The following issues were found
plugins/win-capture/hook-helpers.h
2 issues
Line: 32
Column: 2
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
static inline HANDLE create_event_plus_id(const wchar_t *name, DWORD id)
{
wchar_t new_name[64];
_snwprintf(new_name, 64, L"%s%lu", name, id);
return create_event(new_name);
}
static inline HANDLE create_mutex_plus_id(const wchar_t *name, DWORD id)
Reported by FlawFinder.
Line: 39
Column: 2
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
static inline HANDLE create_mutex_plus_id(const wchar_t *name, DWORD id)
{
wchar_t new_name[64];
_snwprintf(new_name, 64, L"%s%lu", name, id);
return create_mutex(new_name);
}
static inline bool object_signalled(HANDLE event)
Reported by FlawFinder.
deps/w32-pthreads/tests/once3.c
2 issues
Line: 102
Column: 3
CWE codes:
Suggestion:
Use InitializeCriticalSectionAndSpinCount instead
pthread_t t[NUM_THREADS][NUM_ONCE];
int i, j;
InitializeCriticalSection(&numThreads.cs);
InitializeCriticalSection(&numOnce.cs);
for (j = 0; j < NUM_ONCE; j++)
{
once[j] = o;
Reported by FlawFinder.
Line: 103
Column: 3
CWE codes:
Suggestion:
Use InitializeCriticalSectionAndSpinCount instead
int i, j;
InitializeCriticalSection(&numThreads.cs);
InitializeCriticalSection(&numOnce.cs);
for (j = 0; j < NUM_ONCE; j++)
{
once[j] = o;
Reported by FlawFinder.
plugins/obs-qsv11/libmfx/include/mfx_library_iterator.h
2 issues
Line: 112
Column: 5
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
mfxU32 m_vendorID; // (mfxU32) property of used graphic card
mfxU32 m_deviceID; // (mfxU32) property of used graphic card
bool m_bIsSubKeyValid;
wchar_t m_SubKeyName[MFX_MAX_REGISTRY_KEY_NAME]; // registry subkey for selected module loaded
int m_StorageID;
#if !defined(MEDIASDK_UWP_DISPATCHER)
WinRegKey m_baseRegKey; // (WinRegKey) main registry key
#endif
Reported by FlawFinder.
Line: 122
Column: 5
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
mfxU32 m_lastLibIndex; // (mfxU32) index of previously returned library
mfxU32 m_lastLibMerit; // (mfxU32) merit of previously returned library
wchar_t m_path[msdk_disp_path_len];
DriverStoreLoader m_driverStoreLoader; // for loading MediaSDK from DriverStore
private:
// unimplemented by intent to make this class non-copyable
Reported by FlawFinder.
deps/w32-pthreads/ptw32_OLL_lock.c
2 issues
Line: 125
Column: 8
CWE codes:
362
struct ptw32_oll_queryResult_t_
{
BOOL nonZero;
BOOL open;
};
union ptw32_oll_snziNodeOrRoot_t_
{
ptw32_oll_snziRoot_t* rootPtr;
Reported by FlawFinder.
Line: 587
Column: 49
CWE codes:
362
else
{
/* Wait until node is properly recycled */
while (ptw32_oll_Query(oldTailPtr->csnzi).open);
/*
* Close C-SNZI of previous reader node.
* If there are no readers to signal us, spin on
* previous node and free it before entering
* critical section.
Reported by FlawFinder.
deps/w32-pthreads/tests/test.h
2 issues
Line: 142
Column: 29
CWE codes:
134
Suggestion:
Use a constant for the format specification
#endif
# define assert(e) \
((e) ? ((ASSERT_TRACE) ? fprintf(stderr, \
"Assertion succeeded: (%s), file %s, line %d\n", \
#e, __FILE__, (int) __LINE__), \
fflush(stderr) : \
0) : \
(fprintf(stderr, "Assertion failed: (%s), file %s, line %d\n", \
Reported by FlawFinder.
Line: 152
Column: 47
CWE codes:
134
Suggestion:
Use a constant for the format specification
int assertE;
# define assert_e(e, o, r) \
(((assertE = e) o (r)) ? ((ASSERT_TRACE) ? fprintf(stderr, \
"Assertion succeeded: (%s), file %s, line %d\n", \
#e, __FILE__, (int) __LINE__), \
fflush(stderr) : \
0) : \
(fprintf(stderr, "Assertion failed: (%s %s %s), file %s, line %d, error %s\n", \
Reported by FlawFinder.
deps/w32-pthreads/tests/tryentercs.c
2 issues
Line: 69
Column: 17
CWE codes:
829
20
Suggestion:
Use LoadLibraryEx with one of the search flags, or call SetSearchPathMode to use a safe search path, or pass a full path to the library
/*
* Load KERNEL32 and try to get address of TryEnterCriticalSection
*/
_h_kernel32 = LoadLibrary(TEXT("KERNEL32.DLL"));
_try_enter_critical_section =
(BOOL (PT_STDCALL *)(LPCRITICAL_SECTION))
GetProcAddress(_h_kernel32,
(LPCSTR) "TryEnterCriticalSection");
Reported by FlawFinder.
Line: 77
Column: 7
CWE codes:
Suggestion:
Use InitializeCriticalSectionAndSpinCount instead
if (_try_enter_critical_section != NULL)
{
InitializeCriticalSection(&cs);
SetLastError(0);
if ((*_try_enter_critical_section)(&cs) != 0)
{
Reported by FlawFinder.
libobs/util/simde/hedley.h
2 issues
Line: 1421
Column: 22
CWE codes:
134
Suggestion:
Use a constant for the format specification
__attribute__((__format__(__printf__, string_idx, first_to_check)))
#elif HEDLEY_PELLES_VERSION_CHECK(6, 0, 0)
#define HEDLEY_PRINTF_FORMAT(string_idx, first_to_check) \
__declspec(vaformat(printf, string_idx, first_to_check))
#else
#define HEDLEY_PRINTF_FORMAT(string_idx, first_to_check)
#endif
#if defined(HEDLEY_CONSTEXPR)
Reported by FlawFinder.
Line: 1897
Column: 4
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
defined(HEDLEY_TI_CLPRU_VERSION) || defined(__clang__)
#define HEDLEY_IS_CONSTEXPR_(expr) \
(sizeof(void) != sizeof(*(1 ? ((void *)((expr)*0L)) : ((struct { \
char v[sizeof(void) * 2]; \
} *)1))))
#endif
#endif
#if defined(HEDLEY_IS_CONSTEXPR_)
#if !defined(HEDLEY_IS_CONSTANT)
Reported by FlawFinder.
plugins/win-dshow/tiny-nv12-scale.c
2 issues
Line: 108
Column: 2
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
const int size = s->src_cx * s->src_cy;
const int size_d4 = size / 4;
memcpy(dst_start, src_start, size);
register uint8_t *dst1 = dst_start + size;
register uint8_t *dst2 = dst1 + size_d4;
register uint8_t *dst_end = dst2 + size_d4;
register const uint8_t *src = src_start + size;
Reported by FlawFinder.
Line: 198
Column: 4
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
else if (s->format == TARGET_FORMAT_YUY2)
nv12_convert_to_yuy2(s, dst, src);
else
memcpy(dst, src, s->src_cx * s->src_cy * 3 / 2);
} else {
if (s->format == TARGET_FORMAT_I420)
nv12_scale_nearest_to_i420(s, dst, src);
else if (s->format == TARGET_FORMAT_YUY2)
nv12_scale_nearest_to_yuy2(s, dst, src);
Reported by FlawFinder.
UI/obf.c
2 issues
Line: 16
CWE codes:
758
int pos = i / 2;
bool bottom = (i % 2) == 0;
uint8_t *ch = (uint8_t *)str;
uint8_t xor = bottom ? LOWER_HALFBYTE(dec_val[pos])
: UPPER_HALFBYTE(dec_val[pos]);
*ch ^= xor;
if (++i == sizeof(uint64_t) * 2)
Reported by Cppcheck.
Line: 17
CWE codes:
758
bool bottom = (i % 2) == 0;
uint8_t *ch = (uint8_t *)str;
uint8_t xor = bottom ? LOWER_HALFBYTE(dec_val[pos])
: UPPER_HALFBYTE(dec_val[pos]);
*ch ^= xor;
if (++i == sizeof(uint64_t) * 2)
i = 0;
Reported by Cppcheck.
plugins/obs-qsv11/libmfx/include/mfx_dispatcher_defs.h
2 issues
Line: 35
Column: 36
CWE codes:
120
Suggestion:
Consider using a function version that stops copying at the end of the buffer
#define MAX_PLUGIN_NAME 4096
#if _MSC_VER < 1400
#define wcscpy_s(to,to_size, from) wcscpy(to, from)
#define wcscat_s(to,to_size, from) wcscat(to, from)
#endif
// declare library module's handle
typedef void * mfxModuleHandle;
Reported by FlawFinder.
Line: 36
Column: 36
CWE codes:
120
#if _MSC_VER < 1400
#define wcscpy_s(to,to_size, from) wcscpy(to, from)
#define wcscat_s(to,to_size, from) wcscat(to, from)
#endif
// declare library module's handle
typedef void * mfxModuleHandle;
Reported by FlawFinder.