On Mon, Oct 05, 2015 at 05:08:56AM +0200, Michael Niedermayer wrote: > On Sun, Oct 04, 2015 at 10:39:26PM -0400, Ganesh Ajjanagadde wrote: > > On Sun, Oct 4, 2015 at 10:16 PM, Michael Niedermayer <michae...@gmx.at> > > wrote: > > > On Sun, Oct 04, 2015 at 09:21:55PM -0400, Ganesh Ajjanagadde wrote: > > >> Fixes CID 1322359, CID 1322358. > > >> > > >> Signed-off-by: Ganesh Ajjanagadde <gajjanaga...@gmail.com> > > >> --- > > >> libavcodec/pngdec.c | 2 +- > > >> 1 file changed, 1 insertion(+), 1 deletion(-) > > >> > > >> diff --git a/libavcodec/pngdec.c b/libavcodec/pngdec.c > > >> index d180141..fe22225 100644 > > >> --- a/libavcodec/pngdec.c > > >> +++ b/libavcodec/pngdec.c > > >> @@ -1006,7 +1006,7 @@ static int handle_p_frame_apng(AVCodecContext > > >> *avctx, PNGDecContext *s, > > >> uint8_t *background = buffer + s->image_linesize * y + > > >> s->bpp * s->x_offset; > > >> for (x = s->x_offset; x < s->x_offset + s->cur_w; ++x, > > >> foreground += s->bpp, background += s->bpp) { > > >> size_t b; > > >> - uint8_t foreground_alpha, background_alpha, > > >> output_alpha; > > >> + uint8_t foreground_alpha = 0, background_alpha, > > >> output_alpha; > > > > > > this looks very odd > > > have you checked that the reference png implementation and png spec > > > set foreground_alpha to 0 for cases that FFmpeg doesnt implement ? ;) > > > > > > warnings can point to bugs and if so the bug should be fixed which > > > should make the warning disappear. If a warning doesnt point to a bug > > > then it should be silenced in some clean way > > > > > > It seems you try to silence this one without really realizing > > > what is wrong with the codepath in which this warning occurs > > > > I did not look at this deeply. Furthermore, I assumed that the > > Coverity scan does not report false positives. More precisely, I > > assumed (incorrectly) that when Coverity says a code path is reached, > > etc it is based on an actual runtime input or a guaranteed static > > analysis, and not simply on some heuristics. Good to know for future > > use of Coverity. > > 50-70% of the coverity issues are "false positives" thats according > to my feeling from what ive seen, not a hard statistic
i wouldnt consider CID 1322359, CID 1322358.to be false positives though. Allthough its quite likely coverity will fail to detect that checking blend_op makes it impossible so after 1e7e4f13f95227d79bc8ab9a2167f02f7a3e063f, if coverity still detects them in the next pass they would be false positives [...] -- Michael GnuPG fingerprint: 9FF2128B147EF6730BADF133611EC787040B0FAB During times of universal deceit, telling the truth becomes a revolutionary act. -- George Orwell
signature.asc
Description: Digital signature
_______________________________________________ ffmpeg-devel mailing list ffmpeg-devel@ffmpeg.org http://ffmpeg.org/mailman/listinfo/ffmpeg-devel