The following issues were found
plugins/obs-outputs/librtmp/md5.c
3 issues
Line: 226
Column: 4
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
free = 64 - used;
if (size < free) {
memcpy(&ctx->buffer[used], data, size);
return;
}
memcpy(&ctx->buffer[used], data, free);
data = (unsigned char *)data + free;
Reported by FlawFinder.
Line: 230
Column: 3
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
return;
}
memcpy(&ctx->buffer[used], data, free);
data = (unsigned char *)data + free;
size -= free;
body(ctx, ctx->buffer, 64);
}
Reported by FlawFinder.
Line: 241
Column: 2
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
size &= 0x3f;
}
memcpy(ctx->buffer, data, size);
}
void MD5_Final(unsigned char *result, MD5_CTX *ctx)
{
unsigned long used, free;
Reported by FlawFinder.
deps/jansson/test/suites/api/test_load_callback.c
3 issues
Line: 27
Column: 9
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
if (buflen > s->cap - s->off)
buflen = s->cap - s->off;
if (buflen > 0) {
memcpy(buf, s->buf + s->off, buflen);
s->off += buflen;
return buflen;
} else {
return 0;
}
Reported by FlawFinder.
Line: 42
Column: 13
CWE codes:
126
json_error_t error;
s.off = 0;
s.cap = strlen(my_str);
s.buf = my_str;
json = json_load_callback(greedy_reader, &s, 0, &error);
if (!json)
Reported by FlawFinder.
Line: 52
Column: 13
CWE codes:
126
json_decref(json);
s.off = 0;
s.cap = strlen(my_str) - 1;
s.buf = my_str;
json = json_load_callback(greedy_reader, &s, 0, &error);
if (json) {
json_decref(json);
Reported by FlawFinder.
libobs-d3d11/d3d11-subsystem.hpp
3 issues
Line: 850
Column: 3
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
inline BlendState(const BlendState &state)
{
memcpy(this, &state, sizeof(BlendState));
}
};
struct SavedBlendState : BlendState {
ComPtr<ID3D11BlendState> state;
Reported by FlawFinder.
Line: 901
Column: 3
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
inline ZStencilState(const ZStencilState &state)
{
memcpy(this, &state, sizeof(ZStencilState));
}
};
struct SavedZStencilState : ZStencilState {
ComPtr<ID3D11DepthStencilState> state;
Reported by FlawFinder.
Line: 928
Column: 3
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
inline RasterState(const RasterState &state)
{
memcpy(this, &state, sizeof(RasterState));
}
};
struct SavedRasterState : RasterState {
ComPtr<ID3D11RasterizerState> state;
Reported by FlawFinder.
libobs/graphics/effect.c
3 issues
Line: 400
Column: 3
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
da_resize(param->cur_val, size);
if (size_changed || memcmp(param->cur_val.array, data, size) != 0) {
memcpy(param->cur_val.array, data, size);
param->changed = true;
}
}
#ifndef min
Reported by FlawFinder.
Line: 423
Column: 2
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
size_t bytes = min(size, param->cur_val.num);
memcpy(data, param->cur_val.array, bytes);
}
static inline void effect_getdefaultval_inline(gs_eparam_t *param, void *data,
size_t size)
{
Reported by FlawFinder.
Line: 441
Column: 2
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
size_t bytes = min(size, param->default_val.num);
memcpy(data, param->default_val.array, bytes);
}
void gs_effect_set_bool(gs_eparam_t *param, bool val)
{
int b_val = (int)val;
Reported by FlawFinder.
libobs/graphics/graphics-ffmpeg.c
3 issues
Line: 140
Column: 4
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
uint8_t *dst = data;
const uint8_t *src = frame->data[0];
for (int y = 0; y < info->cy; y++) {
memcpy(dst, src, min_line);
dst += linesize;
src += src_linesize;
}
} else {
memcpy(data, frame->data[0], totalsize);
Reported by FlawFinder.
Line: 145
Column: 3
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
src += src_linesize;
}
} else {
memcpy(data, frame->data[0], totalsize);
}
return data;
}
Reported by FlawFinder.
Line: 310
Column: 4
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
const uint8_t *src = pointers[0];
uint8_t *dst = data;
for (size_t y = 0; y < (size_t)info->cy; y++) {
memcpy(dst, src, linesize);
dst += linesize;
src += linesizes[0];
}
av_freep(pointers);
Reported by FlawFinder.
deps/w32-pthreads/tests/tryentercs.c
2 issues
Line: 69
Column: 17
CWE codes:
829
20
Suggestion:
Use LoadLibraryEx with one of the search flags, or call SetSearchPathMode to use a safe search path, or pass a full path to the library
/*
* Load KERNEL32 and try to get address of TryEnterCriticalSection
*/
_h_kernel32 = LoadLibrary(TEXT("KERNEL32.DLL"));
_try_enter_critical_section =
(BOOL (PT_STDCALL *)(LPCRITICAL_SECTION))
GetProcAddress(_h_kernel32,
(LPCSTR) "TryEnterCriticalSection");
Reported by FlawFinder.
Line: 77
Column: 7
CWE codes:
Suggestion:
Use InitializeCriticalSectionAndSpinCount instead
if (_try_enter_critical_section != NULL)
{
InitializeCriticalSection(&cs);
SetLastError(0);
if ((*_try_enter_critical_section)(&cs) != 0)
{
Reported by FlawFinder.
deps/w32-pthreads/tests/test.h
2 issues
Line: 142
Column: 29
CWE codes:
134
Suggestion:
Use a constant for the format specification
#endif
# define assert(e) \
((e) ? ((ASSERT_TRACE) ? fprintf(stderr, \
"Assertion succeeded: (%s), file %s, line %d\n", \
#e, __FILE__, (int) __LINE__), \
fflush(stderr) : \
0) : \
(fprintf(stderr, "Assertion failed: (%s), file %s, line %d\n", \
Reported by FlawFinder.
Line: 152
Column: 47
CWE codes:
134
Suggestion:
Use a constant for the format specification
int assertE;
# define assert_e(e, o, r) \
(((assertE = e) o (r)) ? ((ASSERT_TRACE) ? fprintf(stderr, \
"Assertion succeeded: (%s), file %s, line %d\n", \
#e, __FILE__, (int) __LINE__), \
fflush(stderr) : \
0) : \
(fprintf(stderr, "Assertion failed: (%s %s %s), file %s, line %d, error %s\n", \
Reported by FlawFinder.
deps/jansson/src/strbuffer.c
2 issues
Line: 88
Column: 9
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
if(!new_value)
return -1;
memcpy(new_value, strbuff->value, strbuff->length);
jsonp_free(strbuff->value);
strbuff->value = new_value;
strbuff->size = new_size;
}
Reported by FlawFinder.
Line: 95
Column: 5
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
strbuff->size = new_size;
}
memcpy(strbuff->value + strbuff->length, data, size);
strbuff->length += size;
strbuff->value[strbuff->length] = '\0';
return 0;
}
Reported by FlawFinder.
deps/w32-pthreads/tests/once3.c
2 issues
Line: 102
Column: 3
CWE codes:
Suggestion:
Use InitializeCriticalSectionAndSpinCount instead
pthread_t t[NUM_THREADS][NUM_ONCE];
int i, j;
InitializeCriticalSection(&numThreads.cs);
InitializeCriticalSection(&numOnce.cs);
for (j = 0; j < NUM_ONCE; j++)
{
once[j] = o;
Reported by FlawFinder.
Line: 103
Column: 3
CWE codes:
Suggestion:
Use InitializeCriticalSectionAndSpinCount instead
int i, j;
InitializeCriticalSection(&numThreads.cs);
InitializeCriticalSection(&numOnce.cs);
for (j = 0; j < NUM_ONCE; j++)
{
once[j] = o;
Reported by FlawFinder.
deps/w32-pthreads/tests/once2.c
2 issues
Line: 86
Column: 3
CWE codes:
Suggestion:
Use InitializeCriticalSectionAndSpinCount instead
pthread_t t[NUM_THREADS][NUM_ONCE];
int i, j;
InitializeCriticalSection(&numThreads.cs);
InitializeCriticalSection(&numOnce.cs);
for (j = 0; j < NUM_ONCE; j++)
{
once[j] = o;
Reported by FlawFinder.
Line: 87
Column: 3
CWE codes:
Suggestion:
Use InitializeCriticalSectionAndSpinCount instead
int i, j;
InitializeCriticalSection(&numThreads.cs);
InitializeCriticalSection(&numOnce.cs);
for (j = 0; j < NUM_ONCE; j++)
{
once[j] = o;
Reported by FlawFinder.