Description
NewWriterWithKeyframeInterval accepts an arbitrary uint32 for the keyframe interval with no validation. When the interval is 0, a modulo operation at line 83 causes a division-by-zero panic at runtime.
Evidence
File: pkg/codec/tape.go:51-66,83
func NewWriterWithKeyframeInterval(w io.Writer, interval uint32) (*Writer, error) {
// no validation on interval — 0 is accepted
return &Writer{
keyframeInterval: interval,
// ...
}, nil
}
// Later, during WriteFrame:
if w.frameCount % w.keyframeInterval == 0 { // line 83 — panic if interval == 0
Impact
Runtime panic crashes the process. Any caller that passes 0 (e.g., from unchecked user config) gets an unrecoverable panic instead of an error.
Suggested Fix
Validate at construction time:
func NewWriterWithKeyframeInterval(w io.Writer, interval uint32) (*Writer, error) {
if interval == 0 {
return nil, fmt.Errorf("keyframe interval must be > 0")
}
// ...
}
🤖 Filed by Metis
Description
NewWriterWithKeyframeIntervalaccepts an arbitraryuint32for the keyframe interval with no validation. When the interval is 0, a modulo operation at line 83 causes a division-by-zero panic at runtime.Evidence
File:
pkg/codec/tape.go:51-66,83Impact
Runtime panic crashes the process. Any caller that passes 0 (e.g., from unchecked user config) gets an unrecoverable panic instead of an error.
Suggested Fix
Validate at construction time:
🤖 Filed by Metis