The following issues were found

libavfilter/f_segment.c
1 issues
sscanf - The scanf() family's %s operation, without a limit specification, permits buffer overflows
Security

Line: 84 Column: 17 CWE codes: 120 20
Suggestion: Specify a limit to %s, or use a different input function 

                      if (s->use_timestamps) {
            ret = av_parse_time(&points[i], arg, s->use_timestamps);
        } else {
            if (sscanf(arg, "%"SCNd64, &points[i]) != 1)
                ret = AVERROR(EINVAL);
        }

        if (ret < 0) {
            av_log(ctx, AV_LOG_ERROR, "Invalid splits supplied: %s\n", arg);

Reported by FlawFinder.

libavfilter/f_select.c
1 issues
char - Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues
Security

Line: 357 Column: 13 CWE codes: 119 120
Suggestion: Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length 

                      frame->top_field_first ? INTERLACE_TYPE_T : INTERLACE_TYPE_B;
        select->var_values[VAR_PICT_TYPE] = frame->pict_type;
        if (select->do_scene_detect) {
            char buf[32];
            select->var_values[VAR_SCENE] = get_scene_score(ctx, frame);
            // TODO: document metadata
            snprintf(buf, sizeof(buf), "%f", select->var_values[VAR_SCENE]);
            av_dict_set(&frame->metadata, "lavfi.scene_score", buf, 0);
        }

Reported by FlawFinder.

libavfilter/graphparser.c
1 issues
char - Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues
Security

Line: 102 Column: 5 CWE codes: 119 120
Suggestion: Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length 

                                       const char *name, const char *args, void *log_ctx)
{
    const AVFilter *filt;
    char name2[30];
    const char *inst_name = NULL, *filt_name = NULL;
    char *tmp_args = NULL;
    int ret, k;

    av_strlcpy(name2, name, sizeof(name2));

Reported by FlawFinder.

libavfilter/opencl.c
1 issues
char - Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues
Security

Line: 336 Column: 60 CWE codes: 119 120
Suggestion: Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length 

                  return 0;
}

void ff_opencl_print_const_matrix_3x3(AVBPrint *buf, const char *name_str,
                                      double mat[3][3])
{
    int i, j;
    av_bprintf(buf, "__constant float %s[9] = {\n", name_str);
    for (i = 0; i < 3; i++) {

Reported by FlawFinder.

libavfilter/opencl.h
1 issues
char - Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues
Security

Line: 295 Column: 60 CWE codes: 119 120
Suggestion: Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length 

               * be included in an OpenCL program.
*/

void ff_opencl_print_const_matrix_3x3(AVBPrint *buf, const char *name_str,
                                      double mat[3][3]);

/**
 * Gets the command start and end times for the given event and returns the
 * difference (the time that the event took).

Reported by FlawFinder.

libavfilter/setpts.c
1 issues
snprintf - If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate
Security

Line: 150 Column: 19 CWE codes: 134
Suggestion: Use a constant for the format specification 

              static inline char *double2int64str(char *buf, double v)
{
    if (isnan(v)) snprintf(buf, BUF_SIZE, "nan");
    else          snprintf(buf, BUF_SIZE, "%"PRId64, (int64_t)v);
    return buf;
}

static double eval_pts(SetPTSContext *setpts, AVFilterLink *inlink, AVFrame *frame, int64_t pts)
{

Reported by FlawFinder.

libavfilter/vf_addroi.c
1 issues
char - Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues
Security

Line: 46 Column: 5 CWE codes: 119 120
Suggestion: Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length 

              typedef struct AddROIContext {
    const AVClass *class;

    char   *region_str[NB_PARAMS];
    AVExpr *region_expr[NB_PARAMS];

    int region[NB_PARAMS];
    AVRational qoffset;

Reported by FlawFinder.

libavfilter/vf_bwdif.c
1 issues
memcpy - Does not check for buffer overflows when copying to destination
Security

Line: 254 Column: 13 CWE codes: 120
Suggestion: Make sure destination can always hold the source data 

                                             td->parity ^ td->tff, clip_max);
            }
        } else {
            memcpy(&td->frame->data[td->plane][y * td->frame->linesize[td->plane]],
                   &yadif->cur->data[td->plane][y * linesize], td->w * df);
        }
    }
    return 0;
}

Reported by FlawFinder.

libavfilter/vf_convolution_opencl.c
1 issues
char - Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues
Security

Line: 42 Column: 5 CWE codes: 119 120
Suggestion: Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length 

                  cl_kernel        kernel;
    cl_command_queue command_queue;

    char *matrix_str[4];

    cl_mem matrix[4];
    cl_int matrix_sizes[4];
    cl_int dims[4];
    cl_float rdivs[4];

Reported by FlawFinder.

libavfilter/vf_detelecine.c
1 issues
strlen - Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected)
Security

Line: 80 Column: 10 CWE codes: 126 

                  int max = 0;
    int sum = 0;

    if (!strlen(s->pattern)) {
        av_log(ctx, AV_LOG_ERROR, "No pattern provided.\n");
        return AVERROR_INVALIDDATA;
    }

    for (p = s->pattern; *p; p++) {

Reported by FlawFinder.