The following issues were found
plugins/obs-x264/obs-x264.c
4 issues
Line: 359
Column: 2
CWE codes:
134
Suggestion:
Use a constant for the format specification
struct obs_x264 *obsx264 = param;
char str[1024];
vsnprintf(str, 1024, format, args);
info("%s", str);
UNUSED_PARAMETER(level);
}
Reported by FlawFinder.
Line: 357
Column: 2
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
static void log_x264(void *param, int level, const char *format, va_list args)
{
struct obs_x264 *obsx264 = param;
char str[1024];
vsnprintf(str, 1024, format, args);
info("%s", str);
UNUSED_PARAMETER(level);
Reported by FlawFinder.
Line: 565
Column: 29
CWE codes:
126
}
size_t settings_string_length = 0;
for (size_t i = 0; i < options->count; ++i)
settings_string_length += strlen(options->options[i].name) +
strlen(options->options[i].value) + 5;
size_t buffer_size = settings_string_length + 1;
char *settings_string = bmalloc(settings_string_length + 1);
char *p = settings_string;
size_t remaining_buffer_size = buffer_size;
Reported by FlawFinder.
Line: 566
Column: 8
CWE codes:
126
size_t settings_string_length = 0;
for (size_t i = 0; i < options->count; ++i)
settings_string_length += strlen(options->options[i].name) +
strlen(options->options[i].value) + 5;
size_t buffer_size = settings_string_length + 1;
char *settings_string = bmalloc(settings_string_length + 1);
char *p = settings_string;
size_t remaining_buffer_size = buffer_size;
for (size_t i = 0; i < options->count; ++i) {
Reported by FlawFinder.
UI/frontend-plugins/frontend-tools/captions-mssapi-stream.cpp
4 issues
Line: 254
Column: 3
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
if (flag == STATFLAG_DEFAULT) {
size_t byte_size = (wcslen(stat_name) + 1) * sizeof(wchar_t);
stg->pwcsName = (wchar_t *)CoTaskMemAlloc(byte_size);
memcpy(stg->pwcsName, stat_name, byte_size);
}
return S_OK;
}
Reported by FlawFinder.
Line: 283
Column: 2
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
}
void *wfex = CoTaskMemAlloc(sizeof(format));
memcpy(wfex, &format, sizeof(format));
*co_mem_wfex_out = (WAVEFORMATEX *)wfex;
return S_OK;
}
Reported by FlawFinder.
Line: 365
Column: 2
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
return E_POINTER;
void *wfex = CoTaskMemAlloc(sizeof(format));
memcpy(wfex, &format, sizeof(format));
*format = SPDFID_WaveFormatEx;
*co_mem_wfex_out = (WAVEFORMATEX *)wfex;
return S_OK;
}
Reported by FlawFinder.
Line: 252
Column: 23
CWE codes:
126
stg->cbSize.QuadPart = (ULONGLONG)buf->size;
if (flag == STATFLAG_DEFAULT) {
size_t byte_size = (wcslen(stat_name) + 1) * sizeof(wchar_t);
stg->pwcsName = (wchar_t *)CoTaskMemAlloc(byte_size);
memcpy(stg->pwcsName, stat_name, byte_size);
}
return S_OK;
Reported by FlawFinder.
deps/blake2/src/blake2b-ref.c
4 issues
Line: 146
Column: 5
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
{
uint8_t block[BLAKE2B_BLOCKBYTES];
memset( block, 0, BLAKE2B_BLOCKBYTES );
memcpy( block, key, keylen );
blake2b_update( S, block, BLAKE2B_BLOCKBYTES );
secure_zero_memory( block, BLAKE2B_BLOCKBYTES ); /* Burn the key from stack */
}
return 0;
}
Reported by FlawFinder.
Line: 231
Column: 7
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
if( inlen > fill )
{
S->buflen = 0;
memcpy( S->buf + left, in, fill ); /* Fill buffer */
blake2b_increment_counter( S, BLAKE2B_BLOCKBYTES );
blake2b_compress( S, S->buf ); /* Compress */
in += fill; inlen -= fill;
while(inlen > BLAKE2B_BLOCKBYTES) {
blake2b_increment_counter(S, BLAKE2B_BLOCKBYTES);
Reported by FlawFinder.
Line: 242
Column: 5
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
inlen -= BLAKE2B_BLOCKBYTES;
}
}
memcpy( S->buf + S->buflen, in, inlen );
S->buflen += inlen;
}
return 0;
}
Reported by FlawFinder.
Line: 267
Column: 3
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
for( i = 0; i < 8; ++i ) /* Output full hash to temp buffer */
store64( buffer + sizeof( S->h[i] ) * i, S->h[i] );
memcpy( out, buffer, S->outlen );
secure_zero_memory(buffer, sizeof(buffer));
return 0;
}
/* inlen, at least, should be uint64_t. Others can be size_t. */
Reported by FlawFinder.
UI/window-basic-main-scene-collections.cpp
4 issues
Line: 34
Column: 2
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
void EnumSceneCollections(std::function<bool(const char *, const char *)> &&cb)
{
char path[512];
os_glob_t *glob;
int ret = GetConfigPath(path, sizeof(path),
"obs-studio/basic/scenes/*.json");
if (ret <= 0) {
Reported by FlawFinder.
Line: 271
Column: 2
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
file.c_str());
SaveProjectNow();
char path[512];
int ret = GetConfigPath(path, 512, "obs-studio/basic/scenes/");
if (ret <= 0) {
blog(LOG_WARNING, "Failed to get scene collection config path");
return;
}
Reported by FlawFinder.
Line: 332
Column: 2
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
if (button == QMessageBox::No)
return;
char path[512];
int ret = GetConfigPath(path, 512, "obs-studio/basic/scenes/");
if (ret <= 0) {
blog(LOG_WARNING, "Failed to get scene collection config path");
return;
}
Reported by FlawFinder.
Line: 380
Column: 2
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
{
SaveProjectNow();
char path[512];
QString home = QDir::homePath();
QString currentFile = QT_UTF8(config_get_string(
App()->GlobalConfig(), "Basic", "SceneCollectionFile"));
Reported by FlawFinder.
libobs/util/dstr.h
4 issues
Line: 236
Column: 3
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
if (src->len) {
dstr_ensure_capacity(dst, src->len + 1);
memcpy(dst->array, src->array, src->len + 1);
dst->len = src->len;
}
}
static inline void dstr_reserve(struct dstr *dst, const size_t capacity)
Reported by FlawFinder.
Line: 166
Column: 26
CWE codes:
126
static inline void dstr_init_move_array(struct dstr *dst, char *str)
{
dst->array = str;
dst->len = (!str) ? 0 : strlen(str);
dst->capacity = dst->len + 1;
}
static inline void dstr_init_move(struct dstr *dst, struct dstr *src)
{
Reported by FlawFinder.
Line: 207
Column: 26
CWE codes:
126
{
dstr_free(dst);
dst->array = str;
dst->len = (!str) ? 0 : strlen(str);
dst->capacity = dst->len + 1;
}
static inline void dstr_move(struct dstr *dst, struct dstr *src)
{
Reported by FlawFinder.
Line: 278
Column: 8
CWE codes:
126
if (!array || !*array)
return;
len = strlen(array);
dstr_ncat(dst, array, len);
}
static inline void dstr_cat_ch(struct dstr *dst, char ch)
{
Reported by FlawFinder.
UI/log-viewer.cpp
3 issues
Line: 91
Column: 2
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
void OBSLogViewer::InitLog()
{
char logDir[512];
std::string path;
if (GetConfigPath(logDir, sizeof(logDir), "obs-studio/logs")) {
path += logDir;
path += "/";
Reported by FlawFinder.
Line: 102
Column: 11
CWE codes:
362
QFile file(QT_UTF8(path.c_str()));
if (file.open(QIODevice::ReadOnly)) {
QTextStream in(&file);
#if QT_VERSION < QT_VERSION_CHECK(6, 0, 0)
in.setCodec("UTF-8");
#endif
Reported by FlawFinder.
Line: 157
Column: 2
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
void OBSLogViewer::OpenFile()
{
char logDir[512];
if (GetConfigPath(logDir, sizeof(logDir), "obs-studio/logs") <= 0)
return;
const char *log = App()->GetCurrentLog();
Reported by FlawFinder.
libobs/util/base.c
3 issues
Line: 37
Column: 2
CWE codes:
134
Suggestion:
Use a constant for the format specification
void *param)
{
char out[4096];
vsnprintf(out, sizeof(out), format, args);
if (log_level <= log_output_level) {
switch (log_level) {
case LOG_DEBUG:
fprintf(stdout, "debug: %s\n", out);
Reported by FlawFinder.
Line: 74
Column: 2
CWE codes:
134
Suggestion:
Use a constant for the format specification
NORETURN static void def_crash_handler(const char *format, va_list args,
void *param)
{
vfprintf(stderr, format, args);
exit(0);
UNUSED_PARAMETER(param);
}
Reported by FlawFinder.
Line: 36
Column: 2
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
static void def_log_handler(int log_level, const char *format, va_list args,
void *param)
{
char out[4096];
vsnprintf(out, sizeof(out), format, args);
if (log_level <= log_output_level) {
switch (log_level) {
case LOG_DEBUG:
Reported by FlawFinder.
libobs/obs-module.c
3 issues
Line: 572
Column: 3
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
goto error; \
} \
\
memcpy(&data, info, size_var); \
da_push_back(dest, &data); \
} while (false)
#define CHECK_REQUIRED_VAL(type, info, val, func) \
do { \
Reported by FlawFinder.
Line: 643
Column: 2
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
goto error;
}
memcpy(&data, info, size);
/* mark audio-only filters as an async filter categorically */
if (data.type == OBS_SOURCE_TYPE_FILTER) {
if ((data.output_flags & OBS_SOURCE_VIDEO) == 0)
data.output_flags |= OBS_SOURCE_ASYNC;
Reported by FlawFinder.
Line: 88
Column: 13
CWE codes:
126
if (ext_len == 0) {
const char *ext = get_module_extension();
ext_len = strlen(ext);
}
dstr_copy(&name, file);
dstr_resize(&name, name.len - ext_len);
return name.array;
Reported by FlawFinder.
plugins/obs-outputs/librtmp/rtmp.h
3 issues
Line: 249
Column: 9
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
int c_headerSize;
int c_chunkSize;
char *c_chunk;
char c_header[RTMP_MAX_HEADER_SIZE];
} RTMPChunk;
typedef struct RTMPPacket
{
uint8_t m_headerType;
Reported by FlawFinder.
Line: 271
Column: 9
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
SOCKET sb_socket;
int sb_size; /* number of unprocessed bytes in buffer */
char *sb_start; /* pointer into sb_pBuffer of next byte to process */
char sb_buf[RTMP_BUFFER_CACHE_SIZE]; /* data read from socket */
int sb_timedout;
void *sb_ssl;
} RTMPSockBuf;
void RTMPPacket_Reset(RTMPPacket *p);
Reported by FlawFinder.
Line: 347
Column: 9
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
uint32_t SWFSize;
uint8_t SWFHash[RTMP_SWF_HASHLEN];
char SWFVerificationResponse[RTMP_SWF_HASHLEN+10];
#endif
} RTMP_LNK;
/* state for read() wrapper */
typedef struct RTMP_READ
Reported by FlawFinder.
deps/jansson/src/hashtable.c
3 issues
Line: 38
Column: 57
CWE codes:
126
#define list_to_pair(list_) container_of(list_, pair_t, list)
#define ordered_list_to_pair(list_) container_of(list_, pair_t, ordered_list)
#define hash_str(key) ((size_t)hashlittle((key), strlen(key), hashtable_seed))
static JSON_INLINE void list_init(list_t *list)
{
list->next = list;
list->prev = list;
Reported by FlawFinder.
Line: 246
Column: 22
CWE codes:
126
flexible member. This way, the correct amount is
allocated. */
size_t len = strlen(key);
if(len >= (size_t)-1 - offsetof(pair_t, key)) {
/* Avoid an overflow if the key is very long */
return -1;
}
Reported by FlawFinder.
Line: 257
Column: 9
CWE codes:
120
return -1;
pair->hash = hash;
strncpy(pair->key, key, len + 1);
pair->value = value;
list_init(&pair->list);
list_init(&pair->ordered_list);
insert_to_bucket(hashtable, bucket, &pair->list);
Reported by FlawFinder.