The following issues were found
libobs/obs-internal.h
3 issues
Line: 295
Column: 8
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
bool thread_initialized;
bool gpu_conversion;
const char *conversion_techs[NUM_CHANNELS];
bool conversion_needed;
float conversion_width_i;
uint32_t output_width;
uint32_t output_height;
Reported by FlawFinder.
Line: 398
Column: 2
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
signal_handler_t *signals;
char *translations[OBS_KEY_LAST_VALUE];
char *mute;
char *unmute;
char *push_to_mute;
char *push_to_talk;
char *sceneitem_show;
Reported by FlawFinder.
Line: 912
Column: 2
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
#define CAPTION_LINE_CHARS (32)
#define CAPTION_LINE_BYTES (4 * CAPTION_LINE_CHARS)
struct caption_text {
char text[CAPTION_LINE_BYTES + 1];
double display_duration;
struct caption_text *next;
};
struct pause_data {
Reported by FlawFinder.
deps/lzma/liblzma/common/block_buffer_encoder.c
3 issues
Line: 148
Column: 3
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
// The actual data
assert(*out_pos + copy_size <= out_size);
memcpy(out + *out_pos, in + in_pos, copy_size);
in_pos += copy_size;
*out_pos += copy_size;
}
Reported by FlawFinder.
Line: 299
Column: 3
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
lzma_check_update(&check, block->check, in, in_size);
lzma_check_finish(&check, block->check);
memcpy(block->raw_check, check.buffer.u8, check_size);
memcpy(out + *out_pos, check.buffer.u8, check_size);
*out_pos += check_size;
}
return LZMA_OK;
Reported by FlawFinder.
Line: 300
Column: 3
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
lzma_check_finish(&check, block->check);
memcpy(block->raw_check, check.buffer.u8, check_size);
memcpy(out + *out_pos, check.buffer.u8, check_size);
*out_pos += check_size;
}
return LZMA_OK;
}
Reported by FlawFinder.
libobs/obs-module.c
3 issues
Line: 572
Column: 3
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
goto error; \
} \
\
memcpy(&data, info, size_var); \
da_push_back(dest, &data); \
} while (false)
#define CHECK_REQUIRED_VAL(type, info, val, func) \
do { \
Reported by FlawFinder.
Line: 643
Column: 2
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
goto error;
}
memcpy(&data, info, size);
/* mark audio-only filters as an async filter categorically */
if (data.type == OBS_SOURCE_TYPE_FILTER) {
if ((data.output_flags & OBS_SOURCE_VIDEO) == 0)
data.output_flags |= OBS_SOURCE_ASYNC;
Reported by FlawFinder.
Line: 88
Column: 13
CWE codes:
126
if (ext_len == 0) {
const char *ext = get_module_extension();
ext_len = strlen(ext);
}
dstr_copy(&name, file);
dstr_resize(&name, name.len - ext_len);
return name.array;
Reported by FlawFinder.
libobs/util/base.c
3 issues
Line: 37
Column: 2
CWE codes:
134
Suggestion:
Use a constant for the format specification
void *param)
{
char out[4096];
vsnprintf(out, sizeof(out), format, args);
if (log_level <= log_output_level) {
switch (log_level) {
case LOG_DEBUG:
fprintf(stdout, "debug: %s\n", out);
Reported by FlawFinder.
Line: 74
Column: 2
CWE codes:
134
Suggestion:
Use a constant for the format specification
NORETURN static void def_crash_handler(const char *format, va_list args,
void *param)
{
vfprintf(stderr, format, args);
exit(0);
UNUSED_PARAMETER(param);
}
Reported by FlawFinder.
Line: 36
Column: 2
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
static void def_log_handler(int log_level, const char *format, va_list args,
void *param)
{
char out[4096];
vsnprintf(out, sizeof(out), format, args);
if (log_level <= log_output_level) {
switch (log_level) {
case LOG_DEBUG:
Reported by FlawFinder.
plugins/obs-filters/rnnoise/src/denoise.c
3 issues
Line: 538
Column: 8
CWE codes:
362
fprintf(stderr, "usage: %s <speech> <noise> <count>\n", argv[0]);
return 1;
}
f1 = fopen(argv[1], "r");
f2 = fopen(argv[2], "r");
maxCount = atoi(argv[3]);
for(i=0;i<150;i++) {
short tmp[FRAME_SIZE];
fread(tmp, sizeof(short), FRAME_SIZE, f2);
Reported by FlawFinder.
Line: 539
Column: 8
CWE codes:
362
return 1;
}
f1 = fopen(argv[1], "r");
f2 = fopen(argv[2], "r");
maxCount = atoi(argv[3]);
for(i=0;i<150;i++) {
short tmp[FRAME_SIZE];
fread(tmp, sizeof(short), FRAME_SIZE, f2);
}
Reported by FlawFinder.
Line: 540
Column: 14
CWE codes:
190
Suggestion:
If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended)
}
f1 = fopen(argv[1], "r");
f2 = fopen(argv[2], "r");
maxCount = atoi(argv[3]);
for(i=0;i<150;i++) {
short tmp[FRAME_SIZE];
fread(tmp, sizeof(short), FRAME_SIZE, f2);
}
while (1) {
Reported by FlawFinder.
libobs/graphics/effect.c
3 issues
Line: 400
Column: 3
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
da_resize(param->cur_val, size);
if (size_changed || memcmp(param->cur_val.array, data, size) != 0) {
memcpy(param->cur_val.array, data, size);
param->changed = true;
}
}
#ifndef min
Reported by FlawFinder.
Line: 423
Column: 2
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
size_t bytes = min(size, param->cur_val.num);
memcpy(data, param->cur_val.array, bytes);
}
static inline void effect_getdefaultval_inline(gs_eparam_t *param, void *data,
size_t size)
{
Reported by FlawFinder.
Line: 441
Column: 2
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
size_t bytes = min(size, param->default_val.num);
memcpy(data, param->default_val.array, bytes);
}
void gs_effect_set_bool(gs_eparam_t *param, bool val)
{
int b_val = (int)val;
Reported by FlawFinder.
libobs/graphics/graphics-ffmpeg.c
3 issues
Line: 140
Column: 4
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
uint8_t *dst = data;
const uint8_t *src = frame->data[0];
for (int y = 0; y < info->cy; y++) {
memcpy(dst, src, min_line);
dst += linesize;
src += src_linesize;
}
} else {
memcpy(data, frame->data[0], totalsize);
Reported by FlawFinder.
Line: 145
Column: 3
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
src += src_linesize;
}
} else {
memcpy(data, frame->data[0], totalsize);
}
return data;
}
Reported by FlawFinder.
Line: 310
Column: 4
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
const uint8_t *src = pointers[0];
uint8_t *dst = data;
for (size_t y = 0; y < (size_t)info->cy; y++) {
memcpy(dst, src, linesize);
dst += linesize;
src += linesizes[0];
}
av_freep(pointers);
Reported by FlawFinder.
plugins/obs-filters/color-grade-filter.c
3 issues
Line: 81
Column: 5
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
const uint32_t row_index = image_width * (z_y + y);
for (uint32_t x = 0; x < LUT_WIDTH; ++x) {
const uint32_t index = row_index + z_x + x;
memcpy(cursor, &data[pixel_size * index],
pixel_size);
cursor += pixel_size;
}
}
Reported by FlawFinder.
Line: 102
Column: 2
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
{
bool data_found = false;
char line[256];
while (fgets(line, sizeof(line), file)) {
if (sscanf(line, "%f %f %f", red, green, blue) == 3) {
data_found = true;
break;
}
Reported by FlawFinder.
Line: 187
Column: 3
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
bool data_found = false;
char line[256];
unsigned u;
float f[3];
while (fgets(line, sizeof(line), file)) {
if (sscanf(line, "%f %f %f", &red, &green, &blue) ==
3) {
Reported by FlawFinder.
deps/jansson/test/suites/api/test_load_callback.c
3 issues
Line: 27
Column: 9
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
if (buflen > s->cap - s->off)
buflen = s->cap - s->off;
if (buflen > 0) {
memcpy(buf, s->buf + s->off, buflen);
s->off += buflen;
return buflen;
} else {
return 0;
}
Reported by FlawFinder.
Line: 42
Column: 13
CWE codes:
126
json_error_t error;
s.off = 0;
s.cap = strlen(my_str);
s.buf = my_str;
json = json_load_callback(greedy_reader, &s, 0, &error);
if (!json)
Reported by FlawFinder.
Line: 52
Column: 13
CWE codes:
126
json_decref(json);
s.off = 0;
s.cap = strlen(my_str) - 1;
s.buf = my_str;
json = json_load_callback(greedy_reader, &s, 0, &error);
if (json) {
json_decref(json);
Reported by FlawFinder.
libobs-d3d11/d3d11-subsystem.hpp
3 issues
Line: 850
Column: 3
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
inline BlendState(const BlendState &state)
{
memcpy(this, &state, sizeof(BlendState));
}
};
struct SavedBlendState : BlendState {
ComPtr<ID3D11BlendState> state;
Reported by FlawFinder.
Line: 901
Column: 3
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
inline ZStencilState(const ZStencilState &state)
{
memcpy(this, &state, sizeof(ZStencilState));
}
};
struct SavedZStencilState : ZStencilState {
ComPtr<ID3D11DepthStencilState> state;
Reported by FlawFinder.
Line: 928
Column: 3
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
inline RasterState(const RasterState &state)
{
memcpy(this, &state, sizeof(RasterState));
}
};
struct SavedRasterState : RasterState {
ComPtr<ID3D11RasterizerState> state;
Reported by FlawFinder.