Error: COMPILER_WARNING (CWE-477): [#def1] jasper-version-4.2.8/redhat-linux-build/CMakeFiles/CMakeScratch/TryCompile-XyXF2s/src.c:2:5: warning[-Wdeprecated-declarations]: ‘somefunc’ is deprecated Error: COMPILER_WARNING (CWE-686): [#def2] jasper-version-4.2.8/redhat-linux-build/CMakeFiles/CMakeScratch/TryCompile-pz1Wht/CheckFunctionExists.c:7:3: warning[-Wbuiltin-declaration-mismatch]: conflicting types for built-in function ‘snprintf’; expected ‘int(char *, long unsigned int, const char *, ...)’ Error: GCC_ANALYZER_WARNING (CWE-401): [#def3] jasper-version-4.2.8/src/app/jasper.c:476:21: warning[-Wanalyzer-malloc-leak]: leak of ‘cmdopts’ jasper-version-4.2.8/src/app/jasper.c:449:25: acquire_memory: allocated here jasper-version-4.2.8/src/app/jasper.c:449:12: branch_false: following ‘false’ branch (when ‘cmdopts’ is non-NULL)... jasper-version-4.2.8/src/app/jasper.c:454:9: branch_false: ...to here jasper-version-4.2.8/src/app/jasper.c:476:21: danger: ‘cmdopts’ leaks here; was allocated at [(1)](sarif:/runs/0/results/0/codeFlows/0/threadFlows/0/locations/0) # 474| cmdopts->enable_all_formats = 0; # 475| # 476|-> while ((c = jas_getopt(argc, argv, cmdoptions)) != EOF) { # 477| switch (c) { # 478| case CMDOPT_HELP: Error: GCC_ANALYZER_WARNING (CWE-401): [#def4] jasper-version-4.2.8/src/app/jasper.c:682:33: warning[-Wanalyzer-malloc-leak]: leak of ‘cmdopts’ jasper-version-4.2.8/src/app/jasper.c:393:12: enter_function: entry to ‘cmdopts_parse’ jasper-version-4.2.8/src/app/jasper.c:449:25: acquire_memory: allocated here jasper-version-4.2.8/src/app/jasper.c:449:12: branch_false: following ‘false’ branch (when ‘cmdopts’ is non-NULL)... jasper-version-4.2.8/src/app/jasper.c:454:9: branch_false: ...to here jasper-version-4.2.8/src/app/jasper.c:472:28: call_function: calling ‘get_default_max_mem_usage’ from ‘cmdopts_parse’ # 680| size_t get_default_max_mem_usage(void) # 681| { # 682|-> size_t total_mem_size = jas_get_total_mem_size(); # 683| size_t max_mem; # 684| if (total_mem_size) { Error: COMPILER_WARNING: [#def5] jasper-version-4.2.8/src/libjasper/base/jas_cm.c:254:13: warning[-Wstringop-overflow=]: ‘jas_cmshapmat_invmat’ accessing 96 bytes in a region of size 32 # 254 | if (jas_cmshapmat_invmat(revshapmat->mat, fwdshapmat->mat)) { # | ^ jasper-version-4.2.8/src/libjasper/base/jas_cm.c:254:13: note: referencing argument 2 of type ‘jas_cmreal_t[3][4]’ jasper-version-4.2.8/src/libjasper/base/jas_cm.c: scope_hint: In function ‘jas_cmprof_createfromclrspc’ jasper-version-4.2.8/src/libjasper/base/jas_cm.c:1106:12: note: in a call to function ‘jas_cmshapmat_invmat’ # 1106 | static int jas_cmshapmat_invmat(jas_cmreal_t out[3][4], jas_cmreal_t in[3][4]) # | ^ # 252| revshapmat->useluts = 0; # 253| revshapmat->usemat = 1; # 254|-> if (jas_cmshapmat_invmat(revshapmat->mat, fwdshapmat->mat)) { # 255| goto error; # 256| } Error: GCC_ANALYZER_WARNING (CWE-404): [#def6] jasper-version-4.2.8/src/libjasper/base/jas_debug.c:175:15: warning[-Wanalyzer-va-list-leak]: missing call to ‘va_end’ jasper-version-4.2.8/src/libjasper/base/jas_debug.c:143:5: enter_function: entry to ‘jas_loginfof’ jasper-version-4.2.8/src/libjasper/base/jas_debug.c:147:9: acquire_resource: ‘va_start’ called here jasper-version-4.2.8/src/libjasper/base/jas_debug.c:148:15: call_function: calling ‘jas_vlogmsgf’ from ‘jas_loginfof’ # 173| int ret; # 174| jas_vlogmsgf_t *func = jas_get_vlogmsgf(); # 175|-> ret = func(type, fmt, ap); # 176| return ret; # 177| } Error: CPPCHECK_WARNING (CWE-457): [#def7] jasper-version-4.2.8/src/libjasper/base/jas_icc.c:1852: warning[uninitvar]: Uninitialized variable: buf # 1850| } # 1851| *bufptr = '\0'; # 1852|-> return buf; # 1853| } # 1854| Error: GCC_ANALYZER_WARNING (CWE-401): [#def8] jasper-version-4.2.8/src/libjasper/base/jas_malloc.c:277:9: warning[-Wanalyzer-malloc-leak]: leak of ‘result’ jasper-version-4.2.8/src/libjasper/base/jas_malloc.c:276:24: acquire_memory: allocated here jasper-version-4.2.8/src/libjasper/base/jas_malloc.c:277:9: branch_true: following ‘true’ branch... jasper-version-4.2.8/src/libjasper/base/jas_malloc.c:277:9: branch_true: ...to here jasper-version-4.2.8/src/libjasper/base/jas_malloc.c:277:9: danger: ‘result’ leaks here; was allocated at [(1)](sarif:/runs/0/results/2/codeFlows/0/threadFlows/0/locations/0) # 275| JAS_LOGDEBUGF(111, "jas_std_alloc(%zu)\n", size); # 276| void* result = malloc(size); # 277|-> JAS_LOGDEBUGF(110, "jas_std_alloc(%zu) -> %p\n", size, result); # 278| return result; # 279| } Error: GCC_ANALYZER_WARNING (CWE-401): [#def9] jasper-version-4.2.8/src/libjasper/base/jas_malloc.c:287:9: warning[-Wanalyzer-malloc-leak]: leak of ‘result’ jasper-version-4.2.8/src/libjasper/base/jas_malloc.c:287:9: branch_true: following ‘true’ branch... jasper-version-4.2.8/src/libjasper/base/jas_malloc.c:287:9: branch_true: ...to here jasper-version-4.2.8/src/libjasper/base/jas_malloc.c:287:9: danger: ‘result’ leaks here; was allocated at [(1)](sarif:/runs/0/results/3/codeFlows/0/threadFlows/0/locations/0) # 285| JAS_LOGDEBUGF(111, "jas_std_realloc(%p, %zu)\n", allocator, size); # 286| void *result = realloc(ptr, size); # 287|-> JAS_LOGDEBUGF(110, "jas_std_realloc(%zu) -> %p\n", size, result); # 288| return result; # 289| } Error: GCC_ANALYZER_WARNING (CWE-476): [#def10] jasper-version-4.2.8/src/libjasper/bmp/bmp_dec.c:411:21: warning[-Wanalyzer-null-dereference]: dereference of NULL ‘palent’ jasper-version-4.2.8/src/libjasper/bmp/bmp_dec.c:336:20: enter_function: entry to ‘bmp_getinfo’ jasper-version-4.2.8/src/libjasper/bmp/bmp_dec.c:345:12: branch_false: following ‘false’ branch... jasper-version-4.2.8/src/libjasper/bmp/bmp_dec.c:350:13: branch_false: ...to here jasper-version-4.2.8/src/libjasper/bmp/bmp_dec.c:350:13: call_function: calling ‘bmp_getint32’ from ‘bmp_getinfo’ jasper-version-4.2.8/src/libjasper/bmp/bmp_dec.c:350:13: return_function: returning to ‘bmp_getinfo’ from ‘bmp_getint32’ jasper-version-4.2.8/src/libjasper/bmp/bmp_dec.c:350:12: branch_false: following ‘false’ branch... jasper-version-4.2.8/src/libjasper/bmp/bmp_dec.c:351:11: call_function: calling ‘bmp_getint32’ from ‘bmp_getinfo’ jasper-version-4.2.8/src/libjasper/bmp/bmp_dec.c:351:11: return_function: returning to ‘bmp_getinfo’ from ‘bmp_getint32’ jasper-version-4.2.8/src/libjasper/bmp/bmp_dec.c:350:13: branch_false: following ‘false’ branch... jasper-version-4.2.8/src/libjasper/bmp/bmp_dec.c:351:45: branch_false: ...to here jasper-version-4.2.8/src/libjasper/bmp/bmp_dec.c:351:45: call_function: calling ‘bmp_getint32’ from ‘bmp_getinfo’ jasper-version-4.2.8/src/libjasper/bmp/bmp_dec.c:351:45: return_function: returning to ‘bmp_getinfo’ from ‘bmp_getint32’ jasper-version-4.2.8/src/libjasper/bmp/bmp_dec.c:350:13: branch_false: following ‘false’ branch... jasper-version-4.2.8/src/libjasper/bmp/bmp_dec.c:352:11: branch_false: ...to here jasper-version-4.2.8/src/libjasper/bmp/bmp_dec.c:352:11: call_function: calling ‘bmp_getint16’ from ‘bmp_getinfo’ jasper-version-4.2.8/src/libjasper/bmp/bmp_dec.c:352:11: return_function: returning to ‘bmp_getinfo’ from ‘bmp_getint16’ jasper-version-4.2.8/src/libjasper/bmp/bmp_dec.c:350:13: branch_false: following ‘false’ branch... jasper-version-4.2.8/src/libjasper/bmp/bmp_dec.c:353:11: branch_false: ...to here jasper-version-4.2.8/src/libjasper/bmp/bmp_dec.c:353:11: call_function: calling ‘bmp_getint16’ from ‘bmp_getinfo’ jasper-version-4.2.8/src/libjasper/bmp/bmp_dec.c:353:11: return_function: returning to ‘bmp_getinfo’ from ‘bmp_getint16’ jasper-version-4.2.8/src/libjasper/bmp/bmp_dec.c:350:13: branch_false: following ‘false’ branch... jasper-version-4.2.8/src/libjasper/bmp/bmp_dec.c:353:45: branch_false: ...to here jasper-version-4.2.8/src/libjasper/bmp/bmp_dec.c:353:45: call_function: calling ‘bmp_getint32’ from ‘bmp_getinfo’ jasper-version-4.2.8/src/libjasper/bmp/bmp_dec.c:353:45: return_function: returning to ‘bmp_getinfo’ from ‘bmp_getint32’ jasper-version-4.2.8/src/libjasper/bmp/bmp_dec.c:350:13: branch_false: following ‘false’ branch... jasper-version-4.2.8/src/libjasper/bmp/bmp_dec.c:354:11: branch_false: ...to here jasper-version-4.2.8/src/libjasper/bmp/bmp_dec.c:354:11: call_function: calling ‘bmp_getint32’ from ‘bmp_getinfo’ jasper-version-4.2.8/src/libjasper/bmp/bmp_dec.c:354:11: return_function: returning to ‘bmp_getinfo’ from ‘bmp_getint32’ jasper-version-4.2.8/src/libjasper/bmp/bmp_dec.c:350:13: branch_false: following ‘false’ branch... jasper-version-4.2.8/src/libjasper/bmp/bmp_dec.c:355:11: branch_false: ...to here jasper-version-4.2.8/src/libjasper/bmp/bmp_dec.c:355:11: call_function: calling ‘bmp_getint32’ from ‘bmp_getinfo’ jasper-version-4.2.8/src/libjasper/bmp/bmp_dec.c:355:11: return_function: returning to ‘bmp_getinfo’ from ‘bmp_getint32’ jasper-version-4.2.8/src/libjasper/bmp/bmp_dec.c:350:13: branch_false: following ‘false’ branch... jasper-version-4.2.8/src/libjasper/bmp/bmp_dec.c:355:44: branch_false: ...to here jasper-version-4.2.8/src/libjasper/bmp/bmp_dec.c:355:44: call_function: calling ‘bmp_getint32’ from ‘bmp_getinfo’ jasper-version-4.2.8/src/libjasper/bmp/bmp_dec.c:355:44: return_function: returning to ‘bmp_getinfo’ from ‘bmp_getint32’ jasper-version-4.2.8/src/libjasper/bmp/bmp_dec.c:350:13: branch_false: following ‘false’ branch... jasper-version-4.2.8/src/libjasper/bmp/bmp_dec.c:356:11: branch_false: ...to here jasper-version-4.2.8/src/libjasper/bmp/bmp_dec.c:356:11: call_function: calling ‘bmp_getint32’ from ‘bmp_getinfo’ jasper-version-4.2.8/src/libjasper/bmp/bmp_dec.c:356:11: return_function: returning to ‘bmp_getinfo’ from ‘bmp_getint32’ jasper-version-4.2.8/src/libjasper/bmp/bmp_dec.c:350:13: branch_false: following ‘false’ branch... jasper-version-4.2.8/src/libjasper/bmp/bmp_dec.c:357:11: branch_false: ...to here jasper-version-4.2.8/src/libjasper/bmp/bmp_dec.c:357:11: call_function: calling ‘bmp_getint32’ from ‘bmp_getinfo’ jasper-version-4.2.8/src/libjasper/bmp/bmp_dec.c:357:11: return_function: returning to ‘bmp_getinfo’ from ‘bmp_getint32’ jasper-version-4.2.8/src/libjasper/bmp/bmp_dec.c:350:13: branch_false: following ‘false’ branch... jasper-version-4.2.8/src/libjasper/bmp/bmp_dec.c:361:13: branch_false: ...to here jasper-version-4.2.8/src/libjasper/bmp/bmp_dec.c:368:12: branch_false: following ‘false’ branch... jasper-version-4.2.8/src/libjasper/bmp/bmp_dec.c:368:13: branch_false: following ‘false’ branch... jasper-version-4.2.8/src/libjasper/bmp/bmp_dec.c:373:12: branch_false: following ‘false’ branch... jasper-version-4.2.8/src/libjasper/bmp/bmp_dec.c:380:14: branch_false: ...to here jasper-version-4.2.8/src/libjasper/bmp/bmp_dec.c:380:14: call_function: inlined call to ‘jas_safe_size_mul’ from ‘bmp_getinfo’ jasper-version-4.2.8/src/libjasper/bmp/bmp_dec.c:381:14: branch_false: ...to here jasper-version-4.2.8/src/libjasper/bmp/bmp_dec.c:386:12: branch_false: following ‘false’ branch... jasper-version-4.2.8/src/libjasper/bmp/bmp_dec.c:392:13: branch_false: ...to here jasper-version-4.2.8/src/libjasper/bmp/bmp_dec.c:400:12: branch_false: following ‘false’ branch... jasper-version-4.2.8/src/libjasper/bmp/bmp_dec.c:406:17: branch_false: ...to here jasper-version-4.2.8/src/libjasper/bmp/bmp_dec.c:406:17: release_memory: using NULL here jasper-version-4.2.8/src/libjasper/bmp/bmp_dec.c:409:21: branch_true: following ‘true’ branch... jasper-version-4.2.8/src/libjasper/bmp/bmp_dec.c:410:27: branch_true: ...to here jasper-version-4.2.8/src/libjasper/bmp/bmp_dec.c:410:27: release_memory: using NULL here jasper-version-4.2.8/src/libjasper/bmp/bmp_dec.c:410:17: release_memory: ‘palent’ is NULL jasper-version-4.2.8/src/libjasper/bmp/bmp_dec.c:411:21: danger: dereference of NULL ‘palent’ # 409| for (i = 0; i < info->numcolors; ++i) { # 410| palent = &info->palents[i]; # 411|-> if ((palent->blu = jas_stream_getc(in)) == EOF || # 412| (palent->grn = jas_stream_getc(in)) == EOF || # 413| (palent->red = jas_stream_getc(in)) == EOF || Error: GCC_ANALYZER_WARNING (CWE-401): [#def11] jasper-version-4.2.8/src/libjasper/include/jasper/jas_init.h:407:44: warning[-Wanalyzer-malloc-leak]: leak of ‘result’ jasper-version-4.2.8/src/libjasper/base/jas_malloc.c:272:7: enter_function: entry to ‘jas_std_alloc’ jasper-version-4.2.8/src/libjasper/base/jas_malloc.c:276:24: acquire_memory: allocated here jasper-version-4.2.8/src/libjasper/base/jas_malloc.c:277:9: call_function: calling ‘jas_get_debug_level’ from ‘jas_std_alloc’ # 405| { # 406| #if defined(JAS_HAVE_THREAD_LOCAL) # 407|-> return jas_cur_ctx ? jas_cur_ctx : jas_get_ctx_internal(); # 408| #else # 409| return JAS_CAST(jas_ctx_t *, jas_get_ctx_internal()); Error: GCC_ANALYZER_WARNING (CWE-404): [#def12] jasper-version-4.2.8/src/libjasper/include/jasper/jas_init.h:407:44: warning[-Wanalyzer-va-list-leak]: missing call to ‘va_end’ jasper-version-4.2.8/src/libjasper/base/jas_debug.c:143:5: enter_function: entry to ‘jas_loginfof’ jasper-version-4.2.8/src/libjasper/base/jas_debug.c:147:9: acquire_resource: ‘va_start’ called here jasper-version-4.2.8/src/libjasper/base/jas_debug.c:148:15: call_function: calling ‘jas_vlogmsgf’ from ‘jas_loginfof’ # 405| { # 406| #if defined(JAS_HAVE_THREAD_LOCAL) # 407|-> return jas_cur_ctx ? jas_cur_ctx : jas_get_ctx_internal(); # 408| #else # 409| return JAS_CAST(jas_ctx_t *, jas_get_ctx_internal()); Error: GCC_ANALYZER_WARNING (CWE-401): [#def13] jasper-version-4.2.8/src/libjasper/include/jasper/jas_init.h:435:16: warning[-Wanalyzer-malloc-leak]: leak of ‘tmpfile()’ jasper-version-4.2.8/src/libjasper/jpg/jpg_dec.c:198:14: enter_function: entry to ‘jpg_decode’ jasper-version-4.2.8/src/libjasper/jpg/jpg_dec.c:224:12: branch_false: following ‘false’ branch... jasper-version-4.2.8/src/libjasper/jpg/jpg_dec.c:228:13: branch_false: ...to here jasper-version-4.2.8/src/libjasper/jpg/jpg_dec.c:228:12: branch_false: following ‘false’ branch... jasper-version-4.2.8/src/libjasper/jpg/jpg_dec.c:233:9: call_function: inlined call to ‘jas_get_debug_level’ from ‘jpg_decode’ jasper-version-4.2.8/src/libjasper/jpg/jpg_dec.c:237:28: acquire_memory: allocated here jasper-version-4.2.8/src/libjasper/jpg/jpg_dec.c:237:12: branch_false: following ‘false’ branch... jasper-version-4.2.8/src/libjasper/jpg/jpg_dec.c:241:13: branch_false: ...to here jasper-version-4.2.8/src/libjasper/jpg/jpg_dec.c:241:13: call_function: calling ‘jpg_copystreamtofile’ from ‘jpg_decode’ jasper-version-4.2.8/src/libjasper/jpg/jpg_dec.c:241:13: return_function: returning to ‘jpg_decode’ from ‘jpg_copystreamtofile’ jasper-version-4.2.8/src/libjasper/jpg/jpg_dec.c:241:12: branch_false: following ‘false’ branch... jasper-version-4.2.8/src/libjasper/jpg/jpg_dec.c:245:9: branch_false: ...to here jasper-version-4.2.8/src/libjasper/jpg/jpg_dec.c:248:9: call_function: inlined call to ‘jas_get_debug_level’ from ‘jpg_decode’ # 433| return ctx->debug_level; # 434| #else # 435|-> return jas_get_debug_level_internal(); # 436| #endif # 437| } Error: CPPCHECK_WARNING (CWE-457): [#def14] jasper-version-4.2.8/src/libjasper/include/jasper/jas_math.h:527: warning[uninitvar]: Uninitialized variable: result.valid # 525| result.value = x.value + y.value; # 526| } # 527|-> return result; # 528| } # 529| Error: GCC_ANALYZER_WARNING (CWE-476): [#def15] jasper-version-4.2.8/src/libjasper/include/jasper/jas_seq.h:226:9: warning[-Wanalyzer-null-dereference]: dereference of NULL ‘matrix’ jasper-version-4.2.8/src/libjasper/pnm/pnm_dec.c:338:12: enter_function: entry to ‘pnm_getdata’ jasper-version-4.2.8/src/libjasper/pnm/pnm_dec.c:363:9: branch_true: following ‘true’ branch... jasper-version-4.2.8/src/libjasper/pnm/pnm_dec.c:364:35: branch_true: ...to here jasper-version-4.2.8/src/libjasper/pnm/pnm_dec.c:366:9: release_memory: using NULL here jasper-version-4.2.8/src/libjasper/pnm/pnm_dec.c:367:9: release_memory: using NULL here jasper-version-4.2.8/src/libjasper/pnm/pnm_dec.c:368:9: release_memory: using NULL here jasper-version-4.2.8/src/libjasper/pnm/pnm_dec.c:366:9: release_memory: using NULL here jasper-version-4.2.8/src/libjasper/pnm/pnm_dec.c:367:9: release_memory: using NULL here jasper-version-4.2.8/src/libjasper/pnm/pnm_dec.c:368:9: release_memory: using NULL here jasper-version-4.2.8/src/libjasper/pnm/pnm_dec.c:369:26: branch_false: following ‘false’ branch... branch_false: ...to here jasper-version-4.2.8/src/libjasper/pnm/pnm_dec.c:375:21: branch_true: following ‘true’ branch... jasper-version-4.2.8/src/libjasper/pnm/pnm_dec.c:376:20: branch_true: ...to here jasper-version-4.2.8/src/libjasper/pnm/pnm_dec.c:376:20: branch_true: following ‘true’ branch... jasper-version-4.2.8/src/libjasper/pnm/pnm_dec.c:377:28: branch_true: ...to here jasper-version-4.2.8/src/libjasper/pnm/pnm_dec.c:377:28: branch_true: following ‘true’ branch... branch_true: ...to here jasper-version-4.2.8/src/libjasper/pnm/pnm_dec.c:378:45: branch_true: following ‘true’ branch... jasper-version-4.2.8/src/libjasper/pnm/pnm_dec.c:379:50: branch_true: ...to here jasper-version-4.2.8/src/libjasper/pnm/pnm_dec.c:379:44: branch_false: following ‘false’ branch... branch_false: ...to here jasper-version-4.2.8/src/libjasper/pnm/pnm_dec.c:383:48: branch_true: following ‘true’ branch... jasper-version-4.2.8/src/libjasper/pnm/pnm_dec.c:384:49: release_memory: using NULL here jasper-version-4.2.8/src/libjasper/pnm/pnm_dec.c:384:49: release_memory: using NULL here jasper-version-4.2.8/src/libjasper/pnm/pnm_dec.c:384:49: call_function: calling ‘jas_matrix_set’ from ‘pnm_getdata’ # 224| static inline void jas_matrix_set(jas_matrix_t *matrix, jas_matind_t i, jas_matind_t j, jas_seqent_t v) # 225| { # 226|-> assert(i >= 0 && i < matrix->numrows_ && j >= 0 && j < matrix->numcols_); # 227| matrix->rows_[i][j] = v; # 228| } Error: GCC_ANALYZER_WARNING (CWE-476): [#def16] jasper-version-4.2.8/src/libjasper/include/jasper/jas_seq.h:261:17: warning[-Wanalyzer-null-dereference]: dereference of NULL ‘0’ jasper-version-4.2.8/src/libjasper/base/jas_seq.c:188:15: enter_function: entry to ‘jas_matrix_copy’ jasper-version-4.2.8/src/libjasper/base/jas_seq.c:194:21: branch_true: following ‘true’ branch... branch_true: ...to here jasper-version-4.2.8/src/libjasper/base/jas_seq.c:195:29: branch_true: following ‘true’ branch... jasper-version-4.2.8/src/libjasper/base/jas_seq.c:196:26: call_function: inlined call to ‘jas_matrix_getref’ from ‘jas_matrix_copy’ # 259| static inline jas_seqent_t *jas_matrix_getref(const jas_matrix_t *matrix, jas_matind_t i, jas_matind_t j) # 260| { # 261|-> return &matrix->rows_[i][j]; # 262| } # 263| Error: GCC_ANALYZER_WARNING (CWE-401): [#def17] jasper-version-4.2.8/src/libjasper/jpg/jpg_dec.c:242:17: warning[-Wanalyzer-malloc-leak]: leak of ‘tmpfile()’ jasper-version-4.2.8/src/libjasper/jpg/jpg_dec.c:198:14: enter_function: entry to ‘jpg_decode’ jasper-version-4.2.8/src/libjasper/jpg/jpg_dec.c:224:12: branch_false: following ‘false’ branch... jasper-version-4.2.8/src/libjasper/jpg/jpg_dec.c:228:13: branch_false: ...to here jasper-version-4.2.8/src/libjasper/jpg/jpg_dec.c:228:12: branch_false: following ‘false’ branch... jasper-version-4.2.8/src/libjasper/jpg/jpg_dec.c:233:9: call_function: inlined call to ‘jas_get_debug_level’ from ‘jpg_decode’ jasper-version-4.2.8/src/libjasper/jpg/jpg_dec.c:237:28: acquire_memory: allocated here jasper-version-4.2.8/src/libjasper/jpg/jpg_dec.c:237:12: branch_false: following ‘false’ branch... jasper-version-4.2.8/src/libjasper/jpg/jpg_dec.c:241:13: branch_false: ...to here jasper-version-4.2.8/src/libjasper/jpg/jpg_dec.c:241:12: branch_true: following ‘true’ branch... jasper-version-4.2.8/src/libjasper/jpg/jpg_dec.c:242:17: branch_true: ...to here jasper-version-4.2.8/src/libjasper/jpg/jpg_dec.c:242:17: danger: ‘tmpfile()’ leaks here; was allocated at [(7)](sarif:/runs/0/results/3/codeFlows/0/threadFlows/0/locations/6) # 240| } # 241| if (jpg_copystreamtofile(input_file, in)) { # 242|-> jas_logerrorf("cannot copy stream\n"); # 243| goto error; # 244| } Error: GCC_ANALYZER_WARNING (CWE-401): [#def18] jasper-version-4.2.8/src/libjasper/jpg/jpg_dec.c:245:9: warning[-Wanalyzer-malloc-leak]: leak of ‘tmpfile()’ jasper-version-4.2.8/src/libjasper/jpg/jpg_dec.c:198:14: enter_function: entry to ‘jpg_decode’ jasper-version-4.2.8/src/libjasper/jpg/jpg_dec.c:224:12: branch_false: following ‘false’ branch... jasper-version-4.2.8/src/libjasper/jpg/jpg_dec.c:228:13: branch_false: ...to here jasper-version-4.2.8/src/libjasper/jpg/jpg_dec.c:228:12: branch_false: following ‘false’ branch... jasper-version-4.2.8/src/libjasper/jpg/jpg_dec.c:233:9: call_function: inlined call to ‘jas_get_debug_level’ from ‘jpg_decode’ jasper-version-4.2.8/src/libjasper/jpg/jpg_dec.c:237:28: acquire_memory: allocated here jasper-version-4.2.8/src/libjasper/jpg/jpg_dec.c:237:12: branch_false: following ‘false’ branch... jasper-version-4.2.8/src/libjasper/jpg/jpg_dec.c:241:13: branch_false: ...to here jasper-version-4.2.8/src/libjasper/jpg/jpg_dec.c:241:13: call_function: calling ‘jpg_copystreamtofile’ from ‘jpg_decode’ jasper-version-4.2.8/src/libjasper/jpg/jpg_dec.c:241:13: return_function: returning to ‘jpg_decode’ from ‘jpg_copystreamtofile’ jasper-version-4.2.8/src/libjasper/jpg/jpg_dec.c:241:12: branch_false: following ‘false’ branch... jasper-version-4.2.8/src/libjasper/jpg/jpg_dec.c:245:9: branch_false: ...to here jasper-version-4.2.8/src/libjasper/jpg/jpg_dec.c:245:9: danger: ‘tmpfile()’ leaks here; was allocated at [(7)](sarif:/runs/0/results/4/codeFlows/0/threadFlows/0/locations/6) # 243| goto error; # 244| } # 245|-> rewind(input_file); # 246| # 247| /* Allocate and initialize a JPEG decompression object. */ Error: GCC_ANALYZER_WARNING (CWE-401): [#def19] jasper-version-4.2.8/src/libjasper/jpg/jpg_dec.c:248:9: warning[-Wanalyzer-malloc-leak]: leak of ‘tmpfile()’ jasper-version-4.2.8/src/libjasper/jpg/jpg_dec.c:198:14: enter_function: entry to ‘jpg_decode’ jasper-version-4.2.8/src/libjasper/jpg/jpg_dec.c:224:12: branch_false: following ‘false’ branch... jasper-version-4.2.8/src/libjasper/jpg/jpg_dec.c:228:13: branch_false: ...to here jasper-version-4.2.8/src/libjasper/jpg/jpg_dec.c:228:12: branch_false: following ‘false’ branch... jasper-version-4.2.8/src/libjasper/jpg/jpg_dec.c:233:9: call_function: inlined call to ‘jas_get_debug_level’ from ‘jpg_decode’ jasper-version-4.2.8/src/libjasper/jpg/jpg_dec.c:237:28: acquire_memory: allocated here jasper-version-4.2.8/src/libjasper/jpg/jpg_dec.c:237:12: branch_false: following ‘false’ branch... jasper-version-4.2.8/src/libjasper/jpg/jpg_dec.c:241:13: branch_false: ...to here jasper-version-4.2.8/src/libjasper/jpg/jpg_dec.c:241:13: call_function: calling ‘jpg_copystreamtofile’ from ‘jpg_decode’ jasper-version-4.2.8/src/libjasper/jpg/jpg_dec.c:241:13: return_function: returning to ‘jpg_decode’ from ‘jpg_copystreamtofile’ jasper-version-4.2.8/src/libjasper/jpg/jpg_dec.c:241:12: branch_false: following ‘false’ branch... jasper-version-4.2.8/src/libjasper/jpg/jpg_dec.c:245:9: branch_false: ...to here jasper-version-4.2.8/src/libjasper/jpg/jpg_dec.c:248:9: branch_true: following ‘true’ branch... jasper-version-4.2.8/src/libjasper/jpg/jpg_dec.c:248:9: branch_true: ...to here jasper-version-4.2.8/src/libjasper/jpg/jpg_dec.c:248:9: danger: ‘tmpfile()’ leaks here; was allocated at [(7)](sarif:/runs/0/results/5/codeFlows/0/threadFlows/0/locations/6) # 246| # 247| /* Allocate and initialize a JPEG decompression object. */ # 248|-> JAS_LOGDEBUGF(10, "jpeg_std_error(%p)\n", &jerr); # 249| cinfo.err = jpeg_std_error(&jerr); # 250| JAS_LOGDEBUGF(10, "jpeg_create_decompress(%p)\n", &cinfo); Error: GCC_ANALYZER_WARNING (CWE-401): [#def20] jasper-version-4.2.8/src/libjasper/jpg/jpg_dec.c:249:21: warning[-Wanalyzer-malloc-leak]: leak of ‘tmpfile()’ jasper-version-4.2.8/src/libjasper/jpg/jpg_dec.c:198:14: enter_function: entry to ‘jpg_decode’ jasper-version-4.2.8/src/libjasper/jpg/jpg_dec.c:224:12: branch_false: following ‘false’ branch... jasper-version-4.2.8/src/libjasper/jpg/jpg_dec.c:228:13: branch_false: ...to here jasper-version-4.2.8/src/libjasper/jpg/jpg_dec.c:228:12: branch_false: following ‘false’ branch... jasper-version-4.2.8/src/libjasper/jpg/jpg_dec.c:233:9: call_function: inlined call to ‘jas_get_debug_level’ from ‘jpg_decode’ jasper-version-4.2.8/src/libjasper/jpg/jpg_dec.c:237:28: acquire_memory: allocated here jasper-version-4.2.8/src/libjasper/jpg/jpg_dec.c:237:12: branch_false: following ‘false’ branch... jasper-version-4.2.8/src/libjasper/jpg/jpg_dec.c:241:13: branch_false: ...to here jasper-version-4.2.8/src/libjasper/jpg/jpg_dec.c:241:13: call_function: calling ‘jpg_copystreamtofile’ from ‘jpg_decode’ jasper-version-4.2.8/src/libjasper/jpg/jpg_dec.c:241:13: return_function: returning to ‘jpg_decode’ from ‘jpg_copystreamtofile’ jasper-version-4.2.8/src/libjasper/jpg/jpg_dec.c:241:12: branch_false: following ‘false’ branch... jasper-version-4.2.8/src/libjasper/jpg/jpg_dec.c:245:9: branch_false: ...to here jasper-version-4.2.8/src/libjasper/jpg/jpg_dec.c:249:21: danger: ‘tmpfile()’ leaks here; was allocated at [(7)](sarif:/runs/0/results/6/codeFlows/0/threadFlows/0/locations/6) # 247| /* Allocate and initialize a JPEG decompression object. */ # 248| JAS_LOGDEBUGF(10, "jpeg_std_error(%p)\n", &jerr); # 249|-> cinfo.err = jpeg_std_error(&jerr); # 250| JAS_LOGDEBUGF(10, "jpeg_create_decompress(%p)\n", &cinfo); # 251| jpeg_create_decompress(&cinfo); Error: GCC_ANALYZER_WARNING (CWE-401): [#def21] jasper-version-4.2.8/src/libjasper/jpg/jpg_dec.c:250:9: warning[-Wanalyzer-malloc-leak]: leak of ‘tmpfile()’ jasper-version-4.2.8/src/libjasper/jpg/jpg_dec.c:198:14: enter_function: entry to ‘jpg_decode’ jasper-version-4.2.8/src/libjasper/jpg/jpg_dec.c:224:12: branch_false: following ‘false’ branch... jasper-version-4.2.8/src/libjasper/jpg/jpg_dec.c:228:13: branch_false: ...to here jasper-version-4.2.8/src/libjasper/jpg/jpg_dec.c:228:12: branch_false: following ‘false’ branch... jasper-version-4.2.8/src/libjasper/jpg/jpg_dec.c:233:9: call_function: inlined call to ‘jas_get_debug_level’ from ‘jpg_decode’ jasper-version-4.2.8/src/libjasper/jpg/jpg_dec.c:237:28: acquire_memory: allocated here jasper-version-4.2.8/src/libjasper/jpg/jpg_dec.c:237:12: branch_false: following ‘false’ branch... jasper-version-4.2.8/src/libjasper/jpg/jpg_dec.c:241:13: branch_false: ...to here jasper-version-4.2.8/src/libjasper/jpg/jpg_dec.c:241:13: call_function: calling ‘jpg_copystreamtofile’ from ‘jpg_decode’ jasper-version-4.2.8/src/libjasper/jpg/jpg_dec.c:241:13: return_function: returning to ‘jpg_decode’ from ‘jpg_copystreamtofile’ jasper-version-4.2.8/src/libjasper/jpg/jpg_dec.c:241:12: branch_false: following ‘false’ branch... jasper-version-4.2.8/src/libjasper/jpg/jpg_dec.c:245:9: branch_false: ...to here jasper-version-4.2.8/src/libjasper/jpg/jpg_dec.c:250:9: branch_true: following ‘true’ branch... jasper-version-4.2.8/src/libjasper/jpg/jpg_dec.c:250:9: branch_true: ...to here jasper-version-4.2.8/src/libjasper/jpg/jpg_dec.c:250:9: danger: ‘tmpfile()’ leaks here; was allocated at [(7)](sarif:/runs/0/results/7/codeFlows/0/threadFlows/0/locations/6) # 248| JAS_LOGDEBUGF(10, "jpeg_std_error(%p)\n", &jerr); # 249| cinfo.err = jpeg_std_error(&jerr); # 250|-> JAS_LOGDEBUGF(10, "jpeg_create_decompress(%p)\n", &cinfo); # 251| jpeg_create_decompress(&cinfo); # 252| cinfo_initialized = 1; Error: GCC_ANALYZER_WARNING (CWE-401): [#def22] jasper-version-4.2.8/src/libjasper/jpg/jpg_dec.c:255:9: warning[-Wanalyzer-malloc-leak]: leak of ‘tmpfile()’ jasper-version-4.2.8/src/libjasper/jpg/jpg_dec.c:198:14: enter_function: entry to ‘jpg_decode’ jasper-version-4.2.8/src/libjasper/jpg/jpg_dec.c:224:12: branch_false: following ‘false’ branch... jasper-version-4.2.8/src/libjasper/jpg/jpg_dec.c:228:13: branch_false: ...to here jasper-version-4.2.8/src/libjasper/jpg/jpg_dec.c:228:12: branch_false: following ‘false’ branch... jasper-version-4.2.8/src/libjasper/jpg/jpg_dec.c:233:9: call_function: inlined call to ‘jas_get_debug_level’ from ‘jpg_decode’ jasper-version-4.2.8/src/libjasper/jpg/jpg_dec.c:237:28: acquire_memory: allocated here jasper-version-4.2.8/src/libjasper/jpg/jpg_dec.c:237:12: branch_false: following ‘false’ branch... jasper-version-4.2.8/src/libjasper/jpg/jpg_dec.c:241:13: branch_false: ...to here jasper-version-4.2.8/src/libjasper/jpg/jpg_dec.c:241:13: call_function: calling ‘jpg_copystreamtofile’ from ‘jpg_decode’ jasper-version-4.2.8/src/libjasper/jpg/jpg_dec.c:241:13: return_function: returning to ‘jpg_decode’ from ‘jpg_copystreamtofile’ jasper-version-4.2.8/src/libjasper/jpg/jpg_dec.c:241:12: branch_false: following ‘false’ branch... jasper-version-4.2.8/src/libjasper/jpg/jpg_dec.c:245:9: branch_false: ...to here jasper-version-4.2.8/src/libjasper/jpg/jpg_dec.c:255:9: branch_true: following ‘true’ branch... jasper-version-4.2.8/src/libjasper/jpg/jpg_dec.c:255:9: branch_true: ...to here jasper-version-4.2.8/src/libjasper/jpg/jpg_dec.c:255:9: danger: ‘tmpfile()’ leaks here; was allocated at [(7)](sarif:/runs/0/results/8/codeFlows/0/threadFlows/0/locations/6) # 253| # 254| /* Specify the data source for decompression. */ # 255|-> JAS_LOGDEBUGF(10, "jpeg_stdio_src(%p, %p)\n", &cinfo, input_file); # 256| jpeg_stdio_src(&cinfo, input_file); # 257| Error: GCC_ANALYZER_WARNING (CWE-401): [#def23] jasper-version-4.2.8/src/libjasper/jpg/jpg_dec.c:256:9: warning[-Wanalyzer-malloc-leak]: leak of ‘tmpfile()’ jasper-version-4.2.8/src/libjasper/jpg/jpg_dec.c:198:14: enter_function: entry to ‘jpg_decode’ jasper-version-4.2.8/src/libjasper/jpg/jpg_dec.c:224:12: branch_false: following ‘false’ branch... jasper-version-4.2.8/src/libjasper/jpg/jpg_dec.c:228:13: branch_false: ...to here jasper-version-4.2.8/src/libjasper/jpg/jpg_dec.c:228:12: branch_false: following ‘false’ branch... jasper-version-4.2.8/src/libjasper/jpg/jpg_dec.c:233:9: call_function: inlined call to ‘jas_get_debug_level’ from ‘jpg_decode’ jasper-version-4.2.8/src/libjasper/jpg/jpg_dec.c:237:28: acquire_memory: allocated here jasper-version-4.2.8/src/libjasper/jpg/jpg_dec.c:237:12: branch_false: following ‘false’ branch... jasper-version-4.2.8/src/libjasper/jpg/jpg_dec.c:241:13: branch_false: ...to here jasper-version-4.2.8/src/libjasper/jpg/jpg_dec.c:241:13: call_function: calling ‘jpg_copystreamtofile’ from ‘jpg_decode’ jasper-version-4.2.8/src/libjasper/jpg/jpg_dec.c:241:13: return_function: returning to ‘jpg_decode’ from ‘jpg_copystreamtofile’ jasper-version-4.2.8/src/libjasper/jpg/jpg_dec.c:241:12: branch_false: following ‘false’ branch... jasper-version-4.2.8/src/libjasper/jpg/jpg_dec.c:245:9: branch_false: ...to here jasper-version-4.2.8/src/libjasper/jpg/jpg_dec.c:255:9: branch_false: following ‘false’ branch... jasper-version-4.2.8/src/libjasper/jpg/jpg_dec.c:256:9: branch_false: ...to here jasper-version-4.2.8/src/libjasper/jpg/jpg_dec.c:256:9: danger: ‘tmpfile()’ leaks here; was allocated at [(7)](sarif:/runs/0/results/9/codeFlows/0/threadFlows/0/locations/6) # 254| /* Specify the data source for decompression. */ # 255| JAS_LOGDEBUGF(10, "jpeg_stdio_src(%p, %p)\n", &cinfo, input_file); # 256|-> jpeg_stdio_src(&cinfo, input_file); # 257| # 258| /* Read the file header to obtain the image information. */ Error: GCC_ANALYZER_WARNING (CWE-401): [#def24] jasper-version-4.2.8/src/libjasper/jpg/jpg_dec.c:452:21: warning[-Wanalyzer-malloc-leak]: leak of ‘tmpfile()’ jasper-version-4.2.8/src/libjasper/jpg/jpg_dec.c:198:14: enter_function: entry to ‘jpg_decode’ jasper-version-4.2.8/src/libjasper/jpg/jpg_dec.c:224:12: branch_false: following ‘false’ branch... jasper-version-4.2.8/src/libjasper/jpg/jpg_dec.c:228:13: branch_false: ...to here jasper-version-4.2.8/src/libjasper/jpg/jpg_dec.c:228:12: branch_false: following ‘false’ branch... jasper-version-4.2.8/src/libjasper/jpg/jpg_dec.c:233:9: call_function: inlined call to ‘jas_get_debug_level’ from ‘jpg_decode’ jasper-version-4.2.8/src/libjasper/jpg/jpg_dec.c:237:28: acquire_memory: allocated here jasper-version-4.2.8/src/libjasper/jpg/jpg_dec.c:237:12: branch_false: following ‘false’ branch... jasper-version-4.2.8/src/libjasper/jpg/jpg_dec.c:241:13: branch_false: ...to here jasper-version-4.2.8/src/libjasper/jpg/jpg_dec.c:241:13: call_function: calling ‘jpg_copystreamtofile’ from ‘jpg_decode’ # 450| int c; # 451| # 452|-> while ((c = jas_stream_getc(in)) != EOF) { # 453| if (fputc(c, out) == EOF) { # 454| return -1; Error: GCC_ANALYZER_WARNING (CWE-121): [#def25] jasper-version-4.2.8/src/libjasper/pnm/pnm_dec.c:370:22: warning[-Wanalyzer-out-of-bounds]: stack-based buffer overflow jasper-version-4.2.8/src/libjasper/pnm/pnm_dec.c:363:9: branch_true: following ‘true’ branch... jasper-version-4.2.8/src/libjasper/pnm/pnm_dec.c:364:35: branch_true: ...to here jasper-version-4.2.8/src/libjasper/pnm/pnm_dec.c:369:26: branch_true: following ‘true’ branch... jasper-version-4.2.8/src/libjasper/pnm/pnm_dec.c:370:59: branch_true: ...to here jasper-version-4.2.8/src/libjasper/pnm/pnm_dec.c:370:20: branch_false: following ‘false’ branch... jasper-version-4.2.8/src/libjasper/pnm/pnm_dec.c:369:50: branch_false: ...to here jasper-version-4.2.8/src/libjasper/pnm/pnm_dec.c:369:26: branch_true: following ‘true’ branch... jasper-version-4.2.8/src/libjasper/pnm/pnm_dec.c:370:59: branch_true: ...to here jasper-version-4.2.8/src/libjasper/pnm/pnm_dec.c:370:20: branch_false: following ‘false’ branch... jasper-version-4.2.8/src/libjasper/pnm/pnm_dec.c:369:50: branch_false: ...to here jasper-version-4.2.8/src/libjasper/pnm/pnm_dec.c:369:26: branch_true: following ‘true’ branch... jasper-version-4.2.8/src/libjasper/pnm/pnm_dec.c:370:59: branch_true: ...to here jasper-version-4.2.8/src/libjasper/pnm/pnm_dec.c:370:20: branch_false: following ‘false’ branch... jasper-version-4.2.8/src/libjasper/pnm/pnm_dec.c:369:50: branch_false: ...to here jasper-version-4.2.8/src/libjasper/pnm/pnm_dec.c:369:26: branch_true: following ‘true’ branch... jasper-version-4.2.8/src/libjasper/pnm/pnm_dec.c:370:59: branch_true: ...to here jasper-version-4.2.8/src/libjasper/pnm/pnm_dec.c:370:22: danger: out-of-bounds write from byte 24 till byte 31 but ‘data’ ends at byte 24 # 368| data[2] = 0; # 369| for (cmptno = 0; cmptno < hdr->numcmpts; ++cmptno) { # 370|-> if (!(data[cmptno] = jas_matrix_create(1, hdr->width))) { # 371| goto done; # 372| } Error: GCC_ANALYZER_WARNING (CWE-121): [#def26] jasper-version-4.2.8/src/libjasper/pnm/pnm_enc.c:340:22: warning[-Wanalyzer-out-of-bounds]: stack-based buffer overflow jasper-version-4.2.8/src/libjasper/pnm/pnm_enc.c:339:26: branch_true: following ‘true’ branch (when ‘cmptno < numcmpts’)... jasper-version-4.2.8/src/libjasper/pnm/pnm_enc.c:340:59: branch_true: ...to here jasper-version-4.2.8/src/libjasper/pnm/pnm_enc.c:340:20: branch_false: following ‘false’ branch... jasper-version-4.2.8/src/libjasper/pnm/pnm_enc.c:339:45: branch_false: ...to here jasper-version-4.2.8/src/libjasper/pnm/pnm_enc.c:339:26: branch_true: following ‘true’ branch (when ‘cmptno < numcmpts’)... jasper-version-4.2.8/src/libjasper/pnm/pnm_enc.c:340:59: branch_true: ...to here jasper-version-4.2.8/src/libjasper/pnm/pnm_enc.c:340:20: branch_false: following ‘false’ branch... jasper-version-4.2.8/src/libjasper/pnm/pnm_enc.c:339:45: branch_false: ...to here jasper-version-4.2.8/src/libjasper/pnm/pnm_enc.c:339:26: branch_true: following ‘true’ branch (when ‘cmptno < numcmpts’)... jasper-version-4.2.8/src/libjasper/pnm/pnm_enc.c:340:59: branch_true: ...to here jasper-version-4.2.8/src/libjasper/pnm/pnm_enc.c:340:20: branch_false: following ‘false’ branch... jasper-version-4.2.8/src/libjasper/pnm/pnm_enc.c:339:45: branch_false: ...to here jasper-version-4.2.8/src/libjasper/pnm/pnm_enc.c:339:26: branch_true: following ‘true’ branch (when ‘cmptno < numcmpts’)... jasper-version-4.2.8/src/libjasper/pnm/pnm_enc.c:340:59: branch_true: ...to here jasper-version-4.2.8/src/libjasper/pnm/pnm_enc.c:340:22: danger: out-of-bounds write from byte 24 till byte 31 but ‘data’ ends at byte 24 # 338| data[2] = 0; # 339| for (cmptno = 0; cmptno < numcmpts; ++cmptno) { # 340|-> if (!(data[cmptno] = jas_matrix_create(1, hdr->width))) { # 341| goto done; # 342| } Error: GCC_ANALYZER_WARNING (CWE-126): [#def27] jasper-version-4.2.8/src/libjasper/ras/ras_dec.c:382:17: warning[-Wanalyzer-out-of-bounds]: stack-based buffer over-read jasper-version-4.2.8/src/libjasper/ras/ras_dec.c:330:9: branch_true: following ‘true’ branch... branch_true: ...to here jasper-version-4.2.8/src/libjasper/ras/ras_dec.c:332:30: branch_true: following ‘true’ branch (when ‘i != 3’)... jasper-version-4.2.8/src/libjasper/ras/ras_dec.c:333:17: branch_true: ...to here jasper-version-4.2.8/src/libjasper/ras/ras_dec.c:337:20: branch_false: following ‘false’ branch... jasper-version-4.2.8/src/libjasper/ras/ras_dec.c:336:61: branch_false: ...to here jasper-version-4.2.8/src/libjasper/ras/ras_dec.c:381:30: branch_true: following ‘true’ branch... jasper-version-4.2.8/src/libjasper/ras/ras_dec.c:382:17: branch_true: ...to here jasper-version-4.2.8/src/libjasper/ras/ras_dec.c:381:30: branch_true: following ‘true’ branch... jasper-version-4.2.8/src/libjasper/ras/ras_dec.c:382:17: branch_true: ...to here jasper-version-4.2.8/src/libjasper/ras/ras_dec.c:381:30: branch_true: following ‘true’ branch... jasper-version-4.2.8/src/libjasper/ras/ras_dec.c:382:17: branch_true: ...to here jasper-version-4.2.8/src/libjasper/ras/ras_dec.c:381:30: branch_true: following ‘true’ branch... jasper-version-4.2.8/src/libjasper/ras/ras_dec.c:382:17: branch_true: ...to here jasper-version-4.2.8/src/libjasper/ras/ras_dec.c:382:17: danger: out-of-bounds read from byte 24 till byte 31 but ‘data’ ends at byte 24 # 380| # 381| for (unsigned i = 0; i < jas_image_numcmpts(image); ++i) { # 382|-> jas_matrix_destroy(data[i]); # 383| data[i] = 0; # 384| } Error: GCC_ANALYZER_WARNING (CWE-121): [#def28] jasper-version-4.2.8/src/libjasper/ras/ras_dec.c:383:17: warning[-Wanalyzer-out-of-bounds]: stack-based buffer overflow jasper-version-4.2.8/src/libjasper/ras/ras_dec.c:330:9: branch_true: following ‘true’ branch... branch_true: ...to here jasper-version-4.2.8/src/libjasper/ras/ras_dec.c:332:30: branch_true: following ‘true’ branch (when ‘i != 3’)... jasper-version-4.2.8/src/libjasper/ras/ras_dec.c:333:17: branch_true: ...to here jasper-version-4.2.8/src/libjasper/ras/ras_dec.c:337:20: branch_false: following ‘false’ branch... jasper-version-4.2.8/src/libjasper/ras/ras_dec.c:336:61: branch_false: ...to here jasper-version-4.2.8/src/libjasper/ras/ras_dec.c:381:30: branch_true: following ‘true’ branch... jasper-version-4.2.8/src/libjasper/ras/ras_dec.c:382:17: branch_true: ...to here jasper-version-4.2.8/src/libjasper/ras/ras_dec.c:381:30: branch_true: following ‘true’ branch... jasper-version-4.2.8/src/libjasper/ras/ras_dec.c:382:17: branch_true: ...to here jasper-version-4.2.8/src/libjasper/ras/ras_dec.c:381:30: branch_true: following ‘true’ branch... jasper-version-4.2.8/src/libjasper/ras/ras_dec.c:382:17: branch_true: ...to here jasper-version-4.2.8/src/libjasper/ras/ras_dec.c:381:30: branch_true: following ‘true’ branch... jasper-version-4.2.8/src/libjasper/ras/ras_dec.c:382:17: branch_true: ...to here jasper-version-4.2.8/src/libjasper/ras/ras_dec.c:383:17: danger: out-of-bounds write from byte 24 till byte 31 but ‘data’ ends at byte 24 # 381| for (unsigned i = 0; i < jas_image_numcmpts(image); ++i) { # 382| jas_matrix_destroy(data[i]); # 383|-> data[i] = 0; # 384| } # 385|
| analyzer-version-clippy | 1.90.0 |
| analyzer-version-cppcheck | 2.18.3 |
| analyzer-version-gcc | 15.2.1 |
| analyzer-version-gcc-analyzer | 16.0.0 |
| analyzer-version-shellcheck | 0.11.0 |
| analyzer-version-unicontrol | 0.0.2 |
| enabled-plugins | clippy, cppcheck, gcc, shellcheck, unicontrol |
| exit-code | 0 |
| host | ip-172-16-1-228.us-west-2.compute.internal |
| known-false-positives | /usr/share/csmock/known-false-positives.js |
| known-false-positives-rpm | known-false-positives-0.0.0.20250521.132812.g8eff701.main-1.el9.noarch |
| mock-config | fedora-rawhide-gcc-latest-x86_64 |
| project-name | jasper-4.2.8-1.fc44 |
| store-results-to | /tmp/tmp78j9igrv/jasper-4.2.8-1.fc44.tar.xz |
| time-created | 2025-10-28 18:24:59 |
| time-finished | 2025-10-28 18:26:48 |
| tool | csmock |
| tool-args | '/usr/bin/csmock' '-r' 'fedora-rawhide-gcc-latest-x86_64' '-t' 'gcc,cppcheck,shellcheck,clippy,unicontrol' '-o' '/tmp/tmp78j9igrv/jasper-4.2.8-1.fc44.tar.xz' '--gcc-analyze' '--unicontrol-notests' '--unicontrol-bidi-only' '--install' 'pam' '--install=gcc-latest' '--gcc-analyzer-bin=/opt/gcc-latest/bin/gcc' '/tmp/tmp78j9igrv/jasper-4.2.8-1.fc44.src.rpm' |
| tool-version | csmock-3.8.3.20251027.143044.ge6b947b-1.el9 |