Newly introduced findings

List of Findings

Error: COMPILER_WARNING: [#def1]
libavif-1.3.0/src/mem.c:12:12: warning[-Walloc-size-larger-than=]: argument 1 value ‘18446744073709551615’ exceeds maximum object size 9223372036854775807
#   12 |     return malloc(size);
#      |            ^
/usr/include/stdlib.h: scope_hint: In member function ‘TestBody’
/usr/include/stdlib.h:676:14: note: in a call to allocation function ‘malloc’ declared here
#  676 | extern void *malloc (size_t __size) __THROW __attribute_malloc__
#      |              ^
#   10|   {
#   11|       assert(size != 0); // Implementation-defined. See https://en.cppreference.com/w/cpp/memory/c/malloc
#   12|->     return malloc(size);
#   13|   }
#   14|   

Error: GCC_ANALYZER_WARNING (CWE-401): [#def2]
libavif-1.3.0/tests/aviftest.c:80:21: warning[-Wanalyzer-malloc-leak]: leak of ‘nfd.dir’
libavif-1.3.0/tests/aviftest.c:161:12: enter_function: entry to ‘runIOTests’
libavif-1.3.0/tests/aviftest.c:171:8: branch_false: following ‘false’ branch...
libavif-1.3.0/tests/aviftest.c:175:5: branch_false: ...to here
libavif-1.3.0/tests/aviftest.c:184:29: call_function: calling ‘nextFilename’ from ‘runIOTests’
#   78|   
#   79|       struct dirent * entry;
#   80|->     while ((entry = readdir(nfd->dir)) != NULL) {
#   81|           const char * dot = strrchr(entry->d_name, '.');
#   82|           if (dot) {

Error: GCC_ANALYZER_WARNING (CWE-775): [#def3]
libavif-1.3.0/tests/aviftest.c:202:9: warning[-Wanalyzer-file-leak]: leak of FILE ‘fopen(&fullFilename, "rb")’
libavif-1.3.0/tests/aviftest.c:161:12: enter_function: entry to ‘runIOTests’
libavif-1.3.0/tests/aviftest.c:171:8: branch_false: following ‘false’ branch...
libavif-1.3.0/tests/aviftest.c:175:5: branch_false: ...to here
libavif-1.3.0/tests/aviftest.c:184:29: call_function: calling ‘nextFilename’ from ‘runIOTests’
libavif-1.3.0/tests/aviftest.c:184:29: return_function: returning to ‘runIOTests’ from ‘nextFilename’
libavif-1.3.0/tests/aviftest.c:185:12: branch_true: following ‘true’ branch (when ‘filename’ is non-NULL)...
libavif-1.3.0/tests/aviftest.c:187:30: branch_true: ...to here
libavif-1.3.0/tests/aviftest.c:188:12: branch_false: following ‘false’ branch...
libavif-1.3.0/tests/aviftest.c:193:9: branch_false: ...to here
libavif-1.3.0/tests/aviftest.c:196:20: acquire_resource: opened here
libavif-1.3.0/tests/aviftest.c:197:12: branch_false: following ‘false’ branch...
libavif-1.3.0/tests/aviftest.c:202:9: branch_false: ...to here
libavif-1.3.0/tests/aviftest.c:202:9: throw: if ‘fseek’ throws an exception...
libavif-1.3.0/tests/aviftest.c:202:9: danger: ‘fopen(&fullFilename, "rb")’ leaks here; was opened at [(20)](sarif:/runs/0/results/1/codeFlows/0/threadFlows/0/locations/19)
#  200|               break;
#  201|           }
#  202|->         fseek(f, 0, SEEK_END);
#  203|           size_t fileSize = ftell(f);
#  204|           fseek(f, 0, SEEK_SET);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def4]
libavif-1.3.0/tests/aviftest.c:202:9: warning[-Wanalyzer-malloc-leak]: leak of ‘fopen(&fullFilename, "rb")’
libavif-1.3.0/tests/aviftest.c:161:12: enter_function: entry to ‘runIOTests’
libavif-1.3.0/tests/aviftest.c:171:8: branch_false: following ‘false’ branch...
libavif-1.3.0/tests/aviftest.c:175:5: branch_false: ...to here
libavif-1.3.0/tests/aviftest.c:184:29: call_function: calling ‘nextFilename’ from ‘runIOTests’
libavif-1.3.0/tests/aviftest.c:184:29: return_function: returning to ‘runIOTests’ from ‘nextFilename’
libavif-1.3.0/tests/aviftest.c:185:12: branch_true: following ‘true’ branch (when ‘filename’ is non-NULL)...
libavif-1.3.0/tests/aviftest.c:187:30: branch_true: ...to here
libavif-1.3.0/tests/aviftest.c:188:12: branch_false: following ‘false’ branch...
libavif-1.3.0/tests/aviftest.c:193:9: branch_false: ...to here
libavif-1.3.0/tests/aviftest.c:196:20: acquire_memory: allocated here
libavif-1.3.0/tests/aviftest.c:197:12: branch_false: following ‘false’ branch...
libavif-1.3.0/tests/aviftest.c:202:9: branch_false: ...to here
libavif-1.3.0/tests/aviftest.c:202:9: throw: if ‘fseek’ throws an exception...
libavif-1.3.0/tests/aviftest.c:202:9: danger: ‘fopen(&fullFilename, "rb")’ leaks here; was allocated at [(20)](sarif:/runs/0/results/2/codeFlows/0/threadFlows/0/locations/19)
#  200|               break;
#  201|           }
#  202|->         fseek(f, 0, SEEK_END);
#  203|           size_t fileSize = ftell(f);
#  204|           fseek(f, 0, SEEK_SET);

Error: GCC_ANALYZER_WARNING (CWE-775): [#def5]
libavif-1.3.0/tests/aviftest.c:203:27: warning[-Wanalyzer-file-leak]: leak of FILE ‘fopen(&fullFilename, "rb")’
libavif-1.3.0/tests/aviftest.c:161:12: enter_function: entry to ‘runIOTests’
libavif-1.3.0/tests/aviftest.c:171:8: branch_false: following ‘false’ branch...
libavif-1.3.0/tests/aviftest.c:175:5: branch_false: ...to here
libavif-1.3.0/tests/aviftest.c:184:29: call_function: calling ‘nextFilename’ from ‘runIOTests’
libavif-1.3.0/tests/aviftest.c:184:29: return_function: returning to ‘runIOTests’ from ‘nextFilename’
libavif-1.3.0/tests/aviftest.c:185:12: branch_true: following ‘true’ branch (when ‘filename’ is non-NULL)...
libavif-1.3.0/tests/aviftest.c:187:30: branch_true: ...to here
libavif-1.3.0/tests/aviftest.c:188:12: branch_false: following ‘false’ branch...
libavif-1.3.0/tests/aviftest.c:193:9: branch_false: ...to here
libavif-1.3.0/tests/aviftest.c:196:20: acquire_resource: opened here
libavif-1.3.0/tests/aviftest.c:197:12: branch_false: following ‘false’ branch...
libavif-1.3.0/tests/aviftest.c:202:9: branch_false: ...to here
libavif-1.3.0/tests/aviftest.c:203:27: throw: if ‘ftell’ throws an exception...
libavif-1.3.0/tests/aviftest.c:203:27: danger: ‘fopen(&fullFilename, "rb")’ leaks here; was opened at [(20)](sarif:/runs/0/results/3/codeFlows/0/threadFlows/0/locations/19)
#  201|           }
#  202|           fseek(f, 0, SEEK_END);
#  203|->         size_t fileSize = ftell(f);
#  204|           fseek(f, 0, SEEK_SET);
#  205|           if (avifRWDataRealloc(&fileBuffer, fileSize) != AVIF_RESULT_OK) {

Error: GCC_ANALYZER_WARNING (CWE-401): [#def6]
libavif-1.3.0/tests/aviftest.c:203:27: warning[-Wanalyzer-malloc-leak]: leak of ‘fopen(&fullFilename, "rb")’
libavif-1.3.0/tests/aviftest.c:161:12: enter_function: entry to ‘runIOTests’
libavif-1.3.0/tests/aviftest.c:171:8: branch_false: following ‘false’ branch...
libavif-1.3.0/tests/aviftest.c:175:5: branch_false: ...to here
libavif-1.3.0/tests/aviftest.c:184:29: call_function: calling ‘nextFilename’ from ‘runIOTests’
libavif-1.3.0/tests/aviftest.c:184:29: return_function: returning to ‘runIOTests’ from ‘nextFilename’
libavif-1.3.0/tests/aviftest.c:185:12: branch_true: following ‘true’ branch (when ‘filename’ is non-NULL)...
libavif-1.3.0/tests/aviftest.c:187:30: branch_true: ...to here
libavif-1.3.0/tests/aviftest.c:188:12: branch_false: following ‘false’ branch...
libavif-1.3.0/tests/aviftest.c:193:9: branch_false: ...to here
libavif-1.3.0/tests/aviftest.c:196:20: acquire_memory: allocated here
libavif-1.3.0/tests/aviftest.c:197:12: branch_false: following ‘false’ branch...
libavif-1.3.0/tests/aviftest.c:202:9: branch_false: ...to here
libavif-1.3.0/tests/aviftest.c:203:27: throw: if ‘ftell’ throws an exception...
libavif-1.3.0/tests/aviftest.c:203:27: danger: ‘fopen(&fullFilename, "rb")’ leaks here; was allocated at [(20)](sarif:/runs/0/results/4/codeFlows/0/threadFlows/0/locations/19)
#  201|           }
#  202|           fseek(f, 0, SEEK_END);
#  203|->         size_t fileSize = ftell(f);
#  204|           fseek(f, 0, SEEK_SET);
#  205|           if (avifRWDataRealloc(&fileBuffer, fileSize) != AVIF_RESULT_OK) {

Error: GCC_ANALYZER_WARNING (CWE-775): [#def7]
libavif-1.3.0/tests/aviftest.c:204:9: warning[-Wanalyzer-file-leak]: leak of FILE ‘fopen(&fullFilename, "rb")’
libavif-1.3.0/tests/aviftest.c:161:12: enter_function: entry to ‘runIOTests’
libavif-1.3.0/tests/aviftest.c:171:8: branch_false: following ‘false’ branch...
libavif-1.3.0/tests/aviftest.c:175:5: branch_false: ...to here
libavif-1.3.0/tests/aviftest.c:184:29: call_function: calling ‘nextFilename’ from ‘runIOTests’
libavif-1.3.0/tests/aviftest.c:184:29: return_function: returning to ‘runIOTests’ from ‘nextFilename’
libavif-1.3.0/tests/aviftest.c:185:12: branch_true: following ‘true’ branch (when ‘filename’ is non-NULL)...
libavif-1.3.0/tests/aviftest.c:187:30: branch_true: ...to here
libavif-1.3.0/tests/aviftest.c:188:12: branch_false: following ‘false’ branch...
libavif-1.3.0/tests/aviftest.c:193:9: branch_false: ...to here
libavif-1.3.0/tests/aviftest.c:196:20: acquire_resource: opened here
libavif-1.3.0/tests/aviftest.c:197:12: branch_false: following ‘false’ branch...
libavif-1.3.0/tests/aviftest.c:202:9: branch_false: ...to here
libavif-1.3.0/tests/aviftest.c:204:9: throw: if ‘fseek’ throws an exception...
libavif-1.3.0/tests/aviftest.c:204:9: danger: ‘fopen(&fullFilename, "rb")’ leaks here; was opened at [(20)](sarif:/runs/0/results/5/codeFlows/0/threadFlows/0/locations/19)
#  202|           fseek(f, 0, SEEK_END);
#  203|           size_t fileSize = ftell(f);
#  204|->         fseek(f, 0, SEEK_SET);
#  205|           if (avifRWDataRealloc(&fileBuffer, fileSize) != AVIF_RESULT_OK) {
#  206|               printf("Out of memory when allocating buffer to read file: %s\n", filename);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def8]
libavif-1.3.0/tests/aviftest.c:204:9: warning[-Wanalyzer-malloc-leak]: leak of ‘fopen(&fullFilename, "rb")’
libavif-1.3.0/tests/aviftest.c:161:12: enter_function: entry to ‘runIOTests’
libavif-1.3.0/tests/aviftest.c:171:8: branch_false: following ‘false’ branch...
libavif-1.3.0/tests/aviftest.c:175:5: branch_false: ...to here
libavif-1.3.0/tests/aviftest.c:184:29: call_function: calling ‘nextFilename’ from ‘runIOTests’
libavif-1.3.0/tests/aviftest.c:184:29: return_function: returning to ‘runIOTests’ from ‘nextFilename’
libavif-1.3.0/tests/aviftest.c:185:12: branch_true: following ‘true’ branch (when ‘filename’ is non-NULL)...
libavif-1.3.0/tests/aviftest.c:187:30: branch_true: ...to here
libavif-1.3.0/tests/aviftest.c:188:12: branch_false: following ‘false’ branch...
libavif-1.3.0/tests/aviftest.c:193:9: branch_false: ...to here
libavif-1.3.0/tests/aviftest.c:196:20: acquire_memory: allocated here
libavif-1.3.0/tests/aviftest.c:197:12: branch_false: following ‘false’ branch...
libavif-1.3.0/tests/aviftest.c:202:9: branch_false: ...to here
libavif-1.3.0/tests/aviftest.c:204:9: throw: if ‘fseek’ throws an exception...
libavif-1.3.0/tests/aviftest.c:204:9: danger: ‘fopen(&fullFilename, "rb")’ leaks here; was allocated at [(20)](sarif:/runs/0/results/6/codeFlows/0/threadFlows/0/locations/19)
#  202|           fseek(f, 0, SEEK_END);
#  203|           size_t fileSize = ftell(f);
#  204|->         fseek(f, 0, SEEK_SET);
#  205|           if (avifRWDataRealloc(&fileBuffer, fileSize) != AVIF_RESULT_OK) {
#  206|               printf("Out of memory when allocating buffer to read file: %s\n", filename);

Error: GCC_ANALYZER_WARNING (CWE-775): [#def9]
libavif-1.3.0/tests/aviftest.c:205:13: warning[-Wanalyzer-file-leak]: leak of FILE ‘fopen(&fullFilename, "rb")’
libavif-1.3.0/tests/aviftest.c:161:12: enter_function: entry to ‘runIOTests’
libavif-1.3.0/tests/aviftest.c:171:8: branch_false: following ‘false’ branch...
libavif-1.3.0/tests/aviftest.c:175:5: branch_false: ...to here
libavif-1.3.0/tests/aviftest.c:184:29: call_function: calling ‘nextFilename’ from ‘runIOTests’
libavif-1.3.0/tests/aviftest.c:184:29: return_function: returning to ‘runIOTests’ from ‘nextFilename’
libavif-1.3.0/tests/aviftest.c:185:12: branch_true: following ‘true’ branch (when ‘filename’ is non-NULL)...
libavif-1.3.0/tests/aviftest.c:187:30: branch_true: ...to here
libavif-1.3.0/tests/aviftest.c:188:12: branch_false: following ‘false’ branch...
libavif-1.3.0/tests/aviftest.c:193:9: branch_false: ...to here
libavif-1.3.0/tests/aviftest.c:196:20: acquire_resource: opened here
libavif-1.3.0/tests/aviftest.c:197:12: branch_false: following ‘false’ branch...
libavif-1.3.0/tests/aviftest.c:202:9: branch_false: ...to here
libavif-1.3.0/tests/aviftest.c:205:13: throw: if ‘avifRWDataRealloc’ throws an exception...
libavif-1.3.0/tests/aviftest.c:205:13: danger: ‘fopen(&fullFilename, "rb")’ leaks here; was opened at [(20)](sarif:/runs/0/results/7/codeFlows/0/threadFlows/0/locations/19)
#  203|           size_t fileSize = ftell(f);
#  204|           fseek(f, 0, SEEK_SET);
#  205|->         if (avifRWDataRealloc(&fileBuffer, fileSize) != AVIF_RESULT_OK) {
#  206|               printf("Out of memory when allocating buffer to read file: %s\n", filename);
#  207|               fclose(f);

Error: GCC_ANALYZER_WARNING (CWE-401): [#def10]
libavif-1.3.0/tests/aviftest.c:205:13: warning[-Wanalyzer-malloc-leak]: leak of ‘fopen(&fullFilename, "rb")’
libavif-1.3.0/tests/aviftest.c:161:12: enter_function: entry to ‘runIOTests’
libavif-1.3.0/tests/aviftest.c:171:8: branch_false: following ‘false’ branch...
libavif-1.3.0/tests/aviftest.c:175:5: branch_false: ...to here
libavif-1.3.0/tests/aviftest.c:184:29: call_function: calling ‘nextFilename’ from ‘runIOTests’
libavif-1.3.0/tests/aviftest.c:184:29: return_function: returning to ‘runIOTests’ from ‘nextFilename’
libavif-1.3.0/tests/aviftest.c:185:12: branch_true: following ‘true’ branch (when ‘filename’ is non-NULL)...
libavif-1.3.0/tests/aviftest.c:187:30: branch_true: ...to here
libavif-1.3.0/tests/aviftest.c:188:12: branch_false: following ‘false’ branch...
libavif-1.3.0/tests/aviftest.c:193:9: branch_false: ...to here
libavif-1.3.0/tests/aviftest.c:196:20: acquire_memory: allocated here
libavif-1.3.0/tests/aviftest.c:197:12: branch_false: following ‘false’ branch...
libavif-1.3.0/tests/aviftest.c:202:9: branch_false: ...to here
libavif-1.3.0/tests/aviftest.c:205:13: throw: if ‘avifRWDataRealloc’ throws an exception...
libavif-1.3.0/tests/aviftest.c:205:13: danger: ‘fopen(&fullFilename, "rb")’ leaks here; was allocated at [(20)](sarif:/runs/0/results/8/codeFlows/0/threadFlows/0/locations/19)
#  203|           size_t fileSize = ftell(f);
#  204|           fseek(f, 0, SEEK_SET);
#  205|->         if (avifRWDataRealloc(&fileBuffer, fileSize) != AVIF_RESULT_OK) {
#  206|               printf("Out of memory when allocating buffer to read file: %s\n", filename);
#  207|               fclose(f);

Error: COMPILER_WARNING: [#def11]
libavif-1.3.0/tests/gtest/avifincrtest_helpers.cc: scope_hint: In function ‘void avif::testutil::{anonymous}::EncodeAsGrid(const avifImage&, uint32_t, uint32_t, avifRWData*, uint32_t*, uint32_t*)’
libavif-1.3.0/tests/gtest/avifincrtest_helpers.cc:214:26: warning[-Wunused-but-set-variable=]: variable ‘i_cell’ set but not used
#  214 |   for (uint32_t row = 0, i_cell = 0; row < grid_rows; ++row) {
#      |                          ^~~~~~
#  212|     std::vector<ImagePtr> cell_images;
#  213|     cell_images.reserve(grid_cols * grid_rows);
#  214|->   for (uint32_t row = 0, i_cell = 0; row < grid_rows; ++row) {
#  215|       for (uint32_t col = 0; col < grid_cols; ++col, ++i_cell) {
#  216|         avifCropRect cell;

Scan Properties

analyzer-version-clippy	1.92.0
analyzer-version-cppcheck	2.19.1
analyzer-version-gcc	16.0.0
analyzer-version-gcc-analyzer	16.0.0
analyzer-version-shellcheck	0.11.0
analyzer-version-unicontrol	0.0.2
diffbase-analyzer-version-clippy	1.92.0
diffbase-analyzer-version-cppcheck	2.19.1
diffbase-analyzer-version-gcc	16.0.0
diffbase-analyzer-version-gcc-analyzer	16.0.0
diffbase-analyzer-version-shellcheck	0.11.0
diffbase-analyzer-version-unicontrol	0.0.2
diffbase-enabled-plugins	clippy, cppcheck, gcc, shellcheck, unicontrol
diffbase-exit-code	0
diffbase-host	ip-172-16-1-88.us-west-2.compute.internal
diffbase-known-false-positives	/usr/share/csmock/known-false-positives.js
diffbase-known-false-positives-rpm	known-false-positives-0.0.0.20250521.132812.g8eff701.main-1.el9.noarch
diffbase-mock-config	fedora-rawhide-x86_64
diffbase-project-name	libavif-1.3.0-2.fc43
diffbase-store-results-to	/tmp/tmp3udppfas/libavif-1.3.0-2.fc43.tar.xz
diffbase-time-created	2026-01-08 18:29:54
diffbase-time-finished	2026-01-08 18:32:07
diffbase-tool	csmock
diffbase-tool-args	'/usr/bin/csmock' '-r' 'fedora-rawhide-x86_64' '-t' 'gcc,cppcheck,clippy,shellcheck,unicontrol' '-o' '/tmp/tmp3udppfas/libavif-1.3.0-2.fc43.tar.xz' '--gcc-analyze' '--unicontrol-notests' '--unicontrol-bidi-only' '--install' 'pam' '--gcc-analyzer-bin=/usr/bin/gcc' '/tmp/tmp3udppfas/libavif-1.3.0-2.fc43.src.rpm'
diffbase-tool-version	csmock-3.8.3.20251215.161544.g62de9a5-1.el9
enabled-plugins	clippy, cppcheck, gcc, shellcheck, unicontrol
exit-code	0
host	ip-172-16-1-88.us-west-2.compute.internal
known-false-positives	/usr/share/csmock/known-false-positives.js
known-false-positives-rpm	known-false-positives-0.0.0.20250521.132812.g8eff701.main-1.el9.noarch
mock-config	fedora-rawhide-x86_64
project-name	libavif-1.3.0-3.fc44
store-results-to	/tmp/tmp1r1p9nbm/libavif-1.3.0-3.fc44.tar.xz
time-created	2026-01-08 18:32:17
time-finished	2026-01-08 18:35:04
title	Newly introduced findings
tool	csmock
tool-args	'/usr/bin/csmock' '-r' 'fedora-rawhide-x86_64' '-t' 'gcc,cppcheck,clippy,shellcheck,unicontrol' '-o' '/tmp/tmp1r1p9nbm/libavif-1.3.0-3.fc44.tar.xz' '--gcc-analyze' '--unicontrol-notests' '--unicontrol-bidi-only' '--install' 'pam' '--gcc-analyzer-bin=/usr/bin/gcc' '/tmp/tmp1r1p9nbm/libavif-1.3.0-3.fc44.src.rpm'
tool-version	csmock-3.8.3.20251215.161544.g62de9a5-1.el9