The following issues were found
deps/jansson/src/memory.c
2 issues
Line: 52
Column: 5
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
if(!new_str)
return NULL;
memcpy(new_str, str, len);
new_str[len] = '\0';
return new_str;
}
void json_set_alloc_funcs(json_malloc_t malloc_fn, json_free_t free_fn)
Reported by FlawFinder.
Line: 41
Column: 31
CWE codes:
126
char *jsonp_strdup(const char *str)
{
return jsonp_strndup(str, strlen(str));
}
char *jsonp_strndup(const char *str, size_t len)
{
char *new_str;
Reported by FlawFinder.
plugins/obs-outputs/ftl-stream.c
2 issues
Line: 1052
Column: 44
CWE codes:
126
obs_data_t *video_settings = obs_encoder_get_settings(video_encoder);
ingest_url = obs_service_get_url(service);
if (strncmp(ingest_url, FTL_URL_PROTOCOL, strlen(FTL_URL_PROTOCOL)) ==
0) {
dstr_copy(&stream->path, ingest_url + strlen(FTL_URL_PROTOCOL));
} else {
dstr_copy(&stream->path, ingest_url);
}
Reported by FlawFinder.
Line: 1054
Column: 41
CWE codes:
126
ingest_url = obs_service_get_url(service);
if (strncmp(ingest_url, FTL_URL_PROTOCOL, strlen(FTL_URL_PROTOCOL)) ==
0) {
dstr_copy(&stream->path, ingest_url + strlen(FTL_URL_PROTOCOL));
} else {
dstr_copy(&stream->path, ingest_url);
}
key = obs_service_get_key(service);
Reported by FlawFinder.
plugins/obs-filters/rnnoise/src/rnn.c
2 issues
Line: 105
CWE codes:
476
for (i=0;i<N;i++)
output[i] = relu(output[i]);
} else {
*(int*)0=0;
}
}
static void compute_gru(const GRULayer *gru, float *state, const float *input)
{
Reported by Cppcheck.
Line: 151
CWE codes:
476
if (gru->activation == ACTIVATION_SIGMOID) sum = sigmoid_approx(WEIGHTS_SCALE*sum);
else if (gru->activation == ACTIVATION_TANH) sum = tansig_approx(WEIGHTS_SCALE*sum);
else if (gru->activation == ACTIVATION_RELU) sum = relu(WEIGHTS_SCALE*sum);
else *(int*)0=0;
h[i] = z[i]*state[i] + (1-z[i])*sum;
}
for (i=0;i<N;i++)
state[i] = h[i];
}
Reported by Cppcheck.
plugins/obs-filters/nvafx-load.h
2 issues
Line: 145
Column: 15
CWE codes:
829
20
Suggestion:
Use LoadLibraryEx with one of the search flags, or call SetSearchPathMode to use a safe search path, or pass a full path to the library
return false;
SetDllDirectoryA(path);
nv_audiofx = LoadLibrary(L"NVAudioEffects.dll");
SetDllDirectoryA(NULL);
return !!nv_audiofx;
}
#endif
Reported by FlawFinder.
Line: 140
Column: 2
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
static bool load_lib(void)
{
char path[MAX_PATH];
if (!nvafx_get_sdk_path(path, sizeof(path)))
return false;
SetDllDirectoryA(path);
nv_audiofx = LoadLibrary(L"NVAudioEffects.dll");
Reported by FlawFinder.
deps/jansson/src/jansson.h
2 issues
Line: 138
Column: 5
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
int line;
int column;
int position;
char source[JSON_ERROR_SOURCE_LENGTH];
char text[JSON_ERROR_TEXT_LENGTH];
} json_error_t;
/* getters, setters, manipulation */
Reported by FlawFinder.
Line: 139
Column: 5
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
int column;
int position;
char source[JSON_ERROR_SOURCE_LENGTH];
char text[JSON_ERROR_TEXT_LENGTH];
} json_error_t;
/* getters, setters, manipulation */
Reported by FlawFinder.
UI/win-update/win-update-helpers.cpp
2 issues
Line: 24
Column: 18
CWE codes:
134
Suggestion:
Use a constant for the format specification
return std::string();
std::string str;
int size = (int)vsnprintf(nullptr, 0, format, args) + 1;
str.resize(size);
vsnprintf(&str[0], size, format, args);
return str;
}
Reported by FlawFinder.
Line: 26
Column: 2
CWE codes:
134
Suggestion:
Use a constant for the format specification
std::string str;
int size = (int)vsnprintf(nullptr, 0, format, args) + 1;
str.resize(size);
vsnprintf(&str[0], size, format, args);
return str;
}
std::string strprintf(const char *format, ...)
{
Reported by FlawFinder.
UI/frontend-plugins/frontend-tools/captions-mssapi.cpp
2 issues
Line: 21
Column: 2
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
LCID lang_id = LocaleNameToLCID(wlang.c_str(), 0);
wchar_t lang_str[32];
_snwprintf(lang_str, 31, L"language=%x", (int)lang_id);
stop = CreateEvent(nullptr, false, false, nullptr);
if (!stop.Valid())
throw "Failed to create event";
Reported by FlawFinder.
Line: 138
Column: 5
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
if (FAILED(hr))
continue;
char text_utf8[512];
os_wcs_to_utf8(text, 0, text_utf8, 512);
callback(text_utf8);
blog(LOG_DEBUG, "\"%s\"", text_utf8);
Reported by FlawFinder.
plugins/obs-outputs/flv-mux.c
2 issues
Line: 49
Column: 2
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
void write_file_info(FILE *file, int64_t duration_ms, int64_t size)
{
char buf[64];
char *enc = buf;
char *end = enc + sizeof(buf);
fseek(file, FLV_INFO_SIZE_OFFSET, SEEK_SET);
Reported by FlawFinder.
Line: 68
Column: 2
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
obs_encoder_t *aencoder = obs_output_get_audio_encoder(context, 0);
video_t *video = obs_encoder_video(vencoder);
audio_t *audio = obs_encoder_audio(aencoder);
char buf[4096];
char *enc = buf;
char *end = enc + sizeof(buf);
struct dstr encoder_name = {0};
enc_str(&enc, end, "@setDataFrame");
Reported by FlawFinder.
deps/w32-pthreads/tests/benchtest2.c
2 issues
Line: 207
Column: 3
CWE codes:
Suggestion:
Use InitializeCriticalSectionAndSpinCount instead
overHeadMilliSecs = durationMilliSecs;
InitializeCriticalSection(&cs1);
InitializeCriticalSection(&cs2);
EnterCriticalSection(&cs1);
EnterCriticalSection(&cs2);
running = 1;
assert(pthread_create(&worker, NULL, CSThread, NULL) == 0);
Reported by FlawFinder.
Line: 208
Column: 3
CWE codes:
Suggestion:
Use InitializeCriticalSectionAndSpinCount instead
InitializeCriticalSection(&cs1);
InitializeCriticalSection(&cs2);
EnterCriticalSection(&cs1);
EnterCriticalSection(&cs2);
running = 1;
assert(pthread_create(&worker, NULL, CSThread, NULL) == 0);
TESTSTART
Reported by FlawFinder.
UI/frontend-plugins/frontend-tools/captions-mssapi-stream.hpp
2 issues
Line: 53
// IUnknown methods
STDMETHODIMP QueryInterface(REFIID riid, void **ppv) override;
STDMETHODIMP_(ULONG) AddRef() override;
STDMETHODIMP_(ULONG) Release() override;
// ISequentialStream methods
STDMETHODIMP Read(void *data, ULONG bytes, ULONG *read_bytes) override;
STDMETHODIMP Write(const void *data, ULONG bytes,
Reported by Cppcheck.
Line: 53
// IUnknown methods
STDMETHODIMP QueryInterface(REFIID riid, void **ppv) override;
STDMETHODIMP_(ULONG) AddRef() override;
STDMETHODIMP_(ULONG) Release() override;
// ISequentialStream methods
STDMETHODIMP Read(void *data, ULONG bytes, ULONG *read_bytes) override;
STDMETHODIMP Write(const void *data, ULONG bytes,
Reported by Cppcheck.