The following issues were found
UI/window-basic-settings.cpp
6 issues
Line: 126
}
};
}
Q_DECLARE_METATYPE(FormatDesc)
Q_DECLARE_METATYPE(CodecDesc)
static inline bool ResTooHigh(uint32_t cx, uint32_t cy)
{
return cx > 16384 || cy > 16384;
Reported by Cppcheck.
Line: 604
&OBSBasicSettings::ToggleDisableAero);
}
#define PROCESS_PRIORITY(val) \
{ \
"Basic.Settings.Advanced.General.ProcessPriority."##val, val \
}
static struct ProcessPriority {
Reported by Cppcheck.
Line: 1168
Column: 2
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
ui->theme->clear();
QSet<QString> uniqueSet;
string themeDir;
char userThemeDir[512];
int ret = GetConfigPath(userThemeDir, sizeof(userThemeDir),
"obs-studio/themes/");
GetDataFilePath("themes/", themeDir);
/* Check user dir first. */
Reported by FlawFinder.
Line: 1828
Column: 3
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
OBSPropertiesView *view;
if (path) {
char encoderJsonPath[512];
int ret = GetProfilePath(encoderJsonPath,
sizeof(encoderJsonPath), path);
if (ret > 0) {
obs_data_t *data = obs_data_create_from_json_file_safe(
encoderJsonPath, "bak");
Reported by FlawFinder.
Line: 3296
Column: 2
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
static void WriteJsonData(OBSPropertiesView *view, const char *path)
{
char full_path[512];
if (!view || !WidgetChanged(view))
return;
int ret = GetProfilePath(full_path, sizeof(full_path), path);
Reported by FlawFinder.
Line: 4630
Column: 3
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
if (!settings)
return;
char encoderJsonPath[512];
int ret = GetProfilePath(encoderJsonPath,
sizeof(encoderJsonPath),
"recordEncoder.json");
if (ret > 0) {
obs_data_t *data = obs_data_create_from_json_file_safe(
Reported by FlawFinder.
plugins/linux-v4l2/v4l2-output.c
6 issues
Line: 36
Column: 25
CWE codes:
362/367!
Suggestion:
Set up the correct permissions (e.g., using setuid()) and try to open the file directly
static bool initialized = false;
if (!initialized) {
flatpak_info_exists = access("/.flatpak-info", F_OK) == 0;
initialized = true;
}
return flatpak_info_exists;
}
Reported by FlawFinder.
Line: 54
Column: 11
CWE codes:
78
Suggestion:
try using a library call that implements the same functionality if available
dstr_cat(&str, "flatpak-spawn --host ");
dstr_cat(&str, command);
result = system(str.array);
dstr_free(&str);
return result;
}
static bool loopback_module_loaded()
Reported by FlawFinder.
Line: 63
Column: 2
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
{
bool loaded = false;
char temp[512];
FILE *fp = fopen("/proc/modules", "r");
if (!fp)
return false;
Reported by FlawFinder.
Line: 65
Column: 13
CWE codes:
362
char temp[512];
FILE *fp = fopen("/proc/modules", "r");
if (!fp)
return false;
while (fgets(temp, sizeof(temp), fp)) {
Reported by FlawFinder.
Line: 124
Column: 2
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
vcam->frame_size = width * height * 2;
char new_device[16];
if (device < 0 || device >= MAX_DEVICES)
return false;
snprintf(new_device, 16, "/dev/video%d", device);
vcam->device = open(new_device, O_RDWR);
Reported by FlawFinder.
Line: 129
Column: 17
CWE codes:
362
return false;
snprintf(new_device, 16, "/dev/video%d", device);
vcam->device = open(new_device, O_RDWR);
if (vcam->device < 0)
return false;
if (ioctl(vcam->device, VIDIOC_QUERYCAP, &capability) < 0)
Reported by FlawFinder.
plugins/win-capture/nt-stuff.c
6 issues
Line: 57
Column: 67
CWE codes:
362/367!
Suggestion:
Set up the correct permissions (e.g., using setuid()) and try to open the file directly
typedef void(WINAPI *RTLINITUNICODESTRINGFUNC)(PCUNICODE_STRING pstr,
const wchar_t *lpstrName);
typedef NTSTATUS(WINAPI *NTOPENFUNC)(PHANDLE phandle, ACCESS_MASK access,
POBJECT_ATTRIBUTES objattr);
typedef NTSTATUS(WINAPI *NTCREATEMUTANT)(PHANDLE phandle, ACCESS_MASK access,
POBJECT_ATTRIBUTES objattr,
BOOLEAN isowner);
typedef ULONG(WINAPI *RTLNTSTATUSTODOSERRORFUNC)(NTSTATUS status);
Reported by FlawFinder.
Line: 59
Column: 71
CWE codes:
362/367!
Suggestion:
Set up the correct permissions (e.g., using setuid()) and try to open the file directly
const wchar_t *lpstrName);
typedef NTSTATUS(WINAPI *NTOPENFUNC)(PHANDLE phandle, ACCESS_MASK access,
POBJECT_ATTRIBUTES objattr);
typedef NTSTATUS(WINAPI *NTCREATEMUTANT)(PHANDLE phandle, ACCESS_MASK access,
POBJECT_ATTRIBUTES objattr,
BOOLEAN isowner);
typedef ULONG(WINAPI *RTLNTSTATUSTODOSERRORFUNC)(NTSTATUS status);
typedef NTSTATUS(WINAPI *NTQUERYSYSTEMINFORMATIONFUNC)(SYSTEM_INFORMATION_CLASS,
PVOID, ULONG, PULONG);
Reported by FlawFinder.
Line: 108
Column: 47
CWE codes:
362/367!
Suggestion:
Set up the correct permissions (e.g., using setuid()) and try to open the file directly
func(unistr, str);
}
#define MAKE_NT_OPEN_FUNC(func_name, nt_name, access) \
HANDLE func_name(const wchar_t *name) \
{ \
static bool initialized = false; \
static NTOPENFUNC open = NULL; \
HANDLE handle; \
Reported by FlawFinder.
Line: 129
Column: 26
CWE codes:
362/367!
Suggestion:
Set up the correct permissions (e.g., using setuid()) and try to open the file directly
rtl_init_str(&unistr, name); \
init_named_attribs(&attr, &unistr); \
\
status = open(&handle, access, &attr); \
if (NT_SUCCESS(status)) \
return handle; \
nt_set_last_error(status); \
return NULL; \
}
Reported by FlawFinder.
Line: 123
Column: 8
CWE codes:
362
initialized = true; \
} \
\
if (!open) \
return NULL; \
\
rtl_init_str(&unistr, name); \
init_named_attribs(&attr, &unistr); \
\
Reported by FlawFinder.
Line: 129
Column: 12
CWE codes:
362
rtl_init_str(&unistr, name); \
init_named_attribs(&attr, &unistr); \
\
status = open(&handle, access, &attr); \
if (NT_SUCCESS(status)) \
return handle; \
nt_set_last_error(status); \
return NULL; \
}
Reported by FlawFinder.
libobs/util/bmem.c
5 issues
Line: 50
Column: 5
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
if (ptr) {
diff = ((~(long)ptr) & (ALIGNMENT - 1)) + 1;
ptr = (char *)ptr + diff;
((char *)ptr)[-1] = (char)diff;
}
return ptr;
#else
return malloc(size);
Reported by FlawFinder.
Line: 68
Column: 11
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
if (!ptr)
return a_malloc(size);
diff = ((char *)ptr)[-1];
ptr = realloc((char *)ptr - diff, size + diff);
if (ptr)
ptr = (char *)ptr + diff;
return ptr;
#else
Reported by FlawFinder.
Line: 84
Column: 24
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
_aligned_free(ptr);
#elif ALIGNMENT_HACK
if (ptr)
free((char *)ptr - ((char *)ptr)[-1]);
#else
free(ptr);
#endif
}
Reported by FlawFinder.
Line: 95
Column: 2
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
void base_set_allocator(struct base_allocator *defs)
{
memcpy(&alloc, defs, sizeof(struct base_allocator));
}
void *bmalloc(size_t size)
{
void *ptr = alloc.malloc(size);
Reported by FlawFinder.
Line: 152
Column: 3
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
{
void *out = bmalloc(size);
if (size)
memcpy(out, ptr, size);
return out;
}
Reported by FlawFinder.
plugins/obs-qsv11/libmfx/src/mfx_driver_store_loader.cpp
5 issues
Line: 87
Column: 5
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
CONFIGRET result = CR_SUCCESS;
ULONG DeviceIDListSize = 0;
MFXVector<WCHAR> DeviceIDList;
wchar_t DisplayGUID[40];
DEVINST DeviceInst;
DISPATCHER_LOG_INFO(("Looking for MediaSDK in DriverStore\n"));
if (!LoadCfgMgr() || !LoadCmFuncs())
Reported by FlawFinder.
Line: 50
Column: 14
CWE codes:
126
}
}
begin += wcslen(L"DEV_");
deviceID = wcstoul(begin, NULL, 16);
if (!deviceID)
{
DISPATCHER_LOG_WRN(("exctracting device id: failed to convert device id str to int\n"));
return false;
Reported by FlawFinder.
Line: 133
Column: 36
CWE codes:
126
wchar_t *end = begin + DeviceIDList.size();
size_t len = 0;
for (; (begin < end) && (len = wcslen(begin)) > 0; begin += len + 1)
{
if (IsIntelDeviceInstanceID(begin))
{
mfxU32 curDeviceID = 0;
if (!ExctractDeviceID(begin, curDeviceID) || curDeviceID != deviceID)
Reported by FlawFinder.
Line: 166
Column: 59
CWE codes:
126
if (ERROR_SUCCESS == nError)
{
if (path[wcslen(path) - 1] != '/' && path[wcslen(path) - 1] != '\\')
{
wcscat_s(path, MFX_MAX_DLL_PATH, L"\\");
}
DISPATCHER_LOG_INFO(("DriverStore path is found\n"));
return true;
Reported by FlawFinder.
Line: 166
Column: 26
CWE codes:
126
if (ERROR_SUCCESS == nError)
{
if (path[wcslen(path) - 1] != '/' && path[wcslen(path) - 1] != '\\')
{
wcscat_s(path, MFX_MAX_DLL_PATH, L"\\");
}
DISPATCHER_LOG_INFO(("DriverStore path is found\n"));
return true;
Reported by FlawFinder.
plugins/obs-qsv11/libmfx/src/mfx_library_iterator.cpp
5 issues
Line: 257
Column: 5
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
#endif
wchar_t sMediaSDKPath[msdk_disp_path_len] = {};
if (storageID == MFX_DRIVER_STORE)
{
if (!m_driverStoreLoader.GetDriverStorePath(sMediaSDKPath, sizeof(sMediaSDKPath), m_deviceID))
{
Reported by FlawFinder.
Line: 403
Column: 5
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
}
#endif
wchar_t libPath[MFX_MAX_DLL_PATH] = L"";
DWORD libIndex = 0;
DWORD libMerit = 0;
DWORD index;
bool enumRes;
Reported by FlawFinder.
Line: 415
Column: 9
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
do
{
WinRegKey subKey;
wchar_t subKeyName[MFX_MAX_REGISTRY_KEY_NAME] = { 0 };
DWORD subKeyNameSize = sizeof(subKeyName) / sizeof(subKeyName[0]);
// query next value name
enumRes = m_baseRegKey.EnumKey(index, subKeyName, &subKeyNameSize);
if (!enumRes)
Reported by FlawFinder.
Line: 523
Column: 25
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
((m_lastLibMerit > merit) || ((m_lastLibMerit == merit) && (m_lastLibIndex < index))) &&
(libMerit < merit))
{
wchar_t tmpPath[MFX_MAX_DLL_PATH];
DWORD tmpPathSize = sizeof(tmpPath);
bRes = subKey.Query(pathKeyName, REG_SZ, (LPBYTE) tmpPath, &tmpPathSize);
if (!bRes)
{
Reported by FlawFinder.
Line: 332
Column: 23
CWE codes:
126
const int maxPathLen = sizeof(m_path)/sizeof(m_path[0]);
m_path[0] = 0;
wcscpy_s(m_path, maxPathLen, path);
size_t pathLen = wcslen(m_path);
if(storageID==MFX_APP_FOLDER)
{
// we looking for runtime in application folder, it should be named libmfxsw64 or libmfxsw32
mfx_get_default_dll_name(m_path + pathLen, msdk_disp_path_len - pathLen, MFX_LIB_SOFTWARE);
Reported by FlawFinder.
libobs/obs-video.c
5 issues
Line: 1034
Column: 2
CWE codes:
327
Suggestion:
Use a more secure technique for acquiring random values
"obs_graphics_thread(%g" NBSP "ms)", interval / 1000000.);
profile_register_root(video_thread_name, interval);
srand((unsigned int)time(NULL));
struct obs_graphics_context context;
context.interval = video_output_get_frame_time(obs->video.video);
context.frame_time_total_ns = 0;
context.fps_total_ns = 0;
Reported by FlawFinder.
Line: 545
Column: 3
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
{
if ((width == linesize_input) && (width == linesize_output)) {
size_t total = (size_t)width * (size_t)height;
memcpy(out, in, total);
in += total;
} else {
for (size_t y = 0; y < height; y++) {
memcpy(out, in, width);
out += linesize_output;
Reported by FlawFinder.
Line: 549
Column: 4
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
in += total;
} else {
for (size_t y = 0; y < height; y++) {
memcpy(out, in, width);
out += linesize_output;
in += linesize_input;
}
}
Reported by FlawFinder.
Line: 677
Column: 3
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
/* if the line sizes match, do a single copy */
if (input->linesize[0] == output->linesize[0]) {
memcpy(out_ptr, in_ptr,
(size_t)input->linesize[0] * (size_t)info->height);
} else {
const size_t copy_size = (size_t)info->width * 4;
for (size_t y = 0; y < info->height; y++) {
memcpy(out_ptr, in_ptr, copy_size);
Reported by FlawFinder.
Line: 682
Column: 4
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
} else {
const size_t copy_size = (size_t)info->width * 4;
for (size_t y = 0; y < info->height; y++) {
memcpy(out_ptr, in_ptr, copy_size);
in_ptr += input->linesize[0];
out_ptr += output->linesize[0];
}
}
}
Reported by FlawFinder.
plugins/obs-filters/noise-suppress-filter.c
5 issues
Line: 597
Column: 3
CWE codes:
120
Suggestion:
Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused)
size_t size = strlen(sdk_path) + strlen(file) + 1;
char *buffer = (char *)bmalloc(size);
strcpy(buffer, sdk_path);
strcat(buffer, file);
ng->model = buffer;
ng->nvafx_enabled = true;
ng->nvafx_initialized = false;
ng->nvafx_loading = false;
Reported by FlawFinder.
Line: 598
Column: 3
CWE codes:
120
Suggestion:
Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused)
char *buffer = (char *)bmalloc(size);
strcpy(buffer, sdk_path);
strcat(buffer, file);
ng->model = buffer;
ng->nvafx_enabled = true;
ng->nvafx_initialized = false;
ng->nvafx_loading = false;
Reported by FlawFinder.
Line: 587
Column: 2
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
ng->context = filter;
#ifdef LIBNVAFX_ENABLED
char sdk_path[MAX_PATH];
if (!nvafx_get_sdk_path(sdk_path, sizeof(sdk_path))) {
ng->nvafx_enabled = false;
do_log(LOG_ERROR, "NVAFX redist is not installed.");
} else {
Reported by FlawFinder.
Line: 594
Column: 36
CWE codes:
126
do_log(LOG_ERROR, "NVAFX redist is not installed.");
} else {
const char *file = "\\models\\denoiser_48k.trtpkg";
size_t size = strlen(sdk_path) + strlen(file) + 1;
char *buffer = (char *)bmalloc(size);
strcpy(buffer, sdk_path);
strcat(buffer, file);
ng->model = buffer;
Reported by FlawFinder.
Line: 594
Column: 17
CWE codes:
126
do_log(LOG_ERROR, "NVAFX redist is not installed.");
} else {
const char *file = "\\models\\denoiser_48k.trtpkg";
size_t size = strlen(sdk_path) + strlen(file) + 1;
char *buffer = (char *)bmalloc(size);
strcpy(buffer, sdk_path);
strcat(buffer, file);
ng->model = buffer;
Reported by FlawFinder.
libobs/obs-nix.c
5 issues
Line: 311
Column: 22
CWE codes:
807
20
Suggestion:
Check environment variables carefully before using them
static void log_desktop_session_info(void)
{
char *session_ptr = getenv("XDG_SESSION_TYPE");
if (session_ptr) {
blog(LOG_INFO, "Session Type: %s", session_ptr);
}
}
#endif
Reported by FlawFinder.
Line: 118
Column: 7
CWE codes:
362
struct dstr proc_name;
struct dstr proc_speed;
fp = fopen("/proc/cpuinfo", "r");
if (!fp)
return;
dstr_init(&proc_name);
dstr_init(&proc_speed);
Reported by FlawFinder.
Line: 141
Column: 18
CWE codes:
190
Suggestion:
If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended)
if (!start || *(++start) == '\0')
continue;
physical_id = atoi(start);
}
if (!strncmp(line, "cpu MHz", 7)) {
char *start = strchr(line, ':');
if (!start || *(++start) == '\0')
Reported by FlawFinder.
Line: 175
Column: 7
CWE codes:
362
FILE *fp;
struct dstr proc_speed;
fp = fopen("/var/run/dmesg.boot", "r");
if (!fp) {
blog(LOG_INFO, "CPU: Missing /var/run/dmesg.boot !");
return;
}
Reported by FlawFinder.
Line: 274
Column: 7
CWE codes:
362
struct dstr distro;
struct dstr version;
fp = fopen("/etc/os-release", "r");
if (!fp) {
blog(LOG_INFO, "Distribution: Missing /etc/os-release !");
return;
}
Reported by FlawFinder.
deps/jansson/src/error.c
5 issues
Line: 61
Column: 5
CWE codes:
134
Suggestion:
Use a constant for the format specification
error->column = column;
error->position = (int)position;
vsnprintf(error->text, JSON_ERROR_TEXT_LENGTH, msg, ap);
error->text[JSON_ERROR_TEXT_LENGTH - 1] = '\0';
}
Reported by FlawFinder.
Line: 26
Column: 14
CWE codes:
126
if(!error || !source)
return;
length = strlen(source);
if(length < JSON_ERROR_SOURCE_LENGTH)
strncpy(error->source, source, length + 1);
else {
size_t extra = length - JSON_ERROR_SOURCE_LENGTH + 4;
strncpy(error->source, "...", 3);
Reported by FlawFinder.
Line: 28
Column: 9
CWE codes:
120
length = strlen(source);
if(length < JSON_ERROR_SOURCE_LENGTH)
strncpy(error->source, source, length + 1);
else {
size_t extra = length - JSON_ERROR_SOURCE_LENGTH + 4;
strncpy(error->source, "...", 3);
strncpy(error->source + 3, source + extra, length - extra + 1);
}
Reported by FlawFinder.
Line: 31
Column: 9
CWE codes:
120
strncpy(error->source, source, length + 1);
else {
size_t extra = length - JSON_ERROR_SOURCE_LENGTH + 4;
strncpy(error->source, "...", 3);
strncpy(error->source + 3, source + extra, length - extra + 1);
}
}
void jsonp_error_set(json_error_t *error, int line, int column,
Reported by FlawFinder.
Line: 32
Column: 9
CWE codes:
120
else {
size_t extra = length - JSON_ERROR_SOURCE_LENGTH + 4;
strncpy(error->source, "...", 3);
strncpy(error->source + 3, source + extra, length - extra + 1);
}
}
void jsonp_error_set(json_error_t *error, int line, int column,
size_t position, const char *msg, ...)
Reported by FlawFinder.