath, "r+")’
sudo-1.9.17p2/plugins/sudoers/visudo.c:657:12: branch_true: following ‘true’ branch (when ‘sp’ is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/visudo.c:658:16: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/visudo.c:659:14: acquire_resource: opened here
sudo-1.9.17p2/plugins/sudoers/visudo.c:660:12: branch_false: following ‘false’ branch...
sudo-1.9.17p2/plugins/sudoers/visudo.c:665:14: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/visudo.c:665:12: branch_true: following ‘true’ branch...
sudo-1.9.17p2/plugins/sudoers/visudo.c:667:26: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/visudo.c:672:9: danger: ‘fopen(*sp.tpath, "r+")’ leaks here; was opened at [(3)](sarif:/runs/0/results/23/codeFlows/0/threadFlows/0/locations/2)
#  670|   	/* Parse the sudoers temp file(s) */
#  671|   	sudoersrestart(fp);
#  672|-> 	sudoers_setlocale(SUDOERS_LOCALE_SUDOERS, &oldlocale);
#  673|   	if (sudoersparse() && !parse_error) {
#  674|   	    sudo_warnx(U_("unable to parse temporary file (%s), unknown error"),

Error: GCC_ANALYZER_WARNING (CWE-401): [#def602]
sudo-1.9.17p2/plugins/sudoers/visudo.c:672:9: warning[-Wanalyzer-malloc-leak]: leak of ‘fopen(*sp.tpath, "r+")’
sudo-1.9.17p2/plugins/sudoers/visudo.c:657:12: branch_true: following ‘true’ branch (when ‘sp’ is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/visudo.c:658:16: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/visudo.c:659:14: acquire_memory: allocated here
sudo-1.9.17p2/plugins/sudoers/visudo.c:660:12: branch_false: following ‘false’ branch...
sudo-1.9.17p2/plugins/sudoers/visudo.c:665:14: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/visudo.c:665:12: branch_true: following ‘true’ branch...
sudo-1.9.17p2/plugins/sudoers/visudo.c:667:26: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/visudo.c:672:9: danger: ‘fopen(*sp.tpath, "r+")’ leaks here; was allocated at [(3)](sarif:/runs/0/results/24/codeFlows/0/threadFlows/0/locations/2)
#  670|   	/* Parse the sudoers temp file(s) */
#  671|   	sudoersrestart(fp);
#  672|-> 	sudoers_setlocale(SUDOERS_LOCALE_SUDOERS, &oldlocale);
#  673|   	if (sudoersparse() && !parse_error) {
#  674|   	    sudo_warnx(U_("unable to parse temporary file (%s), unknown error"),

Error: GCC_ANALYZER_WARNING (CWE-401): [#def603]
sudo-1.9.17p2/plugins/sudoers/visudo.c:1039:5: warning[-Wanalyzer-malloc-leak]: leak of ‘<unknown>’
sudo-1.9.17p2/plugins/sudoers/visudo.c:1060:1: enter_function: entry to ‘new_sudoers’
sudo-1.9.17p2/plugins/sudoers/visudo.c:1072:8: branch_false: following ‘false’ branch (when ‘entry’ is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/visudo.c:1072:42: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/visudo.c:1072:42: acquire_memory: allocated here
sudo-1.9.17p2/plugins/sudoers/visudo.c:1072:9: branch_false: following ‘false’ branch...
sudo-1.9.17p2/plugins/sudoers/visudo.c:1076:23: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/visudo.c:1106:8: branch_true: following ‘true’ branch (when ‘fd == -1’)...
sudo-1.9.17p2/plugins/sudoers/visudo.c:1107:13: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/visudo.c:1107:12: branch_false: following ‘false’ branch...
sudo-1.9.17p2/plugins/sudoers/visudo.c:1109:18: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/visudo.c:1112:12: branch_false: following ‘false’ branch (when ‘fd != -1’)...
sudo-1.9.17p2/plugins/sudoers/visudo.c:1116:24: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/visudo.c:1118:8: branch_false: following ‘false’ branch...
sudo-1.9.17p2/plugins/sudoers/visudo.c:1122:10: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/visudo.c:1122:8: branch_false: following ‘false’ branch...
sudo-1.9.17p2/plugins/sudoers/visudo.c:1126:5: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/visudo.c:1130:8: branch_false: following ‘false’ branch...
sudo-1.9.17p2/plugins/sudoers/visudo.c:1130:24: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/visudo.c:1130:24: call_function: calling ‘lock_sudoers’ from ‘new_sudoers’
# 1037|   {
# 1038|       int ch;
# 1039|->     debug_decl(lock_sudoers, SUDOERS_DEBUG_UTIL);
# 1040|   
# 1041|       if (!sudo_lock_file(entry->fd, SUDO_TLOCK)) {

Error: GCC_ANALYZER_WARNING (CWE-401): [#def604]
sudo-1.9.17p2/plugins/sudoers/visudo.c:1039:5: warning[-Wanalyzer-malloc-leak]: leak of ‘entry’
sudo-1.9.17p2/plugins/sudoers/visudo.c:1060:1: enter_function: entry to ‘new_sudoers’
sudo-1.9.17p2/plugins/sudoers/visudo.c:1071:13: acquire_memory: allocated here
sudo-1.9.17p2/plugins/sudoers/visudo.c:1072:8: branch_false: following ‘false’ branch...
sudo-1.9.17p2/plugins/sudoers/visudo.c:1106:8: branch_true: following ‘true’ branch (when ‘fd == -1’)...
sudo-1.9.17p2/plugins/sudoers/visudo.c:1107:13: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/visudo.c:1107:12: branch_false: following ‘false’ branch...
sudo-1.9.17p2/plugins/sudoers/visudo.c:1109:18: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/visudo.c:1112:12: branch_false: following ‘false’ branch (when ‘fd != -1’)...
sudo-1.9.17p2/plugins/sudoers/visudo.c:1116:24: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/visudo.c:1118:8: branch_false: following ‘false’ branch...
sudo-1.9.17p2/plugins/sudoers/visudo.c:1122:10: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/visudo.c:1122:8: branch_false: following ‘false’ branch...
sudo-1.9.17p2/plugins/sudoers/visudo.c:1126:5: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/visudo.c:1130:8: branch_false: following ‘false’ branch...
sudo-1.9.17p2/plugins/sudoers/visudo.c:1130:24: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/visudo.c:1130:24: call_function: calling ‘lock_sudoers’ from ‘new_sudoers’
# 1037|   {
# 1038|       int ch;
# 1039|->     debug_decl(lock_sudoers, SUDOERS_DEBUG_UTIL);
# 1040|   
# 1041|       if (!sudo_lock_file(entry->fd, SUDO_TLOCK)) {

Error: GCC_ANALYZER_WARNING (CWE-401): [#def605]
sudo-1.9.17p2/plugins/sudoers/visudo.c:1041:10: warning[-Wanalyzer-malloc-leak]: leak of ‘<unknown>’
sudo-1.9.17p2/plugins/sudoers/visudo.c:1060:1: enter_function: entry to ‘new_sudoers’
sudo-1.9.17p2/plugins/sudoers/visudo.c:1072:8: branch_false: following ‘false’ branch (when ‘entry’ is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/visudo.c:1072:42: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/visudo.c:1072:42: acquire_memory: allocated here
sudo-1.9.17p2/plugins/sudoers/visudo.c:1072:9: branch_false: following ‘false’ branch...
sudo-1.9.17p2/plugins/sudoers/visudo.c:1076:23: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/visudo.c:1106:8: branch_true: following ‘true’ branch (when ‘fd == -1’)...
sudo-1.9.17p2/plugins/sudoers/visudo.c:1107:13: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/visudo.c:1107:12: branch_false: following ‘false’ branch...
sudo-1.9.17p2/plugins/sudoers/visudo.c:1109:18: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/visudo.c:1112:12: branch_false: following ‘false’ branch (when ‘fd != -1’)...
sudo-1.9.17p2/plugins/sudoers/visudo.c:1116:24: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/visudo.c:1118:8: branch_false: following ‘false’ branch...
sudo-1.9.17p2/plugins/sudoers/visudo.c:1122:10: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/visudo.c:1122:8: branch_false: following ‘false’ branch...
sudo-1.9.17p2/plugins/sudoers/visudo.c:1126:5: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/visudo.c:1130:8: branch_false: following ‘false’ branch...
sudo-1.9.17p2/plugins/sudoers/visudo.c:1130:24: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/visudo.c:1130:24: call_function: calling ‘lock_sudoers’ from ‘new_sudoers’
# 1039|       debug_decl(lock_sudoers, SUDOERS_DEBUG_UTIL);
# 1040|   
# 1041|->     if (!sudo_lock_file(entry->fd, SUDO_TLOCK)) {
# 1042|   	if (errno == EAGAIN || errno == EWOULDBLOCK) {
# 1043|   	    sudo_warnx(U_("%s busy, try again later"), entry->opath);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def606]
sudo-1.9.17p2/plugins/sudoers/visudo.c:1041:10: warning[-Wanalyzer-malloc-leak]: leak of ‘entry’
sudo-1.9.17p2/plugins/sudoers/visudo.c:1060:1: enter_function: entry to ‘new_sudoers’
sudo-1.9.17p2/plugins/sudoers/visudo.c:1071:13: acquire_memory: allocated here
sudo-1.9.17p2/plugins/sudoers/visudo.c:1072:8: branch_false: following ‘false’ branch...
sudo-1.9.17p2/plugins/sudoers/visudo.c:1106:8: branch_true: following ‘true’ branch (when ‘fd == -1’)...
sudo-1.9.17p2/plugins/sudoers/visudo.c:1107:13: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/visudo.c:1107:12: branch_false: following ‘false’ branch...
sudo-1.9.17p2/plugins/sudoers/visudo.c:1109:18: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/visudo.c:1112:12: branch_false: following ‘false’ branch (when ‘fd != -1’)...
sudo-1.9.17p2/plugins/sudoers/visudo.c:1116:24: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/visudo.c:1118:8: branch_false: following ‘false’ branch...
sudo-1.9.17p2/plugins/sudoers/visudo.c:1122:10: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/visudo.c:1122:8: branch_false: following ‘false’ branch...
sudo-1.9.17p2/plugins/sudoers/visudo.c:1126:5: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/visudo.c:1130:8: branch_false: following ‘false’ branch...
sudo-1.9.17p2/plugins/sudoers/visudo.c:1130:24: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/visudo.c:1130:24: call_function: calling ‘lock_sudoers’ from ‘new_sudoers’
# 1039|       debug_decl(lock_sudoers, SUDOERS_DEBUG_UTIL);
# 1040|   
# 1041|->     if (!sudo_lock_file(entry->fd, SUDO_TLOCK)) {
# 1042|   	if (errno == EAGAIN || errno == EWOULDBLOCK) {
# 1043|   	    sudo_warnx(U_("%s busy, try again later"), entry->opath);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def607]
sudo-1.9.17p2/plugins/sudoers/visudo.c:1043:13: warning[-Wanalyzer-malloc-leak]: leak of ‘<unknown>’
sudo-1.9.17p2/plugins/sudoers/visudo.c:1060:1: enter_function: entry to ‘new_sudoers’
sudo-1.9.17p2/plugins/sudoers/visudo.c:1072:8: branch_false: following ‘false’ branch (when ‘entry’ is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/visudo.c:1072:42: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/visudo.c:1072:42: acquire_memory: allocated here
sudo-1.9.17p2/plugins/sudoers/visudo.c:1072:9: branch_false: following ‘false’ branch...
sudo-1.9.17p2/plugins/sudoers/visudo.c:1076:23: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/visudo.c:1106:8: branch_true: following ‘true’ branch (when ‘fd == -1’)...
sudo-1.9.17p2/plugins/sudoers/visudo.c:1107:13: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/visudo.c:1107:12: branch_false: following ‘false’ branch...
sudo-1.9.17p2/plugins/sudoers/visudo.c:1109:18: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/visudo.c:1112:12: branch_false: following ‘false’ branch (when ‘fd != -1’)...
sudo-1.9.17p2/plugins/sudoers/visudo.c:1116:24: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/visudo.c:1118:8: branch_false: following ‘false’ branch...
sudo-1.9.17p2/plugins/sudoers/visudo.c:1122:10: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/visudo.c:1122:8: branch_false: following ‘false’ branch...
sudo-1.9.17p2/plugins/sudoers/visudo.c:1126:5: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/visudo.c:1130:8: branch_false: following ‘false’ branch...
sudo-1.9.17p2/plugins/sudoers/visudo.c:1130:24: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/visudo.c:1130:24: call_function: calling ‘lock_sudoers’ from ‘new_sudoers’
# 1041|       if (!sudo_lock_file(entry->fd, SUDO_TLOCK)) {
# 1042|   	if (errno == EAGAIN || errno == EWOULDBLOCK) {
# 1043|-> 	    sudo_warnx(U_("%s busy, try again later"), entry->opath);
# 1044|   	    debug_return_bool(false);
# 1045|   	}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def608]
sudo-1.9.17p2/plugins/sudoers/visudo.c:1043:13: warning[-Wanalyzer-malloc-leak]: leak of ‘entry’
sudo-1.9.17p2/plugins/sudoers/visudo.c:1060:1: enter_function: entry to ‘new_sudoers’
sudo-1.9.17p2/plugins/sudoers/visudo.c:1071:13: acquire_memory: allocated here
sudo-1.9.17p2/plugins/sudoers/visudo.c:1072:8: branch_false: following ‘false’ branch...
sudo-1.9.17p2/plugins/sudoers/visudo.c:1106:8: branch_true: following ‘true’ branch (when ‘fd == -1’)...
sudo-1.9.17p2/plugins/sudoers/visudo.c:1107:13: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/visudo.c:1107:12: branch_false: following ‘false’ branch...
sudo-1.9.17p2/plugins/sudoers/visudo.c:1109:18: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/visudo.c:1112:12: branch_false: following ‘false’ branch (when ‘fd != -1’)...
sudo-1.9.17p2/plugins/sudoers/visudo.c:1116:24: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/visudo.c:1118:8: branch_false: following ‘false’ branch...
sudo-1.9.17p2/plugins/sudoers/visudo.c:1122:10: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/visudo.c:1122:8: branch_false: following ‘false’ branch...
sudo-1.9.17p2/plugins/sudoers/visudo.c:1126:5: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/visudo.c:1130:8: branch_false: following ‘false’ branch...
sudo-1.9.17p2/plugins/sudoers/visudo.c:1130:24: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/visudo.c:1130:24: call_function: calling ‘lock_sudoers’ from ‘new_sudoers’
# 1041|       if (!sudo_lock_file(entry->fd, SUDO_TLOCK)) {
# 1042|   	if (errno == EAGAIN || errno == EWOULDBLOCK) {
# 1043|-> 	    sudo_warnx(U_("%s busy, try again later"), entry->opath);
# 1044|   	    debug_return_bool(false);
# 1045|   	}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def609]
sudo-1.9.17p2/plugins/sudoers/visudo.c:1044:13: warning[-Wanalyzer-malloc-leak]: leak of ‘entry’
sudo-1.9.17p2/plugins/sudoers/visudo.c:1060:1: enter_function: entry to ‘new_sudoers’
sudo-1.9.17p2/plugins/sudoers/visudo.c:1071:13: acquire_memory: allocated here
sudo-1.9.17p2/plugins/sudoers/visudo.c:1072:8: branch_false: following ‘false’ branch...
sudo-1.9.17p2/plugins/sudoers/visudo.c:1106:8: branch_true: following ‘true’ branch (when ‘fd == -1’)...
sudo-1.9.17p2/plugins/sudoers/visudo.c:1107:13: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/visudo.c:1107:12: branch_false: following ‘false’ branch...
sudo-1.9.17p2/plugins/sudoers/visudo.c:1109:18: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/visudo.c:1112:12: branch_false: following ‘false’ branch (when ‘fd != -1’)...
sudo-1.9.17p2/plugins/sudoers/visudo.c:1116:24: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/visudo.c:1118:8: branch_false: following ‘false’ branch...
sudo-1.9.17p2/plugins/sudoers/visudo.c:1122:10: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/visudo.c:1122:8: branch_false: following ‘false’ branch...
sudo-1.9.17p2/plugins/sudoers/visudo.c:1126:5: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/visudo.c:1130:8: branch_false: following ‘false’ branch...
sudo-1.9.17p2/plugins/sudoers/visudo.c:1130:24: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/visudo.c:1130:24: call_function: calling ‘lock_sudoers’ from ‘new_sudoers’
# 1042|   	if (errno == EAGAIN || errno == EWOULDBLOCK) {
# 1043|   	    sudo_warnx(U_("%s busy, try again later"), entry->opath);
# 1044|-> 	    debug_return_bool(false);
# 1045|   	}
# 1046|   	sudo_warn(U_("unable to lock %s"), entry->opath);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def610]
sudo-1.9.17p2/plugins/sudoers/visudo.c:1046:9: warning[-Wanalyzer-malloc-leak]: leak of ‘<unknown>’
sudo-1.9.17p2/plugins/sudoers/visudo.c:1060:1: enter_function: entry to ‘new_sudoers’
sudo-1.9.17p2/plugins/sudoers/visudo.c:1072:8: branch_false: following ‘false’ branch (when ‘entry’ is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/visudo.c:1072:42: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/visudo.c:1072:42: acquire_memory: allocated here
sudo-1.9.17p2/plugins/sudoers/visudo.c:1072:9: branch_false: following ‘false’ branch...
sudo-1.9.17p2/plugins/sudoers/visudo.c:1076:23: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/visudo.c:1106:8: branch_true: following ‘true’ branch (when ‘fd == -1’)...
sudo-1.9.17p2/plugins/sudoers/visudo.c:1107:13: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/visudo.c:1107:12: branch_false: following ‘false’ branch...
sudo-1.9.17p2/plugins/sudoers/visudo.c:1109:18: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/visudo.c:1112:12: branch_false: following ‘false’ branch (when ‘fd != -1’)...
sudo-1.9.17p2/plugins/sudoers/visudo.c:1116:24: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/visudo.c:1118:8: branch_false: following ‘false’ branch...
sudo-1.9.17p2/plugins/sudoers/visudo.c:1122:10: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/visudo.c:1122:8: branch_false: following ‘false’ branch...
sudo-1.9.17p2/plugins/sudoers/visudo.c:1126:5: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/visudo.c:1130:8: branch_false: following ‘false’ branch...
sudo-1.9.17p2/plugins/sudoers/visudo.c:1130:24: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/visudo.c:1130:24: call_function: calling ‘lock_sudoers’ from ‘new_sudoers’
# 1044|   	    debug_return_bool(false);
# 1045|   	}
# 1046|-> 	sudo_warn(U_("unable to lock %s"), entry->opath);
# 1047|   	(void) fputs(_("Edit anyway? [y/N]"), stdout);
# 1048|   	ch = getchar();

Error: GCC_ANALYZER_WARNING (CWE-401): [#def611]
sudo-1.9.17p2/plugins/sudoers/visudo.c:1046:9: warning[-Wanalyzer-malloc-leak]: leak of ‘entry’
sudo-1.9.17p2/plugins/sudoers/visudo.c:1060:1: enter_function: entry to ‘new_sudoers’
sudo-1.9.17p2/plugins/sudoers/visudo.c:1071:13: acquire_memory: allocated here
sudo-1.9.17p2/plugins/sudoers/visudo.c:1072:8: branch_false: following ‘false’ branch...
sudo-1.9.17p2/plugins/sudoers/visudo.c:1106:8: branch_true: following ‘true’ branch (when ‘fd == -1’)...
sudo-1.9.17p2/plugins/sudoers/visudo.c:1107:13: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/visudo.c:1107:12: branch_false: following ‘false’ branch...
sudo-1.9.17p2/plugins/sudoers/visudo.c:1109:18: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/visudo.c:1112:12: branch_false: following ‘false’ branch (when ‘fd != -1’)...
sudo-1.9.17p2/plugins/sudoers/visudo.c:1116:24: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/visudo.c:1118:8: branch_false: following ‘false’ branch...
sudo-1.9.17p2/plugins/sudoers/visudo.c:1122:10: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/visudo.c:1122:8: branch_false: following ‘false’ branch...
sudo-1.9.17p2/plugins/sudoers/visudo.c:1126:5: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/visudo.c:1130:8: branch_false: following ‘false’ branch...
sudo-1.9.17p2/plugins/sudoers/visudo.c:1130:24: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/visudo.c:1130:24: call_function: calling ‘lock_sudoers’ from ‘new_sudoers’
# 1044|   	    debug_return_bool(false);
# 1045|   	}
# 1046|-> 	sudo_warn(U_("unable to lock %s"), entry->opath);
# 1047|   	(void) fputs(_("Edit anyway? [y/N]"), stdout);
# 1048|   	ch = getchar();

Error: GCC_ANALYZER_WARNING (CWE-401): [#def612]
sudo-1.9.17p2/plugins/sudoers/visudo.c:1073:9: warning[-Wanalyzer-malloc-leak]: leak of ‘entry’
sudo-1.9.17p2/plugins/sudoers/visudo.c:1071:13: acquire_memory: allocated here
sudo-1.9.17p2/plugins/sudoers/visudo.c:1072:8: branch_false: following ‘false’ branch (when ‘entry’ is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/visudo.c:1072:42: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/visudo.c:1072:9: branch_true: following ‘true’ branch...
sudo-1.9.17p2/plugins/sudoers/visudo.c:1073:9: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/visudo.c:1073:9: danger: ‘entry’ leaks here; was allocated at [(1)](sarif:/runs/0/results/38/codeFlows/0/threadFlows/0/locations/0)
# 1071|       entry = calloc(1, sizeof(*entry));
# 1072|       if (entry == NULL || (entry->dpath = strndup(path, len)) == NULL)
# 1073|-> 	sudo_fatalx(U_("%s: %s"), __func__, U_("unable to allocate memory"));
# 1074|   
# 1075|       /* Open the first file found in the colon-separated path. */

Error: GCC_ANALYZER_WARNING (CWE-401): [#def613]
sudo-1.9.17p2/plugins/sudoers/visudo.c:1077:15: warning[-Wanalyzer-malloc-leak]: leak of ‘<unknown>’
sudo-1.9.17p2/plugins/sudoers/visudo.c:1072:8: branch_false: following ‘false’ branch (when ‘entry’ is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/visudo.c:1072:42: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/visudo.c:1072:42: acquire_memory: allocated here
sudo-1.9.17p2/plugins/sudoers/visudo.c:1072:9: branch_false: following ‘false’ branch...
sudo-1.9.17p2/plugins/sudoers/visudo.c:1076:23: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/visudo.c:1077:15: danger: ‘<unknown>’ leaks here; was allocated at [(3)](sarif:/runs/0/results/45/codeFlows/0/threadFlows/0/locations/2)
# 1075|       /* Open the first file found in the colon-separated path. */
# 1076|       path_end = path + strlen(path);
# 1077|->     for (cp = sudo_strsplit(path, path_end, ":", &ep);
# 1078|   	cp != NULL; cp = sudo_strsplit(NULL, path_end, ":", &ep)) {
# 1079|   

Error: GCC_ANALYZER_WARNING (CWE-401): [#def614]
sudo-1.9.17p2/plugins/sudoers/visudo.c:1077:15: warning[-Wanalyzer-malloc-leak]: leak of ‘entry’
sudo-1.9.17p2/plugins/sudoers/visudo.c:1071:13: acquire_memory: allocated here
sudo-1.9.17p2/plugins/sudoers/visudo.c:1072:8: branch_false: following ‘false’ branch...
sudo-1.9.17p2/plugins/sudoers/visudo.c:1077:15: danger: ‘entry’ leaks here; was allocated at [(1)](sarif:/runs/0/results/44/codeFlows/0/threadFlows/0/locations/0)
# 1075|       /* Open the first file found in the colon-separated path. */
# 1076|       path_end = path + strlen(path);
# 1077|->     for (cp = sudo_strsplit(path, path_end, ":", &ep);
# 1078|   	cp != NULL; cp = sudo_strsplit(NULL, path_end, ":", &ep)) {
# 1079|   

Error: GCC_ANALYZER_WARNING (CWE-401): [#def615]
sudo-1.9.17p2/plugins/sudoers/visudo.c:1078:26: warning[-Wanalyzer-malloc-leak]: leak of ‘<unknown>’
sudo-1.9.17p2/plugins/sudoers/visudo.c:1060:1: enter_function: entry to ‘new_sudoers’
sudo-1.9.17p2/plugins/sudoers/visudo.c:1072:8: branch_false: following ‘false’ branch (when ‘entry’ is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/visudo.c:1072:42: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/visudo.c:1072:42: acquire_memory: allocated here
sudo-1.9.17p2/plugins/sudoers/visudo.c:1072:9: branch_false: following ‘false’ branch...
sudo-1.9.17p2/plugins/sudoers/visudo.c:1076:23: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/visudo.c:1078:9: branch_true: following ‘true’ branch (when ‘cp’ is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/visudo.c:1081:23: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/visudo.c:1082:12: branch_false: following ‘false’ branch (when ‘len <= 4095’)...
sudo-1.9.17p2/plugins/sudoers/visudo.c:1086:9: call_function: inlined call to ‘memcpy’ from ‘new_sudoers’
sudo-1.9.17p2/plugins/sudoers/visudo.c:1091:12: branch_false: following ‘false’ branch...
sudo-1.9.17p2/plugins/sudoers/visudo.c:1101:13: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/visudo.c:1101:12: branch_false: following ‘false’ branch...
sudo-1.9.17p2/plugins/sudoers/visudo.c:1078:26: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/visudo.c:1078:26: danger: ‘<unknown>’ leaks here; was allocated at [(4)](sarif:/runs/0/results/46/codeFlows/0/threadFlows/0/locations/3)
# 1076|       path_end = path + strlen(path);
# 1077|       for (cp = sudo_strsplit(path, path_end, ":", &ep);
# 1078|-> 	cp != NULL; cp = sudo_strsplit(NULL, path_end, ":", &ep)) {
# 1079|   
# 1080|   	char fname[PATH_MAX];

Error: GCC_ANALYZER_WARNING (CWE-401): [#def616]
sudo-1.9.17p2/plugins/sudoers/visudo.c:1078:26: warning[-Wanalyzer-malloc-leak]: leak of ‘entry’
sudo-1.9.17p2/plugins/sudoers/visudo.c:1060:1: enter_function: entry to ‘new_sudoers’
sudo-1.9.17p2/plugins/sudoers/visudo.c:1071:13: acquire_memory: allocated here
sudo-1.9.17p2/plugins/sudoers/visudo.c:1072:8: branch_false: following ‘false’ branch...
sudo-1.9.17p2/plugins/sudoers/visudo.c:1078:9: branch_true: following ‘true’ branch (when ‘cp’ is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/visudo.c:1081:23: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/visudo.c:1082:12: branch_false: following ‘false’ branch (when ‘len <= 4095’)...
sudo-1.9.17p2/plugins/sudoers/visudo.c:1086:9: call_function: inlined call to ‘memcpy’ from ‘new_sudoers’
sudo-1.9.17p2/plugins/sudoers/visudo.c:1091:12: branch_false: following ‘false’ branch...
sudo-1.9.17p2/plugins/sudoers/visudo.c:1101:13: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/visudo.c:1101:12: branch_false: following ‘false’ branch...
sudo-1.9.17p2/plugins/sudoers/visudo.c:1078:26: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/visudo.c:1078:26: danger: ‘entry’ leaks here; was allocated at [(2)](sarif:/runs/0/results/47/codeFlows/0/threadFlows/0/locations/1)
# 1076|       path_end = path + strlen(path);
# 1077|       for (cp = sudo_strsplit(path, path_end, ":", &ep);
# 1078|-> 	cp != NULL; cp = sudo_strsplit(NULL, path_end, ":", &ep)) {
# 1079|   
# 1080|   	char fname[PATH_MAX];

Error: GCC_ANALYZER_WARNING (CWE-401): [#def617]
sudo-1.9.17p2/plugins/sudoers/visudo.c:1094:17: warning[-Wanalyzer-malloc-leak]: leak of ‘<unknown>’
sudo-1.9.17p2/plugins/sudoers/visudo.c:1060:1: enter_function: entry to ‘new_sudoers’
sudo-1.9.17p2/plugins/sudoers/visudo.c:1072:8: branch_false: following ‘false’ branch (when ‘entry’ is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/visudo.c:1072:42: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/visudo.c:1072:42: acquire_memory: allocated here
sudo-1.9.17p2/plugins/sudoers/visudo.c:1072:9: branch_false: following ‘false’ branch...
sudo-1.9.17p2/plugins/sudoers/visudo.c:1076:23: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/visudo.c:1078:9: branch_true: following ‘true’ branch (when ‘cp’ is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/visudo.c:1081:23: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/visudo.c:1082:12: branch_false: following ‘false’ branch (when ‘len <= 4095’)...
sudo-1.9.17p2/plugins/sudoers/visudo.c:1086:9: call_function: inlined call to ‘memcpy’ from ‘new_sudoers’
sudo-1.9.17p2/plugins/sudoers/visudo.c:1091:12: branch_true: following ‘true’ branch...
sudo-1.9.17p2/plugins/sudoers/visudo.c:1093:33: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/visudo.c:1093:16: branch_true: following ‘true’ branch...
sudo-1.9.17p2/plugins/sudoers/visudo.c:1094:17: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/visudo.c:1094:17: danger: ‘<unknown>’ leaks here; was allocated at [(4)](sarif:/runs/0/results/48/codeFlows/0/threadFlows/0/locations/3)
# 1092|   	    /* Store the path we actually opened. */
# 1093|   	    if ((entry->opath = strdup(fname)) == NULL) {
# 1094|-> 		sudo_fatalx(U_("%s: %s"), __func__,
# 1095|   		    U_("unable to allocate memory"));
# 1096|   	    }

Error: GCC_ANALYZER_WARNING (CWE-401): [#def618]
sudo-1.9.17p2/plugins/sudoers/visudo.c:1094:17: warning[-Wanalyzer-malloc-leak]: leak of ‘entry’
sudo-1.9.17p2/plugins/sudoers/visudo.c:1060:1: enter_function: entry to ‘new_sudoers’
sudo-1.9.17p2/plugins/sudoers/visudo.c:1071:13: acquire_memory: allocated here
sudo-1.9.17p2/plugins/sudoers/visudo.c:1072:8: branch_false: following ‘false’ branch...
sudo-1.9.17p2/plugins/sudoers/visudo.c:1078:9: branch_true: following ‘true’ branch (when ‘cp’ is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/visudo.c:1081:23: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/visudo.c:1082:12: branch_false: following ‘false’ branch (when ‘len <= 4095’)...
sudo-1.9.17p2/plugins/sudoers/visudo.c:1086:9: call_function: inlined call to ‘memcpy’ from ‘new_sudoers’
sudo-1.9.17p2/plugins/sudoers/visudo.c:1091:12: branch_true: following ‘true’ branch...
sudo-1.9.17p2/plugins/sudoers/visudo.c:1093:33: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/visudo.c:1093:16: branch_true: following ‘true’ branch...
sudo-1.9.17p2/plugins/sudoers/visudo.c:1094:17: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/visudo.c:1094:17: danger: ‘entry’ leaks here; was allocated at [(2)](sarif:/runs/0/results/49/codeFlows/0/threadFlows/0/locations/1)
# 1092|   	    /* Store the path we actually opened. */
# 1093|   	    if ((entry->opath = strdup(fname)) == NULL) {
# 1094|-> 		sudo_fatalx(U_("%s: %s"), __func__,
# 1095|   		    U_("unable to allocate memory"));
# 1096|   	    }

Error: GCC_ANALYZER_WARNING (CWE-401): [#def619]
sudo-1.9.17p2/plugins/sudoers/visudo.c:1102:13: warning[-Wanalyzer-malloc-leak]: leak of ‘<unknown>’
sudo-1.9.17p2/plugins/sudoers/visudo.c:1060:1: enter_function: entry to ‘new_sudoers’
sudo-1.9.17p2/plugins/sudoers/visudo.c:1072:8: branch_false: following ‘false’ branch (when ‘entry’ is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/visudo.c:1072:42: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/visudo.c:1072:42: acquire_memory: allocated here
sudo-1.9.17p2/plugins/sudoers/visudo.c:1072:9: branch_false: following ‘false’ branch...
sudo-1.9.17p2/plugins/sudoers/visudo.c:1076:23: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/visudo.c:1078:9: branch_true: following ‘true’ branch (when ‘cp’ is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/visudo.c:1081:23: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/visudo.c:1082:12: branch_false: following ‘false’ branch (when ‘len <= 4095’)...
sudo-1.9.17p2/plugins/sudoers/visudo.c:1086:9: call_function: inlined call to ‘memcpy’ from ‘new_sudoers’
sudo-1.9.17p2/plugins/sudoers/visudo.c:1091:12: branch_false: following ‘false’ branch...
sudo-1.9.17p2/plugins/sudoers/visudo.c:1101:13: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/visudo.c:1101:12: branch_true: following ‘true’ branch...
sudo-1.9.17p2/plugins/sudoers/visudo.c:1102:13: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/visudo.c:1102:13: danger: ‘<unknown>’ leaks here; was allocated at [(4)](sarif:/runs/0/results/61/codeFlows/0/threadFlows/0/locations/3)
# 1100|   	/* If the file exists but we can't open it, that is a fatal error. */
# 1101|   	if (errno != ENOENT) {
# 1102|-> 	    sudo_warn("%s", fname);
# 1103|   	    goto bad;
# 1104|   	}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def620]
sudo-1.9.17p2/plugins/sudoers/visudo.c:1102:13: warning[-Wanalyzer-malloc-leak]: leak of ‘entry’
sudo-1.9.17p2/plugins/sudoers/visudo.c:1060:1: enter_function: entry to ‘new_sudoers’
sudo-1.9.17p2/plugins/sudoers/visudo.c:1071:13: acquire_memory: allocated here
sudo-1.9.17p2/plugins/sudoers/visudo.c:1072:8: branch_false: following ‘false’ branch...
sudo-1.9.17p2/plugins/sudoers/visudo.c:1078:9: branch_true: following ‘true’ branch (when ‘cp’ is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/visudo.c:1081:23: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/visudo.c:1082:12: branch_false: following ‘false’ branch (when ‘len <= 4095’)...
sudo-1.9.17p2/plugins/sudoers/visudo.c:1086:9: call_function: inlined call to ‘memcpy’ from ‘new_sudoers’
sudo-1.9.17p2/plugins/sudoers/visudo.c:1091:12: branch_false: following ‘false’ branch...
sudo-1.9.17p2/plugins/sudoers/visudo.c:1101:13: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/visudo.c:1101:12: branch_true: following ‘true’ branch...
sudo-1.9.17p2/plugins/sudoers/visudo.c:1102:13: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/visudo.c:1102:13: danger: ‘entry’ leaks here; was allocated at [(2)](sarif:/runs/0/results/60/codeFlows/0/threadFlows/0/locations/1)
# 1100|   	/* If the file exists but we can't open it, that is a fatal error. */
# 1101|   	if (errno != ENOENT) {
# 1102|-> 	    sudo_warn("%s", fname);
# 1103|   	    goto bad;
# 1104|   	}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def621]
sudo-1.9.17p2/plugins/sudoers/visudo.c:1109:18: warning[-Wanalyzer-malloc-leak]: leak of ‘<unknown>’
sudo-1.9.17p2/plugins/sudoers/visudo.c:1072:8: branch_false: following ‘false’ branch (when ‘entry’ is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/visudo.c:1072:42: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/visudo.c:1072:42: acquire_memory: allocated here
sudo-1.9.17p2/plugins/sudoers/visudo.c:1072:9: branch_false: following ‘false’ branch...
sudo-1.9.17p2/plugins/sudoers/visudo.c:1076:23: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/visudo.c:1106:8: branch_true: following ‘true’ branch (when ‘fd == -1’)...
sudo-1.9.17p2/plugins/sudoers/visudo.c:1107:13: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/visudo.c:1107:12: branch_false: following ‘false’ branch...
sudo-1.9.17p2/plugins/sudoers/visudo.c:1109:18: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/visudo.c:1109:18: danger: ‘<unknown>’ leaks here; was allocated at [(3)](sarif:/runs/0/results/65/codeFlows/0/threadFlows/0/locations/2)
# 1107|   	if (!checkonly) {
# 1108|   	    /* No sudoers file, create the destination file for editing. */
# 1109|-> 	    fd = open(entry->dpath, O_RDWR|O_CREAT, sudoers_file_mode());
# 1110|   	    entry->created = true;
# 1111|   	}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def622]
sudo-1.9.17p2/plugins/sudoers/visudo.c:1109:18: warning[-Wanalyzer-malloc-leak]: leak of ‘entry’
sudo-1.9.17p2/plugins/sudoers/visudo.c:1071:13: acquire_memory: allocated here
sudo-1.9.17p2/plugins/sudoers/visudo.c:1072:8: branch_false: following ‘false’ branch...
sudo-1.9.17p2/plugins/sudoers/visudo.c:1106:8: branch_true: following ‘true’ branch (when ‘fd == -1’)...
sudo-1.9.17p2/plugins/sudoers/visudo.c:1107:13: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/visudo.c:1107:12: branch_false: following ‘false’ branch...
sudo-1.9.17p2/plugins/sudoers/visudo.c:1109:18: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/visudo.c:1109:18: danger: ‘entry’ leaks here; was allocated at [(1)](sarif:/runs/0/results/64/codeFlows/0/threadFlows/0/locations/0)
# 1107|   	if (!checkonly) {
# 1108|   	    /* No sudoers file, create the destination file for editing. */
# 1109|-> 	    fd = open(entry->dpath, O_RDWR|O_CREAT, sudoers_file_mode());
# 1110|   	    entry->created = true;
# 1111|   	}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def623]
sudo-1.9.17p2/plugins/sudoers/visudo.c:1113:13: warning[-Wanalyzer-malloc-leak]: leak of ‘<unknown>’
sudo-1.9.17p2/plugins/sudoers/visudo.c:1072:8: branch_false: following ‘false’ branch (when ‘entry’ is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/visudo.c:1072:42: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/visudo.c:1072:42: acquire_memory: allocated here
sudo-1.9.17p2/plugins/sudoers/visudo.c:1072:9: branch_false: following ‘false’ branch...
sudo-1.9.17p2/plugins/sudoers/visudo.c:1076:23: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/visudo.c:1106:8: branch_true: following ‘true’ branch (when ‘fd == -1’)...
sudo-1.9.17p2/plugins/sudoers/visudo.c:1107:13: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/visudo.c:1107:12: branch_true: following ‘true’ branch...
sudo-1.9.17p2/plugins/sudoers/visudo.c:1112:12: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/visudo.c:1112:12: branch_true: following ‘true’ branch (when ‘fd == -1’)...
sudo-1.9.17p2/plugins/sudoers/visudo.c:1113:13: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/visudo.c:1113:13: danger: ‘<unknown>’ leaks here; was allocated at [(3)](sarif:/runs/0/results/67/codeFlows/0/threadFlows/0/locations/2)
# 1111|   	}
# 1112|   	if (fd == -1) {
# 1113|-> 	    sudo_warn("%s", entry->dpath);
# 1114|   	    goto bad;
# 1115|   	}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def624]
sudo-1.9.17p2/plugins/sudoers/visudo.c:1113:13: warning[-Wanalyzer-malloc-leak]: leak of ‘entry’
sudo-1.9.17p2/plugins/sudoers/visudo.c:1071:13: acquire_memory: allocated here
sudo-1.9.17p2/plugins/sudoers/visudo.c:1072:8: branch_false: following ‘false’ branch...
sudo-1.9.17p2/plugins/sudoers/visudo.c:1106:8: branch_true: following ‘true’ branch (when ‘fd == -1’)...
sudo-1.9.17p2/plugins/sudoers/visudo.c:1107:13: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/visudo.c:1107:12: branch_true: following ‘true’ branch...
sudo-1.9.17p2/plugins/sudoers/visudo.c:1112:12: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/visudo.c:1112:12: branch_true: following ‘true’ branch (when ‘fd == -1’)...
sudo-1.9.17p2/plugins/sudoers/visudo.c:1113:13: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/visudo.c:1113:13: danger: ‘entry’ leaks here; was allocated at [(1)](sarif:/runs/0/results/66/codeFlows/0/threadFlows/0/locations/0)
# 1111|   	}
# 1112|   	if (fd == -1) {
# 1113|-> 	    sudo_warn("%s", entry->dpath);
# 1114|   	    goto bad;
# 1115|   	}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def625]
sudo-1.9.17p2/plugins/sudoers/visudo.c:1119:9: warning[-Wanalyzer-malloc-leak]: leak of ‘<unknown>’
sudo-1.9.17p2/plugins/sudoers/visudo.c:1072:8: branch_false: following ‘false’ branch (when ‘entry’ is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/visudo.c:1072:42: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/visudo.c:1072:42: acquire_memory: allocated here
sudo-1.9.17p2/plugins/sudoers/visudo.c:1072:9: branch_false: following ‘false’ branch...
sudo-1.9.17p2/plugins/sudoers/visudo.c:1076:23: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/visudo.c:1106:8: branch_true: following ‘true’ branch (when ‘fd == -1’)...
sudo-1.9.17p2/plugins/sudoers/visudo.c:1107:13: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/visudo.c:1107:12: branch_false: following ‘false’ branch...
sudo-1.9.17p2/plugins/sudoers/visudo.c:1109:18: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/visudo.c:1112:12: branch_false: following ‘false’ branch (when ‘fd != -1’)...
sudo-1.9.17p2/plugins/sudoers/visudo.c:1116:24: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/visudo.c:1118:8: branch_true: following ‘true’ branch...
sudo-1.9.17p2/plugins/sudoers/visudo.c:1119:9: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/visudo.c:1119:9: danger: ‘<unknown>’ leaks here; was allocated at [(3)](sarif:/runs/0/results/70/codeFlows/0/threadFlows/0/locations/2)
# 1117|       }
# 1118|       if (fstat(fd, &sb) == -1) {
# 1119|-> 	sudo_warn("%s", entry->opath);
# 1120|   	goto bad;
# 1121|       }

Error: GCC_ANALYZER_WARNING (CWE-401): [#def626]
sudo-1.9.17p2/plugins/sudoers/visudo.c:1119:9: warning[-Wanalyzer-malloc-leak]: leak of ‘entry’
sudo-1.9.17p2/plugins/sudoers/visudo.c:1071:13: acquire_memory: allocated here
sudo-1.9.17p2/plugins/sudoers/visudo.c:1072:8: branch_false: following ‘false’ branch...
sudo-1.9.17p2/plugins/sudoers/visudo.c:1106:8: branch_true: following ‘true’ branch (when ‘fd == -1’)...
sudo-1.9.17p2/plugins/sudoers/visudo.c:1107:13: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/visudo.c:1107:12: branch_false: following ‘false’ branch...
sudo-1.9.17p2/plugins/sudoers/visudo.c:1109:18: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/visudo.c:1112:12: branch_false: following ‘false’ branch (when ‘fd != -1’)...
sudo-1.9.17p2/plugins/sudoers/visudo.c:1116:24: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/visudo.c:1118:8: branch_true: following ‘true’ branch...
sudo-1.9.17p2/plugins/sudoers/visudo.c:1119:9: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/visudo.c:1119:9: danger: ‘entry’ leaks here; was allocated at [(1)](sarif:/runs/0/results/69/codeFlows/0/threadFlows/0/locations/0)
# 1117|       }
# 1118|       if (fstat(fd, &sb) == -1) {
# 1119|-> 	sudo_warn("%s", entry->opath);
# 1120|   	goto bad;
# 1121|       }

Error: GCC_ANALYZER_WARNING (CWE-401): [#def627]
sudo-1.9.17p2/plugins/sudoers/visudo.c:1123:9: warning[-Wanalyzer-malloc-leak]: leak of ‘*entry.opath’
sudo-1.9.17p2/plugins/sudoers/visudo.c:1072:8: branch_false: following ‘false’ branch (when ‘entry’ is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/visudo.c:1072:42: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/visudo.c:1072:42: acquire_memory: allocated here
sudo-1.9.17p2/plugins/sudoers/visudo.c:1072:9: branch_false: following ‘false’ branch...
sudo-1.9.17p2/plugins/sudoers/visudo.c:1076:23: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/visudo.c:1106:8: branch_true: following ‘true’ branch (when ‘fd == -1’)...
sudo-1.9.17p2/plugins/sudoers/visudo.c:1107:13: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/visudo.c:1107:12: branch_false: following ‘false’ branch...
sudo-1.9.17p2/plugins/sudoers/visudo.c:1109:18: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/visudo.c:1112:12: branch_false: following ‘false’ branch (when ‘fd != -1’)...
sudo-1.9.17p2/plugins/sudoers/visudo.c:1116:24: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/visudo.c:1118:8: branch_false: following ‘false’ branch...
sudo-1.9.17p2/plugins/sudoers/visudo.c:1122:10: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/visudo.c:1122:8: branch_true: following ‘true’ branch...
sudo-1.9.17p2/plugins/sudoers/visudo.c:1123:9: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/visudo.c:1123:9: danger: ‘*entry.opath’ leaks here; was allocated at [(3)](sarif:/runs/0/results/75/codeFlows/0/threadFlows/0/locations/2)
# 1121|       }
# 1122|       if (!S_ISREG(sb.st_mode)) {
# 1123|-> 	sudo_warnx(U_("%s is not a regular file"), entry->opath);
# 1124|   	goto bad;
# 1125|       }

Error: GCC_ANALYZER_WARNING (CWE-401): [#def628]
sudo-1.9.17p2/plugins/sudoers/visudo.c:1123:9: warning[-Wanalyzer-malloc-leak]: leak of ‘<unknown>’
sudo-1.9.17p2/plugins/sudoers/visudo.c:1072:8: branch_false: following ‘false’ branch (when ‘entry’ is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/visudo.c:1072:42: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/visudo.c:1072:42: acquire_memory: allocated here
sudo-1.9.17p2/plugins/sudoers/visudo.c:1072:9: branch_false: following ‘false’ branch...
sudo-1.9.17p2/plugins/sudoers/visudo.c:1076:23: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/visudo.c:1106:8: branch_true: following ‘true’ branch (when ‘fd == -1’)...
sudo-1.9.17p2/plugins/sudoers/visudo.c:1107:13: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/visudo.c:1107:12: branch_false: following ‘false’ branch...
sudo-1.9.17p2/plugins/sudoers/visudo.c:1109:18: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/visudo.c:1112:12: branch_false: following ‘false’ branch (when ‘fd != -1’)...
sudo-1.9.17p2/plugins/sudoers/visudo.c:1116:24: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/visudo.c:1118:8: branch_false: following ‘false’ branch...
sudo-1.9.17p2/plugins/sudoers/visudo.c:1122:10: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/visudo.c:1122:8: branch_true: following ‘true’ branch...
sudo-1.9.17p2/plugins/sudoers/visudo.c:1123:9: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/visudo.c:1123:9: danger: ‘<unknown>’ leaks here; was allocated at [(3)](sarif:/runs/0/results/73/codeFlows/0/threadFlows/0/locations/2)
# 1121|       }
# 1122|       if (!S_ISREG(sb.st_mode)) {
# 1123|-> 	sudo_warnx(U_("%s is not a regular file"), entry->opath);
# 1124|   	goto bad;
# 1125|       }

Error: GCC_ANALYZER_WARNING (CWE-401): [#def629]
sudo-1.9.17p2/plugins/sudoers/visudo.c:1123:9: warning[-Wanalyzer-malloc-leak]: leak of ‘entry’
sudo-1.9.17p2/plugins/sudoers/visudo.c:1071:13: acquire_memory: allocated here
sudo-1.9.17p2/plugins/sudoers/visudo.c:1072:8: branch_false: following ‘false’ branch...
sudo-1.9.17p2/plugins/sudoers/visudo.c:1106:8: branch_true: following ‘true’ branch (when ‘fd == -1’)...
sudo-1.9.17p2/plugins/sudoers/visudo.c:1107:13: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/visudo.c:1107:12: branch_false: following ‘false’ branch...
sudo-1.9.17p2/plugins/sudoers/visudo.c:1109:18: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/visudo.c:1112:12: branch_false: following ‘false’ branch (when ‘fd != -1’)...
sudo-1.9.17p2/plugins/sudoers/visudo.c:1116:24: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/visudo.c:1118:8: branch_false: following ‘false’ branch...
sudo-1.9.17p2/plugins/sudoers/visudo.c:1122:10: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/visudo.c:1122:8: branch_true: following ‘true’ branch...
sudo-1.9.17p2/plugins/sudoers/visudo.c:1123:9: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/visudo.c:1123:9: danger: ‘entry’ leaks here; was allocated at [(1)](sarif:/runs/0/results/74/codeFlows/0/threadFlows/0/locations/0)
# 1121|       }
# 1122|       if (!S_ISREG(sb.st_mode)) {
# 1123|-> 	sudo_warnx(U_("%s is not a regular file"), entry->opath);
# 1124|   	goto bad;
# 1125|       }

Error: GCC_ANALYZER_WARNING (CWE-401): [#def630]
sudo-1.9.17p2/plugins/sudoers/visudo.c:1132:5: warning[-Wanalyzer-malloc-leak]: leak of ‘<unknown>’
sudo-1.9.17p2/plugins/sudoers/visudo.c:1060:1: enter_function: entry to ‘new_sudoers’
sudo-1.9.17p2/plugins/sudoers/visudo.c:1072:8: branch_false: following ‘false’ branch (when ‘entry’ is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/visudo.c:1072:42: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/visudo.c:1072:42: acquire_memory: allocated here
sudo-1.9.17p2/plugins/sudoers/visudo.c:1072:9: branch_false: following ‘false’ branch...
sudo-1.9.17p2/plugins/sudoers/visudo.c:1076:23: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/visudo.c:1078:9: branch_true: following ‘true’ branch (when ‘cp’ is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/visudo.c:1081:23: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/visudo.c:1082:12: branch_false: following ‘false’ branch (when ‘len <= 4095’)...
sudo-1.9.17p2/plugins/sudoers/visudo.c:1086:9: call_function: inlined call to ‘memcpy’ from ‘new_sudoers’
sudo-1.9.17p2/plugins/sudoers/visudo.c:1093:16: branch_false: following ‘false’ branch...
sudo-1.9.17p2/plugins/sudoers/visudo.c:1084:13: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/visudo.c:1106:8: branch_false: following ‘false’ branch (when ‘fd != -1’)...
sudo-1.9.17p2/plugins/sudoers/visudo.c:1118:9: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/visudo.c:1118:8: branch_false: following ‘false’ branch...
sudo-1.9.17p2/plugins/sudoers/visudo.c:1122:10: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/visudo.c:1122:8: branch_false: following ‘false’ branch...
sudo-1.9.17p2/plugins/sudoers/visudo.c:1126:5: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/visudo.c:1130:8: branch_true: following ‘true’ branch...
sudo-1.9.17p2/plugins/sudoers/visudo.c:1132:5: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/visudo.c:1132:5: danger: ‘<unknown>’ leaks here; was allocated at [(4)](sarif:/runs/0/results/83/codeFlows/0/threadFlows/0/locations/3)
# 1130|       if (!checkonly && !lock_sudoers(entry))
# 1131|   	goto bad;
# 1132|->     debug_return_ptr(entry);
# 1133|   bad:
# 1134|       if (fd != -1)

Error: GCC_ANALYZER_WARNING (CWE-401): [#def631]
sudo-1.9.17p2/plugins/sudoers/visudo.c:1132:5: warning[-Wanalyzer-malloc-leak]: leak of ‘entry’
sudo-1.9.17p2/plugins/sudoers/visudo.c:1060:1: enter_function: entry to ‘new_sudoers’
sudo-1.9.17p2/plugins/sudoers/visudo.c:1071:13: acquire_memory: allocated here
sudo-1.9.17p2/plugins/sudoers/visudo.c:1072:8: branch_false: following ‘false’ branch...
sudo-1.9.17p2/plugins/sudoers/visudo.c:1078:9: branch_true: following ‘true’ branch (when ‘cp’ is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/visudo.c:1081:23: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/visudo.c:1082:12: branch_false: following ‘false’ branch (when ‘len <= 4095’)...
sudo-1.9.17p2/plugins/sudoers/visudo.c:1086:9: call_function: inlined call to ‘memcpy’ from ‘new_sudoers’
sudo-1.9.17p2/plugins/sudoers/visudo.c:1093:16: branch_false: following ‘false’ branch...
sudo-1.9.17p2/plugins/sudoers/visudo.c:1084:13: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/visudo.c:1106:8: branch_false: following ‘false’ branch (when ‘fd != -1’)...
sudo-1.9.17p2/plugins/sudoers/visudo.c:1118:9: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/visudo.c:1118:8: branch_false: following ‘false’ branch...
sudo-1.9.17p2/plugins/sudoers/visudo.c:1122:10: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/visudo.c:1122:8: branch_false: following ‘false’ branch...
sudo-1.9.17p2/plugins/sudoers/visudo.c:1126:5: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/visudo.c:1130:8: branch_true: following ‘true’ branch...
sudo-1.9.17p2/plugins/sudoers/visudo.c:1132:5: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/visudo.c:1132:5: danger: ‘entry’ leaks here; was allocated at [(2)](sarif:/runs/0/results/82/codeFlows/0/threadFlows/0/locations/1)
# 1130|       if (!checkonly && !lock_sudoers(entry))
# 1131|   	goto bad;
# 1132|->     debug_return_ptr(entry);
# 1133|   bad:
# 1134|       if (fd != -1)

Error: GCC_ANALYZER_WARNING (CWE-401): [#def632]
sudo-1.9.17p2/plugins/sudoers/visudo.c:1135:9: warning[-Wanalyzer-malloc-leak]: leak of ‘<unknown>’
sudo-1.9.17p2/plugins/sudoers/visudo.c:1060:1: enter_function: entry to ‘new_sudoers’
sudo-1.9.17p2/plugins/sudoers/visudo.c:1072:8: branch_false: following ‘false’ branch (when ‘entry’ is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/visudo.c:1072:42: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/visudo.c:1072:42: acquire_memory: allocated here
sudo-1.9.17p2/plugins/sudoers/visudo.c:1072:9: branch_false: following ‘false’ branch...
sudo-1.9.17p2/plugins/sudoers/visudo.c:1076:23: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/visudo.c:1078:9: branch_true: following ‘true’ branch (when ‘cp’ is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/visudo.c:1081:23: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/visudo.c:1082:12: branch_false: following ‘false’ branch (when ‘len <= 4095’)...
sudo-1.9.17p2/plugins/sudoers/visudo.c:1086:9: call_function: inlined call to ‘memcpy’ from ‘new_sudoers’
sudo-1.9.17p2/plugins/sudoers/visudo.c:1093:16: branch_false: following ‘false’ branch...
sudo-1.9.17p2/plugins/sudoers/visudo.c:1084:13: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/visudo.c:1106:8: branch_false: following ‘false’ branch (when ‘fd != -1’)...
sudo-1.9.17p2/plugins/sudoers/visudo.c:1118:9: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/visudo.c:1118:8: branch_true: following ‘true’ branch...
sudo-1.9.17p2/plugins/sudoers/visudo.c:1119:9: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/visudo.c:1134:8: branch_true: following ‘true’ branch (when ‘fd != -1’)...
sudo-1.9.17p2/plugins/sudoers/visudo.c:1135:9: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/visudo.c:1135:9: danger: ‘<unknown>’ leaks here; was allocated at [(4)](sarif:/runs/0/results/85/codeFlows/0/threadFlows/0/locations/3)
# 1133|   bad:
# 1134|       if (fd != -1)
# 1135|-> 	close(fd);
# 1136|       if (entry->opath != entry->dpath)
# 1137|   	free(entry->opath);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def633]
sudo-1.9.17p2/plugins/sudoers/visudo.c:1135:9: warning[-Wanalyzer-malloc-leak]: leak of ‘entry’
sudo-1.9.17p2/plugins/sudoers/visudo.c:1071:13: acquire_memory: allocated here
sudo-1.9.17p2/plugins/sudoers/visudo.c:1072:8: branch_false: following ‘false’ branch...
sudo-1.9.17p2/plugins/sudoers/visudo.c:1106:8: branch_true: following ‘true’ branch (when ‘fd == -1’)...
sudo-1.9.17p2/plugins/sudoers/visudo.c:1107:13: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/visudo.c:1107:12: branch_false: following ‘false’ branch...
sudo-1.9.17p2/plugins/sudoers/visudo.c:1109:18: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/visudo.c:1112:12: branch_false: following ‘false’ branch (when ‘fd != -1’)...
sudo-1.9.17p2/plugins/sudoers/visudo.c:1116:24: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/visudo.c:1118:8: branch_true: following ‘true’ branch...
sudo-1.9.17p2/plugins/sudoers/visudo.c:1119:9: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/visudo.c:1134:8: branch_true: following ‘true’ branch (when ‘fd != -1’)...
sudo-1.9.17p2/plugins/sudoers/visudo.c:1135:9: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/visudo.c:1135:9: danger: ‘entry’ leaks here; was allocated at [(1)](sarif:/runs/0/results/84/codeFlows/0/threadFlows/0/locations/0)
# 1133|   bad:
# 1134|       if (fd != -1)
# 1135|-> 	close(fd);
# 1136|       if (entry->opath != entry->dpath)
# 1137|   	free(entry->opath);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def634]
sudo-1.9.17p2/plugins/sudoers/visudo.c:1181:13: warning[-Wanalyzer-malloc-leak]: leak of ‘fp’
sudo-1.9.17p2/plugins/sudoers/visudo.c:1157:5: branch_true: following ‘true’ branch (when ‘entry’ is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/visudo.c:1158:27: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/visudo.c:1161:8: branch_false: following ‘false’ branch (when ‘entry’ is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/visudo.c:1175:13: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/visudo.c:1175:12: branch_false: following ‘false’ branch...
sudo-1.9.17p2/plugins/sudoers/visudo.c:1179:23: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/visudo.c:1179:23: acquire_memory: allocated here
sudo-1.9.17p2/plugins/sudoers/visudo.c:1179:16: branch_false: following ‘false’ branch (when ‘fp’ is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/visudo.c:1181:13: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/visudo.c:1181:13: danger: ‘fp’ leaks here; was allocated at [(7)](sarif:/runs/0/results/86/codeFlows/0/threadFlows/0/locations/6)
# 1179|   	    if ((fp = fdopen(entry->fd, "r")) == NULL)
# 1180|   		sudo_fatal("%s", entry->opath);
# 1181|-> 	    rewind(fp);
# 1182|   	}
# 1183|       }

Error: GCC_ANALYZER_WARNING (CWE-775): [#def635]
sudo-1.9.17p2/plugins/sudoers/visudo.c:1187:20: warning[-Wanalyzer-file-leak]: leak of FILE ‘fp’
sudo-1.9.17p2/plugins/sudoers/visudo.c:1157:5: branch_true: following ‘true’ branch (when ‘entry’ is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/visudo.c:1158:27: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/visudo.c:1161:8: branch_false: following ‘false’ branch (when ‘entry’ is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/visudo.c:1175:13: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/visudo.c:1175:12: branch_true: following ‘true’ branch...
sudo-1.9.17p2/plugins/sudoers/visudo.c:1176:23: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/visudo.c:1176:23: acquire_resource: opened here
sudo-1.9.17p2/plugins/sudoers/visudo.c:1176:16: branch_false: following ‘false’ branch...
sudo-1.9.17p2/plugins/sudoers/visudo.c:1184:8: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/visudo.c:1186:8: branch_true: following ‘true’ branch (when ‘outfile’ is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/visudo.c:1187:35: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/visudo.c:1187:20: danger: ‘fp’ leaks here; was opened at [(7)](sarif:/runs/0/results/87/codeFlows/0/threadFlows/0/locations/6)
# 1185|   	*keepopen = true;
# 1186|       if (outfile != NULL) {
# 1187|-> 	*outfile = sudo_rcstr_dup(entry->opath);
# 1188|   	if (*outfile == NULL)
# 1189|   	    sudo_fatalx(U_("%s: %s"), __func__, U_("unable to allocate memory"));

Error: GCC_ANALYZER_WARNING (CWE-401): [#def636]
sudo-1.9.17p2/plugins/sudoers/visudo.c:1187:20: warning[-Wanalyzer-malloc-leak]: leak of ‘fp’
sudo-1.9.17p2/plugins/sudoers/visudo.c:1157:5: branch_true: following ‘true’ branch (when ‘entry’ is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/visudo.c:1158:27: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/visudo.c:1161:8: branch_false: following ‘false’ branch (when ‘entry’ is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/visudo.c:1175:13: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/visudo.c:1175:12: branch_true: following ‘true’ branch...
sudo-1.9.17p2/plugins/sudoers/visudo.c:1176:23: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/visudo.c:1176:23: acquire_memory: allocated here
sudo-1.9.17p2/plugins/sudoers/visudo.c:1176:16: branch_false: following ‘false’ branch...
sudo-1.9.17p2/plugins/sudoers/visudo.c:1184:8: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/visudo.c:1186:8: branch_true: following ‘true’ branch (when ‘outfile’ is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/visudo.c:1187:35: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/visudo.c:1187:20: danger: ‘fp’ leaks here; was allocated at [(7)](sarif:/runs/0/results/88/codeFlows/0/threadFlows/0/locations/6)
# 1185|   	*keepopen = true;
# 1186|       if (outfile != NULL) {
# 1187|-> 	*outfile = sudo_rcstr_dup(entry->opath);
# 1188|   	if (*outfile == NULL)
# 1189|   	    sudo_fatalx(U_("%s: %s"), __func__, U_("unable to allocate memory"));

Error: GCC_ANALYZER_WARNING (CWE-775): [#def637]
sudo-1.9.17p2/plugins/sudoers/visudo.c:1189:13: warning[-Wanalyzer-file-leak]: leak of FILE ‘fp’
sudo-1.9.17p2/plugins/sudoers/visudo.c:1157:5: branch_true: following ‘true’ branch (when ‘entry’ is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/visudo.c:1158:27: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/visudo.c:1161:8: branch_false: following ‘false’ branch (when ‘entry’ is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/visudo.c:1175:13: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/visudo.c:1175:12: branch_true: following ‘true’ branch...
sudo-1.9.17p2/plugins/sudoers/visudo.c:1176:23: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/visudo.c:1176:23: acquire_resource: opened here
sudo-1.9.17p2/plugins/sudoers/visudo.c:1176:16: branch_false: following ‘false’ branch...
sudo-1.9.17p2/plugins/sudoers/visudo.c:1184:8: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/visudo.c:1186:8: branch_true: following ‘true’ branch (when ‘outfile’ is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/visudo.c:1187:35: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/visudo.c:1188:12: branch_true: following ‘true’ branch...
sudo-1.9.17p2/plugins/sudoers/visudo.c:1189:13: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/visudo.c:1189:13: danger: ‘fp’ leaks here; was opened at [(7)](sarif:/runs/0/results/89/codeFlows/0/threadFlows/0/locations/6)
# 1187|   	*outfile = sudo_rcstr_dup(entry->opath);
# 1188|   	if (*outfile == NULL)
# 1189|-> 	    sudo_fatalx(U_("%s: %s"), __func__, U_("unable to allocate memory"));
# 1190|       }
# 1191|       debug_return_ptr(fp);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def638]
sudo-1.9.17p2/plugins/sudoers/visudo.c:1189:13: warning[-Wanalyzer-malloc-leak]: leak of ‘fp’
sudo-1.9.17p2/plugins/sudoers/visudo.c:1157:5: branch_true: following ‘true’ branch (when ‘entry’ is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/visudo.c:1158:27: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/visudo.c:1161:8: branch_false: following ‘false’ branch (when ‘entry’ is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/visudo.c:1175:13: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/visudo.c:1175:12: branch_true: following ‘true’ branch...
sudo-1.9.17p2/plugins/sudoers/visudo.c:1176:23: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/visudo.c:1176:23: acquire_memory: allocated here
sudo-1.9.17p2/plugins/sudoers/visudo.c:1176:16: branch_false: following ‘false’ branch...
sudo-1.9.17p2/plugins/sudoers/visudo.c:1184:8: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/visudo.c:1186:8: branch_true: following ‘true’ branch (when ‘outfile’ is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/visudo.c:1187:35: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/visudo.c:1188:12: branch_true: following ‘true’ branch...
sudo-1.9.17p2/plugins/sudoers/visudo.c:1189:13: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/visudo.c:1189:13: danger: ‘fp’ leaks here; was allocated at [(7)](sarif:/runs/0/results/90/codeFlows/0/threadFlows/0/locations/6)
# 1187|   	*outfile = sudo_rcstr_dup(entry->opath);
# 1188|   	if (*outfile == NULL)
# 1189|-> 	    sudo_fatalx(U_("%s: %s"), __func__, U_("unable to allocate memory"));
# 1190|       }
# 1191|       debug_return_ptr(fp);

Error: GCC_ANALYZER_WARNING (CWE-775): [#def639]
sudo-1.9.17p2/plugins/sudoers/visudo.c:1191:5: warning[-Wanalyzer-file-leak]: leak of FILE ‘fp’
sudo-1.9.17p2/plugins/sudoers/visudo.c:1157:5: branch_true: following ‘true’ branch (when ‘entry’ is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/visudo.c:1158:27: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/visudo.c:1161:8: branch_false: following ‘false’ branch (when ‘entry’ is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/visudo.c:1175:13: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/visudo.c:1175:12: branch_true: following ‘true’ branch...
sudo-1.9.17p2/plugins/sudoers/visudo.c:1176:23: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/visudo.c:1176:23: acquire_resource: opened here
sudo-1.9.17p2/plugins/sudoers/visudo.c:1176:16: branch_false: following ‘false’ branch...
sudo-1.9.17p2/plugins/sudoers/visudo.c:1184:8: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/visudo.c:1191:5: danger: ‘fp’ leaks here; was opened at [(7)](sarif:/runs/0/results/101/codeFlows/0/threadFlows/0/locations/6)
# 1189|   	    sudo_fatalx(U_("%s: %s"), __func__, U_("unable to allocate memory"));
# 1190|       }
# 1191|->     debug_return_ptr(fp);
# 1192|   }
# 1193|   

Error: GCC_ANALYZER_WARNING (CWE-401): [#def640]
sudo-1.9.17p2/plugins/sudoers/visudo.c:1191:5: warning[-Wanalyzer-malloc-leak]: leak of ‘fp’
sudo-1.9.17p2/plugins/sudoers/visudo.c:1157:5: branch_true: following ‘true’ branch (when ‘entry’ is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/visudo.c:1158:27: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/visudo.c:1161:8: branch_false: following ‘false’ branch (when ‘entry’ is non-NULL)...
sudo-1.9.17p2/plugins/sudoers/visudo.c:1175:13: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/visudo.c:1175:12: branch_true: following ‘true’ branch...
sudo-1.9.17p2/plugins/sudoers/visudo.c:1176:23: branch_true: ...to here
sudo-1.9.17p2/plugins/sudoers/visudo.c:1176:23: acquire_memory: allocated here
sudo-1.9.17p2/plugins/sudoers/visudo.c:1176:16: branch_false: following ‘false’ branch...
sudo-1.9.17p2/plugins/sudoers/visudo.c:1184:8: branch_false: ...to here
sudo-1.9.17p2/plugins/sudoers/visudo.c:1191:5: danger: ‘fp’ leaks here; was allocated at [(7)](sarif:/runs/0/results/102/codeFlows/0/threadFlows/0/locations/6)
# 1189|   	    sudo_fatalx(U_("%s: %s"), __func__, U_("unable to allocate memory"));
# 1190|       }
# 1191|->     debug_return_ptr(fp);
# 1192|   }
# 1193|   

Error: GCC_ANALYZER_WARNING (CWE-775): [#def641]
sudo-1.9.17p2/src/conversation.c:187:13: warning[-Wanalyzer-file-leak]: leak of FILE ‘ttyfp’
sudo-1.9.17p2/src/conversation.c:175:8: branch_true: following ‘true’ branch...
sudo-1.9.17p2/src/conversation.c:176:14: branch_true: ...to here
sudo-1.9.17p2/src/conversation.c:175:9: branch_true: following ‘true’ branch...
sudo-1.9.17p2/src/conversation.c:178:17: branch_true: ...to here
sudo-1.9.17p2/src/conversation.c:178:17: acquire_resource: opened here
sudo-1.9.17p2/src/conversation.c:187:13: branch_true: following ‘true’ branch (when ‘ttyfp’ is non-NULL)...
sudo-1.9.17p2/src/conversation.c:187:13: branch_true: ...to here
sudo-1.9.17p2/src/conversation.c:187:13: danger: ‘ttyfp’ leaks here; was opened at [(5)](sarif:/runs/0/results/0/codeFlows/0/threadFlows/0/locations/4)
#  185|       case SUDO_CONV_INFO_MSG:
#  186|   	/* Convert nl -> cr nl in case tty is in raw mode. */
#  187|-> 	if (sudo_term_is_raw(fileno(ttyfp ? ttyfp : fp))) {
#  188|   	    size_t fmtlen = strlen(fmt);
#  189|   	    if (fmtlen < sizeof(fmt2) - 1 && fmtlen && fmt[fmtlen - 1] == '\n') {

Error: GCC_ANALYZER_WARNING (CWE-401): [#def642]
sudo-1.9.17p2/src/conversation.c:187:13: warning[-Wanalyzer-malloc-leak]: leak of ‘ttyfp’
sudo-1.9.17p2/src/conversation.c:175:8: branch_true: following ‘true’ branch...
sudo-1.9.17p2/src/conversation.c:176:14: branch_true: ...to here
sudo-1.9.17p2/src/conversation.c:175:9: branch_true: following ‘true’ branch...
sudo-1.9.17p2/src/conversation.c:178:17: branch_true: ...to here
sudo-1.9.17p2/src/conversation.c:178:17: acquire_memory: allocated here
sudo-1.9.17p2/src/conversation.c:187:13: branch_true: following ‘true’ branch (when ‘ttyfp’ is non-NULL)...
sudo-1.9.17p2/src/conversation.c:187:13: branch_true: ...to here
sudo-1.9.17p2/src/conversation.c:187:13: danger: ‘ttyfp’ leaks here; was allocated at [(5)](sarif:/runs/0/results/1/codeFlows/0/threadFlows/0/locations/4)
#  185|       case SUDO_CONV_INFO_MSG:
#  186|   	/* Convert nl -> cr nl in case tty is in raw mode. */
#  187|-> 	if (sudo_term_is_raw(fileno(ttyfp ? ttyfp : fp))) {
#  188|   	    size_t fmtlen = strlen(fmt);
#  189|   	    if (fmtlen < sizeof(fmt2) - 1 && fmtlen && fmt[fmtlen - 1] == '\n') {

Error: GCC_ANALYZER_WARNING (CWE-401): [#def643]
sudo-1.9.17p2/src/env_hooks.c:67:13: warning[-Wanalyzer-malloc-leak]: leak of ‘dst’
sudo-1.9.17p2/src/env_hooks.c:164:1: enter_function: entry to ‘rpl_setenv’
sudo-1.9.17p2/src/env_hooks.c:170:8: branch_false: following ‘false’ branch...
sudo-1.9.17p2/src/env_hooks.c:187:19: acquire_memory: allocated here
sudo-1.9.17p2/src/env_hooks.c:187:8: branch_false: following ‘false’ branch (when ‘envstr’ is non-NULL)...
 branch_false: ...to here
sudo-1.9.17p2/src/env_hooks.c:189:35: branch_false: following ‘false’ branch...
sudo-1.9.17p2/src/env_hooks.c:191:6: branch_false: ...to here
sudo-1.9.17p2/src/env_hooks.c:198:8: branch_true: following ‘true’ branch (when ‘overwrite == 0’)...
sudo-1.9.17p2/src/env_hooks.c:198:23: branch_true: ...to here
sudo-1.9.17p2/src/env_hooks.c:198:23: call_function: calling ‘getenv’ from ‘rpl_setenv’
#   65|       char *val = NULL;
#   66|   
#   67|->     switch (process_hooks_getenv(name, &val)) {
#   68|   	case SUDO_HOOK_RET_STOP:
#   69|   	    return val;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def644]
sudo-1.9.17p2/src/exec_iolog.c:124:19: warning[-Wanalyzer-malloc-leak]: leak of ‘iob’
sudo-1.9.17p2/src/exec_iolog.c:121:16: acquire_memory: allocated here
sudo-1.9.17p2/src/exec_iolog.c:121:8: branch_false: following ‘false’ branch (when ‘iob’ is non-NULL)...
sudo-1.9.17p2/src/exec_iolog.c:123:5: branch_false: ...to here
sudo-1.9.17p2/src/exec_iolog.c:124:19: danger: ‘iob’ leaks here; was allocated at [(1)](sarif:/runs/0/results/0/codeFlows/0/threadFlows/0/locations/0)
#  122|   	sudo_fatalx(U_("%s: %s"), __func__, U_("unable to allocate memory"));
#  123|       iob->ec = ec;
#  124|->     iob->revent = sudo_ev_alloc(rfd, SUDO_EV_READ|SUDO_EV_PERSIST,
#  125|   	read_cb, iob);
#  126|       iob->wevent = sudo_ev_alloc(wfd, SUDO_EV_WRITE|SUDO_EV_PERSIST,

Error: GCC_ANALYZER_WARNING (CWE-775): [#def645]
sudo-1.9.17p2/src/exec_monitor.c:363:8: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘dup3(io_fds[0], 0, 0)’
sudo-1.9.17p2/src/exec_monitor.c:363:9: acquire_resource: opened here
sudo-1.9.17p2/src/exec_monitor.c:363:8: danger: ‘dup3(io_fds[0], 0, 0)’ leaks here; was opened at [(1)](sarif:/runs/0/results/0/codeFlows/0/threadFlows/0/locations/0)
#  361|   
#  362|       /* Wire up standard fds, note that stdout/stderr may be pipes. */
#  363|->     if (dup3(io_fds[SFD_STDIN], STDIN_FILENO, 0) == -1)
#  364|   	sudo_fatal("dup3");
#  365|       if (io_fds[SFD_STDIN] != io_fds[SFD_FOLLOWER])

Error: GCC_ANALYZER_WARNING (CWE-775): [#def646]
sudo-1.9.17p2/src/exec_monitor.c:367:8: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘dup3(io_fds[1], 1, 0)’
sudo-1.9.17p2/src/exec_monitor.c:363:8: branch_false: following ‘false’ branch...
sudo-1.9.17p2/src/exec_monitor.c:365:9: branch_false: ...to here
sudo-1.9.17p2/src/exec_monitor.c:367:9: acquire_resource: opened here
sudo-1.9.17p2/src/exec_monitor.c:367:8: danger: ‘dup3(io_fds[1], 1, 0)’ leaks here; was opened at [(3)](sarif:/runs/0/results/1/codeFlows/0/threadFlows/0/locations/2)
#  365|       if (io_fds[SFD_STDIN] != io_fds[SFD_FOLLOWER])
#  366|   	close(io_fds[SFD_STDIN]);
#  367|->     if (dup3(io_fds[SFD_STDOUT], STDOUT_FILENO, 0) == -1)
#  368|   	sudo_fatal("dup3");
#  369|       if (io_fds[SFD_STDOUT] != io_fds[SFD_FOLLOWER])

Error: GCC_ANALYZER_WARNING (CWE-775): [#def647]
sudo-1.9.17p2/src/exec_monitor.c:371:8: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘dup3(io_fds[2], 2, 0)’
sudo-1.9.17p2/src/exec_monitor.c:363:8: branch_false: following ‘false’ branch...
sudo-1.9.17p2/src/exec_monitor.c:365:9: branch_false: ...to here
sudo-1.9.17p2/src/exec_monitor.c:367:8: branch_false: following ‘false’ branch...
sudo-1.9.17p2/src/exec_monitor.c:369:9: branch_false: ...to here
sudo-1.9.17p2/src/exec_monitor.c:371:9: acquire_resource: opened here
sudo-1.9.17p2/src/exec_monitor.c:371:8: danger: ‘dup3(io_fds[2], 2, 0)’ leaks here; was opened at [(5)](sarif:/runs/0/results/2/codeFlows/0/threadFlows/0/locations/4)
#  369|       if (io_fds[SFD_STDOUT] != io_fds[SFD_FOLLOWER])
#  370|   	close(io_fds[SFD_STDOUT]);
#  371|->     if (dup3(io_fds[SFD_STDERR], STDERR_FILENO, 0) == -1)
#  372|   	sudo_fatal("dup3");
#  373|       if (io_fds[SFD_STDERR] != io_fds[SFD_FOLLOWER])

Error: GCC_ANALYZER_WARNING (CWE-775): [#def648]
sudo-1.9.17p2/src/exec_nopty.c:487:5: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘errpipe[0]’
sudo-1.9.17p2/src/exec_nopty.c:550:1: enter_function: entry to ‘exec_nopty’
sudo-1.9.17p2/src/exec_nopty.c:564:8: branch_false: following ‘false’ branch...
sudo-1.9.17p2/src/exec_nopty.c:568:5: branch_false: ...to here
sudo-1.9.17p2/src/exec_nopty.c:573:8: branch_false: following ‘false’ branch...
sudo-1.9.17p2/src/exec_nopty.c:576:9: branch_false: ...to here
sudo-1.9.17p2/src/exec_nopty.c:588:5: call_function: calling ‘interpose_pipes’ from ‘exec_nopty’
#  485|       bool want_winch = false;
#  486|       struct stat sb;
#  487|->     debug_decl(interpose_pipes, SUDO_DEBUG_EXEC);
#  488|   
#  489|       /*

Error: GCC_ANALYZER_WARNING (CWE-775): [#def649]
sudo-1.9.17p2/src/exec_nopty.c:487:5: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘errpipe[1]’
sudo-1.9.17p2/src/exec_nopty.c:550:1: enter_function: entry to ‘exec_nopty’
sudo-1.9.17p2/src/exec_nopty.c:564:8: branch_false: following ‘false’ branch...
sudo-1.9.17p2/src/exec_nopty.c:568:5: branch_false: ...to here
sudo-1.9.17p2/src/exec_nopty.c:573:8: branch_false: following ‘false’ branch...
sudo-1.9.17p2/src/exec_nopty.c:576:9: branch_false: ...to here
sudo-1.9.17p2/src/exec_nopty.c:588:5: call_function: calling ‘interpose_pipes’ from ‘exec_nopty’
#  485|       bool want_winch = false;
#  486|       struct stat sb;
#  487|->     debug_decl(interpose_pipes, SUDO_DEBUG_EXEC);
#  488|   
#  489|       /*

Error: GCC_ANALYZER_WARNING (CWE-775): [#def650]
sudo-1.9.17p2/src/exec_nopty.c:511:14: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘errpipe[0]’
sudo-1.9.17p2/src/exec_nopty.c:550:1: enter_function: entry to ‘exec_nopty’
sudo-1.9.17p2/src/exec_nopty.c:564:8: branch_false: following ‘false’ branch...
sudo-1.9.17p2/src/exec_nopty.c:568:5: branch_false: ...to here
sudo-1.9.17p2/src/exec_nopty.c:573:8: branch_false: following ‘false’ branch...
sudo-1.9.17p2/src/exec_nopty.c:576:9: branch_false: ...to here
sudo-1.9.17p2/src/exec_nopty.c:588:5: call_function: calling ‘interpose_pipes’ from ‘exec_nopty’
#  509|        */
#  510|       if (interpose[STDIN_FILENO]) {
#  511|-> 	if (!fd_matches_pgrp(STDIN_FILENO, pgrp, &sb)) {
#  512|   	    sudo_debug_printf(SUDO_DEBUG_INFO,
#  513|   		"stdin not user's tty, creating a pipe");

Error: GCC_ANALYZER_WARNING (CWE-775): [#def651]
sudo-1.9.17p2/src/exec_nopty.c:511:14: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘errpipe[1]’
sudo-1.9.17p2/src/exec_nopty.c:550:1: enter_function: entry to ‘exec_nopty’
sudo-1.9.17p2/src/exec_nopty.c:564:8: branch_false: following ‘false’ branch...
sudo-1.9.17p2/src/exec_nopty.c:568:5: branch_false: ...to here
sudo-1.9.17p2/src/exec_nopty.c:573:8: branch_false: following ‘false’ branch...
sudo-1.9.17p2/src/exec_nopty.c:576:9: branch_false: ...to here
sudo-1.9.17p2/src/exec_nopty.c:588:5: call_function: calling ‘interpose_pipes’ from ‘exec_nopty’
#  509|        */
#  510|       if (interpose[STDIN_FILENO]) {
#  511|-> 	if (!fd_matches_pgrp(STDIN_FILENO, pgrp, &sb)) {
#  512|   	    sudo_debug_printf(SUDO_DEBUG_INFO,
#  513|   		"stdin not user's tty, creating a pipe");

Error: GCC_ANALYZER_WARNING (CWE-775): [#def652]
sudo-1.9.17p2/src/exec_nopty.c:512:13: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘errpipe[0]’
sudo-1.9.17p2/src/exec_nopty.c:550:1: enter_function: entry to ‘exec_nopty’
sudo-1.9.17p2/src/exec_nopty.c:564:8: branch_false: following ‘false’ branch...
sudo-1.9.17p2/src/exec_nopty.c:568:5: branch_false: ...to here
sudo-1.9.17p2/src/exec_nopty.c:573:8: branch_false: following ‘false’ branch...
sudo-1.9.17p2/src/exec_nopty.c:576:9: branch_false: ...to here
sudo-1.9.17p2/src/exec_nopty.c:588:5: call_function: calling ‘interpose_pipes’ from ‘exec_nopty’
#  510|       if (interpose[STDIN_FILENO]) {
#  511|   	if (!fd_matches_pgrp(STDIN_FILENO, pgrp, &sb)) {
#  512|-> 	    sudo_debug_printf(SUDO_DEBUG_INFO,
#  513|   		"stdin not user's tty, creating a pipe");
#  514|   	    if (pipe2(io_pipe[STDIN_FILENO], O_CLOEXEC) != 0)

Error: GCC_ANALYZER_WARNING (CWE-775): [#def653]
sudo-1.9.17p2/src/exec_nopty.c:512:13: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘errpipe[1]’
sudo-1.9.17p2/src/exec_nopty.c:550:1: enter_function: entry to ‘exec_nopty’
sudo-1.9.17p2/src/exec_nopty.c:564:8: branch_false: following ‘false’ branch...
sudo-1.9.17p2/src/exec_nopty.c:568:5: branch_false: ...to here
sudo-1.9.17p2/src/exec_nopty.c:573:8: branch_false: following ‘false’ branch...
sudo-1.9.17p2/src/exec_nopty.c:576:9: branch_false: ...to here
sudo-1.9.17p2/src/exec_nopty.c:588:5: call_function: calling ‘interpose_pipes’ from ‘exec_nopty’
#  510|       if (interpose[STDIN_FILENO]) {
#  511|   	if (!fd_matches_pgrp(STDIN_FILENO, pgrp, &sb)) {
#  512|-> 	    sudo_debug_printf(SUDO_DEBUG_INFO,
#  513|   		"stdin not user's tty, creating a pipe");
#  514|   	    if (pipe2(io_pipe[STDIN_FILENO], O_CLOEXEC) != 0)

Error: GCC_ANALYZER_WARNING (CWE-775): [#def654]
sudo-1.9.17p2/src/exec_nopty.c:515:17: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘errpipe[0]’
sudo-1.9.17p2/src/exec_nopty.c:550:1: enter_function: entry to ‘exec_nopty’
sudo-1.9.17p2/src/exec_nopty.c:564:8: branch_false: following ‘false’ branch...
sudo-1.9.17p2/src/exec_nopty.c:568:5: branch_false: ...to here
sudo-1.9.17p2/src/exec_nopty.c:573:8: branch_false: following ‘false’ branch...
sudo-1.9.17p2/src/exec_nopty.c:576:9: branch_false: ...to here
sudo-1.9.17p2/src/exec_nopty.c:588:5: call_function: calling ‘interpose_pipes’ from ‘exec_nopty’
#  513|   		"stdin not user's tty, creating a pipe");
#  514|   	    if (pipe2(io_pipe[STDIN_FILENO], O_CLOEXEC) != 0)
#  515|-> 		sudo_fatal("%s", U_("unable to create pipe"));
#  516|   	    io_buf_new(STDIN_FILENO, io_pipe[STDIN_FILENO][1],
#  517|   		log_stdin, read_callback, write_callback, ec);

Error: GCC_ANALYZER_WARNING (CWE-775): [#def655]
sudo-1.9.17p2/src/exec_nopty.c:515:17: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘errpipe[1]’
sudo-1.9.17p2/src/exec_nopty.c:550:1: enter_function: entry to ‘exec_nopty’
sudo-1.9.17p2/src/exec_nopty.c:564:8: branch_false: following ‘false’ branch...
sudo-1.9.17p2/src/exec_nopty.c:568:5: branch_false: ...to here
sudo-1.9.17p2/src/exec_nopty.c:573:8: branch_false: following ‘false’ branch...
sudo-1.9.17p2/src/exec_nopty.c:576:9: branch_false: ...to here
sudo-1.9.17p2/src/exec_nopty.c:588:5: call_function: calling ‘interpose_pipes’ from ‘exec_nopty’
#  513|   		"stdin not user's tty, creating a pipe");
#  514|   	    if (pipe2(io_pipe[STDIN_FILENO], O_CLOEXEC) != 0)
#  515|-> 		sudo_fatal("%s", U_("unable to create pipe"));
#  516|   	    io_buf_new(STDIN_FILENO, io_pipe[STDIN_FILENO][1],
#  517|   		log_stdin, read_callback, write_callback, ec);

Error: GCC_ANALYZER_WARNING (CWE-775): [#def656]
sudo-1.9.17p2/src/exec_nopty.c:516:13: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘errpipe[0]’
sudo-1.9.17p2/src/exec_nopty.c:550:1: enter_function: entry to ‘exec_nopty’
sudo-1.9.17p2/src/exec_nopty.c:564:8: branch_false: following ‘false’ branch...
sudo-1.9.17p2/src/exec_nopty.c:568:5: branch_false: ...to here
sudo-1.9.17p2/src/exec_nopty.c:573:8: branch_false: following ‘false’ branch...
sudo-1.9.17p2/src/exec_nopty.c:576:9: branch_false: ...to here
sudo-1.9.17p2/src/exec_nopty.c:588:5: call_function: calling ‘interpose_pipes’ from ‘exec_nopty’
#  514|   	    if (pipe2(io_pipe[STDIN_FILENO], O_CLOEXEC) != 0)
#  515|   		sudo_fatal("%s", U_("unable to create pipe"));
#  516|-> 	    io_buf_new(STDIN_FILENO, io_pipe[STDIN_FILENO][1],
#  517|   		log_stdin, read_callback, write_callback, ec);
#  518|   	}

Error: GCC_ANALYZER_WARNING (CWE-775): [#def657]
sudo-1.9.17p2/src/exec_nopty.c:516:13: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘errpipe[1]’
sudo-1.9.17p2/src/exec_nopty.c:550:1: enter_function: entry to ‘exec_nopty’
sudo-1.9.17p2/src/exec_nopty.c:564:8: branch_false: following ‘false’ branch...
sudo-1.9.17p2/src/exec_nopty.c:568:5: branch_false: ...to here
sudo-1.9.17p2/src/exec_nopty.c:573:8: branch_false: following ‘false’ branch...
sudo-1.9.17p2/src/exec_nopty.c:576:9: branch_false: ...to here
sudo-1.9.17p2/src/exec_nopty.c:588:5: call_function: calling ‘interpose_pipes’ from ‘exec_nopty’
#  514|   	    if (pipe2(io_pipe[STDIN_FILENO], O_CLOEXEC) != 0)
#  515|   		sudo_fatal("%s", U_("unable to create pipe"));
#  516|-> 	    io_buf_new(STDIN_FILENO, io_pipe[STDIN_FILENO][1],
#  517|   		log_stdin, read_callback, write_callback, ec);
#  518|   	}

Error: GCC_ANALYZER_WARNING (CWE-775): [#def658]
sudo-1.9.17p2/src/exec_nopty.c:516:13: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘io_pipe[0][0]’
sudo-1.9.17p2/src/exec_nopty.c:550:1: enter_function: entry to ‘exec_nopty’
sudo-1.9.17p2/src/exec_nopty.c:564:8: branch_false: following ‘false’ branch...
sudo-1.9.17p2/src/exec_nopty.c:568:5: branch_false: ...to here
sudo-1.9.17p2/src/exec_nopty.c:573:8: branch_false: following ‘false’ branch...
sudo-1.9.17p2/src/exec_nopty.c:576:9: branch_false: ...to here
sudo-1.9.17p2/src/exec_nopty.c:588:5: call_function: calling ‘interpose_pipes’ from ‘exec_nopty’
#  514|   	    if (pipe2(io_pipe[STDIN_FILENO], O_CLOEXEC) != 0)
#  515|   		sudo_fatal("%s", U_("unable to create pipe"));
#  516|-> 	    io_buf_new(STDIN_FILENO, io_pipe[STDIN_FILENO][1],
#  517|   		log_stdin, read_callback, write_callback, ec);
#  518|   	}

Error: GCC_ANALYZER_WARNING (CWE-775): [#def659]
sudo-1.9.17p2/src/exec_nopty.c:516:13: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘io_pipe[0][1]’
sudo-1.9.17p2/src/exec_nopty.c:550:1: enter_function: entry to ‘exec_nopty’
sudo-1.9.17p2/src/exec_nopty.c:564:8: branch_false: following ‘false’ branch...
sudo-1.9.17p2/src/exec_nopty.c:568:5: branch_false: ...to here
sudo-1.9.17p2/src/exec_nopty.c:573:8: branch_false: following ‘false’ branch...
sudo-1.9.17p2/src/exec_nopty.c:576:9: branch_false: ...to here
sudo-1.9.17p2/src/exec_nopty.c:588:5: call_function: calling ‘interpose_pipes’ from ‘exec_nopty’
#  514|   	    if (pipe2(io_pipe[STDIN_FILENO], O_CLOEXEC) != 0)
#  515|   		sudo_fatal("%s", U_("unable to create pipe"));
#  516|-> 	    io_buf_new(STDIN_FILENO, io_pipe[STDIN_FILENO][1],
#  517|   		log_stdin, read_callback, write_callback, ec);
#  518|   	}

Error: GCC_ANALYZER_WARNING (CWE-775): [#def660]
sudo-1.9.17p2/src/exec_nopty.c:583:17: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘errpipe[0]’
sudo-1.9.17p2/src/exec_nopty.c:564:8: branch_false: following ‘false’ branch...
sudo-1.9.17p2/src/exec_nopty.c:568:5: branch_false: ...to here
sudo-1.9.17p2/src/exec_nopty.c:573:8: branch_false: following ‘false’ branch...
sudo-1.9.17p2/src/exec_nopty.c:576:9: branch_false: ...to here
sudo-1.9.17p2/src/exec_nopty.c:576:8: branch_true: following ‘true’ branch...
sudo-1.9.17p2/src/exec_nopty.c:577:14: branch_true: ...to here
sudo-1.9.17p2/src/exec_nopty.c:577:12: branch_true: following ‘true’ branch...
sudo-1.9.17p2/src/exec_nopty.c:582:17: branch_true: ...to here
sudo-1.9.17p2/src/exec_nopty.c:582:16: branch_true: following ‘true’ branch...
sudo-1.9.17p2/src/exec_nopty.c:583:17: branch_true: ...to here
sudo-1.9.17p2/src/exec_nopty.c:583:17: danger: ‘errpipe[0]’ leaks here
#  581|   	     */
#  582|   	    if (socketpair(PF_UNIX, SOCK_STREAM, 0, intercept_sv) == -1)
#  583|-> 		sudo_fatal("%s", U_("unable to create sockets"));
#  584|   	}
#  585|       }

Error: GCC_ANALYZER_WARNING (CWE-775): [#def661]
sudo-1.9.17p2/src/exec_nopty.c:583:17: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘errpipe[1]’
sudo-1.9.17p2/src/exec_nopty.c:564:8: branch_false: following ‘false’ branch...
sudo-1.9.17p2/src/exec_nopty.c:568:5: branch_false: ...to here
sudo-1.9.17p2/src/exec_nopty.c:573:8: branch_false: following ‘false’ branch...
sudo-1.9.17p2/src/exec_nopty.c:576:9: branch_false: ...to here
sudo-1.9.17p2/src/exec_nopty.c:576:8: branch_true: following ‘true’ branch...
sudo-1.9.17p2/src/exec_nopty.c:577:14: branch_true: ...to here
sudo-1.9.17p2/src/exec_nopty.c:577:12: branch_true: following ‘true’ branch...
sudo-1.9.17p2/src/exec_nopty.c:582:17: branch_true: ...to here
sudo-1.9.17p2/src/exec_nopty.c:582:16: branch_true: following ‘true’ branch...
sudo-1.9.17p2/src/exec_nopty.c:583:17: branch_true: ...to here
sudo-1.9.17p2/src/exec_nopty.c:583:17: danger: ‘errpipe[1]’ leaks here
#  581|   	     */
#  582|   	    if (socketpair(PF_UNIX, SOCK_STREAM, 0, intercept_sv) == -1)
#  583|-> 		sudo_fatal("%s", U_("unable to create sockets"));
#  584|   	}
#  585|       }

Error: GCC_ANALYZER_WARNING (CWE-775): [#def662]
sudo-1.9.17p2/src/exec_nopty.c:598:9: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘errpipe[0]’
sudo-1.9.17p2/src/exec_nopty.c:564:8: branch_false: following ‘false’ branch...
sudo-1.9.17p2/src/exec_nopty.c:568:5: branch_false: ...to here
sudo-1.9.17p2/src/exec_nopty.c:573:8: branch_false: following ‘false’ branch...
sudo-1.9.17p2/src/exec_nopty.c:576:9: branch_false: ...to here
sudo-1.9.17p2/src/exec_nopty.c:598:9: danger: ‘errpipe[0]’ leaks here
#  596|   
#  597|       /* Check for early termination or suspend signals before we fork. */
#  598|->     if (sudo_terminated(cstat)) {
#  599|   	sigprocmask(SIG_SETMASK, &oset, NULL);
#  600|   	debug_return;

Error: GCC_ANALYZER_WARNING (CWE-775): [#def663]
sudo-1.9.17p2/src/exec_nopty.c:598:9: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘errpipe[1]’
sudo-1.9.17p2/src/exec_nopty.c:564:8: branch_false: following ‘false’ branch...
sudo-1.9.17p2/src/exec_nopty.c:568:5: branch_false: ...to here
sudo-1.9.17p2/src/exec_nopty.c:573:8: branch_false: following ‘false’ branch...
sudo-1.9.17p2/src/exec_nopty.c:576:9: branch_false: ...to here
sudo-1.9.17p2/src/exec_nopty.c:598:9: danger: ‘errpipe[1]’ leaks here
#  596|   
#  597|       /* Check for early termination or suspend signals before we fork. */
#  598|->     if (sudo_terminated(cstat)) {
#  599|   	sigprocmask(SIG_SETMASK, &oset, NULL);
#  600|   	debug_return;

Error: GCC_ANALYZER_WARNING (CWE-775): [#def664]
sudo-1.9.17p2/src/exec_nopty.c:598:9: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘io_pipe[0][0]’
sudo-1.9.17p2/src/exec_nopty.c:550:1: enter_function: entry to ‘exec_nopty’
sudo-1.9.17p2/src/exec_nopty.c:564:8: branch_false: following ‘false’ branch...
sudo-1.9.17p2/src/exec_nopty.c:568:5: branch_false: ...to here
sudo-1.9.17p2/src/exec_nopty.c:573:8: branch_false: following ‘false’ branch...
sudo-1.9.17p2/src/exec_nopty.c:576:9: branch_false: ...to here
sudo-1.9.17p2/src/exec_nopty.c:588:5: call_function: calling ‘interpose_pipes’ from ‘exec_nopty’
sudo-1.9.17p2/src/exec_nopty.c:588:5: return_function: returning to ‘exec_nopty’ from ‘interpose_pipes’
sudo-1.9.17p2/src/exec_nopty.c:598:9: danger: ‘io_pipe[0][0]’ leaks here
#  596|   
#  597|       /* Check for early termination or suspend signals before we fork. */
#  598|->     if (sudo_terminated(cstat)) {
#  599|   	sigprocmask(SIG_SETMASK, &oset, NULL);
#  600|   	debug_return;

Error: GCC_ANALYZER_WARNING (CWE-775): [#def665]
sudo-1.9.17p2/src/exec_nopty.c:598:9: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘io_pipe[1][1]’
sudo-1.9.17p2/src/exec_nopty.c:550:1: enter_function: entry to ‘exec_nopty’
sudo-1.9.17p2/src/exec_nopty.c:564:8: branch_false: following ‘false’ branch...
sudo-1.9.17p2/src/exec_nopty.c:568:5: branch_false: ...to here
sudo-1.9.17p2/src/exec_nopty.c:573:8: branch_false: following ‘false’ branch...
sudo-1.9.17p2/src/exec_nopty.c:576:9: branch_false: ...to here
sudo-1.9.17p2/src/exec_nopty.c:588:5: call_function: calling ‘interpose_pipes’ from ‘exec_nopty’
sudo-1.9.17p2/src/exec_nopty.c:588:5: return_function: returning to ‘exec_nopty’ from ‘interpose_pipes’
sudo-1.9.17p2/src/exec_nopty.c:598:9: danger: ‘io_pipe[1][1]’ leaks here
#  596|   
#  597|       /* Check for early termination or suspend signals before we fork. */
#  598|->     if (sudo_terminated(cstat)) {
#  599|   	sigprocmask(SIG_SETMASK, &oset, NULL);
#  600|   	debug_return;

Error: GCC_ANALYZER_WARNING (CWE-775): [#def666]
sudo-1.9.17p2/src/exec_nopty.c:598:9: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘io_pipe[2][1]’
sudo-1.9.17p2/src/exec_nopty.c:550:1: enter_function: entry to ‘exec_nopty’
sudo-1.9.17p2/src/exec_nopty.c:564:8: branch_false: following ‘false’ branch...
sudo-1.9.17p2/src/exec_nopty.c:568:5: branch_false: ...to here
sudo-1.9.17p2/src/exec_nopty.c:573:8: branch_false: following ‘false’ branch...
sudo-1.9.17p2/src/exec_nopty.c:576:9: branch_false: ...to here
sudo-1.9.17p2/src/exec_nopty.c:588:5: call_function: calling ‘interpose_pipes’ from ‘exec_nopty’
sudo-1.9.17p2/src/exec_nopty.c:588:5: return_function: returning to ‘exec_nopty’ from ‘interpose_pipes’
sudo-1.9.17p2/src/exec_nopty.c:598:9: danger: ‘io_pipe[2][1]’ leaks here
#  596|   
#  597|       /* Check for early termination or suspend signals before we fork. */
#  598|->     if (sudo_terminated(cstat)) {
#  599|   	sigprocmask(SIG_SETMASK, &oset, NULL);
#  600|   	debug_return;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def667]
sudo-1.9.17p2/src/exec_preload.c:59:5: warning[-Wanalyzer-malloc-leak]: leak of ‘nep’
sudo-1.9.17p2/src/exec_preload.c:413:1: enter_function: entry to ‘sudo_preload_dso’
sudo-1.9.17p2/src/exec_preload.c:416:12: call_function: calling ‘sudo_preload_dso_path’ from ‘sudo_preload_dso’
#   57|       const char *fmt;
#   58|       va_list ap;
#   59|->     debug_decl(fmtstr, SUDO_DEBUG_UTIL);
#   60|   
#   61|       /* Determine size. */

Error: GCC_ANALYZER_WARNING (CWE-401): [#def668]
sudo-1.9.17p2/src/exec_preload.c:59:5: warning[-Wanalyzer-malloc-leak]: leak of ‘preload_ptr’
sudo-1.9.17p2/src/exec_preload.c:413:1: enter_function: entry to ‘sudo_preload_dso’
sudo-1.9.17p2/src/exec_preload.c:416:12: call_function: calling ‘sudo_preload_dso_path’ from ‘sudo_preload_dso’
#   57|       const char *fmt;
#   58|       va_list ap;
#   59|->     debug_decl(fmtstr, SUDO_DEBUG_UTIL);
#   60|   
#   61|       /* Determine size. */

Error: GCC_ANALYZER_WARNING (CWE-686): [#def669]
sudo-1.9.17p2/src/exec_preload.c:74:17: warning[-Wanalyzer-va-arg-type-mismatch]: ‘va_arg’ expected ‘char *’ but received ‘int’ for variadic argument 1 of ‘ap’
sudo-1.9.17p2/src/exec_preload.c:413:1: enter_function: entry to ‘sudo_preload_dso’
sudo-1.9.17p2/src/exec_preload.c:416:12: call_function: calling ‘sudo_preload_dso_path’ from ‘sudo_preload_dso’
#   72|   		continue;
#   73|   	    case 's':
#   74|-> 		cp = va_arg(ap, char *);
#   75|   		size += strlen(cp ? cp : "(NULL)");
#   76|   		fmt += 2;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def670]
sudo-1.9.17p2/src/exec_preload.c:101:9: warning[-Wanalyzer-malloc-leak]: leak of ‘nep’
sudo-1.9.17p2/src/exec_preload.c:413:1: enter_function: entry to ‘sudo_preload_dso’
sudo-1.9.17p2/src/exec_preload.c:416:12: call_function: calling ‘sudo_preload_dso_path’ from ‘sudo_preload_dso’
#   99|       newstr = alloc_fn(1, size);
#  100|       if (newstr == NULL)
#  101|-> 	debug_return_str(NULL);
#  102|   
#  103|       /* Format/copy data. */

Error: GCC_ANALYZER_WARNING (CWE-401): [#def671]
sudo-1.9.17p2/src/exec_preload.c:168:5: warning[-Wanalyzer-malloc-leak]: leak of ‘nep’
sudo-1.9.17p2/src/exec_preload.c:413:1: enter_function: entry to ‘sudo_preload_dso’
sudo-1.9.17p2/src/exec_preload.c:416:12: call_function: calling ‘sudo_preload_dso_path’ from ‘sudo_preload_dso’
#  166|       va_end(ap);
#  167|       free_fn(newstr);
#  168|->     sudo_warnx(U_("internal error, %s overflow"), __func__);
#  169|       debug_return_str(NULL);
#  170|   }

Error: GCC_ANALYZER_WARNING (CWE-401): [#def672]
sudo-1.9.17p2/src/exec_preload.c:169:5: warning[-Wanalyzer-malloc-leak]: leak of ‘nep’
sudo-1.9.17p2/src/exec_preload.c:413:1: enter_function: entry to ‘sudo_preload_dso’
sudo-1.9.17p2/src/exec_preload.c:416:12: call_function: calling ‘sudo_preload_dso_path’ from ‘sudo_preload_dso’
#  167|       free_fn(newstr);
#  168|       sudo_warnx(U_("internal error, %s overflow"), __func__);
#  169|->     debug_return_str(NULL);
#  170|   }
#  171|   

Error: GCC_ANALYZER_WARNING (CWE-401): [#def673]
sudo-1.9.17p2/src/exec_preload.c:274:23: warning[-Wanalyzer-malloc-leak]: leak of ‘nep’
sudo-1.9.17p2/src/exec_preload.c:413:1: enter_function: entry to ‘sudo_preload_dso’
sudo-1.9.17p2/src/exec_preload.c:416:12: call_function: calling ‘sudo_preload_dso_path’ from ‘sudo_preload_dso’
#  272|   		continue;
#  273|   
#  274|-> 	    fd = (int)sudo_strtonum(cp, 0, INT_MAX, &errstr);
#  275|   	    if (fd == intercept_fd && errstr == NULL)
#  276|   		fd_present = true;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def674]
sudo-1.9.17p2/src/exec_preload.c:274:23: warning[-Wanalyzer-malloc-leak]: leak of ‘preload_ptr’
sudo-1.9.17p2/src/exec_preload.c:413:1: enter_function: entry to ‘sudo_preload_dso’
sudo-1.9.17p2/src/exec_preload.c:416:12: call_function: calling ‘sudo_preload_dso_path’ from ‘sudo_preload_dso’
#  272|   		continue;
#  273|   
#  274|-> 	    fd = (int)sudo_strtonum(cp, 0, INT_MAX, &errstr);
#  275|   	    if (fd == intercept_fd && errstr == NULL)
#  276|   		fd_present = true;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def675]
sudo-1.9.17p2/src/get_pty.c:71:5: warning[-Wanalyzer-malloc-leak]: leak of ‘ret’
sudo-1.9.17p2/src/get_pty.c:66:8: branch_true: following ‘true’ branch...
sudo-1.9.17p2/src/get_pty.c:67:13: branch_true: ...to here
sudo-1.9.17p2/src/get_pty.c:67:12: branch_true: following ‘true’ branch...
sudo-1.9.17p2/src/get_pty.c:68:19: branch_true: ...to here
sudo-1.9.17p2/src/get_pty.c:68:19: acquire_memory: allocated here
sudo-1.9.17p2/src/get_pty.c:71:5: branch_true: following ‘true’ branch (when ‘ret’ is non-NULL)...
sudo-1.9.17p2/src/get_pty.c:71:5: branch_true: ...to here
sudo-1.9.17p2/src/get_pty.c:71:5: danger: ‘ret’ leaks here; was allocated at [(5)](sarif:/runs/0/results/0/codeFlows/0/threadFlows/0/locations/4)
#   69|       }
#   70|   
#   71|->     debug_return_str(ret);
#   72|   }
#   73|   

Error: GCC_ANALYZER_WARNING (CWE-401): [#def676]
sudo-1.9.17p2/src/load_plugins.c:41:30: warning[-Wanalyzer-malloc-leak]: leak of ‘<unknown>’
sudo-1.9.17p2/src/load_plugins.c:385:1: enter_function: entry to ‘sudo_load_sudoers_plugin’
sudo-1.9.17p2/src/load_plugins.c:393:8: branch_false: following ‘false’ branch (when ‘info’ is non-NULL)...
sudo-1.9.17p2/src/load_plugins.c:397:25: branch_false: ...to here
sudo-1.9.17p2/src/load_plugins.c:397:25: acquire_memory: allocated here
sudo-1.9.17p2/src/load_plugins.c:399:8: branch_false: following ‘false’ branch...
sudo-1.9.17p2/src/load_plugins.c:405:11: call_function: calling ‘sudo_load_plugin’ from ‘sudo_load_sudoers_plugin’
#   39|   sudo_qualify_plugin(struct plugin_info *info, char *fullpath, size_t pathsize)
#   40|   {
#   41|->     const char *plugin_dir = sudo_conf_plugin_dir_path();
#   42|       int len;
#   43|       debug_decl(sudo_qualify_plugin, SUDO_DEBUG_PLUGIN);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def677]
sudo-1.9.17p2/src/load_plugins.c:41:30: warning[-Wanalyzer-malloc-leak]: leak of ‘info’
sudo-1.9.17p2/src/load_plugins.c:385:1: enter_function: entry to ‘sudo_load_sudoers_plugin’
sudo-1.9.17p2/src/load_plugins.c:392:12: acquire_memory: allocated here
sudo-1.9.17p2/src/load_plugins.c:393:8: branch_false: following ‘false’ branch (when ‘info’ is non-NULL)...
sudo-1.9.17p2/src/load_plugins.c:397:25: branch_false: ...to here
sudo-1.9.17p2/src/load_plugins.c:399:8: branch_false: following ‘false’ branch...
sudo-1.9.17p2/src/load_plugins.c:405:11: call_function: calling ‘sudo_load_plugin’ from ‘sudo_load_sudoers_plugin’
#   39|   sudo_qualify_plugin(struct plugin_info *info, char *fullpath, size_t pathsize)
#   40|   {
#   41|->     const char *plugin_dir = sudo_conf_plugin_dir_path();
#   42|       int len;
#   43|       debug_decl(sudo_qualify_plugin, SUDO_DEBUG_PLUGIN);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def678]
sudo-1.9.17p2/src/load_plugins.c:43:5: warning[-Wanalyzer-malloc-leak]: leak of ‘<unknown>’
sudo-1.9.17p2/src/load_plugins.c:385:1: enter_function: entry to ‘sudo_load_sudoers_plugin’
sudo-1.9.17p2/src/load_plugins.c:393:8: branch_false: following ‘false’ branch (when ‘info’ is non-NULL)...
sudo-1.9.17p2/src/load_plugins.c:397:25: branch_false: ...to here
sudo-1.9.17p2/src/load_plugins.c:397:25: acquire_memory: allocated here
sudo-1.9.17p2/src/load_plugins.c:399:8: branch_false: following ‘false’ branch...
sudo-1.9.17p2/src/load_plugins.c:405:11: call_function: calling ‘sudo_load_plugin’ from ‘sudo_load_sudoers_plugin’
#   41|       const char *plugin_dir = sudo_conf_plugin_dir_path();
#   42|       int len;
#   43|->     debug_decl(sudo_qualify_plugin, SUDO_DEBUG_PLUGIN);
#   44|   
#   45|       if (info->path[0] == '/') {

Error: GCC_ANALYZER_WARNING (CWE-401): [#def679]
sudo-1.9.17p2/src/load_plugins.c:43:5: warning[-Wanalyzer-malloc-leak]: leak of ‘info’
sudo-1.9.17p2/src/load_plugins.c:385:1: enter_function: entry to ‘sudo_load_sudoers_plugin’
sudo-1.9.17p2/src/load_plugins.c:392:12: acquire_memory: allocated here
sudo-1.9.17p2/src/load_plugins.c:393:8: branch_false: following ‘false’ branch (when ‘info’ is non-NULL)...
sudo-1.9.17p2/src/load_plugins.c:397:25: branch_false: ...to here
sudo-1.9.17p2/src/load_plugins.c:399:8: branch_false: following ‘false’ branch...
sudo-1.9.17p2/src/load_plugins.c:405:11: call_function: calling ‘sudo_load_plugin’ from ‘sudo_load_sudoers_plugin’
#   41|       const char *plugin_dir = sudo_conf_plugin_dir_path();
#   42|       int len;
#   43|->     debug_decl(sudo_qualify_plugin, SUDO_DEBUG_PLUGIN);
#   44|   
#   45|       if (info->path[0] == '/') {

Error: GCC_ANALYZER_WARNING (CWE-401): [#def680]
sudo-1.9.17p2/src/load_plugins.c:73:5: warning[-Wanalyzer-malloc-leak]: leak of ‘<unknown>’
sudo-1.9.17p2/src/load_plugins.c:385:1: enter_function: entry to ‘sudo_load_sudoers_plugin’
sudo-1.9.17p2/src/load_plugins.c:393:8: branch_false: following ‘false’ branch (when ‘info’ is non-NULL)...
sudo-1.9.17p2/src/load_plugins.c:397:25: branch_false: ...to here
sudo-1.9.17p2/src/load_plugins.c:397:25: acquire_memory: allocated here
sudo-1.9.17p2/src/load_plugins.c:399:8: branch_false: following ‘false’ branch...
sudo-1.9.17p2/src/load_plugins.c:405:11: call_function: calling ‘sudo_load_plugin’ from ‘sudo_load_sudoers_plugin’
#   71|   	}
#   72|       }
#   73|->     debug_return_bool(true);
#   74|   bad:
#   75|       sudo_warnx(U_("error in %s, line %d while loading plugin \"%s\""),

Error: GCC_ANALYZER_WARNING (CWE-401): [#def681]
sudo-1.9.17p2/src/load_plugins.c:73:5: warning[-Wanalyzer-malloc-leak]: leak of ‘info’
sudo-1.9.17p2/src/load_plugins.c:385:1: enter_function: entry to ‘sudo_load_sudoers_plugin’
sudo-1.9.17p2/src/load_plugins.c:392:12: acquire_memory: allocated here
sudo-1.9.17p2/src/load_plugins.c:393:8: branch_false: following ‘false’ branch (when ‘info’ is non-NULL)...
sudo-1.9.17p2/src/load_plugins.c:397:25: branch_false: ...to here
sudo-1.9.17p2/src/load_plugins.c:399:8: branch_false: following ‘false’ branch...
sudo-1.9.17p2/src/load_plugins.c:405:11: call_function: calling ‘sudo_load_plugin’ from ‘sudo_load_sudoers_plugin’
#   71|   	}
#   72|       }
#   73|->     debug_return_bool(true);
#   74|   bad:
#   75|       sudo_warnx(U_("error in %s, line %d while loading plugin \"%s\""),

Error: GCC_ANALYZER_WARNING (CWE-401): [#def682]
sudo-1.9.17p2/src/load_plugins.c:75:5: warning[-Wanalyzer-malloc-leak]: leak of ‘<unknown>’
sudo-1.9.17p2/src/load_plugins.c:385:1: enter_function: entry to ‘sudo_load_sudoers_plugin’
sudo-1.9.17p2/src/load_plugins.c:393:8: branch_false: following ‘false’ branch (when ‘info’ is non-NULL)...
sudo-1.9.17p2/src/load_plugins.c:397:25: branch_false: ...to here
sudo-1.9.17p2/src/load_plugins.c:397:25: acquire_memory: allocated here
sudo-1.9.17p2/src/load_plugins.c:399:8: branch_false: following ‘false’ branch...
sudo-1.9.17p2/src/load_plugins.c:405:11: call_function: calling ‘sudo_load_plugin’ from ‘sudo_load_sudoers_plugin’
#   73|       debug_return_bool(true);
#   74|   bad:
#   75|->     sudo_warnx(U_("error in %s, line %d while loading plugin \"%s\""),
#   76|   	_PATH_SUDO_CONF, info->lineno, info->symbol_name);
#   77|       if (info->path[0] != '/' && plugin_dir != NULL)

Error: GCC_ANALYZER_WARNING (CWE-401): [#def683]
sudo-1.9.17p2/src/load_plugins.c:75:5: warning[-Wanalyzer-malloc-leak]: leak of ‘info’
sudo-1.9.17p2/src/load_plugins.c:385:1: enter_function: entry to ‘sudo_load_sudoers_plugin’
sudo-1.9.17p2/src/load_plugins.c:392:12: acquire_memory: allocated here
sudo-1.9.17p2/src/load_plugins.c:393:8: branch_false: following ‘false’ branch (when ‘info’ is non-NULL)...
sudo-1.9.17p2/src/load_plugins.c:397:25: branch_false: ...to here
sudo-1.9.17p2/src/load_plugins.c:399:8: branch_false: following ‘false’ branch...
sudo-1.9.17p2/src/load_plugins.c:405:11: call_function: calling ‘sudo_load_plugin’ from ‘sudo_load_sudoers_plugin’
#   73|       debug_return_bool(true);
#   74|   bad:
#   75|->     sudo_warnx(U_("error in %s, line %d while loading plugin \"%s\""),
#   76|   	_PATH_SUDO_CONF, info->lineno, info->symbol_name);
#   77|       if (info->path[0] != '/' && plugin_dir != NULL)

Error: GCC_ANALYZER_WARNING (CWE-401): [#def684]
sudo-1.9.17p2/src/load_plugins.c:97:5: warning[-Wanalyzer-malloc-leak]: leak of ‘container’
sudo-1.9.17p2/src/load_plugins.c:118:1: enter_function: entry to ‘new_container’
sudo-1.9.17p2/src/load_plugins.c:124:22: acquire_memory: allocated here
sudo-1.9.17p2/src/load_plugins.c:124:8: branch_false: following ‘false’ branch (when ‘container’ is non-NULL)...
sudo-1.9.17p2/src/load_plugins.c:128:10: branch_false: ...to here
sudo-1.9.17p2/src/load_plugins.c:128:10: call_function: calling ‘fill_container’ from ‘new_container’
#   95|        const char *path, struct generic_plugin *plugin, struct plugin_info *info)
#   96|   {
#   97|->     debug_decl(fill_container, SUDO_DEBUG_PLUGIN);
#   98|   
#   99|       if ((container->path = strdup(path)) == NULL) {

Error: GCC_ANALYZER_WARNING (CWE-401): [#def685]
sudo-1.9.17p2/src/load_plugins.c:100:9: warning[-Wanalyzer-malloc-leak]: leak of ‘container’
sudo-1.9.17p2/src/load_plugins.c:118:1: enter_function: entry to ‘new_container’
sudo-1.9.17p2/src/load_plugins.c:124:22: acquire_memory: allocated here
sudo-1.9.17p2/src/load_plugins.c:124:8: branch_false: following ‘false’ branch (when ‘container’ is non-NULL)...
sudo-1.9.17p2/src/load_plugins.c:128:10: branch_false: ...to here
sudo-1.9.17p2/src/load_plugins.c:128:10: call_function: calling ‘fill_container’ from ‘new_container’
#   98|   
#   99|       if ((container->path = strdup(path)) == NULL) {
#  100|-> 	sudo_warnx(U_("%s: %s"), __func__, U_("unable to allocate memory"));
#  101|   	debug_return_bool(false);
#  102|       }

Error: GCC_ANALYZER_WARNING (CWE-401): [#def686]
sudo-1.9.17p2/src/load_plugins.c:101:9: warning[-Wanalyzer-malloc-leak]: leak of ‘container’
sudo-1.9.17p2/src/load_plugins.c:118:1: enter_function: entry to ‘new_container’
sudo-1.9.17p2/src/load_plugins.c:124:22: acquire_memory: allocated here
sudo-1.9.17p2/src/load_plugins.c:124:8: branch_false: following ‘false’ branch (when ‘container’ is non-NULL)...
sudo-1.9.17p2/src/load_plugins.c:128:10: branch_false: ...to here
sudo-1.9.17p2/src/load_plugins.c:128:10: call_function: calling ‘fill_container’ from ‘new_container’
#   99|       if ((container->path = strdup(path)) == NULL) {
#  100|   	sudo_warnx(U_("%s: %s"), __func__, U_("unable to allocate memory"));
#  101|-> 	debug_return_bool(false);
#  102|       }
#  103|       container->handle = handle;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def687]
sudo-1.9.17p2/src/load_plugins.c:211:5: warning[-Wanalyzer-malloc-leak]: leak of ‘<unknown>’
sudo-1.9.17p2/src/load_plugins.c:385:1: enter_function: entry to ‘sudo_load_sudoers_plugin’
sudo-1.9.17p2/src/load_plugins.c:393:8: branch_false: following ‘false’ branch (when ‘info’ is non-NULL)...
sudo-1.9.17p2/src/load_plugins.c:397:25: branch_false: ...to here
sudo-1.9.17p2/src/load_plugins.c:397:25: acquire_memory: allocated here
sudo-1.9.17p2/src/load_plugins.c:399:8: branch_false: following ‘false’ branch...
sudo-1.9.17p2/src/load_plugins.c:405:11: call_function: calling ‘sudo_load_plugin’ from ‘sudo_load_sudoers_plugin’
#  209|       void *handle = NULL;
#  210|       bool ret = false;
#  211|->     debug_decl(sudo_load_plugin, SUDO_DEBUG_PLUGIN);
#  212|   
#  213|       /* Fill in path from info and plugin dir. */

Error: GCC_ANALYZER_WARNING (CWE-401): [#def688]
sudo-1.9.17p2/src/load_plugins.c:211:5: warning[-Wanalyzer-malloc-leak]: leak of ‘info’
sudo-1.9.17p2/src/load_plugins.c:385:1: enter_function: entry to ‘sudo_load_sudoers_plugin’
sudo-1.9.17p2/src/load_plugins.c:392:12: acquire_memory: allocated here
sudo-1.9.17p2/src/load_plugins.c:393:8: branch_false: following ‘false’ branch (when ‘info’ is non-NULL)...
sudo-1.9.17p2/src/load_plugins.c:397:25: branch_false: ...to here
sudo-1.9.17p2/src/load_plugins.c:399:8: branch_false: following ‘false’ branch...
sudo-1.9.17p2/src/load_plugins.c:405:11: call_function: calling ‘sudo_load_plugin’ from ‘sudo_load_sudoers_plugin’
#  209|       void *handle = NULL;
#  210|       bool ret = false;
#  211|->     debug_decl(sudo_load_plugin, SUDO_DEBUG_PLUGIN);
#  212|   
#  213|       /* Fill in path from info and plugin dir. */

Error: GCC_ANALYZER_WARNING (CWE-401): [#def689]
sudo-1.9.17p2/src/load_plugins.c:400:9: warning[-Wanalyzer-malloc-leak]: leak of ‘<unknown>’
sudo-1.9.17p2/src/load_plugins.c:393:8: branch_false: following ‘false’ branch (when ‘info’ is non-NULL)...
sudo-1.9.17p2/src/load_plugins.c:397:25: branch_false: ...to here
sudo-1.9.17p2/src/load_plugins.c:398:18: acquire_memory: allocated here
sudo-1.9.17p2/src/load_plugins.c:399:8: branch_true: following ‘true’ branch...
sudo-1.9.17p2/src/load_plugins.c:400:9: branch_true: ...to here
sudo-1.9.17p2/src/load_plugins.c:400:9: danger: ‘<unknown>’ leaks here; was allocated at [(3)](sarif:/runs/0/results/20/codeFlows/0/threadFlows/0/locations/2)
#  398|       info->path = strdup(_PATH_SUDOERS_PLUGIN);
#  399|       if (info->symbol_name == NULL || info->path == NULL) {
#  400|-> 	sudo_warnx(U_("%s: %s"), __func__, U_("unable to allocate memory"));
#  401|   	free_plugin_info(info);
#  402|   	goto done;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def690]
sudo-1.9.17p2/src/load_plugins.c:400:9: warning[-Wanalyzer-malloc-leak]: leak of ‘info’
sudo-1.9.17p2/src/load_plugins.c:392:12: acquire_memory: allocated here
sudo-1.9.17p2/src/load_plugins.c:393:8: branch_false: following ‘false’ branch (when ‘info’ is non-NULL)...
sudo-1.9.17p2/src/load_plugins.c:397:25: branch_false: ...to here
sudo-1.9.17p2/src/load_plugins.c:399:8: branch_true: following ‘true’ branch...
sudo-1.9.17p2/src/load_plugins.c:400:9: branch_true: ...to here
sudo-1.9.17p2/src/load_plugins.c:400:9: danger: ‘info’ leaks here; was allocated at [(1)](sarif:/runs/0/results/22/codeFlows/0/threadFlows/0/locations/0)
#  398|       info->path = strdup(_PATH_SUDOERS_PLUGIN);
#  399|       if (info->symbol_name == NULL || info->path == NULL) {
#  400|-> 	sudo_warnx(U_("%s: %s"), __func__, U_("unable to allocate memory"));
#  401|   	free_plugin_info(info);
#  402|   	goto done;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def691]
sudo-1.9.17p2/src/net_ifs.c:161:17: warning[-Wanalyzer-malloc-leak]: leak of ‘cp’
sudo-1.9.17p2/src/net_ifs.c:119:8: branch_true: following ‘true’ branch...
sudo-1.9.17p2/src/net_ifs.c:122:9: branch_true: ...to here
sudo-1.9.17p2/src/net_ifs.c:122:8: branch_false: following ‘false’ branch...
sudo-1.9.17p2/src/net_ifs.c:126:10: branch_false: ...to here
sudo-1.9.17p2/src/net_ifs.c:141:8: branch_false: following ‘false’ branch (when ‘num_interfaces != 0’)...
sudo-1.9.17p2/src/net_ifs.c:143:13: branch_false: ...to here
sudo-1.9.17p2/src/net_ifs.c:144:15: acquire_memory: allocated here
sudo-1.9.17p2/src/net_ifs.c:144:8: branch_false: following ‘false’ branch (when ‘cp’ is non-NULL)...
 branch_false: ...to here
sudo-1.9.17p2/src/net_ifs.c:151:25: branch_true: following ‘true’ branch (when ‘ifa’ is non-NULL)...
sudo-1.9.17p2/src/net_ifs.c:153:13: branch_true: ...to here
sudo-1.9.17p2/src/net_ifs.c:153:12: branch_false: following ‘false’ branch...
sudo-1.9.17p2/src/net_ifs.c:153:13: branch_false: following ‘false’ branch...
sudo-1.9.17p2/src/net_ifs.c:157:17: branch_false: ...to here
sudo-1.9.17p2/src/net_ifs.c:160:16: branch_true: following ‘true’ branch...
sudo-1.9.17p2/src/net_ifs.c:161:17: branch_true: ...to here
sudo-1.9.17p2/src/net_ifs.c:161:17: danger: ‘cp’ leaks here; was allocated at [(7)](sarif:/runs/0/results/0/codeFlows/0/threadFlows/0/locations/6)
#  159|   	    sin4 = (struct sockaddr_in *)ifa->ifa_addr;
#  160|   	    if (sin4->sin_addr.s_addr == INADDR_ANY || sin4->sin_addr.s_addr == INADDR_NONE) {
#  161|-> 		sudo_debug_printf(SUDO_DEBUG_ERROR|SUDO_DEBUG_LINENO,
#  162|   		    "ignoring unspecified AF_INET addr for %s", ifa->ifa_name);
#  163|   		continue;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def692]
sudo-1.9.17p2/src/net_ifs.c:166:17: warning[-Wanalyzer-malloc-leak]: leak of ‘cp’
sudo-1.9.17p2/src/net_ifs.c:119:8: branch_true: following ‘true’ branch...
sudo-1.9.17p2/src/net_ifs.c:122:9: branch_true: ...to here
sudo-1.9.17p2/src/net_ifs.c:122:8: branch_false: following ‘false’ branch...
sudo-1.9.17p2/src/net_ifs.c:126:10: branch_false: ...to here
sudo-1.9.17p2/src/net_ifs.c:141:8: branch_false: following ‘false’ branch (when ‘num_interfaces != 0’)...
sudo-1.9.17p2/src/net_ifs.c:143:13: branch_false: ...to here
sudo-1.9.17p2/src/net_ifs.c:144:15: acquire_memory: allocated here
sudo-1.9.17p2/src/net_ifs.c:144:8: branch_false: following ‘false’ branch (when ‘cp’ is non-NULL)...
 branch_false: ...to here
sudo-1.9.17p2/src/net_ifs.c:151:25: branch_true: following ‘true’ branch (when ‘ifa’ is non-NULL)...
sudo-1.9.17p2/src/net_ifs.c:153:13: branch_true: ...to here
sudo-1.9.17p2/src/net_ifs.c:153:12: branch_false: following ‘false’ branch...
sudo-1.9.17p2/src/net_ifs.c:153:13: branch_false: following ‘false’ branch...
sudo-1.9.17p2/src/net_ifs.c:157:17: branch_false: ...to here
sudo-1.9.17p2/src/net_ifs.c:160:16: branch_false: following ‘false’ branch...
sudo-1.9.17p2/src/net_ifs.c:165:36: branch_false: ...to here
sudo-1.9.17p2/src/net_ifs.c:165:16: branch_true: following ‘true’ branch...
sudo-1.9.17p2/src/net_ifs.c:166:17: branch_true: ...to here
sudo-1.9.17p2/src/net_ifs.c:166:17: danger: ‘cp’ leaks here; was allocated at [(7)](sarif:/runs/0/results/1/codeFlows/0/threadFlows/0/locations/6)
#  164|   	    }
#  165|   	    if (inet_ntop(AF_INET, &sin4->sin_addr, addrstr, sizeof(addrstr)) == NULL) {
#  166|-> 		sudo_debug_printf(SUDO_DEBUG_ERROR|SUDO_DEBUG_LINENO,
#  167|   		    "ignoring bad AF_INET addr for %s", ifa->ifa_name);
#  168|   		continue;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def693]
sudo-1.9.17p2/src/net_ifs.c:172:17: warning[-Wanalyzer-malloc-leak]: leak of ‘cp’
sudo-1.9.17p2/src/net_ifs.c:119:8: branch_true: following ‘true’ branch...
sudo-1.9.17p2/src/net_ifs.c:122:9: branch_true: ...to here
sudo-1.9.17p2/src/net_ifs.c:122:8: branch_false: following ‘false’ branch...
sudo-1.9.17p2/src/net_ifs.c:126:10: branch_false: ...to here
sudo-1.9.17p2/src/net_ifs.c:141:8: branch_false: following ‘false’ branch (when ‘num_interfaces != 0’)...
sudo-1.9.17p2/src/net_ifs.c:143:13: branch_false: ...to here
sudo-1.9.17p2/src/net_ifs.c:144:15: acquire_memory: allocated here
sudo-1.9.17p2/src/net_ifs.c:144:8: branch_false: following ‘false’ branch (when ‘cp’ is non-NULL)...
 branch_false: ...to here
sudo-1.9.17p2/src/net_ifs.c:151:25: branch_true: following ‘true’ branch (when ‘ifa’ is non-NULL)...
sudo-1.9.17p2/src/net_ifs.c:153:13: branch_true: ...to here
sudo-1.9.17p2/src/net_ifs.c:153:12: branch_false: following ‘false’ branch...
sudo-1.9.17p2/src/net_ifs.c:153:13: branch_false: following ‘false’ branch...
sudo-1.9.17p2/src/net_ifs.c:157:17: branch_false: ...to here
sudo-1.9.17p2/src/net_ifs.c:160:16: branch_false: following ‘false’ branch...
sudo-1.9.17p2/src/net_ifs.c:165:36: branch_false: ...to here
sudo-1.9.17p2/src/net_ifs.c:165:16: branch_false: following ‘false’ branch...
sudo-1.9.17p2/src/net_ifs.c:170:13: branch_false: ...to here
sudo-1.9.17p2/src/net_ifs.c:171:16: branch_true: following ‘true’ branch...
sudo-1.9.17p2/src/net_ifs.c:172:17: branch_true: ...to here
sudo-1.9.17p2/src/net_ifs.c:172:17: danger: ‘cp’ leaks here; was allocated at [(7)](sarif:/runs/0/results/2/codeFlows/0/threadFlows/0/locations/6)
#  170|   	    sin4 = (struct sockaddr_in *)ifa->ifa_netmask;
#  171|   	    if (inet_ntop(AF_INET, &sin4->sin_addr, maskstr, sizeof(maskstr)) == NULL) {
#  172|-> 		sudo_debug_printf(SUDO_DEBUG_ERROR|SUDO_DEBUG_LINENO,
#  173|   		    "ignoring bad AF_INET mask for %s", ifa->ifa_name);
#  174|   		continue;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def694]
sudo-1.9.17p2/src/net_ifs.c:181:17: warning[-Wanalyzer-malloc-leak]: leak of ‘cp’
sudo-1.9.17p2/src/net_ifs.c:119:8: branch_true: following ‘true’ branch...
sudo-1.9.17p2/src/net_ifs.c:122:9: branch_true: ...to here
sudo-1.9.17p2/src/net_ifs.c:122:8: branch_false: following ‘false’ branch...
sudo-1.9.17p2/src/net_ifs.c:126:10: branch_false: ...to here
sudo-1.9.17p2/src/net_ifs.c:141:8: branch_false: following ‘false’ branch (when ‘num_interfaces != 0’)...
sudo-1.9.17p2/src/net_ifs.c:143:13: branch_false: ...to here
sudo-1.9.17p2/src/net_ifs.c:144:15: acquire_memory: allocated here
sudo-1.9.17p2/src/net_ifs.c:144:8: branch_false: following ‘false’ branch (when ‘cp’ is non-NULL)...
 branch_false: ...to here
sudo-1.9.17p2/src/net_ifs.c:151:25: branch_true: following ‘true’ branch (when ‘ifa’ is non-NULL)...
sudo-1.9.17p2/src/net_ifs.c:153:13: branch_true: ...to here
sudo-1.9.17p2/src/net_ifs.c:153:12: branch_false: following ‘false’ branch...
sudo-1.9.17p2/src/net_ifs.c:153:13: branch_false: following ‘false’ branch...
sudo-1.9.17p2/src/net_ifs.c:157:17: branch_false: ...to here
sudo-1.9.17p2/src/net_ifs.c:180:17: branch_true: following ‘true’ branch...
sudo-1.9.17p2/src/net_ifs.c:181:17: danger: ‘cp’ leaks here; was allocated at [(7)](sarif:/runs/0/results/3/codeFlows/0/threadFlows/0/locations/6)
#  179|   	    sin6 = (struct sockaddr_in6 *)ifa->ifa_addr;
#  180|   	    if (IN6_IS_ADDR_UNSPECIFIED(&sin6->sin6_addr)) {
#  181|-> 		sudo_debug_printf(SUDO_DEBUG_ERROR|SUDO_DEBUG_LINENO,
#  182|   		    "ignoring unspecified AF_INET6 addr for %s", ifa->ifa_name);
#  183|   		continue;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def695]
sudo-1.9.17p2/src/net_ifs.c:186:17: warning[-Wanalyzer-malloc-leak]: leak of ‘cp’
sudo-1.9.17p2/src/net_ifs.c:119:8: branch_true: following ‘true’ branch...
sudo-1.9.17p2/src/net_ifs.c:122:9: branch_true: ...to here
sudo-1.9.17p2/src/net_ifs.c:122:8: branch_false: following ‘false’ branch...
sudo-1.9.17p2/src/net_ifs.c:126:10: branch_false: ...to here
sudo-1.9.17p2/src/net_ifs.c:141:8: branch_false: following ‘false’ branch (when ‘num_interfaces != 0’)...
sudo-1.9.17p2/src/net_ifs.c:143:13: branch_false: ...to here
sudo-1.9.17p2/src/net_ifs.c:144:15: acquire_memory: allocated here
sudo-1.9.17p2/src/net_ifs.c:144:8: branch_false: following ‘false’ branch (when ‘cp’ is non-NULL)...
 branch_false: ...to here
sudo-1.9.17p2/src/net_ifs.c:151:25: branch_true: following ‘true’ branch (when ‘ifa’ is non-NULL)...
sudo-1.9.17p2/src/net_ifs.c:153:13: branch_true: ...to here
sudo-1.9.17p2/src/net_ifs.c:153:12: branch_false: following ‘false’ branch...
sudo-1.9.17p2/src/net_ifs.c:153:13: branch_false: following ‘false’ branch...
sudo-1.9.17p2/src/net_ifs.c:157:17: branch_false: ...to here
sudo-1.9.17p2/src/net_ifs.c:185:16: branch_true: following ‘true’ branch...
sudo-1.9.17p2/src/net_ifs.c:186:17: branch_true: ...to here
sudo-1.9.17p2/src/net_ifs.c:186:17: danger: ‘cp’ leaks here; was allocated at [(7)](sarif:/runs/0/results/4/codeFlows/0/threadFlows/0/locations/6)
#  184|   	    }
#  185|   	    if (inet_ntop(AF_INET6, &sin6->sin6_addr, addrstr, sizeof(addrstr)) == NULL) {
#  186|-> 		sudo_debug_printf(SUDO_DEBUG_ERROR|SUDO_DEBUG_LINENO,
#  187|   		    "ignoring bad AF_INET6 addr for %s", ifa->ifa_name);
#  188|   		continue;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def696]
sudo-1.9.17p2/src/net_ifs.c:192:17: warning[-Wanalyzer-malloc-leak]: leak of ‘cp’
sudo-1.9.17p2/src/net_ifs.c:119:8: branch_true: following ‘true’ branch...
sudo-1.9.17p2/src/net_ifs.c:122:9: branch_true: ...to here
sudo-1.9.17p2/src/net_ifs.c:122:8: branch_false: following ‘false’ branch...
sudo-1.9.17p2/src/net_ifs.c:126:10: branch_false: ...to here
sudo-1.9.17p2/src/net_ifs.c:141:8: branch_false: following ‘false’ branch (when ‘num_interfaces != 0’)...
sudo-1.9.17p2/src/net_ifs.c:143:13: branch_false: ...to here
sudo-1.9.17p2/src/net_ifs.c:144:15: acquire_memory: allocated here
sudo-1.9.17p2/src/net_ifs.c:144:8: branch_false: following ‘false’ branch (when ‘cp’ is non-NULL)...
 branch_false: ...to here
sudo-1.9.17p2/src/net_ifs.c:151:25: branch_true: following ‘true’ branch (when ‘ifa’ is non-NULL)...
sudo-1.9.17p2/src/net_ifs.c:153:13: branch_true: ...to here
sudo-1.9.17p2/src/net_ifs.c:153:12: branch_false: following ‘false’ branch...
sudo-1.9.17p2/src/net_ifs.c:153:13: branch_false: following ‘false’ branch...
sudo-1.9.17p2/src/net_ifs.c:157:17: branch_false: ...to here
sudo-1.9.17p2/src/net_ifs.c:185:16: branch_false: following ‘false’ branch...
sudo-1.9.17p2/src/net_ifs.c:190:13: branch_false: ...to here
sudo-1.9.17p2/src/net_ifs.c:191:16: branch_true: following ‘true’ branch...
sudo-1.9.17p2/src/net_ifs.c:192:17: branch_true: ...to here
sudo-1.9.17p2/src/net_ifs.c:192:17: danger: ‘cp’ leaks here; was allocated at [(7)](sarif:/runs/0/results/5/codeFlows/0/threadFlows/0/locations/6)
#  190|   	    sin6 = (struct sockaddr_in6 *)ifa->ifa_netmask;
#  191|   	    if (inet_ntop(AF_INET6, &sin6->sin6_addr, maskstr, sizeof(maskstr)) == NULL) {
#  192|-> 		sudo_debug_printf(SUDO_DEBUG_ERROR|SUDO_DEBUG_LINENO,
#  193|   		    "ignoring bad AF_INET6 mask for %s", ifa->ifa_name);
#  194|   		continue;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def697]
sudo-1.9.17p2/src/preserve_fds.c:49:22: warning[-Wanalyzer-malloc-leak]: leak of ‘pfd_new’
sudo-1.9.17p2/src/preserve_fds.c:44:15: acquire_memory: allocated here
sudo-1.9.17p2/src/preserve_fds.c:45:8: branch_false: following ‘false’ branch (when ‘pfd_new’ is non-NULL)...
sudo-1.9.17p2/src/preserve_fds.c:47:5: branch_false: ...to here
sudo-1.9.17p2/src/preserve_fds.c:49:22: danger: ‘pfd_new’ leaks here; was allocated at [(1)](sarif:/runs/0/results/0/codeFlows/0/threadFlows/0/locations/0)
#   47|       pfd_new->lowfd = fd;
#   48|       pfd_new->highfd = fd;
#   49|->     pfd_new->flags = fcntl(fd, F_GETFD);
#   50|       if (pfd_new->flags == -1) {
#   51|   	free(pfd_new);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def698]
sudo-1.9.17p2/src/preserve_fds.c:58:13: warning[-Wanalyzer-malloc-leak]: leak of ‘pfd_new’
sudo-1.9.17p2/src/preserve_fds.c:44:15: acquire_memory: allocated here
sudo-1.9.17p2/src/preserve_fds.c:45:8: branch_false: following ‘false’ branch (when ‘pfd_new’ is non-NULL)...
sudo-1.9.17p2/src/preserve_fds.c:47:5: branch_false: ...to here
sudo-1.9.17p2/src/preserve_fds.c:50:8: branch_false: following ‘false’ branch...
sudo-1.9.17p2/src/preserve_fds.c:55:5: branch_false: ...to here
sudo-1.9.17p2/src/preserve_fds.c:55:5: branch_true: following ‘true’ branch (when ‘pfd’ is non-NULL)...
sudo-1.9.17p2/src/preserve_fds.c:56:19: branch_true: ...to here
sudo-1.9.17p2/src/preserve_fds.c:56:12: branch_true: following ‘true’ branch...
sudo-1.9.17p2/src/preserve_fds.c:58:13: branch_true: ...to here
sudo-1.9.17p2/src/preserve_fds.c:58:13: danger: ‘pfd_new’ leaks here; was allocated at [(1)](sarif:/runs/0/results/1/codeFlows/0/threadFlows/0/locations/0)
#   56|   	if (fd == pfd->highfd) {
#   57|   	    /* already preserved */
#   58|-> 	    sudo_debug_printf(SUDO_DEBUG_DEBUG|SUDO_DEBUG_LINENO,
#   59|   		"fd %d already preserved", fd);
#   60|   	    free(pfd_new);

Error: GCC_ANALYZER_WARNING (CWE-775): [#def699]
sudo-1.9.17p2/src/preserve_fds.c:107:13: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘fd’
sudo-1.9.17p2/src/preserve_fds.c:94:5: branch_true: following ‘true’ branch (when ‘pfd’ is non-NULL)...
sudo-1.9.17p2/src/preserve_fds.c:94:5: branch_true: ...to here
sudo-1.9.17p2/src/preserve_fds.c:95:12: branch_false: following ‘false’ branch...
sudo-1.9.17p2/src/preserve_fds.c:97:14: branch_false: ...to here
sudo-1.9.17p2/src/preserve_fds.c:97:14: acquire_resource: opened here
sudo-1.9.17p2/src/preserve_fds.c:98:12: branch_false: following ‘false’ branch (when ‘fd != -1’)...
sudo-1.9.17p2/src/preserve_fds.c:106:25: branch_false: ...to here
sudo-1.9.17p2/src/preserve_fds.c:106:19: branch_true: following ‘true’ branch...
sudo-1.9.17p2/src/preserve_fds.c:107:13: branch_true: ...to here
sudo-1.9.17p2/src/preserve_fds.c:107:13: danger: ‘fd’ leaks here; was opened at [(5)](sarif:/runs/0/results/2/codeFlows/0/threadFlows/0/locations/4)
#  105|   	    /* NOTE: still need to adjust lastfd below with unchanged lowfd. */
#  106|   	} else if (fd < pfd->highfd) {
#  107|-> 	    sudo_debug_printf(SUDO_DEBUG_DEBUG|SUDO_DEBUG_LINENO,
#  108|   		"dup %d -> %d", pfd->highfd, pfd->lowfd);
#  109|   	    sudo_debug_update_fd(pfd->highfd, pfd->lowfd);

Error: GCC_ANALYZER_WARNING (CWE-775): [#def700]
sudo-1.9.17p2/src/preserve_fds.c:109:13: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘fd’
sudo-1.9.17p2/src/preserve_fds.c:94:5: branch_true: following ‘true’ branch (when ‘pfd’ is non-NULL)...
sudo-1.9.17p2/src/preserve_fds.c:94:5: branch_true: ...to here
sudo-1.9.17p2/src/preserve_fds.c:95:12: branch_false: following ‘false’ branch...
sudo-1.9.17p2/src/preserve_fds.c:97:14: branch_false: ...to here
sudo-1.9.17p2/src/preserve_fds.c:97:14: acquire_resource: opened here
sudo-1.9.17p2/src/preserve_fds.c:98:12: branch_false: following ‘false’ branch (when ‘fd != -1’)...
sudo-1.9.17p2/src/preserve_fds.c:106:25: branch_false: ...to here
sudo-1.9.17p2/src/preserve_fds.c:106:19: branch_true: following ‘true’ branch...
sudo-1.9.17p2/src/preserve_fds.c:107:13: branch_true: ...to here
sudo-1.9.17p2/src/preserve_fds.c:109:13: danger: ‘fd’ leaks here; was opened at [(5)](sarif:/runs/0/results/3/codeFlows/0/threadFlows/0/locations/4)
#  107|   	    sudo_debug_printf(SUDO_DEBUG_DEBUG|SUDO_DEBUG_LINENO,
#  108|   		"dup %d -> %d", pfd->highfd, pfd->lowfd);
#  109|-> 	    sudo_debug_update_fd(pfd->highfd, pfd->lowfd);
#  110|   	    pfd->lowfd = fd;
#  111|   	    fd = pfd->highfd;

Error: GCC_ANALYZER_WARNING (CWE-775): [#def701]
sudo-1.9.17p2/src/preserve_fds.c:114:20: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘fd’
sudo-1.9.17p2/src/preserve_fds.c:94:5: branch_true: following ‘true’ branch (when ‘pfd’ is non-NULL)...
sudo-1.9.17p2/src/preserve_fds.c:94:5: branch_true: ...to here
sudo-1.9.17p2/src/preserve_fds.c:95:12: branch_false: following ‘false’ branch...
sudo-1.9.17p2/src/preserve_fds.c:97:14: branch_false: ...to here
sudo-1.9.17p2/src/preserve_fds.c:97:14: acquire_resource: opened here
sudo-1.9.17p2/src/preserve_fds.c:98:12: branch_false: following ‘false’ branch (when ‘fd != -1’)...
sudo-1.9.17p2/src/preserve_fds.c:106:25: branch_false: ...to here
sudo-1.9.17p2/src/preserve_fds.c:106:19: branch_false: following ‘false’ branch...
sudo-1.9.17p2/src/preserve_fds.c:113:12: branch_false: ...to here
sudo-1.9.17p2/src/preserve_fds.c:113:12: branch_true: following ‘true’ branch (when ‘fd != -1’)...
sudo-1.9.17p2/src/preserve_fds.c:114:20: branch_true: ...to here
sudo-1.9.17p2/src/preserve_fds.c:114:20: danger: ‘fd’ leaks here; was opened at [(5)](sarif:/runs/0/results/4/codeFlows/0/threadFlows/0/locations/4)
#  112|   	}
#  113|   	if (fd != -1)
#  114|-> 	    (void) close(fd);
#  115|   
#  116|   	if (pfd->lowfd > lastfd)

Error: GCC_ANALYZER_WARNING (CWE-401): [#def702]
sudo-1.9.17p2/src/preserve_fds.c:141:13: warning[-Wanalyzer-malloc-leak]: leak of ‘fdbits’
sudo-1.9.17p2/src/preserve_fds.c:113:12: branch_false: following ‘false’ branch (when ‘fd == -1’)...
sudo-1.9.17p2/src/preserve_fds.c:116:13: branch_false: ...to here
sudo-1.9.17p2/src/preserve_fds.c:120:8: branch_false: following ‘false’ branch (when ‘lastfd != -1’)...
sudo-1.9.17p2/src/preserve_fds.c:129:29: branch_false: ...to here
sudo-1.9.17p2/src/preserve_fds.c:129:14: acquire_memory: allocated here
sudo-1.9.17p2/src/preserve_fds.c:130:8: branch_false: following ‘false’ branch (when ‘fdbits’ is non-NULL)...
sudo-1.9.17p2/src/preserve_fds.c:132:5: branch_false: ...to here
sudo-1.9.17p2/src/preserve_fds.c:132:5: branch_false: following ‘false’ branch (when ‘pfd’ is NULL)...
 branch_false: ...to here
sudo-1.9.17p2/src/preserve_fds.c:139:24: branch_true: following ‘true’ branch (when ‘fd <= lastfd’)...
sudo-1.9.17p2/src/preserve_fds.c:140:14: branch_true: ...to here
sudo-1.9.17p2/src/preserve_fds.c:140:12: branch_true: following ‘true’ branch...
sudo-1.9.17p2/src/preserve_fds.c:141:13: branch_true: ...to here
sudo-1.9.17p2/src/preserve_fds.c:141:13: danger: ‘fdbits’ leaks here; was allocated at [(5)](sarif:/runs/0/results/5/codeFlows/0/threadFlows/0/locations/4)
#  139|       for (fd = startfd; fd <= lastfd; fd++) {
#  140|   	if (!sudo_isset(fdbits, fd)) {
#  141|-> 	    sudo_debug_printf(SUDO_DEBUG_DEBUG|SUDO_DEBUG_LINENO,
#  142|   		"closing fd %d", fd);
#  143|   #ifdef __APPLE__

Error: GCC_ANALYZER_WARNING (CWE-401): [#def703]
sudo-1.9.17p2/src/preserve_fds.c:147:20: warning[-Wanalyzer-malloc-leak]: leak of ‘fdbits’
sudo-1.9.17p2/src/preserve_fds.c:113:12: branch_false: following ‘false’ branch (when ‘fd == -1’)...
sudo-1.9.17p2/src/preserve_fds.c:116:13: branch_false: ...to here
sudo-1.9.17p2/src/preserve_fds.c:120:8: branch_false: following ‘false’ branch (when ‘lastfd != -1’)...
sudo-1.9.17p2/src/preserve_fds.c:129:29: branch_false: ...to here
sudo-1.9.17p2/src/preserve_fds.c:129:14: acquire_memory: allocated here
sudo-1.9.17p2/src/preserve_fds.c:130:8: branch_false: following ‘false’ branch (when ‘fdbits’ is non-NULL)...
sudo-1.9.17p2/src/preserve_fds.c:132:5: branch_false: ...to here
sudo-1.9.17p2/src/preserve_fds.c:132:5: branch_false: following ‘false’ branch (when ‘pfd’ is NULL)...
 branch_false: ...to here
sudo-1.9.17p2/src/preserve_fds.c:139:24: branch_true: following ‘true’ branch (when ‘fd <= lastfd’)...
sudo-1.9.17p2/src/preserve_fds.c:140:14: branch_true: ...to here
sudo-1.9.17p2/src/preserve_fds.c:140:12: branch_true: following ‘true’ branch...
sudo-1.9.17p2/src/preserve_fds.c:141:13: branch_true: ...to here
sudo-1.9.17p2/src/preserve_fds.c:147:20: danger: ‘fdbits’ leaks here; was allocated at [(5)](sarif:/runs/0/results/6/codeFlows/0/threadFlows/0/locations/4)
#  145|   	    (void) fcntl(fd, F_SETFD, FD_CLOEXEC);
#  146|   #else
#  147|-> 	    (void) close(fd);
#  148|   #endif
#  149|   	}

Error: GCC_ANALYZER_WARNING (CWE-775): [#def704]
sudo-1.9.17p2/src/preserve_fds.c:163:16: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘dup2(*pfd.lowfd, *pfd.highfd)’
sudo-1.9.17p2/src/preserve_fds.c:113:12: branch_false: following ‘false’ branch (when ‘fd == -1’)...
sudo-1.9.17p2/src/preserve_fds.c:116:13: branch_false: ...to here
sudo-1.9.17p2/src/preserve_fds.c:120:8: branch_false: following ‘false’ branch (when ‘lastfd != -1’)...
sudo-1.9.17p2/src/preserve_fds.c:129:29: branch_false: ...to here
sudo-1.9.17p2/src/preserve_fds.c:130:8: branch_false: following ‘false’ branch (when ‘fdbits’ is non-NULL)...
sudo-1.9.17p2/src/preserve_fds.c:132:5: branch_false: ...to here
sudo-1.9.17p2/src/preserve_fds.c:161:5: branch_true: following ‘true’ branch (when ‘pfd’ is non-NULL)...
sudo-1.9.17p2/src/preserve_fds.c:162:13: branch_true: ...to here
sudo-1.9.17p2/src/preserve_fds.c:162:12: branch_true: following ‘true’ branch...
sudo-1.9.17p2/src/preserve_fds.c:163:17: branch_true: ...to here
sudo-1.9.17p2/src/preserve_fds.c:163:17: acquire_resource: opened here
sudo-1.9.17p2/src/preserve_fds.c:163:16: danger: ‘dup2(*pfd.lowfd, *pfd.highfd)’ leaks here; was opened at [(11)](sarif:/runs/0/results/7/codeFlows/0/threadFlows/0/locations/10)
#  161|       TAILQ_FOREACH_REVERSE(pfd, pfds, preserved_fd_list, entries) {
#  162|   	if (pfd->lowfd != pfd->highfd) {
#  163|-> 	    if (dup2(pfd->lowfd, pfd->highfd) == -1) {
#  164|   		sudo_debug_printf(SUDO_DEBUG_ERROR|SUDO_DEBUG_LINENO,
#  165|   		    "dup2(%d, %d): %s", pfd->lowfd, pfd->highfd,

Error: GCC_ANALYZER_WARNING (CWE-775): [#def705]
sudo-1.9.17p2/src/selinux.c:256:12: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘dup3(se_state.ttyfd,  ptyfd,  flags)’
sudo-1.9.17p2/src/selinux.c:168:1: enter_function: entry to ‘selinux_relabel_tty’
sudo-1.9.17p2/src/selinux.c:179:8: branch_false: following ‘false’ branch...
sudo-1.9.17p2/src/selinux.c:184:5: branch_false: ...to here
sudo-1.9.17p2/src/selinux.c:202:8: branch_false: following ‘false’ branch...
sudo-1.9.17p2/src/selinux.c:207:9: branch_false: ...to here
sudo-1.9.17p2/src/selinux.c:207:8: branch_false: following ‘false’ branch...
sudo-1.9.17p2/src/selinux.c:220:9: branch_false: ...to here
sudo-1.9.17p2/src/selinux.c:220:8: branch_false: following ‘false’ branch...
sudo-1.9.17p2/src/selinux.c:229:8: branch_false: ...to here
sudo-1.9.17p2/src/selinux.c:229:8: branch_true: following ‘true’ branch (when ‘ptyfd != -1’)...
sudo-1.9.17p2/src/selinux.c:233:26: call_function: inlined call to ‘open’ from ‘selinux_relabel_tty’
sudo-1.9.17p2/src/selinux.c:234:12: branch_false: following ‘false’ branch...
sudo-1.9.17p2/src/selinux.c:238:12: branch_false: following ‘false’ branch...
sudo-1.9.17p2/src/selinux.c:244:23: branch_false: ...to here
sudo-1.9.17p2/src/selinux.c:244:12: branch_false: following ‘false’ branch...
sudo-1.9.17p2/src/selinux.c:248:13: branch_false: ...to here
sudo-1.9.17p2/src/selinux.c:250:12: branch_false: following ‘false’ branch...
sudo-1.9.17p2/src/selinux.c:254:13: branch_false: ...to here
sudo-1.9.17p2/src/selinux.c:256:13: acquire_resource: opened here
sudo-1.9.17p2/src/selinux.c:256:12: danger: ‘dup3(se_state.ttyfd,  ptyfd,  flags)’ leaks here; was opened at [(21)](sarif:/runs/0/results/0/codeFlows/0/threadFlows/0/locations/20)
#  254|   	if (ISSET(oflags, FD_CLOEXEC))
#  255|   	    flags |= O_CLOEXEC;
#  256|-> 	if (dup3(se_state.ttyfd, ptyfd, flags) == -1) {
#  257|   	    sudo_warn("dup3");
#  258|   	    goto bad;

Error: GCC_ANALYZER_WARNING (CWE-775): [#def706]
sudo-1.9.17p2/src/selinux.c:276:17: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘dup2(se_state.ttyfd,  fd)’
sudo-1.9.17p2/src/selinux.c:179:8: branch_false: following ‘false’ branch...
sudo-1.9.17p2/src/selinux.c:184:5: branch_false: ...to here
sudo-1.9.17p2/src/selinux.c:189:12: branch_false: following ‘false’ branch...
sudo-1.9.17p2/src/selinux.c:193:12: branch_false: following ‘false’ branch...
sudo-1.9.17p2/src/selinux.c:199:13: branch_false: ...to here
sudo-1.9.17p2/src/selinux.c:202:8: branch_false: following ‘false’ branch...
sudo-1.9.17p2/src/selinux.c:207:9: branch_false: ...to here
sudo-1.9.17p2/src/selinux.c:207:8: branch_false: following ‘false’ branch...
sudo-1.9.17p2/src/selinux.c:220:9: branch_false: ...to here
sudo-1.9.17p2/src/selinux.c:220:8: branch_false: following ‘false’ branch...
sudo-1.9.17p2/src/selinux.c:229:8: branch_false: ...to here
sudo-1.9.17p2/src/selinux.c:229:8: branch_false: following ‘false’ branch (when ‘ptyfd == -1’)...
sudo-1.9.17p2/src/selinux.c:262:9: branch_false: ...to here
sudo-1.9.17p2/src/selinux.c:264:12: branch_false: following ‘false’ branch...
sudo-1.9.17p2/src/selinux.c:268:12: branch_false: following ‘false’ branch...
sudo-1.9.17p2/src/selinux.c:274:13: branch_false: ...to here
sudo-1.9.17p2/src/selinux.c:275:33: branch_true: following ‘true’ branch (when ‘fd != 3’)...
sudo-1.9.17p2/src/selinux.c:276:17: branch_true: ...to here
sudo-1.9.17p2/src/selinux.c:276:16: branch_true: following ‘true’ branch...
sudo-1.9.17p2/src/selinux.c:276:41: branch_true: ...to here
sudo-1.9.17p2/src/selinux.c:276:41: acquire_resource: opened here
sudo-1.9.17p2/src/selinux.c:276:17: danger: ‘dup2(se_state.ttyfd,  fd)’ leaks here; was opened at [(23)](sarif:/runs/0/results/1/codeFlows/0/threadFlows/0/locations/22)
#  274|   	    fcntl(se_state.ttyfd, F_GETFL, 0) & ~O_NONBLOCK);
#  275|   	for (fd = STDIN_FILENO; fd <= STDERR_FILENO; fd++) {
#  276|-> 	    if (sudo_isatty(fd, &sb) && dup2(se_state.ttyfd, fd) == -1) {
#  277|   		sudo_warn("dup2");
#  278|   		goto bad;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def707]
sudo-1.9.17p2/src/selinux.c:365:9: warning[-Wanalyzer-malloc-leak]: leak of ‘new_context’
sudo-1.9.17p2/src/selinux.c:322:8: branch_false: following ‘false’ branch (when ‘role’ is non-NULL)...
sudo-1.9.17p2/src/selinux.c:327:8: branch_false: ...to here
sudo-1.9.17p2/src/selinux.c:327:8: branch_false: following ‘false’ branch (when ‘type’ is non-NULL)...
sudo-1.9.17p2/src/selinux.c:340:32: branch_false: ...to here
sudo-1.9.17p2/src/selinux.c:340:8: branch_false: following ‘false’ branch...
sudo-1.9.17p2/src/selinux.c:349:9: branch_false: ...to here
sudo-1.9.17p2/src/selinux.c:349:8: branch_false: following ‘false’ branch...
sudo-1.9.17p2/src/selinux.c:353:9: branch_false: ...to here
sudo-1.9.17p2/src/selinux.c:353:8: branch_false: following ‘false’ branch...
sudo-1.9.17p2/src/selinux.c:361:24: branch_false: ...to here
sudo-1.9.17p2/src/selinux.c:361:24: acquire_memory: allocated here
sudo-1.9.17p2/src/selinux.c:361:8: branch_false: following ‘false’ branch (when ‘new_context’ is non-NULL)...
sudo-1.9.17p2/src/selinux.c:365:9: branch_false: ...to here
sudo-1.9.17p2/src/selinux.c:365:9: danger: ‘new_context’ leaks here; was allocated at [(11)](sarif:/runs/0/results/2/codeFlows/0/threadFlows/0/locations/10)
#  363|   	goto done;
#  364|       }
#  365|->     if (security_check_context(new_context) == -1) {
#  366|   	sudo_warnx(U_("%s is not a valid context"), new_context);
#  367|   	errno = EINVAL;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def708]
sudo-1.9.17p2/src/selinux.c:366:9: warning[-Wanalyzer-malloc-leak]: leak of ‘new_context’
sudo-1.9.17p2/src/selinux.c:322:8: branch_false: following ‘false’ branch (when ‘role’ is non-NULL)...
sudo-1.9.17p2/src/selinux.c:327:8: branch_false: ...to here
sudo-1.9.17p2/src/selinux.c:327:8: branch_false: following ‘false’ branch (when ‘type’ is non-NULL)...
sudo-1.9.17p2/src/selinux.c:340:32: branch_false: ...to here
sudo-1.9.17p2/src/selinux.c:340:8: branch_false: following ‘false’ branch...
sudo-1.9.17p2/src/selinux.c:349:9: branch_false: ...to here
sudo-1.9.17p2/src/selinux.c:349:8: branch_false: following ‘false’ branch...
sudo-1.9.17p2/src/selinux.c:353:9: branch_false: ...to here
sudo-1.9.17p2/src/selinux.c:353:8: branch_false: following ‘false’ branch...
sudo-1.9.17p2/src/selinux.c:361:24: branch_false: ...to here
sudo-1.9.17p2/src/selinux.c:361:24: acquire_memory: allocated here
sudo-1.9.17p2/src/selinux.c:361:8: branch_false: following ‘false’ branch (when ‘new_context’ is non-NULL)...
sudo-1.9.17p2/src/selinux.c:365:9: branch_false: ...to here
sudo-1.9.17p2/src/selinux.c:365:8: branch_true: following ‘true’ branch...
sudo-1.9.17p2/src/selinux.c:366:9: branch_true: ...to here
sudo-1.9.17p2/src/selinux.c:366:9: danger: ‘new_context’ leaks here; was allocated at [(11)](sarif:/runs/0/results/3/codeFlows/0/threadFlows/0/locations/10)
#  364|       }
#  365|       if (security_check_context(new_context) == -1) {
#  366|-> 	sudo_warnx(U_("%s is not a valid context"), new_context);
#  367|   	errno = EINVAL;
#  368|   	goto done;

Error: GCC_ANALYZER_WARNING (CWE-775): [#def709]
sudo-1.9.17p2/src/sudo.c:376:13: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘dup2(__open_alias("/dev/null", 2, 420), 0)’
sudo-1.9.17p2/src/sudo.c:374:12: branch_false: following ‘false’ branch...
sudo-1.9.17p2/src/sudo.c:376:12: branch_false: ...to here
sudo-1.9.17p2/src/sudo.c:376:12: branch_true: following ‘true’ branch...
sudo-1.9.17p2/src/sudo.c:376:35: branch_true: ...to here
sudo-1.9.17p2/src/sudo.c:376:35: acquire_resource: opened here
sudo-1.9.17p2/src/sudo.c:376:13: danger: ‘dup2(__open_alias("/dev/null", 2, 420), 0)’ leaks here; was opened at [(5)](sarif:/runs/0/results/0/codeFlows/0/threadFlows/0/locations/4)
#  374|   	if (devnull == -1)
#  375|   	    sudo_fatal(U_("unable to open %s"), _PATH_DEVNULL);
#  376|-> 	if (miss[STDIN_FILENO] && dup2(devnull, STDIN_FILENO) == -1)
#  377|   	    sudo_fatal("dup2");
#  378|   	if (miss[STDOUT_FILENO] && dup2(devnull, STDOUT_FILENO) == -1)

Error: GCC_ANALYZER_WARNING (CWE-775): [#def710]
sudo-1.9.17p2/src/sudo.c:378:13: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘dup2(__open_alias("/dev/null", 2, 420), 1)’
sudo-1.9.17p2/src/sudo.c:374:12: branch_false: following ‘false’ branch...
sudo-1.9.17p2/src/sudo.c:376:12: branch_false: ...to here
sudo-1.9.17p2/src/sudo.c:378:12: branch_true: following ‘true’ branch...
sudo-1.9.17p2/src/sudo.c:378:36: branch_true: ...to here
sudo-1.9.17p2/src/sudo.c:378:36: acquire_resource: opened here
sudo-1.9.17p2/src/sudo.c:378:13: danger: ‘dup2(__open_alias("/dev/null", 2, 420), 1)’ leaks here; was opened at [(5)](sarif:/runs/0/results/1/codeFlows/0/threadFlows/0/locations/4)
#  376|   	if (miss[STDIN_FILENO] && dup2(devnull, STDIN_FILENO) == -1)
#  377|   	    sudo_fatal("dup2");
#  378|-> 	if (miss[STDOUT_FILENO] && dup2(devnull, STDOUT_FILENO) == -1)
#  379|   	    sudo_fatal("dup2");
#  380|   	if (miss[STDERR_FILENO] && dup2(devnull, STDERR_FILENO) == -1)

Error: GCC_ANALYZER_WARNING (CWE-775): [#def711]
sudo-1.9.17p2/src/sudo.c:380:13: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘dup2(__open_alias("/dev/null", 2, 420), 2)’
sudo-1.9.17p2/src/sudo.c:374:12: branch_false: following ‘false’ branch...
sudo-1.9.17p2/src/sudo.c:376:12: branch_false: ...to here
sudo-1.9.17p2/src/sudo.c:376:13: branch_false: following ‘false’ branch...
sudo-1.9.17p2/src/sudo.c:378:12: branch_false: ...to here
sudo-1.9.17p2/src/sudo.c:380:12: branch_true: following ‘true’ branch...
sudo-1.9.17p2/src/sudo.c:380:36: branch_true: ...to here
sudo-1.9.17p2/src/sudo.c:380:36: acquire_resource: opened here
sudo-1.9.17p2/src/sudo.c:380:13: danger: ‘dup2(__open_alias("/dev/null", 2, 420), 2)’ leaks here; was opened at [(7)](sarif:/runs/0/results/2/codeFlows/0/threadFlows/0/locations/6)
#  378|   	if (miss[STDOUT_FILENO] && dup2(devnull, STDOUT_FILENO) == -1)
#  379|   	    sudo_fatal("dup2");
#  380|-> 	if (miss[STDERR_FILENO] && dup2(devnull, STDERR_FILENO) == -1)
#  381|   	    sudo_fatal("dup2");
#  382|   	if (devnull > STDERR_FILENO)

Error: GCC_ANALYZER_WARNING (CWE-401): [#def712]
sudo-1.9.17p2/src/sudo.c:438:5: warning[-Wanalyzer-malloc-leak]: leak of ‘info’
sudo-1.9.17p2/src/sudo.c:507:1: enter_function: entry to ‘get_user_info’
sudo-1.9.17p2/src/sudo.c:534:12: acquire_memory: allocated here
sudo-1.9.17p2/src/sudo.c:535:8: branch_false: following ‘false’ branch (when ‘info’ is non-NULL)...
sudo-1.9.17p2/src/sudo.c:538:15: branch_false: ...to here
sudo-1.9.17p2/src/sudo.c:566:8: branch_false: following ‘false’ branch...
sudo-1.9.17p2/src/sudo.c:569:15: branch_false: ...to here
sudo-1.9.17p2/src/sudo.c:570:8: branch_false: following ‘false’ branch...
sudo-1.9.17p2/src/sudo.c:572:20: branch_false: ...to here
sudo-1.9.17p2/src/sudo.c:578:8: branch_false: following ‘false’ branch (when ‘cp’ is non-NULL)...
sudo-1.9.17p2/src/sudo.c:582:5: branch_false: ...to here
sudo-1.9.17p2/src/sudo.c:584:8: branch_false: following ‘false’ branch...
sudo-1.9.17p2/src/sudo.c:586:46: branch_false: ...to here
sudo-1.9.17p2/src/sudo.c:586:8: branch_false: following ‘false’ branch...
sudo-1.9.17p2/src/sudo.c:588:46: branch_false: ...to here
sudo-1.9.17p2/src/sudo.c:588:8: branch_false: following ‘false’ branch...
sudo-1.9.17p2/src/sudo.c:590:48: branch_false: ...to here
sudo-1.9.17p2/src/sudo.c:590:8: branch_false: following ‘false’ branch...
sudo-1.9.17p2/src/sudo.c:592:45: branch_false: ...to here
sudo-1.9.17p2/src/sudo.c:592:8: branch_false: following ‘false’ branch...
sudo-1.9.17p2/src/sudo.c:594:54: branch_false: ...to here
sudo-1.9.17p2/src/sudo.c:594:8: branch_false: following ‘false’ branch...
sudo-1.9.17p2/src/sudo.c:596:55: branch_false: ...to here
sudo-1.9.17p2/src/sudo.c:596:8: branch_false: following ‘false’ branch...
sudo-1.9.17p2/src/sudo.c:598:54: branch_false: ...to here
sudo-1.9.17p2/src/sudo.c:598:8: branch_false: following ‘false’ branch...
sudo-1.9.17p2/src/sudo.c:600:55: branch_false: ...to here
sudo-1.9.17p2/src/sudo.c:600:8: branch_false: following ‘false’ branch...
sudo-1.9.17p2/src/sudo.c:603:15: branch_false: ...to here
sudo-1.9.17p2/src/sudo.c:603:15: call_function: calling ‘get_user_groups’ from ‘get_user_info’
#  436|       size_t glsize;
#  437|       int i, len, group_source;
#  438|->     debug_decl(get_user_groups, SUDO_DEBUG_UTIL);
#  439|   
#  440|       cred->groups = NULL;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def713]
sudo-1.9.17p2/src/sudo.c:441:20: warning[-Wanalyzer-malloc-leak]: leak of ‘info’
sudo-1.9.17p2/src/sudo.c:507:1: enter_function: entry to ‘get_user_info’
sudo-1.9.17p2/src/sudo.c:534:12: acquire_memory: allocated here
sudo-1.9.17p2/src/sudo.c:535:8: branch_false: following ‘false’ branch (when ‘info’ is non-NULL)...
sudo-1.9.17p2/src/sudo.c:538:15: branch_false: ...to here
sudo-1.9.17p2/src/sudo.c:566:8: branch_false: following ‘false’ branch...
sudo-1.9.17p2/src/sudo.c:569:15: branch_false: ...to here
sudo-1.9.17p2/src/sudo.c:570:8: branch_false: following ‘false’ branch...
sudo-1.9.17p2/src/sudo.c:572:20: branch_false: ...to here
sudo-1.9.17p2/src/sudo.c:578:8: branch_false: following ‘false’ branch (when ‘cp’ is non-NULL)...
sudo-1.9.17p2/src/sudo.c:582:5: branch_false: ...to here
sudo-1.9.17p2/src/sudo.c:584:8: branch_false: following ‘false’ branch...
sudo-1.9.17p2/src/sudo.c:586:46: branch_false: ...to here
sudo-1.9.17p2/src/sudo.c:586:8: branch_false: following ‘false’ branch...
sudo-1.9.17p2/src/sudo.c:588:46: branch_false: ...to here
sudo-1.9.17p2/src/sudo.c:588:8: branch_false: following ‘false’ branch...
sudo-1.9.17p2/src/sudo.c:590:48: branch_false: ...to here
sudo-1.9.17p2/src/sudo.c:590:8: branch_false: following ‘false’ branch...
sudo-1.9.17p2/src/sudo.c:592:45: branch_false: ...to here
sudo-1.9.17p2/src/sudo.c:592:8: branch_false: following ‘false’ branch...
sudo-1.9.17p2/src/sudo.c:594:54: branch_false: ...to here
sudo-1.9.17p2/src/sudo.c:594:8: branch_false: following ‘false’ branch...
sudo-1.9.17p2/src/sudo.c:596:55: branch_false: ...to here
sudo-1.9.17p2/src/sudo.c:596:8: branch_false: following ‘false’ branch...
sudo-1.9.17p2/src/sudo.c:598:54: branch_false: ...to here
sudo-1.9.17p2/src/sudo.c:598:8: branch_false: following ‘false’ branch...
sudo-1.9.17p2/src/sudo.c:600:55: branch_false: ...to here
sudo-1.9.17p2/src/sudo.c:600:8: branch_false: following ‘false’ branch...
sudo-1.9.17p2/src/sudo.c:603:15: branch_false: ...to here
sudo-1.9.17p2/src/sudo.c:603:15: call_function: calling ‘get_user_groups’ from ‘get_user_info’
#  439|   
#  440|       cred->groups = NULL;
#  441|->     group_source = sudo_conf_group_source();
#  442|       if (group_source != GROUP_SOURCE_DYNAMIC) {
#  443|   	long maxgroups = sysconf(_SC_NGROUPS_MAX);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def714]
sudo-1.9.17p2/src/sudo.c:458:21: warning[-Wanalyzer-malloc-leak]: leak of ‘info’
sudo-1.9.17p2/src/sudo.c:507:1: enter_function: entry to ‘get_user_info’
sudo-1.9.17p2/src/sudo.c:534:12: acquire_memory: allocated here
sudo-1.9.17p2/src/sudo.c:535:8: branch_false: following ‘false’ branch (when ‘info’ is non-NULL)...
sudo-1.9.17p2/src/sudo.c:538:15: branch_false: ...to here
sudo-1.9.17p2/src/sudo.c:566:8: branch_false: following ‘false’ branch...
sudo-1.9.17p2/src/sudo.c:569:15: branch_false: ...to here
sudo-1.9.17p2/src/sudo.c:570:8: branch_false: following ‘false’ branch...
sudo-1.9.17p2/src/sudo.c:572:20: branch_false: ...to here
sudo-1.9.17p2/src/sudo.c:578:8: branch_false: following ‘false’ branch (when ‘cp’ is non-NULL)...
sudo-1.9.17p2/src/sudo.c:582:5: branch_false: ...to here
sudo-1.9.17p2/src/sudo.c:584:8: branch_false: following ‘false’ branch...
sudo-1.9.17p2/src/sudo.c:586:46: branch_false: ...to here
sudo-1.9.17p2/src/sudo.c:586:8: branch_false: following ‘false’ branch...
sudo-1.9.17p2/src/sudo.c:588:46: branch_false: ...to here
sudo-1.9.17p2/src/sudo.c:588:8: branch_false: following ‘false’ branch...
sudo-1.9.17p2/src/sudo.c:590:48: branch_false: ...to here
sudo-1.9.17p2/src/sudo.c:590:8: branch_false: following ‘false’ branch...
sudo-1.9.17p2/src/sudo.c:592:45: branch_false: ...to here
sudo-1.9.17p2/src/sudo.c:592:8: branch_false: following ‘false’ branch...
sudo-1.9.17p2/src/sudo.c:594:54: branch_false: ...to here
sudo-1.9.17p2/src/sudo.c:594:8: branch_false: following ‘false’ branch...
sudo-1.9.17p2/src/sudo.c:596:55: branch_false: ...to here
sudo-1.9.17p2/src/sudo.c:596:8: branch_false: following ‘false’ branch...
sudo-1.9.17p2/src/sudo.c:598:54: branch_false: ...to here
sudo-1.9.17p2/src/sudo.c:598:8: branch_false: following ‘false’ branch...
sudo-1.9.17p2/src/sudo.c:600:55: branch_false: ...to here
sudo-1.9.17p2/src/sudo.c:600:8: branch_false: following ‘false’ branch...
sudo-1.9.17p2/src/sudo.c:603:15: branch_false: ...to here
sudo-1.9.17p2/src/sudo.c:603:15: call_function: calling ‘get_user_groups’ from ‘get_user_info’
#  456|   		cred->ngroups = getgroups(cred->ngroups, cred->groups);
#  457|   		if (cred->ngroups < 0) {
#  458|-> 		    sudo_debug_printf(SUDO_DEBUG_ERROR|SUDO_DEBUG_ERRNO,
#  459|   			"%s: unable to get %d groups via getgroups()",
#  460|   			__func__, cred->ngroups);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def715]
sudo-1.9.17p2/src/sudo.c:542:5: warning[-Wanalyzer-malloc-leak]: leak of ‘info’
sudo-1.9.17p2/src/sudo.c:534:12: acquire_memory: allocated here
sudo-1.9.17p2/src/sudo.c:535:8: branch_false: following ‘false’ branch (when ‘info’ is non-NULL)...
sudo-1.9.17p2/src/sudo.c:538:15: branch_false: ...to here
sudo-1.9.17p2/src/sudo.c:542:5: danger: ‘info’ leaks here; was allocated at [(1)](sarif:/runs/0/results/6/codeFlows/0/threadFlows/0/locations/0)
#  540|       ud->pgid = getpgrp();
#  541|       ttyfd = open(_PATH_TTY, O_RDWR);
#  542|->     sudo_get_ttysize(ttyfd, &ud->ts_rows, &ud->ts_cols);
#  543|       if (ttyfd != -1) {
#  544|   	if ((ud->tcpgid = tcgetpgrp(ttyfd)) == -1)

Error: GCC_ANALYZER_WARNING (CWE-401): [#def716]
sudo-1.9.17p2/src/sudo.c:546:9: warning[-Wanalyzer-malloc-leak]: leak of ‘info’
sudo-1.9.17p2/src/sudo.c:534:12: acquire_memory: allocated here
sudo-1.9.17p2/src/sudo.c:535:8: branch_false: following ‘false’ branch (when ‘info’ is non-NULL)...
sudo-1.9.17p2/src/sudo.c:538:15: branch_false: ...to here
sudo-1.9.17p2/src/sudo.c:543:8: branch_true: following ‘true’ branch...
sudo-1.9.17p2/src/sudo.c:544:27: branch_true: ...to here
sudo-1.9.17p2/src/sudo.c:546:9: danger: ‘info’ leaks here; was allocated at [(1)](sarif:/runs/0/results/7/codeFlows/0/threadFlows/0/locations/0)
#  544|   	if ((ud->tcpgid = tcgetpgrp(ttyfd)) == -1)
#  545|   	    ud->tcpgid = 0;
#  546|-> 	close(ttyfd);
#  547|       }
#  548|       if ((ud->sid = getsid(0)) == -1)

Error: GCC_ANALYZER_WARNING (CWE-401): [#def717]
sudo-1.9.17p2/src/sudo.c:557:5: warning[-Wanalyzer-malloc-leak]: leak of ‘info’
sudo-1.9.17p2/src/sudo.c:534:12: acquire_memory: allocated here
sudo-1.9.17p2/src/sudo.c:535:8: branch_false: following ‘false’ branch (when ‘info’ is non-NULL)...
sudo-1.9.17p2/src/sudo.c:538:15: branch_false: ...to here
sudo-1.9.17p2/src/sudo.c:557:5: danger: ‘info’ leaks here; was allocated at [(1)](sarif:/runs/0/results/8/codeFlows/0/threadFlows/0/locations/0)
#  555|   
#  556|       /* Store cred for use by sudo_askpass(). */
#  557|->     sudo_askpass_cred(&ud->cred);
#  558|   
#  559|   #ifdef HAVE_SETAUTHDB

Error: GCC_ANALYZER_WARNING (CWE-401): [#def718]
sudo-1.9.17p2/src/sudo.c:562:10: warning[-Wanalyzer-malloc-leak]: leak of ‘info’
sudo-1.9.17p2/src/sudo.c:534:12: acquire_memory: allocated here
sudo-1.9.17p2/src/sudo.c:535:8: branch_false: following ‘false’ branch (when ‘info’ is non-NULL)...
sudo-1.9.17p2/src/sudo.c:538:15: branch_false: ...to here
sudo-1.9.17p2/src/sudo.c:562:10: danger: ‘info’ leaks here; was allocated at [(1)](sarif:/runs/0/results/9/codeFlows/0/threadFlows/0/locations/0)
#  560|       aix_setauthdb(IDtouser(ud->cred.uid), NULL);
#  561|   #endif
#  562|->     pw = getpwuid(ud->cred.uid);
#  563|   #ifdef HAVE_SETAUTHDB
#  564|       aix_restoreauthdb();

Error: GCC_ANALYZER_WARNING (CWE-401): [#def719]
sudo-1.9.17p2/src/sudo.c:567:9: warning[-Wanalyzer-malloc-leak]: leak of ‘info’
sudo-1.9.17p2/src/sudo.c:534:12: acquire_memory: allocated here
sudo-1.9.17p2/src/sudo.c:535:8: branch_false: following ‘false’ branch (when ‘info’ is non-NULL)...
sudo-1.9.17p2/src/sudo.c:538:15: branch_false: ...to here
sudo-1.9.17p2/src/sudo.c:566:8: branch_true: following ‘true’ branch...
sudo-1.9.17p2/src/sudo.c:567:9: branch_true: ...to here
sudo-1.9.17p2/src/sudo.c:567:9: danger: ‘info’ leaks here; was allocated at [(1)](sarif:/runs/0/results/10/codeFlows/0/threadFlows/0/locations/0)
#  565|   #endif
#  566|       if (pw == NULL)
#  567|-> 	sudo_fatalx(U_("you do not exist in the %s database"), "passwd");
#  568|   
#  569|       info[i] = sudo_new_key_val("user", pw->pw_name);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def720]
sudo-1.9.17p2/src/sudo.c:569:15: warning[-Wanalyzer-malloc-leak]: leak of ‘info’
sudo-1.9.17p2/src/sudo.c:534:12: acquire_memory: allocated here
sudo-1.9.17p2/src/sudo.c:535:8: branch_false: following ‘false’ branch (when ‘info’ is non-NULL)...
sudo-1.9.17p2/src/sudo.c:538:15: branch_false: ...to here
sudo-1.9.17p2/src/sudo.c:566:8: branch_false: following ‘false’ branch...
sudo-1.9.17p2/src/sudo.c:569:15: branch_false: ...to here
sudo-1.9.17p2/src/sudo.c:569:15: danger: ‘info’ leaks here; was allocated at [(1)](sarif:/runs/0/results/14/codeFlows/0/threadFlows/0/locations/0)
#  567|   	sudo_fatalx(U_("you do not exist in the %s database"), "passwd");
#  568|   
#  569|->     info[i] = sudo_new_key_val("user", pw->pw_name);
#  570|       if (info[i] == NULL)
#  571|   	goto oom;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def721]
sudo-1.9.17p2/src/sudo.c:663:5: warning[-Wanalyzer-malloc-leak]: leak of ‘info’
sudo-1.9.17p2/src/sudo.c:534:12: acquire_memory: allocated here
sudo-1.9.17p2/src/sudo.c:535:8: branch_false: following ‘false’ branch (when ‘info’ is non-NULL)...
sudo-1.9.17p2/src/sudo.c:538:15: branch_false: ...to here
sudo-1.9.17p2/src/sudo.c:566:8: branch_false: following ‘false’ branch...
sudo-1.9.17p2/src/sudo.c:569:15: branch_false: ...to here
sudo-1.9.17p2/src/sudo.c:663:5: danger: ‘info’ leaks here; was allocated at [(1)](sarif:/runs/0/results/15/codeFlows/0/threadFlows/0/locations/0)
#  661|       debug_return_ptr(info);
#  662|   oom:
#  663|->     sudo_warnx(U_("%s: %s"), __func__, U_("unable to allocate memory"));
#  664|   bad:
#  665|       while (i)

Error: GCC_ANALYZER_WARNING (CWE-401): [#def722]
sudo-1.9.17p2/src/sudo.c:1128:26: warning[-Wanalyzer-malloc-leak]: leak of ‘plugin_settings’
sudo-1.9.17p2/src/sudo.c:1125:23: acquire_memory: allocated here
sudo-1.9.17p2/src/sudo.c:1126:8: branch_false: following ‘false’ branch (when ‘plugin_settings’ is non-NULL)...
sudo-1.9.17p2/src/sudo.c:1128:26: branch_false: ...to here
sudo-1.9.17p2/src/sudo.c:1128:26: danger: ‘plugin_settings’ leaks here; was allocated at [(1)](sarif:/runs/0/results/21/codeFlows/0/threadFlows/0/locations/0)
# 1126|       if (plugin_settings == NULL)
# 1127|   	goto bad;
# 1128|->     plugin_settings[i] = sudo_new_key_val("plugin_path", plugin->path);
# 1129|       if (plugin_settings[i] == NULL)
# 1130|   	goto bad;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def723]
sudo-1.9.17p2/src/sudo.c:1133:13: warning[-Wanalyzer-malloc-leak]: leak of ‘plugin_settings’
sudo-1.9.17p2/src/sudo.c:1125:23: acquire_memory: allocated here
sudo-1.9.17p2/src/sudo.c:1126:8: branch_false: following ‘false’ branch (when ‘plugin_settings’ is non-NULL)...
sudo-1.9.17p2/src/sudo.c:1128:26: branch_false: ...to here
sudo-1.9.17p2/src/sudo.c:1129:8: branch_false: following ‘false’ branch...
sudo-1.9.17p2/src/sudo.c:1131:10: branch_false: ...to here
sudo-1.9.17p2/src/sudo.c:1131:35: branch_true: following ‘true’ branch...
sudo-1.9.17p2/src/sudo.c:1132:13: branch_true: ...to here
sudo-1.9.17p2/src/sudo.c:1132:12: branch_true: following ‘true’ branch...
sudo-1.9.17p2/src/sudo.c:1133:13: branch_true: ...to here
sudo-1.9.17p2/src/sudo.c:1133:13: danger: ‘plugin_settings’ leaks here; was allocated at [(1)](sarif:/runs/0/results/22/codeFlows/0/threadFlows/0/locations/0)
# 1131|       for (setting = sudo_settings; setting->name != NULL; setting++) {
# 1132|           if (setting->value != NULL) {
# 1133|->             sudo_debug_printf(SUDO_DEBUG_INFO, "settings: %s=%s",
# 1134|                   setting->name, setting->value);
# 1135|   	    plugin_settings[++i] =

Error: GCC_ANALYZER_WARNING (CWE-401): [#def724]
sudo-1.9.17p2/src/sudo.c:1136:17: warning[-Wanalyzer-malloc-leak]: leak of ‘plugin_settings’
sudo-1.9.17p2/src/sudo.c:1125:23: acquire_memory: allocated here
sudo-1.9.17p2/src/sudo.c:1126:8: branch_false: following ‘false’ branch (when ‘plugin_settings’ is non-NULL)...
sudo-1.9.17p2/src/sudo.c:1128:26: branch_false: ...to here
sudo-1.9.17p2/src/sudo.c:1129:8: branch_false: following ‘false’ branch...
sudo-1.9.17p2/src/sudo.c:1131:10: branch_false: ...to here
sudo-1.9.17p2/src/sudo.c:1131:35: branch_true: following ‘true’ branch...
sudo-1.9.17p2/src/sudo.c:1132:13: branch_true: ...to here
sudo-1.9.17p2/src/sudo.c:1132:12: branch_true: following ‘true’ branch...
sudo-1.9.17p2/src/sudo.c:1133:13: branch_true: ...to here
sudo-1.9.17p2/src/sudo.c:1136:17: danger: ‘plugin_settings’ leaks here; was allocated at [(1)](sarif:/runs/0/results/23/codeFlows/0/threadFlows/0/locations/0)
# 1134|                   setting->name, setting->value);
# 1135|   	    plugin_settings[++i] =
# 1136|-> 		sudo_new_key_val(setting->name, setting->value);
# 1137|   	    if (plugin_settings[i] == NULL)
# 1138|   		goto bad;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def725]
sudo-1.9.17p2/src/sudo.c:1155:5: warning[-Wanalyzer-malloc-leak]: leak of ‘plugin_settings’
sudo-1.9.17p2/src/sudo.c:1125:23: acquire_memory: allocated here
sudo-1.9.17p2/src/sudo.c:1126:8: branch_false: following ‘false’ branch (when ‘plugin_settings’ is non-NULL)...
sudo-1.9.17p2/src/sudo.c:1128:26: branch_false: ...to here
sudo-1.9.17p2/src/sudo.c:1129:8: branch_false: following ‘false’ branch...
sudo-1.9.17p2/src/sudo.c:1131:10: branch_false: ...to here
sudo-1.9.17p2/src/sudo.c:1155:5: danger: ‘plugin_settings’ leaks here; was allocated at [(1)](sarif:/runs/0/results/24/codeFlows/0/threadFlows/0/locations/0)
# 1153|   	sudo_fatalx(U_("%s: %s"), __func__, U_("unable to allocate memory"));
# 1154|   
# 1155|->     debug_return_ptr(plugin_settings);
# 1156|   bad:
# 1157|       while (i)

Error: GCC_ANALYZER_WARNING (CWE-401): [#def726]
sudo-1.9.17p2/src/sudo_edit.c:138:5: warning[-Wanalyzer-malloc-leak]: leak of ‘sesh_ap’
sudo-1.9.17p2/src/sudo_edit.c:414:1: enter_function: entry to ‘selinux_edit_create_tfiles’
sudo-1.9.17p2/src/sudo_edit.c:424:8: branch_false: following ‘false’ branch (when ‘nfiles > 0’)...
sudo-1.9.17p2/src/sudo_edit.c:427:18: branch_false: ...to here
sudo-1.9.17p2/src/sudo_edit.c:428:27: acquire_memory: allocated here
sudo-1.9.17p2/src/sudo_edit.c:429:8: branch_false: following ‘false’ branch (when ‘sesh_ap’ is non-NULL)...
sudo-1.9.17p2/src/sudo_edit.c:433:5: branch_false: ...to here
sudo-1.9.17p2/src/sudo_edit.c:437:8: branch_false: following ‘false’ branch...
sudo-1.9.17p2/src/sudo_edit.c:445:6: branch_false: ...to here
sudo-1.9.17p2/src/sudo_edit.c:447:17: branch_true: following ‘true’ branch (when ‘i < nfiles’)...
sudo-1.9.17p2/src/sudo_edit.c:448:36: branch_true: ...to here
sudo-1.9.17p2/src/sudo_edit.c:460:15: call_function: calling ‘sudo_edit_mktemp’ from ‘selinux_edit_create_tfiles’
#  136|       const char *base, *suff;
#  137|       int len, tfd;
#  138|->     debug_decl(sudo_edit_mktemp, SUDO_DEBUG_EDIT);
#  139|   
#  140|       base = sudo_basename(ofile);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def727]
sudo-1.9.17p2/src/sudo_edit.c:140:12: warning[-Wanalyzer-malloc-leak]: leak of ‘sesh_ap’
sudo-1.9.17p2/src/sudo_edit.c:414:1: enter_function: entry to ‘selinux_edit_create_tfiles’
sudo-1.9.17p2/src/sudo_edit.c:424:8: branch_false: following ‘false’ branch (when ‘nfiles > 0’)...
sudo-1.9.17p2/src/sudo_edit.c:427:18: branch_false: ...to here
sudo-1.9.17p2/src/sudo_edit.c:428:27: acquire_memory: allocated here
sudo-1.9.17p2/src/sudo_edit.c:429:8: branch_false: following ‘false’ branch (when ‘sesh_ap’ is non-NULL)...
sudo-1.9.17p2/src/sudo_edit.c:433:5: branch_false: ...to here
sudo-1.9.17p2/src/sudo_edit.c:437:8: branch_false: following ‘false’ branch...
sudo-1.9.17p2/src/sudo_edit.c:445:6: branch_false: ...to here
sudo-1.9.17p2/src/sudo_edit.c:447:17: branch_true: following ‘true’ branch (when ‘i < nfiles’)...
sudo-1.9.17p2/src/sudo_edit.c:448:36: branch_true: ...to here
sudo-1.9.17p2/src/sudo_edit.c:460:15: call_function: calling ‘sudo_edit_mktemp’ from ‘selinux_edit_create_tfiles’
#  138|       debug_decl(sudo_edit_mktemp, SUDO_DEBUG_EDIT);
#  139|   
#  140|->     base = sudo_basename(ofile);
#  141|       suff = strrchr(base, '.');
#  142|       if (suff != NULL) {

Error: GCC_ANALYZER_WARNING (CWE-401): [#def728]
sudo-1.9.17p2/src/sudo_edit.c:149:9: warning[-Wanalyzer-malloc-leak]: leak of ‘sesh_ap’
sudo-1.9.17p2/src/sudo_edit.c:414:1: enter_function: entry to ‘selinux_edit_create_tfiles’
sudo-1.9.17p2/src/sudo_edit.c:424:8: branch_false: following ‘false’ branch (when ‘nfiles > 0’)...
sudo-1.9.17p2/src/sudo_edit.c:427:18: branch_false: ...to here
sudo-1.9.17p2/src/sudo_edit.c:428:27: acquire_memory: allocated here
sudo-1.9.17p2/src/sudo_edit.c:429:8: branch_false: following ‘false’ branch (when ‘sesh_ap’ is non-NULL)...
sudo-1.9.17p2/src/sudo_edit.c:433:5: branch_false: ...to here
sudo-1.9.17p2/src/sudo_edit.c:437:8: branch_false: following ‘false’ branch...
sudo-1.9.17p2/src/sudo_edit.c:445:6: branch_false: ...to here
sudo-1.9.17p2/src/sudo_edit.c:447:17: branch_true: following ‘true’ branch (when ‘i < nfiles’)...
sudo-1.9.17p2/src/sudo_edit.c:448:36: branch_true: ...to here
sudo-1.9.17p2/src/sudo_edit.c:460:15: call_function: calling ‘sudo_edit_mktemp’ from ‘selinux_edit_create_tfiles’
#  147|       }
#  148|       if (len == -1) {
#  149|-> 	sudo_warnx(U_("%s: %s"), __func__, U_("unable to allocate memory"));
#  150|   	debug_return_int(-1);
#  151|       }

Error: GCC_ANALYZER_WARNING (CWE-401): [#def729]
sudo-1.9.17p2/src/sudo_edit.c:350:5: warning[-Wanalyzer-malloc-leak]: leak of ‘sesh_ap’
sudo-1.9.17p2/src/sudo_edit.c:521:1: enter_function: entry to ‘selinux_edit_copy_tfiles’
sudo-1.9.17p2/src/sudo_edit.c:534:8: branch_false: following ‘false’ branch (when ‘nfiles > 0’)...
sudo-1.9.17p2/src/sudo_edit.c:537:18: branch_false: ...to here
sudo-1.9.17p2/src/sudo_edit.c:538:27: acquire_memory: allocated here
sudo-1.9.17p2/src/sudo_edit.c:539:8: branch_false: following ‘false’ branch (when ‘sesh_ap’ is non-NULL)...
sudo-1.9.17p2/src/sudo_edit.c:543:5: branch_false: ...to here
sudo-1.9.17p2/src/sudo_edit.c:545:8: branch_false: following ‘false’ branch...
sudo-1.9.17p2/src/sudo_edit.c:553:6: branch_false: ...to here
sudo-1.9.17p2/src/sudo_edit.c:555:17: branch_true: following ‘true’ branch (when ‘i < nfiles’)...
sudo-1.9.17p2/src/sudo_edit.c:556:12: branch_true: ...to here
sudo-1.9.17p2/src/sudo_edit.c:556:12: branch_false: following ‘false’ branch (when ‘tfd == -1’)...
sudo-1.9.17p2/src/sudo_edit.c:558:27: branch_false: ...to here
sudo-1.9.17p2/src/sudo_edit.c:586:8: branch_true: following ‘true’ branch (when ‘run_helper != 0’)...
sudo-1.9.17p2/src/sudo_edit.c:592:59: branch_true: ...to here
sudo-1.9.17p2/src/sudo_edit.c:590:13: call_function: calling ‘selinux_run_helper’ from ‘selinux_edit_copy_tfiles’
#  348|       const char *sesh;
#  349|       pid_t child, pid;
#  350|->     debug_decl(selinux_run_helper, SUDO_DEBUG_EDIT);
#  351|   
#  352|       sesh = sudo_conf_sesh_path();

Error: GCC_ANALYZER_WARNING (CWE-401): [#def730]
sudo-1.9.17p2/src/sudo_edit.c:352:12: warning[-Wanalyzer-malloc-leak]: leak of ‘sesh_ap’
sudo-1.9.17p2/src/sudo_edit.c:521:1: enter_function: entry to ‘selinux_edit_copy_tfiles’
sudo-1.9.17p2/src/sudo_edit.c:534:8: branch_false: following ‘false’ branch (when ‘nfiles > 0’)...
sudo-1.9.17p2/src/sudo_edit.c:537:18: branch_false: ...to here
sudo-1.9.17p2/src/sudo_edit.c:538:27: acquire_memory: allocated here
sudo-1.9.17p2/src/sudo_edit.c:539:8: branch_false: following ‘false’ branch (when ‘sesh_ap’ is non-NULL)...
sudo-1.9.17p2/src/sudo_edit.c:543:5: branch_false: ...to here
sudo-1.9.17p2/src/sudo_edit.c:545:8: branch_false: following ‘false’ branch...
sudo-1.9.17p2/src/sudo_edit.c:553:6: branch_false: ...to here
sudo-1.9.17p2/src/sudo_edit.c:555:17: branch_true: following ‘true’ branch (when ‘i < nfiles’)...
sudo-1.9.17p2/src/sudo_edit.c:556:12: branch_true: ...to here
sudo-1.9.17p2/src/sudo_edit.c:556:12: branch_false: following ‘false’ branch (when ‘tfd == -1’)...
sudo-1.9.17p2/src/sudo_edit.c:558:27: branch_false: ...to here
sudo-1.9.17p2/src/sudo_edit.c:586:8: branch_true: following ‘true’ branch (when ‘run_helper != 0’)...
sudo-1.9.17p2/src/sudo_edit.c:592:59: branch_true: ...to here
sudo-1.9.17p2/src/sudo_edit.c:590:13: call_function: calling ‘selinux_run_helper’ from ‘selinux_edit_copy_tfiles’
#  350|       debug_decl(selinux_run_helper, SUDO_DEBUG_EDIT);
#  351|   
#  352|->     sesh = sudo_conf_sesh_path();
#  353|       if (sesh == NULL) {
#  354|   	sudo_warnx("internal error: sesh path not set");

Error: GCC_ANALYZER_WARNING (CWE-401): [#def731]
sudo-1.9.17p2/src/sudo_edit.c:354:9: warning[-Wanalyzer-malloc-leak]: leak of ‘sesh_ap’
sudo-1.9.17p2/src/sudo_edit.c:521:1: enter_function: entry to ‘selinux_edit_copy_tfiles’
sudo-1.9.17p2/src/sudo_edit.c:534:8: branch_false: following ‘false’ branch (when ‘nfiles > 0’)...
sudo-1.9.17p2/src/sudo_edit.c:537:18: branch_false: ...to here
sudo-1.9.17p2/src/sudo_edit.c:538:27: acquire_memory: allocated here
sudo-1.9.17p2/src/sudo_edit.c:539:8: branch_false: following ‘false’ branch (when ‘sesh_ap’ is non-NULL)...
sudo-1.9.17p2/src/sudo_edit.c:543:5: branch_false: ...to here
sudo-1.9.17p2/src/sudo_edit.c:545:8: branch_false: following ‘false’ branch...
sudo-1.9.17p2/src/sudo_edit.c:553:6: branch_false: ...to here
sudo-1.9.17p2/src/sudo_edit.c:555:17: branch_true: following ‘true’ branch (when ‘i < nfiles’)...
sudo-1.9.17p2/src/sudo_edit.c:556:12: branch_true: ...to here
sudo-1.9.17p2/src/sudo_edit.c:556:12: branch_false: following ‘false’ branch (when ‘tfd == -1’)...
sudo-1.9.17p2/src/sudo_edit.c:558:27: branch_false: ...to here
sudo-1.9.17p2/src/sudo_edit.c:586:8: branch_true: following ‘true’ branch (when ‘run_helper != 0’)...
sudo-1.9.17p2/src/sudo_edit.c:592:59: branch_true: ...to here
sudo-1.9.17p2/src/sudo_edit.c:590:13: call_function: calling ‘selinux_run_helper’ from ‘selinux_edit_copy_tfiles’
#  352|       sesh = sudo_conf_sesh_path();
#  353|       if (sesh == NULL) {
#  354|-> 	sudo_warnx("internal error: sesh path not set");
#  355|   	debug_return_int(-1);
#  356|       }

Error: GCC_ANALYZER_WARNING (CWE-401): [#def732]
sudo-1.9.17p2/src/sudo_edit.c:355:9: warning[-Wanalyzer-malloc-leak]: leak of ‘sesh_ap’
sudo-1.9.17p2/src/sudo_edit.c:521:1: enter_function: entry to ‘selinux_edit_copy_tfiles’
sudo-1.9.17p2/src/sudo_edit.c:534:8: branch_false: following ‘false’ branch (when ‘nfiles > 0’)...
sudo-1.9.17p2/src/sudo_edit.c:537:18: branch_false: ...to here
sudo-1.9.17p2/src/sudo_edit.c:538:27: acquire_memory: allocated here
sudo-1.9.17p2/src/sudo_edit.c:539:8: branch_false: following ‘false’ branch (when ‘sesh_ap’ is non-NULL)...
sudo-1.9.17p2/src/sudo_edit.c:543:5: branch_false: ...to here
sudo-1.9.17p2/src/sudo_edit.c:545:8: branch_false: following ‘false’ branch...
sudo-1.9.17p2/src/sudo_edit.c:553:6: branch_false: ...to here
sudo-1.9.17p2/src/sudo_edit.c:555:17: branch_true: following ‘true’ branch (when ‘i < nfiles’)...
sudo-1.9.17p2/src/sudo_edit.c:556:12: branch_true: ...to here
sudo-1.9.17p2/src/sudo_edit.c:556:12: branch_false: following ‘false’ branch (when ‘tfd == -1’)...
sudo-1.9.17p2/src/sudo_edit.c:558:27: branch_false: ...to here
sudo-1.9.17p2/src/sudo_edit.c:586:8: branch_true: following ‘true’ branch (when ‘run_helper != 0’)...
sudo-1.9.17p2/src/sudo_edit.c:592:59: branch_true: ...to here
sudo-1.9.17p2/src/sudo_edit.c:590:13: call_function: calling ‘selinux_run_helper’ from ‘selinux_edit_copy_tfiles’
#  353|       if (sesh == NULL) {
#  354|   	sudo_warnx("internal error: sesh path not set");
#  355|-> 	debug_return_int(-1);
#  356|       }
#  357|   

Error: GCC_ANALYZER_WARNING (CWE-401): [#def733]
sudo-1.9.17p2/src/sudo_edit.c:358:13: warning[-Wanalyzer-malloc-leak]: leak of ‘sesh_ap’
sudo-1.9.17p2/src/sudo_edit.c:521:1: enter_function: entry to ‘selinux_edit_copy_tfiles’
sudo-1.9.17p2/src/sudo_edit.c:534:8: branch_false: following ‘false’ branch (when ‘nfiles > 0’)...
sudo-1.9.17p2/src/sudo_edit.c:537:18: branch_false: ...to here
sudo-1.9.17p2/src/sudo_edit.c:538:27: acquire_memory: allocated here
sudo-1.9.17p2/src/sudo_edit.c:539:8: branch_false: following ‘false’ branch (when ‘sesh_ap’ is non-NULL)...
sudo-1.9.17p2/src/sudo_edit.c:543:5: branch_false: ...to here
sudo-1.9.17p2/src/sudo_edit.c:545:8: branch_false: following ‘false’ branch...
sudo-1.9.17p2/src/sudo_edit.c:553:6: branch_false: ...to here
sudo-1.9.17p2/src/sudo_edit.c:555:17: branch_true: following ‘true’ branch (when ‘i < nfiles’)...
sudo-1.9.17p2/src/sudo_edit.c:556:12: branch_true: ...to here
sudo-1.9.17p2/src/sudo_edit.c:556:12: branch_false: following ‘false’ branch (when ‘tfd == -1’)...
sudo-1.9.17p2/src/sudo_edit.c:558:27: branch_false: ...to here
sudo-1.9.17p2/src/sudo_edit.c:586:8: branch_true: following ‘true’ branch (when ‘run_helper != 0’)...
sudo-1.9.17p2/src/sudo_edit.c:592:59: branch_true: ...to here
sudo-1.9.17p2/src/sudo_edit.c:590:13: call_function: calling ‘selinux_run_helper’ from ‘selinux_edit_copy_tfiles’
#  356|       }
#  357|   
#  358|->     child = sudo_debug_fork();
#  359|       switch (child) {
#  360|       case -1:

Error: GCC_ANALYZER_WARNING (CWE-401): [#def734]
sudo-1.9.17p2/src/sudo_edit.c:361:9: warning[-Wanalyzer-malloc-leak]: leak of ‘sesh_ap’
sudo-1.9.17p2/src/sudo_edit.c:521:1: enter_function: entry to ‘selinux_edit_copy_tfiles’
sudo-1.9.17p2/src/sudo_edit.c:534:8: branch_false: following ‘false’ branch (when ‘nfiles > 0’)...
sudo-1.9.17p2/src/sudo_edit.c:537:18: branch_false: ...to here
sudo-1.9.17p2/src/sudo_edit.c:538:27: acquire_memory: allocated here
sudo-1.9.17p2/src/sudo_edit.c:539:8: branch_false: following ‘false’ branch (when ‘sesh_ap’ is non-NULL)...
sudo-1.9.17p2/src/sudo_edit.c:543:5: branch_false: ...to here
sudo-1.9.17p2/src/sudo_edit.c:545:8: branch_false: following ‘false’ branch...
sudo-1.9.17p2/src/sudo_edit.c:553:6: branch_false: ...to here
sudo-1.9.17p2/src/sudo_edit.c:555:17: branch_true: following ‘true’ branch (when ‘i < nfiles’)...
sudo-1.9.17p2/src/sudo_edit.c:556:12: branch_true: ...to here
sudo-1.9.17p2/src/sudo_edit.c:556:12: branch_false: following ‘false’ branch (when ‘tfd == -1’)...
sudo-1.9.17p2/src/sudo_edit.c:558:27: branch_false: ...to here
sudo-1.9.17p2/src/sudo_edit.c:586:8: branch_true: following ‘true’ branch (when ‘run_helper != 0’)...
sudo-1.9.17p2/src/sudo_edit.c:592:59: branch_true: ...to here
sudo-1.9.17p2/src/sudo_edit.c:590:13: call_function: calling ‘selinux_run_helper’ from ‘selinux_edit_copy_tfiles’
#  359|       switch (child) {
#  360|       case -1:
#  361|-> 	sudo_warn("%s", U_("unable to fork"));
#  362|   	break;
#  363|       case 0:

Error: GCC_ANALYZER_WARNING (CWE-401): [#def735]
sudo-1.9.17p2/src/sudo_edit.c:388:5: warning[-Wanalyzer-malloc-leak]: leak of ‘sesh_ap’
sudo-1.9.17p2/src/sudo_edit.c:521:1: enter_function: entry to ‘selinux_edit_copy_tfiles’
sudo-1.9.17p2/src/sudo_edit.c:534:8: branch_false: following ‘false’ branch (when ‘nfiles > 0’)...
sudo-1.9.17p2/src/sudo_edit.c:537:18: branch_false: ...to here
sudo-1.9.17p2/src/sudo_edit.c:538:27: acquire_memory: allocated here
sudo-1.9.17p2/src/sudo_edit.c:539:8: branch_false: following ‘false’ branch (when ‘sesh_ap’ is non-NULL)...
sudo-1.9.17p2/src/sudo_edit.c:543:5: branch_false: ...to here
sudo-1.9.17p2/src/sudo_edit.c:545:8: branch_true: following ‘true’ branch...
sudo-1.9.17p2/src/sudo_edit.c:546:25: branch_true: ...to here
sudo-1.9.17p2/src/sudo_edit.c:546:25: call_function: calling ‘selinux_fmt_sudo_user’ from ‘selinux_edit_copy_tfiles’
#  386|       size_t user_size;
#  387|       int i, len;
#  388|->     debug_decl(selinux_fmt_sudo_user, SUDO_DEBUG_EDIT);
#  389|   
#  390|       user_size = (STRLEN_MAX_UNSIGNED(uid_t) + 1) * (2 + user_cred->ngroups);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def736]
sudo-1.9.17p2/src/sudo_edit.c:392:9: warning[-Wanalyzer-malloc-leak]: leak of ‘sesh_ap’
sudo-1.9.17p2/src/sudo_edit.c:521:1: enter_function: entry to ‘selinux_edit_copy_tfiles’
sudo-1.9.17p2/src/sudo_edit.c:534:8: branch_false: following ‘false’ branch (when ‘nfiles > 0’)...
sudo-1.9.17p2/src/sudo_edit.c:537:18: branch_false: ...to here
sudo-1.9.17p2/src/sudo_edit.c:538:27: acquire_memory: allocated here
sudo-1.9.17p2/src/sudo_edit.c:539:8: branch_false: following ‘false’ branch (when ‘sesh_ap’ is non-NULL)...
sudo-1.9.17p2/src/sudo_edit.c:543:5: branch_false: ...to here
sudo-1.9.17p2/src/sudo_edit.c:545:8: branch_true: following ‘true’ branch...
sudo-1.9.17p2/src/sudo_edit.c:546:25: branch_true: ...to here
sudo-1.9.17p2/src/sudo_edit.c:546:25: call_function: calling ‘selinux_fmt_sudo_user’ from ‘selinux_edit_copy_tfiles’
#  390|       user_size = (STRLEN_MAX_UNSIGNED(uid_t) + 1) * (2 + user_cred->ngroups);
#  391|       if ((user_str = malloc(user_size)) == NULL)
#  392|-> 	debug_return_ptr(NULL);
#  393|   
#  394|       /* UID:GID: */

Error: GCC_ANALYZER_WARNING (CWE-401): [#def737]
sudo-1.9.17p2/src/sudo_edit.c:398:9: warning[-Wanalyzer-malloc-leak]: leak of ‘sesh_ap’
sudo-1.9.17p2/src/sudo_edit.c:521:1: enter_function: entry to ‘selinux_edit_copy_tfiles’
sudo-1.9.17p2/src/sudo_edit.c:534:8: branch_false: following ‘false’ branch (when ‘nfiles > 0’)...
sudo-1.9.17p2/src/sudo_edit.c:537:18: branch_false: ...to here
sudo-1.9.17p2/src/sudo_edit.c:538:27: acquire_memory: allocated here
sudo-1.9.17p2/src/sudo_edit.c:539:8: branch_false: following ‘false’ branch (when ‘sesh_ap’ is non-NULL)...
sudo-1.9.17p2/src/sudo_edit.c:543:5: branch_false: ...to here
sudo-1.9.17p2/src/sudo_edit.c:545:8: branch_true: following ‘true’ branch...
sudo-1.9.17p2/src/sudo_edit.c:546:25: branch_true: ...to here
sudo-1.9.17p2/src/sudo_edit.c:546:25: call_function: calling ‘selinux_fmt_sudo_user’ from ‘selinux_edit_copy_tfiles’
#  396|   	(unsigned int)user_cred->uid, (unsigned int)user_cred->gid);
#  397|       if (len < 0 || (size_t)len >= user_size)
#  398|-> 	sudo_fatalx(U_("internal error, %s overflow"), __func__);
#  399|   
#  400|       /* Supplementary GIDs */

Error: GCC_ANALYZER_WARNING (CWE-401): [#def738]
sudo-1.9.17p2/src/sudo_edit.c:406:13: warning[-Wanalyzer-malloc-leak]: leak of ‘sesh_ap’
sudo-1.9.17p2/src/sudo_edit.c:521:1: enter_function: entry to ‘selinux_edit_copy_tfiles’
sudo-1.9.17p2/src/sudo_edit.c:534:8: branch_false: following ‘false’ branch (when ‘nfiles > 0’)...
sudo-1.9.17p2/src/sudo_edit.c:537:18: branch_false: ...to here
sudo-1.9.17p2/src/sudo_edit.c:538:27: acquire_memory: allocated here
sudo-1.9.17p2/src/sudo_edit.c:539:8: branch_false: following ‘false’ branch (when ‘sesh_ap’ is non-NULL)...
sudo-1.9.17p2/src/sudo_edit.c:543:5: branch_false: ...to here
sudo-1.9.17p2/src/sudo_edit.c:545:8: branch_true: following ‘true’ branch...
sudo-1.9.17p2/src/sudo_edit.c:546:25: branch_true: ...to here
sudo-1.9.17p2/src/sudo_edit.c:546:25: call_function: calling ‘selinux_fmt_sudo_user’ from ‘selinux_edit_copy_tfiles’
#  404|   	    i ? "," : "", (unsigned int)user_cred->groups[i]);
#  405|   	if (len < 0 || (size_t)len >= user_size - (cp - user_str))
#  406|-> 	    sudo_fatalx(U_("internal error, %s overflow"), __func__);
#  407|   	cp += len;
#  408|       }

Error: GCC_ANALYZER_WARNING (CWE-401): [#def739]
sudo-1.9.17p2/src/sudo_edit.c:557:13: warning[-Wanalyzer-malloc-leak]: leak of ‘sesh_ap’
sudo-1.9.17p2/src/sudo_edit.c:534:8: branch_false: following ‘false’ branch (when ‘nfiles > 0’)...
sudo-1.9.17p2/src/sudo_edit.c:537:18: branch_false: ...to here
sudo-1.9.17p2/src/sudo_edit.c:538:27: acquire_memory: allocated here
sudo-1.9.17p2/src/sudo_edit.c:539:8: branch_false: following ‘false’ branch (when ‘sesh_ap’ is non-NULL)...
sudo-1.9.17p2/src/sudo_edit.c:543:5: branch_false: ...to here
sudo-1.9.17p2/src/sudo_edit.c:545:8: branch_false: following ‘false’ branch...
sudo-1.9.17p2/src/sudo_edit.c:553:6: branch_false: ...to here
sudo-1.9.17p2/src/sudo_edit.c:555:17: branch_true: following ‘true’ branch (when ‘i < nfiles’)...
sudo-1.9.17p2/src/sudo_edit.c:556:12: branch_true: ...to here
sudo-1.9.17p2/src/sudo_edit.c:556:12: branch_false: following ‘false’ branch (when ‘tfd == -1’)...
sudo-1.9.17p2/src/sudo_edit.c:558:27: branch_false: ...to here
sudo-1.9.17p2/src/sudo_edit.c:555:17: branch_true: following ‘true’ branch (when ‘i < nfiles’)...
sudo-1.9.17p2/src/sudo_edit.c:556:12: branch_true: ...to here
sudo-1.9.17p2/src/sudo_edit.c:557:13: danger: ‘sesh_ap’ leaks here; was allocated at [(3)](sarif:/runs/0/results/32/codeFlows/0/threadFlows/0/locations/2)
#  555|       for (i = 0; i < nfiles; i++) {
#  556|   	if (tfd != -1)
#  557|-> 	    close(tfd);
#  558|   	if ((tfd = open(tf[i].tfile, O_RDONLY|O_NONBLOCK|O_NOFOLLOW)) == -1) {
#  559|   	    sudo_warn(U_("unable to open %s"), tf[i].tfile);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def740]
sudo-1.9.17p2/src/sudo_edit.c:559:13: warning[-Wanalyzer-malloc-leak]: leak of ‘sesh_ap’
sudo-1.9.17p2/src/sudo_edit.c:534:8: branch_false: following ‘false’ branch (when ‘nfiles > 0’)...
sudo-1.9.17p2/src/sudo_edit.c:537:18: branch_false: ...to here
sudo-1.9.17p2/src/sudo_edit.c:538:27: acquire_memory: allocated here
sudo-1.9.17p2/src/sudo_edit.c:539:8: branch_false: following ‘false’ branch (when ‘sesh_ap’ is non-NULL)...
sudo-1.9.17p2/src/sudo_edit.c:543:5: branch_false: ...to here
sudo-1.9.17p2/src/sudo_edit.c:545:8: branch_false: following ‘false’ branch...
sudo-1.9.17p2/src/sudo_edit.c:553:6: branch_false: ...to here
sudo-1.9.17p2/src/sudo_edit.c:555:17: branch_true: following ‘true’ branch (when ‘i < nfiles’)...
sudo-1.9.17p2/src/sudo_edit.c:556:12: branch_true: ...to here
sudo-1.9.17p2/src/sudo_edit.c:556:12: branch_false: following ‘false’ branch (when ‘tfd == -1’)...
sudo-1.9.17p2/src/sudo_edit.c:558:27: branch_false: ...to here
sudo-1.9.17p2/src/sudo_edit.c:558:12: branch_true: following ‘true’ branch...
sudo-1.9.17p2/src/sudo_edit.c:559:13: branch_true: ...to here
sudo-1.9.17p2/src/sudo_edit.c:559:13: danger: ‘sesh_ap’ leaks here; was allocated at [(3)](sarif:/runs/0/results/33/codeFlows/0/threadFlows/0/locations/2)
#  557|   	    close(tfd);
#  558|   	if ((tfd = open(tf[i].tfile, O_RDONLY|O_NONBLOCK|O_NOFOLLOW)) == -1) {
#  559|-> 	    sudo_warn(U_("unable to open %s"), tf[i].tfile);
#  560|   	    continue;
#  561|   	}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def741]
sudo-1.9.17p2/src/sudo_edit.c:562:14: warning[-Wanalyzer-malloc-leak]: leak of ‘sesh_ap’
sudo-1.9.17p2/src/sudo_edit.c:534:8: branch_false: following ‘false’ branch (when ‘nfiles > 0’)...
sudo-1.9.17p2/src/sudo_edit.c:537:18: branch_false: ...to here
sudo-1.9.17p2/src/sudo_edit.c:538:27: acquire_memory: allocated here
sudo-1.9.17p2/src/sudo_edit.c:539:8: branch_false: following ‘false’ branch (when ‘sesh_ap’ is non-NULL)...
sudo-1.9.17p2/src/sudo_edit.c:543:5: branch_false: ...to here
sudo-1.9.17p2/src/sudo_edit.c:545:8: branch_false: following ‘false’ branch...
sudo-1.9.17p2/src/sudo_edit.c:553:6: branch_false: ...to here
sudo-1.9.17p2/src/sudo_edit.c:555:17: branch_true: following ‘true’ branch (when ‘i < nfiles’)...
sudo-1.9.17p2/src/sudo_edit.c:556:12: branch_true: ...to here
sudo-1.9.17p2/src/sudo_edit.c:556:12: branch_false: following ‘false’ branch (when ‘tfd == -1’)...
sudo-1.9.17p2/src/sudo_edit.c:558:27: branch_false: ...to here
sudo-1.9.17p2/src/sudo_edit.c:558:12: branch_false: following ‘false’ branch...
sudo-1.9.17p2/src/sudo_edit.c:562:53: branch_false: ...to here
sudo-1.9.17p2/src/sudo_edit.c:562:14: danger: ‘sesh_ap’ leaks here; was allocated at [(3)](sarif:/runs/0/results/37/codeFlows/0/threadFlows/0/locations/2)
#  560|   	    continue;
#  561|   	}
#  562|-> 	if (!sudo_check_temp_file(tfd, tf[i].tfile, user_cred->uid, &sb))
#  563|   	    continue;
#  564|   	mtim_get(&sb, ts);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def742]
sudo-1.9.17p2/src/sudo_edit.c:571:17: warning[-Wanalyzer-malloc-leak]: leak of ‘sesh_ap’
sudo-1.9.17p2/src/sudo_edit.c:534:8: branch_false: following ‘false’ branch (when ‘nfiles > 0’)...
sudo-1.9.17p2/src/sudo_edit.c:537:18: branch_false: ...to here
sudo-1.9.17p2/src/sudo_edit.c:538:27: acquire_memory: allocated here
sudo-1.9.17p2/src/sudo_edit.c:539:8: branch_false: following ‘false’ branch (when ‘sesh_ap’ is non-NULL)...
sudo-1.9.17p2/src/sudo_edit.c:543:5: branch_false: ...to here
sudo-1.9.17p2/src/sudo_edit.c:545:8: branch_false: following ‘false’ branch...
sudo-1.9.17p2/src/sudo_edit.c:553:6: branch_false: ...to here
sudo-1.9.17p2/src/sudo_edit.c:555:17: branch_true: following ‘true’ branch (when ‘i < nfiles’)...
sudo-1.9.17p2/src/sudo_edit.c:556:12: branch_true: ...to here
sudo-1.9.17p2/src/sudo_edit.c:556:12: branch_false: following ‘false’ branch (when ‘tfd == -1’)...
sudo-1.9.17p2/src/sudo_edit.c:558:27: branch_false: ...to here
sudo-1.9.17p2/src/sudo_edit.c:558:12: branch_false: following ‘false’ branch...
sudo-1.9.17p2/src/sudo_edit.c:562:53: branch_false: ...to here
sudo-1.9.17p2/src/sudo_edit.c:562:12: branch_true: following ‘true’ branch...
sudo-1.9.17p2/src/sudo_edit.c:564:9: branch_true: ...to here
sudo-1.9.17p2/src/sudo_edit.c:565:12: branch_true: following ‘true’ branch...
sudo-1.9.17p2/src/sudo_edit.c:570:16: branch_true: following ‘true’ branch...
sudo-1.9.17p2/src/sudo_edit.c:571:17: branch_true: ...to here
sudo-1.9.17p2/src/sudo_edit.c:571:17: danger: ‘sesh_ap’ leaks here; was allocated at [(3)](sarif:/runs/0/results/38/codeFlows/0/threadFlows/0/locations/2)
#  569|   	     */
#  570|   	    if (sudo_timespeccmp(&times[0], &times[1], !=)) {
#  571|-> 		sudo_warnx(U_("%s unchanged"), tf[i].ofile);
#  572|   		unlink(tf[i].tfile);
#  573|   		continue;

Error: GCC_ANALYZER_WARNING (CWE-401): [#def743]
sudo-1.9.17p2/src/sudo_edit.c:580:13: warning[-Wanalyzer-malloc-leak]: leak of ‘sesh_ap’
sudo-1.9.17p2/src/sudo_edit.c:534:8: branch_false: following ‘false’ branch (when ‘nfiles > 0’)...
sudo-1.9.17p2/src/sudo_edit.c:537:18: branch_false: ...to here
sudo-1.9.17p2/src/sudo_edit.c:538:27: acquire_memory: allocated here
sudo-1.9.17p2/src/sudo_edit.c:539:8: branch_false: following ‘false’ branch (when ‘sesh_ap’ is non-NULL)...
sudo-1.9.17p2/src/sudo_edit.c:543:5: branch_false: ...to here
sudo-1.9.17p2/src/sudo_edit.c:545:8: branch_false: following ‘false’ branch...
sudo-1.9.17p2/src/sudo_edit.c:553:6: branch_false: ...to here
sudo-1.9.17p2/src/sudo_edit.c:555:17: branch_true: following ‘true’ branch (when ‘i < nfiles’)...
sudo-1.9.17p2/src/sudo_edit.c:556:12: branch_true: ...to here
sudo-1.9.17p2/src/sudo_edit.c:556:12: branch_false: following ‘false’ branch (when ‘tfd == -1’)...
sudo-1.9.17p2/src/sudo_edit.c:558:27: branch_false: ...to here
sudo-1.9.17p2/src/sudo_edit.c:558:12: branch_false: following ‘false’ branch...
sudo-1.9.17p2/src/sudo_edit.c:562:53: branch_false: ...to here
sudo-1.9.17p2/src/sudo_edit.c:562:12: branch_true: following ‘true’ branch...
sudo-1.9.17p2/src/sudo_edit.c:564:9: branch_true: ...to here
sudo-1.9.17p2/src/sudo_edit.c:579:12: branch_true: following ‘true’ branch...
sudo-1.9.17p2/src/sudo_edit.c:580:13: branch_true: ...to here
sudo-1.9.17p2/src/sudo_edit.c:580:13: danger: ‘sesh_ap’ leaks here; was allocated at [(3)](sarif:/runs/0/results/42/codeFlows/0/threadFlows/0/locations/2)
#  578|   	*sesh_ap++ = tf[i].ofile;
#  579|   	if (fchown(tfd, command_details->cred.uid, command_details->cred.gid) != 0) {
#  580|-> 	    sudo_warn("unable to chown(%s) back to %d:%d", tf[i].tfile,
#  581|   		command_details->cred.uid, command_details->cred.gid);
#  582|   	}

Error: GCC_ANALYZER_WARNING (CWE-401): [#def744]
sudo-1.9.17p2/src/sudo_edit.c:615:9: warning[-Wanalyzer-malloc-leak]: leak of ‘sesh_ap’
sudo-1.9.17p2/src/sudo_edit.c:534:8: branch_false: following ‘false’ branch (when ‘nfiles > 0’)...
sudo-1.9.17p2/src/sudo_edit.c:537:18: branch_false: ...to here
sudo-1.9.17p2/src/sudo_edit.c:538:27: acquire_memory: allocated here
sudo-1.9.17p2/src/sudo_edit.c:539:8: branch_false: following ‘false’ branch (when ‘sesh_ap’ is non-NULL)...
sudo-1.9.17p2/src/sudo_edit.c:543:5: branch_false: ...to here
sudo-1.9.17p2/src/sudo_edit.c:545:8: branch_false: following ‘false’ branch...
sudo-1.9.17p2/src/sudo_edit.c:553:6: branch_false: ...to here
sudo-1.9.17p2/src/sudo_edit.c:555:17: branch_true: following ‘true’ branch (when ‘i < nfiles’)...
sudo-1.9.17p2/src/sudo_edit.c:556:12: branch_true: ...to here
sudo-1.9.17p2/src/sudo_edit.c:556:12: branch_false: following ‘false’ branch (when ‘tfd == -1’)...
sudo-1.9.17p2/src/sudo_edit.c:558:27: branch_false: ...to here
sudo-1.9.17p2/src/sudo_edit.c:586:8: branch_false: following ‘false’ branch (when ‘run_helper == 0’)...
sudo-1.9.17p2/src/sudo_edit.c:587:9: branch_false: ...to here
sudo-1.9.17p2/src/sudo_edit.c:614:8: branch_true: following ‘true’ branch (when ‘tfd != -1’)...
sudo-1.9.17p2/src/sudo_edit.c:615:9: branch_true: ...to here
sudo-1.9.17p2/src/sudo_edit.c:615:9: danger: ‘sesh_ap’ leaks here; was allocated at [(3)](sarif:/runs/0/results/44/codeFlows/0/threadFlows/0/locations/2)
#  613|   done:
#  614|       if (tfd != -1)
#  615|-> 	close(tfd);
#  616|       /* Contents of tf will be freed by caller. */
#  617|       free(sesh_args);

Error: GCC_ANALYZER_WARNING (CWE-775): [#def745]
sudo-1.9.17p2/src/tgetpass.c:313:13: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘pfd[0]’
sudo-1.9.17p2/src/tgetpass.c:310:8: branch_false: following ‘false’ branch...
sudo-1.9.17p2/src/tgetpass.c:313:13: branch_false: ...to here
sudo-1.9.17p2/src/tgetpass.c:313:13: danger: ‘pfd[0]’ leaks here
#  311|   	sudo_fatal("%s", U_("unable to create pipe"));
#  312|   
#  313|->     child = sudo_debug_fork();
#  314|       if (child == -1)
#  315|   	sudo_fatal("%s", U_("unable to fork"));

Error: GCC_ANALYZER_WARNING (CWE-775): [#def746]
sudo-1.9.17p2/src/tgetpass.c:313:13: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘pfd[1]’
sudo-1.9.17p2/src/tgetpass.c:310:8: branch_false: following ‘false’ branch...
sudo-1.9.17p2/src/tgetpass.c:313:13: branch_false: ...to here
sudo-1.9.17p2/src/tgetpass.c:313:13: danger: ‘pfd[1]’ leaks here
#  311|   	sudo_fatal("%s", U_("unable to create pipe"));
#  312|   
#  313|->     child = sudo_debug_fork();
#  314|       if (child == -1)
#  315|   	sudo_fatal("%s", U_("unable to fork"));

Error: GCC_ANALYZER_WARNING (CWE-775): [#def747]
sudo-1.9.17p2/src/tgetpass.c:315:9: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘pfd[0]’
sudo-1.9.17p2/src/tgetpass.c:310:8: branch_false: following ‘false’ branch...
sudo-1.9.17p2/src/tgetpass.c:313:13: branch_false: ...to here
sudo-1.9.17p2/src/tgetpass.c:314:8: branch_true: following ‘true’ branch...
sudo-1.9.17p2/src/tgetpass.c:315:9: branch_true: ...to here
sudo-1.9.17p2/src/tgetpass.c:315:9: danger: ‘pfd[0]’ leaks here
#  313|       child = sudo_debug_fork();
#  314|       if (child == -1)
#  315|-> 	sudo_fatal("%s", U_("unable to fork"));
#  316|   
#  317|       if (child == 0) {

Error: GCC_ANALYZER_WARNING (CWE-775): [#def748]
sudo-1.9.17p2/src/tgetpass.c:315:9: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘pfd[1]’
sudo-1.9.17p2/src/tgetpass.c:310:8: branch_false: following ‘false’ branch...
sudo-1.9.17p2/src/tgetpass.c:313:13: branch_false: ...to here
sudo-1.9.17p2/src/tgetpass.c:314:8: branch_true: following ‘true’ branch...
sudo-1.9.17p2/src/tgetpass.c:315:9: branch_true: ...to here
sudo-1.9.17p2/src/tgetpass.c:315:9: danger: ‘pfd[1]’ leaks here
#  313|       child = sudo_debug_fork();
#  314|       if (child == -1)
#  315|-> 	sudo_fatal("%s", U_("unable to fork"));
#  316|   
#  317|       if (child == 0) {

Error: GCC_ANALYZER_WARNING (CWE-775): [#def749]
sudo-1.9.17p2/src/tgetpass.c:319:12: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘dup3(pfd[1], 1, 0)’
sudo-1.9.17p2/src/tgetpass.c:310:8: branch_false: following ‘false’ branch...
sudo-1.9.17p2/src/tgetpass.c:313:13: branch_false: ...to here
sudo-1.9.17p2/src/tgetpass.c:314:8: branch_false: following ‘false’ branch...
sudo-1.9.17p2/src/tgetpass.c:317:8: branch_false: ...to here
sudo-1.9.17p2/src/tgetpass.c:317:8: branch_true: following ‘true’ branch...
sudo-1.9.17p2/src/tgetpass.c:319:13: branch_true: ...to here
sudo-1.9.17p2/src/tgetpass.c:319:13: acquire_resource: opened here
sudo-1.9.17p2/src/tgetpass.c:319:12: danger: ‘dup3(pfd[1], 1, 0)’ leaks here; was opened at [(8)](sarif:/runs/0/results/10/codeFlows/0/threadFlows/0/locations/7)
#  317|       if (child == 0) {
#  318|   	/* child, set stdout to write side of the pipe */
#  319|-> 	if (dup3(pfd[1], STDOUT_FILENO, 0) == -1) {
#  320|   	    sudo_warn("dup3");
#  321|   	    _exit(255);

Error: GCC_ANALYZER_WARNING (CWE-775): [#def750]
sudo-1.9.17p2/src/tgetpass.c:320:13: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘pfd[0]’
sudo-1.9.17p2/src/tgetpass.c:310:8: branch_false: following ‘false’ branch...
sudo-1.9.17p2/src/tgetpass.c:313:13: branch_false: ...to here
sudo-1.9.17p2/src/tgetpass.c:314:8: branch_false: following ‘false’ branch...
sudo-1.9.17p2/src/tgetpass.c:317:8: branch_false: ...to here
sudo-1.9.17p2/src/tgetpass.c:317:8: branch_true: following ‘true’ branch...
sudo-1.9.17p2/src/tgetpass.c:319:13: branch_true: ...to here
sudo-1.9.17p2/src/tgetpass.c:319:12: branch_true: following ‘true’ branch...
sudo-1.9.17p2/src/tgetpass.c:320:13: branch_true: ...to here
sudo-1.9.17p2/src/tgetpass.c:320:13: danger: ‘pfd[0]’ leaks here
#  318|   	/* child, set stdout to write side of the pipe */
#  319|   	if (dup3(pfd[1], STDOUT_FILENO, 0) == -1) {
#  320|-> 	    sudo_warn("dup3");
#  321|   	    _exit(255);
#  322|   	}

Error: GCC_ANALYZER_WARNING (CWE-775): [#def751]
sudo-1.9.17p2/src/tgetpass.c:320:13: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘pfd[1]’
sudo-1.9.17p2/src/tgetpass.c:310:8: branch_false: following ‘false’ branch...
sudo-1.9.17p2/src/tgetpass.c:313:13: branch_false: ...to here
sudo-1.9.17p2/src/tgetpass.c:314:8: branch_false: following ‘false’ branch...
sudo-1.9.17p2/src/tgetpass.c:317:8: branch_false: ...to here
sudo-1.9.17p2/src/tgetpass.c:317:8: branch_true: following ‘true’ branch...
sudo-1.9.17p2/src/tgetpass.c:319:13: branch_true: ...to here
sudo-1.9.17p2/src/tgetpass.c:319:12: branch_true: following ‘true’ branch...
sudo-1.9.17p2/src/tgetpass.c:320:13: branch_true: ...to here
sudo-1.9.17p2/src/tgetpass.c:320:13: danger: ‘pfd[1]’ leaks here
#  318|   	/* child, set stdout to write side of the pipe */
#  319|   	if (dup3(pfd[1], STDOUT_FILENO, 0) == -1) {
#  320|-> 	    sudo_warn("dup3");
#  321|   	    _exit(255);
#  322|   	}

Error: GCC_ANALYZER_WARNING (CWE-775): [#def752]
sudo-1.9.17p2/src/tgetpass.c:324:13: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘pfd[0]’
sudo-1.9.17p2/src/tgetpass.c:310:8: branch_false: following ‘false’ branch...
sudo-1.9.17p2/src/tgetpass.c:313:13: branch_false: ...to here
sudo-1.9.17p2/src/tgetpass.c:314:8: branch_false: following ‘false’ branch...
sudo-1.9.17p2/src/tgetpass.c:317:8: branch_false: ...to here
sudo-1.9.17p2/src/tgetpass.c:317:8: branch_true: following ‘true’ branch...
sudo-1.9.17p2/src/tgetpass.c:319:13: branch_true: ...to here
sudo-1.9.17p2/src/tgetpass.c:319:12: branch_false: following ‘false’ branch...
sudo-1.9.17p2/src/tgetpass.c:323:13: branch_false: ...to here
sudo-1.9.17p2/src/tgetpass.c:323:12: branch_true: following ‘true’ branch...
sudo-1.9.17p2/src/tgetpass.c:324:13: branch_true: ...to here
sudo-1.9.17p2/src/tgetpass.c:324:13: danger: ‘pfd[0]’ leaks here
#  322|   	}
#  323|   	if (setuid(ROOT_UID) == -1)
#  324|-> 	    sudo_warn("setuid(%d)", ROOT_UID);
#  325|   	/* Close fds before uid change to prevent prlimit sabotage on Linux. */
#  326|   	closefrom(STDERR_FILENO + 1);

Error: GCC_ANALYZER_WARNING (CWE-775): [#def753]
sudo-1.9.17p2/src/tgetpass.c:324:13: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘pfd[1]’
sudo-1.9.17p2/src/tgetpass.c:310:8: branch_false: following ‘false’ branch...
sudo-1.9.17p2/src/tgetpass.c:313:13: branch_false: ...to here
sudo-1.9.17p2/src/tgetpass.c:314:8: branch_false: following ‘false’ branch...
sudo-1.9.17p2/src/tgetpass.c:317:8: branch_false: ...to here
sudo-1.9.17p2/src/tgetpass.c:317:8: branch_true: following ‘true’ branch...
sudo-1.9.17p2/src/tgetpass.c:319:13: branch_true: ...to here
sudo-1.9.17p2/src/tgetpass.c:319:12: branch_false: following ‘false’ branch...
sudo-1.9.17p2/src/tgetpass.c:323:13: branch_false: ...to here
sudo-1.9.17p2/src/tgetpass.c:323:12: branch_true: following ‘true’ branch...
sudo-1.9.17p2/src/tgetpass.c:324:13: branch_true: ...to here
sudo-1.9.17p2/src/tgetpass.c:324:13: danger: ‘pfd[1]’ leaks here
#  322|   	}
#  323|   	if (setuid(ROOT_UID) == -1)
#  324|-> 	    sudo_warn("setuid(%d)", ROOT_UID);
#  325|   	/* Close fds before uid change to prevent prlimit sabotage on Linux. */
#  326|   	closefrom(STDERR_FILENO + 1);

Error: GCC_ANALYZER_WARNING (CWE-775): [#def754]
sudo-1.9.17p2/src/tgetpass.c:326:9: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘pfd[0]’
sudo-1.9.17p2/src/tgetpass.c:310:8: branch_false: following ‘false’ branch...
sudo-1.9.17p2/src/tgetpass.c:313:13: branch_false: ...to here
sudo-1.9.17p2/src/tgetpass.c:314:8: branch_false: following ‘false’ branch...
sudo-1.9.17p2/src/tgetpass.c:317:8: branch_false: ...to here
sudo-1.9.17p2/src/tgetpass.c:317:8: branch_true: following ‘true’ branch...
sudo-1.9.17p2/src/tgetpass.c:319:13: branch_true: ...to here
sudo-1.9.17p2/src/tgetpass.c:319:12: branch_false: following ‘false’ branch...
sudo-1.9.17p2/src/tgetpass.c:323:13: branch_false: ...to here
sudo-1.9.17p2/src/tgetpass.c:326:9: danger: ‘pfd[0]’ leaks here
#  324|   	    sudo_warn("setuid(%d)", ROOT_UID);
#  325|   	/* Close fds before uid change to prevent prlimit sabotage on Linux. */
#  326|-> 	closefrom(STDERR_FILENO + 1);
#  327|   	/* Run the askpass program with the user's original resource limits. */
#  328|   	restore_limits();

Error: GCC_ANALYZER_WARNING (CWE-775): [#def755]
sudo-1.9.17p2/src/tgetpass.c:326:9: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘pfd[1]’
sudo-1.9.17p2/src/tgetpass.c:310:8: branch_false: following ‘false’ branch...
sudo-1.9.17p2/src/tgetpass.c:313:13: branch_false: ...to here
sudo-1.9.17p2/src/tgetpass.c:314:8: branch_false: following ‘false’ branch...
sudo-1.9.17p2/src/tgetpass.c:317:8: branch_false: ...to here
sudo-1.9.17p2/src/tgetpass.c:317:8: branch_true: following ‘true’ branch...
sudo-1.9.17p2/src/tgetpass.c:319:13: branch_true: ...to here
sudo-1.9.17p2/src/tgetpass.c:319:12: branch_false: following ‘false’ branch...
sudo-1.9.17p2/src/tgetpass.c:323:13: branch_false: ...to here
sudo-1.9.17p2/src/tgetpass.c:326:9: danger: ‘pfd[1]’ leaks here
#  324|   	    sudo_warn("setuid(%d)", ROOT_UID);
#  325|   	/* Close fds before uid change to prevent prlimit sabotage on Linux. */
#  326|-> 	closefrom(STDERR_FILENO + 1);
#  327|   	/* Run the askpass program with the user's original resource limits. */
#  328|   	restore_limits();

Error: GCC_ANALYZER_WARNING (CWE-775): [#def756]
sudo-1.9.17p2/src/tgetpass.c:328:9: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘pfd[0]’
sudo-1.9.17p2/src/tgetpass.c:310:8: branch_false: following ‘false’ branch...
sudo-1.9.17p2/src/tgetpass.c:313:13: branch_false: ...to here
sudo-1.9.17p2/src/tgetpass.c:314:8: branch_false: following ‘false’ branch...
sudo-1.9.17p2/src/tgetpass.c:317:8: branch_false: ...to here
sudo-1.9.17p2/src/tgetpass.c:317:8: branch_true: following ‘true’ branch...
sudo-1.9.17p2/src/tgetpass.c:319:13: branch_true: ...to here
sudo-1.9.17p2/src/tgetpass.c:319:12: branch_false: following ‘false’ branch...
sudo-1.9.17p2/src/tgetpass.c:323:13: branch_false: ...to here
sudo-1.9.17p2/src/tgetpass.c:328:9: danger: ‘pfd[0]’ leaks here
#  326|   	closefrom(STDERR_FILENO + 1);
#  327|   	/* Run the askpass program with the user's original resource limits. */
#  328|-> 	restore_limits();
#  329|   	/* But avoid a setuid() failure on Linux due to RLIMIT_NPROC. */
#  330|   	unlimit_nproc();

Error: GCC_ANALYZER_WARNING (CWE-775): [#def757]
sudo-1.9.17p2/src/tgetpass.c:328:9: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘pfd[1]’
sudo-1.9.17p2/src/tgetpass.c:310:8: branch_false: following ‘false’ branch...
sudo-1.9.17p2/src/tgetpass.c:313:13: branch_false: ...to here
sudo-1.9.17p2/src/tgetpass.c:314:8: branch_false: following ‘false’ branch...
sudo-1.9.17p2/src/tgetpass.c:317:8: branch_false: ...to here
sudo-1.9.17p2/src/tgetpass.c:317:8: branch_true: following ‘true’ branch...
sudo-1.9.17p2/src/tgetpass.c:319:13: branch_true: ...to here
sudo-1.9.17p2/src/tgetpass.c:319:12: branch_false: following ‘false’ branch...
sudo-1.9.17p2/src/tgetpass.c:323:13: branch_false: ...to here
sudo-1.9.17p2/src/tgetpass.c:328:9: danger: ‘pfd[1]’ leaks here
#  326|   	closefrom(STDERR_FILENO + 1);
#  327|   	/* Run the askpass program with the user's original resource limits. */
#  328|-> 	restore_limits();
#  329|   	/* But avoid a setuid() failure on Linux due to RLIMIT_NPROC. */
#  330|   	unlimit_nproc();

Error: GCC_ANALYZER_WARNING (CWE-775): [#def758]
sudo-1.9.17p2/src/tgetpass.c:330:9: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘pfd[0]’
sudo-1.9.17p2/src/tgetpass.c:310:8: branch_false: following ‘false’ branch...
sudo-1.9.17p2/src/tgetpass.c:313:13: branch_false: ...to here
sudo-1.9.17p2/src/tgetpass.c:314:8: branch_false: following ‘false’ branch...
sudo-1.9.17p2/src/tgetpass.c:317:8: branch_false: ...to here
sudo-1.9.17p2/src/tgetpass.c:317:8: branch_true: following ‘true’ branch...
sudo-1.9.17p2/src/tgetpass.c:319:13: branch_true: ...to here
sudo-1.9.17p2/src/tgetpass.c:319:12: branch_false: following ‘false’ branch...
sudo-1.9.17p2/src/tgetpass.c:323:13: branch_false: ...to here
sudo-1.9.17p2/src/tgetpass.c:330:9: danger: ‘pfd[0]’ leaks here
#  328|   	restore_limits();
#  329|   	/* But avoid a setuid() failure on Linux due to RLIMIT_NPROC. */
#  330|-> 	unlimit_nproc();
#  331|   	if (setgid(cred->gid)) {
#  332|   	    sudo_warn(U_("unable to set gid to %u"), (unsigned int)cred->gid);

Error: GCC_ANALYZER_WARNING (CWE-775): [#def759]
sudo-1.9.17p2/src/tgetpass.c:330:9: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘pfd[1]’
sudo-1.9.17p2/src/tgetpass.c:310:8: branch_false: following ‘false’ branch...
sudo-1.9.17p2/src/tgetpass.c:313:13: branch_false: ...to here
sudo-1.9.17p2/src/tgetpass.c:314:8: branch_false: following ‘false’ branch...
sudo-1.9.17p2/src/tgetpass.c:317:8: branch_false: ...to here
sudo-1.9.17p2/src/tgetpass.c:317:8: branch_true: following ‘true’ branch...
sudo-1.9.17p2/src/tgetpass.c:319:13: branch_true: ...to here
sudo-1.9.17p2/src/tgetpass.c:319:12: branch_false: following ‘false’ branch...
sudo-1.9.17p2/src/tgetpass.c:323:13: branch_false: ...to here
sudo-1.9.17p2/src/tgetpass.c:330:9: danger: ‘pfd[1]’ leaks here
#  328|   	restore_limits();
#  329|   	/* But avoid a setuid() failure on Linux due to RLIMIT_NPROC. */
#  330|-> 	unlimit_nproc();
#  331|   	if (setgid(cred->gid)) {
#  332|   	    sudo_warn(U_("unable to set gid to %u"), (unsigned int)cred->gid);

Error: GCC_ANALYZER_WARNING (CWE-775): [#def760]
sudo-1.9.17p2/src/tgetpass.c:332:13: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘pfd[0]’
sudo-1.9.17p2/src/tgetpass.c:310:8: branch_false: following ‘false’ branch...
sudo-1.9.17p2/src/tgetpass.c:313:13: branch_false: ...to here
sudo-1.9.17p2/src/tgetpass.c:314:8: branch_false: following ‘false’ branch...
sudo-1.9.17p2/src/tgetpass.c:317:8: branch_false: ...to here
sudo-1.9.17p2/src/tgetpass.c:317:8: branch_true: following ‘true’ branch...
sudo-1.9.17p2/src/tgetpass.c:319:13: branch_true: ...to here
sudo-1.9.17p2/src/tgetpass.c:319:12: branch_false: following ‘false’ branch...
sudo-1.9.17p2/src/tgetpass.c:323:13: branch_false: ...to here
sudo-1.9.17p2/src/tgetpass.c:331:12: branch_true: following ‘true’ branch...
sudo-1.9.17p2/src/tgetpass.c:332:13: branch_true: ...to here
sudo-1.9.17p2/src/tgetpass.c:332:13: danger: ‘pfd[0]’ leaks here
#  330|   	unlimit_nproc();
#  331|   	if (setgid(cred->gid)) {
#  332|-> 	    sudo_warn(U_("unable to set gid to %u"), (unsigned int)cred->gid);
#  333|   	    _exit(255);
#  334|   	}

Error: GCC_ANALYZER_WARNING (CWE-775): [#def761]
sudo-1.9.17p2/src/tgetpass.c:332:13: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘pfd[1]’
sudo-1.9.17p2/src/tgetpass.c:310:8: branch_false: following ‘false’ branch...
sudo-1.9.17p2/src/tgetpass.c:313:13: branch_false: ...to here
sudo-1.9.17p2/src/tgetpass.c:314:8: branch_false: following ‘false’ branch...
sudo-1.9.17p2/src/tgetpass.c:317:8: branch_false: ...to here
sudo-1.9.17p2/src/tgetpass.c:317:8: branch_true: following ‘true’ branch...
sudo-1.9.17p2/src/tgetpass.c:319:13: branch_true: ...to here
sudo-1.9.17p2/src/tgetpass.c:319:12: branch_false: following ‘false’ branch...
sudo-1.9.17p2/src/tgetpass.c:323:13: branch_false: ...to here
sudo-1.9.17p2/src/tgetpass.c:331:12: branch_true: following ‘true’ branch...
sudo-1.9.17p2/src/tgetpass.c:332:13: branch_true: ...to here
sudo-1.9.17p2/src/tgetpass.c:332:13: danger: ‘pfd[1]’ leaks here
#  330|   	unlimit_nproc();
#  331|   	if (setgid(cred->gid)) {
#  332|-> 	    sudo_warn(U_("unable to set gid to %u"), (unsigned int)cred->gid);
#  333|   	    _exit(255);
#  334|   	}

Error: GCC_ANALYZER_WARNING (CWE-775): [#def762]
sudo-1.9.17p2/src/tgetpass.c:336:17: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘pfd[0]’
sudo-1.9.17p2/src/tgetpass.c:310:8: branch_false: following ‘false’ branch...
sudo-1.9.17p2/src/tgetpass.c:313:13: branch_false: ...to here
sudo-1.9.17p2/src/tgetpass.c:314:8: branch_false: following ‘false’ branch...
sudo-1.9.17p2/src/tgetpass.c:317:8: branch_false: ...to here
sudo-1.9.17p2/src/tgetpass.c:317:8: branch_true: following ‘true’ branch...
sudo-1.9.17p2/src/tgetpass.c:319:13: branch_true: ...to here
sudo-1.9.17p2/src/tgetpass.c:319:12: branch_false: following ‘false’ branch...
sudo-1.9.17p2/src/tgetpass.c:323:13: branch_false: ...to here
sudo-1.9.17p2/src/tgetpass.c:331:12: branch_false: following ‘false’ branch...
sudo-1.9.17p2/src/tgetpass.c:335:13: branch_false: ...to here
sudo-1.9.17p2/src/tgetpass.c:335:12: branch_true: following ‘true’ branch...
sudo-1.9.17p2/src/tgetpass.c:336:17: branch_true: ...to here
sudo-1.9.17p2/src/tgetpass.c:336:17: danger: ‘pfd[0]’ leaks here
#  334|   	}
#  335|   	if (cred->ngroups != -1) {
#  336|-> 	    if (sudo_setgroups(cred->ngroups, cred->groups) == -1) {
#  337|   		sudo_warn("%s", U_("unable to set supplementary group IDs"));
#  338|   		_exit(255);

Error: GCC_ANALYZER_WARNING (CWE-775): [#def763]
sudo-1.9.17p2/src/tgetpass.c:336:17: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘pfd[1]’
sudo-1.9.17p2/src/tgetpass.c:310:8: branch_false: following ‘false’ branch...
sudo-1.9.17p2/src/tgetpass.c:313:13: branch_false: ...to here
sudo-1.9.17p2/src/tgetpass.c:314:8: branch_false: following ‘false’ branch...
sudo-1.9.17p2/src/tgetpass.c:317:8: branch_false: ...to here
sudo-1.9.17p2/src/tgetpass.c:317:8: branch_true: following ‘true’ branch...
sudo-1.9.17p2/src/tgetpass.c:319:13: branch_true: ...to here
sudo-1.9.17p2/src/tgetpass.c:319:12: branch_false: following ‘false’ branch...
sudo-1.9.17p2/src/tgetpass.c:323:13: branch_false: ...to here
sudo-1.9.17p2/src/tgetpass.c:331:12: branch_false: following ‘false’ branch...
sudo-1.9.17p2/src/tgetpass.c:335:13: branch_false: ...to here
sudo-1.9.17p2/src/tgetpass.c:335:12: branch_true: following ‘true’ branch...
sudo-1.9.17p2/src/tgetpass.c:336:17: branch_true: ...to here
sudo-1.9.17p2/src/tgetpass.c:336:17: danger: ‘pfd[1]’ leaks here
#  334|   	}
#  335|   	if (cred->ngroups != -1) {
#  336|-> 	    if (sudo_setgroups(cred->ngroups, cred->groups) == -1) {
#  337|   		sudo_warn("%s", U_("unable to set supplementary group IDs"));
#  338|   		_exit(255);

Error: GCC_ANALYZER_WARNING (CWE-775): [#def764]
sudo-1.9.17p2/src/tgetpass.c:337:17: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘pfd[0]’
sudo-1.9.17p2/src/tgetpass.c:310:8: branch_false: following ‘false’ branch...
sudo-1.9.17p2/src/tgetpass.c:313:13: branch_false: ...to here
sudo-1.9.17p2/src/tgetpass.c:314:8: branch_false: following ‘false’ branch...
sudo-1.9.17p2/src/tgetpass.c:317:8: branch_false: ...to here
sudo-1.9.17p2/src/tgetpass.c:317:8: branch_true: following ‘true’ branch...
sudo-1.9.17p2/src/tgetpass.c:319:13: branch_true: ...to here
sudo-1.9.17p2/src/tgetpass.c:319:12: branch_false: following ‘false’ branch...
sudo-1.9.17p2/src/tgetpass.c:323:13: branch_false: ...to here
sudo-1.9.17p2/src/tgetpass.c:331:12: branch_false: following ‘false’ branch...
sudo-1.9.17p2/src/tgetpass.c:335:13: branch_false: ...to here
sudo-1.9.17p2/src/tgetpass.c:335:12: branch_true: following ‘true’ branch...
sudo-1.9.17p2/src/tgetpass.c:336:17: branch_true: ...to here
sudo-1.9.17p2/src/tgetpass.c:336:16: branch_true: following ‘true’ branch...
sudo-1.9.17p2/src/tgetpass.c:337:17: branch_true: ...to here
sudo-1.9.17p2/src/tgetpass.c:337:17: danger: ‘pfd[0]’ leaks here
#  335|   	if (cred->ngroups != -1) {
#  336|   	    if (sudo_setgroups(cred->ngroups, cred->groups) == -1) {
#  337|-> 		sudo_warn("%s", U_("unable to set supplementary group IDs"));
#  338|   		_exit(255);
#  339|   	    }

Error: GCC_ANALYZER_WARNING (CWE-775): [#def765]
sudo-1.9.17p2/src/tgetpass.c:337:17: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘pfd[1]’
sudo-1.9.17p2/src/tgetpass.c:310:8: branch_false: following ‘false’ branch...
sudo-1.9.17p2/src/tgetpass.c:313:13: branch_false: ...to here
sudo-1.9.17p2/src/tgetpass.c:314:8: branch_false: following ‘false’ branch...
sudo-1.9.17p2/src/tgetpass.c:317:8: branch_false: ...to here
sudo-1.9.17p2/src/tgetpass.c:317:8: branch_true: following ‘true’ branch...
sudo-1.9.17p2/src/tgetpass.c:319:13: branch_true: ...to here
sudo-1.9.17p2/src/tgetpass.c:319:12: branch_false: following ‘false’ branch...
sudo-1.9.17p2/src/tgetpass.c:323:13: branch_false: ...to here
sudo-1.9.17p2/src/tgetpass.c:331:12: branch_false: following ‘false’ branch...
sudo-1.9.17p2/src/tgetpass.c:335:13: branch_false: ...to here
sudo-1.9.17p2/src/tgetpass.c:335:12: branch_true: following ‘true’ branch...
sudo-1.9.17p2/src/tgetpass.c:336:17: branch_true: ...to here
sudo-1.9.17p2/src/tgetpass.c:336:16: branch_true: following ‘true’ branch...
sudo-1.9.17p2/src/tgetpass.c:337:17: branch_true: ...to here
sudo-1.9.17p2/src/tgetpass.c:337:17: danger: ‘pfd[1]’ leaks here
#  335|   	if (cred->ngroups != -1) {
#  336|   	    if (sudo_setgroups(cred->ngroups, cred->groups) == -1) {
#  337|-> 		sudo_warn("%s", U_("unable to set supplementary group IDs"));
#  338|   		_exit(255);
#  339|   	    }

Error: GCC_ANALYZER_WARNING (CWE-775): [#def766]
sudo-1.9.17p2/src/tgetpass.c:342:13: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘pfd[0]’
sudo-1.9.17p2/src/tgetpass.c:310:8: branch_false: following ‘false’ branch...
sudo-1.9.17p2/src/tgetpass.c:313:13: branch_false: ...to here
sudo-1.9.17p2/src/tgetpass.c:314:8: branch_false: following ‘false’ branch...
sudo-1.9.17p2/src/tgetpass.c:317:8: branch_false: ...to here
sudo-1.9.17p2/src/tgetpass.c:317:8: branch_true: following ‘true’ branch...
sudo-1.9.17p2/src/tgetpass.c:319:13: branch_true: ...to here
sudo-1.9.17p2/src/tgetpass.c:319:12: branch_false: following ‘false’ branch...
sudo-1.9.17p2/src/tgetpass.c:323:13: branch_false: ...to here
sudo-1.9.17p2/src/tgetpass.c:331:12: branch_false: following ‘false’ branch...
sudo-1.9.17p2/src/tgetpass.c:335:13: branch_false: ...to here
sudo-1.9.17p2/src/tgetpass.c:341:12: branch_true: following ‘true’ branch...
sudo-1.9.17p2/src/tgetpass.c:342:13: branch_true: ...to here
sudo-1.9.17p2/src/tgetpass.c:342:13: danger: ‘pfd[0]’ leaks here
#  340|   	}
#  341|   	if (setuid(cred->uid)) {
#  342|-> 	    sudo_warn(U_("unable to set uid to %u"), (unsigned int)cred->uid);
#  343|   	    _exit(255);
#  344|   	}

Error: GCC_ANALYZER_WARNING (CWE-775): [#def767]
sudo-1.9.17p2/src/tgetpass.c:342:13: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘pfd[1]’
sudo-1.9.17p2/src/tgetpass.c:310:8: branch_false: following ‘false’ branch...
sudo-1.9.17p2/src/tgetpass.c:313:13: branch_false: ...to here
sudo-1.9.17p2/src/tgetpass.c:314:8: branch_false: following ‘false’ branch...
sudo-1.9.17p2/src/tgetpass.c:317:8: branch_false: ...to here
sudo-1.9.17p2/src/tgetpass.c:317:8: branch_true: following ‘true’ branch...
sudo-1.9.17p2/src/tgetpass.c:319:13: branch_true: ...to here
sudo-1.9.17p2/src/tgetpass.c:319:12: branch_false: following ‘false’ branch...
sudo-1.9.17p2/src/tgetpass.c:323:13: branch_false: ...to here
sudo-1.9.17p2/src/tgetpass.c:331:12: branch_false: following ‘false’ branch...
sudo-1.9.17p2/src/tgetpass.c:335:13: branch_false: ...to here
sudo-1.9.17p2/src/tgetpass.c:341:12: branch_true: following ‘true’ branch...
sudo-1.9.17p2/src/tgetpass.c:342:13: branch_true: ...to here
sudo-1.9.17p2/src/tgetpass.c:342:13: danger: ‘pfd[1]’ leaks here
#  340|   	}
#  341|   	if (setuid(cred->uid)) {
#  342|-> 	    sudo_warn(U_("unable to set uid to %u"), (unsigned int)cred->uid);
#  343|   	    _exit(255);
#  344|   	}

Error: GCC_ANALYZER_WARNING (CWE-775): [#def768]
sudo-1.9.17p2/src/tgetpass.c:345:9: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘pfd[0]’
sudo-1.9.17p2/src/tgetpass.c:310:8: branch_false: following ‘false’ branch...
sudo-1.9.17p2/src/tgetpass.c:313:13: branch_false: ...to here
sudo-1.9.17p2/src/tgetpass.c:314:8: branch_false: following ‘false’ branch...
sudo-1.9.17p2/src/tgetpass.c:317:8: branch_false: ...to here
sudo-1.9.17p2/src/tgetpass.c:317:8: branch_true: following ‘true’ branch...
sudo-1.9.17p2/src/tgetpass.c:319:13: branch_true: ...to here
sudo-1.9.17p2/src/tgetpass.c:319:12: branch_false: following ‘false’ branch...
sudo-1.9.17p2/src/tgetpass.c:323:13: branch_false: ...to here
sudo-1.9.17p2/src/tgetpass.c:331:12: branch_false: following ‘false’ branch...
sudo-1.9.17p2/src/tgetpass.c:335:13: branch_false: ...to here
sudo-1.9.17p2/src/tgetpass.c:341:12: branch_false: following ‘false’ branch...
sudo-1.9.17p2/src/tgetpass.c:345:9: branch_false: ...to here
sudo-1.9.17p2/src/tgetpass.c:345:9: danger: ‘pfd[0]’ leaks here
#  343|   	    _exit(255);
#  344|   	}
#  345|-> 	restore_nproc();
#  346|   	execl(askpass, askpass, prompt, (char *)NULL);
#  347|   	sudo_warn(U_("unable to run %s"), askpass);

Error: GCC_ANALYZER_WARNING (CWE-775): [#def769]
sudo-1.9.17p2/src/tgetpass.c:345:9: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘pfd[1]’
sudo-1.9.17p2/src/tgetpass.c:310:8: branch_false: following ‘false’ branch...
sudo-1.9.17p2/src/tgetpass.c:313:13: branch_false: ...to here
sudo-1.9.17p2/src/tgetpass.c:314:8: branch_false: following ‘false’ branch...
sudo-1.9.17p2/src/tgetpass.c:317:8: branch_false: ...to here
sudo-1.9.17p2/src/tgetpass.c:317:8: branch_true: following ‘true’ branch...
sudo-1.9.17p2/src/tgetpass.c:319:13: branch_true: ...to here
sudo-1.9.17p2/src/tgetpass.c:319:12: branch_false: following ‘false’ branch...
sudo-1.9.17p2/src/tgetpass.c:323:13: branch_false: ...to here
sudo-1.9.17p2/src/tgetpass.c:331:12: branch_false: following ‘false’ branch...
sudo-1.9.17p2/src/tgetpass.c:335:13: branch_false: ...to here
sudo-1.9.17p2/src/tgetpass.c:341:12: branch_false: following ‘false’ branch...
sudo-1.9.17p2/src/tgetpass.c:345:9: branch_false: ...to here
sudo-1.9.17p2/src/tgetpass.c:345:9: danger: ‘pfd[1]’ leaks here
#  343|   	    _exit(255);
#  344|   	}
#  345|-> 	restore_nproc();
#  346|   	execl(askpass, askpass, prompt, (char *)NULL);
#  347|   	sudo_warn(U_("unable to run %s"), askpass);

Error: GCC_ANALYZER_WARNING (CWE-775): [#def770]
sudo-1.9.17p2/src/tgetpass.c:347:9: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘pfd[0]’
sudo-1.9.17p2/src/tgetpass.c:310:8: branch_false: following ‘false’ branch...
sudo-1.9.17p2/src/tgetpass.c:313:13: branch_false: ...to here
sudo-1.9.17p2/src/tgetpass.c:314:8: branch_false: following ‘false’ branch...
sudo-1.9.17p2/src/tgetpass.c:317:8: branch_false: ...to here
sudo-1.9.17p2/src/tgetpass.c:317:8: branch_true: following ‘true’ branch...
sudo-1.9.17p2/src/tgetpass.c:319:13: branch_true: ...to here
sudo-1.9.17p2/src/tgetpass.c:319:12: branch_false: following ‘false’ branch...
sudo-1.9.17p2/src/tgetpass.c:323:13: branch_false: ...to here
sudo-1.9.17p2/src/tgetpass.c:331:12: branch_false: following ‘false’ branch...
sudo-1.9.17p2/src/tgetpass.c:335:13: branch_false: ...to here
sudo-1.9.17p2/src/tgetpass.c:341:12: branch_false: following ‘false’ branch...
sudo-1.9.17p2/src/tgetpass.c:345:9: branch_false: ...to here
sudo-1.9.17p2/src/tgetpass.c:347:9: danger: ‘pfd[0]’ leaks here
#  345|   	restore_nproc();
#  346|   	execl(askpass, askpass, prompt, (char *)NULL);
#  347|-> 	sudo_warn(U_("unable to run %s"), askpass);
#  348|   	_exit(255);
#  349|       }

Error: GCC_ANALYZER_WARNING (CWE-775): [#def771]
sudo-1.9.17p2/src/tgetpass.c:347:9: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘pfd[1]’
sudo-1.9.17p2/src/tgetpass.c:310:8: branch_false: following ‘false’ branch...
sudo-1.9.17p2/src/tgetpass.c:313:13: branch_false: ...to here
sudo-1.9.17p2/src/tgetpass.c:314:8: branch_false: following ‘false’ branch...
sudo-1.9.17p2/src/tgetpass.c:317:8: branch_false: ...to here
sudo-1.9.17p2/src/tgetpass.c:317:8: branch_true: following ‘true’ branch...
sudo-1.9.17p2/src/tgetpass.c:319:13: branch_true: ...to here
sudo-1.9.17p2/src/tgetpass.c:319:12: branch_false: following ‘false’ branch...
sudo-1.9.17p2/src/tgetpass.c:323:13: branch_false: ...to here
sudo-1.9.17p2/src/tgetpass.c:331:12: branch_false: following ‘false’ branch...
sudo-1.9.17p2/src/tgetpass.c:335:13: branch_false: ...to here
sudo-1.9.17p2/src/tgetpass.c:341:12: branch_false: following ‘false’ branch...
sudo-1.9.17p2/src/tgetpass.c:345:9: branch_false: ...to here
sudo-1.9.17p2/src/tgetpass.c:347:9: danger: ‘pfd[1]’ leaks here
#  345|   	restore_nproc();
#  346|   	execl(askpass, askpass, prompt, (char *)NULL);
#  347|-> 	sudo_warn(U_("unable to run %s"), askpass);
#  348|   	_exit(255);
#  349|       }

Error: GCC_ANALYZER_WARNING (CWE-775): [#def772]
sudo-1.9.17p2/src/tgetpass.c:352:12: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘pfd[0]’
sudo-1.9.17p2/src/tgetpass.c:310:8: branch_false: following ‘false’ branch...
sudo-1.9.17p2/src/tgetpass.c:313:13: branch_false: ...to here
sudo-1.9.17p2/src/tgetpass.c:314:8: branch_false: following ‘false’ branch...
sudo-1.9.17p2/src/tgetpass.c:317:8: branch_false: ...to here
sudo-1.9.17p2/src/tgetpass.c:317:8: branch_false: following ‘false’ branch...
sudo-1.9.17p2/src/tgetpass.c:352:12: branch_false: ...to here
sudo-1.9.17p2/src/tgetpass.c:352:12: danger: ‘pfd[0]’ leaks here
#  350|   
#  351|       /* Get response from child (askpass). */
#  352|->     (void) close(pfd[1]);
#  353|       pass = getln(pfd[0], buf, sizeof(buf), 0, &errval);
#  354|       (void) close(pfd[0]);

Error: GCC_ANALYZER_WARNING (CWE-775): [#def773]
sudo-1.9.17p2/src/tgetpass.c:352:12: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘pfd[1]’
sudo-1.9.17p2/src/tgetpass.c:310:8: branch_false: following ‘false’ branch...
sudo-1.9.17p2/src/tgetpass.c:313:13: branch_false: ...to here
sudo-1.9.17p2/src/tgetpass.c:314:8: branch_false: following ‘false’ branch...
sudo-1.9.17p2/src/tgetpass.c:317:8: branch_false: ...to here
sudo-1.9.17p2/src/tgetpass.c:317:8: branch_false: following ‘false’ branch...
sudo-1.9.17p2/src/tgetpass.c:352:12: branch_false: ...to here
sudo-1.9.17p2/src/tgetpass.c:352:12: danger: ‘pfd[1]’ leaks here
#  350|   
#  351|       /* Get response from child (askpass). */
#  352|->     (void) close(pfd[1]);
#  353|       pass = getln(pfd[0], buf, sizeof(buf), 0, &errval);
#  354|       (void) close(pfd[0]);

Error: GCC_ANALYZER_WARNING (CWE-775): [#def774]
sudo-1.9.17p2/src/tgetpass.c:354:12: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘pfd[0]’
sudo-1.9.17p2/src/tgetpass.c:295:1: enter_function: entry to ‘sudo_askpass’
sudo-1.9.17p2/src/tgetpass.c:310:8: branch_false: following ‘false’ branch...
sudo-1.9.17p2/src/tgetpass.c:313:13: branch_false: ...to here
sudo-1.9.17p2/src/tgetpass.c:314:8: branch_false: following ‘false’ branch...
sudo-1.9.17p2/src/tgetpass.c:317:8: branch_false: ...to here
sudo-1.9.17p2/src/tgetpass.c:317:8: branch_false: following ‘false’ branch...
sudo-1.9.17p2/src/tgetpass.c:352:12: branch_false: ...to here
sudo-1.9.17p2/src/tgetpass.c:353:12: call_function: calling ‘getln’ from ‘sudo_askpass’
sudo-1.9.17p2/src/tgetpass.c:353:12: return_function: returning to ‘sudo_askpass’ from ‘getln’
sudo-1.9.17p2/src/tgetpass.c:354:12: danger: ‘pfd[0]’ leaks here
#  352|       (void) close(pfd[1]);
#  353|       pass = getln(pfd[0], buf, sizeof(buf), 0, &errval);
#  354|->     (void) close(pfd[0]);
#  355|   
#  356|       tgetpass_display_error(errval);

Error: GCC_ANALYZER_WARNING (CWE-775): [#def775]
sudo-1.9.17p2/src/tgetpass.c:386:5: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘pfd[0]’
sudo-1.9.17p2/src/tgetpass.c:295:1: enter_function: entry to ‘sudo_askpass’
sudo-1.9.17p2/src/tgetpass.c:310:8: branch_false: following ‘false’ branch...
sudo-1.9.17p2/src/tgetpass.c:313:13: branch_false: ...to here
sudo-1.9.17p2/src/tgetpass.c:314:8: branch_false: following ‘false’ branch...
sudo-1.9.17p2/src/tgetpass.c:317:8: branch_false: ...to here
sudo-1.9.17p2/src/tgetpass.c:317:8: branch_false: following ‘false’ branch...
sudo-1.9.17p2/src/tgetpass.c:352:12: branch_false: ...to here
sudo-1.9.17p2/src/tgetpass.c:353:12: call_function: calling ‘getln’ from ‘sudo_askpass’
#  384|       char *cp = buf;
#  385|       char c = '\0';
#  386|->     debug_decl(getln, SUDO_DEBUG_CONV);
#  387|   
#  388|       *errval = TGP_ERRVAL_NOERROR;

Error: GCC_ANALYZER_WARNING (CWE-775): [#def776]
sudo-1.9.17p2/src/tgetpass.c:443:9: warning[-Wanalyzer-fd-leak]: leak of file descriptor ‘pfd[0]’
sudo-1.9.17p2/src/tgetpass.c:295:1: enter_function: entry to ‘sudo_askpass’
sudo-1.9.17p2/src/tgetpass.c:310:8: branch_false: following ‘false’ branch...
sudo-1.9.17p2/src/tgetpass.c:313:13: branch_false: ...to here
sudo-1.9.17p2/src/tgetpass.c:314:8: branch_false: following ‘false’ branch...
sudo-1.9.17p2/src/tgetpass.c:317:8: branch_false: ...to here
sudo-1.9.17p2/src/tgetpass.c:317:8: branch_false: following ‘false’ branch...
sudo-1.9.17p2/src/tgetpass.c:352:12: branch_false: ...to here
sudo-1.9.17p2/src/tgetpass.c:353:12: call_function: calling ‘getln’ from ‘sudo_askpass’
#  441|   	    *errval = TGP_ERRVAL_READERROR;
#  442|   	}
#  443|-> 	debug_return_str(NULL);
#  444|       case 0:
#  445|   	/* EOF is only an error if no bytes were read. */