The following issues were found
libavfilter/vf_palettegen.c
1 issues
Line: 285
Column: 5
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
static double set_colorquant_ratio_meta(AVFrame *out, int nb_out, int nb_in)
{
char buf[32];
const double ratio = (double)nb_out / nb_in;
snprintf(buf, sizeof(buf), "%f", ratio);
av_dict_set(&out->metadata, "lavfi.color_quant_ratio", buf, 0);
return ratio;
}
Reported by FlawFinder.
libavfilter/vf_perspective.c
1 issues
Line: 41
Column: 5
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
typedef struct PerspectiveContext {
const AVClass *class;
char *expr_str[4][2];
double ref[4][2];
int32_t (*pv)[2];
int32_t coeff[SUB_PIXELS][4];
int interpolation;
int linesize[4];
Reported by FlawFinder.
libavfilter/vf_phase.c
1 issues
Line: 196
Column: 13
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
uint8_t *to = out->data[plane];
for (y = 0, top = 1; y < s->planeheight[plane]; y++, top ^= 1) {
memcpy(to, mode == (top ? BOTTOM_FIRST : TOP_FIRST) ? buf : from, s->linesize[plane]);
buf += s->frame->linesize[plane];
from += in->linesize[plane];
to += out->linesize[plane];
}
Reported by FlawFinder.
libavfilter/vf_photosensitivity.c
1 issues
Line: 286
Column: 9
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
av_frame_copy_props(out, in);
metadata = &out->metadata;
if (metadata) {
char value[128];
snprintf(value, sizeof(value), "%f", (float)new_badness / s->badness_threshold);
av_dict_set(metadata, "lavfi.photosensitivity.badness", value, 0);
snprintf(value, sizeof(value), "%f", (float)fixed_badness / s->badness_threshold);
Reported by FlawFinder.
libavfilter/vf_pixdesctest.c
1 issues
Line: 84
Column: 9
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
/* copy palette */
if (priv->pix_desc->flags & AV_PIX_FMT_FLAG_PAL)
memcpy(out->data[1], in->data[1], AVPALETTE_SIZE);
for (c = 0; c < priv->pix_desc->nb_components; c++) {
const int w1 = c == 1 || c == 2 ? cw : w;
const int h1 = c == 1 || c == 2 ? ch : h;
Reported by FlawFinder.
libavfilter/vf_pseudocolor.c
1 issues
Line: 208
Column: 5
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
int linesize[4];
int width[4], height[4];
double var_values[VAR_VARS_NB];
char *comp_expr_str[4];
AVExpr *comp_expr[4];
float lut[4][256*256];
void (*filter[4])(int max, int width, int height,
const uint8_t *index, const uint8_t *src,
Reported by FlawFinder.
libavfilter/vf_random.c
1 issues
Line: 52
Column: 23
CWE codes:
327
Suggestion:
Use a more secure technique for acquiring random values
{ NULL }
};
AVFILTER_DEFINE_CLASS(random);
static av_cold int init(AVFilterContext *ctx)
{
RandomContext *s = ctx->priv;
uint32_t seed;
Reported by FlawFinder.
libavfilter/vf_readvitc.c
1 issues
Line: 50
Column: 5
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
int threshold_gray;
int grp_width;
uint8_t line_data[LINE_DATA_SIZE];
char tcbuf[AV_TIMECODE_STR_SIZE];
} ReadVitcContext;
#define OFFSET(x) offsetof(ReadVitcContext, x)
#define FLAGS AV_OPT_FLAG_VIDEO_PARAM|AV_OPT_FLAG_FILTERING_PARAM
Reported by FlawFinder.
libavfilter/vf_scale_cuda.c
1 issues
Line: 291
Column: 5
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
CUDAScaleContext *s = ctx->priv;
CUcontext dummy, cuda_ctx = s->hwctx->cuda_ctx;
CudaFunctions *cu = s->hwctx->internal->cuda_dl;
char buf[128];
int ret;
const char *in_fmt_name = av_get_pix_fmt_name(s->in_fmt);
const char *out_fmt_name = av_get_pix_fmt_name(s->out_fmt);
Reported by FlawFinder.
libavfilter/vf_scdet.c
1 issues
Line: 164
Column: 9
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
return ret;
if (frame) {
char buf[64];
s->scene_score = get_scene_score(ctx, frame);
snprintf(buf, sizeof(buf), "%0.3f", s->prev_mafd);
set_meta(s, frame, "lavfi.scd.mafd", buf);
snprintf(buf, sizeof(buf), "%0.3f", s->scene_score);
set_meta(s, frame, "lavfi.scd.score", buf);
Reported by FlawFinder.