The following issues were found
libavformat/rtpdec_mpeg12.c
1 issues
Line: 47
Column: 5
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
}
if ((ret = av_new_packet(pkt, len)) < 0)
return ret;
memcpy(pkt->data, buf, len);
pkt->stream_index = st->index;
return 0;
}
const RTPDynamicProtocolHandler ff_mpeg_audio_dynamic_handler = {
Reported by FlawFinder.
libavformat/rtpdec_mpegts.c
1 issues
Line: 85
Column: 9
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
return AVERROR(EAGAIN);
if (ret < len) {
data->read_buf_size = FFMIN(len - ret, sizeof(data->buf));
memcpy(data->buf, buf + ret, data->read_buf_size);
data->read_buf_index = 0;
return 1;
}
return 0;
}
Reported by FlawFinder.
libavformat/rtpenc_amr.c
1 issues
Line: 68
Column: 5
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
s->buf[1 + s->num_frames++] = buff[0] & 0x7C;
buff++;
size--;
memcpy(s->buf_ptr, buff, size);
s->buf_ptr += size;
}
Reported by FlawFinder.
libavformat/rtpenc_h261.c
1 issues
Line: 96
Column: 9
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
last_packet_of_frame = cur_frame_size == frame_size;
/* complete and send RTP packet */
memcpy(&rtp_ctx->buf[RTP_H261_HEADER_SIZE], frame_buf, cur_frame_size);
ff_rtp_send_data(ctx, rtp_ctx->buf, RTP_H261_HEADER_SIZE + cur_frame_size, last_packet_of_frame);
frame_buf += cur_frame_size;
frame_size -= cur_frame_size;
}
Reported by FlawFinder.
libavformat/rtpenc_h263.c
1 issues
Line: 71
Column: 9
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
len = end - buf1;
}
memcpy(q, buf1, len);
q += len;
/* 90 KHz time stamp */
s->timestamp = s->cur_timestamp;
ff_rtp_send_data(s1, s->buf, q - s->buf, (len == size));
Reported by FlawFinder.
libavformat/rtpenc_jpeg.c
1 issues
Line: 217
Column: 9
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
}
/* copy payload data */
memcpy(p, buf, len);
/* marker bit is last packet in frame */
ff_rtp_send_data(s1, s->buf, len + hdr_size, size == len);
buf += len;
Reported by FlawFinder.
libavformat/rtpenc_latm.c
1 issues
Line: 54
Column: 13
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
len = FFMIN(size, s->max_payload_size - (!offset ? header_size : 0));
size -= len;
if (!offset) {
memcpy(s->buf + header_size, buff, len);
ff_rtp_send_data(s1, s->buf, header_size + len, !size);
} else {
ff_rtp_send_data(s1, buff + offset, len, !size);
}
offset += len;
Reported by FlawFinder.
libavformat/rtpenc_mpv.c
1 issues
Line: 105
Column: 9
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
*q++ = h >> 8;
*q++ = h;
memcpy(q, buf1, len);
q += len;
/* 90kHz time stamp */
s->timestamp = s->cur_timestamp;
ff_rtp_send_data(s1, s->buf, q - s->buf, (len == size));
Reported by FlawFinder.
libavformat/rtpenc_vc2hq.c
1 issues
Line: 44
Column: 9
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
AV_WB8 (&rtp_ctx->buf[2], i ? (f ? (0x03) : (0x02)) : 0x00); /* flags: interlaced, second field */
AV_WB8 (&rtp_ctx->buf[3], parse_code);
if (size > 0)
memcpy(&rtp_ctx->buf[4 + info_hdr_size], buf, size);
ff_rtp_send_data(ctx, rtp_ctx->buf, RTP_VC2HQ_PL_HEADER_SIZE + info_hdr_size + size, rtp_m);
}
static void send_picture(AVFormatContext *ctx, const uint8_t *buf, int size, int interlaced)
{
Reported by FlawFinder.
libavformat/rtpenc_vp8.c
1 issues
Line: 46
Column: 9
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
while (size > 0) {
len = FFMIN(size, max_packet_size);
memcpy(s->buf_ptr, buf, len);
// marker bit is last packet in frame
ff_rtp_send_data(s1, s->buf, len + header_size, size == len);
size -= len;
buf += len;
Reported by FlawFinder.