The following issues were found
libavformat/subviewer1dec.c
1 issues
Line: 57
Column: 9
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
st->codecpar->codec_id = AV_CODEC_ID_SUBVIEWER1;
while (!avio_feof(s->pb)) {
char line[4096];
int len = ff_get_line(s->pb, line, sizeof(line));
int hh, mm, ss;
if (!len)
break;
Reported by FlawFinder.
libavformat/tedcaptionsdec.c
1 issues
Line: 338
Column: 14
CWE codes:
126
for (i = 0; i < FF_ARRAY_ELEMS(tags); i++) {
if (!(t = strstr(p->buf, tags[i])))
continue;
t += strlen(tags[i]);
t += strspn(t, " \t\r\n");
if (*t == ':')
count++;
}
return count == FF_ARRAY_ELEMS(tags) ? AVPROBE_SCORE_MAX :
Reported by FlawFinder.
libavformat/thp.c
1 issues
Line: 41
Column: 14
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
int video_stream_index;
int audio_stream_index;
int compcount;
unsigned char components[16];
AVStream* vst;
int has_audio;
unsigned audiosize;
} ThpDemuxContext;
Reported by FlawFinder.
libavformat/tiertexseq.c
1 issues
Line: 282
Column: 17
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
}
if (seq->current_video_data_size) {
pkt->data[0] |= 2;
memcpy(&pkt->data[1 + seq->current_pal_data_size],
seq->current_video_data_ptr,
seq->current_video_data_size);
}
pkt->stream_index = seq->video_stream_index;
pkt->pts = seq->current_frame_pts;
Reported by FlawFinder.
libavformat/tls.h
1 issues
Line: 39
Column: 5
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
char *host;
char *http_proxy;
char underlying_host[200];
int numerichost;
URLContext *tcp;
} TLSShared;
Reported by FlawFinder.
libavformat/tls_gnutls.c
1 issues
Line: 165
Column: 70
CWE codes:
126
gnutls_init(&p->session, c->listen ? GNUTLS_SERVER : GNUTLS_CLIENT);
if (!c->listen && !c->numerichost)
gnutls_server_name_set(p->session, GNUTLS_NAME_DNS, c->host, strlen(c->host));
gnutls_certificate_allocate_credentials(&p->cred);
if (c->ca_file) {
ret = gnutls_certificate_set_x509_trust_file(p->cred, c->ca_file, GNUTLS_X509_FMT_PEM);
if (ret < 0)
av_log(h, AV_LOG_ERROR, "%s\n", gnutls_strerror(ret));
Reported by FlawFinder.
libavformat/tls_mbedtls.c
1 issues
Line: 153
Column: 5
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
static void parse_options(TLSContext *tls_ctxc, const char *uri)
{
char buf[1024];
const char *p = strchr(uri, '?');
if (!p)
return;
if (!tls_ctxc->priv_key_pw && av_find_info_tag(buf, sizeof(buf), "key_password", p))
Reported by FlawFinder.
libavformat/tls_openssl.c
1 issues
Line: 235
Column: 35
CWE codes:
126
static int url_bio_bputs(BIO *b, const char *str)
{
return url_bio_bwrite(b, str, strlen(str));
}
#if OPENSSL_VERSION_NUMBER < 0x1010000fL
static BIO_METHOD url_bio_method = {
.type = BIO_TYPE_SOURCE_SINK,
Reported by FlawFinder.
libavformat/urldecode.c
1 issues
Line: 44
Column: 15
CWE codes:
126
if (!url)
return NULL;
url_len = strlen(url) + 1;
dest = av_malloc(url_len);
if (!dest)
return NULL;
Reported by FlawFinder.
libavformat/voc.c
1 issues
Line: 40
Column: 16
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
};
#if CONFIG_VOC_DEMUXER || CONFIG_VOC_MUXER
const unsigned char ff_voc_magic[21] = "Creative Voice File\x1A";
const AVCodecTag *const ff_voc_codec_tags_list[] = { ff_voc_codec_tags, NULL };
#endif
Reported by FlawFinder.