The following issues were found
libavcodec/vaapi_encode_h265.c
2 issues
Line: 707
CWE codes:
476
hpic->pic_type = 0;
} else {
av_assert0(prev);
hpic->last_idr_frame = hprev->last_idr_frame;
if (pic->type == PICTURE_TYPE_I) {
hpic->slice_nal_unit = HEVC_NAL_CRA_NUT;
hpic->slice_type = HEVC_SLICE_I;
hpic->pic_type = 0;
Reported by Cppcheck.
Line: 108
Column: 5
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
return AVERROR(ENOSPC);
}
memcpy(data, au->data, au->data_size);
*data_len = 8 * au->data_size - au->data_bit_padding;
return 0;
}
Reported by FlawFinder.
libavcodec/alsdec.c
2 issues
Line: 955
Column: 13
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
// store previous samples in case that they have to be altered
if (*bd->store_prev_samples)
memcpy(bd->prev_raw_samples, raw_samples - sconf->max_order,
sizeof(*bd->prev_raw_samples) * sconf->max_order);
// reconstruct difference signal for prediction (joint-stereo)
if (bd->js_blocks && bd->raw_other) {
uint32_t *left, *right;
Reported by FlawFinder.
Line: 1003
Column: 9
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
// restore previous samples in case that they have been altered
if (*bd->store_prev_samples)
memcpy(raw_samples - sconf->max_order, bd->prev_raw_samples,
sizeof(*raw_samples) * sconf->max_order);
return 0;
}
Reported by FlawFinder.
libavcodec/vc1.c
2 issues
Line: 600
Column: 13
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
} else { \
DEF; \
memcpy(&tmp, L , sizeof(tmp)); \
memcpy(L , N , sizeof(tmp)); \
memcpy(N , &tmp, sizeof(tmp)); \
C = N; \
} \
} while(0)
Reported by FlawFinder.
Line: 601
Column: 13
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
DEF; \
memcpy(&tmp, L , sizeof(tmp)); \
memcpy(L , N , sizeof(tmp)); \
memcpy(N , &tmp, sizeof(tmp)); \
C = N; \
} \
} while(0)
ROTATE(int tmp, &v->last_use_ic, &v->next_use_ic, v->curr_use_ic, &v->aux_use_ic);
Reported by FlawFinder.
libavcodec/vc1dec.c
2 issues
Line: 243
Column: 21
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
if (ysub[0]) {
v->vc1dsp.sprite_v_single(dst, src_h[0][0], src_h[0][1], ysub[0], width);
} else {
memcpy(dst, src_h[0][0], width);
}
} else {
if (ysub[0] && ysub[1]) {
v->vc1dsp.sprite_v_double_twoscale(dst, src_h[0][0], src_h[0][1], ysub[0],
src_h[1][0], src_h[1][1], ysub[1], alpha, width);
Reported by FlawFinder.
Line: 556
Column: 9
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
if (v->profile == PROFILE_ADVANCED || v->res_fasttx) {
ff_vc1_init_transposed_scantables(v);
} else {
memcpy(v->zz_8x8, ff_wmv1_scantable, 4*64);
v->left_blk_sh = 3;
v->top_blk_sh = 0;
}
if (avctx->codec_id == AV_CODEC_ID_WMV3IMAGE || avctx->codec_id == AV_CODEC_ID_VC1IMAGE) {
Reported by FlawFinder.
libavcodec/vmnc.c
2 issues
Line: 370
Column: 17
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
if ((w > 0) && (h > 0)) {
outptr = c->pic->data[0] + dx * c->bpp2 + dy * c->pic->linesize[0];
for (i = 0; i < h; i++) {
memcpy(outptr, c->screendta + i * c->cur_w * c->bpp2,
w * c->bpp2);
outptr += c->pic->linesize[0];
}
}
}
Reported by FlawFinder.
Line: 511
Column: 17
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
if ((w > 0) && (h > 0)) {
outptr = c->pic->data[0] + dx * c->bpp2 + dy * c->pic->linesize[0];
for (i = 0; i < h; i++) {
memcpy(c->screendta + i * c->cur_w * c->bpp2, outptr,
w * c->bpp2);
outptr += c->pic->linesize[0];
}
outptr = c->pic->data[0];
put_cursor(outptr, c->pic->linesize[0], c, c->cur_x, c->cur_y);
Reported by FlawFinder.
libavcodec/fastaudio.c
2 issues
Line: 59
Column: 5
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
for (int i = 0; i < 7; i++)
s->table[0][i + 8 + 11 + 27 + 11] = (i + 152.5f) / 160.f;
memcpy(s->table[1], s->table[0], sizeof(s->table[0]));
for (int i = 0; i < 7; i++)
s->table[2][i] = (i - 33.5f) / 40.f;
for (int i = 0; i < 25; i++)
s->table[2][i + 7] = (i - 13.f) / 20.f;
Reported by FlawFinder.
Line: 172
Column: 13
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
result[i] = ch->last * 2.f;
}
memcpy(frame->extended_data[channel] + 1024 * subframe, result, 256 * sizeof(float));
}
}
*got_frame = 1;
Reported by FlawFinder.
libavcodec/amfenc.c
2 issues
Line: 458
Column: 5
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
if ((ret = ff_get_encode_buffer(avctx, pkt, size, 0)) < 0) {
return ret;
}
memcpy(pkt->data, buffer->pVtbl->GetNative(buffer), size);
switch (avctx->codec->id) {
case AV_CODEC_ID_H264:
buffer->pVtbl->GetProperty(buffer, AMF_VIDEO_ENCODER_OUTPUT_DATA_TYPE, &var);
if(var.int64Value == AMF_VIDEO_ENCODER_OUTPUT_DATA_TYPE_IDR) {
Reported by FlawFinder.
Line: 575
Column: 13
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
if (res == AMF_OK) {
frame_ref = av_frame_clone(frame);
if (frame_ref) {
memcpy(frame_ref_storage_buffer->pVtbl->GetNative(frame_ref_storage_buffer), &frame_ref, sizeof(frame_ref));
} else {
frame_ref_storage_buffer->pVtbl->Release(frame_ref_storage_buffer);
frame_ref_storage_buffer = NULL;
}
}
Reported by FlawFinder.
libavcodec/vqavideo.c
2 issues
Line: 557
Column: 13
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
if (s->partial_countdown <= 0) {
/* time to replace codebook */
memcpy(s->codebook, s->next_codebook_buffer,
s->next_codebook_buffer_index);
/* reset accounting */
s->next_codebook_buffer_index = 0;
s->partial_countdown = s->partial_count;
Reported by FlawFinder.
Line: 615
Column: 5
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
return res;
/* make the palette available on the way out */
memcpy(frame->data[1], s->palette, PALETTE_COUNT * 4);
frame->palette_has_changed = 1;
*got_frame = 1;
/* report that the buffer was completely consumed */
Reported by FlawFinder.
libavcodec/ffv1.c
2 issues
Line: 135
Column: 9
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
goto memfail;
f->slice_context[i++] = fs;
memcpy(fs, f, sizeof(*fs));
memset(fs->rc_stat2, 0, sizeof(fs->rc_stat2));
fs->slice_width = sxe - sxs;
fs->slice_height = sye - sys;
fs->slice_x = sxs;
Reported by FlawFinder.
Line: 185
Column: 17
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
if (fs->ac != AC_GOLOMB_RICE) {
if (f->initial_states[p->quant_table_index]) {
memcpy(p->state, f->initial_states[p->quant_table_index],
CONTEXT_SIZE * p->context_count);
} else
memset(p->state, 128, CONTEXT_SIZE * p->context_count);
} else {
for (j = 0; j < p->context_count; j++) {
Reported by FlawFinder.
libavcodec/webvttenc.c
2 issues
Line: 38
Column: 5
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
AVBPrint buffer;
unsigned timestamp_end;
int count;
char stack[WEBVTT_STACK_SIZE];
int stack_ptr;
} WebVTTContext;
#ifdef __GNUC__
__attribute__ ((__format__ (__printf__, 2, 3)))
Reported by FlawFinder.
Line: 192
Column: 5
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
av_log(avctx, AV_LOG_ERROR, "Buffer too small for ASS event.\n");
return AVERROR_BUFFER_TOO_SMALL;
}
memcpy(buf, s->buffer.str, s->buffer.len);
return s->buffer.len;
}
static int webvtt_encode_close(AVCodecContext *avctx)
Reported by FlawFinder.