The following issues were found
libavformat/imx.c
1 issues
Line: 144
Column: 9
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
AVPALETTE_SIZE);
if (!pal)
return AVERROR(ENOMEM);
memcpy(pal, imx->pal, AVPALETTE_SIZE);
imx->pal_changed = 0;
if (pos <= imx->first_video_packet_pos)
pkt->flags |= AV_PKT_FLAG_KEY;
} else if (idx == 1) {
pkt->flags |= AV_PKT_FLAG_KEY;
Reported by FlawFinder.
libavformat/internal.h
1 issues
Line: 56
Column: 5
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
} AVCodecTag;
typedef struct CodecMime{
char str[32];
enum AVCodecID id;
} CodecMime;
/*************************************************/
/* fractional numbers for exact pts handling */
Reported by FlawFinder.
libavformat/iss.c
1 issues
Line: 74
Column: 5
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
IssDemuxContext *iss = s->priv_data;
AVIOContext *pb = s->pb;
AVStream *st;
char token[MAX_TOKEN_SIZE];
int stereo, rate_divisor;
get_token(pb, token, sizeof(token)); //"IMA_ADPCM_Sound"
get_token(pb, token, sizeof(token)); //packet size
if (sscanf(token, "%d", &iss->packet_size) != 1) {
Reported by FlawFinder.
libavformat/latmenc.c
1 issues
Line: 192
Column: 17
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
ret = ff_alloc_extradata(par, side_data_size);
if (ret < 0)
return ret;
memcpy(par->extradata, side_data, side_data_size);
} else
return AVERROR_INVALIDDATA;
}
}
Reported by FlawFinder.
libavformat/libopenmpt.c
1 issues
Line: 224
Column: 20
CWE codes:
126
const char *ext;
if (p->filename) {
ext = strrchr(p->filename, '.');
if (ext && strlen(ext + 1) > 0) {
ext++; /* skip '.' */
if (openmpt_is_extension_supported(ext) == 1)
return AVPROBE_SCORE_EXTENSION;
}
}
Reported by FlawFinder.
libavformat/librist.c
1 issues
Line: 206
Column: 5
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
}
size = data_block->payload_len;
memcpy(buf, data_block->payload, size);
rist_receiver_data_block_free((struct rist_data_block**)&data_block);
return size;
}
Reported by FlawFinder.
libavformat/lrcenc.c
1 issues
Line: 96
Column: 9
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
if(!data) {
return AVERROR(ENOMEM);
}
memcpy(data, pkt->data, pkt->size);
data[pkt->size] = '\0';
for(delim = data + pkt->size - 1;
delim >= data && (delim[0] == '\n' || delim[0] == '\r'); delim--) {
delim[0] = '\0'; // Strip last empty lines
Reported by FlawFinder.
libavformat/lxfdec.c
1 issues
Line: 102
Column: 5
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
buf[LXF_IDENT_LENGTH-1] = avio_r8(s->pb);
}
memcpy(header, LXF_IDENT, LXF_IDENT_LENGTH);
return 0;
}
/**
Reported by FlawFinder.
libavformat/mmf.c
1 issues
Line: 103
Column: 29
CWE codes:
126
end_tag_be(pb, pos);
pos = ff_start_tag(pb, "OPDA");
avio_write(pb, version, strlen(version)); /* metadata ("ST:songtitle,VN:version,...") */
end_tag_be(pb, pos);
avio_write(pb, "ATR\x00", 4);
avio_wb32(pb, 0);
mmf->atrpos = avio_tell(pb);
Reported by FlawFinder.
libavformat/movenccenc.c
1 issues
Line: 52
Column: 5
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
if (ret) {
return ret;
}
memcpy(ctx->auxiliary_info + ctx->auxiliary_info_size, buf_in, size);
ctx->auxiliary_info_size += size;
return 0;
}
Reported by FlawFinder.