On Sun, Jan 12, 2020 at 5:54 AM Marton Balint <c...@passwd.hu> wrote:
>
> Hi,
>
> Has anybody reported these and similar false positives involving
> av_dict_set() with a 0 flag to Coverity?
>
> These are popping up all over the codebase, something should be done to
> make Coverity smarter about them. Any ideas?
In my local coverity scan system , av_dict_set() with a 0 flag always
be marked with "serious problems" in Coverity system, after a brief
glance, I think Coverity system given a wrong mark in this case. maybe
I missed something
Will double-check av_dict_set() with a 0 flag.
>
> Thanks,
> Marton
>
> ---------- Forwarded message ----------
> Date: Sat, 11 Jan 2020 00:16:31 +0000 (UTC)
> From: scan-ad...@coverity.com
> To: c...@passwd.hu
> Subject: New Defects reported by Coverity Scan for FFmpeg/FFmpeg
>
> Hi,
>
> Please find the latest report on new defect(s) introduced to FFmpeg/FFmpeg
> found with Coverity Scan.
>
> 3 new defect(s) introduced to FFmpeg/FFmpeg found with Coverity Scan.
> 4 defect(s), reported by Coverity Scan earlier, were marked fixed in the
> recent build analyzed by Coverity Scan.
>
> New defect(s) Reported-by: Coverity Scan
> Showing 3 of 3 defect(s)
>
>
> ** CID 1457612: Memory - corruptions (BAD_FREE)
>
>
> ________________________________________________________________________________________________________
> *** CID 1457612: Memory - corruptions (BAD_FREE)
> /libavformat/img2dec.c: 387 in add_filename_as_pkt_side_data()
> 381 static int add_filename_as_pkt_side_data(char *filename, AVPacket
> *pkt) {
> 382 uint8_t* metadata;
> 383 int metadata_len;
> 384 AVDictionary *d = NULL;
> 385 char *packed_metadata = NULL;
> 386
> >>> CID 1457612: Memory - corruptions (BAD_FREE)
> >>> "av_dict_set" frees array ""lavf.image2dec.source_path"".
> 387 av_dict_set(&d, "lavf.image2dec.source_path", filename, 0);
> 388 av_dict_set(&d, "lavf.image2dec.source_basename",
> av_basename(filename), 0);
> 389
> 390 packed_metadata = av_packet_pack_dictionary(d, &metadata_len);
> 391 av_dict_free(&d);
> 392 if (!packed_metadata)
>
> ** CID 1457611: Memory - corruptions (BAD_FREE)
>
>
> ________________________________________________________________________________________________________
> *** CID 1457611: Memory - corruptions (BAD_FREE)
> /libavformat/img2dec.c: 522 in ff_img_read_packet()
> 516 /*
> 517 * export_path_metadata must be explicitly enabled via
> 518 * command line options for path metadata to be exported
> 519 * as packet side_data.
> 520 */
> 521 if (!s->is_pipe && s->export_path_metadata == 1) {
> >>> CID 1457611: Memory - corruptions (BAD_FREE)
> >>> "add_filename_as_pkt_side_data" frees incorrect pointer "filename".
> 522 res = add_filename_as_pkt_side_data(filename, pkt);
> 523 if (res < 0)
> 524 goto fail;
> 525 }
> 526
> 527 pkt->size = 0;
>
> ** CID 1457610: Memory - illegal accesses (USE_AFTER_FREE)
> /libavformat/img2dec.c: 388 in add_filename_as_pkt_side_data()
>
>
> ________________________________________________________________________________________________________
> *** CID 1457610: Memory - illegal accesses (USE_AFTER_FREE)
> /libavformat/img2dec.c: 388 in add_filename_as_pkt_side_data()
> 382 uint8_t* metadata;
> 383 int metadata_len;
> 384 AVDictionary *d = NULL;
> 385 char *packed_metadata = NULL;
> 386
> 387 av_dict_set(&d, "lavf.image2dec.source_path", filename, 0);
> >>> CID 1457610: Memory - illegal accesses (USE_AFTER_FREE)
> >>> Passing freed pointer "filename" as an argument to "av_basename".
> 388 av_dict_set(&d, "lavf.image2dec.source_basename",
> av_basename(filename), 0);
> 389
> 390 packed_metadata = av_packet_pack_dictionary(d, &metadata_len);
> 391 av_dict_free(&d);
> 392 if (!packed_metadata)
> 393 return AVERROR(ENOMEM);
>
>
> ________________________________________________________________________________________________________
> To view the defects in Coverity Scan visit,
> https://u2389337.ct.sendgrid.net/wf/click?upn=08onrYu34A-2BWcWUl-2F-2BfV0V05UPxvVjWch-2Bd2MGckcRaqasF6Uk2bO40DRQinvhHXkt8Nls-2F5NS-2BxBTpKqgEzgg-3D-3D_iLiXcktl7KXGjSQAr3vGdzTcLOyVPdi-2FBYEhWvx6cOoPLZW2npBAP5ETvXBhWGQ-2BgGJ0akoMF82ThsW9C-2F8kD7NGEkYmCVuwItSQDN-2F4UiEw3JkP-2FsfAH5o75w0HStCw5boTnud6r9LTKGs6m8KQdVh-2FG-2FTXdOBD93QMYdqvm3u0nIoqo5mLxL1vbe508XZaxAMLhX8G0C3DdM2zlivjwq6YtDCr35ABndfcAK6nJBE-3D
>
> To manage Coverity Scan email notifications for "c...@passwd.hu", click
> https://u2389337.ct.sendgrid.net/wf/click?upn=08onrYu34A-2BWcWUl-2F-2BfV0V05UPxvVjWch-2Bd2MGckcRbVDbis712qZDP-2FA8y06Nq4KxDzmpfyD-2F0l0XIVTmMtZD7ylWpUIkhWLZ-2FqTpdzByKR1etBqRMP9Gr8p3ndILxSbjDX9BckY-2F41HYDCOY7v3gsXsVPM0ldLTEl8rIsTJxw-3D_iLiXcktl7KXGjSQAr3vGdzTcLOyVPdi-2FBYEhWvx6cOoPLZW2npBAP5ETvXBhWGQ-2BU3-2BqjFTr8yNdZAvCs7njXlOq2sv2NxTYVnecxAhviSfimYN-2BCgZ-2BLA9CtqCpFfl46oybryC4cyLFEb4qC-2FgzBgmaX-2B-2FDQg4VD4eVWKgYCTGxJyZCCm6W9y4-2For0hWKj-2BcpP9pd4gEimyi3f2fW7AX3ff2au-2BKxQVNznvqdFqYeM-3D
> _______________________________________________
> ffmpeg-devel mailing list
> ffmpeg-devel@ffmpeg.org
> https://ffmpeg.org/mailman/listinfo/ffmpeg-devel
>
> To unsubscribe, visit link above, or email
> ffmpeg-devel-requ...@ffmpeg.org with subject "unsubscribe".
--
=======================================
Jun zhao/赵军
+++++++++++++++++++++++++++++++++++++++
_______________________________________________
ffmpeg-devel mailing list
ffmpeg-devel@ffmpeg.org
https://ffmpeg.org/mailman/listinfo/ffmpeg-devel
To unsubscribe, visit link above, or email
ffmpeg-devel-requ...@ffmpeg.org with subject "unsubscribe".
