[FFmpeg-devel] [PATCH] avcodec/pngdec: initialize "foreground_alpha"

Ganesh Ajjanagadde gajjanag at mit.edu
Mon Oct 5 05:38:57 CEST 2015 

On Sun, Oct 4, 2015 at 11:08 PM, Michael Niedermayer <michaelni at gmx.at> wrote:
> On Sun, Oct 04, 2015 at 10:39:26PM -0400, Ganesh Ajjanagadde wrote:
>> On Sun, Oct 4, 2015 at 10:16 PM, Michael Niedermayer <michaelni at gmx.at> wrote:
>> > On Sun, Oct 04, 2015 at 09:21:55PM -0400, Ganesh Ajjanagadde wrote:
>> >> Fixes CID 1322359, CID 1322358.
>> >>
>> >> Signed-off-by: Ganesh Ajjanagadde <gajjanagadde at gmail.com>
>> >> ---
>> >>  libavcodec/pngdec.c | 2 +-
>> >>  1 file changed, 1 insertion(+), 1 deletion(-)
>> >>
>> >> diff --git a/libavcodec/pngdec.c b/libavcodec/pngdec.c
>> >> index d180141..fe22225 100644
>> >> --- a/libavcodec/pngdec.c
>> >> +++ b/libavcodec/pngdec.c
>> >> @@ -1006,7 +1006,7 @@ static int handle_p_frame_apng(AVCodecContext *avctx, PNGDecContext *s,
>> >>              uint8_t *background = buffer + s->image_linesize * y + s->bpp * s->x_offset;
>> >>              for (x = s->x_offset; x < s->x_offset + s->cur_w; ++x, foreground += s->bpp, background += s->bpp) {
>> >>                  size_t b;
>> >> -                uint8_t foreground_alpha, background_alpha, output_alpha;
>> >> +                uint8_t foreground_alpha = 0, background_alpha, output_alpha;
>> >
>> > this looks very odd
>> > have you checked that the reference png implementation and png spec
>> > set foreground_alpha to 0 for cases that FFmpeg doesnt implement ? ;)
>> >
>> > warnings can point to bugs and if so the bug should be fixed which
>> > should make the warning disappear. If a warning doesnt point to a bug
>> > then it should be silenced in some clean way
>> >
>> > It seems you try to silence this one without really realizing
>> > what is wrong with the codepath in which this warning occurs
>>
>> I did not look at this deeply. Furthermore, I assumed that the
>> Coverity scan does not report false positives. More precisely, I
>> assumed (incorrectly) that when Coverity says a code path is reached,
>> etc it is based on an actual runtime input or a guaranteed static
>> analysis, and not simply on some heuristics. Good to know for future
>> use of Coverity.
>
> 50-70% of the coverity issues are "false positives" thats according
> to my feeling from what ive seen, not a hard statistic

Thanks for the info; this is very useful to know.

>
>
> [...]
> --
> Michael     GnuPG fingerprint: 9FF2128B147EF6730BADF133611EC787040B0FAB
>
> Its not that you shouldnt use gotos but rather that you should write
> readable code and code with gotos often but not always is less readable
>
> _______________________________________________
> ffmpeg-devel mailing list
> ffmpeg-devel at ffmpeg.org
> http://ffmpeg.org/mailman/listinfo/ffmpeg-devel
>

More information about the ffmpeg-devel mailing list