The following issues were found
plugins/obs-outputs/librtmp/amf.c
24 issues
Line: 89
CWE codes:
758
ci = (unsigned char *)data;
co = (unsigned char *)&dVal;
co[0] = ci[7];
co[1] = ci[6];
co[2] = ci[5];
co[3] = ci[4];
co[4] = ci[3];
co[5] = ci[2];
co[6] = ci[1];
Reported by Cppcheck.
Line: 90
CWE codes:
758
co = (unsigned char *)&dVal;
co[0] = ci[7];
co[1] = ci[6];
co[2] = ci[5];
co[3] = ci[4];
co[4] = ci[3];
co[5] = ci[2];
co[6] = ci[1];
co[7] = ci[0];
Reported by Cppcheck.
Line: 91
CWE codes:
758
co[0] = ci[7];
co[1] = ci[6];
co[2] = ci[5];
co[3] = ci[4];
co[4] = ci[3];
co[5] = ci[2];
co[6] = ci[1];
co[7] = ci[0];
#endif
Reported by Cppcheck.
Line: 92
CWE codes:
758
co[1] = ci[6];
co[2] = ci[5];
co[3] = ci[4];
co[4] = ci[3];
co[5] = ci[2];
co[6] = ci[1];
co[7] = ci[0];
#endif
#else
Reported by Cppcheck.
Line: 93
CWE codes:
758
co[2] = ci[5];
co[3] = ci[4];
co[4] = ci[3];
co[5] = ci[2];
co[6] = ci[1];
co[7] = ci[0];
#endif
#else
#if __BYTE_ORDER == __LITTLE_ENDIAN /* __FLOAT_WORD_ORER == __BIG_ENDIAN */
Reported by Cppcheck.
Line: 94
CWE codes:
758
co[3] = ci[4];
co[4] = ci[3];
co[5] = ci[2];
co[6] = ci[1];
co[7] = ci[0];
#endif
#else
#if __BYTE_ORDER == __LITTLE_ENDIAN /* __FLOAT_WORD_ORER == __BIG_ENDIAN */
unsigned char *ci, *co;
Reported by Cppcheck.
Line: 95
CWE codes:
758
co[4] = ci[3];
co[5] = ci[2];
co[6] = ci[1];
co[7] = ci[0];
#endif
#else
#if __BYTE_ORDER == __LITTLE_ENDIAN /* __FLOAT_WORD_ORER == __BIG_ENDIAN */
unsigned char *ci, *co;
ci = (unsigned char *)data;
Reported by Cppcheck.
Line: 210
CWE codes:
758
unsigned char *ci, *co;
ci = (unsigned char *)&dVal;
co = (unsigned char *)output;
co[0] = ci[7];
co[1] = ci[6];
co[2] = ci[5];
co[3] = ci[4];
co[4] = ci[3];
co[5] = ci[2];
Reported by Cppcheck.
Line: 211
CWE codes:
758
ci = (unsigned char *)&dVal;
co = (unsigned char *)output;
co[0] = ci[7];
co[1] = ci[6];
co[2] = ci[5];
co[3] = ci[4];
co[4] = ci[3];
co[5] = ci[2];
co[6] = ci[1];
Reported by Cppcheck.
Line: 212
CWE codes:
758
co = (unsigned char *)output;
co[0] = ci[7];
co[1] = ci[6];
co[2] = ci[5];
co[3] = ci[4];
co[4] = ci[3];
co[5] = ci[2];
co[6] = ci[1];
co[7] = ci[0];
Reported by Cppcheck.
deps/jansson/test/bin/json_process.c
23 issues
Line: 134
Column: 5
CWE codes:
120
Suggestion:
Use sprintf_s, snprintf, or vsnprintf
int ret;
FILE *file;
sprintf(filename, "%s%c%s", path, dir_sep, fname);
file = fopen(filename, "rb");
if (!file) {
if (conf.strip)
strcat(filename, ".strip");
else
Reported by FlawFinder.
Line: 169
Column: 5
CWE codes:
120
Suggestion:
Use sprintf_s, snprintf, or vsnprintf
json_t *json;
json_error_t error;
sprintf(filename, "%s%cinput", test_path, dir_sep);
if (!(infile = fopen(filename, "rb"))) {
fprintf(stderr, "Could not open \"%s\"\n", filename);
return 2;
}
Reported by FlawFinder.
Line: 175
Column: 5
CWE codes:
120
Suggestion:
Use sprintf_s, snprintf, or vsnprintf
return 2;
}
sprintf(filename, "%s%cenv", test_path, dir_sep);
conffile = fopen(filename, "rb");
if (conffile) {
read_conf(conffile);
fclose(conffile);
}
Reported by FlawFinder.
Line: 226
Column: 9
CWE codes:
120
Suggestion:
Use sprintf_s, snprintf, or vsnprintf
fclose(infile);
if (!json) {
sprintf(errstr, "%d %d %d\n%s\n",
error.line, error.column, error.position,
error.text);
ret = cmpfile(errstr, test_path, "error");
return ret;
Reported by FlawFinder.
Line: 247
Column: 13
CWE codes:
807
20
Suggestion:
Check environment variables carefully before using them
char *value, *end;
long result;
value = getenv(name);
if(!value)
return 0;
result = strtol(value, &end, 10);
if(*end != '\0')
Reported by FlawFinder.
Line: 299
Column: 8
CWE codes:
807
20
Suggestion:
Check environment variables carefully before using them
return 2;
}
if(getenv("HASHSEED"))
json_object_seed(getenv_int("HASHSEED"));
if(precision > 0)
flags |= JSON_REAL_PRECISION(precision);
Reported by FlawFinder.
Line: 103
Column: 27
CWE codes:
190
Suggestion:
If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended)
*val++ = '\0';
if (!strcmp(line, "JSON_INDENT"))
conf.indent = atoi(val);
if (!strcmp(line, "JSON_COMPACT"))
conf.compact = atoi(val);
if (!strcmp(line, "JSON_ENSURE_ASCII"))
conf.ensure_ascii = atoi(val);
if (!strcmp(line, "JSON_PRESERVE_ORDER"))
Reported by FlawFinder.
Line: 105
Column: 28
CWE codes:
190
Suggestion:
If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended)
if (!strcmp(line, "JSON_INDENT"))
conf.indent = atoi(val);
if (!strcmp(line, "JSON_COMPACT"))
conf.compact = atoi(val);
if (!strcmp(line, "JSON_ENSURE_ASCII"))
conf.ensure_ascii = atoi(val);
if (!strcmp(line, "JSON_PRESERVE_ORDER"))
conf.preserve_order = atoi(val);
if (!strcmp(line, "JSON_SORT_KEYS"))
Reported by FlawFinder.
Line: 107
Column: 33
CWE codes:
190
Suggestion:
If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended)
if (!strcmp(line, "JSON_COMPACT"))
conf.compact = atoi(val);
if (!strcmp(line, "JSON_ENSURE_ASCII"))
conf.ensure_ascii = atoi(val);
if (!strcmp(line, "JSON_PRESERVE_ORDER"))
conf.preserve_order = atoi(val);
if (!strcmp(line, "JSON_SORT_KEYS"))
conf.sort_keys = atoi(val);
if (!strcmp(line, "JSON_REAL_PRECISION"))
Reported by FlawFinder.
Line: 109
Column: 35
CWE codes:
190
Suggestion:
If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended)
if (!strcmp(line, "JSON_ENSURE_ASCII"))
conf.ensure_ascii = atoi(val);
if (!strcmp(line, "JSON_PRESERVE_ORDER"))
conf.preserve_order = atoi(val);
if (!strcmp(line, "JSON_SORT_KEYS"))
conf.sort_keys = atoi(val);
if (!strcmp(line, "JSON_REAL_PRECISION"))
conf.precision = atoi(val);
if (!strcmp(line, "STRIP"))
Reported by FlawFinder.
deps/jansson/doc/ext/refcounting.py
22 issues
Line: 26
Column: 1
:license: MIT, see LICENSE for details.
"""
from docutils import nodes
class refcounting(nodes.emphasis): pass
def visit(self, node):
self.visit_emphasis(node)
Reported by Pylint.
Line: 50
Column: 15
elif arguments[0] == 'new':
text = 'Return value: New reference.'
else:
raise Error('Valid arguments: new, borrow')
return [refcounting(text, text)]
def setup(app):
app.add_node(refcounting,
Reported by Pylint.
Line: 39
Column: 23
def html_visit(self, node):
self.body.append(self.starttag(node, 'em', '', CLASS='refcount'))
def html_depart(self, node):
self.body.append('</em>')
def refcounting_directive(name, arguments, options, content, lineno,
content_offset, block_text, state, state_machine):
Reported by Pylint.
Line: 43
Column: 44
self.body.append('</em>')
def refcounting_directive(name, arguments, options, content, lineno,
content_offset, block_text, state, state_machine):
if arguments[0] == 'borrow':
text = 'Return value: Borrowed reference.'
elif arguments[0] == 'new':
text = 'Return value: New reference.'
Reported by Pylint.
Line: 43
Column: 53
self.body.append('</em>')
def refcounting_directive(name, arguments, options, content, lineno,
content_offset, block_text, state, state_machine):
if arguments[0] == 'borrow':
text = 'Return value: Borrowed reference.'
elif arguments[0] == 'new':
text = 'Return value: New reference.'
Reported by Pylint.
Line: 43
Column: 62
self.body.append('</em>')
def refcounting_directive(name, arguments, options, content, lineno,
content_offset, block_text, state, state_machine):
if arguments[0] == 'borrow':
text = 'Return value: Borrowed reference.'
elif arguments[0] == 'new':
text = 'Return value: New reference.'
Reported by Pylint.
Line: 43
Column: 27
self.body.append('</em>')
def refcounting_directive(name, arguments, options, content, lineno,
content_offset, block_text, state, state_machine):
if arguments[0] == 'borrow':
text = 'Return value: Borrowed reference.'
elif arguments[0] == 'new':
text = 'Return value: New reference.'
Reported by Pylint.
Line: 44
Column: 36
def refcounting_directive(name, arguments, options, content, lineno,
content_offset, block_text, state, state_machine):
if arguments[0] == 'borrow':
text = 'Return value: Borrowed reference.'
elif arguments[0] == 'new':
text = 'Return value: New reference.'
else:
Reported by Pylint.
Line: 44
Column: 48
def refcounting_directive(name, arguments, options, content, lineno,
content_offset, block_text, state, state_machine):
if arguments[0] == 'borrow':
text = 'Return value: Borrowed reference.'
elif arguments[0] == 'new':
text = 'Return value: New reference.'
else:
Reported by Pylint.
Line: 44
Column: 55
def refcounting_directive(name, arguments, options, content, lineno,
content_offset, block_text, state, state_machine):
if arguments[0] == 'borrow':
text = 'Return value: Borrowed reference.'
elif arguments[0] == 'new':
text = 'Return value: New reference.'
else:
Reported by Pylint.
libobs/util/utf8.c
20 issues
Line: 326
CWE codes:
758
case 2:
p[1] = _NXT | (oc[0] & 0x3f);
p[0] = _SEQ2 | (oc[0] >> 6) | ((oc[1] & 0x07) << 2);
break;
case 3:
p[2] = _NXT | (oc[0] & 0x3f);
p[1] = _NXT | (oc[0] >> 6) | ((oc[1] & 0x0f) << 2);
Reported by Cppcheck.
Line: 331
CWE codes:
758
case 3:
p[2] = _NXT | (oc[0] & 0x3f);
p[1] = _NXT | (oc[0] >> 6) | ((oc[1] & 0x0f) << 2);
p[0] = _SEQ3 | ((oc[1] & 0xf0) >> 4);
break;
case 4:
p[3] = _NXT | (oc[0] & 0x3f);
Reported by Cppcheck.
Line: 332
CWE codes:
758
case 3:
p[2] = _NXT | (oc[0] & 0x3f);
p[1] = _NXT | (oc[0] >> 6) | ((oc[1] & 0x0f) << 2);
p[0] = _SEQ3 | ((oc[1] & 0xf0) >> 4);
break;
case 4:
p[3] = _NXT | (oc[0] & 0x3f);
p[2] = _NXT | (oc[0] >> 6) | ((oc[1] & 0x0f) << 2);
Reported by Cppcheck.
Line: 337
CWE codes:
758
case 4:
p[3] = _NXT | (oc[0] & 0x3f);
p[2] = _NXT | (oc[0] >> 6) | ((oc[1] & 0x0f) << 2);
p[1] = _NXT | ((oc[1] & 0xf0) >> 4) |
((oc[2] & 0x03) << 4);
p[0] = _SEQ4 | ((oc[2] & 0x1f) >> 2);
break;
Reported by Cppcheck.
Line: 338
CWE codes:
758
case 4:
p[3] = _NXT | (oc[0] & 0x3f);
p[2] = _NXT | (oc[0] >> 6) | ((oc[1] & 0x0f) << 2);
p[1] = _NXT | ((oc[1] & 0xf0) >> 4) |
((oc[2] & 0x03) << 4);
p[0] = _SEQ4 | ((oc[2] & 0x1f) >> 2);
break;
case 5:
Reported by Cppcheck.
Line: 339
CWE codes:
758
p[3] = _NXT | (oc[0] & 0x3f);
p[2] = _NXT | (oc[0] >> 6) | ((oc[1] & 0x0f) << 2);
p[1] = _NXT | ((oc[1] & 0xf0) >> 4) |
((oc[2] & 0x03) << 4);
p[0] = _SEQ4 | ((oc[2] & 0x1f) >> 2);
break;
case 5:
p[4] = _NXT | (oc[0] & 0x3f);
Reported by Cppcheck.
Line: 340
CWE codes:
758
p[2] = _NXT | (oc[0] >> 6) | ((oc[1] & 0x0f) << 2);
p[1] = _NXT | ((oc[1] & 0xf0) >> 4) |
((oc[2] & 0x03) << 4);
p[0] = _SEQ4 | ((oc[2] & 0x1f) >> 2);
break;
case 5:
p[4] = _NXT | (oc[0] & 0x3f);
p[3] = _NXT | (oc[0] >> 6) | ((oc[1] & 0x0f) << 2);
Reported by Cppcheck.
Line: 345
CWE codes:
758
case 5:
p[4] = _NXT | (oc[0] & 0x3f);
p[3] = _NXT | (oc[0] >> 6) | ((oc[1] & 0x0f) << 2);
p[2] = _NXT | ((oc[1] & 0xf0) >> 4) |
((oc[2] & 0x03) << 4);
p[1] = _NXT | (oc[2] >> 2);
p[0] = _SEQ5 | (oc[3] & 0x03);
break;
Reported by Cppcheck.
Line: 346
CWE codes:
758
case 5:
p[4] = _NXT | (oc[0] & 0x3f);
p[3] = _NXT | (oc[0] >> 6) | ((oc[1] & 0x0f) << 2);
p[2] = _NXT | ((oc[1] & 0xf0) >> 4) |
((oc[2] & 0x03) << 4);
p[1] = _NXT | (oc[2] >> 2);
p[0] = _SEQ5 | (oc[3] & 0x03);
break;
Reported by Cppcheck.
Line: 347
CWE codes:
758
p[4] = _NXT | (oc[0] & 0x3f);
p[3] = _NXT | (oc[0] >> 6) | ((oc[1] & 0x0f) << 2);
p[2] = _NXT | ((oc[1] & 0xf0) >> 4) |
((oc[2] & 0x03) << 4);
p[1] = _NXT | (oc[2] >> 2);
p[0] = _SEQ5 | (oc[3] & 0x03);
break;
case 6:
Reported by Cppcheck.
plugins/win-capture/game-capture.c
18 issues
Line: 223
Column: 2
CWE codes:
134
Suggestion:
Make format string constant
const wchar_t *name, DWORD id)
{
wchar_t new_name[64];
swprintf(new_name, 64, L"%s%lu", name, id);
debug("map id: %S", new_name);
return gc->is_app ? open_app_map(gc->app_sid, new_name)
: OpenFileMappingW(GC_MAPPING_FLAGS, false, new_name);
Reported by FlawFinder.
Line: 654
Column: 2
CWE codes:
134
Suggestion:
Make format string constant
static inline bool init_keepalive(struct game_capture *gc)
{
wchar_t new_name[64];
swprintf(new_name, 64, WINDOW_HOOK_KEEPALIVE L"%lu", gc->process_id);
gc->keepalive_mutex = gc->is_app
? create_app_mutex(gc->app_sid, new_name)
: CreateMutexW(NULL, false, new_name);
if (!gc->keepalive_mutex) {
Reported by FlawFinder.
Line: 774
Column: 2
CWE codes:
120
Suggestion:
Use sprintf_s, snprintf, or vsnprintf
static inline bool init_pipe(struct game_capture *gc)
{
char name[64];
sprintf(name, "%s%lu", PIPE_NAME, gc->process_id);
if (!ipc_pipe_server_start(&gc->pipe, name, pipe_log, gc)) {
warn("init_pipe: failed to start pipe");
return false;
}
Reported by FlawFinder.
Line: 852
Column: 2
CWE codes:
134
Suggestion:
Make format string constant
si.cb = sizeof(si);
swprintf(command_line_w, 4096, L"\"%s\" \"%s\" %lu %lu", inject_path_w,
hook_dll_w, (unsigned long)anti_cheat,
anti_cheat ? gc->thread_id : gc->process_id);
success = !!CreateProcessW(inject_path_w, command_line_w, NULL, NULL,
false, CREATE_NO_WINDOW, NULL, NULL, &si,
Reported by FlawFinder.
Line: 950
Column: 3
CWE codes:
120
Suggestion:
Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused)
return false;
for (const char **vals = blacklisted_exes; *vals; vals++) {
strcpy(cur_exe, *vals);
strcat(cur_exe, ".exe");
if (strcmpi(cur_exe, exe) == 0)
return true;
}
Reported by FlawFinder.
Line: 1220
Column: 2
CWE codes:
134
Suggestion:
Make format string constant
static inline bool init_data_map(struct game_capture *gc, HWND window)
{
wchar_t name[64];
swprintf(name, 64, SHMEM_TEXTURE "_%" PRIu64 "_",
(uint64_t)(uintptr_t)window);
gc->hook_data_map =
open_map_plus_id(gc, name, gc->global_hook_info->map_id);
return !!gc->hook_data_map;
Reported by FlawFinder.
Line: 194
Column: 2
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
static inline HANDLE open_mutex_plus_id(struct game_capture *gc,
const wchar_t *name, DWORD id)
{
wchar_t new_name[64];
_snwprintf(new_name, 64, L"%s%lu", name, id);
return gc->is_app ? open_app_mutex(gc->app_sid, new_name)
: open_mutex(new_name);
}
Reported by FlawFinder.
Line: 208
Column: 2
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
static inline HANDLE open_event_plus_id(struct game_capture *gc,
const wchar_t *name, DWORD id)
{
wchar_t new_name[64];
_snwprintf(new_name, 64, L"%s%lu", name, id);
return gc->is_app ? open_app_event(gc->app_sid, new_name)
: open_event(new_name);
}
Reported by FlawFinder.
Line: 222
Column: 2
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
static inline HANDLE open_map_plus_id(struct game_capture *gc,
const wchar_t *name, DWORD id)
{
wchar_t new_name[64];
swprintf(new_name, 64, L"%s%lu", name, id);
debug("map id: %S", new_name);
return gc->is_app ? open_app_map(gc->app_sid, new_name)
Reported by FlawFinder.
Line: 653
Column: 2
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
static inline bool init_keepalive(struct game_capture *gc)
{
wchar_t new_name[64];
swprintf(new_name, 64, WINDOW_HOOK_KEEPALIVE L"%lu", gc->process_id);
gc->keepalive_mutex = gc->is_app
? create_app_mutex(gc->app_sid, new_name)
: CreateMutexW(NULL, false, new_name);
Reported by FlawFinder.
UI/window-basic-main.cpp
18 issues
Line: 149
Column: 23
CWE codes:
807
20
Suggestion:
Check environment variables carefully before using them
static void AddExtraModulePaths()
{
char *plugins_path = getenv("OBS_PLUGINS_PATH");
char *plugins_data_path = getenv("OBS_PLUGINS_DATA_PATH");
if (plugins_path && plugins_data_path) {
string data_path_with_module_suffix;
data_path_with_module_suffix += plugins_data_path;
data_path_with_module_suffix += "/%module%";
Reported by FlawFinder.
Line: 150
Column: 28
CWE codes:
807
20
Suggestion:
Check environment variables carefully before using them
static void AddExtraModulePaths()
{
char *plugins_path = getenv("OBS_PLUGINS_PATH");
char *plugins_data_path = getenv("OBS_PLUGINS_DATA_PATH");
if (plugins_path && plugins_data_path) {
string data_path_with_module_suffix;
data_path_with_module_suffix += plugins_data_path;
data_path_with_module_suffix += "/%module%";
obs_add_module_path(plugins_path,
Reported by FlawFinder.
Line: 159
Column: 2
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
data_path_with_module_suffix.c_str());
}
char base_module_dir[512];
#if defined(_WIN32) || defined(__APPLE__)
int ret = GetProgramDataPath(base_module_dir, sizeof(base_module_dir),
"obs-studio/plugins/%module%");
#else
int ret = GetConfigPath(base_module_dir, sizeof(base_module_dir),
Reported by FlawFinder.
Line: 264
Column: 2
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
copyActionsDynamicProperties();
char styleSheetPath[512];
int ret = GetProfilePath(styleSheetPath, sizeof(styleSheetPath),
"stylesheet.qss");
if (ret > 0) {
if (QFile::exists(styleSheetPath)) {
QString path =
Reported by FlawFinder.
Line: 1217
Column: 2
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
if (!service)
return;
char serviceJsonPath[512];
int ret = GetProfilePath(serviceJsonPath, sizeof(serviceJsonPath),
SERVICE_PATH);
if (ret <= 0)
return;
Reported by FlawFinder.
Line: 1240
Column: 2
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
{
const char *type;
char serviceJsonPath[512];
int ret = GetProfilePath(serviceJsonPath, sizeof(serviceJsonPath),
SERVICE_PATH);
if (ret <= 0)
return false;
Reported by FlawFinder.
Line: 1545
Column: 2
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
{
ProfileScope("OBSBasic::InitBasicConfig");
char configPath[512];
int ret = GetProfilePath(configPath, sizeof(configPath), "");
if (ret <= 0) {
OBSErrorBox(nullptr, "Failed to get profile path");
return false;
Reported by FlawFinder.
Line: 1737
Column: 2
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
const char *sceneCollection = config_get_string(
App()->GlobalConfig(), "Basic", "SceneCollectionFile");
char savePath[1024];
char fileName[1024];
int ret;
if (!sceneCollection)
throw "Failed to get scene collection name";
Reported by FlawFinder.
Line: 1738
Column: 2
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
const char *sceneCollection = config_get_string(
App()->GlobalConfig(), "Basic", "SceneCollectionFile");
char savePath[1024];
char fileName[1024];
int ret;
if (!sceneCollection)
throw "Failed to get scene collection name";
Reported by FlawFinder.
Line: 2732
Column: 2
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
const char *sceneCollection = config_get_string(
App()->GlobalConfig(), "Basic", "SceneCollectionFile");
char savePath[1024];
char fileName[1024];
int ret;
if (!sceneCollection)
return;
Reported by FlawFinder.
plugins/text-freetype2/text-functionality.c
18 issues
Line: 486
Column: 13
CWE codes:
362
bool utf16 = false;
tmp_file = fopen(filename, "rb");
if (tmp_file == NULL) {
if (!srcdata->file_load_failed) {
blog(LOG_WARNING, "Failed to open file %s", filename);
srcdata->file_load_failed = true;
}
Reported by FlawFinder.
Line: 50
Column: 15
CWE codes:
126
0.0f);
draw_uv_vbuffer(srcdata->vbuf, srcdata->tex,
srcdata->draw_effect,
(uint32_t)wcslen(srcdata->text) * 6);
}
gs_matrix_identity();
gs_matrix_pop();
vdata->colors = tmp;
Reported by FlawFinder.
Line: 74
Column: 14
CWE codes:
126
gs_matrix_push();
gs_matrix_translate3f(4.0f, 4.0f, 0.0f);
draw_uv_vbuffer(srcdata->vbuf, srcdata->tex, srcdata->draw_effect,
(uint32_t)wcslen(srcdata->text) * 6);
gs_matrix_identity();
gs_matrix_pop();
vdata->colors = tmp;
}
Reported by FlawFinder.
Line: 109
Column: 31
CWE codes:
126
}
srcdata->vbuf =
create_uv_vbuffer((uint32_t)wcslen(srcdata->text) * 6, true);
if (srcdata->custom_width <= 100)
goto skip_word_wrap;
if (!srcdata->word_wrap)
goto skip_word_wrap;
Reported by FlawFinder.
Line: 116
Column: 8
CWE codes:
126
if (!srcdata->word_wrap)
goto skip_word_wrap;
len = wcslen(srcdata->text);
for (uint32_t i = 0; i <= len; i++) {
if (i == wcslen(srcdata->text))
goto eos_check;
Reported by FlawFinder.
Line: 119
Column: 12
CWE codes:
126
len = wcslen(srcdata->text);
for (uint32_t i = 0; i <= len; i++) {
if (i == wcslen(srcdata->text))
goto eos_check;
if (srcdata->text[i] != L' ' && srcdata->text[i] != L'\n')
goto next_char;
Reported by FlawFinder.
Line: 131
Column: 12
CWE codes:
126
srcdata->text[space_pos] = L'\n';
x = 0;
}
if (i == wcslen(srcdata->text))
goto eos_skip;
x += word_width;
word_width = 0;
if (srcdata->text[i] == L'\n')
Reported by FlawFinder.
Line: 166
Column: 15
CWE codes:
126
uint32_t dx = 0, dy = srcdata->max_h, max_y = dy;
uint32_t cur_glyph = 0;
uint32_t offset = 0;
size_t len = wcslen(srcdata->text);
if (srcdata->outline_text) {
offset = 2;
dx = offset;
}
Reported by FlawFinder.
Line: 178
Column: 30
CWE codes:
126
srcdata->colorbuf = NULL;
}
srcdata->colorbuf =
bzalloc(sizeof(uint32_t) * wcslen(srcdata->text) * 6);
for (size_t i = 0; i < len * 6; i++) {
srcdata->colorbuf[i] = 0xFF000000;
}
for (size_t i = 0; i < len; i++) {
Reported by FlawFinder.
Line: 190
Column: 12
CWE codes:
126
dx = offset;
i++;
dy += srcdata->max_h + 4;
if (i == wcslen(srcdata->text))
goto skip_glyph;
if (srcdata->text[i] == L'\n')
goto add_linebreak;
draw_glyph:;
// Skip filthy dual byte Windows line breaks
Reported by FlawFinder.
libobs/media-io/video-frame.c
17 issues
Line: 225
Column: 3
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
return;
case VIDEO_FORMAT_I420:
memcpy(dst->data[0], src->data[0], src->linesize[0] * cy);
memcpy(dst->data[1], src->data[1], src->linesize[1] * cy / 2);
memcpy(dst->data[2], src->data[2], src->linesize[2] * cy / 2);
break;
case VIDEO_FORMAT_NV12:
Reported by FlawFinder.
Line: 226
Column: 3
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
case VIDEO_FORMAT_I420:
memcpy(dst->data[0], src->data[0], src->linesize[0] * cy);
memcpy(dst->data[1], src->data[1], src->linesize[1] * cy / 2);
memcpy(dst->data[2], src->data[2], src->linesize[2] * cy / 2);
break;
case VIDEO_FORMAT_NV12:
memcpy(dst->data[0], src->data[0], src->linesize[0] * cy);
Reported by FlawFinder.
Line: 227
Column: 3
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
case VIDEO_FORMAT_I420:
memcpy(dst->data[0], src->data[0], src->linesize[0] * cy);
memcpy(dst->data[1], src->data[1], src->linesize[1] * cy / 2);
memcpy(dst->data[2], src->data[2], src->linesize[2] * cy / 2);
break;
case VIDEO_FORMAT_NV12:
memcpy(dst->data[0], src->data[0], src->linesize[0] * cy);
memcpy(dst->data[1], src->data[1], src->linesize[1] * cy / 2);
Reported by FlawFinder.
Line: 231
Column: 3
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
break;
case VIDEO_FORMAT_NV12:
memcpy(dst->data[0], src->data[0], src->linesize[0] * cy);
memcpy(dst->data[1], src->data[1], src->linesize[1] * cy / 2);
break;
case VIDEO_FORMAT_Y800:
case VIDEO_FORMAT_YVYU:
Reported by FlawFinder.
Line: 232
Column: 3
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
case VIDEO_FORMAT_NV12:
memcpy(dst->data[0], src->data[0], src->linesize[0] * cy);
memcpy(dst->data[1], src->data[1], src->linesize[1] * cy / 2);
break;
case VIDEO_FORMAT_Y800:
case VIDEO_FORMAT_YVYU:
case VIDEO_FORMAT_YUY2:
Reported by FlawFinder.
Line: 244
Column: 3
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
case VIDEO_FORMAT_BGRX:
case VIDEO_FORMAT_BGR3:
case VIDEO_FORMAT_AYUV:
memcpy(dst->data[0], src->data[0], src->linesize[0] * cy);
break;
case VIDEO_FORMAT_I444:
case VIDEO_FORMAT_I422:
memcpy(dst->data[0], src->data[0], src->linesize[0] * cy);
Reported by FlawFinder.
Line: 249
Column: 3
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
case VIDEO_FORMAT_I444:
case VIDEO_FORMAT_I422:
memcpy(dst->data[0], src->data[0], src->linesize[0] * cy);
memcpy(dst->data[1], src->data[1], src->linesize[1] * cy);
memcpy(dst->data[2], src->data[2], src->linesize[2] * cy);
break;
case VIDEO_FORMAT_I40A:
Reported by FlawFinder.
Line: 250
Column: 3
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
case VIDEO_FORMAT_I444:
case VIDEO_FORMAT_I422:
memcpy(dst->data[0], src->data[0], src->linesize[0] * cy);
memcpy(dst->data[1], src->data[1], src->linesize[1] * cy);
memcpy(dst->data[2], src->data[2], src->linesize[2] * cy);
break;
case VIDEO_FORMAT_I40A:
memcpy(dst->data[0], src->data[0], src->linesize[0] * cy);
Reported by FlawFinder.
Line: 251
Column: 3
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
case VIDEO_FORMAT_I422:
memcpy(dst->data[0], src->data[0], src->linesize[0] * cy);
memcpy(dst->data[1], src->data[1], src->linesize[1] * cy);
memcpy(dst->data[2], src->data[2], src->linesize[2] * cy);
break;
case VIDEO_FORMAT_I40A:
memcpy(dst->data[0], src->data[0], src->linesize[0] * cy);
memcpy(dst->data[1], src->data[1], src->linesize[1] * cy / 2);
Reported by FlawFinder.
Line: 255
Column: 3
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
break;
case VIDEO_FORMAT_I40A:
memcpy(dst->data[0], src->data[0], src->linesize[0] * cy);
memcpy(dst->data[1], src->data[1], src->linesize[1] * cy / 2);
memcpy(dst->data[2], src->data[2], src->linesize[2] * cy / 2);
memcpy(dst->data[3], src->data[3], src->linesize[3] * cy);
break;
Reported by FlawFinder.
libobs/obs-source.c
16 issues
Line: 2739
Column: 2
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
? dst->linesize[plane]
: src->linesize[plane];
memcpy(dst->data[plane] + pos_dst, src->data[plane] + pos_src, bytes);
}
static inline void copy_frame_data_plane(struct obs_source_frame *dst,
const struct obs_source_frame *src,
uint32_t plane, uint32_t lines)
Reported by FlawFinder.
Line: 2750
Column: 3
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
for (uint32_t y = 0; y < lines; y++)
copy_frame_data_line(dst, src, plane, y);
} else {
memcpy(dst->data[plane], src->data[plane],
(size_t)dst->linesize[plane] * (size_t)lines);
}
}
static void copy_frame_data(struct obs_source_frame *dst,
Reported by FlawFinder.
Line: 2762
Column: 2
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
dst->flags = src->flags;
dst->full_range = src->full_range;
dst->timestamp = src->timestamp;
memcpy(dst->color_matrix, src->color_matrix, sizeof(float) * 16);
if (!dst->full_range) {
size_t const size = sizeof(float) * 3;
memcpy(dst->color_range_min, src->color_range_min, size);
memcpy(dst->color_range_max, src->color_range_max, size);
}
Reported by FlawFinder.
Line: 2765
Column: 3
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
memcpy(dst->color_matrix, src->color_matrix, sizeof(float) * 16);
if (!dst->full_range) {
size_t const size = sizeof(float) * 3;
memcpy(dst->color_range_min, src->color_range_min, size);
memcpy(dst->color_range_max, src->color_range_max, size);
}
switch (src->format) {
case VIDEO_FORMAT_I420: {
Reported by FlawFinder.
Line: 2766
Column: 3
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
if (!dst->full_range) {
size_t const size = sizeof(float) * 3;
memcpy(dst->color_range_min, src->color_range_min, size);
memcpy(dst->color_range_max, src->color_range_max, size);
}
switch (src->format) {
case VIDEO_FORMAT_I420: {
const uint32_t height = dst->height;
Reported by FlawFinder.
Line: 2993
Column: 2
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
new_frame.flip = frame->flip;
new_frame.flags = frame->flags;
memcpy(&new_frame.color_matrix, &frame->color_matrix,
sizeof(frame->color_matrix));
memcpy(&new_frame.color_range_min, &frame->color_range_min,
sizeof(frame->color_range_min));
memcpy(&new_frame.color_range_max, &frame->color_range_max,
sizeof(frame->color_range_max));
Reported by FlawFinder.
Line: 2995
Column: 2
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
memcpy(&new_frame.color_matrix, &frame->color_matrix,
sizeof(frame->color_matrix));
memcpy(&new_frame.color_range_min, &frame->color_range_min,
sizeof(frame->color_range_min));
memcpy(&new_frame.color_range_max, &frame->color_range_max,
sizeof(frame->color_range_max));
obs_source_output_video_internal(source, &new_frame);
Reported by FlawFinder.
Line: 2997
Column: 2
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
sizeof(frame->color_matrix));
memcpy(&new_frame.color_range_min, &frame->color_range_min,
sizeof(frame->color_range_min));
memcpy(&new_frame.color_range_max, &frame->color_range_max,
sizeof(frame->color_range_max));
obs_source_output_video_internal(source, &new_frame);
}
Reported by FlawFinder.
Line: 3125
Column: 2
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
new_frame.flip = frame->flip;
new_frame.flags = frame->flags;
memcpy(&new_frame.color_matrix, &frame->color_matrix,
sizeof(frame->color_matrix));
memcpy(&new_frame.color_range_min, &frame->color_range_min,
sizeof(frame->color_range_min));
memcpy(&new_frame.color_range_max, &frame->color_range_max,
sizeof(frame->color_range_max));
Reported by FlawFinder.
Line: 3127
Column: 2
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
memcpy(&new_frame.color_matrix, &frame->color_matrix,
sizeof(frame->color_matrix));
memcpy(&new_frame.color_range_min, &frame->color_range_min,
sizeof(frame->color_range_min));
memcpy(&new_frame.color_range_max, &frame->color_range_max,
sizeof(frame->color_range_max));
obs_source_preload_video_internal(source, &new_frame);
Reported by FlawFinder.
libobs/util/platform.c
16 issues
Line: 782
Column: 5
CWE codes:
120
Suggestion:
Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused)
replace_text(&sf, pos, 5, convert);
} else if (astrcmp_n(cmp, "%VF", 3) == 0) {
strcpy(convert, get_video_format_name(
ovi.output_format));
replace_text(&sf, pos, 3, convert);
}
}
Reported by FlawFinder.
Line: 45
Column: 10
CWE codes:
362
char *mbs_path;
os_wcs_to_utf8_ptr(path, 0, &mbs_path);
file = fopen(mbs_path, mode);
bfree(mbs_path);
#endif
}
return file;
Reported by FlawFinder.
Line: 67
Column: 16
CWE codes:
362
return file;
#else
return path ? fopen(path, mode) : NULL;
#endif
}
int64_t os_fgetsize(FILE *file)
{
Reported by FlawFinder.
Line: 94
Column: 3
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
int os_stat(const char *file, struct stat *st)
{
if (file) {
wchar_t w_file[512];
size_t size = os_utf8_to_wcs(file, 0, w_file, sizeof(w_file));
if (size > 0) {
struct _stat st_w32;
int ret = _wstat(w_file, &st_w32);
if (ret == 0) {
Reported by FlawFinder.
Line: 177
Column: 3
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
size = (size_t)os_ftelli64(file);
if (size > 0) {
char bom[3];
char *utf8str;
off_t offset;
bom[0] = 0;
bom[1] = 0;
Reported by FlawFinder.
Line: 560
Column: 2
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
double os_strtod(const char *str)
{
char buf[64];
snprintf(buf, 64, "%s", str);
to_locale(buf);
return strtod(buf, NULL);
}
Reported by FlawFinder.
Line: 733
Column: 2
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
{"%Y", ""}, {"%z", ""}, {"%Z", ""},
};
char convert[128] = {0};
struct dstr sf;
struct dstr c = {0};
size_t pos = 0;
dstr_init_copy(&sf, format);
Reported by FlawFinder.
Line: 762
Column: 6
CWE codes:
120
Suggestion:
Use sprintf_s, snprintf, or vsnprintf
if (!convert[0]) {
if (astrcmp_n(cmp, "%FPS", 4) == 0) {
if (ovi.fps_den <= 1) {
sprintf(convert, "%u", ovi.fps_num);
} else {
const double obsFPS =
(double)ovi.fps_num /
(double)ovi.fps_den;
sprintf(convert, "%.2f", obsFPS);
Reported by FlawFinder.
Line: 767
Column: 6
CWE codes:
120
Suggestion:
Use sprintf_s, snprintf, or vsnprintf
const double obsFPS =
(double)ovi.fps_num /
(double)ovi.fps_den;
sprintf(convert, "%.2f", obsFPS);
}
replace_text(&sf, pos, 4, convert);
} else if (astrcmp_n(cmp, "%CRES", 5) == 0) {
sprintf(convert, "%ux%u", ovi.base_width,
Reported by FlawFinder.
Line: 772
Column: 5
CWE codes:
120
Suggestion:
Use sprintf_s, snprintf, or vsnprintf
replace_text(&sf, pos, 4, convert);
} else if (astrcmp_n(cmp, "%CRES", 5) == 0) {
sprintf(convert, "%ux%u", ovi.base_width,
ovi.base_height);
replace_text(&sf, pos, 5, convert);
} else if (astrcmp_n(cmp, "%ORES", 5) == 0) {
sprintf(convert, "%ux%u", ovi.output_width,
Reported by FlawFinder.