The following issues were found
libavcodec/h264_metadata_bsf.c
1 issues
Line: 575
Column: 32
CWE codes:
126
}
if (j == 32 && ctx->sei_user_data[i] == '+') {
udu->data = (uint8_t*)ctx->sei_user_data + i + 1;
udu->data_length = strlen(udu->data) + 1;
} else {
av_log(bsf, AV_LOG_ERROR, "Invalid user data: "
"must be \"UUID+string\".\n");
return AVERROR(EINVAL);
}
Reported by FlawFinder.
libavcodec/h264_sei.c
1 issues
Line: 151
Column: 5
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
av_log(logctx, AV_LOG_ERROR, "Picture timing SEI payload too large\n");
return AVERROR_INVALIDDATA;
}
memcpy(h->payload, gb->buffer + index / 8, size);
h->payload_size_bits = size_bits;
h->present = 1;
return 0;
Reported by FlawFinder.
libavcodec/hapenc.c
1 issues
Line: 128
Column: 13
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
av_log(avctx, AV_LOG_VERBOSE,
"Snappy buffer bigger than uncompressed (%"SIZE_SPECIFIER" >= %"SIZE_SPECIFIER" bytes).\n",
chunk->compressed_size, chunk->uncompressed_size);
memcpy(chunk_dst, chunk_src, chunk->uncompressed_size);
chunk->compressor = HAP_COMP_NONE;
chunk->compressed_size = chunk->uncompressed_size;
} else {
chunk->compressor = HAP_COMP_SNAPPY;
}
Reported by FlawFinder.
libavcodec/hcadec.c
1 issues
Line: 264
Column: 5
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
c->fdsp->vector_fmul_window(out, ch->imdct_prev + (128 >> 1),
ch->imdct_out, window, 128 >> 1);
memcpy(ch->imdct_prev, ch->imdct_out, 128 * sizeof(float));
}
static void apply_intensity_stereo(HCAContext *s, ChannelContext *ch1, ChannelContext *ch2,
int index, unsigned band_count, unsigned base_band_count,
unsigned stereo_band_count)
Reported by FlawFinder.
libavcodec/hevc_mp4toannexb_bsf.c
1 issues
Line: 177
Column: 13
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
goto fail;
if (extra_size)
memcpy(out->data + prev_size, ctx->par_out->extradata, extra_size);
AV_WB32(out->data + prev_size + extra_size, 1);
bytestream2_get_buffer(&gb, out->data + prev_size + 4 + extra_size, nalu_size);
}
ret = av_packet_copy_props(out, in);
Reported by FlawFinder.
libavcodec/hevc_refs.c
1 issues
Line: 349
Column: 13
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
rpl->nb_refs++;
}
} else {
memcpy(rpl, &rpl_tmp, sizeof(*rpl));
rpl->nb_refs = FFMIN(rpl->nb_refs, sh->nb_refs[list_idx]);
}
if (sh->collocated_list == list_idx &&
sh->collocated_ref_idx < rpl->nb_refs)
Reported by FlawFinder.
libavcodec/hevcdsp_template.c
1 issues
Line: 522
Column: 9
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
ptrdiff_t dststride = _dststride / sizeof(pixel);
for (y = 0; y < height; y++) {
memcpy(dst, src, width * sizeof(pixel));
src += srcstride;
dst += dststride;
}
}
Reported by FlawFinder.
libavcodec/huffyuvenc.c
1 issues
Line: 979
Column: 22
CWE codes:
126
for (i = 0; i < 4; i++) {
for (j = 0; j < s->vlc_n; j++) {
snprintf(p, end-p, "%"PRIu64" ", s->stats[i][j]);
p += strlen(p);
s->stats[i][j]= 0;
}
snprintf(p, end-p, "\n");
p++;
if (end <= p)
Reported by FlawFinder.
libavcodec/idcinvideo.c
1 issues
Line: 232
Column: 5
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
frame->palette_has_changed = ff_copy_palette(s->pal, avpkt, avctx);
/* make the palette available on the way out */
memcpy(frame->data[1], s->pal, AVPALETTE_SIZE);
*got_frame = 1;
/* report that the buffer was completely consumed */
return buf_size;
Reported by FlawFinder.
libavcodec/imx.c
1 issues
Line: 70
Column: 5
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
bytestream2_init(&gb, avpkt->data, avpkt->size);
memcpy(frame->data[1], imx->pal, AVPALETTE_SIZE);
x = 0, y = 0;
while (bytestream2_get_bytes_left(&gb) > 0 &&
x < 320 && y < 160) {
int b = bytestream2_get_byte(&gb);
Reported by FlawFinder.