The following issues were found
UI/win-update/updater/http.cpp
8 issues
Line: 100
Column: 2
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
URL_COMPONENTS urlComponents = {};
bool secure = false;
wchar_t hostName[256];
wchar_t path[1024];
const wchar_t *acceptTypes[] = {L"*/*", nullptr};
const DWORD tlsProtocols = WINHTTP_FLAG_SECURE_PROTOCOL_TLS1_2;
Reported by FlawFinder.
Line: 101
Column: 2
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
bool secure = false;
wchar_t hostName[256];
wchar_t path[1024];
const wchar_t *acceptTypes[] = {L"*/*", nullptr};
const DWORD tlsProtocols = WINHTTP_FLAG_SECURE_PROTOCOL_TLS1_2;
Reported by FlawFinder.
Line: 179
Column: 2
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
/* -------------------------------------- *
* get headers */
wchar_t encoding[64];
DWORD encodingLen;
wchar_t statusCode[8];
DWORD statusCodeLen;
Reported by FlawFinder.
Line: 182
Column: 2
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
wchar_t encoding[64];
DWORD encodingLen;
wchar_t statusCode[8];
DWORD statusCodeLen;
statusCodeLen = sizeof(statusCode);
if (!WinHttpQueryHeaders(hRequest, WINHTTP_QUERY_STATUS_CODE,
WINHTTP_HEADER_NAME_BY_INDEX, &statusCode,
Reported by FlawFinder.
Line: 362
Column: 2
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
bool secure = false;
string zipBuf;
wchar_t hostName[256];
wchar_t path[1024];
/* -------------------------------------- *
* get URL components */
Reported by FlawFinder.
Line: 363
Column: 2
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
string zipBuf;
wchar_t hostName[256];
wchar_t path[1024];
/* -------------------------------------- *
* get URL components */
urlComponents.dwStructSize = sizeof(urlComponents);
Reported by FlawFinder.
Line: 411
Column: 2
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
/* -------------------------------------- *
* get headers */
wchar_t encoding[64];
DWORD encodingLen;
wchar_t statusCode[8];
DWORD statusCodeLen;
Reported by FlawFinder.
Line: 414
Column: 2
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
wchar_t encoding[64];
DWORD encodingLen;
wchar_t statusCode[8];
DWORD statusCodeLen;
statusCodeLen = sizeof(statusCode);
if (!WinHttpQueryHeaders(hRequest, WINHTTP_QUERY_STATUS_CODE,
WINHTTP_HEADER_NAME_BY_INDEX, &statusCode,
Reported by FlawFinder.
plugins/obs-outputs/librtmp/handshake.h
8 issues
Line: 335
Column: 5
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
const int messageLen = RTMP_SIG_SIZE - SHA256_DIGEST_LENGTH;
uint8_t message[RTMP_SIG_SIZE - SHA256_DIGEST_LENGTH];
memcpy(message, handshakeMessage, digestPos);
memcpy(message + digestPos,
&handshakeMessage[digestPos + SHA256_DIGEST_LENGTH],
messageLen - digestPos);
HMACsha256(message, messageLen, key, keyLen, digest);
Reported by FlawFinder.
Line: 336
Column: 5
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
uint8_t message[RTMP_SIG_SIZE - SHA256_DIGEST_LENGTH];
memcpy(message, handshakeMessage, digestPos);
memcpy(message + digestPos,
&handshakeMessage[digestPos + SHA256_DIGEST_LENGTH],
messageLen - digestPos);
HMACsha256(message, messageLen, key, keyLen, digest);
}
Reported by FlawFinder.
Line: 634
Column: 23
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
#define KEYBYTES 24
static const unsigned char rtmpe9_keys[16][KEYBYTES] =
{
{
0x79, 0x34, 0x77, 0x4c, 0x67, 0xd1, 0x38, 0x3a, 0xdf, 0xb3, 0x56, 0xbe,
0x8b, 0x7b, 0xd0, 0x24, 0x38, 0xe0, 0x73, 0x58, 0x41, 0x5d, 0x69, 0x67,
},
Reported by FlawFinder.
Line: 841
Column: 5
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
clientsig[-1] = 0x03;
uptime = htonl(RTMP_GetTime());
memcpy(clientsig, &uptime, 4);
if (FP9HandShake)
{
/* set version to at least 9.0.115.0 */
if (encrypted)
Reported by FlawFinder.
Line: 941
Column: 5
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
return FALSE;
/* decode server response */
memcpy(&uptime, serversig, 4);
uptime = ntohl(uptime);
RTMP_Log(RTMP_LOGDEBUG, "%s: Server Uptime : %d", __FUNCTION__, uptime);
RTMP_Log(RTMP_LOGDEBUG, "%s: FMS Version : %d.%d.%d.%d", __FUNCTION__, serversig[4],
serversig[5], serversig[6], serversig[7]);
Reported by FlawFinder.
Line: 985
Column: 13
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
const char swfVerify[] = { 0x01, 0x01 };
char *vend = r->Link.SWFVerificationResponse+sizeof(r->Link.SWFVerificationResponse);
memcpy(r->Link.SWFVerificationResponse, swfVerify, 2);
AMF_EncodeInt32(&r->Link.SWFVerificationResponse[2], vend, r->Link.SWFSize);
AMF_EncodeInt32(&r->Link.SWFVerificationResponse[6], vend, r->Link.SWFSize);
HMACsha256(r->Link.SWFHash, SHA256_DIGEST_LENGTH,
&serversig[RTMP_SIG_SIZE - SHA256_DIGEST_LENGTH],
SHA256_DIGEST_LENGTH,
Reported by FlawFinder.
Line: 1070
Column: 9
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
reply = serversig;
#if 0
uptime = htonl(RTMP_GetTime());
memcpy(reply+4, &uptime, 4);
#endif
}
#ifdef _DEBUG
RTMP_Log(RTMP_LOGDEBUG, "%s: Sending handshake response: ",
Reported by FlawFinder.
Line: 1151
Column: 13
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
if (encrypted)
{
char buff[RTMP_SIG_SIZE];
/* set keys for encryption from now on */
r->Link.rc4keyIn = keyIn;
r->Link.rc4keyOut = keyOut;
Reported by FlawFinder.
libobs/util/cf-lexer.c
8 issues
Line: 456
Column: 3
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
token.lex = lex;
last_token = da_push_back_new(lex->tokens);
memcpy(last_token, &token, sizeof(struct cf_token));
}
cf_token_clear(&token);
token.str.array = lex->write_offset;
Reported by FlawFinder.
Line: 813
Column: 8
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
return pp->defines.array + idx;
}
static char space_filler[2] = " ";
static inline void append_space(struct cf_preprocessor *pp,
struct darray *tokens,
const struct cf_token *base)
{
Reported by FlawFinder.
Line: 1343
Column: 3
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
NULL, NULL);
cf_def_free(existing);
memcpy(existing, def, sizeof(struct cf_def));
} else {
da_push_back(pp->defines, def);
}
}
Reported by FlawFinder.
Line: 94
Column: 11
CWE codes:
126
char *str, *temp_dst;
if (!count)
count = strlen(literal);
if (count < 2)
return NULL;
if (literal[0] != literal[count - 1])
return NULL;
Reported by FlawFinder.
Line: 194
Column: 2
CWE codes:
120
Suggestion:
Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused)
offset = lex->base_lexer.offset;
cf_pass_any_splices(&offset);
strcpy(lex->write_offset++, " ");
out_token->str.len = 1;
if (*offset == '/') {
while (*++offset && !is_newline(*offset))
cf_pass_any_splices(&offset);
Reported by FlawFinder.
Line: 229
Column: 2
CWE codes:
120
static inline void cf_lexer_write_strref(struct cf_lexer *lex,
const struct strref *ref)
{
strncpy(lex->write_offset, ref->array, ref->len);
lex->write_offset[ref->len] = 0;
lex->write_offset += ref->len;
}
static bool cf_lexer_is_include(struct cf_lexer *lex)
Reported by FlawFinder.
Line: 443
Column: 29
CWE codes:
126
lexer_start(&lex->base_lexer, str);
cf_token_clear(&token);
lex->reformatted = bmalloc(strlen(str) + 1);
lex->reformatted[0] = 0;
lex->write_offset = lex->reformatted;
while (cf_lexer_nexttoken(lex, &token)) {
if (last_token && is_space_or_tab(*last_token->str.array) &&
Reported by FlawFinder.
Line: 1354
Column: 12
CWE codes:
126
{
struct strref ref;
ref.array = def_name;
ref.len = strlen(def_name);
cf_preprocess_remove_def_strref(pp, &ref);
}
Reported by FlawFinder.
plugins/obs-outputs/librtmp/log.c
8 issues
Line: 47
Column: 5
CWE codes:
134
Suggestion:
Use a constant for the format specification
{
char str[MAX_PRINT_LEN]="";
vsnprintf(str, MAX_PRINT_LEN-1, format, vl);
/* Filter out 'no-name' */
if ( RTMP_debuglevel<RTMP_LOGALL && strstr(str, "no-name" ) != NULL )
return;
Reported by FlawFinder.
Line: 191
Column: 11
CWE codes:
134
Suggestion:
Use a constant for the format specification
int len;
va_list args;
va_start(args, format);
len = vsnprintf(str, MAX_PRINT_LEN-1, format, args);
va_end(args);
if ( RTMP_debuglevel==RTMP_LOGCRIT )
return;
Reported by FlawFinder.
Line: 217
Column: 5
CWE codes:
134
Suggestion:
Use a constant for the format specification
char str[MAX_PRINT_LEN]="";
va_list args;
va_start(args, format);
vsnprintf(str, MAX_PRINT_LEN-1, format, args);
va_end(args);
if ( RTMP_debuglevel==RTMP_LOGCRIT )
return;
Reported by FlawFinder.
Line: 45
Column: 5
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
static void rtmp_log_default(int level, const char *format, va_list vl)
{
char str[MAX_PRINT_LEN]="";
vsnprintf(str, MAX_PRINT_LEN-1, format, vl);
/* Filter out 'no-name' */
if ( RTMP_debuglevel<RTMP_LOGALL && strstr(str, "no-name" ) != NULL )
Reported by FlawFinder.
Line: 102
Column: 5
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
void RTMP_LogHex(int level, const uint8_t *data, unsigned long len)
{
unsigned long i;
char line[50], *ptr;
if ( level > (int)RTMP_debuglevel )
return;
ptr = line;
Reported by FlawFinder.
Line: 136
Column: 5
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
#define BP_OFFSET 9
#define BP_GRAPH 60
#define BP_LEN 80
char line[BP_LEN];
unsigned long i;
if ( !data || level > (int)RTMP_debuglevel )
return;
Reported by FlawFinder.
Line: 187
Column: 5
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
/* These should only be used by apps, never by the library itself */
void RTMP_LogPrintf(const char *format, ...)
{
char str[MAX_PRINT_LEN]="";
int len;
va_list args;
va_start(args, format);
len = vsnprintf(str, MAX_PRINT_LEN-1, format, args);
va_end(args);
Reported by FlawFinder.
Line: 214
Column: 5
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
void RTMP_LogStatus(const char *format, ...)
{
char str[MAX_PRINT_LEN]="";
va_list args;
va_start(args, format);
vsnprintf(str, MAX_PRINT_LEN-1, format, args);
va_end(args);
Reported by FlawFinder.
libobs/graphics/effect-parser.c
7 issues
Line: 1341
Column: 2
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
struct ep_param *param_in, unsigned long long idx,
const char *offset)
{
char _debug_type[4096];
switch (param->type) {
case GS_SHADER_PARAM_STRING:
snprintf(_debug_type, sizeof(_debug_type), "string");
break;
case GS_SHADER_PARAM_INT:
Reported by FlawFinder.
Line: 1384
Column: 2
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
break;
}
char _debug_buf[4096];
debug_get_default_value(param, _debug_buf, sizeof(_debug_buf));
if (param->annotations.num > 0) {
blog(LOG_DEBUG,
"%s[%4lld] %.*s '%s' with value %.*s and %lld annotations:",
offset, idx, sizeof(_debug_type), _debug_type, param->name,
Reported by FlawFinder.
Line: 1402
Column: 2
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
struct ep_param *param_in,
unsigned long long idx, const char *offset)
{
char _debug_buf[4096];
debug_get_default_value(param, _debug_buf, sizeof(_debug_buf));
blog(LOG_DEBUG, "%s[%4lld] %s '%s' with value %.*s", offset, idx,
param_in->type, param->name, sizeof(_debug_buf), _debug_buf);
}
Reported by FlawFinder.
Line: 964
Column: 42
CWE codes:
126
ep->cfp.cur_token->str.len);
if (str) {
da_copy_array(param->default_val, str, strlen(str) + 1);
bfree(str);
}
return PARSE_SUCCESS;
}
Reported by FlawFinder.
Line: 988
Column: 42
CWE codes:
126
ep->cfp.cur_token->str.len);
if (str) {
da_copy_array(param->default_val, str, strlen(str) + 1);
bfree(str);
}
return PARSE_SUCCESS;
}
Reported by FlawFinder.
Line: 1436
Column: 48
CWE codes:
126
}
if (begin[0] != '\0') {
// Final line was not written.
blog(LOG_DEBUG, "\t\t\t\t[%4lld] %*s", line, strlen(begin),
begin);
}
}
#endif
Reported by FlawFinder.
Line: 1454
Column: 22
CWE codes:
126
cf_def_init(&def);
def.name.str.array = graphics_preprocessor;
def.name.str.len = strlen(graphics_preprocessor);
strref_copy(&def.name.unmerged_str, &def.name.str);
cf_preprocessor_add_def(&ep->cfp.pp, &def);
}
Reported by FlawFinder.
plugins/win-capture/funchook.c
7 issues
Line: 29
Column: 2
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
fix_permissions((void *)(hook->func_addr - JMP_32_SIZE),
JMP_64_SIZE + JMP_32_SIZE);
memcpy(hook->unhook_data, func_addr, JMP_64_SIZE);
}
static inline size_t patch_size(struct func_hook *hook)
{
return hook->is_64bit_jump ? JMP_64_SIZE : JMP_32_SIZE;
Reported by FlawFinder.
Line: 46
Column: 2
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
fix_permissions((void *)hook->func_addr, JMP_64_SIZE);
memcpy(data, (void *)hook->func_addr, JMP_64_SIZE);
memcpy(data, longjmp64, sizeof(longjmp64));
*ptr_loc = hook->hook_addr;
hook->call_addr = (void *)hook->func_addr;
hook->type = HOOKTYPE_FORWARD_OVERWRITE;
Reported by FlawFinder.
Line: 47
Column: 2
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
fix_permissions((void *)hook->func_addr, JMP_64_SIZE);
memcpy(data, (void *)hook->func_addr, JMP_64_SIZE);
memcpy(data, longjmp64, sizeof(longjmp64));
*ptr_loc = hook->hook_addr;
hook->call_addr = (void *)hook->func_addr;
hook->type = HOOKTYPE_FORWARD_OVERWRITE;
hook->hooked = true;
Reported by FlawFinder.
Line: 54
Column: 2
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
hook->type = HOOKTYPE_FORWARD_OVERWRITE;
hook->hooked = true;
memcpy((void *)hook->func_addr, data, JMP_64_SIZE);
}
static inline void hook_reverse_new(struct func_hook *hook, uint8_t *p)
{
hook->call_addr = (void *)(hook->func_addr + 2);
Reported by FlawFinder.
Line: 236
Column: 3
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
size = patch_size(hook);
}
memcpy((void *)addr, hook->rehook_data, size);
hook->hooked = true;
return;
}
offset = hook->hook_addr - hook->func_addr - JMP_32_SIZE;
Reported by FlawFinder.
Line: 279
Column: 2
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
}
fix_permissions((void *)addr, size);
memcpy(hook->rehook_data, (void *)addr, size);
if (hook->type == HOOKTYPE_FORWARD_OVERWRITE)
memcpy((void *)hook->func_addr, hook->unhook_data, size);
hook->hooked = false;
Reported by FlawFinder.
Line: 282
Column: 3
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
memcpy(hook->rehook_data, (void *)addr, size);
if (hook->type == HOOKTYPE_FORWARD_OVERWRITE)
memcpy((void *)hook->func_addr, hook->unhook_data, size);
hook->hooked = false;
}
Reported by FlawFinder.
deps/libcaption/src/mpeg.c
7 issues
Line: 71
Column: 9
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
// The following line IS correct! We want to look in sorcData up to destSize bytes
// We know destSize is smaller than sorcSize because of the previous line
toCopy = _find_emulation_prevention_byte(sorcData, destSize);
memcpy(destData, sorcData, toCopy);
totlSize += toCopy;
destData += toCopy;
destSize -= toCopy;
if (0 == destSize) {
Reported by FlawFinder.
Line: 123
Column: 9
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
return 0;
}
memcpy(data, payloadData, bytes);
if (bytes == payloadSize) {
return total + bytes;
}
Reported by FlawFinder.
Line: 158
Column: 9
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
msg->size = size;
if (data) {
memcpy(sei_message_data(msg), data, size);
} else {
memset(sei_message_data(msg), 0, size);
}
return (sei_message_t*)msg;
Reported by FlawFinder.
Line: 644
Column: 13
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
cea708_t* a = _mpeg_bitstream_cea708_at(packet, i - 1);
cea708_t* b = _mpeg_bitstream_cea708_at(packet, i);
if (a->timestamp > b->timestamp) {
memcpy(&c, a, sizeof(cea708_t));
memcpy(a, b, sizeof(cea708_t));
memcpy(b, &c, sizeof(cea708_t));
goto again;
}
}
Reported by FlawFinder.
Line: 645
Column: 13
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
cea708_t* b = _mpeg_bitstream_cea708_at(packet, i);
if (a->timestamp > b->timestamp) {
memcpy(&c, a, sizeof(cea708_t));
memcpy(a, b, sizeof(cea708_t));
memcpy(b, &c, sizeof(cea708_t));
goto again;
}
}
}
Reported by FlawFinder.
Line: 646
Column: 13
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
if (a->timestamp > b->timestamp) {
memcpy(&c, a, sizeof(cea708_t));
memcpy(a, b, sizeof(cea708_t));
memcpy(b, &c, sizeof(cea708_t));
goto again;
}
}
}
Reported by FlawFinder.
Line: 690
Column: 5
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
sei_t sei;
size_t header_size, scpos;
packet->status = LIBCAPTION_OK;
memcpy(&packet->data[packet->size], data, size);
packet->size += size;
while (packet->status == LIBCAPTION_OK && 0 < (scpos = find_start_code(&packet->data[0], packet->size))) {
switch (mpeg_bitstream_packet_type(packet, stream_type)) {
default:
Reported by FlawFinder.
deps/jansson/src/load.c
7 issues
Line: 97
Column: 5
CWE codes:
134
Suggestion:
Use a constant for the format specification
return;
va_start(ap, msg);
vsnprintf(msg_text, JSON_ERROR_TEXT_LENGTH, msg, ap);
msg_text[JSON_ERROR_TEXT_LENGTH - 1] = '\0';
va_end(ap);
if(lex)
{
Reported by FlawFinder.
Line: 53
Column: 5
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
typedef struct {
get_func get;
void *data;
char buffer[5];
size_t buffer_pos;
int state;
int line;
int column, last_column;
size_t position;
Reported by FlawFinder.
Line: 86
Column: 5
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
const char *msg, ...)
{
va_list ap;
char msg_text[JSON_ERROR_TEXT_LENGTH];
char msg_with_context[JSON_ERROR_TEXT_LENGTH];
int line = -1, col = -1;
size_t pos = 0;
const char *result = msg_text;
Reported by FlawFinder.
Line: 87
Column: 5
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
{
va_list ap;
char msg_text[JSON_ERROR_TEXT_LENGTH];
char msg_with_context[JSON_ERROR_TEXT_LENGTH];
int line = -1, col = -1;
size_t pos = 0;
const char *result = msg_text;
Reported by FlawFinder.
Line: 1043
Column: 10
CWE codes:
362
return NULL;
}
fp = fopen(path, "rb");
if(!fp)
{
error_set(error, NULL, "unable to open %s: %s",
path, strerror(errno));
return NULL;
Reported by FlawFinder.
Line: 1061
Column: 5
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
typedef struct
{
char data[MAX_BUF_LEN];
size_t len;
size_t pos;
json_load_callback_t callback;
void *arg;
} callback_data_t;
Reported by FlawFinder.
deps/lzma/liblzma/check/crc32_fast.c
7 issues
Line: 55
CWE codes:
788
crc ^= *(const uint32_t *)(buf);
buf += 4;
crc = lzma_crc32_table[7][A(crc)]
^ lzma_crc32_table[6][B(crc)]
^ lzma_crc32_table[5][C(crc)]
^ lzma_crc32_table[4][D(crc)];
const uint32_t tmp = *(const uint32_t *)(buf);
Reported by Cppcheck.
Line: 56
CWE codes:
788
buf += 4;
crc = lzma_crc32_table[7][A(crc)]
^ lzma_crc32_table[6][B(crc)]
^ lzma_crc32_table[5][C(crc)]
^ lzma_crc32_table[4][D(crc)];
const uint32_t tmp = *(const uint32_t *)(buf);
buf += 4;
Reported by Cppcheck.
Line: 57
CWE codes:
788
crc = lzma_crc32_table[7][A(crc)]
^ lzma_crc32_table[6][B(crc)]
^ lzma_crc32_table[5][C(crc)]
^ lzma_crc32_table[4][D(crc)];
const uint32_t tmp = *(const uint32_t *)(buf);
buf += 4;
Reported by Cppcheck.
Line: 58
CWE codes:
788
crc = lzma_crc32_table[7][A(crc)]
^ lzma_crc32_table[6][B(crc)]
^ lzma_crc32_table[5][C(crc)]
^ lzma_crc32_table[4][D(crc)];
const uint32_t tmp = *(const uint32_t *)(buf);
buf += 4;
// At least with some compilers, it is critical for
Reported by Cppcheck.
Line: 66
CWE codes:
788
// At least with some compilers, it is critical for
// performance, that the crc variable is XORed
// between the two table-lookup pairs.
crc = lzma_crc32_table[3][A(tmp)]
^ lzma_crc32_table[2][B(tmp)]
^ crc
^ lzma_crc32_table[1][C(tmp)]
^ lzma_crc32_table[0][D(tmp)];
}
Reported by Cppcheck.
Line: 67
CWE codes:
788
// performance, that the crc variable is XORed
// between the two table-lookup pairs.
crc = lzma_crc32_table[3][A(tmp)]
^ lzma_crc32_table[2][B(tmp)]
^ crc
^ lzma_crc32_table[1][C(tmp)]
^ lzma_crc32_table[0][D(tmp)];
}
}
Reported by Cppcheck.
Line: 69
CWE codes:
788
crc = lzma_crc32_table[3][A(tmp)]
^ lzma_crc32_table[2][B(tmp)]
^ crc
^ lzma_crc32_table[1][C(tmp)]
^ lzma_crc32_table[0][D(tmp)];
}
}
while (size-- != 0)
Reported by Cppcheck.
libobs/obs-hotkey-name-map.c
7 issues
Line: 139
CWE codes:
476
static void connect(obs_hotkey_name_map_edge_t *e,
obs_hotkey_name_map_node_t *n)
{
e->node = n;
}
static void reduce_edge(obs_hotkey_name_map_edge_t *e, const char *key,
size_t l, int v)
{
Reported by Cppcheck.
Line: 139
CWE codes:
476
static void connect(obs_hotkey_name_map_edge_t *e,
obs_hotkey_name_map_node_t *n)
{
e->node = n;
}
static void reduce_edge(obs_hotkey_name_map_edge_t *e, const char *key,
size_t l, int v)
{
Reported by Cppcheck.
Line: 66
Column: 4
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
};
struct {
uint8_t compressed_len;
char compressed_prefix[NAME_MAP_COMPRESS_LENGTH];
};
};
struct obs_hotkey_name_map_node *node;
};
Reported by FlawFinder.
Line: 101
Column: 3
CWE codes:
120
e->compressed_len = (uint8_t)l;
if (l < NAME_MAP_COMPRESS_LENGTH)
strncpy(e->compressed_prefix, prefix, l);
else
e->prefix = bstrdup_n(prefix, l);
}
static obs_hotkey_name_map_edge_t *add_leaf(obs_hotkey_name_map_node_t *node,
Reported by FlawFinder.
Line: 128
Column: 3
CWE codes:
120
e->prefix_len = (uint8_t)l;
if (get_prefix(e) != str)
strncpy(get_prefix(e), str, l);
else
str[l] = 0;
if (!old_comp && new_comp)
bfree(str);
Reported by FlawFinder.
Line: 239
Column: 33
CWE codes:
126
if (!trie || !key)
return;
insert(NULL, &trie->root, key, strlen(key), v);
}
static bool obs_hotkey_name_map_lookup(obs_hotkey_name_map_t *trie,
const char *key, int *v)
{
Reported by FlawFinder.
Line: 248
Column: 15
CWE codes:
126
if (!trie || !key)
return false;
size_t len = strlen(key);
obs_hotkey_name_map_node_t *n = &trie->root;
size_t i = 0;
for (; i < n->children.num;) {
obs_hotkey_name_map_edge_t *e = &n->children.array[i];
Reported by FlawFinder.