The following issues were found
libavcodec/ffv1dec_template.c
1 issues
Line: 154
CWE codes:
786
sample[p][0] = sample[p][1];
sample[p][1] = temp;
sample[p][1][-1]= sample[p][0][0 ];
sample[p][0][ w]= sample[p][0][w-1];
if (lbd && s->slice_coding_mode == 0)
ret = RENAME(decode_line)(s, w, sample[p], (p + 1)/2, 9);
else
ret = RENAME(decode_line)(s, w, sample[p], (p + 1)/2, bits + (s->slice_coding_mode != 1));
Reported by Cppcheck.
libavcodec/ffv1enc_template.c
1 issues
Line: 190
CWE codes:
786
}
for (p = 0; p < 3 + transparency; p++) {
int ret;
sample[p][0][-1] = sample[p][1][0 ];
sample[p][1][ w] = sample[p][1][w-1];
if (lbd && s->slice_coding_mode == 0)
ret = RENAME(encode_line)(s, w, sample[p], (p + 1) / 2, 9);
else
ret = RENAME(encode_line)(s, w, sample[p], (p + 1) / 2, bits + (s->slice_coding_mode != 1));
Reported by Cppcheck.
libavcodec/fits.c
1 issues
Line: 118
Column: 5
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
int dim_no, ret;
int64_t t;
double d;
char keyword[10], value[72], c;
read_keyword_value(line, keyword, value);
switch (header->state) {
case STATE_SIMPLE:
CHECK_KEYWORD("SIMPLE");
Reported by FlawFinder.
libavcodec/fitsenc.c
1 issues
Line: 99
Column: 17
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
ptr += 2;
}
} else {
memcpy(bytestream, ptr, avctx->width);
bytestream += avctx->width;
}
}
}
Reported by FlawFinder.
libavcodec/flicvideo.c
1 issues
Line: 475
Column: 5
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
buf_size - bytestream2_get_bytes_left(&g2));
/* make the palette available on the way out */
memcpy(s->frame->data[1], s->palette, AVPALETTE_SIZE);
if (s->new_palette) {
s->frame->palette_has_changed = 1;
s->new_palette = 0;
}
Reported by FlawFinder.
libavcodec/frwu.c
1 issues
Line: 93
Column: 13
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
for (i = 0; i < field_h; i++) {
if (s->change_field_order && field && i == field_h - 1)
dst = pic->data[0];
memcpy(dst, buf, avctx->width * 2);
buf += avctx->width * 2;
dst += pic->linesize[0] << 1;
}
buf += field_size - min_field_size;
}
Reported by FlawFinder.
libavcodec/gifdec.c
1 issues
Line: 126
Column: 9
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
src_px = src_py + l;
dst_px = (uint32_t *)dst_py + l;
memcpy(dst_px, src_px, w * sizeof(uint32_t));
}
}
static int gif_read_image(GifState *s, AVFrame *frame)
{
Reported by FlawFinder.
libavcodec/gsmdec_template.c
1 issues
Line: 147
Column: 5
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
apcm_dequant_add(gb, ref_dst + offset, ff_gsm_apcm_bits[mode][i]);
ref_dst += 40;
}
memcpy(ctx->ref_buf, ctx->ref_buf + 160, 120 * sizeof(*ctx->ref_buf));
short_term_synth(ctx, samples, ctx->ref_buf + 120);
// for optimal speed this could be merged with short_term_synth,
// not done yet because it is a bit ugly
ctx->msr = postprocess(samples, ctx->msr);
return 0;
Reported by FlawFinder.
libavcodec/h264_cabac.c
1 issues
Line: 1756
CWE codes:
476
} while ( coeff_count );
if (h->pixel_shift) {
STORE_BLOCK(int32_t)
} else {
STORE_BLOCK(int16_t)
}
#ifdef CABAC_ON_STACK
sl->cabac.range = cc.range ;
Reported by Cppcheck.
libavcodec/h264_cavlc.c
1 issues
Line: 612
CWE codes:
476
}
if (h->pixel_shift) {
STORE_BLOCK(int32_t)
} else {
STORE_BLOCK(int16_t)
}
if(zeros_left<0){
Reported by Cppcheck.