[Ffmpeg-devel] (Minor) Issues reported by Coverity for xine's libffmpeg copy

Diego 'Flameeyes' Pettenò flameeyes
Tue Sep 26 05:48:15 CEST 2006


Most of these ar eminor issues that hits very strange corner cases, but I 
might as well report them here so that they can find a solution, or that I 
can simply report them as ignorable. I checked all of them against the 
current SVN, I hope I didn't miss anything obvious.

CID 88: possible NULL dereference in libavcodec/mpegvideo.c:341

    if(s->avctx->me_threshold){
[snip]
        if(!src->mb_type)
            av_log(s->avctx, AV_LOG_ERROR, "AVFrame.mb_type not set!\n");
[snip]
        memcpy(dst->mb_type, src->mb_type, s->mb_stride * s->mb_height * 
sizeof(dst->mb_type[0]));

CID 230: possible memory leak in libavcodec/imgresample.c about line 557

    s = av_mallocz(sizeof(ImgReSampleContext));
    if (!s)
        return NULL;
    if((unsigned)owidth >= UINT_MAX / (LINE_BUF_HEIGHT + NB_TAPS))
        return NULL;
    s->line_buf = av_mallocz(owidth * (LINE_BUF_HEIGHT + NB_TAPS));
    if (!s->line_buf)
        goto fail;

CID 110: access outside boundaries of CABACContext::lps_range in 
libavcodec/cabac.c:120

        for(j=0; j<4; j++){ //FIXME check if this is worth the 1 shift we save
            c->lps_range[2*i+0][j+4]=
            c->lps_range[2*i+1][j+4]= lps_range[i][j];
        }

c->lps_range is defined as [2*65][4] in cabac.h

CID 305: possible memory leak in libavcodec/jpeg_ls.c

at line 412 the pointer state is assigned a newly-allocated memory area, that 
is freed at the end of the function before returning, in line 465, but not 
when returning with error in line 462.

-- 
Diego "Flameeyes" Petten? - http://farragut.flameeyes.is-a-geek.org/
Gentoo/Alt lead, Gentoo/FreeBSD, Video, AMD64, Sound, PAM, KDE
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: not available
URL: <http://lists.mplayerhq.hu/pipermail/ffmpeg-devel/attachments/20060926/a417bc6b/attachment.pgp>



More information about the ffmpeg-devel mailing list