Error: GCC_ANALYZER_WARNING (CWE-401): [#def1] Pillow-12.1.0/src/libImaging/Arrow.c:72:11: warning[-Wanalyzer-malloc-leak]: leak of ‘json’ Pillow-12.1.0/src/libImaging/Arrow.c:66:12: acquire_memory: allocated here Pillow-12.1.0/src/libImaging/Arrow.c:68:8: branch_false: following ‘false’ branch (when ‘json’ is non-NULL)... Pillow-12.1.0/src/libImaging/Arrow.c:79:9: branch_false: ...to here Pillow-12.1.0/src/libImaging/Arrow.c:72:11: throw: if ‘PyOS_snprintf’ throws an exception... Pillow-12.1.0/src/libImaging/Arrow.c:72:11: danger: ‘json’ leaks here; was allocated at [(1)](sarif:/runs/0/results/2/codeFlows/0/threadFlows/0/locations/0) # 70| } # 71| # 72|-> err = PyOS_snprintf( # 73| json, # 74| len, Error: GCC_ANALYZER_WARNING (CWE-401): [#def2] Pillow-12.1.0/src/libImaging/Arrow.c:101:11: warning[-Wanalyzer-malloc-leak]: leak of ‘json’ Pillow-12.1.0/src/libImaging/Arrow.c:95:12: acquire_memory: allocated here Pillow-12.1.0/src/libImaging/Arrow.c:97:8: branch_false: following ‘false’ branch (when ‘json’ is non-NULL)... Pillow-12.1.0/src/libImaging/Arrow.c:101:44: branch_false: ...to here Pillow-12.1.0/src/libImaging/Arrow.c:101:11: throw: if ‘PyOS_snprintf’ throws an exception... Pillow-12.1.0/src/libImaging/Arrow.c:101:11: danger: ‘json’ leaks here; was allocated at [(1)](sarif:/runs/0/results/3/codeFlows/0/threadFlows/0/locations/0) # 99| } # 100| # 101|-> err = PyOS_snprintf(json, len, format, im->band_names[0]); # 102| if (err < 0) { # 103| return NULL; Error: GCC_ANALYZER_WARNING (CWE-401): [#def3] Pillow-12.1.0/src/libImaging/Histo.c:47:15: warning[-Wanalyzer-malloc-leak]: leak of ‘ImagingHistogramNew(im)’ Pillow-12.1.0/src/libImaging/Histo.c:60:1: enter_function: entry to ‘ImagingGetHistogram’ Pillow-12.1.0/src/libImaging/Histo.c:67:8: branch_false: following ‘false’ branch (when ‘im’ is non-NULL)... Pillow-12.1.0/src/libImaging/Histo.c:71:8: branch_false: ...to here Pillow-12.1.0/src/libImaging/Histo.c:81:9: call_function: calling ‘ImagingHistogramNew’ from ‘ImagingGetHistogram’ Pillow-12.1.0/src/libImaging/Histo.c:81:9: return_function: returning to ‘ImagingGetHistogram’ from ‘ImagingHistogramNew’ Pillow-12.1.0/src/libImaging/Histo.c:82:8: branch_false: following ‘false’ branch... Pillow-12.1.0/src/libImaging/Histo.c:86:8: branch_false: ...to here Pillow-12.1.0/src/libImaging/Histo.c:86:8: branch_false: following ‘false’ branch (when ‘imMask’ is NULL)... Pillow-12.1.0/src/libImaging/Histo.c:121:13: branch_false: ...to here Pillow-12.1.0/src/libImaging/Histo.c:121:12: branch_true: following ‘true’ branch... Pillow-12.1.0/src/libImaging/Histo.c:122:13: branch_true: ...to here Pillow-12.1.0/src/libImaging/Histo.c:122:13: throw: if ‘ImagingSectionEnter’ throws an exception... Pillow-12.1.0/src/libImaging/Histo.c:47:15: danger: ‘ImagingHistogramNew(im)’ leaks here; was allocated at [(6)](sarif:/runs/0/results/0/codeFlows/0/threadFlows/0/locations/5) # 45| } # 46| # 47|-> h->mode = im->mode; # 48| h->bands = im->bands; # 49| Error: GCC_ANALYZER_WARNING (CWE-401): [#def4] Pillow-12.1.0/src/libImaging/Storage.c:75:23: warning[-Wanalyzer-malloc-leak]: leak of ‘im’ Pillow-12.1.0/src/libImaging/Storage.c:53:19: acquire_memory: allocated here Pillow-12.1.0/src/libImaging/Storage.c:54:8: branch_false: following ‘false’ branch (when ‘im’ is non-NULL)... Pillow-12.1.0/src/libImaging/Storage.c:59:5: branch_false: ...to here Pillow-12.1.0/src/libImaging/Storage.c:75:23: throw: if ‘ImagingPaletteNew’ throws an exception... Pillow-12.1.0/src/libImaging/Storage.c:75:23: danger: ‘im’ leaks here; was allocated at [(1)](sarif:/runs/0/results/0/codeFlows/0/threadFlows/0/locations/0) # 73| im->bands = im->pixelsize = 1; # 74| im->linesize = xsize; # 75|-> im->palette = ImagingPaletteNew(IMAGING_MODE_RGB); # 76| strcpy(im->band_names[0], "P"); # 77| Error: GCC_ANALYZER_WARNING (CWE-401): [#def5] Pillow-12.1.0/src/libImaging/Storage.c:83:23: warning[-Wanalyzer-malloc-leak]: leak of ‘im’ Pillow-12.1.0/src/libImaging/Storage.c:53:19: acquire_memory: allocated here Pillow-12.1.0/src/libImaging/Storage.c:54:8: branch_false: following ‘false’ branch (when ‘im’ is non-NULL)... Pillow-12.1.0/src/libImaging/Storage.c:59:5: branch_false: ...to here Pillow-12.1.0/src/libImaging/Storage.c:83:23: throw: if ‘ImagingPaletteNew’ throws an exception... Pillow-12.1.0/src/libImaging/Storage.c:83:23: danger: ‘im’ leaks here; was allocated at [(1)](sarif:/runs/0/results/1/codeFlows/0/threadFlows/0/locations/0) # 81| im->pixelsize = 4; /* store in image32 memory */ # 82| im->linesize = xsize * 4; # 83|-> im->palette = ImagingPaletteNew(IMAGING_MODE_RGB); # 84| strcpy(im->band_names[0], "P"); # 85| strcpy(im->band_names[1], "X"); Error: GCC_ANALYZER_WARNING (CWE-401): [#def6] Pillow-12.1.0/src/libImaging/Storage.c:133:16: warning[-Wanalyzer-malloc-leak]: leak of ‘im’ Pillow-12.1.0/src/libImaging/Storage.c:53:19: acquire_memory: allocated here Pillow-12.1.0/src/libImaging/Storage.c:54:8: branch_false: following ‘false’ branch (when ‘im’ is non-NULL)... Pillow-12.1.0/src/libImaging/Storage.c:59:5: branch_false: ...to here Pillow-12.1.0/src/libImaging/Storage.c:133:16: throw: if ‘isModeI16’ throws an exception... Pillow-12.1.0/src/libImaging/Storage.c:133:16: danger: ‘im’ leaks here; was allocated at [(1)](sarif:/runs/0/results/2/codeFlows/0/threadFlows/0/locations/0) # 131| strcpy(im->band_names[0], "I"); # 132| # 133|-> } else if (isModeI16(mode)) { # 134| /* EXPERIMENTAL */ # 135| /* 16-bit raw integer images */
| analyzer-version-clippy | 1.92.0 |
| analyzer-version-cppcheck | 2.19.1 |
| analyzer-version-gcc | 16.0.0 |
| analyzer-version-gcc-analyzer | 16.0.0 |
| analyzer-version-shellcheck | 0.11.0 |
| analyzer-version-unicontrol | 0.0.2 |
| diffbase-analyzer-version-clippy | 1.92.0 |
| diffbase-analyzer-version-cppcheck | 2.19.1 |
| diffbase-analyzer-version-gcc | 16.0.0 |
| diffbase-analyzer-version-gcc-analyzer | 16.0.0 |
| diffbase-analyzer-version-shellcheck | 0.11.0 |
| diffbase-analyzer-version-unicontrol | 0.0.2 |
| diffbase-enabled-plugins | clippy, cppcheck, gcc, shellcheck, unicontrol |
| diffbase-exit-code | 0 |
| diffbase-host | ip-172-16-1-38.us-west-2.compute.internal |
| diffbase-known-false-positives | /usr/share/csmock/known-false-positives.js |
| diffbase-known-false-positives-rpm | known-false-positives-0.0.0.20250521.132812.g8eff701.main-1.el9.noarch |
| diffbase-mock-config | fedora-rawhide-x86_64 |
| diffbase-project-name | python-pillow-11.3.0-6.fc43 |
| diffbase-store-results-to | /tmp/tmpdy0jhgsi/python-pillow-11.3.0-6.fc43.tar.xz |
| diffbase-time-created | 2026-01-08 20:50:10 |
| diffbase-time-finished | 2026-01-08 20:54:43 |
| diffbase-tool | csmock |
| diffbase-tool-args | '/usr/bin/csmock' '-r' 'fedora-rawhide-x86_64' '-t' 'gcc,cppcheck,clippy,shellcheck,unicontrol' '-o' '/tmp/tmpdy0jhgsi/python-pillow-11.3.0-6.fc43.tar.xz' '--gcc-analyze' '--unicontrol-notests' '--unicontrol-bidi-only' '--install' 'pam' '--gcc-analyzer-bin=/usr/bin/gcc' '/tmp/tmpdy0jhgsi/python-pillow-11.3.0-6.fc43.src.rpm' |
| diffbase-tool-version | csmock-3.8.3.20251215.161544.g62de9a5-1.el9 |
| enabled-plugins | clippy, cppcheck, gcc, shellcheck, unicontrol |
| exit-code | 0 |
| host | ip-172-16-1-38.us-west-2.compute.internal |
| known-false-positives | /usr/share/csmock/known-false-positives.js |
| known-false-positives-rpm | known-false-positives-0.0.0.20250521.132812.g8eff701.main-1.el9.noarch |
| mock-config | fedora-rawhide-x86_64 |
| project-name | python-pillow-12.1.0-1.fc44 |
| store-results-to | /tmp/tmpl6ekvhco/python-pillow-12.1.0-1.fc44.tar.xz |
| time-created | 2026-01-08 20:55:17 |
| time-finished | 2026-01-08 20:58:58 |
| title | Newly introduced findings |
| tool | csmock |
| tool-args | '/usr/bin/csmock' '-r' 'fedora-rawhide-x86_64' '-t' 'gcc,cppcheck,clippy,shellcheck,unicontrol' '-o' '/tmp/tmpl6ekvhco/python-pillow-12.1.0-1.fc44.tar.xz' '--gcc-analyze' '--unicontrol-notests' '--unicontrol-bidi-only' '--install' 'pam' '--gcc-analyzer-bin=/usr/bin/gcc' '/tmp/tmpl6ekvhco/python-pillow-12.1.0-1.fc44.src.rpm' |
| tool-version | csmock-3.8.3.20251215.161544.g62de9a5-1.el9 |