Mootja ~ Brainy >>

NetBSD

Created:10-05-2013
Updated:17-09-2017


162 bugs fixed, 2 vulnerabilities.
27/06/2013
~~/~~/2014
28/07/2014
20/09/2014
~~/~~/2014
05/12/2014
~~/~~/2015
04/04/2015
27/04/2015
~~/~~/201~
~~/~~/2017

27/06/2013 - Report 1

RED: #16, important
ORANGE: #3, not very important
GREEN: #19, solved

# 01 SYS/ARCH/
_01/ FALSE POSITIVE|UNINITIALIZED VAR: acorn26/acorn26/cpu.c rev1.28
     At l.166, 'id' may not be initialized.
_02/ FIXED-rev1.10|MEMORY LEAK: alpha/eisa/eisa_machdep.c rev1.9
     At l.267, 'ecuio' is leaked in the loop.
_03/ FIXED-rev1.4|UNINITIALIZED VAR: ia64/stand/common/fileload.c rev1.3
     At l.96, 'error' may not be initialized.
_04/ FIXED-rev1.9|MEMORY LEAK: mipsco/stand/installboot/installboot.c rev1.8
     At l.185, 'boot_code' is never freed.
_05/ FIXED-rev1.19|MEMORY LEAK: sgimips/stand/sgivol/sgivol.c rev1.18
     At l.532, 'fp' is leaked.
_06/ FIXED-rev1.26|OVERLAP: prep/prep/autoconf.c rev1.25
     At lines 168, 175, 189, 191, 197, 200, using sprintf() with the same src
     and dest can result in an undefined behavior.

# 02 SYS/DEV/
_01/ FIXED-rev1.27|UNINITIALIZED VAR: hpc/hpf1275a_tty.c rev1.26
     At l.332, 'sc' is not initialized, and does not even seem to be used.
_02/ FIXED-rev1.49|UNINITIALIZED VAR: ic/mfi.c rev1.48
     At l.417, 'io_req_base_phys' may not be initialized.
_03/ FIXED-rev1.49|UNINITIALIZED VAR: ic/mfi.c rev1.48
     At l.373, if (sc->sc_ioptype != MFI_IOP_TBOLT), 'io_req_base' is not
     initialized at l.415.
_04/ FIXED-rev1.40|OVERLAP: ic/opl.c rev1.39
     At l.161, using snprintf() with the same src and dest can result in an
     undefined behavior.
_05/ FIXED-rev1.22|UNINITIALIZED VAR: pci/pm2fb.c rev1.21
     From l.1351 to l.1356, 'n' is not initialized.

# 03 SYS/FS/ - with optimization rules
_01/ FIXED-rev1.3|MEMORY LEAK: v7fs/v7fs_io.c rev1.2
     At l.99, 'buf' is leaked.
_02/ FIXED-rev1.50|USELESS INITIALIZATION: ntfs/ntfs_subr.c rev1.49
     At l.1789, it's useless to assign a value to the variable 'off' as it is
     reassigned at l.1811.

# 04 SYS/KERN/ - with optimization rules
_01/ FALSE POSITIVE|UNINITIALIZED VAR: kern_sysctl.c rev1.243
     At l.1737, if (newp == NULL), 'dnode' is not initialized at l.1875.
_02/ FIXED-rev1.464|UNINITIALIZED VAR: vfs_syscalls.c rev1.463
     At l.3188, if (vp->v_type != VLNK), 'auio' is not initialized at l.3204.
     It has already been fixed in OpenBSD, so you should have a look here.
_03/ FIXED-rev1.227|USELESS INITIALIZATION: subr_autoconf.c rev1.226
     At l.244, it's useless to assign a value to the variable 'i' as it is
     reassigned at l.246.
_04/ FIXED-rev1.245|USELESS INITIALIZATION: vfs_bio.c rev1.244
     At l.1439, it's useless to assign a value to the variable 'size' as it is
     reassigned at l.1448.

# 05 SYS/NFS/
_01/ FALSE POSITIVE|UNINITIALIZED VAR: nfs_serv.c rev1.165
     At l.741, 'mb' is used whereas it is not initialized. It looks like you
     will have to revert the lines 741 and 742.

# 06 LIBEXEC/TELNETD/
_01/ FIXED-rev1.47|PTR DEREFERENCE: sys_term.c rev1.46
     At l.703, 'nargv' is not null-checked. It seems that someone mistakenly
     put 'argv' instead of 'nargv' at l.705. It can cause crashes.

~ 2014 - Unsorted 1

_01/ FIXED-rev1.4|DEAD CODE: sys/dev/acpi/tpm_acpi.c rev1.3
     At l.190, some {} are missing. The function always jumps to 'out1'.
_02/ FIXED-rev1.21|UNINITIALIZED VAR: sys/arch/arm/ep93xx/epclk.c rev1.20
     At l.157, 'first_run' may not be initialized.
_03/ FIXED-rev1.156|MEMORY LEAK: sys/netinet/if_arp.c rev1.155
     At l.1477, 'm' is leaked.

28/07/2014 - Report 2

RED: #20, important
ORANGE: #6, not very important
GREEN: #26, solved

# 01 SYS/ALTQ
_01/ FIXED-rev1.7|MEMORY LEAK: sys/altq/altq_jobs.c rev1.6
     Leak of 'result' with malloc() at l.1161.
_02/ FIXED-rev1.7|MEMORY LEAK: sys/altq/altq_jobs.c rev1.6
     Leak of 'result', 'c', 'n', 'k' with malloc() from l.1286 to l.1299.

# 02 SYS/DEV
_01/ FIXED-rev1.14|MEMORY LEAK: sys/dev/ic/oosiop.c rev1.13
     Leak of 'cb' with malloc() at l.272.
_02/ FIXED-rev1.72|MEMORY LEAK: sys/dev/rasops/rasops.c rev1.71
     Leak of 'f' with malloc() at l.1357.
_03/ FIXED-rev1.21|MEMORY LEAK: sys/dev/if_ndis/if_ndis_pci.c rev1.19
     Leak of 'rl' with malloc() at l.363.
_04/ FIXED-rev1.17|MEMORY LEAK: sys/dev/dm/dm_target_snapshot.c rev1.16
     Leak of 'tsc' with kmem_alloc() at l.236.
_05/ FIXED-rev1.21|MEMORY LEAK: sys/dev/dm/dm_target_stripe.c rev1.19
     Leak of 'tsc' and 'tlc' with kmem_alloc() at l.160.
_06/ FIXED-rev1.20|MEMORY LEAK: sys/dev/dm/dm_target_stripe.c rev1.19
     Leak of 'params' with kmem_alloc() at l.187.
_07/ FIXED-rev1.73|MEMORY LEAK: sys/dev/qbus/if_qe.c rev1.72
     Leak of 'ring' with malloc() at l.165.
_08/ FIXED-rev1.31|PARSER BUG: sys/dev/vme/if_ie_vme.c rev1.30
     My code scanner bugged when parsing the line 427; looks like a typo:
    sizeof(sizeof(struct ievme))

# 03 SYS/NET*
_01/ FIXED-rev1.160|MEMORY LEAK: sys/net/if_gre.c rev1.157
     Leak of 'sc' with malloc() at l.307.
_02/ FIXED-rev1.158|MEMORY LEAK: sys/netinet6/ip6_output.c rev1.157
     Leak of 'optbuf' with malloc() at l.1602.

# 04 SYS/{FS/UFS}
_01/ FIXED-rev1.45|UNINITIALIZED VAR: sys/fs/smbfs/smbfs_smb.c rev1.44
     Uninitialized var 'rqp' at l.781.
_02/ FIXED-rev1.65|UNUSED MACRO: sys/ufs/ext2fs/ext2fs_readwrite.c rev1.64
     Unused macros 'doclusterread' and 'doclusterwrite'.
_03/ FIXED-rev1.5|MEMORY LEAK: sys/ufs/chfs/chfs_scan.c rev1.4
     Leak of 'buf' with kmem_alloc() at l.447.
_04/ FIXED-rev1.4|MEMORY LEAK: sys/ufs/chfs/ebh.c rev1.3
     Leak of 'peb' with kmem_alloc() at l.832 and l.860.
_05/ FIXED-rev1.9|MEMORY LEAK: sys/ufs/chfs/chfs_readinode.c rev1.8
     Leak of 'buf' with kmem_alloc() at l.805.
_06/ FIXED-rev1.11|MEMORY LEAK: sys/ufs/chfs/chfs_vnode.c rev1.10
     Leak of 'buf' with kmem_alloc() at l.98.
_07/ FIXED-rev1.6|MEMORY LEAK: sys/ufs/chfs/chfs_gc.c rev1.5
     Leak of 'data' with kmem_alloc() at l.729.

# 05 SYS/KERN
_01/ FIXED-rev1.4|POINTLESS CAST: sys/kern/kern_ctf.c rev1.3
     Pointless cast of 'ctfaddr' to 'uint8_t' at l.207.
_02/ FIXED-rev1.28|POINTLESS CAST: sys/kern/kgdb_stub.c rev1.27
     Pointless cast of 'len' to 'size_t' at l.468 and l.499.
_03/ FIXED-rev1.164|POINTLESS CAST: sys/kern/sys_process.c rev1.163
     Pointless cast of 'kl' to 'size_t' at l.1014.
_04/ FIXED-rev1.228|POINTLESS CAST: sys/kern/kern_descrip.c rev1.225
     Pointless cast of 'lastfile' to 'int' at l.1460.
_05/ FIXED-rev1.165|POINTLESS CAST: sys/kern/kern_ktrace.c rev1.164
     Pointless cast of 'user_dta' to 'void' at l.933.

# 06 SYS/COMPAT
_01/ FIXED-rev1.70|EMPTY COMPILER BLOCK: sys/compat/svr4/svr4_stat.c rev1.69
     Empty compiler block at l.480.

# 07 SYS/RUMP
_01/ FIXED-rev1.130|MEMORY LEAK: sys/rump/librump/rumpvfs/rumpfs.c rev1.129
     Leak of 'rfsmp' with kmem_alloc() at l.1744.

20/09/2014 - Report 3

RED: #33, important
GREEN: #33, solved

# 01 SYS/ARCH
_01/ FIXED-rev1.62|DEAD CODE: sys/arch/amiga/amiga/disksubr.c [+] rev1.61
     Dead code at l.569.
_02/ FIXED-rev1.43|DEAD CODE: sys/arch/amiga/dev/siop2.c [+] rev1.42
     Dead code at l.1258.
_03/ FIXED-rev1.69|DEAD CODE: sys/arch/amiga/dev/siop.c [+] rev1.68
     Dead code at l.1129.
_04/ FIXED-rev1.300|DEAD CODE: sys/arch/arm/arm32/pmap.c [+] rev1.297
     Dead code at l.6233.
_05/ FIXED-rev1.21|MEMORY LEAK: sys/arch/arm/iomd/iomd_irqhandler.c [+] rev1.20
     Leak of 'ih' with malloc() at l.360.
_06/ FIXED-rev1.21|MEMORY LEAK: sys/arch/arm/ofw/ofw_irqhandler.c [+] rev1.20
     Leak of 'ih' with malloc() at l.305.
_07/ FIXED-rev1.27|MEMORY LEAK: sys/arch/shark/isa/isa_irqhandler.c [+] rev1.26
     Leak of 'ih' with malloc() at l.324.
_08/ FIXED-rev1.25|MEMORY LEAK: sys/arch/atari/atari/intr.c [+] rev1.23
     Leak of 'ih' with malloc() at l.136.
_09/ FIXED-rev1.14|MEMORY LEAK: sys/arch/ews4800mips/sbd/fb_sbdio.c [+] rev1.13
     Leak of 'ri' with malloc() at l.157.
_10/ FIXED-rev1.34|MEMORY LEAK: sys/arch/hpcmips/tx/tx39icu.c [+] rev1.33
     Leak of 'p' with malloc() at l.657.
_11/ FIXED-rev1.41|DOUBLE RUNTIME BRANCH: sys/arch/m68k/m68k/db_disasm.c [+] rev1.40
     Double runtime branch at l.1186 and l.1192.
_12/ FIXED-rev1.41|DOUBLE RUNTIME BRANCH: sys/arch/m68k/m68k/db_disasm.c [+] rev1.40
     Double runtime branch at l.1244 and l.1250.
_13/ FIXED-rev1.19|DEAD CODE: sys/arch/mvme68k/stand/installboot/installboot.c [+] rev1.18
     Dead code at l.221.
_14/ FIXED-rev1.13|DEAD CODE: sys/arch/news68k/news68k/bus_space.c [+] rev1.12
     Dead code at l.66.
_15/ FIXED-rev1.9|DEAD CODE: sys/arch/newsmips/stand/boot/netif_news.c [+] rev1.8
     Dead code at l.195.
_16/ FIXED-rev1.327|MEMORY LEAK: sys/arch/sparc/sparc/machdep.c [+] rev1.326
     Leak of 'mlist' with malloc() at l.1382.
_17/ FIXED-rev1.119|MEMORY LEAK: sys/arch/sparc64/dev/psycho.c [+] rev1.118
     Leak of 'ih' with malloc() at l.1345.
_18/ FIXED-rev1.19|MEMORY LEAK: sys/arch/sparc64/dev/schizo.c [+] rev1.31
     Leak of 'pbm' with kmem_zalloc() at l.198.
_19/ FIXED-rev1.279|MEMORY LEAK: sys/arch/sparc64/sparc64/machdep.c [+] rev1.278
     Leak of 'pglist' with malloc() at l.1441.
_20/ FIXED-rev1.22|MEMORY LEAK: sys/arch/sun68k/sun68k/bus.c [+] rev1.21
     Leak of 'mlist' with malloc() at l.270.
_21/ FIXED-rev1.58|MEMORY LEAK: sys/arch/x86/x86/ipmi.c [+] rev1.57
     Leak of 'psdr' with malloc() at l.1212.
_22/ FIXED-rev1.72|DEAD CODE: sys/arch/x86/x86/x86_autoconf.c [+] rev1.71
     Dead code at l.426.
_23/ FIXED-rev1.49|MEMORY LEAK: sys/arch/xen/xen/privcmd.c [+] rev1.45
     Leak of 'maddr' with kmem_alloc() at l.364.
_24/ FIXED-rev1.49|MEMORY LEAK: sys/arch/xen/xen/privcmd.c [+] rev1.45
     Leak of 'maddr' with kmem_alloc() at l.437.
_25/ FIXED-rev1.49|MEMORY LEAK: sys/arch/xen/xen/privcmd.c [+] rev1.45
     Leak of 'obj' with kmem_alloc() at l.580.

# 02 SYS/COMPAT
_01/ FIXED-rev1.29|MEMORY LEAK: sys/compat/linux/arch/i386/linux_ptrace.c [+] rev1.28
     Leak of 'regs', 'linux_regs', 'fpregs' and 'linux_fpregs' with kmem_alloc() at l.185.
_02/ FIXED-rev1.27|MEMORY LEAK: sys/compat/linux/arch/powerpc/linux_ptrace.c [+] rev1.25
     Leak of 'regs', 'linux_regs', 'fpregs' and 'linux_fpregs' with kmem_alloc() at l.162.

# 03 SYS/DEV
_01/ FIXED-rev1.43|DEAD CODE: sys/dev/marvell/if_gfe.c [+] rev1.42
     Dead code at l.2023.
_02/ THAT'S OK|DEAD CODE: sys/dev/marvell/gtidmac.c [+] rev1.11
     Dead code at l.1826.
_03/ FIXED-rev1.16|DEAD CODE: sys/dev/usb/stuirda.c [+] rev1.15
     Dead code at l.178.
_04/ FIXED-rev1.4|DEAD CODE: sys/dev/pci/cxgb/cxgb_offload.c [+] rev1.3
     Dead code at l.713.
_05/ FIXED-rev1.15|INITIALIZATION INCONSISTENCY: sys/dev/ieee1394/fwcrom.c [+] rev1.14
     Initialization inconsistencies from l.568 to l.571.
_06/ FIXED-rev1.51|INITIALIZATION INCONSISTENCY: sys/dev/pci/twa.c [+] rev1.50
     Initialization inconsistency at l.2958.

~ 2014 - Unsorted 2

_01/ FIXED-rev1.31|MEMORY LEAK: sys/compat/linux/common/linux_uselib.c rev1.30
     Leak of 'vp' with namei_simple_user() at l.116.
_02/ FIXED-rev1.12|MEMORY LEAK: sys/ufs/chfs/chfs_vfsops.c rev1.11
     Leak of 'pb' with pathbuf_copyin() at l.156.
_03/ FIXED-rev1.35|MEMORY LEAK: sys/compat/common/vfs_syscalls_30.c rev1.34
     Leak of 'pb' with pathbuf_copyin() at l.360.

05/12/2014 - Report 4

RED: #9, important
GREEN: #9, solved

_01/ FIXED-rev1.2|MEMORY LEAK: sys/fs/nfs/common/krpc_subr.c [+] rev1.1.1.1
     Leak of 'm' with m_get() at l.172.
_02/ FIXED-rev1.16|MEMORY LEAK: sys/modules/lua/lua.c [+] rev1.14
     Leak of 's' with kmem_zalloc() at l.652.
_03/ FIXED-rev1.62|NO ERROR SET: sys/dev/ic/an.c [+] rev1.61
     No error set at l.576.
_04/ FIXED-rev1.33|NO ERROR SET: sys/dev/sdmmc/sdmmc_mem.c [+] rev1.31
     No error set at l.744.
_05/ FIXED-rev1.29|NO ERROR SET: sys/arch/arm/xscale/ixp425_if_npe.c [+] rev1.27
     No error set at l.610.
_06/ FIXED-rev1.128|MEMORY LEAK: sys/fs/udf/udf_subr.c [+] rev1.127
     Leak of 'udf_node' with pool_get() at l.5341.
_07/ FIXED-rev1.6|MEMORY LEAK: sys/ufs/chfs/chfs_scan.c [+] rev1.5
     Leak of 'buf' with kmem_alloc() at l.464.
_08/ FIXED-rev1.6|MEMORY LEAK: sys/ufs/chfs/ebh.c [+] rev1.5
     Leak of 'ebhdr' with kmem_alloc() at l.1960.
_09/ FALSE POSITIVE|MEMORY LEAK: sys/fs/nilfs/nilfs_vfsops.c [+] rev1.18
     Leak of 'devvp' with namei_simple_user() at l.883.

~ 2015 - Unsorted 3

_01/ FIXED-rev1.132|MEMORY LEAK: sys/dev/ic/aic7xxx.c [+] rev1.131
     Leak of 'pdata' with malloc() at l.4376.
_02/ FIXED-rev1.38|UNINITIALIZED VAR: sys/nfs/krpc_subr.c [+] rev1.37
     Uninitialized var 'so' at l.388.
_03/ FIXED-rev1.26|USE-AFTER-FREE: sys/dev/ic/bwi.c [+] rev1.25
     Double m_freem() of 'm' at l.9143.

04/04/2015 - Report 5

RED: #11, important
GREEN: #11, solved

_01/ FIXED-rev1.96|MEMORY LEAK: sys/dev/ic/ac97.c [+] rev1.95
     Leak of 'as' with malloc() at l.1447.
_02/ FIXED-rev1.57|USE-AFTER-FREE: sys/dev/ic/mfi.c [+] rev1.56
     Double free() of 'ld_sync' at l.3419.
_03/ FIXED-rev1.8|MEMORY LEAK: sys/dev/pci/agp_amd64.c [+] rev1.7
     Leak of 'asc' with malloc() at l.235.
_04/ FIXED-rev1.47|MEMORY LEAK: sys/dev/i2c/i2c.c [+] rev1.46
     Leak of 'cmd' with kmem_alloc() at l.531.
_05/ FIXED-rev1.21|MEMORY LEAK: sys/dev/if_ndis/if_ndis_pci.c [+] rev1.20
     Leak of 'rl' with malloc() at l.275.
_06/ FIXED-rev1.50|MEMORY LEAK: sys/dev/sysmon/sysmon_power.c [+] rev1.49
     Leak of 'ped' with kmem_zalloc() at l.802.
_07/ FIXED-rev1.50|MEMORY LEAK: sys/dev/sysmon/sysmon_power.c [+] rev1.49
     Leak of 'ped' with kmem_zalloc() at l.956.
_08/ FIXED-rev1.31|MEMORY LEAK: sys/dev/usb/umass_isdata.c [+] rev1.30
     Leak of 'scbus' with malloc() at l.199.
_09/ FIXED-rev1.59|MEMORY LEAK: sys/dev/hpc/hpcfb.c [+] rev1.58
     Leak of 'dc' with malloc() at l.731.
_10/ FIXED-rev1.8|MEMORY LEAK: sys/arch/sgimips/mace/macekbc.c [+] rev1.7
     Leak of 't' with malloc() at l.140.
_11/ FIXED-rev1.8|MEMORY LEAK: sys/arch/sgimips/dev/scn.c [+] rev1.7
     Leak of 'intrname' with malloc() at l.1075.

27/04/2015 - Report 6

RED: #6, important
GREEN: #6, solved

_01/ FIXED-rev1.4|MEMORY LEAK: sys/arch/arm/imx/if_enet.c [+] rev1.3
     Leak of 'm' with MGETHDR() at l.1417.
_02/ FIXED-rev1.28|MEMORY LEAK: sys/dev/bluetooth/bcsp.c [+] rev1.25
     Leak of 'm' with m_gethdr() at l.1447.
_03/ FIXED-rev1.58|MEMORY LEAK: sys/dev/pci/hifn7751.c [+] rev1.57
     Leak of 'm' with MGET() at l.3127.
_04/ FIXED-rev1.60|MEMORY LEAK: sys/dev/pci/if_pcn.c [+] rev1.59
     Leak of 'm' with MGETHDR() at l.1142.
_05/ FIXED-rev1.94|MEMORY LEAK: sys/dev/pci/if_ti.c [+] rev1.93
     Leak of 'm_new' with MGETHDR() at l.736.
_06/ FIXED-rev1.383|MEMORY LEAK: sys/dev/pci/if_bge.c [+] rev1.282
     Leak of 'm_new' with MGETHDR() at l.1748.

~ 201~ - Unsorted 4

_01/ FIXED-rev1.61|USE-AFTER-FREE: sys/dev/pci/hifn7751.c [+] rev1.60
     Use-after-free with 'm0' after m_freem() at l.3114.
_02/ FIXED-rev1.12|USE-AFTER-FREE: sys/arch/pmax/tc/dt.c [+] rev1.11
     Use-after-free with 'msg' after free() at l.233.
_03/ FIXED-rev1.9|USE-AFTER-FREE: sys/dev/pci/if_et.c [+] rev1.8
     Use-after-free with 'm' after m_freem() at l.1920.
_04/ FIXED-rev1.5|MEMORY LEAK: sys/arch/mips/atheros/ar_intr.c [+] rev1.4
     Leak of 'ih' with malloc() at l.121.
_05/ FIXED-rev1.63|DEAD CODE: sys/arch/amiga/amiga/disksubr.c [+] rev1.62
     Dead code at l.334.
_06/ FIXED-rev1.26|DEAD CODE: sys/arch/ofppc/ofppc/disksubr.c [+] rev1.25
     Dead code at l.413.
_07/ FIXED-rev1.12|MEMORY LEAK: libexec/httpd/lua-bozo.c [+] rev1.11
     Leak of 'file' and 'query' with asprintf() and bozostrdup() at l.336.
_08/ FIXED-rev1.61|DOUBLE COMPILER BRANCH: sys/arch/evbarm/beagle/beagle_machdep.c [+] rev1.60
     Double compiler branch at l.700.
_09/ FIXED-rev1.161|DOUBLE RUNTIME BRANCH: sys/arch/arm/arm/cpufunc.c [+] rev1.156
     Double runtime branch at l.2333.
_10/ FIXED-rev1.57|MEMORY LEAK: sys/net/if_ieee1394subr.c [+] rev1.49
     Leak of 'm' with MGETHDR() at l.313.
_11/ FIXED-rev1.41|UNINITIALIZED VAR: sys/dev/ic/sgec.c [+] rev1.40
     Uninitialized var 'tdr' at l.398.
_12/ FIXED-rev1.10|USE-AFTER-FREE: sys/arch/mips/alchemy/dev/aupcmcia.c [+] rev1.9
     Double splx() of 's' at l.405.
_13/ FIXED-rev1.90|MEMORY LEAK: sys/dev/ic/smc91cxx.c [+] rev1.89
     Leak of 's' with splnet() at l.528.
_14/ FIXED-rev1.35|UNINITIALIZED VAR: sys/compat/linux/common/linux_futex.c [+] rev1.33
     Uninitialized var 'futex_offset' at l.817.
_15/ FIXED-rev1.15|MEMORY LEAK: sys/arch/acorn26/ioc/arcpp.c [+] rev1.14
     Leak of 's' with splvm() at l.220.
_16/ MEMORY LEAK: sys/dev/pci/cxgb/cxgb_l2t.c [+] rev1.3
     Leak of 'm0' with m_gethdr() at l.185.
_17/ FIXED-rev1.103|MEMORY LEAK: sys/dev/ic/gem.c [+] rev1.102
     Leak of 's' with splnet() at l.1153.
_18/ FIXED-rev1.79|MEMORY LEAK: sys/dev/ic/rrunner.c [+] rev1.78
     Leak of 's' with splnet() at l.728.
_19/ FIXED-rev1.79|USE-AFTER-FREE: sys/dev/ic/rrunner.c [+] rev1.78
     Double splx() of 's' at l.904.
_20/ MEMORY LEAK: sys/dev/spi/spiflash.c [+] rev1.18
     Leak of 'save' with malloc() at l.426.
_21/ FIXED-rev1.32|USE-AFTER-FREE: sys/dev/ic/daic.c [+] rev1.31
     Double splx() of 'x' at l.407.
_22/ FIXED-rev1.54|MEMORY LEAK: sys/dev/ic/seeq8005.c [+] rev1.53
     Leak of 's' with splnet() at l.879.
_23/ FIXED-rev1.28|MEMORY LEAK: sys/dev/pci/if_jme.c [+] rev1.27
     Leak of 's' with splnet() at l.952.
_24/ FIXED-rev1.28|MEMORY LEAK: sys/dev/qbus/if_il.c [+] rev1.27
     Leak of 's' with splnet() at l.313.
_25/ FIXED-rev1.73|USE-AFTER-FREE: sys/dev/isa/seagate.c [+] rev1.72
     Double splx() of 's' at l.778.
_26/ FIXED-rev1.25|INCONSISTENCY: sys/fs/udf/udf_strat_rmw.c [+] rev1.24
     Inconsistency at l.622 and l.717.
_27/ FIXED-rev1.13|USE-AFTER-FREE: sys/dev/iscsi/iscsi_ioctl.c [+] rev1.12
     Use-after-free with 'sess' after free() at l.1544.
_28/ FIXED-rev1.9|ALLOC INCONSISTENCY: sys/arch/x86/x86/cpu_ucode_intel.c [+] rev1.8
     Allocation inconsistency with 'uh' after kmem_alloc() at l.161.
_29/ FIXED-rev1.75|UNINITIALIZED VAR: sys/arch/xen/xen/xbd_xenbus.c [+] rev1.74
     Uninitialized var 'bp' at l.656.
_30/ FIXED-rev1.50|UNINITIALIZED VAR: sys/netnatm/natm.c [+] rev1.49
     Uninitialized var 'npcb' at l.142.
_31/ FIXED-rev1.37|UNINITIALIZED VAR: sys/dev/if_ndis/if_ndis.c [+] rev1.36
     Uninitialized var 'arg' at l.1969.
_32/ FIXED-rev1.5|UNINITIALIZED VAR: sys/dev/if_ndis/if_ndis_pccard.c [+] rev1.4
     Uninitialized var 'rid' at l.212.
_33/ FIXED-rev1.35|UNINITIALIZED VAR: sys/netsmb/smb_rq.c [+] rev1.34
     Uninitialized var 'errclass' at l.377.
_34/ FIXED-rev1.35|UNINITIALIZED VAR: sys/netsmb/smb_rq.c [+] rev1.34
     Uninitialized var 'serror' at l.377.
_35/ FIXED-rev1.15|UNINITIALIZED VAR: sys/arch/sparc/stand/ofwboot/loadfile_machdep.c [+] rev1.14
     Uninitialized var 'cpu' at l.243.
_36/ FIXED-rev1.2|UNINITIALIZED VAR: sys/arch/evbsh3/stand/mesboot/src/mesboot.c [+] rev1.1
     Uninitialized var 'kernel' at l.39.
_37/ FIXED-rev1.3|UNINITIALIZED VAR: sys/arch/ia64/stand/common/load_elf64.c [+] rev1.2
     Uninitialized var 'err' at l.102.
_38/ FIXED-rev1.9|UNINITIALIZED VAR: sys/arch/ia64/stand/efi/libefi/devicename.c [+] rev1.8
     Uninitialized var 'cp' at l.154.
_39/ FIXED-rev1.8|UNINITIALIZED VAR: sys/arch/ia64/stand/ia64/ski/devicename.c [+] rev1.7
     Uninitialized var 'cp' at l.149.
_40/ FIXED-rev1.9|UNINITIALIZED VAR: sys/arch/ia64/stand/ia64/ski/devicename.c [+] rev1.7
     Uninitialized var 'len' at l.231.
_41/ FIXED-rev1.37|UNINITIALIZED VAR: sys/compat/ultrix/ultrix_ioctl.c [+] rev1.36
     Uninitialized var 'x' at l.494.
_42/ FIXED-rev1.68|UNINITIALIZED VAR: sys/compat/sunos/sunos_ioctl.c [+] rev1.67
     Uninitialized var 'x' at l.446.
_43/ FIXED-rev1.3|MEMORY LEAK: sys/dev/fdt/fdt_pinctrl.c [+] rev1.2
     Memory leak at l.123.
_44/ FIXED-rev1.4|MEMORY LEAK: sys/dev/fdt/fdt_gpio.c [+] rev1.3
     Memory leak at l.114.
_45/ MEMORY LEAK: sys/dev/pci/cxgb/cxgb_l2t.c [+] rev1.3
     Memory leak at l.130.
_46/ FIXED-rev1.47|MEMORY LEAK: sys/kern/uipc_sem.c [+] rev1.46
     Memory leak at l.339.
_47/ FIXED-rev1.181|MEMORY LEAK: sys/kern/uipc_usrreq.c [+] rev1.180
     Memory leak at l.1242.
_48/ FIXED-rev1.59|MEMORY LEAK: sys/nfs/nfs_export.c [+] rev1.58
     Memory leak at l.545.
_49/ FIXED-rev1.96|MEMORY LEAK: sys/arch/x86/x86/intr.c [+] rev1.95
     Memory leak at l.954.

~ 2017 - Unsorted 5

_01/ FIXED-rev1.339|MEMORY LEAK: sys/dev/scsipi/cd.c [+] rev1.338
     Memory leak at l.2818.
_02/ FIXED-rev1.6|UNINITIALIZED VAR: sys/arch/amiga/stand/bootblock/installboot/installboot.c [+] rev1.5
     Uninitialized var 'line' at l.93.
_03/ FIXED-rev1.158|MEMORY LEAK: sys/nfs/nfs_syscalls.c [+] rev1.157
     Memory leak at l.328.
_04/ FIXED-rev1.3|MEMORY LEAK: sys/arch/sparc64/dev/vbus.c [+] rev1.2
     Memory leak at l.162.
_05/ FIXED-rev1.86|RESOURCE LEAK: sys/dev/sbus/be.c [+] rev1.85
     Resource leak at l.1122.
_06/ FIXED-rev1.40|RESOURCE LEAK: sys/arch/acorn32/podulebus/if_ie.c [+] rev1.39
     Resource leak at l.619.
_07/ FIXED-rev1.5|MEMORY LEAK: sys/arch/arm/imx/imx51_ipuv3.c [+] rev1.4
     Memory leak at l.952.
_08/ UNINITIALIZED VAR: sys/arch/bebox/stand/boot/siop.c [+] rev1.5
     Uninitialized var 'error' at l.1033.
_09/ FIXED-rev1.21|RESOURCE LEAK: sys/dev/hpc/hpcapm.c [+] rev1.20
     Resource leak at l.418.
_10/ FIXED-rev1.14|RESOURCE LEAK: sys/dev/pcmcia/if_malo_pcmcia.c [+] rev1.13
     Resource leak at l.245.
_11/ FIXED-rev1.14|RESOURCE LEAK: sys/dev/pcmcia/if_malo_pcmcia.c [+] rev1.13
     Resource leak at l.1986.
_12/ FIXED-rev1.28|RESOURCE LEAK: sys/dev/ppbus/if_plip.c [+] rev1.27
     Resource leak at l.448.
_13/ FIXED-rev1.32|MEMORY LEAK: sys/dev/ieee1394/fwdev.c [+] rev1.31
     Memory leak at l.684.
_14/ NULL DEREF: sys/arch/arm/gemini/if_gpn.c [+] rev1.7
     NULL deref at l.474.
_15/ FIXED-rev1.33|RESOURCE LEAK: sys/arch/mips/mips/cpu_subr.c [+] rev1.32
     Resource leak at l.775.
_16/ FIXED-rev1.27|RESOURCE LEAK: sys/arch/amiga/amiga/cc.c [+] rev1.26
     Resource leak at l.507.
_17/ FIXED-rev1.3|DIV BY ZERO: sys/arch/mips/cavium/dev/octeon_gmx.c [+] rev1.2
     Division by zero at l.669.