The following issues were found
libavcodec/m101.c
1 issues
Line: 82
Column: 13
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
src_y = ((y&1)^frame->top_field_first) ? y/2 : (y/2 + avctx->height/2);
if (bits == 8) {
uint8_t *line = frame->data[0] + y*frame->linesize[0];
memcpy(line, buf + src_y*stride, 2*avctx->width);
} else {
int block;
uint16_t *luma = (uint16_t*)&frame->data[0][y*frame->linesize[0]];
uint16_t *cb = (uint16_t*)&frame->data[1][y*frame->linesize[1]];
uint16_t *cr = (uint16_t*)&frame->data[2][y*frame->linesize[2]];
Reported by FlawFinder.
libavcodec/me_cmp.c
1 issues
Line: 754
Column: 5
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
s->pdsp.diff_pixels_unaligned(temp, src1, src2, stride);
memcpy(bak, temp, 64 * sizeof(int16_t));
s->block_last_index[0 /* FIXME */] =
s->fast_dct_quantize(s, temp, 0 /* FIXME */, s->qscale, &i);
s->dct_unquantize_inter(s, temp, 0, s->qscale);
ff_simple_idct_int16_8bit(temp); // FIXME
Reported by FlawFinder.
libavcodec/mediacodecdec_common.c
1 issues
Line: 732
Column: 9
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
}
size = FFMIN(pkt->size - offset, size);
memcpy(data, pkt->data + offset, size);
offset += size;
status = ff_AMediaCodec_queueInputBuffer(codec, index, 0, size, pts, 0);
if (status < 0) {
av_log(avctx, AV_LOG_ERROR, "Failed to queue input buffer (status = %d)\n", status);
Reported by FlawFinder.
libavcodec/mfenc.c
1 issues
Line: 257
Column: 5
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
return AVERROR_EXTERNAL;
}
memcpy(avpkt->data, data, len);
IMFMediaBuffer_Unlock(buffer);
IMFMediaBuffer_Release(buffer);
avpkt->pts = avpkt->dts = mf_sample_get_pts(avctx, sample);
Reported by FlawFinder.
libavcodec/microdvddec.c
1 issues
Line: 64
Column: 5
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
if (tag_index < 0)
return;
memcpy(&tags[tag_index], &tag, sizeof(tag));
}
// italic, bold, underline, strike-through
#define MICRODVD_STYLES "ibus"
Reported by FlawFinder.
libavcodec/mips/aacsbr_mips.h
1 issues
Line: 172
Column: 13
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
for (i = 0; i < 32; i++) {
if (*v_off < step) {
int saved_samples = (1280 - 128) >> div;
memcpy(&v0[SBR_SYNTHESIS_BUF_SIZE - saved_samples], v0, saved_samples * sizeof(float));
*v_off = SBR_SYNTHESIS_BUF_SIZE - saved_samples - step;
} else {
*v_off -= step;
}
v = v0 + *v_off;
Reported by FlawFinder.
libavcodec/mips/mpegaudiodsp_mips_fixed.c
1 issues
Line: 77
Column: 5
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
int64_t sum;
/* copy to avoid wrap */
memcpy(synth_buf + 512, synth_buf, 32 * sizeof(*synth_buf));
samples2 = samples + 31 * incr;
w = window;
w2 = window + 31;
sum = *dither_state;
p = synth_buf + 16;
Reported by FlawFinder.
libavcodec/mips/mpegaudiodsp_mips_float.c
1 issues
Line: 78
Column: 5
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
float *p2;
/* copy to avoid wrap */
memcpy(synth_buf + 512, synth_buf, 32 * sizeof(*synth_buf));
/**
* instructions are scheduled to minimize pipeline stall.
* use of round_sample function from the original code is
* changed with appropriate assembly instructions.
Reported by FlawFinder.
libavcodec/mjpeg2jpeg_bsf.c
1 issues
Line: 61
Column: 5
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
static uint8_t *append(uint8_t *buf, const uint8_t *src, int size)
{
memcpy(buf, src, size);
return buf + size;
}
static uint8_t *append_dht_segment(uint8_t *buf)
{
Reported by FlawFinder.
libavcodec/mmaldec.c
1 issues
Line: 498
Column: 17
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
} else {
buf = av_buffer_alloc(avpkt->size);
if (buf) {
memcpy(buf->data, avpkt->data, avpkt->size);
size = buf->size;
data = buf->data;
}
}
if (!buf) {
Reported by FlawFinder.