The following issues were found
plugins/obs-outputs/librtmp/rtmp.c
100 issues
Line: 2685
Column: 35
CWE codes:
120
Suggestion:
Use sprintf_s, snprintf, or vsnprintf
else if(r->Link.pubUser.av_len && r->Link.pubPasswd.av_len)
{
pubToken.av_val = malloc(r->Link.pubUser.av_len + av_authmod_adobe.av_len + 8);
pubToken.av_len = sprintf(pubToken.av_val, "?%s&user=%s",
av_authmod_adobe.av_val,
r->Link.pubUser.av_val);
RTMP_Log(RTMP_LOGDEBUG, "%s, pubToken1: %s", __FUNCTION__, pubToken.av_val);
r->Link.pFlags |= RTMP_PUB_NAME;
}
Reported by FlawFinder.
Line: 2786
Column: 31
CWE codes:
120
Suggestion:
Use sprintf_s, snprintf, or vsnprintf
/* have all hashes, create auth token for the end of app */
pubToken.av_val = malloc(32 + B64INT_LEN + B64DIGEST_LEN + opaque.av_len);
pubToken.av_len = sprintf(pubToken.av_val,
"&challenge=%s&response=%s&opaque=%s",
challenge2,
response,
opaque.av_len ? opaque.av_val : "");
RTMP_Log(RTMP_LOGDEBUG, "%s, pubToken2: %s", __FUNCTION__, pubToken.av_val);
Reported by FlawFinder.
Line: 2854
Column: 35
CWE codes:
120
Suggestion:
Use sprintf_s, snprintf, or vsnprintf
else if(r->Link.pubUser.av_len && r->Link.pubPasswd.av_len)
{
pubToken.av_val = malloc(r->Link.pubUser.av_len + av_authmod_llnw.av_len + 8);
pubToken.av_len = sprintf(pubToken.av_val, "?%s&user=%s",
av_authmod_llnw.av_val,
r->Link.pubUser.av_val);
RTMP_Log(RTMP_LOGDEBUG, "%s, pubToken1: %s", __FUNCTION__, pubToken.av_val);
r->Link.pFlags |= RTMP_PUB_NAME;
}
Reported by FlawFinder.
Line: 2989
Column: 13
CWE codes:
120
Suggestion:
Use sprintf_s, snprintf, or vsnprintf
/* Append nonces and response to query string which already contains
* user + authmod */
pubToken.av_val = malloc(64 + sizeof(authmod)-1 + user.av_len + nonce.av_len + sizeof(cnonce)-1 + sizeof(nchex)-1 + HEXHASH_LEN);
sprintf(pubToken.av_val,
"&nonce=%s&cnonce=%s&nc=%s&response=%s",
nonce.av_val, cnonce, nchex, hash3);
pubToken.av_len = (int)strlen(pubToken.av_val);
RTMP_Log(RTMP_LOGDEBUG, "%s, pubToken2: %s", __FUNCTION__, pubToken.av_val);
r->Link.pFlags |= RTMP_PUB_RESP|RTMP_PUB_CLATE;
Reported by FlawFinder.
Line: 198
Column: 12
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
const char *
socketerror(int err)
{
static char buff[1024];
#ifdef _WIN32
if (FormatMessageA (FORMAT_MESSAGE_FROM_SYSTEM, NULL, err, 0, buff, sizeof(buff), NULL))
{
int i, len;
Reported by FlawFinder.
Line: 221
Column: 5
CWE codes:
120
Suggestion:
Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused)
(void)err;
#endif
strcpy (buff, "unknown error");
return buff;
}
void
RTMP_UserInterrupt()
Reported by FlawFinder.
Line: 564
Column: 41
CWE codes:
190
Suggestion:
If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended)
r->Link.sockshost.av_val = hostname;
r->Link.sockshost.av_len = (int)strlen(hostname);
r->Link.socksport = socksport ? atoi(socksport + 1) : 1080;
RTMP_Log(RTMP_LOGDEBUG, "Connecting via SOCKS proxy: %s:%d", r->Link.sockshost.av_val,
r->Link.socksport);
}
else
{
Reported by FlawFinder.
Line: 590
Column: 34
CWE codes:
190
Suggestion:
If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended)
{
case 'B':
prop.p_type = AMF_BOOLEAN;
prop.p_vu.p_number = atoi(p);
break;
case 'S':
prop.p_type = AMF_STRING;
prop.p_vu.p_aval.av_val = p;
prop.p_vu.p_aval.av_len = av->av_len - (p-arg);
Reported by FlawFinder.
Line: 605
Column: 17
CWE codes:
190
Suggestion:
If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended)
prop.p_type = AMF_NULL;
break;
case 'O':
i = atoi(p);
if (i)
{
prop.p_type = AMF_OBJECT;
}
else
Reported by FlawFinder.
Line: 633
Column: 34
CWE codes:
190
Suggestion:
If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended)
{
case 'B':
prop.p_type = AMF_BOOLEAN;
prop.p_vu.p_number = atoi(p);
break;
case 'S':
prop.p_type = AMF_STRING;
prop.p_vu.p_aval.av_val = p;
prop.p_vu.p_aval.av_len = av->av_len - (p-arg);
Reported by FlawFinder.
UI/frontend-plugins/frontend-tools/data/scripts/url-text.py
76 issues
Line: 1
Column: 1
import obspython as obs
import urllib.request
import urllib.error
url = ""
interval = 30
source_name = ""
# ------------------------------------------------------------
Reported by Pylint.
Line: 12
Column: 2
# ------------------------------------------------------------
def update_text():
global url
global interval
global source_name
source = obs.obs_get_source_by_name(source_name)
if source is not None:
Reported by Pylint.
Line: 13
Column: 2
def update_text():
global url
global interval
global source_name
source = obs.obs_get_source_by_name(source_name)
if source is not None:
try:
Reported by Pylint.
Line: 14
Column: 2
def update_text():
global url
global interval
global source_name
source = obs.obs_get_source_by_name(source_name)
if source is not None:
try:
with urllib.request.urlopen(url) as response:
Reported by Pylint.
Line: 19
Suggestion:
https://bandit.readthedocs.io/en/latest/blacklists/blacklist_calls.html#b310-urllib-urlopen
source = obs.obs_get_source_by_name(source_name)
if source is not None:
try:
with urllib.request.urlopen(url) as response:
data = response.read()
text = data.decode('utf-8')
settings = obs.obs_data_create()
obs.obs_data_set_string(settings, "text", text)
Reported by Bandit.
Line: 34
Column: 21
obs.obs_source_release(source)
def refresh_pressed(props, prop):
update_text()
# ------------------------------------------------------------
def script_description():
Reported by Pylint.
Line: 34
Column: 28
obs.obs_source_release(source)
def refresh_pressed(props, prop):
update_text()
# ------------------------------------------------------------
def script_description():
Reported by Pylint.
Line: 43
Column: 2
return "Updates a text source to the text retrieved from a URL at every specified interval.\n\nBy Jim"
def script_update(settings):
global url
global interval
global source_name
url = obs.obs_data_get_string(settings, "url")
interval = obs.obs_data_get_int(settings, "interval")
Reported by Pylint.
Line: 44
Column: 2
def script_update(settings):
global url
global interval
global source_name
url = obs.obs_data_get_string(settings, "url")
interval = obs.obs_data_get_int(settings, "interval")
source_name = obs.obs_data_get_string(settings, "source")
Reported by Pylint.
Line: 45
Column: 2
def script_update(settings):
global url
global interval
global source_name
url = obs.obs_data_get_string(settings, "url")
interval = obs.obs_data_get_int(settings, "interval")
source_name = obs.obs_data_get_string(settings, "source")
Reported by Pylint.
UI/obs-app.cpp
66 issues
Line: 350
Column: 2
CWE codes:
120
Suggestion:
Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused)
}
last_msg_ptr = msg;
strcpy(cmp_str, output_str);
last_char_sum = new_sum;
rep_count = 0;
return false;
}
Reported by FlawFinder.
Line: 367
Column: 2
CWE codes:
134
Suggestion:
Use a constant for the format specification
va_copy(args2, args);
#endif
vsnprintf(str, 4095, msg, args);
#ifdef _WIN32
if (IsDebuggerPresent()) {
int wNum = MultiByteToWideChar(CP_UTF8, 0, str, -1, NULL, 0);
if (wNum > 1) {
Reported by FlawFinder.
Line: 592
Column: 3
CWE codes:
120
Suggestion:
Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused)
if (!ent.directory)
continue;
strcpy(path, ent.path);
strcat(path, "/basic.ini");
ConfigFile config;
if (config.Open(path, CONFIG_OPEN_EXISTING) != 0)
continue;
Reported by FlawFinder.
Line: 1209
Column: 2
CWE codes:
120
Suggestion:
Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused)
return;
strcat(new_path, "/");
strcat(new_path, Str("Untitled"));
if (os_mkdir(new_path) == MKDIR_ERROR)
return;
strcat(path, "/*.*");
if (os_glob(path, 0, &glob) != 0)
Reported by FlawFinder.
Line: 1217
Column: 2
CWE codes:
120
Suggestion:
Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused)
if (os_glob(path, 0, &glob) != 0)
return;
strcpy(path, new_path);
for (size_t i = 0; i < glob->gl_pathc; i++) {
struct os_globent ent = glob->gl_pathv[i];
char *file;
Reported by FlawFinder.
Line: 1233
Column: 3
CWE codes:
120
Suggestion:
Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused)
if (astrcmpi(file, "scenes.json") == 0)
continue;
strcpy(new_path, path);
strcat(new_path, "/");
strcat(new_path, file);
os_rename(ent.path, new_path);
}
Reported by FlawFinder.
Line: 1235
Column: 3
CWE codes:
120
Suggestion:
Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused)
strcpy(new_path, path);
strcat(new_path, "/");
strcat(new_path, file);
os_rename(ent.path, new_path);
}
os_globfree(glob);
}
Reported by FlawFinder.
Line: 1262
Column: 2
CWE codes:
120
Suggestion:
Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused)
strcat(path, "/scenes.json");
strcat(new_path, "/");
strcat(new_path, Str("Untitled"));
strcat(new_path, ".json");
os_rename(path, new_path);
}
Reported by FlawFinder.
Line: 2157
Column: 2
CWE codes:
134
Suggestion:
Use a constant for the format specification
{
char *text = new char[MAX_CRASH_REPORT_SIZE];
vsnprintf(text, MAX_CRASH_REPORT_SIZE, format, args);
text[MAX_CRASH_REPORT_SIZE - 1] = 0;
string crashFilePath = "obs-studio/crashes";
delete_oldest_file(true, crashFilePath.c_str());
Reported by FlawFinder.
Line: 2192
Column: 16
CWE codes:
134
Suggestion:
Use a constant for the format specification
string absolutePath =
canonical(filesystem::path(pathString)).u8string();
size_t size = snprintf(nullptr, 0, CRASH_MESSAGE, absolutePath.c_str());
unique_ptr<char[]> message_buffer(new char[size + 1]);
snprintf(message_buffer.get(), size + 1, CRASH_MESSAGE,
absolutePath.c_str());
Reported by FlawFinder.
libobs/util/simde/x86/sse.h
44 issues
Line: 3652
r_.i16[i] = a_.i16[(imm8 >> (i * 2)) & 3];
}
HEDLEY_DIAGNOSTIC_PUSH
#if HEDLEY_HAS_WARNING("-Wconditional-uninitialized")
#pragma clang diagnostic ignored "-Wconditional-uninitialized"
#endif
return simde__m64_from_private(r_);
HEDLEY_DIAGNOSTIC_POP
Reported by Cppcheck.
Line: 3652
r_.i16[i] = a_.i16[(imm8 >> (i * 2)) & 3];
}
HEDLEY_DIAGNOSTIC_PUSH
#if HEDLEY_HAS_WARNING("-Wconditional-uninitialized")
#pragma clang diagnostic ignored "-Wconditional-uninitialized"
#endif
return simde__m64_from_private(r_);
HEDLEY_DIAGNOSTIC_POP
Reported by Cppcheck.
Line: 3652
r_.i16[i] = a_.i16[(imm8 >> (i * 2)) & 3];
}
HEDLEY_DIAGNOSTIC_PUSH
#if HEDLEY_HAS_WARNING("-Wconditional-uninitialized")
#pragma clang diagnostic ignored "-Wconditional-uninitialized"
#endif
return simde__m64_from_private(r_);
HEDLEY_DIAGNOSTIC_POP
Reported by Cppcheck.
Line: 3652
r_.i16[i] = a_.i16[(imm8 >> (i * 2)) & 3];
}
HEDLEY_DIAGNOSTIC_PUSH
#if HEDLEY_HAS_WARNING("-Wconditional-uninitialized")
#pragma clang diagnostic ignored "-Wconditional-uninitialized"
#endif
return simde__m64_from_private(r_);
HEDLEY_DIAGNOSTIC_POP
Reported by Cppcheck.
Line: 3652
r_.i16[i] = a_.i16[(imm8 >> (i * 2)) & 3];
}
HEDLEY_DIAGNOSTIC_PUSH
#if HEDLEY_HAS_WARNING("-Wconditional-uninitialized")
#pragma clang diagnostic ignored "-Wconditional-uninitialized"
#endif
return simde__m64_from_private(r_);
HEDLEY_DIAGNOSTIC_POP
Reported by Cppcheck.
Line: 3652
r_.i16[i] = a_.i16[(imm8 >> (i * 2)) & 3];
}
HEDLEY_DIAGNOSTIC_PUSH
#if HEDLEY_HAS_WARNING("-Wconditional-uninitialized")
#pragma clang diagnostic ignored "-Wconditional-uninitialized"
#endif
return simde__m64_from_private(r_);
HEDLEY_DIAGNOSTIC_POP
Reported by Cppcheck.
Line: 3652
r_.i16[i] = a_.i16[(imm8 >> (i * 2)) & 3];
}
HEDLEY_DIAGNOSTIC_PUSH
#if HEDLEY_HAS_WARNING("-Wconditional-uninitialized")
#pragma clang diagnostic ignored "-Wconditional-uninitialized"
#endif
return simde__m64_from_private(r_);
HEDLEY_DIAGNOSTIC_POP
Reported by Cppcheck.
Line: 3652
r_.i16[i] = a_.i16[(imm8 >> (i * 2)) & 3];
}
HEDLEY_DIAGNOSTIC_PUSH
#if HEDLEY_HAS_WARNING("-Wconditional-uninitialized")
#pragma clang diagnostic ignored "-Wconditional-uninitialized"
#endif
return simde__m64_from_private(r_);
HEDLEY_DIAGNOSTIC_POP
Reported by Cppcheck.
Line: 3652
r_.i16[i] = a_.i16[(imm8 >> (i * 2)) & 3];
}
HEDLEY_DIAGNOSTIC_PUSH
#if HEDLEY_HAS_WARNING("-Wconditional-uninitialized")
#pragma clang diagnostic ignored "-Wconditional-uninitialized"
#endif
return simde__m64_from_private(r_);
HEDLEY_DIAGNOSTIC_POP
Reported by Cppcheck.
Line: 3652
r_.i16[i] = a_.i16[(imm8 >> (i * 2)) & 3];
}
HEDLEY_DIAGNOSTIC_PUSH
#if HEDLEY_HAS_WARNING("-Wconditional-uninitialized")
#pragma clang diagnostic ignored "-Wconditional-uninitialized"
#endif
return simde__m64_from_private(r_);
HEDLEY_DIAGNOSTIC_POP
Reported by Cppcheck.
libobs/util/simde/x86/sse2.h
44 issues
Line: 3783
r = HEDLEY_STATIC_CAST(
int32_t, vec_extract(vec_vbpermq(a_.altivec_u8, perm), 14));
#else
SIMDE_VECTORIZE_REDUCTION(| : r)
for (size_t i = 0; i < (sizeof(a_.u8) / sizeof(a_.u8[0])); i++) {
r |= (a_.u8[15 - i] >> 7) << (15 - i);
}
#endif
Reported by Cppcheck.
Line: 3783
r = HEDLEY_STATIC_CAST(
int32_t, vec_extract(vec_vbpermq(a_.altivec_u8, perm), 14));
#else
SIMDE_VECTORIZE_REDUCTION(| : r)
for (size_t i = 0; i < (sizeof(a_.u8) / sizeof(a_.u8[0])); i++) {
r |= (a_.u8[15 - i] >> 7) << (15 - i);
}
#endif
Reported by Cppcheck.
Line: 3783
r = HEDLEY_STATIC_CAST(
int32_t, vec_extract(vec_vbpermq(a_.altivec_u8, perm), 14));
#else
SIMDE_VECTORIZE_REDUCTION(| : r)
for (size_t i = 0; i < (sizeof(a_.u8) / sizeof(a_.u8[0])); i++) {
r |= (a_.u8[15 - i] >> 7) << (15 - i);
}
#endif
Reported by Cppcheck.
Line: 3783
r = HEDLEY_STATIC_CAST(
int32_t, vec_extract(vec_vbpermq(a_.altivec_u8, perm), 14));
#else
SIMDE_VECTORIZE_REDUCTION(| : r)
for (size_t i = 0; i < (sizeof(a_.u8) / sizeof(a_.u8[0])); i++) {
r |= (a_.u8[15 - i] >> 7) << (15 - i);
}
#endif
Reported by Cppcheck.
Line: 3783
r = HEDLEY_STATIC_CAST(
int32_t, vec_extract(vec_vbpermq(a_.altivec_u8, perm), 14));
#else
SIMDE_VECTORIZE_REDUCTION(| : r)
for (size_t i = 0; i < (sizeof(a_.u8) / sizeof(a_.u8[0])); i++) {
r |= (a_.u8[15 - i] >> 7) << (15 - i);
}
#endif
Reported by Cppcheck.
Line: 3783
r = HEDLEY_STATIC_CAST(
int32_t, vec_extract(vec_vbpermq(a_.altivec_u8, perm), 14));
#else
SIMDE_VECTORIZE_REDUCTION(| : r)
for (size_t i = 0; i < (sizeof(a_.u8) / sizeof(a_.u8[0])); i++) {
r |= (a_.u8[15 - i] >> 7) << (15 - i);
}
#endif
Reported by Cppcheck.
Line: 3783
r = HEDLEY_STATIC_CAST(
int32_t, vec_extract(vec_vbpermq(a_.altivec_u8, perm), 14));
#else
SIMDE_VECTORIZE_REDUCTION(| : r)
for (size_t i = 0; i < (sizeof(a_.u8) / sizeof(a_.u8[0])); i++) {
r |= (a_.u8[15 - i] >> 7) << (15 - i);
}
#endif
Reported by Cppcheck.
Line: 3783
r = HEDLEY_STATIC_CAST(
int32_t, vec_extract(vec_vbpermq(a_.altivec_u8, perm), 14));
#else
SIMDE_VECTORIZE_REDUCTION(| : r)
for (size_t i = 0; i < (sizeof(a_.u8) / sizeof(a_.u8[0])); i++) {
r |= (a_.u8[15 - i] >> 7) << (15 - i);
}
#endif
Reported by Cppcheck.
Line: 3783
r = HEDLEY_STATIC_CAST(
int32_t, vec_extract(vec_vbpermq(a_.altivec_u8, perm), 14));
#else
SIMDE_VECTORIZE_REDUCTION(| : r)
for (size_t i = 0; i < (sizeof(a_.u8) / sizeof(a_.u8[0])); i++) {
r |= (a_.u8[15 - i] >> 7) << (15 - i);
}
#endif
Reported by Cppcheck.
Line: 3783
r = HEDLEY_STATIC_CAST(
int32_t, vec_extract(vec_vbpermq(a_.altivec_u8, perm), 14));
#else
SIMDE_VECTORIZE_REDUCTION(| : r)
for (size_t i = 0; i < (sizeof(a_.u8) / sizeof(a_.u8[0])); i++) {
r |= (a_.u8[15 - i] >> 7) << (15 - i);
}
#endif
Reported by Cppcheck.
UI/win-update/updater/updater.cpp
44 issues
Line: 65
Column: 2
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
static inline bool HasVS2019Redist2()
{
wchar_t base[MAX_PATH];
wchar_t path[MAX_PATH];
WIN32_FIND_DATAW wfd;
HANDLE handle;
int folder = (is32bit && is_64bit_windows()) ? CSIDL_SYSTEMX86
: CSIDL_SYSTEM;
Reported by FlawFinder.
Line: 66
Column: 2
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
static inline bool HasVS2019Redist2()
{
wchar_t base[MAX_PATH];
wchar_t path[MAX_PATH];
WIN32_FIND_DATAW wfd;
HANDLE handle;
int folder = (is32bit && is_64bit_windows()) ? CSIDL_SYSTEMX86
: CSIDL_SYSTEM;
Reported by FlawFinder.
Line: 109
Column: 2
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
static void Status(const wchar_t *fmt, ...)
{
wchar_t str[512];
va_list argptr;
va_start(argptr, fmt);
StringCbVPrintf(str, sizeof(str), fmt, argptr);
Reported by FlawFinder.
Line: 488
Column: 2
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
static inline DWORD WaitIfOBS(DWORD id, const wchar_t *expected)
{
wchar_t path[MAX_PATH];
wchar_t *name;
*path = 0;
WinHandle proc = OpenProcess(PROCESS_QUERY_INFORMATION |
PROCESS_VM_READ | SYNCHRONIZE,
Reported by FlawFinder.
Line: 554
Column: 11
CWE codes:
120
static inline bool UTF8ToWide(wchar_t *wide, int wideSize, const char *utf8)
{
return !!MultiByteToWideChar(CP_UTF8, 0, utf8, -1, wide, wideSize);
}
static inline bool WideToUTF8(char *utf8, int utf8Size, const wchar_t *wide)
{
return !!WideCharToMultiByte(CP_UTF8, 0, wide, -1, utf8, utf8Size,
Reported by FlawFinder.
Line: 636
Column: 2
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
if (!name.is_string())
return true;
wchar_t wPackageName[512];
const string &packageName = name.string_value();
size_t fileCount = files.array_items().size();
if (!UTF8ToWideBuf(wPackageName, packageName.c_str()))
return false;
Reported by FlawFinder.
Line: 678
Column: 3
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
/* convert strings to wide */
wchar_t sourceURL[1024];
wchar_t updateFileName[MAX_PATH];
wchar_t updateHashStr[BLAKE2_HASH_STR_LENGTH];
wchar_t tempFilePath[MAX_PATH];
if (!UTF8ToWideBuf(updateFileName, fileUTF8.c_str()))
Reported by FlawFinder.
Line: 679
Column: 3
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
/* convert strings to wide */
wchar_t sourceURL[1024];
wchar_t updateFileName[MAX_PATH];
wchar_t updateHashStr[BLAKE2_HASH_STR_LENGTH];
wchar_t tempFilePath[MAX_PATH];
if (!UTF8ToWideBuf(updateFileName, fileUTF8.c_str()))
continue;
Reported by FlawFinder.
Line: 680
Column: 3
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
wchar_t sourceURL[1024];
wchar_t updateFileName[MAX_PATH];
wchar_t updateHashStr[BLAKE2_HASH_STR_LENGTH];
wchar_t tempFilePath[MAX_PATH];
if (!UTF8ToWideBuf(updateFileName, fileUTF8.c_str()))
continue;
if (!UTF8ToWideBuf(updateHashStr, hashUTF8.c_str()))
Reported by FlawFinder.
Line: 681
Column: 3
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
wchar_t sourceURL[1024];
wchar_t updateFileName[MAX_PATH];
wchar_t updateHashStr[BLAKE2_HASH_STR_LENGTH];
wchar_t tempFilePath[MAX_PATH];
if (!UTF8ToWideBuf(updateFileName, fileUTF8.c_str()))
continue;
if (!UTF8ToWideBuf(updateHashStr, hashUTF8.c_str()))
continue;
Reported by FlawFinder.
libobs/util/dstr.c
32 issues
Line: 325
Column: 4
CWE codes:
120
Suggestion:
Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused)
if (*cur_str || include_empty) {
table[cur_idx++] = offset;
strcpy(offset, cur_str);
}
table[cur_idx] = NULL;
}
Reported by FlawFinder.
Line: 550
Column: 12
CWE codes:
134
Suggestion:
Use a constant for the format specification
va_list args_cp;
va_copy(args_cp, args);
int len = vsnprintf(NULL, 0, format, args_cp);
va_end(args_cp);
if (len < 0)
len = 4095;
Reported by FlawFinder.
Line: 557
Column: 8
CWE codes:
134
Suggestion:
Use a constant for the format specification
len = 4095;
dstr_ensure_capacity(dst, ((size_t)len) + 1);
len = vsnprintf(dst->array, ((size_t)len) + 1, format, args);
if (!*dst->array) {
dstr_free(dst);
return;
}
Reported by FlawFinder.
Line: 572
Column: 12
CWE codes:
134
Suggestion:
Use a constant for the format specification
va_list args_cp;
va_copy(args_cp, args);
int len = vsnprintf(NULL, 0, format, args_cp);
va_end(args_cp);
if (len < 0)
len = 4095;
Reported by FlawFinder.
Line: 579
Column: 8
CWE codes:
134
Suggestion:
Use a constant for the format specification
len = 4095;
dstr_ensure_capacity(dst, dst->len + ((size_t)len) + 1);
len = vsnprintf(dst->array + dst->len, ((size_t)len) + 1, format, args);
if (!*dst->array) {
dstr_free(dst);
return;
}
Reported by FlawFinder.
Line: 630
Column: 5
CWE codes:
120
Suggestion:
Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused)
if (replace_len)
memcpy(temp, replace, replace_len);
} else {
strcpy(temp, replace);
}
temp += replace_len;
++count;
}
Reported by FlawFinder.
Line: 663
Column: 5
CWE codes:
120
Suggestion:
Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused)
memmove(temp + replace_len, end, end_len + 1);
memcpy(temp, replace, replace_len);
} else {
strcpy(temp, replace);
}
temp += replace_len;
}
Reported by FlawFinder.
Line: 356
Column: 2
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
len = strlen(array);
dstr_ensure_capacity(dst, len + 1);
memcpy(dst->array, array, len + 1);
dst->len = len;
}
void dstr_copy_strref(struct dstr *dst, const struct strref *src)
{
Reported by FlawFinder.
Line: 415
Column: 2
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
new_len = dst->len + str->len;
dstr_ensure_capacity(dst, new_len + 1);
memcpy(dst->array + dst->len, str->array, str->len + 1);
dst->len = new_len;
}
void dstr_cat_strref(struct dstr *dst, const struct strref *str)
{
Reported by FlawFinder.
Line: 433
Column: 2
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
new_len = dst->len + len;
dstr_ensure_capacity(dst, new_len + 1);
memcpy(dst->array + dst->len, array, len);
dst->len = new_len;
dst->array[new_len] = 0;
}
Reported by FlawFinder.
plugins/obs-outputs/librtmp/hashswf.c
28 issues
Line: 155
Column: 9
CWE codes:
120
Suggestion:
Use sprintf_s, snprintf, or vsnprintf
if (sb.sb_socket == INVALID_SOCKET)
return HTTPRES_LOST_CONNECTION;
i =
sprintf(sb.sb_buf,
"GET %s HTTP/1.0\r\nUser-Agent: %s\r\nHost: %s\r\nReferer: %.*s\r\n",
path, AGENT, host, (int)(path - url + 1), url);
if (http->date[0])
i += sprintf(sb.sb_buf + i, "If-Modified-Since: %s\r\n", http->date);
i += sprintf(sb.sb_buf + i, "\r\n");
Reported by FlawFinder.
Line: 159
Column: 14
CWE codes:
120
Suggestion:
Use sprintf_s, snprintf, or vsnprintf
"GET %s HTTP/1.0\r\nUser-Agent: %s\r\nHost: %s\r\nReferer: %.*s\r\n",
path, AGENT, host, (int)(path - url + 1), url);
if (http->date[0])
i += sprintf(sb.sb_buf + i, "If-Modified-Since: %s\r\n", http->date);
i += sprintf(sb.sb_buf + i, "\r\n");
if (connect
(sb.sb_socket, (struct sockaddr *)&sa, sizeof(struct sockaddr)) < 0)
{
Reported by FlawFinder.
Line: 270
Column: 13
CWE codes:
120
Suggestion:
Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused)
(sb.sb_start, "Last-Modified: ", sizeof("Last-Modified: ") - 1))
{
*p2 = '\0';
strcpy(http->date, sb.sb_start + sizeof("Last-Modified: ") - 1);
}
p2 += 2;
sb.sb_size -= p2 - sb.sb_start;
sb.sb_start = p2;
if (sb.sb_size < 1)
Reported by FlawFinder.
Line: 463
Column: 5
CWE codes:
120
Suggestion:
Use sprintf_s, snprintf, or vsnprintf
struct tm *tm;
tm = gmtime((time_t *) t);
sprintf(s, "%s, %02d %s %d %02d:%02d:%02d GMT",
days[tm->tm_wday], tm->tm_mday, monthtab[tm->tm_mon],
tm->tm_year + 1900, tm->tm_hour, tm->tm_min, tm->tm_sec);
}
#define HEX2BIN(a) (((a)&0x40)?((a)&0xf)+9:((a)&0xf))
Reported by FlawFinder.
Line: 520
Column: 5
CWE codes:
120
Suggestion:
Use sprintf_s, snprintf, or vsnprintf
* besides URL are fixed size.
*/
path = malloc(hpre.av_len + home.av_len + sizeof(DIRSEP ".swfinfo"));
sprintf(path, "%s%s" DIRSEP ".swfinfo", hpre.av_val, home.av_val);
f = fopen(path, "r+");
while (f)
{
char buf[4096], *file, *p;
Reported by FlawFinder.
Line: 493
Column: 19
CWE codes:
807
20
Suggestion:
Check environment variables carefully before using them
hpre.av_len = 2;
home.av_val = "\\UserData";
#else
hpre.av_val = getenv("HOMEDRIVE");
hpre.av_len = (int)strlen(hpre.av_val);
home.av_val = getenv("HOMEPATH");
#endif
#define DIRSEP "\\"
Reported by FlawFinder.
Line: 495
Column: 19
CWE codes:
807
20
Suggestion:
Check environment variables carefully before using them
#else
hpre.av_val = getenv("HOMEDRIVE");
hpre.av_len = (int)strlen(hpre.av_val);
home.av_val = getenv("HOMEPATH");
#endif
#define DIRSEP "\\"
#else /* !_WIN32 */
hpre.av_val = "";
Reported by FlawFinder.
Line: 502
Column: 19
CWE codes:
807
20
Suggestion:
Check environment variables carefully before using them
#else /* !_WIN32 */
hpre.av_val = "";
hpre.av_len = 0;
home.av_val = getenv("HOME");
#define DIRSEP "/"
#endif
if (!home.av_val)
home.av_val = ".";
home.av_len = (int)strlen(home.av_val);
Reported by FlawFinder.
Line: 92
Column: 5
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
{
char *host, *path;
char *p1, *p2;
char hbuf[256];
int port = 80;
#ifdef CRYPTO
int ssl = 0;
#endif
int hlen, flen = 0;
Reported by FlawFinder.
Line: 139
Column: 16
CWE codes:
190
Suggestion:
If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended)
if (p1)
{
*p1++ = '\0';
port = atoi(p1);
}
sa.sin_addr.s_addr = inet_addr(host);
if (sa.sin_addr.s_addr == INADDR_NONE)
{
Reported by FlawFinder.
libobs/util/platform-nix.c
26 issues
Line: 358
Column: 18
CWE codes:
362
20
Suggestion:
Reconsider approach
#elif defined(__OpenBSD__)
ssize_t count = os_openbsd_get_executable_path(exe);
#else
ssize_t count = readlink("/proc/self/exe", exe, PATH_MAX - 1);
if (count >= 0) {
exe[count] = '\0';
}
#endif
const char *path_out = NULL;
Reported by FlawFinder.
Line: 389
Column: 9
CWE codes:
362/367!
Suggestion:
Set up the correct permissions (e.g., using setuid()) and try to open the file directly
bool os_file_exists(const char *path)
{
return access(path, F_OK) == 0;
}
size_t os_get_abs_path(const char *path, char *abspath, size_t size)
{
size_t min_size = size < PATH_MAX ? size : PATH_MAX;
Reported by FlawFinder.
Line: 200
Column: 18
CWE codes:
807
20
Suggestion:
Check environment variables carefully before using them
int os_get_config_path(char *dst, size_t size, const char *name)
{
#ifdef USE_XDG
char *xdg_ptr = getenv("XDG_CONFIG_HOME");
// If XDG_CONFIG_HOME is unset,
// we use the default $HOME/.config/[name] instead
if (xdg_ptr == NULL) {
char *home_ptr = getenv("HOME");
Reported by FlawFinder.
Line: 205
Column: 20
CWE codes:
807
20
Suggestion:
Check environment variables carefully before using them
// If XDG_CONFIG_HOME is unset,
// we use the default $HOME/.config/[name] instead
if (xdg_ptr == NULL) {
char *home_ptr = getenv("HOME");
if (home_ptr == NULL)
bcrash("Could not get $HOME\n");
if (!name || !*name) {
return snprintf(dst, size, "%s/.config", home_ptr);
Reported by FlawFinder.
Line: 222
Column: 19
CWE codes:
807
20
Suggestion:
Check environment variables carefully before using them
return snprintf(dst, size, "%s/%s", xdg_ptr, name);
}
#else
char *path_ptr = getenv("HOME");
if (path_ptr == NULL)
bcrash("Could not get $HOME\n");
if (!name || !*name)
return snprintf(dst, size, "%s", path_ptr);
Reported by FlawFinder.
Line: 239
Column: 18
CWE codes:
807
20
Suggestion:
Check environment variables carefully before using them
{
#ifdef USE_XDG
struct dstr path;
char *xdg_ptr = getenv("XDG_CONFIG_HOME");
/* If XDG_CONFIG_HOME is unset,
* we use the default $HOME/.config/[name] instead */
if (xdg_ptr == NULL) {
char *home_ptr = getenv("HOME");
Reported by FlawFinder.
Line: 244
Column: 20
CWE codes:
807
20
Suggestion:
Check environment variables carefully before using them
/* If XDG_CONFIG_HOME is unset,
* we use the default $HOME/.config/[name] instead */
if (xdg_ptr == NULL) {
char *home_ptr = getenv("HOME");
if (home_ptr == NULL)
bcrash("Could not get $HOME\n");
dstr_init_copy(&path, home_ptr);
dstr_cat(&path, "/.config/");
Reported by FlawFinder.
Line: 258
Column: 19
CWE codes:
807
20
Suggestion:
Check environment variables carefully before using them
}
return path.array;
#else
char *path_ptr = getenv("HOME");
if (path_ptr == NULL)
bcrash("Could not get $HOME\n");
struct dstr path;
dstr_init_copy(&path, path_ptr);
Reported by FlawFinder.
Line: 312
Column: 7
CWE codes:
120/785!
Suggestion:
Ensure that the destination buffer is at least of size MAXPATHLEN, andto protect against implementation problems, the input argument should also be checked to ensure it is no larger than MAXPATHLEN
comm = argv[0];
if (*comm == '/' || *comm == '.') {
if (realpath(comm, epath))
ok = 1;
} else {
char *sp;
char *xpath = strdup(getenv("PATH"));
char *path = strtok_r(xpath, ":", &sp);
Reported by FlawFinder.
Line: 316
Column: 24
CWE codes:
807
20
Suggestion:
Check environment variables carefully before using them
ok = 1;
} else {
char *sp;
char *xpath = strdup(getenv("PATH"));
char *path = strtok_r(xpath, ":", &sp);
struct stat st;
if (!xpath)
abort();
Reported by FlawFinder.
plugins/obs-filters/rnnoise/src/rnn_train.py
24 issues
Line: 5
Column: 1
from __future__ import print_function
from keras.models import Sequential
from keras.models import Model
from keras.layers import Input
from keras.layers import Dense
from keras.layers import LSTM
from keras.layers import GRU
Reported by Pylint.
Line: 6
Column: 1
from __future__ import print_function
from keras.models import Sequential
from keras.models import Model
from keras.layers import Input
from keras.layers import Dense
from keras.layers import LSTM
from keras.layers import GRU
from keras.layers import SimpleRNN
Reported by Pylint.
Line: 7
Column: 1
from keras.models import Sequential
from keras.models import Model
from keras.layers import Input
from keras.layers import Dense
from keras.layers import LSTM
from keras.layers import GRU
from keras.layers import SimpleRNN
from keras.layers import Dropout
Reported by Pylint.
Line: 8
Column: 1
from keras.models import Sequential
from keras.models import Model
from keras.layers import Input
from keras.layers import Dense
from keras.layers import LSTM
from keras.layers import GRU
from keras.layers import SimpleRNN
from keras.layers import Dropout
from keras import losses
Reported by Pylint.
Line: 9
Column: 1
from keras.models import Model
from keras.layers import Input
from keras.layers import Dense
from keras.layers import LSTM
from keras.layers import GRU
from keras.layers import SimpleRNN
from keras.layers import Dropout
from keras import losses
import h5py
Reported by Pylint.
Line: 10
Column: 1
from keras.layers import Input
from keras.layers import Dense
from keras.layers import LSTM
from keras.layers import GRU
from keras.layers import SimpleRNN
from keras.layers import Dropout
from keras import losses
import h5py
Reported by Pylint.
Line: 11
Column: 1
from keras.layers import Dense
from keras.layers import LSTM
from keras.layers import GRU
from keras.layers import SimpleRNN
from keras.layers import Dropout
from keras import losses
import h5py
from keras import backend as K
Reported by Pylint.
Line: 12
Column: 1
from keras.layers import LSTM
from keras.layers import GRU
from keras.layers import SimpleRNN
from keras.layers import Dropout
from keras import losses
import h5py
from keras import backend as K
import numpy as np
Reported by Pylint.
Line: 13
Column: 1
from keras.layers import GRU
from keras.layers import SimpleRNN
from keras.layers import Dropout
from keras import losses
import h5py
from keras import backend as K
import numpy as np
Reported by Pylint.
Line: 14
Column: 1
from keras.layers import SimpleRNN
from keras.layers import Dropout
from keras import losses
import h5py
from keras import backend as K
import numpy as np
print('Build model...')
Reported by Pylint.