Closed Bug 1228286 Opened 4 years ago Closed 4 years ago

[Static Analysis][Garbage Value] In function MPEG4Source::MPEG4Source() from media\libstagefright\frameworks\av\media\libstagefright\MPEG4Extractor.cpp possible garbage value in mCryptoMode


(Core :: Audio/Video: Playback, defect, P5)




Tracking Status
firefox45 --- affected


(Reporter: andi, Assigned: gerald)


(Blocks 1 open bug)


(Keywords: coverity, Whiteboard: CID 1340234)


(1 file)

The Static Analysis tool Coverity added that return value of function mFormat->findInt32(kKeyCryptoMode, &mCryptoMode) is not checked that can cause the variable mCryptoMode to have garbage value and still be used.
Whiteboard: CID 1340234
Flags: needinfo?(cpearce)
While it is correct that mCryptoMode could stay uninitialized if kKeyCryptoMode has not been set during parsing, mCryptoMode is only then accessed in unused code (see bug 1210319), so it doesn't matter.
If I don't work on bug 1210319 soon enough, I'll just patch this quickly by initializing mCryptoMode in the constructor.
Component: Audio/Video → Audio/Video: Playback
Depends on: 1210319
Flags: needinfo?(cpearce)
Priority: -- → P5
To be complete:
mCryptoMode in MPEG4Source is only accessed in unused code, so that's not a problem.
If attachement 8692466 is a proposed patch, I don't think it is what we want (asserting that the value exists). Instead mCryptoMode should just be initialized to a default value, to silence the static analyzer until that code is purged by bug 1210319.

Note: The value for kKeyCryptoMode is also accessed in the binding code, where it is properly checked:
So we do still need to create it when parsing a 'tenc' box.
Assignee: bogdan.postelnicu → gsquelart
Bug 1210319 has landed, proving that mCryptoMode was not actually used, so there is no bug here.

Thank you anyway Bodgan for reporting this potential issue.
Closed: 4 years ago
Resolution: --- → INVALID
You need to log in before you can comment on or make changes to this bug.