#Harmless? This return is called only if the "matches > 0" is false, if "matches == 0" the buf is free'd. This leak can thus happen only if matches is negative and this shouldn't be possible Error: RESOURCE_LEAK (CWE-772): gawk-5.1.0/builtin.c:3177: alloc_fn: Storage is returned from allocation function "erealloc_real". gawk-5.1.0/builtin.c:3177: var_assign: Assigning: "buf" = storage returned from "erealloc_real((void *)buf, (size_t)buflen, "do_sub", "buf", "builtin.c", 3177)". gawk-5.1.0/builtin.c:3178: var_assign: Assigning: "bp" = "buf". gawk-5.1.0/builtin.c:3210: leaked_storage: Variable "buf" going out of scope leaks the storage it points to. gawk-5.1.0/builtin.c:3210: leaked_storage: Variable "bp" going out of scope leaks the storage it points to. # 3208| # 3209| /* return the original string */ # 3210|-> return target; # 3211| } # 3212| #False positive? The append_statement function appends the second argument to the first and returns pointer to the updated first argument -> return value of the function can be ignored as long as the pointer to the first argument is still stored Error: RESOURCE_LEAK (CWE-772): gawk-5.1.0/command.y:254: alloc_fn: Storage is returned from allocation function "append_statement". gawk-5.1.0/command.y:254: var_assign: Assigning: "arg_list" = storage returned from "append_statement(yyvsp[-1], (char *)end_EVAL)". gawk-5.1.0/command.y:254: overwrite_var: Overwriting "arg_list" in "arg_list = append_statement(yyvsp[-1], (char *)end_EVAL)" leaks the storage that "arg_list" points to. # 252| : eval_prologue statement_list D_END # 253| { # 254|-> arg_list = append_statement($2, (char *) end_EVAL); # 255| if (read_a_line == read_commands_string) { /* unserializing 'eval' in 'commands' */ # 256| char *str = arg_list->a_string; #See above Error: RESOURCE_LEAK (CWE-772): gawk-5.1.0/command.y:274: alloc_fn: Storage is returned from allocation function "append_statement". gawk-5.1.0/command.y:274: leaked_storage: Failing to save or free storage allocated by "append_statement(arg, n->sub.val.sp)" leaks it. # 272| n = $3->a_node; # 273| arg = append_statement(NULL, (char *) start_EVAL); # 274|-> (void) append_statement(arg, n->stptr); # 275| (void) append_statement(arg, (char *) end_EVAL); # 276| free_cmdarg(arg_list); #See above Error: RESOURCE_LEAK (CWE-772): gawk-5.1.0/command.y:275: alloc_fn: Storage is returned from allocation function "append_statement". gawk-5.1.0/command.y:275: leaked_storage: Failing to save or free storage allocated by "append_statement(arg, (char *)end_EVAL)" leaks it. # 273| arg = append_statement(NULL, (char *) start_EVAL); # 274| (void) append_statement(arg, n->stptr); # 275|-> (void) append_statement(arg, (char *) end_EVAL); # 276| free_cmdarg(arg_list); # 277| arg_list = arg; #Bug? node assigned to "m" by "dupnode(m)" inside of this block: # /* $0 needs to be passed by value to a function */ # m might be rewritten/lost in the next iteration (unless this is the last iteration) by m=PEEK(j) # or by the end of the function (m doesn't seem to be free'd inside the function) Error: RESOURCE_LEAK (CWE-772): gawk-5.1.0/eval.c:1307: alloc_fn: Storage is returned from allocation function "dupnode". gawk-5.1.0/eval.c:1307: var_assign: Assigning: "m" = storage returned from "dupnode(m)". gawk-5.1.0/eval.c:1299: overwrite_var: Overwriting "m" in "m = (stack_ptr - j)->rptr" leaks the storage that "m" points to. # 1297| } # 1298| # 1299|-> m = PEEK(j); /* arguments in reverse order on runtime stack */ # 1300| # 1301| if (m->type == Node_param_list) #Bug? See above Error: RESOURCE_LEAK (CWE-772): gawk-5.1.0/eval.c:1307: alloc_fn: Storage is returned from allocation function "dupnode". gawk-5.1.0/eval.c:1307: var_assign: Assigning: "m" = storage returned from "dupnode(m)". gawk-5.1.0/eval.c:1367: leaked_storage: Variable "m" going out of scope leaks the storage it points to. # 1365| frame_ptr->reti = pc; /* on return execute pc->nexti */ # 1366| # 1367|-> return f->code_ptr; # 1368| } # 1369| #The following two does not seem to be false positive, but are probably intended? Error: RESOURCE_LEAK (CWE-772): gawk-5.1.0/ext.c:59: alloc_fn: Storage is returned from allocation function "dlopen". gawk-5.1.0/ext.c:59: var_assign: Assigning: "dl" = storage returned from "dlopen(lib_name, flags)". gawk-5.1.0/ext.c:64: noescape: Resource "dl" is not freed or pointed-to in "dlsym". gawk-5.1.0/ext.c:69: noescape: Resource "dl" is not freed or pointed-to in "dlsym". gawk-5.1.0/ext.c:78: leaked_storage: Variable "dl" going out of scope leaks the storage it points to. # 76| warning(_("load_ext: library `%s' initialization routine `%s' failed"), # 77| lib_name, INIT_FUNC); # 78|-> } # 79| # 80| /* make_builtin --- register name to be called as func with a builtin body */ Error: RESOURCE_LEAK (CWE-772): gawk-5.1.0/ext.c:103: alloc_fn: Storage is returned from allocation function "estrdup". gawk-5.1.0/ext.c:103: var_assign: Assigning: "install_name" = storage returned from "estrdup(name, strlen(name))". gawk-5.1.0/ext.c:131: leaked_storage: Variable "install_name" going out of scope leaks the storage it points to. # 129| if (do_lint) # 130| lintwarn(_("make_builtin: function `%s' already defined"), name); # 131|-> return awk_false; # 132| } else # 133| /* variable name etc. */ Error: RESOURCE_LEAK (CWE-772): gawk-5.1.0/extension/gawkfts.c:790: alloc_fn: Storage is returned from allocation function "fts_alloc". gawk-5.1.0/extension/gawkfts.c:790: var_assign: Assigning: "p" = storage returned from "fts_alloc(sp, dp->d_name, dnamlen)". gawk-5.1.0/extension/gawkfts.c:882: var_assign: Assigning: "tail" = "p". gawk-5.1.0/extension/gawkfts.c:882: var_assign: Assigning: "head" = "tail". gawk-5.1.0/extension/gawkfts.c:921: leaked_storage: Variable "head" going out of scope leaks the storage it points to. # 919| cur->fts_info = FTS_ERR; # 920| SET(FTS_STOP); # 921|-> return (NULL); # 922| } # 923| #Bug: This can happen when text == NULL Error: RESOURCE_LEAK (CWE-772): gawk-5.1.0/extension/readfile.c:118: open_fn: Returning handle opened by "open". [Note: The source code implementation of the function has been overridden by a user model.] gawk-5.1.0/extension/readfile.c:118: var_assign: Assigning: "fd" = handle returned from "open(filename.u.s.str, 0)". gawk-5.1.0/extension/readfile.c:123: noescape: Resource "fd" is not freed or pointed-to in "read_file_to_buffer". gawk-5.1.0/extension/readfile.c:135: leaked_handle: Handle variable "fd" going out of scope leaks the handle. # 133| done: # 134| /* Set the return value */ # 135|-> return result; # 136| } # 137| #Suspicious -> if (ret == 0) seems suspicious, see return value section of man dup2 Error: RESOURCE_LEAK (CWE-772): gawk-5.1.0/io.c:630: open_fn: Returning handle opened by "open". [Note: The source code implementation of the function has been overridden by a user model.] gawk-5.1.0/io.c:630: var_assign: Assigning: "newfd" = handle returned from "open("/dev/null", 2)". gawk-5.1.0/io.c:633: noescape: Resource "newfd" is not freed or pointed-to in "dup2". gawk-5.1.0/io.c:639: leaked_handle: Handle variable "newfd" going out of scope leaks the handle. # 637| ret = 0; # 638| # 639|-> return ret; # 640| } # 641| #Intended? Error: RESOURCE_LEAK (CWE-772): gawk-5.1.0/main.c:1380: open_fn: Returning handle opened by "devopen". gawk-5.1.0/main.c:1380: var_assign: Assigning: "newfd" = handle returned from "devopen("/dev/null", opposite_mode[fd])". gawk-5.1.0/main.c:1389: leaked_handle: Handle variable "newfd" going out of scope leaks the handle. # 1387| } # 1388| } # 1389|-> } # 1390| # 1391| /* init_groupset --- initialize groupset */ Error: RESOURCE_LEAK (CWE-772): gawk-5.1.0/profile.c:90: open_fn: Returning handle opened by "devopen_simple". gawk-5.1.0/profile.c:90: var_assign: Assigning: "fd" = handle returned from "devopen_simple(file, "w", true)". gawk-5.1.0/profile.c:115: leaked_handle: Handle variable "fd" going out of scope leaks the handle. # 113| prof_fp = stderr; # 114| } # 115|-> } # 116| # 117| /* init_profiling_signals --- set up signal handling for gawk --profile */ # false positive Error: USE_AFTER_FREE (CWE-416): gawk-5.1.0/re.c:257: freed_arg: "re_compile_pattern" frees "buf". gawk-5.1.0/re.c:278: use_after_free: Using freed pointer "buf". # 276| /* Additional flags that help with RS as regexp. */ # 277| for (i = 0; i < len; i++) { # 278|-> if (strchr(metas, buf[i]) != NULL) { # 279| rp->has_meta = true; # 280| break; #Seems to be bug, built_in is the only variable that is not free'd (unlike user/extension/scalar/...) Error: RESOURCE_LEAK (CWE-772): gawk-5.1.0/symbol.c:585: alloc_fn: Storage is returned from allocation function "make_str_node". gawk-5.1.0/symbol.c:585: var_assign: Assigning: "built_in" = storage returned from "make_str_node("builtin", 7UL, 0)". gawk-5.1.0/symbol.c:637: leaked_storage: Variable "built_in" going out of scope leaks the storage it points to. # 635| unref(untyped); # 636| unref(array); # 637|-> } # 638| # 639| /* check_param_names --- make sure no parameter is the name of a function */ #Getopt/Random stuff here (glibc?) Error: RESOURCE_LEAK (CWE-772): gawk-5.1.0/support/getopt.c:579: alloc_fn: Storage is returned from allocation function "malloc". gawk-5.1.0/support/getopt.c:579: var_assign: Assigning: "newp" = storage returned from "malloc(24UL)". gawk-5.1.0/support/getopt.c:583: var_assign: Assigning: "ambig_list" = "newp". gawk-5.1.0/support/getopt.c:584: leaked_storage: Variable "newp" going out of scope leaks the storage it points to. gawk-5.1.0/support/getopt.c:654: leaked_storage: Variable "ambig_list" going out of scope leaks the storage it points to. # 652| d->optind++; # 653| d->optopt = 0; # 654|-> return '?'; # 655| } # 656| Error: RESOURCE_LEAK (CWE-772): gawk-5.1.0/support/getopt.c:579: alloc_fn: Storage is returned from allocation function "malloc". gawk-5.1.0/support/getopt.c:579: var_assign: Assigning: "newp" = storage returned from "malloc(24UL)". gawk-5.1.0/support/getopt.c:583: var_assign: Assigning: "ambig_list" = "newp". gawk-5.1.0/support/getopt.c:584: leaked_storage: Variable "newp" going out of scope leaks the storage it points to. gawk-5.1.0/support/getopt.c:727: leaked_storage: Variable "ambig_list" going out of scope leaks the storage it points to. # 725| # 726| d->optopt = pfound->val; # 727|-> return '?'; # 728| } # 729| } Error: RESOURCE_LEAK (CWE-772): gawk-5.1.0/support/getopt.c:579: alloc_fn: Storage is returned from allocation function "malloc". gawk-5.1.0/support/getopt.c:579: var_assign: Assigning: "newp" = storage returned from "malloc(24UL)". gawk-5.1.0/support/getopt.c:583: var_assign: Assigning: "ambig_list" = "newp". gawk-5.1.0/support/getopt.c:584: leaked_storage: Variable "newp" going out of scope leaks the storage it points to. gawk-5.1.0/support/getopt.c:775: leaked_storage: Variable "ambig_list" going out of scope leaks the storage it points to. # 773| { # 774| *(pfound->flag) = pfound->val; # 775|-> return 0; # 776| } # 777| return pfound->val; Error: RESOURCE_LEAK (CWE-772): gawk-5.1.0/support/getopt.c:579: alloc_fn: Storage is returned from allocation function "malloc". gawk-5.1.0/support/getopt.c:579: var_assign: Assigning: "newp" = storage returned from "malloc(24UL)". gawk-5.1.0/support/getopt.c:583: var_assign: Assigning: "ambig_list" = "newp". gawk-5.1.0/support/getopt.c:584: leaked_storage: Variable "newp" going out of scope leaks the storage it points to. gawk-5.1.0/support/getopt.c:777: leaked_storage: Variable "ambig_list" going out of scope leaks the storage it points to. # 775| return 0; # 776| } # 777|-> return pfound->val; # 778| } # 779| Error: COPY_PASTE_ERROR (CWE-398): gawk-5.1.0/support/random.c:422: original: "rptr - state" looks like the original copy. gawk-5.1.0/support/random.c:455: copy_paste_error: "state" in "rptr - state" looks like a copy-paste error. gawk-5.1.0/support/random.c:455: remediation: Should it say "int_arg_state" instead? # 453| int_arg_state[0] = rand_type; # 454| else # 455|-> int_arg_state[0] = MAX_TYPES * (rptr - state) + rand_type; # 456| return(ostate); # 457| }