[FFmpeg-devel] [PATCH] avcodec/pngdec: initialize "foreground_alpha"

Michael Niedermayer michaelni at gmx.at
Mon Oct 5 05:08:56 CEST 2015 

On Sun, Oct 04, 2015 at 10:39:26PM -0400, Ganesh Ajjanagadde wrote:
> On Sun, Oct 4, 2015 at 10:16 PM, Michael Niedermayer <michaelni at gmx.at> wrote:
> > On Sun, Oct 04, 2015 at 09:21:55PM -0400, Ganesh Ajjanagadde wrote:
> >> Fixes CID 1322359, CID 1322358.
> >>
> >> Signed-off-by: Ganesh Ajjanagadde <gajjanagadde at gmail.com>
> >> ---
> >>  libavcodec/pngdec.c | 2 +-
> >>  1 file changed, 1 insertion(+), 1 deletion(-)
> >>
> >> diff --git a/libavcodec/pngdec.c b/libavcodec/pngdec.c
> >> index d180141..fe22225 100644
> >> --- a/libavcodec/pngdec.c
> >> +++ b/libavcodec/pngdec.c
> >> @@ -1006,7 +1006,7 @@ static int handle_p_frame_apng(AVCodecContext *avctx, PNGDecContext *s,
> >>              uint8_t *background = buffer + s->image_linesize * y + s->bpp * s->x_offset;
> >>              for (x = s->x_offset; x < s->x_offset + s->cur_w; ++x, foreground += s->bpp, background += s->bpp) {
> >>                  size_t b;
> >> -                uint8_t foreground_alpha, background_alpha, output_alpha;
> >> +                uint8_t foreground_alpha = 0, background_alpha, output_alpha;
> >
> > this looks very odd
> > have you checked that the reference png implementation and png spec
> > set foreground_alpha to 0 for cases that FFmpeg doesnt implement ? ;)
> >
> > warnings can point to bugs and if so the bug should be fixed which
> > should make the warning disappear. If a warning doesnt point to a bug
> > then it should be silenced in some clean way
> >
> > It seems you try to silence this one without really realizing
> > what is wrong with the codepath in which this warning occurs
> 
> I did not look at this deeply. Furthermore, I assumed that the
> Coverity scan does not report false positives. More precisely, I
> assumed (incorrectly) that when Coverity says a code path is reached,
> etc it is based on an actual runtime input or a guaranteed static
> analysis, and not simply on some heuristics. Good to know for future
> use of Coverity.

50-70% of the coverity issues are "false positives" thats according
to my feeling from what ive seen, not a hard statistic


[...]
-- 
Michael     GnuPG fingerprint: 9FF2128B147EF6730BADF133611EC787040B0FAB

Its not that you shouldnt use gotos but rather that you should write
readable code and code with gotos often but not always is less readable
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 181 bytes
Desc: Digital signature
URL: <http://ffmpeg.org/pipermail/ffmpeg-devel/attachments/20151005/82a013c6/attachment.sig>

More information about the ffmpeg-devel mailing list