Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler.
Number of rules (primarily dangerous function names) in C/C++ ruleset: 223
Examining data/darknet-0.0.0+git20180914.61c9d02e/include/darknet.h
Examining data/darknet-0.0.0+git20180914.61c9d02e/src/shortcut_layer.h
Examining data/darknet-0.0.0+git20180914.61c9d02e/src/gru_layer.c
Examining data/darknet-0.0.0+git20180914.61c9d02e/src/maxpool_layer.c
Examining data/darknet-0.0.0+git20180914.61c9d02e/src/network.h
Examining data/darknet-0.0.0+git20180914.61c9d02e/src/iseg_layer.c
Examining data/darknet-0.0.0+git20180914.61c9d02e/src/utils.h
Examining data/darknet-0.0.0+git20180914.61c9d02e/src/softmax_layer.c
Examining data/darknet-0.0.0+git20180914.61c9d02e/src/gemm.h
Examining data/darknet-0.0.0+git20180914.61c9d02e/src/classifier.h
Examining data/darknet-0.0.0+git20180914.61c9d02e/src/layer.h
Examining data/darknet-0.0.0+git20180914.61c9d02e/src/yolo_layer.c
Examining data/darknet-0.0.0+git20180914.61c9d02e/src/avgpool_layer.h
Examining data/darknet-0.0.0+git20180914.61c9d02e/src/crnn_layer.c
Examining data/darknet-0.0.0+git20180914.61c9d02e/src/cost_layer.c
Examining data/darknet-0.0.0+git20180914.61c9d02e/src/cuda.c
Examining data/darknet-0.0.0+git20180914.61c9d02e/src/activations.c
Examining data/darknet-0.0.0+git20180914.61c9d02e/src/compare.c
Examining data/darknet-0.0.0+git20180914.61c9d02e/src/detection_layer.c
Examining data/darknet-0.0.0+git20180914.61c9d02e/src/normalization_layer.h
Examining data/darknet-0.0.0+git20180914.61c9d02e/src/l2norm_layer.h
Examining data/darknet-0.0.0+git20180914.61c9d02e/src/crop_layer.h
Examining data/darknet-0.0.0+git20180914.61c9d02e/src/upsample_layer.c
Examining data/darknet-0.0.0+git20180914.61c9d02e/src/image.h
Examining data/darknet-0.0.0+git20180914.61c9d02e/src/tree.c
Examining data/darknet-0.0.0+git20180914.61c9d02e/src/blas.c
Examining data/darknet-0.0.0+git20180914.61c9d02e/src/region_layer.c
Examining data/darknet-0.0.0+git20180914.61c9d02e/src/utils.c
Examining data/darknet-0.0.0+git20180914.61c9d02e/src/matrix.c
Examining data/darknet-0.0.0+git20180914.61c9d02e/src/convolutional_layer.c
Examining data/darknet-0.0.0+git20180914.61c9d02e/src/blas.h
Examining data/darknet-0.0.0+git20180914.61c9d02e/src/lstm_layer.c
Examining data/darknet-0.0.0+git20180914.61c9d02e/src/crnn_layer.h
Examining data/darknet-0.0.0+git20180914.61c9d02e/src/network.c
Examining data/darknet-0.0.0+git20180914.61c9d02e/src/parser.h
Examining data/darknet-0.0.0+git20180914.61c9d02e/src/activation_layer.h
Examining data/darknet-0.0.0+git20180914.61c9d02e/src/l2norm_layer.c
Examining data/darknet-0.0.0+git20180914.61c9d02e/src/gru_layer.h
Examining data/darknet-0.0.0+git20180914.61c9d02e/src/softmax_layer.h
Examining data/darknet-0.0.0+git20180914.61c9d02e/src/shortcut_layer.c
Examining data/darknet-0.0.0+git20180914.61c9d02e/src/demo.h
Examining data/darknet-0.0.0+git20180914.61c9d02e/src/tree.h
Examining data/darknet-0.0.0+git20180914.61c9d02e/src/stb_image_write.h
Examining data/darknet-0.0.0+git20180914.61c9d02e/src/lstm_layer.h
Examining data/darknet-0.0.0+git20180914.61c9d02e/src/box.c
Examining data/darknet-0.0.0+git20180914.61c9d02e/src/batchnorm_layer.c
Examining data/darknet-0.0.0+git20180914.61c9d02e/src/rnn_layer.c
Examining data/darknet-0.0.0+git20180914.61c9d02e/src/batchnorm_layer.h
Examining data/darknet-0.0.0+git20180914.61c9d02e/src/logistic_layer.h
Examining data/darknet-0.0.0+git20180914.61c9d02e/src/region_layer.h
Examining data/darknet-0.0.0+git20180914.61c9d02e/src/layer.c
Examining data/darknet-0.0.0+git20180914.61c9d02e/src/maxpool_layer.h
Examining data/darknet-0.0.0+git20180914.61c9d02e/src/local_layer.c
Examining data/darknet-0.0.0+git20180914.61c9d02e/src/activations.h
Examining data/darknet-0.0.0+git20180914.61c9d02e/src/data.h
Examining data/darknet-0.0.0+git20180914.61c9d02e/src/im2col.c
Examining data/darknet-0.0.0+git20180914.61c9d02e/src/col2im.c
Examining data/darknet-0.0.0+git20180914.61c9d02e/src/deconvolutional_layer.h
Examining data/darknet-0.0.0+git20180914.61c9d02e/src/route_layer.h
Examining data/darknet-0.0.0+git20180914.61c9d02e/src/crop_layer.c
Examining data/darknet-0.0.0+git20180914.61c9d02e/src/logistic_layer.c
Examining data/darknet-0.0.0+git20180914.61c9d02e/src/avgpool_layer.c
Examining data/darknet-0.0.0+git20180914.61c9d02e/src/option_list.c
Examining data/darknet-0.0.0+git20180914.61c9d02e/src/deconvolutional_layer.c
Examining data/darknet-0.0.0+git20180914.61c9d02e/src/gemm.c
Examining data/darknet-0.0.0+git20180914.61c9d02e/src/cost_layer.h
Examining data/darknet-0.0.0+git20180914.61c9d02e/src/activation_layer.c
Examining data/darknet-0.0.0+git20180914.61c9d02e/src/parser.c
Examining data/darknet-0.0.0+git20180914.61c9d02e/src/cuda.h
Examining data/darknet-0.0.0+git20180914.61c9d02e/src/dropout_layer.c
Examining data/darknet-0.0.0+git20180914.61c9d02e/src/detection_layer.h
Examining data/darknet-0.0.0+git20180914.61c9d02e/src/convolutional_layer.h
Examining data/darknet-0.0.0+git20180914.61c9d02e/src/data.c
Examining data/darknet-0.0.0+git20180914.61c9d02e/src/local_layer.h
Examining data/darknet-0.0.0+git20180914.61c9d02e/src/im2col.h
Examining data/darknet-0.0.0+git20180914.61c9d02e/src/route_layer.c
Examining data/darknet-0.0.0+git20180914.61c9d02e/src/upsample_layer.h
Examining data/darknet-0.0.0+git20180914.61c9d02e/src/stb_image.h
Examining data/darknet-0.0.0+git20180914.61c9d02e/src/demo.c
Examining data/darknet-0.0.0+git20180914.61c9d02e/src/dropout_layer.h
Examining data/darknet-0.0.0+git20180914.61c9d02e/src/reorg_layer.h
Examining data/darknet-0.0.0+git20180914.61c9d02e/src/list.h
Examining data/darknet-0.0.0+git20180914.61c9d02e/src/yolo_layer.h
Examining data/darknet-0.0.0+git20180914.61c9d02e/src/box.h
Examining data/darknet-0.0.0+git20180914.61c9d02e/src/col2im.h
Examining data/darknet-0.0.0+git20180914.61c9d02e/src/normalization_layer.c
Examining data/darknet-0.0.0+git20180914.61c9d02e/src/connected_layer.c
Examining data/darknet-0.0.0+git20180914.61c9d02e/src/connected_layer.h
Examining data/darknet-0.0.0+git20180914.61c9d02e/src/list.c
Examining data/darknet-0.0.0+git20180914.61c9d02e/src/matrix.h
Examining data/darknet-0.0.0+git20180914.61c9d02e/src/iseg_layer.h
Examining data/darknet-0.0.0+git20180914.61c9d02e/src/option_list.h
Examining data/darknet-0.0.0+git20180914.61c9d02e/src/reorg_layer.c
Examining data/darknet-0.0.0+git20180914.61c9d02e/src/rnn_layer.h
Examining data/darknet-0.0.0+git20180914.61c9d02e/src/image.c
Examining data/darknet-0.0.0+git20180914.61c9d02e/src/image_opencv.cpp
Examining data/darknet-0.0.0+git20180914.61c9d02e/examples/detector.c
Examining data/darknet-0.0.0+git20180914.61c9d02e/examples/art.c
Examining data/darknet-0.0.0+git20180914.61c9d02e/examples/segmenter.c
Examining data/darknet-0.0.0+git20180914.61c9d02e/examples/regressor.c
Examining data/darknet-0.0.0+git20180914.61c9d02e/examples/tag.c
Examining data/darknet-0.0.0+git20180914.61c9d02e/examples/writing.c
Examining data/darknet-0.0.0+git20180914.61c9d02e/examples/dice.c
Examining data/darknet-0.0.0+git20180914.61c9d02e/examples/darknet.c
Examining data/darknet-0.0.0+git20180914.61c9d02e/examples/classifier.c
Examining data/darknet-0.0.0+git20180914.61c9d02e/examples/instance-segmenter.c
Examining data/darknet-0.0.0+git20180914.61c9d02e/examples/nightmare.c
Examining data/darknet-0.0.0+git20180914.61c9d02e/examples/voxel.c
Examining data/darknet-0.0.0+git20180914.61c9d02e/examples/rnn.c
Examining data/darknet-0.0.0+git20180914.61c9d02e/examples/swag.c
Examining data/darknet-0.0.0+git20180914.61c9d02e/examples/attention.c
Examining data/darknet-0.0.0+git20180914.61c9d02e/examples/super.c
Examining data/darknet-0.0.0+git20180914.61c9d02e/examples/cifar.c
Examining data/darknet-0.0.0+git20180914.61c9d02e/examples/captcha.c
Examining data/darknet-0.0.0+git20180914.61c9d02e/examples/coco.c
Examining data/darknet-0.0.0+git20180914.61c9d02e/examples/go.c
Examining data/darknet-0.0.0+git20180914.61c9d02e/examples/rnn_vid.c
Examining data/darknet-0.0.0+git20180914.61c9d02e/examples/lsd.c
Examining data/darknet-0.0.0+git20180914.61c9d02e/examples/yolo.c

FINAL RESULTS:

data/darknet-0.0.0+git20180914.61c9d02e/examples/attention.c:212:13:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
            sprintf(buff, "%s/%s_%d.weights",backup_directory,base, epoch);
data/darknet-0.0.0+git20180914.61c9d02e/examples/attention.c:217:13:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
            sprintf(buff, "%s/%s.backup",backup_directory,base);
data/darknet-0.0.0+git20180914.61c9d02e/examples/attention.c:222:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf(buff, "%s/%s.weights", backup_directory, base);
data/darknet-0.0.0+git20180914.61c9d02e/examples/captcha.c:87:13:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
            sprintf(buff, "/home/pjreddie/imagenet_backup/%s_%d.weights",base, i);
data/darknet-0.0.0+git20180914.61c9d02e/examples/cifar.c:29:13:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
            sprintf(buff, "%s/%s_%d.weights",backup_directory,base, epoch);
data/darknet-0.0.0+git20180914.61c9d02e/examples/cifar.c:34:13:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
            sprintf(buff, "%s/%s.backup",backup_directory,base);
data/darknet-0.0.0+git20180914.61c9d02e/examples/cifar.c:39:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf(buff, "%s/%s.weights", backup_directory, base);
data/darknet-0.0.0+git20180914.61c9d02e/examples/cifar.c:82:13:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
            sprintf(buff, "%s/%s_%d.weights",backup_directory,base, epoch);
data/darknet-0.0.0+git20180914.61c9d02e/examples/cifar.c:87:13:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
            sprintf(buff, "%s/%s.backup",backup_directory,base);
data/darknet-0.0.0+git20180914.61c9d02e/examples/cifar.c:92:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf(buff, "%s/%s.weights", backup_directory, base);
data/darknet-0.0.0+git20180914.61c9d02e/examples/cifar.c:159:9:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
        sprintf(buff, "data/cifar/train/%d_%s",i,labels[class]);
data/darknet-0.0.0+git20180914.61c9d02e/examples/cifar.c:166:9:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
        sprintf(buff, "data/cifar/test/%d_%s",i,labels[class]);
data/darknet-0.0.0+git20180914.61c9d02e/examples/classifier.c:149:13:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
            sprintf(buff, "%s/%s_%d.weights",backup_directory,base, epoch);
data/darknet-0.0.0+git20180914.61c9d02e/examples/classifier.c:154:13:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
            sprintf(buff, "%s/%s.backup",backup_directory,base);
data/darknet-0.0.0+git20180914.61c9d02e/examples/classifier.c:159:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf(buff, "%s/%s.weights", backup_directory, base);
data/darknet-0.0.0+git20180914.61c9d02e/examples/classifier.c:1040:13:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
            sprintf(buff, "%3.1f%%: %s\n", predictions[index]*100, names[index]);
data/darknet-0.0.0+git20180914.61c9d02e/examples/coco.c:82:13:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
            sprintf(buff, "%s/%s_%d.weights", backup_directory, base, i);
data/darknet-0.0.0+git20180914.61c9d02e/examples/coco.c:87:13:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
            sprintf(buff, "%s/%s.backup", backup_directory, base);
data/darknet-0.0.0+git20180914.61c9d02e/examples/coco.c:93:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf(buff, "%s/%s_final.weights", backup_directory, base);
data/darknet-0.0.0+git20180914.61c9d02e/examples/darknet.c:388:9:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
        sprintf(buff, "%s/gen_%d", prefix, z);
data/darknet-0.0.0+git20180914.61c9d02e/examples/detector.c:135:13:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
            sprintf(buff, "%s/%s.backup", backup_directory, base);
data/darknet-0.0.0+git20180914.61c9d02e/examples/detector.c:143:13:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
            sprintf(buff, "%s/%s_%d.weights", backup_directory, base, i);
data/darknet-0.0.0+git20180914.61c9d02e/examples/detector.c:152:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf(buff, "%s/%s_final.weights", backup_directory, base);
data/darknet-0.0.0+git20180914.61c9d02e/examples/dice.c:39:13:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
            sprintf(buff, "%s/%s_%d.weights",backup_directory,base, i);
data/darknet-0.0.0+git20180914.61c9d02e/examples/go.c:190:13:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
            sprintf(buff, "%s/%s_%d.weights", backup_directory,base, epoch);
data/darknet-0.0.0+git20180914.61c9d02e/examples/go.c:196:13:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
            sprintf(buff, "%s/%s.backup",backup_directory,base);
data/darknet-0.0.0+git20180914.61c9d02e/examples/go.c:201:13:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
            sprintf(buff, "%s/%s_%ld.backup",backup_directory,base,get_current_batch(net));
data/darknet-0.0.0+git20180914.61c9d02e/examples/go.c:205:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf(buff, "%s/%s.weights", backup_directory, base);
data/darknet-0.0.0+git20180914.61c9d02e/examples/go.c:844:9:  [4] (buffer) scanf:
  The scanf() family's %s operation, without a limit specification, permits
  buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
  different input function.
        scanf("%s", buff);
data/darknet-0.0.0+git20180914.61c9d02e/examples/go.c:867:13:  [4] (buffer) scanf:
  The scanf() family's %s operation, without a limit specification, permits
  buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
  different input function.
            scanf("%s %d %d", color, &time, &stones);
data/darknet-0.0.0+git20180914.61c9d02e/examples/go.c:884:13:  [4] (buffer) scanf:
  The scanf() family's %s operation, without a limit specification, permits
  buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
  different input function.
            scanf("%s", comm);
data/darknet-0.0.0+git20180914.61c9d02e/examples/go.c:949:17:  [4] (buffer) scanf:
  The scanf() family's %s operation, without a limit specification, permits
  buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
  different input function.
                scanf("%s ", color);
data/darknet-0.0.0+git20180914.61c9d02e/examples/go.c:995:17:  [4] (buffer) scanf:
  The scanf() family's %s operation, without a limit specification, permits
  buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
  different input function.
                scanf("%s", color);
data/darknet-0.0.0+git20180914.61c9d02e/examples/go.c:1043:13:  [4] (buffer) scanf:
  The scanf() family's %s operation, without a limit specification, permits
  buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
  different input function.
            scanf("%s", type);
data/darknet-0.0.0+git20180914.61c9d02e/examples/go.c:1053:27:  [4] (shell) popen:
  This causes a new program to execute and is difficult to use safely
  (CWE-78). try using a library call that implements the same functionality
  if available.
                FILE *p = popen("./gnugo --mode gtp < game.txt", "r");
data/darknet-0.0.0+git20180914.61c9d02e/examples/go.c:1068:13:  [4] (buffer) scanf:
  The scanf() family's %s operation, without a limit specification, permits
  buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
  different input function.
            scanf("%s", type);
data/darknet-0.0.0+git20180914.61c9d02e/examples/go.c:1077:23:  [4] (shell) popen:
  This causes a new program to execute and is difficult to use safely
  (CWE-78). try using a library call that implements the same functionality
  if available.
            FILE *p = popen("./gnugo --mode gtp < game.txt", "r");
data/darknet-0.0.0+git20180914.61c9d02e/examples/go.c:1194:15:  [4] (shell) popen:
  This causes a new program to execute and is difficult to use safely
  (CWE-78). try using a library call that implements the same functionality
  if available.
    FILE *p = popen("./gnugo --mode gtp < game.txt", "r");
data/darknet-0.0.0+git20180914.61c9d02e/examples/instance-segmenter.c:124:13:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
            sprintf(buff, "%s/%s_%d.weights",backup_directory,base, epoch);
data/darknet-0.0.0+git20180914.61c9d02e/examples/instance-segmenter.c:129:13:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
            sprintf(buff, "%s/%s.backup",backup_directory,base);
data/darknet-0.0.0+git20180914.61c9d02e/examples/instance-segmenter.c:134:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf(buff, "%s/%s.weights", backup_directory, base);
data/darknet-0.0.0+git20180914.61c9d02e/examples/lsd.c:653:13:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
            sprintf(buff, "%s/%s_%d.weights", backup_directory, base, i);
data/darknet-0.0.0+git20180914.61c9d02e/examples/lsd.c:655:13:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
            sprintf(buff, "%s/%s_%d.weights", backup_directory, abase, i);
data/darknet-0.0.0+git20180914.61c9d02e/examples/lsd.c:660:13:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
            sprintf(buff, "%s/%s.backup", backup_directory, base);
data/darknet-0.0.0+git20180914.61c9d02e/examples/lsd.c:662:13:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
            sprintf(buff, "%s/%s.backup", backup_directory, abase);
data/darknet-0.0.0+git20180914.61c9d02e/examples/lsd.c:667:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf(buff, "%s/%s_final.weights", backup_directory, base);
data/darknet-0.0.0+git20180914.61c9d02e/examples/lsd.c:847:13:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
            sprintf(buff, "%s/%s_%d.weights", backup_directory, base, i);
data/darknet-0.0.0+git20180914.61c9d02e/examples/lsd.c:849:13:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
            sprintf(buff, "%s/%s_%d.weights", backup_directory, abase, i);
data/darknet-0.0.0+git20180914.61c9d02e/examples/lsd.c:854:13:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
            sprintf(buff, "%s/%s.backup", backup_directory, base);
data/darknet-0.0.0+git20180914.61c9d02e/examples/lsd.c:856:13:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
            sprintf(buff, "%s/%s.backup", backup_directory, abase);
data/darknet-0.0.0+git20180914.61c9d02e/examples/lsd.c:861:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf(buff, "%s/%s_final.weights", backup_directory, base);
data/darknet-0.0.0+git20180914.61c9d02e/examples/lsd.c:1018:13:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
            sprintf(buff, "%s/%s_%d.weights", backup_directory, base, i);
data/darknet-0.0.0+git20180914.61c9d02e/examples/lsd.c:1020:13:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
            sprintf(buff, "%s/%s_%d.weights", backup_directory, abase, i);
data/darknet-0.0.0+git20180914.61c9d02e/examples/lsd.c:1025:13:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
            sprintf(buff, "%s/%s.backup", backup_directory, base);
data/darknet-0.0.0+git20180914.61c9d02e/examples/lsd.c:1027:13:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
            sprintf(buff, "%s/%s.backup", backup_directory, abase);
data/darknet-0.0.0+git20180914.61c9d02e/examples/lsd.c:1032:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf(buff, "%s/%s_final.weights", backup_directory, base);
data/darknet-0.0.0+git20180914.61c9d02e/examples/nightmare.c:394:13:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
            sprintf(buff, "%s/%s_%s_%d_%06d",prefix, imbase, cfgbase, max_layer, e);
data/darknet-0.0.0+git20180914.61c9d02e/examples/nightmare.c:396:13:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
            sprintf(buff, "%s_%s_%d_%06d",imbase, cfgbase, max_layer, e);
data/darknet-0.0.0+git20180914.61c9d02e/examples/regressor.c:97:13:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
            sprintf(buff, "%s/%s_%d.weights",backup_directory,base, epoch);
data/darknet-0.0.0+git20180914.61c9d02e/examples/regressor.c:102:13:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
            sprintf(buff, "%s/%s.backup",backup_directory,base);
data/darknet-0.0.0+git20180914.61c9d02e/examples/regressor.c:107:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf(buff, "%s/%s.weights", backup_directory, base);
data/darknet-0.0.0+git20180914.61c9d02e/examples/rnn.c:223:13:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
            sprintf(buff, "%s/%s_%d.weights", backup_directory, base, i);
data/darknet-0.0.0+git20180914.61c9d02e/examples/rnn.c:228:13:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
            sprintf(buff, "%s/%s.backup", backup_directory, base);
data/darknet-0.0.0+git20180914.61c9d02e/examples/rnn.c:233:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf(buff, "%s/%s_final.weights", backup_directory, base);
data/darknet-0.0.0+git20180914.61c9d02e/examples/rnn_vid.c:114:13:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
            sprintf(buff, "%s/%s_%d.weights", backup_directory, base, i);
data/darknet-0.0.0+git20180914.61c9d02e/examples/rnn_vid.c:119:13:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
            sprintf(buff, "%s/%s.backup", backup_directory, base);
data/darknet-0.0.0+git20180914.61c9d02e/examples/rnn_vid.c:124:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf(buff, "%s/%s_final.weights", backup_directory, base);
data/darknet-0.0.0+git20180914.61c9d02e/examples/rnn_vid.c:141:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf(buff, "%s%d", name, i);
data/darknet-0.0.0+git20180914.61c9d02e/examples/segmenter.c:112:13:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
            sprintf(buff, "%s/%s_%d.weights",backup_directory,base, epoch);
data/darknet-0.0.0+git20180914.61c9d02e/examples/segmenter.c:117:13:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
            sprintf(buff, "%s/%s.backup",backup_directory,base);
data/darknet-0.0.0+git20180914.61c9d02e/examples/segmenter.c:122:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf(buff, "%s/%s.weights", backup_directory, base);
data/darknet-0.0.0+git20180914.61c9d02e/examples/super.c:52:13:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
            sprintf(buff, "%s/%s_%d.weights", backup_directory, base, i);
data/darknet-0.0.0+git20180914.61c9d02e/examples/super.c:57:13:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
            sprintf(buff, "%s/%s.backup", backup_directory, base);
data/darknet-0.0.0+git20180914.61c9d02e/examples/super.c:63:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf(buff, "%s/%s_final.weights", backup_directory, base);
data/darknet-0.0.0+git20180914.61c9d02e/examples/swag.c:63:13:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
            sprintf(buff, "%s/%s_%d.weights", backup_directory, base, i);
data/darknet-0.0.0+git20180914.61c9d02e/examples/swag.c:69:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf(buff, "%s/%s_final.weights", backup_directory, base);
data/darknet-0.0.0+git20180914.61c9d02e/examples/tag.c:62:13:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
            sprintf(buff, "%s/%s_%d.weights",backup_directory,base, epoch);
data/darknet-0.0.0+git20180914.61c9d02e/examples/tag.c:67:13:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
            sprintf(buff, "%s/%s.backup",backup_directory,base);
data/darknet-0.0.0+git20180914.61c9d02e/examples/tag.c:72:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf(buff, "%s/%s.weights", backup_directory, base);
data/darknet-0.0.0+git20180914.61c9d02e/examples/voxel.c:23:9:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
        sprintf(buff, "%s_%05d_l", prefix, count);
data/darknet-0.0.0+git20180914.61c9d02e/examples/voxel.c:25:9:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
        sprintf(buff, "%s_%05d_r", prefix, count);
data/darknet-0.0.0+git20180914.61c9d02e/examples/voxel.c:91:13:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
            sprintf(buff, "%s/%s_%d.weights", backup_directory, base, i);
data/darknet-0.0.0+git20180914.61c9d02e/examples/voxel.c:96:13:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
            sprintf(buff, "%s/%s.backup", backup_directory, base);
data/darknet-0.0.0+git20180914.61c9d02e/examples/voxel.c:102:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf(buff, "%s/%s_final.weights", backup_directory, base);
data/darknet-0.0.0+git20180914.61c9d02e/examples/writing.c:70:13:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
            sprintf(buff, "%s/%s_batch_%ld.weights", backup_directory, base, get_current_batch(net));
data/darknet-0.0.0+git20180914.61c9d02e/examples/writing.c:76:13:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
            sprintf(buff, "%s/%s_%d.weights",backup_directory,base, epoch);
data/darknet-0.0.0+git20180914.61c9d02e/examples/yolo.c:67:13:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
            sprintf(buff, "%s/%s_%d.weights", backup_directory, base, i);
data/darknet-0.0.0+git20180914.61c9d02e/examples/yolo.c:73:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf(buff, "%s/%s_final.weights", backup_directory, base);
data/darknet-0.0.0+git20180914.61c9d02e/src/compare.c:61:13:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
            sprintf(buff, "%s/%s_%d_minor_%d.weights",backup_directory,base, epoch, i);
data/darknet-0.0.0+git20180914.61c9d02e/src/compare.c:68:13:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
            sprintf(buff, "%s/%s_%d.weights",backup_directory,base, epoch);
data/darknet-0.0.0+git20180914.61c9d02e/src/convolutional_layer.c:616:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf(buff, "%s: Output", window);
data/darknet-0.0.0+git20180914.61c9d02e/src/data.c:379:12:  [4] (buffer) fscanf:
  The scanf() family's %s operation, without a limit specification, permits
  buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
  different input function.
    while((fscanf(file, "%d %s", &id, buff) == 2) && i < num_boxes){
data/darknet-0.0.0+git20180914.61c9d02e/src/data.c:416:12:  [4] (buffer) fscanf:
  The scanf() family's %s operation, without a limit specification, permits
  buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
  different input function.
    while((fscanf(file, "%d %s", &id, buff) == 2) && i < num_boxes){
data/darknet-0.0.0+git20180914.61c9d02e/src/data.c:690:11:  [4] (buffer) fscanf:
  The scanf() family's %s operation, without a limit specification, permits
  buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
  different input function.
    while(fscanf(file, "%d %s", &id, buff) == 2){
data/darknet-0.0.0+git20180914.61c9d02e/src/data.c:721:11:  [4] (buffer) fscanf:
  The scanf() family's %s operation, without a limit specification, permits
  buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
  different input function.
    while(fscanf(file, "%d %s", &id, buff) == 2){
data/darknet-0.0.0+git20180914.61c9d02e/src/demo.c:245:13:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
            sprintf(name, "%s_%08d", prefix, count);
data/darknet-0.0.0+git20180914.61c9d02e/src/image.c:249:21:  [4] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused).
                    strcat(labelstr, names[j]);
data/darknet-0.0.0+git20180914.61c9d02e/src/image.c:253:21:  [4] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused).
                    strcat(labelstr, names[j]);
data/darknet-0.0.0+git20180914.61c9d02e/src/image.c:553:24:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    if(f == PNG)       sprintf(buff, "%s.png", name);
data/darknet-0.0.0+git20180914.61c9d02e/src/image.c:554:24:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    else if (f == BMP) sprintf(buff, "%s.bmp", name);
data/darknet-0.0.0+git20180914.61c9d02e/src/image.c:555:24:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    else if (f == TGA) sprintf(buff, "%s.tga", name);
data/darknet-0.0.0+git20180914.61c9d02e/src/image.c:556:24:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    else if (f == JPG) sprintf(buff, "%s.jpg", name);
data/darknet-0.0.0+git20180914.61c9d02e/src/image.c:557:24:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    else               sprintf(buff, "%s.png", name);
data/darknet-0.0.0+git20180914.61c9d02e/src/image.c:584:9:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
        sprintf(buff, "%s - Layer %d", name, i);
data/darknet-0.0.0+git20180914.61c9d02e/src/image_opencv.cpp:88:9:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
        sprintf(buff, "echo %s >> bad.list", filename);
data/darknet-0.0.0+git20180914.61c9d02e/src/image_opencv.cpp:89:9:  [4] (shell) system:
  This causes a new program to execute and is difficult to use safely
  (CWE-78). try using a library call that implements the same functionality
  if available.
        system(buff);
data/darknet-0.0.0+git20180914.61c9d02e/src/tree.c:96:9:  [4] (buffer) sscanf:
  The scanf() family's %s operation, without a limit specification, permits
  buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
  different input function.
        sscanf(line, "%s %d", id, &parent);
data/darknet-0.0.0+git20180914.61c9d02e/src/utils.c:221:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf(buffer, "%s", str);
data/darknet-0.0.0+git20180914.61c9d02e/src/utils.c:223:9:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
        sprintf(output, "%s", str);
data/darknet-0.0.0+git20180914.61c9d02e/src/utils.c:229:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf(output, "%s%s%s", buffer, rep, p+strlen(orig));
data/darknet-0.0.0+git20180914.61c9d02e/examples/art.c:11:5:  [3] (random) srand:
  This function is not sufficiently random for security-related functions
  such as key and nonce creation (CWE-327). Use a more secure technique for
  acquiring random values.
    srand(2222222);
data/darknet-0.0.0+git20180914.61c9d02e/examples/attention.c:65:5:  [3] (random) srand:
  This function is not sufficiently random for security-related functions
  such as key and nonce creation (CWE-327). Use a more secure technique for
  acquiring random values.
    srand(time(0));
data/darknet-0.0.0+git20180914.61c9d02e/examples/attention.c:68:9:  [3] (random) srand:
  This function is not sufficiently random for security-related functions
  such as key and nonce creation (CWE-327). Use a more secure technique for
  acquiring random values.
        srand(seed);
data/darknet-0.0.0+git20180914.61c9d02e/examples/attention.c:75:5:  [3] (random) srand:
  This function is not sufficiently random for security-related functions
  such as key and nonce creation (CWE-327). Use a more secure technique for
  acquiring random values.
    srand(time(0));
data/darknet-0.0.0+git20180914.61c9d02e/examples/attention.c:238:5:  [3] (random) srand:
  This function is not sufficiently random for security-related functions
  such as key and nonce creation (CWE-327). Use a more secure technique for
  acquiring random values.
    srand(time(0));
data/darknet-0.0.0+git20180914.61c9d02e/examples/attention.c:326:5:  [3] (random) srand:
  This function is not sufficiently random for security-related functions
  such as key and nonce creation (CWE-327). Use a more secure technique for
  acquiring random values.
    srand(time(0));
data/darknet-0.0.0+git20180914.61c9d02e/examples/attention.c:386:5:  [3] (random) srand:
  This function is not sufficiently random for security-related functions
  such as key and nonce creation (CWE-327). Use a more secure technique for
  acquiring random values.
    srand(2222222);
data/darknet-0.0.0+git20180914.61c9d02e/examples/captcha.c:29:5:  [3] (random) srand:
  This function is not sufficiently random for security-related functions
  such as key and nonce creation (CWE-327). Use a more secure technique for
  acquiring random values.
    srand(time(0));
data/darknet-0.0.0+git20180914.61c9d02e/examples/captcha.c:97:5:  [3] (random) srand:
  This function is not sufficiently random for security-related functions
  such as key and nonce creation (CWE-327). Use a more secure technique for
  acquiring random values.
    srand(2222222);
data/darknet-0.0.0+git20180914.61c9d02e/examples/captcha.c:140:5:  [3] (random) srand:
  This function is not sufficiently random for security-related functions
  such as key and nonce creation (CWE-327). Use a more secure technique for
  acquiring random values.
    srand(2222222);
data/darknet-0.0.0+git20180914.61c9d02e/examples/cifar.c:5:5:  [3] (random) srand:
  This function is not sufficiently random for security-related functions
  such as key and nonce creation (CWE-327). Use a more secure technique for
  acquiring random values.
    srand(time(0));
data/darknet-0.0.0+git20180914.61c9d02e/examples/cifar.c:50:5:  [3] (random) srand:
  This function is not sufficiently random for security-related functions
  such as key and nonce creation (CWE-327). Use a more secure technique for
  acquiring random values.
    srand(time(0));
data/darknet-0.0.0+git20180914.61c9d02e/examples/cifar.c:105:5:  [3] (random) srand:
  This function is not sufficiently random for security-related functions
  such as key and nonce creation (CWE-327). Use a more secure technique for
  acquiring random values.
    srand(time(0));
data/darknet-0.0.0+git20180914.61c9d02e/examples/cifar.c:133:5:  [3] (random) srand:
  This function is not sufficiently random for security-related functions
  such as key and nonce creation (CWE-327). Use a more secure technique for
  acquiring random values.
    srand(time(0));
data/darknet-0.0.0+git20180914.61c9d02e/examples/cifar.c:174:5:  [3] (random) srand:
  This function is not sufficiently random for security-related functions
  such as key and nonce creation (CWE-327). Use a more secure technique for
  acquiring random values.
    srand(time(0));
data/darknet-0.0.0+git20180914.61c9d02e/examples/cifar.c:198:5:  [3] (random) srand:
  This function is not sufficiently random for security-related functions
  such as key and nonce creation (CWE-327). Use a more secure technique for
  acquiring random values.
    srand(time(0));
data/darknet-0.0.0+git20180914.61c9d02e/examples/classifier.c:28:5:  [3] (random) srand:
  This function is not sufficiently random for security-related functions
  such as key and nonce creation (CWE-327). Use a more secure technique for
  acquiring random values.
    srand(time(0));
data/darknet-0.0.0+git20180914.61c9d02e/examples/classifier.c:31:9:  [3] (random) srand:
  This function is not sufficiently random for security-related functions
  such as key and nonce creation (CWE-327). Use a more secure technique for
  acquiring random values.
        srand(seed);
data/darknet-0.0.0+git20180914.61c9d02e/examples/classifier.c:38:5:  [3] (random) srand:
  This function is not sufficiently random for security-related functions
  such as key and nonce creation (CWE-327). Use a more secure technique for
  acquiring random values.
    srand(time(0));
data/darknet-0.0.0+git20180914.61c9d02e/examples/classifier.c:100:17:  [3] (random) random:
  This function is not sufficiently random for security-related functions
  such as key and nonce creation (CWE-327). Use a more secure technique for
  acquiring random values.
        if(net->random && count++%40 == 0){
data/darknet-0.0.0+git20180914.61c9d02e/examples/classifier.c:174:5:  [3] (random) srand:
  This function is not sufficiently random for security-related functions
  such as key and nonce creation (CWE-327). Use a more secure technique for
  acquiring random values.
    srand(time(0));
data/darknet-0.0.0+git20180914.61c9d02e/examples/classifier.c:239:5:  [3] (random) srand:
  This function is not sufficiently random for security-related functions
  such as key and nonce creation (CWE-327). Use a more secure technique for
  acquiring random values.
    srand(time(0));
data/darknet-0.0.0+git20180914.61c9d02e/examples/classifier.c:308:5:  [3] (random) srand:
  This function is not sufficiently random for security-related functions
  such as key and nonce creation (CWE-327). Use a more secure technique for
  acquiring random values.
    srand(time(0));
data/darknet-0.0.0+git20180914.61c9d02e/examples/classifier.c:366:5:  [3] (random) srand:
  This function is not sufficiently random for security-related functions
  such as key and nonce creation (CWE-327). Use a more secure technique for
  acquiring random values.
    srand(time(0));
data/darknet-0.0.0+git20180914.61c9d02e/examples/classifier.c:425:5:  [3] (random) srand:
  This function is not sufficiently random for security-related functions
  such as key and nonce creation (CWE-327). Use a more secure technique for
  acquiring random values.
    srand(time(0));
data/darknet-0.0.0+git20180914.61c9d02e/examples/classifier.c:486:5:  [3] (random) srand:
  This function is not sufficiently random for security-related functions
  such as key and nonce creation (CWE-327). Use a more secure technique for
  acquiring random values.
    srand(2222222);
data/darknet-0.0.0+git20180914.61c9d02e/examples/classifier.c:564:5:  [3] (random) srand:
  This function is not sufficiently random for security-related functions
  such as key and nonce creation (CWE-327). Use a more secure technique for
  acquiring random values.
    srand(2222222);
data/darknet-0.0.0+git20180914.61c9d02e/examples/classifier.c:619:5:  [3] (random) srand:
  This function is not sufficiently random for security-related functions
  such as key and nonce creation (CWE-327). Use a more secure technique for
  acquiring random values.
    srand(time(0));
data/darknet-0.0.0+git20180914.61c9d02e/examples/classifier.c:653:5:  [3] (random) srand:
  This function is not sufficiently random for security-related functions
  such as key and nonce creation (CWE-327). Use a more secure technique for
  acquiring random values.
    srand(time(0));
data/darknet-0.0.0+git20180914.61c9d02e/examples/classifier.c:693:5:  [3] (random) srand:
  This function is not sufficiently random for security-related functions
  such as key and nonce creation (CWE-327). Use a more secure technique for
  acquiring random values.
    srand(time(0));
data/darknet-0.0.0+git20180914.61c9d02e/examples/classifier.c:763:5:  [3] (random) srand:
  This function is not sufficiently random for security-related functions
  such as key and nonce creation (CWE-327). Use a more secure technique for
  acquiring random values.
    srand(time(0));
data/darknet-0.0.0+git20180914.61c9d02e/examples/classifier.c:808:5:  [3] (random) srand:
  This function is not sufficiently random for security-related functions
  such as key and nonce creation (CWE-327). Use a more secure technique for
  acquiring random values.
    srand(2222222);
data/darknet-0.0.0+git20180914.61c9d02e/examples/classifier.c:930:5:  [3] (random) srand:
  This function is not sufficiently random for security-related functions
  such as key and nonce creation (CWE-327). Use a more secure technique for
  acquiring random values.
    srand(2222222);
data/darknet-0.0.0+git20180914.61c9d02e/examples/classifier.c:996:5:  [3] (random) srand:
  This function is not sufficiently random for security-related functions
  such as key and nonce creation (CWE-327). Use a more secure technique for
  acquiring random values.
    srand(2222222);
data/darknet-0.0.0+git20180914.61c9d02e/examples/coco.c:16:5:  [3] (random) srand:
  This function is not sufficiently random for security-related functions
  such as key and nonce creation (CWE-327). Use a more secure technique for
  acquiring random values.
    srand(time(0));
data/darknet-0.0.0+git20180914.61c9d02e/examples/coco.c:133:5:  [3] (random) srand:
  This function is not sufficiently random for security-related functions
  such as key and nonce creation (CWE-327). Use a more secure technique for
  acquiring random values.
    srand(time(0));
data/darknet-0.0.0+git20180914.61c9d02e/examples/coco.c:217:5:  [3] (random) srand:
  This function is not sufficiently random for security-related functions
  such as key and nonce creation (CWE-327). Use a more secure technique for
  acquiring random values.
    srand(time(0));
data/darknet-0.0.0+git20180914.61c9d02e/examples/coco.c:300:5:  [3] (random) srand:
  This function is not sufficiently random for security-related functions
  such as key and nonce creation (CWE-327). Use a more secure technique for
  acquiring random values.
    srand(2222222);
data/darknet-0.0.0+git20180914.61c9d02e/examples/detector.c:12:5:  [3] (random) srand:
  This function is not sufficiently random for security-related functions
  such as key and nonce creation (CWE-327). Use a more secure technique for
  acquiring random values.
    srand(time(0));
data/darknet-0.0.0+git20180914.61c9d02e/examples/detector.c:18:5:  [3] (random) srand:
  This function is not sufficiently random for security-related functions
  such as key and nonce creation (CWE-327). Use a more secure technique for
  acquiring random values.
    srand(time(0));
data/darknet-0.0.0+git20180914.61c9d02e/examples/detector.c:22:9:  [3] (random) srand:
  This function is not sufficiently random for security-related functions
  such as key and nonce creation (CWE-327). Use a more secure technique for
  acquiring random values.
        srand(seed);
data/darknet-0.0.0+git20180914.61c9d02e/examples/detector.c:29:5:  [3] (random) srand:
  This function is not sufficiently random for security-related functions
  such as key and nonce creation (CWE-327). Use a more secure technique for
  acquiring random values.
    srand(time(0));
data/darknet-0.0.0+git20180914.61c9d02e/examples/detector.c:63:14:  [3] (random) random:
  This function is not sufficiently random for security-related functions
  such as key and nonce creation (CWE-327). Use a more secure technique for
  acquiring random values.
        if(l.random && count++%10 == 0){
data/darknet-0.0.0+git20180914.61c9d02e/examples/detector.c:249:5:  [3] (random) srand:
  This function is not sufficiently random for security-related functions
  such as key and nonce creation (CWE-327). Use a more secure technique for
  acquiring random values.
    srand(time(0));
data/darknet-0.0.0+git20180914.61c9d02e/examples/detector.c:379:5:  [3] (random) srand:
  This function is not sufficiently random for security-related functions
  such as key and nonce creation (CWE-327). Use a more secure technique for
  acquiring random values.
    srand(time(0));
data/darknet-0.0.0+git20180914.61c9d02e/examples/detector.c:494:5:  [3] (random) srand:
  This function is not sufficiently random for security-related functions
  such as key and nonce creation (CWE-327). Use a more secure technique for
  acquiring random values.
    srand(time(0));
data/darknet-0.0.0+git20180914.61c9d02e/examples/detector.c:571:5:  [3] (random) srand:
  This function is not sufficiently random for security-related functions
  such as key and nonce creation (CWE-327). Use a more secure technique for
  acquiring random values.
    srand(2222222);
data/darknet-0.0.0+git20180914.61c9d02e/examples/dice.c:7:5:  [3] (random) srand:
  This function is not sufficiently random for security-related functions
  such as key and nonce creation (CWE-327). Use a more secure technique for
  acquiring random values.
    srand(time(0));
data/darknet-0.0.0+git20180914.61c9d02e/examples/dice.c:51:5:  [3] (random) srand:
  This function is not sufficiently random for security-related functions
  such as key and nonce creation (CWE-327). Use a more secure technique for
  acquiring random values.
    srand(time(0));
data/darknet-0.0.0+git20180914.61c9d02e/examples/dice.c:73:5:  [3] (random) srand:
  This function is not sufficiently random for security-related functions
  such as key and nonce creation (CWE-327). Use a more secure technique for
  acquiring random values.
    srand(2222222);
data/darknet-0.0.0+git20180914.61c9d02e/examples/go.c:143:5:  [3] (random) srand:
  This function is not sufficiently random for security-related functions
  such as key and nonce creation (CWE-327). Use a more secure technique for
  acquiring random values.
    srand(time(0));
data/darknet-0.0.0+git20180914.61c9d02e/examples/go.c:146:9:  [3] (random) srand:
  This function is not sufficiently random for security-related functions
  such as key and nonce creation (CWE-327). Use a more secure technique for
  acquiring random values.
        srand(seed);
data/darknet-0.0.0+git20180914.61c9d02e/examples/go.c:735:5:  [3] (random) srand:
  This function is not sufficiently random for security-related functions
  such as key and nonce creation (CWE-327). Use a more secure technique for
  acquiring random values.
    srand(time(0));
data/darknet-0.0.0+git20180914.61c9d02e/examples/go.c:818:5:  [3] (random) srand:
  This function is not sufficiently random for security-related functions
  such as key and nonce creation (CWE-327). Use a more secure technique for
  acquiring random values.
    srand(time(0));
data/darknet-0.0.0+git20180914.61c9d02e/examples/go.c:1103:5:  [3] (random) srand:
  This function is not sufficiently random for security-related functions
  such as key and nonce creation (CWE-327). Use a more secure technique for
  acquiring random values.
    srand(time(0));
data/darknet-0.0.0+git20180914.61c9d02e/examples/go.c:1230:5:  [3] (random) srand:
  This function is not sufficiently random for security-related functions
  such as key and nonce creation (CWE-327). Use a more secure technique for
  acquiring random values.
    srand(time(0));
data/darknet-0.0.0+git20180914.61c9d02e/examples/instance-segmenter.c:16:5:  [3] (random) srand:
  This function is not sufficiently random for security-related functions
  such as key and nonce creation (CWE-327). Use a more secure technique for
  acquiring random values.
    srand(time(0));
data/darknet-0.0.0+git20180914.61c9d02e/examples/instance-segmenter.c:19:9:  [3] (random) srand:
  This function is not sufficiently random for security-related functions
  such as key and nonce creation (CWE-327). Use a more secure technique for
  acquiring random values.
        srand(seed);
data/darknet-0.0.0+git20180914.61c9d02e/examples/instance-segmenter.c:26:5:  [3] (random) srand:
  This function is not sufficiently random for security-related functions
  such as key and nonce creation (CWE-327). Use a more secure technique for
  acquiring random values.
    srand(time(0));
data/darknet-0.0.0+git20180914.61c9d02e/examples/instance-segmenter.c:147:5:  [3] (random) srand:
  This function is not sufficiently random for security-related functions
  such as key and nonce creation (CWE-327). Use a more secure technique for
  acquiring random values.
    srand(2222222);
data/darknet-0.0.0+git20180914.61c9d02e/examples/instance-segmenter.c:189:5:  [3] (random) srand:
  This function is not sufficiently random for security-related functions
  such as key and nonce creation (CWE-327). Use a more secure technique for
  acquiring random values.
    srand(2222222);
data/darknet-0.0.0+git20180914.61c9d02e/examples/lsd.c:415:5:  [3] (random) srand:
  This function is not sufficiently random for security-related functions
  such as key and nonce creation (CWE-327). Use a more secure technique for
  acquiring random values.
    srand(2222222);
data/darknet-0.0.0+git20180914.61c9d02e/examples/lsd.c:473:5:  [3] (random) srand:
  This function is not sufficiently random for security-related functions
  such as key and nonce creation (CWE-327). Use a more secure technique for
  acquiring random values.
    srand(2222222);
data/darknet-0.0.0+git20180914.61c9d02e/examples/lsd.c:520:5:  [3] (random) srand:
  This function is not sufficiently random for security-related functions
  such as key and nonce creation (CWE-327). Use a more secure technique for
  acquiring random values.
    srand(time(0));
data/darknet-0.0.0+git20180914.61c9d02e/examples/lsd.c:676:5:  [3] (random) srand:
  This function is not sufficiently random for security-related functions
  such as key and nonce creation (CWE-327). Use a more secure technique for
  acquiring random values.
    srand(time(0));
data/darknet-0.0.0+git20180914.61c9d02e/examples/lsd.c:873:5:  [3] (random) srand:
  This function is not sufficiently random for security-related functions
  such as key and nonce creation (CWE-327). Use a more secure technique for
  acquiring random values.
    srand(time(0));
data/darknet-0.0.0+git20180914.61c9d02e/examples/lsd.c:1298:5:  [3] (random) srand:
  This function is not sufficiently random for security-related functions
  such as key and nonce creation (CWE-327). Use a more secure technique for
  acquiring random values.
    srand(2222222);
data/darknet-0.0.0+git20180914.61c9d02e/examples/nightmare.c:290:5:  [3] (random) srand:
  This function is not sufficiently random for security-related functions
  such as key and nonce creation (CWE-327). Use a more secure technique for
  acquiring random values.
    srand(0);
data/darknet-0.0.0+git20180914.61c9d02e/examples/regressor.c:15:5:  [3] (random) srand:
  This function is not sufficiently random for security-related functions
  such as key and nonce creation (CWE-327). Use a more secure technique for
  acquiring random values.
    srand(time(0));
data/darknet-0.0.0+git20180914.61c9d02e/examples/regressor.c:18:9:  [3] (random) srand:
  This function is not sufficiently random for security-related functions
  such as key and nonce creation (CWE-327). Use a more secure technique for
  acquiring random values.
        srand(seed);
data/darknet-0.0.0+git20180914.61c9d02e/examples/regressor.c:25:5:  [3] (random) srand:
  This function is not sufficiently random for security-related functions
  such as key and nonce creation (CWE-327). Use a more secure technique for
  acquiring random values.
    srand(time(0));
data/darknet-0.0.0+git20180914.61c9d02e/examples/regressor.c:120:5:  [3] (random) srand:
  This function is not sufficiently random for security-related functions
  such as key and nonce creation (CWE-327). Use a more secure technique for
  acquiring random values.
    srand(2222222);
data/darknet-0.0.0+git20180914.61c9d02e/examples/regressor.c:157:5:  [3] (random) srand:
  This function is not sufficiently random for security-related functions
  such as key and nonce creation (CWE-327). Use a more secure technique for
  acquiring random values.
    srand(2222222);
data/darknet-0.0.0+git20180914.61c9d02e/examples/rnn.c:159:5:  [3] (random) srand:
  This function is not sufficiently random for security-related functions
  such as key and nonce creation (CWE-327). Use a more secure technique for
  acquiring random values.
    srand(time(0));
data/darknet-0.0.0+git20180914.61c9d02e/examples/rnn.c:253:5:  [3] (random) srand:
  This function is not sufficiently random for security-related functions
  such as key and nonce creation (CWE-327). Use a more secure technique for
  acquiring random values.
    srand(rseed);
data/darknet-0.0.0+git20180914.61c9d02e/examples/rnn.c:307:5:  [3] (random) srand:
  This function is not sufficiently random for security-related functions
  such as key and nonce creation (CWE-327). Use a more secure technique for
  acquiring random values.
    srand(rseed);
data/darknet-0.0.0+git20180914.61c9d02e/examples/rnn.c:352:5:  [3] (random) srand:
  This function is not sufficiently random for security-related functions
  such as key and nonce creation (CWE-327). Use a more secure technique for
  acquiring random values.
    srand(rseed);
data/darknet-0.0.0+git20180914.61c9d02e/examples/rnn_vid.c:75:5:  [3] (random) srand:
  This function is not sufficiently random for security-related functions
  such as key and nonce creation (CWE-327). Use a more secure technique for
  acquiring random values.
    srand(time(0));
data/darknet-0.0.0+git20180914.61c9d02e/examples/segmenter.c:15:5:  [3] (random) srand:
  This function is not sufficiently random for security-related functions
  such as key and nonce creation (CWE-327). Use a more secure technique for
  acquiring random values.
    srand(time(0));
data/darknet-0.0.0+git20180914.61c9d02e/examples/segmenter.c:18:9:  [3] (random) srand:
  This function is not sufficiently random for security-related functions
  such as key and nonce creation (CWE-327). Use a more secure technique for
  acquiring random values.
        srand(seed);
data/darknet-0.0.0+git20180914.61c9d02e/examples/segmenter.c:25:5:  [3] (random) srand:
  This function is not sufficiently random for security-related functions
  such as key and nonce creation (CWE-327). Use a more secure technique for
  acquiring random values.
    srand(time(0));
data/darknet-0.0.0+git20180914.61c9d02e/examples/segmenter.c:135:5:  [3] (random) srand:
  This function is not sufficiently random for security-related functions
  such as key and nonce creation (CWE-327). Use a more secure technique for
  acquiring random values.
    srand(2222222);
data/darknet-0.0.0+git20180914.61c9d02e/examples/segmenter.c:177:5:  [3] (random) srand:
  This function is not sufficiently random for security-related functions
  such as key and nonce creation (CWE-327). Use a more secure technique for
  acquiring random values.
    srand(2222222);
data/darknet-0.0.0+git20180914.61c9d02e/examples/super.c:7:5:  [3] (random) srand:
  This function is not sufficiently random for security-related functions
  such as key and nonce creation (CWE-327). Use a more secure technique for
  acquiring random values.
    srand(time(0));
data/darknet-0.0.0+git20180914.61c9d02e/examples/super.c:71:5:  [3] (random) srand:
  This function is not sufficiently random for security-related functions
  such as key and nonce creation (CWE-327). Use a more secure technique for
  acquiring random values.
    srand(2222222);
data/darknet-0.0.0+git20180914.61c9d02e/examples/swag.c:8:5:  [3] (random) srand:
  This function is not sufficiently random for security-related functions
  such as key and nonce creation (CWE-327). Use a more secure technique for
  acquiring random values.
    srand(time(0));
data/darknet-0.0.0+git20180914.61c9d02e/examples/tag.c:5:5:  [3] (random) srand:
  This function is not sufficiently random for security-related functions
  such as key and nonce creation (CWE-327). Use a more secure technique for
  acquiring random values.
    srand(time(0));
data/darknet-0.0.0+git20180914.61c9d02e/examples/tag.c:87:5:  [3] (random) srand:
  This function is not sufficiently random for security-related functions
  such as key and nonce creation (CWE-327). Use a more secure technique for
  acquiring random values.
    srand(2222222);
data/darknet-0.0.0+git20180914.61c9d02e/examples/voxel.c:43:5:  [3] (random) srand:
  This function is not sufficiently random for security-related functions
  such as key and nonce creation (CWE-327). Use a more secure technique for
  acquiring random values.
    srand(time(0));
data/darknet-0.0.0+git20180914.61c9d02e/examples/voxel.c:113:5:  [3] (random) srand:
  This function is not sufficiently random for security-related functions
  such as key and nonce creation (CWE-327). Use a more secure technique for
  acquiring random values.
    srand(2222222);
data/darknet-0.0.0+git20180914.61c9d02e/examples/writing.c:6:5:  [3] (random) srand:
  This function is not sufficiently random for security-related functions
  such as key and nonce creation (CWE-327). Use a more secure technique for
  acquiring random values.
    srand(time(0));
data/darknet-0.0.0+git20180914.61c9d02e/examples/writing.c:89:5:  [3] (random) srand:
  This function is not sufficiently random for security-related functions
  such as key and nonce creation (CWE-327). Use a more secure technique for
  acquiring random values.
    srand(2222222);
data/darknet-0.0.0+git20180914.61c9d02e/examples/yolo.c:9:5:  [3] (random) srand:
  This function is not sufficiently random for security-related functions
  such as key and nonce creation (CWE-327). Use a more secure technique for
  acquiring random values.
    srand(time(0));
data/darknet-0.0.0+git20180914.61c9d02e/examples/yolo.c:103:5:  [3] (random) srand:
  This function is not sufficiently random for security-related functions
  such as key and nonce creation (CWE-327). Use a more secure technique for
  acquiring random values.
    srand(time(0));
data/darknet-0.0.0+git20180914.61c9d02e/examples/yolo.c:187:5:  [3] (random) srand:
  This function is not sufficiently random for security-related functions
  such as key and nonce creation (CWE-327). Use a more secure technique for
  acquiring random values.
    srand(time(0));
data/darknet-0.0.0+git20180914.61c9d02e/examples/yolo.c:271:5:  [3] (random) srand:
  This function is not sufficiently random for security-related functions
  such as key and nonce creation (CWE-327). Use a more secure technique for
  acquiring random values.
    srand(2222222);
data/darknet-0.0.0+git20180914.61c9d02e/include/darknet.h:191:9:  [3] (random) random:
  This function is not sufficiently random for security-related functions
  such as key and nonce creation (CWE-327). Use a more secure technique for
  acquiring random values.
    int random;
data/darknet-0.0.0+git20180914.61c9d02e/include/darknet.h:475:9:  [3] (random) random:
  This function is not sufficiently random for security-related functions
  such as key and nonce creation (CWE-327). Use a more secure technique for
  acquiring random values.
    int random;
data/darknet-0.0.0+git20180914.61c9d02e/src/compare.c:12:5:  [3] (random) srand:
  This function is not sufficiently random for security-related functions
  such as key and nonce creation (CWE-327). Use a more secure technique for
  acquiring random values.
    srand(time(0));
data/darknet-0.0.0+git20180914.61c9d02e/src/compare.c:88:5:  [3] (random) srand:
  This function is not sufficiently random for security-related functions
  such as key and nonce creation (CWE-327). Use a more secure technique for
  acquiring random values.
    srand(time(0));
data/darknet-0.0.0+git20180914.61c9d02e/src/compare.c:234:5:  [3] (random) srand:
  This function is not sufficiently random for security-related functions
  such as key and nonce creation (CWE-327). Use a more secure technique for
  acquiring random values.
    srand(time(0));
data/darknet-0.0.0+git20180914.61c9d02e/src/compare.c:266:5:  [3] (random) srand:
  This function is not sufficiently random for security-related functions
  such as key and nonce creation (CWE-327). Use a more secure technique for
  acquiring random values.
    srand(time(0));
data/darknet-0.0.0+git20180914.61c9d02e/src/demo.c:202:5:  [3] (random) srand:
  This function is not sufficiently random for security-related functions
  such as key and nonce creation (CWE-327). Use a more secure technique for
  acquiring random values.
    srand(2222222);
data/darknet-0.0.0+git20180914.61c9d02e/src/detection_layer.c:45:5:  [3] (random) srand:
  This function is not sufficiently random for security-related functions
  such as key and nonce creation (CWE-327). Use a more secure technique for
  acquiring random values.
    srand(0);
data/darknet-0.0.0+git20180914.61c9d02e/src/detection_layer.c:143:22:  [3] (random) random:
  This function is not sufficiently random for security-related functions
  such as key and nonce creation (CWE-327). Use a more secure technique for
  acquiring random values.
                if(l.random && *(net.seen) < 64000){
data/darknet-0.0.0+git20180914.61c9d02e/src/gemm.c:250:5:  [3] (random) srand:
  This function is not sufficiently random for security-related functions
  such as key and nonce creation (CWE-327). Use a more secure technique for
  acquiring random values.
    srand(0);
data/darknet-0.0.0+git20180914.61c9d02e/src/iseg_layer.c:53:5:  [3] (random) srand:
  This function is not sufficiently random for security-related functions
  such as key and nonce creation (CWE-327). Use a more secure technique for
  acquiring random values.
    srand(0);
data/darknet-0.0.0+git20180914.61c9d02e/src/region_layer.c:51:5:  [3] (random) srand:
  This function is not sufficiently random for security-related functions
  such as key and nonce creation (CWE-327). Use a more secure technique for
  acquiring random values.
    srand(0);
data/darknet-0.0.0+git20180914.61c9d02e/src/yolo_layer.c:58:5:  [3] (random) srand:
  This function is not sufficiently random for security-related functions
  such as key and nonce creation (CWE-327). Use a more secure technique for
  acquiring random values.
    srand(0);
data/darknet-0.0.0+git20180914.61c9d02e/examples/attention.c:28:13:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
            memcpy(X+b*test.X.cols, test.X.vals[i+b], test.X.cols*sizeof(float));
data/darknet-0.0.0+git20180914.61c9d02e/examples/attention.c:29:13:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
            memcpy(y+b*test.y.cols, test.y.vals[i+b], test.y.cols*sizeof(float));
data/darknet-0.0.0+git20180914.61c9d02e/examples/attention.c:211:13:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
            char buff[256];
data/darknet-0.0.0+git20180914.61c9d02e/examples/attention.c:216:13:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
            char buff[256];
data/darknet-0.0.0+git20180914.61c9d02e/examples/attention.c:221:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char buff[256];
data/darknet-0.0.0+git20180914.61c9d02e/examples/attention.c:398:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char buff[256];
data/darknet-0.0.0+git20180914.61c9d02e/examples/captcha.c:86:13:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
            char buff[256];
data/darknet-0.0.0+git20180914.61c9d02e/examples/captcha.c:100:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char buff[256];
data/darknet-0.0.0+git20180914.61c9d02e/examples/cifar.c:28:13:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
            char buff[256];
data/darknet-0.0.0+git20180914.61c9d02e/examples/cifar.c:33:13:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
            char buff[256];
data/darknet-0.0.0+git20180914.61c9d02e/examples/cifar.c:38:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char buff[256];
data/darknet-0.0.0+git20180914.61c9d02e/examples/cifar.c:81:13:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
            char buff[256];
data/darknet-0.0.0+git20180914.61c9d02e/examples/cifar.c:86:13:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
            char buff[256];
data/darknet-0.0.0+git20180914.61c9d02e/examples/cifar.c:91:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char buff[256];
data/darknet-0.0.0+git20180914.61c9d02e/examples/cifar.c:158:9:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
        char buff[256];
data/darknet-0.0.0+git20180914.61c9d02e/examples/cifar.c:165:9:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
        char buff[256];
data/darknet-0.0.0+git20180914.61c9d02e/examples/classifier.c:148:13:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
            char buff[256];
data/darknet-0.0.0+git20180914.61c9d02e/examples/classifier.c:153:13:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
            char buff[256];
data/darknet-0.0.0+git20180914.61c9d02e/examples/classifier.c:158:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char buff[256];
data/darknet-0.0.0+git20180914.61c9d02e/examples/classifier.c:498:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char buff[256];
data/darknet-0.0.0+git20180914.61c9d02e/examples/classifier.c:576:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char buff[256];
data/darknet-0.0.0+git20180914.61c9d02e/examples/classifier.c:892:9:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
        char buff[256];
data/darknet-0.0.0+git20180914.61c9d02e/examples/classifier.c:893:9:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
        sprintf(buff, "/home/pjreddie/tmp/threat_%06d", count);
data/darknet-0.0.0+git20180914.61c9d02e/examples/classifier.c:1039:13:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
            char buff[1024];
data/darknet-0.0.0+git20180914.61c9d02e/examples/classifier.c:1080:27:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
    int layer = layer_s ? atoi(layer_s) : -1;
data/darknet-0.0.0+git20180914.61c9d02e/examples/classifier.c:1083:85:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
    else if(0==strcmp(argv[2], "try")) try_classifier(data, cfg, weights, filename, atoi(layer_s));
data/darknet-0.0.0+git20180914.61c9d02e/examples/coco.c:81:13:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
            char buff[256];
data/darknet-0.0.0+git20180914.61c9d02e/examples/coco.c:86:13:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
            char buff[256];
data/darknet-0.0.0+git20180914.61c9d02e/examples/coco.c:92:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char buff[256];
data/darknet-0.0.0+git20180914.61c9d02e/examples/coco.c:125:12:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
    return atoi(p+1);
data/darknet-0.0.0+git20180914.61c9d02e/examples/coco.c:144:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char buff[1024];
data/darknet-0.0.0+git20180914.61c9d02e/examples/coco.c:146:16:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
    FILE *fp = fopen(buff, "w");
data/darknet-0.0.0+git20180914.61c9d02e/examples/coco.c:230:9:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
        char buff[1024];
data/darknet-0.0.0+git20180914.61c9d02e/examples/coco.c:232:18:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
        fps[j] = fopen(buff, "w");
data/darknet-0.0.0+git20180914.61c9d02e/examples/coco.c:258:9:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
        char labelpath[4096];
data/darknet-0.0.0+git20180914.61c9d02e/examples/coco.c:303:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char buff[256];
data/darknet-0.0.0+git20180914.61c9d02e/examples/darknet.c:387:9:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
        char buff[256];
data/darknet-0.0.0+git20180914.61c9d02e/examples/darknet.c:481:48:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
        speed(argv[2], (argc > 3 && argv[3]) ? atoi(argv[3]) : 0);
data/darknet-0.0.0+git20180914.61c9d02e/examples/darknet.c:485:44:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
        oneoff2(argv[2], argv[3], argv[4], atoi(argv[5]));
data/darknet-0.0.0+git20180914.61c9d02e/examples/darknet.c:487:41:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
        print_weights(argv[2], argv[3], atoi(argv[4]));
data/darknet-0.0.0+git20180914.61c9d02e/examples/darknet.c:489:44:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
        partial(argv[2], argv[3], argv[4], atoi(argv[5]));
data/darknet-0.0.0+git20180914.61c9d02e/examples/darknet.c:495:33:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
        mkimg(argv[2], argv[3], atoi(argv[4]), atoi(argv[5]), atoi(argv[6]), argv[7]);
data/darknet-0.0.0+git20180914.61c9d02e/examples/darknet.c:495:48:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
        mkimg(argv[2], argv[3], atoi(argv[4]), atoi(argv[5]), atoi(argv[6]), argv[7]);
data/darknet-0.0.0+git20180914.61c9d02e/examples/darknet.c:495:63:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
        mkimg(argv[2], argv[3], atoi(argv[4]), atoi(argv[5]), atoi(argv[6]), argv[7]);
data/darknet-0.0.0+git20180914.61c9d02e/examples/detector.c:134:13:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
            char buff[256];
data/darknet-0.0.0+git20180914.61c9d02e/examples/detector.c:142:13:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
            char buff[256];
data/darknet-0.0.0+git20180914.61c9d02e/examples/detector.c:151:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char buff[256];
data/darknet-0.0.0+git20180914.61c9d02e/examples/detector.c:162:12:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
    return atoi(p+1);
data/darknet-0.0.0+git20180914.61c9d02e/examples/detector.c:257:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char buff[1024];
data/darknet-0.0.0+git20180914.61c9d02e/examples/detector.c:266:14:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
        fp = fopen(buff, "w");
data/darknet-0.0.0+git20180914.61c9d02e/examples/detector.c:272:14:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
        fp = fopen(buff, "w");
data/darknet-0.0.0+git20180914.61c9d02e/examples/detector.c:280:22:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
            fps[j] = fopen(buff, "w");
data/darknet-0.0.0+git20180914.61c9d02e/examples/detector.c:387:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char buff[1024];
data/darknet-0.0.0+git20180914.61c9d02e/examples/detector.c:396:14:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
        fp = fopen(buff, "w");
data/darknet-0.0.0+git20180914.61c9d02e/examples/detector.c:402:14:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
        fp = fopen(buff, "w");
data/darknet-0.0.0+git20180914.61c9d02e/examples/detector.c:410:22:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
            fps[j] = fopen(buff, "w");
data/darknet-0.0.0+git20180914.61c9d02e/examples/detector.c:525:9:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
        char labelpath[4096];
data/darknet-0.0.0+git20180914.61c9d02e/examples/detector.c:573:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char buff[256];
data/darknet-0.0.0+git20180914.61c9d02e/examples/detector.c:816:23:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
            gpus[i] = atoi(gpu_list);
data/darknet-0.0.0+git20180914.61c9d02e/examples/dice.c:38:13:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
            char buff[256];
data/darknet-0.0.0+git20180914.61c9d02e/examples/dice.c:76:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char buff[256];
data/darknet-0.0.0+git20180914.61c9d02e/examples/go.c:36:16:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
    FILE *fp = fopen(filename, "rb");
data/darknet-0.0.0+git20180914.61c9d02e/examples/go.c:158:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char buff[256];
data/darknet-0.0.0+git20180914.61c9d02e/examples/go.c:189:13:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
            char buff[256];
data/darknet-0.0.0+git20180914.61c9d02e/examples/go.c:195:13:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
            char buff[256];
data/darknet-0.0.0+git20180914.61c9d02e/examples/go.c:200:13:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
            char buff[256];
data/darknet-0.0.0+git20180914.61c9d02e/examples/go.c:404:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(in + 19*19*3*j, im.data, 19*19*3*sizeof(float));
data/darknet-0.0.0+git20180914.61c9d02e/examples/go.c:841:9:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
        char buff[256];
data/darknet-0.0.0+git20180914.61c9d02e/examples/go.c:847:9:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
        char ids[256];
data/darknet-0.0.0+git20180914.61c9d02e/examples/go.c:848:9:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
        sprintf(ids, "%d", id);
data/darknet-0.0.0+git20180914.61c9d02e/examples/go.c:865:13:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
            char color[256];
data/darknet-0.0.0+git20180914.61c9d02e/examples/go.c:883:13:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
            char comm[256];
data/darknet-0.0.0+git20180914.61c9d02e/examples/go.c:946:13:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
            char color[256];
data/darknet-0.0.0+git20180914.61c9d02e/examples/go.c:994:17:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
                char color[256];
data/darknet-0.0.0+git20180914.61c9d02e/examples/go.c:1042:13:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
            char type[256];
data/darknet-0.0.0+git20180914.61c9d02e/examples/go.c:1049:27:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
                FILE *f = fopen("game.txt", "w");
data/darknet-0.0.0+git20180914.61c9d02e/examples/go.c:1067:13:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
            char type[256];
data/darknet-0.0.0+git20180914.61c9d02e/examples/go.c:1073:23:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
            FILE *f = fopen("game.txt", "w");
data/darknet-0.0.0+git20180914.61c9d02e/examples/go.c:1190:15:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
    FILE *f = fopen("game.txt", "w");
data/darknet-0.0.0+git20180914.61c9d02e/examples/go.c:1231:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char boards[600][93];
data/darknet-0.0.0+git20180914.61c9d02e/examples/go.c:1342:23:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
            gpus[i] = atoi(gpu_list);
data/darknet-0.0.0+git20180914.61c9d02e/examples/instance-segmenter.c:123:13:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
            char buff[256];
data/darknet-0.0.0+git20180914.61c9d02e/examples/instance-segmenter.c:128:13:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
            char buff[256];
data/darknet-0.0.0+git20180914.61c9d02e/examples/instance-segmenter.c:133:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char buff[256];
data/darknet-0.0.0+git20180914.61c9d02e/examples/instance-segmenter.c:150:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char buff[256];
data/darknet-0.0.0+git20180914.61c9d02e/examples/instance-segmenter.c:246:23:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
            gpus[i] = atoi(gpu_list);
data/darknet-0.0.0+git20180914.61c9d02e/examples/lsd.c:418:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char buff[256];
data/darknet-0.0.0+git20180914.61c9d02e/examples/lsd.c:462:9:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
        sprintf(buff, "out%05d", c);
data/darknet-0.0.0+git20180914.61c9d02e/examples/lsd.c:476:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char buff[256];
data/darknet-0.0.0+git20180914.61c9d02e/examples/lsd.c:547:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char *ls[2] = {"imagenet", "zzzzzzzz"};
data/darknet-0.0.0+git20180914.61c9d02e/examples/lsd.c:652:13:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
            char buff[256];
data/darknet-0.0.0+git20180914.61c9d02e/examples/lsd.c:659:13:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
            char buff[256];
data/darknet-0.0.0+git20180914.61c9d02e/examples/lsd.c:666:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char buff[256];
data/darknet-0.0.0+git20180914.61c9d02e/examples/lsd.c:711:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char *ls[2] = {"imagenet", "zzzzzzzz"};
data/darknet-0.0.0+git20180914.61c9d02e/examples/lsd.c:846:13:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
            char buff[256];
data/darknet-0.0.0+git20180914.61c9d02e/examples/lsd.c:853:13:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
            char buff[256];
data/darknet-0.0.0+git20180914.61c9d02e/examples/lsd.c:860:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char buff[256];
data/darknet-0.0.0+git20180914.61c9d02e/examples/lsd.c:907:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char *ls[2] = {"imagenet"};
data/darknet-0.0.0+git20180914.61c9d02e/examples/lsd.c:1017:13:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
            char buff[256];
data/darknet-0.0.0+git20180914.61c9d02e/examples/lsd.c:1024:13:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
            char buff[256];
data/darknet-0.0.0+git20180914.61c9d02e/examples/lsd.c:1031:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char buff[256];
data/darknet-0.0.0+git20180914.61c9d02e/examples/lsd.c:1301:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char buff[256];
data/darknet-0.0.0+git20180914.61c9d02e/examples/nightmare.c:299:21:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
    int max_layer = atoi(argv[5]);
data/darknet-0.0.0+git20180914.61c9d02e/examples/nightmare.c:392:9:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
        char buff[256];
data/darknet-0.0.0+git20180914.61c9d02e/examples/regressor.c:96:13:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
            char buff[256];
data/darknet-0.0.0+git20180914.61c9d02e/examples/regressor.c:101:13:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
            char buff[256];
data/darknet-0.0.0+git20180914.61c9d02e/examples/regressor.c:106:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char buff[256];
data/darknet-0.0.0+git20180914.61c9d02e/examples/regressor.c:123:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char buff[256];
data/darknet-0.0.0+git20180914.61c9d02e/examples/regressor.c:220:23:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
            gpus[i] = atoi(gpu_list);
data/darknet-0.0.0+git20180914.61c9d02e/examples/rnn.c:28:16:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
    FILE *fp = fopen(filename, "r");
data/darknet-0.0.0+git20180914.61c9d02e/examples/rnn.c:51:16:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
    FILE *fp = fopen(filename, "r");
data/darknet-0.0.0+git20180914.61c9d02e/examples/rnn.c:222:13:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
            char buff[256];
data/darknet-0.0.0+git20180914.61c9d02e/examples/rnn.c:227:13:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
            char buff[256];
data/darknet-0.0.0+git20180914.61c9d02e/examples/rnn.c:232:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char buff[256];
data/darknet-0.0.0+git20180914.61c9d02e/examples/rnn_vid.c:47:13:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
            memcpy(input + i*input_size, re.data, input_size*sizeof(float));
data/darknet-0.0.0+git20180914.61c9d02e/examples/rnn_vid.c:56:13:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
            memcpy(feats + (b + i*batch)*output_size, output + i*output_size, output_size*sizeof(float));
data/darknet-0.0.0+git20180914.61c9d02e/examples/rnn_vid.c:113:13:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
            char buff[256];
data/darknet-0.0.0+git20180914.61c9d02e/examples/rnn_vid.c:118:13:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
            char buff[256];
data/darknet-0.0.0+git20180914.61c9d02e/examples/rnn_vid.c:123:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char buff[256];
data/darknet-0.0.0+git20180914.61c9d02e/examples/rnn_vid.c:140:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char buff[256];
data/darknet-0.0.0+git20180914.61c9d02e/examples/segmenter.c:111:13:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
            char buff[256];
data/darknet-0.0.0+git20180914.61c9d02e/examples/segmenter.c:116:13:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
            char buff[256];
data/darknet-0.0.0+git20180914.61c9d02e/examples/segmenter.c:121:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char buff[256];
data/darknet-0.0.0+git20180914.61c9d02e/examples/segmenter.c:138:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char buff[256];
data/darknet-0.0.0+git20180914.61c9d02e/examples/segmenter.c:234:23:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
            gpus[i] = atoi(gpu_list);
data/darknet-0.0.0+git20180914.61c9d02e/examples/super.c:51:13:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
            char buff[256];
data/darknet-0.0.0+git20180914.61c9d02e/examples/super.c:56:13:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
            char buff[256];
data/darknet-0.0.0+git20180914.61c9d02e/examples/super.c:62:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char buff[256];
data/darknet-0.0.0+git20180914.61c9d02e/examples/super.c:74:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char buff[256];
data/darknet-0.0.0+git20180914.61c9d02e/examples/swag.c:62:13:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
            char buff[256];
data/darknet-0.0.0+git20180914.61c9d02e/examples/swag.c:68:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char buff[256];
data/darknet-0.0.0+git20180914.61c9d02e/examples/tag.c:61:13:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
            char buff[256];
data/darknet-0.0.0+git20180914.61c9d02e/examples/tag.c:66:13:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
            char buff[256];
data/darknet-0.0.0+git20180914.61c9d02e/examples/tag.c:71:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char buff[256];
data/darknet-0.0.0+git20180914.61c9d02e/examples/tag.c:92:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char buff[256];
data/darknet-0.0.0+git20180914.61c9d02e/examples/voxel.c:22:9:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
        char buff[256];
data/darknet-0.0.0+git20180914.61c9d02e/examples/voxel.c:90:13:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
            char buff[256];
data/darknet-0.0.0+git20180914.61c9d02e/examples/voxel.c:95:13:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
            char buff[256];
data/darknet-0.0.0+git20180914.61c9d02e/examples/voxel.c:101:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char buff[256];
data/darknet-0.0.0+git20180914.61c9d02e/examples/voxel.c:116:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char buff[256];
data/darknet-0.0.0+git20180914.61c9d02e/examples/writing.c:69:13:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
            char buff[256];
data/darknet-0.0.0+git20180914.61c9d02e/examples/writing.c:75:13:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
            char buff[256];
data/darknet-0.0.0+git20180914.61c9d02e/examples/writing.c:91:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char buff[256];
data/darknet-0.0.0+git20180914.61c9d02e/examples/yolo.c:66:13:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
            char buff[256];
data/darknet-0.0.0+git20180914.61c9d02e/examples/yolo.c:72:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char buff[256];
data/darknet-0.0.0+git20180914.61c9d02e/examples/yolo.c:117:9:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
        char buff[1024];
data/darknet-0.0.0+git20180914.61c9d02e/examples/yolo.c:119:18:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
        fps[j] = fopen(buff, "w");
data/darknet-0.0.0+git20180914.61c9d02e/examples/yolo.c:200:9:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
        char buff[1024];
data/darknet-0.0.0+git20180914.61c9d02e/examples/yolo.c:202:18:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
        fps[j] = fopen(buff, "w");
data/darknet-0.0.0+git20180914.61c9d02e/examples/yolo.c:228:9:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
        char labelpath[4096];
data/darknet-0.0.0+git20180914.61c9d02e/examples/yolo.c:273:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char buff[256];
data/darknet-0.0.0+git20180914.61c9d02e/src/blas.c:46:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(x, swap, size*layers*batch*sizeof(float));
data/darknet-0.0.0+git20180914.61c9d02e/src/compare.c:60:13:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
            char buff[256];
data/darknet-0.0.0+git20180914.61c9d02e/src/compare.c:67:13:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
            char buff[256];
data/darknet-0.0.0+git20180914.61c9d02e/src/compare.c:180:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(X,                   im1.data, im1.w*im1.h*im1.c*sizeof(float));
data/darknet-0.0.0+git20180914.61c9d02e/src/compare.c:181:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(X+im1.w*im1.h*im1.c, im2.data, im2.w*im2.h*im2.c*sizeof(float));
data/darknet-0.0.0+git20180914.61c9d02e/src/compare.c:209:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(X,                   im1.data, im1.w*im1.h*im1.c*sizeof(float));
data/darknet-0.0.0+git20180914.61c9d02e/src/compare.c:210:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(X+im1.w*im1.h*im1.c, im2.data, im2.w*im2.h*im2.c*sizeof(float));
data/darknet-0.0.0+git20180914.61c9d02e/src/compare.c:322:9:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
        char buff[256];
data/darknet-0.0.0+git20180914.61c9d02e/src/compare.c:323:9:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
        sprintf(buff, "results/battle_%d.log", class);
data/darknet-0.0.0+git20180914.61c9d02e/src/compare.c:324:23:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
        FILE *outfp = fopen(buff, "w");
data/darknet-0.0.0+git20180914.61c9d02e/src/convolutional_layer.c:615:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char buff[256];
data/darknet-0.0.0+git20180914.61c9d02e/src/cuda.c:34:9:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
        char buffer[256];
data/darknet-0.0.0+git20180914.61c9d02e/src/cuda.c:43:9:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
        char buffer[256];
data/darknet-0.0.0+git20180914.61c9d02e/src/data.c:15:18:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
    FILE *file = fopen(filename, "r");
data/darknet-0.0.0+git20180914.61c9d02e/src/data.c:61:9:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
        char replaced[4096];
data/darknet-0.0.0+git20180914.61c9d02e/src/data.c:141:18:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
    FILE *file = fopen(filename, "r");
data/darknet-0.0.0+git20180914.61c9d02e/src/data.c:219:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char labelpath[4096];
data/darknet-0.0.0+git20180914.61c9d02e/src/data.c:257:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char labelpath[4096];
data/darknet-0.0.0+git20180914.61c9d02e/src/data.c:366:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char labelpath[4096];
data/darknet-0.0.0+git20180914.61c9d02e/src/data.c:372:18:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
    FILE *file = fopen(labelpath, "r");
data/darknet-0.0.0+git20180914.61c9d02e/src/data.c:374:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char buff[32788];
data/darknet-0.0.0+git20180914.61c9d02e/src/data.c:404:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char labelpath[4096];
data/darknet-0.0.0+git20180914.61c9d02e/src/data.c:410:18:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
    FILE *file = fopen(labelpath, "r");
data/darknet-0.0.0+git20180914.61c9d02e/src/data.c:412:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char buff[32788];
data/darknet-0.0.0+git20180914.61c9d02e/src/data.c:449:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char labelpath[4096];
data/darknet-0.0.0+git20180914.61c9d02e/src/data.c:595:9:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
        char labelpath[4096];
data/darknet-0.0.0+git20180914.61c9d02e/src/data.c:611:22:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
        FILE *file = fopen(labelpath, "r");
data/darknet-0.0.0+git20180914.61c9d02e/src/data.c:639:9:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
        char label[4096];
data/darknet-0.0.0+git20180914.61c9d02e/src/data.c:642:22:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
        FILE *file = fopen(label, "r");
data/darknet-0.0.0+git20180914.61c9d02e/src/data.c:678:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char labelpath[4096];
data/darknet-0.0.0+git20180914.61c9d02e/src/data.c:685:18:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
    FILE *file = fopen(labelpath, "r");
data/darknet-0.0.0+git20180914.61c9d02e/src/data.c:687:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char buff[32788];
data/darknet-0.0.0+git20180914.61c9d02e/src/data.c:705:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char labelpath[4096];
data/darknet-0.0.0+git20180914.61c9d02e/src/data.c:716:18:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
    FILE *file = fopen(labelpath, "r");
data/darknet-0.0.0+git20180914.61c9d02e/src/data.c:718:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char buff[32788];
data/darknet-0.0.0+git20180914.61c9d02e/src/data.c:937:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(d.X.vals[i],         im1.data, h*w*3*sizeof(float));
data/darknet-0.0.0+git20180914.61c9d02e/src/data.c:938:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(d.X.vals[i] + h*w*3, im2.data, h*w*3*sizeof(float));
data/darknet-0.0.0+git20180914.61c9d02e/src/data.c:943:9:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
        char imlabel1[4096];
data/darknet-0.0.0+git20180914.61c9d02e/src/data.c:944:9:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
        char imlabel2[4096];
data/darknet-0.0.0+git20180914.61c9d02e/src/data.c:947:21:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
        FILE *fp1 = fopen(imlabel1, "r");
data/darknet-0.0.0+git20180914.61c9d02e/src/data.c:955:21:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
        FILE *fp2 = fopen(imlabel2, "r");
data/darknet-0.0.0+git20180914.61c9d02e/src/data.c:1432:16:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
    FILE *fp = fopen(filename, "rb");
data/darknet-0.0.0+git20180914.61c9d02e/src/data.c:1435:18:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
        unsigned char bytes[3073];
data/darknet-0.0.0+git20180914.61c9d02e/src/data.c:1454:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(X+j*d.X.cols, d.X.vals[index], d.X.cols*sizeof(float));
data/darknet-0.0.0+git20180914.61c9d02e/src/data.c:1455:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(y+j*d.y.cols, d.y.vals[index], d.y.cols*sizeof(float));
data/darknet-0.0.0+git20180914.61c9d02e/src/data.c:1464:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(X+j*d.X.cols, d.X.vals[index], d.X.cols*sizeof(float));
data/darknet-0.0.0+git20180914.61c9d02e/src/data.c:1465:15:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        if(y) memcpy(y+j*d.y.cols, d.y.vals[index], d.y.cols*sizeof(float));
data/darknet-0.0.0+git20180914.61c9d02e/src/data.c:1493:9:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
        char buff[256];
data/darknet-0.0.0+git20180914.61c9d02e/src/data.c:1494:9:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
        sprintf(buff, "data/cifar/cifar-10-batches-bin/data_batch_%d.bin", b+1);
data/darknet-0.0.0+git20180914.61c9d02e/src/data.c:1495:20:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
        FILE *fp = fopen(buff, "rb");
data/darknet-0.0.0+git20180914.61c9d02e/src/data.c:1498:22:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
            unsigned char bytes[3073];
data/darknet-0.0.0+git20180914.61c9d02e/src/data.c:1516:16:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
    FILE *fp = fopen(filename, "rb");
data/darknet-0.0.0+git20180914.61c9d02e/src/demo.c:60:13:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
            memcpy(predictions[demo_index] + count, net->layers[i].output, sizeof(float) * l.outputs);
data/darknet-0.0.0+git20180914.61c9d02e/src/demo.c:77:13:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
            memcpy(l.output, avg + count, sizeof(float) * l.outputs);
data/darknet-0.0.0+git20180914.61c9d02e/src/demo.c:244:13:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
            char name[256];
data/darknet-0.0.0+git20180914.61c9d02e/src/detection_layer.c:54:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(l.output, net.input, l.outputs*l.batch*sizeof(float));
data/darknet-0.0.0+git20180914.61c9d02e/src/image.c:231:13:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
            char buff[256];
data/darknet-0.0.0+git20180914.61c9d02e/src/image.c:232:13:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
            sprintf(buff, "/usr/share/darknet/data/labels/%d_%d.png", i, j);
data/darknet-0.0.0+git20180914.61c9d02e/src/image.c:244:9:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
        char labelstr[4096] = {0};
data/darknet-0.0.0+git20180914.61c9d02e/src/image.c:252:21:  [2] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant string.
                    strcat(labelstr, ", ");
data/darknet-0.0.0+git20180914.61c9d02e/src/image.c:516:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(dest.data, src.data, src.h*src.w*src.c*sizeof(float));
data/darknet-0.0.0+git20180914.61c9d02e/src/image.c:523:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(copy.data, p.data, p.h*p.w*p.c*sizeof(float));
data/darknet-0.0.0+git20180914.61c9d02e/src/image.c:551:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char buff[256];
data/darknet-0.0.0+git20180914.61c9d02e/src/image.c:582:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char buff[256];
data/darknet-0.0.0+git20180914.61c9d02e/src/image_opencv.cpp:87:9:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
        char buff[256];
data/darknet-0.0.0+git20180914.61c9d02e/src/iseg_layer.c:84:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(l.output, net.input, l.outputs*l.batch*sizeof(float));
data/darknet-0.0.0+git20180914.61c9d02e/src/matrix.c:135:16:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
    FILE *fp = fopen(filename, "r");
data/darknet-0.0.0+git20180914.61c9d02e/src/network.c:481:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char buff[256];
data/darknet-0.0.0+git20180914.61c9d02e/src/network.c:483:9:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
        sprintf(buff, "Layer %d", i);
data/darknet-0.0.0+git20180914.61c9d02e/src/network.c:600:13:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
            memcpy(X+b*test.X.cols, test.X.vals[i+b], test.X.cols*sizeof(float));
data/darknet-0.0.0+git20180914.61c9d02e/src/network.c:625:13:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
            memcpy(X+b*test.X.cols, test.X.vals[i+b], test.X.cols*sizeof(float));
data/darknet-0.0.0+git20180914.61c9d02e/src/option_list.c:9:18:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
    FILE *file = fopen(filename, "r");
data/darknet-0.0.0+git20180914.61c9d02e/src/option_list.c:115:18:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
    if(v) return atoi(v);
data/darknet-0.0.0+git20180914.61c9d02e/src/option_list.c:123:18:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
    if(v) return atoi(v);
data/darknet-0.0.0+git20180914.61c9d02e/src/parser.c:297:23:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
            int val = atoi(a);
data/darknet-0.0.0+git20180914.61c9d02e/src/parser.c:542:17:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
    int index = atoi(l);
data/darknet-0.0.0+git20180914.61c9d02e/src/parser.c:615:21:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
        int index = atoi(l);
data/darknet-0.0.0+git20180914.61c9d02e/src/parser.c:716:27:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
            int step    = atoi(l);
data/darknet-0.0.0+git20180914.61c9d02e/src/parser.c:893:18:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
    FILE *file = fopen(filename, "r");
data/darknet-0.0.0+git20180914.61c9d02e/src/parser.c:1015:16:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
    FILE *fp = fopen(filename, "wb");
data/darknet-0.0.0+git20180914.61c9d02e/src/parser.c:1094:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(a, transpose, rows*cols*sizeof(float));
data/darknet-0.0.0+git20180914.61c9d02e/src/parser.c:1227:16:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
    FILE *fp = fopen(filename, "rb");
data/darknet-0.0.0+git20180914.61c9d02e/src/region_layer.c:161:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(l.output, net.input, l.outputs*l.batch*sizeof(float));
data/darknet-0.0.0+git20180914.61c9d02e/src/reorg_layer.c:95:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(l.output, net.input, l.outputs*l.batch*sizeof(float));
data/darknet-0.0.0+git20180914.61c9d02e/src/reorg_layer.c:116:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(net.delta, l.delta, l.outputs*l.batch*sizeof(float));
data/darknet-0.0.0+git20180914.61c9d02e/src/stb_image.h:554:18:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
typedef unsigned char validate_uint32[sizeof(stbi__uint32)==4 ? 1 : -1];
data/darknet-0.0.0+git20180914.61c9d02e/src/stb_image.h:1063:10:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
         memcpy(temp, row0, bytes_copy);
data/darknet-0.0.0+git20180914.61c9d02e/src/stb_image.h:1064:10:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
         memcpy(row0, row1, bytes_copy);
data/darknet-0.0.0+git20180914.61c9d02e/src/stb_image.h:1065:10:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
         memcpy(row1, temp, bytes_copy);
data/darknet-0.0.0+git20180914.61c9d02e/src/stb_image.h:1153:8:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
   f = fopen(filename, mode);
data/darknet-0.0.0+git20180914.61c9d02e/src/stb_image.h:1453:10:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
         memcpy(buffer, s->img_buffer, blen);
data/darknet-0.0.0+git20180914.61c9d02e/src/stb_image.h:1463:7:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
      memcpy(buffer, s->img_buffer, n);
data/darknet-0.0.0+git20180914.61c9d02e/src/stb_image.h:2905:32:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
         static const unsigned char tag[5] = {'J','F','I','F','\0'};
data/darknet-0.0.0+git20180914.61c9d02e/src/stb_image.h:2915:32:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
         static const unsigned char tag[6] = {'A','d','o','b','e','\0'};
data/darknet-0.0.0+git20180914.61c9d02e/src/stb_image.h:3020:29:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
      static const unsigned char rgb[3] = { 'R', 'G', 'B' };
data/darknet-0.0.0+git20180914.61c9d02e/src/stb_image.h:4092:4:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
   memcpy(a->zout, a->zbuffer, len);
data/darknet-0.0.0+git20180914.61c9d02e/src/stb_image.h:4416:40:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
            case STBI__F_none:         memcpy(cur, raw, nk); break;
data/darknet-0.0.0+git20180914.61c9d02e/src/stb_image.h:4572:16:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
               memcpy(final + out_y*a->s->img_x*out_bytes + out_x*out_bytes,
data/darknet-0.0.0+git20180914.61c9d02e/src/stb_image.h:5477:13:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
   unsigned char raw_data[4] = {0};
data/darknet-0.0.0+git20180914.61c9d02e/src/stb_image.h:6374:16:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
               memcpy( &g->out[pi * 4], &two_back[pi * 4], 4 ); 
data/darknet-0.0.0+git20180914.61c9d02e/src/stb_image.h:6381:16:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
               memcpy( &g->out[pi * 4], &g->background[pi * 4], 4 ); 
data/darknet-0.0.0+git20180914.61c9d02e/src/stb_image.h:6392:7:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
      memcpy( g->background, g->out, 4 * g->w * g->h ); 
data/darknet-0.0.0+git20180914.61c9d02e/src/stb_image.h:6449:22:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
                     memcpy( &g->out[pi * 4], &g->pal[g->bgindex], 4 ); 
data/darknet-0.0.0+git20180914.61c9d02e/src/stb_image.h:6536:13:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
            memcpy( out + ((layers - 1) * stride), u, stride ); 
data/darknet-0.0.0+git20180914.61c9d02e/src/stb_image.h:6671:4:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
   char buffer[STBI__HDR_BUFLEN];
data/darknet-0.0.0+git20180914.61c9d02e/src/stb_image.h:6799:4:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
   char buffer[STBI__HDR_BUFLEN];
data/darknet-0.0.0+git20180914.61c9d02e/src/stb_image_write.h:285:8:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
   f = fopen(filename, "wb");
data/darknet-0.0.0+git20180914.61c9d02e/src/stb_image_write.h:310:31:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
                     unsigned char b[2];
data/darknet-0.0.0+git20180914.61c9d02e/src/stb_image_write.h:316:31:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
                     unsigned char b[4];
data/darknet-0.0.0+git20180914.61c9d02e/src/stb_image_write.h:345:13:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
   unsigned char arr[3];
data/darknet-0.0.0+git20180914.61c9d02e/src/stb_image_write.h:352:13:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
   unsigned char bg[3] = { 255, 0, 255}, px[3];
data/darknet-0.0.0+git20180914.61c9d02e/src/stb_image_write.h:590:13:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
   unsigned char scanlineheader[4] = { 2, 2, 0, 0 };
data/darknet-0.0.0+git20180914.61c9d02e/src/stb_image_write.h:591:13:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
   unsigned char rgbe[4];
data/darknet-0.0.0+git20180914.61c9d02e/src/stb_image_write.h:685:7:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
      char buffer[128];
data/darknet-0.0.0+git20180914.61c9d02e/src/stb_image_write.h:692:13:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
      len = sprintf(buffer, "EXPOSURE=          1.0000000000000\n\n-Y %d +X %d\n", y, x);
data/darknet-0.0.0+git20180914.61c9d02e/src/stb_image_write.h:1025:13:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
   unsigned char sig[8] = { 137,80,78,71,13,10,26,10 };
data/darknet-0.0.0+git20180914.61c9d02e/src/stb_image_write.h:1118:8:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
   f = fopen(filename, "wb");
data/darknet-0.0.0+git20180914.61c9d02e/src/stb_image_write.h:1364:13:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
   unsigned char YTable[64], UVTable[64];
data/darknet-0.0.0+git20180914.61c9d02e/src/tree.c:86:16:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
    FILE *fp = fopen(filename, "r");
data/darknet-0.0.0+git20180914.61c9d02e/src/utils.c:48:23:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
            gpus[i] = atoi(gpu_list);
data/darknet-0.0.0+git20180914.61c9d02e/src/utils.c:64:18:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
    FILE *file = fopen(filename, "r");
data/darknet-0.0.0+git20180914.61c9d02e/src/utils.c:69:20:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
        map[n-1] = atoi(str);
data/darknet-0.0.0+git20180914.61c9d02e/src/utils.c:91:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(swp,          arr+(j*size), size);
data/darknet-0.0.0+git20180914.61c9d02e/src/utils.c:92:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(arr+(j*size), arr+(i*size), size);
data/darknet-0.0.0+git20180914.61c9d02e/src/utils.c:93:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(arr+(i*size), swp,          size);
data/darknet-0.0.0+git20180914.61c9d02e/src/utils.c:139:19:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
            def = atoi(argv[i+1]);
data/darknet-0.0.0+git20180914.61c9d02e/src/utils.c:218:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char buffer[4096] = {0};
data/darknet-0.0.0+git20180914.61c9d02e/src/utils.c:262:16:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
    FILE *fp = fopen(filename, "rb");
data/darknet-0.0.0+git20180914.61c9d02e/src/yolo_layer.c:135:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(l.output, net.input, l.outputs*l.batch*sizeof(float));
data/darknet-0.0.0+git20180914.61c9d02e/examples/attention.c:402:13:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120).
            strncpy(input, filename, 256);
data/darknet-0.0.0+git20180914.61c9d02e/examples/captcha.c:105:13:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120).
            strncpy(input, filename, 256);
data/darknet-0.0.0+git20180914.61c9d02e/examples/classifier.c:502:13:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120).
            strncpy(input, filename, 256);
data/darknet-0.0.0+git20180914.61c9d02e/examples/classifier.c:580:13:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120).
            strncpy(input, filename, 256);
data/darknet-0.0.0+git20180914.61c9d02e/examples/coco.c:307:13:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120).
            strncpy(input, filename, 256);
data/darknet-0.0.0+git20180914.61c9d02e/examples/detector.c:578:13:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120).
            strncpy(input, filename, 256);
data/darknet-0.0.0+git20180914.61c9d02e/examples/detector.c:808:19:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        int len = strlen(gpu_list);
data/darknet-0.0.0+git20180914.61c9d02e/examples/dice.c:81:13:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120).
            strncpy(input, filename, 256);
data/darknet-0.0.0+git20180914.61c9d02e/examples/go.c:1136:13:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        if (strlen(line) == 0 || dnum) {
data/darknet-0.0.0+git20180914.61c9d02e/examples/go.c:1334:19:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        int len = strlen(gpu_list);
data/darknet-0.0.0+git20180914.61c9d02e/examples/instance-segmenter.c:154:13:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120).
            strncpy(input, filename, 256);
data/darknet-0.0.0+git20180914.61c9d02e/examples/instance-segmenter.c:238:19:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        int len = strlen(gpu_list);
data/darknet-0.0.0+git20180914.61c9d02e/examples/lsd.c:1315:13:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120).
            strncpy(input, filename, 256);
data/darknet-0.0.0+git20180914.61c9d02e/examples/regressor.c:127:13:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120).
            strncpy(input, filename, 256);
data/darknet-0.0.0+git20180914.61c9d02e/examples/regressor.c:212:19:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        int len = strlen(gpu_list);
data/darknet-0.0.0+git20180914.61c9d02e/examples/rnn.c:24:50:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
int *read_tokenized_data(char *filename, size_t *read)
data/darknet-0.0.0+git20180914.61c9d02e/examples/rnn.c:47:44:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
char **read_tokens(char *filename, size_t *read)
data/darknet-0.0.0+git20180914.61c9d02e/examples/rnn.c:167:16:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        size = strlen((const char*)text);
data/darknet-0.0.0+git20180914.61c9d02e/examples/rnn.c:263:15:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    int len = strlen(seed);
data/darknet-0.0.0+git20180914.61c9d02e/examples/rnn.c:322:20:  [1] (buffer) getc:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
        while((c = getc(stdin)) != EOF && c != 0){
data/darknet-0.0.0+git20180914.61c9d02e/examples/rnn.c:365:16:  [1] (buffer) getc:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
    while((c = getc(stdin)) != EOF){
data/darknet-0.0.0+git20180914.61c9d02e/examples/rnn.c:397:15:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    int len = strlen(seed);
data/darknet-0.0.0+git20180914.61c9d02e/examples/rnn.c:407:9:  [1] (buffer) getc:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
    c = getc(stdin);
data/darknet-0.0.0+git20180914.61c9d02e/examples/rnn.c:411:20:  [1] (buffer) getc:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
        int next = getc(stdin);
data/darknet-0.0.0+git20180914.61c9d02e/examples/rnn.c:446:15:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    int len = strlen(seed);
data/darknet-0.0.0+git20180914.61c9d02e/examples/rnn.c:456:9:  [1] (buffer) getc:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
    c = getc(stdin);
data/darknet-0.0.0+git20180914.61c9d02e/examples/rnn.c:459:20:  [1] (buffer) getc:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
        int next = getc(stdin);
data/darknet-0.0.0+git20180914.61c9d02e/examples/rnn.c:482:20:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    int seed_len = strlen(seed);
data/darknet-0.0.0+git20180914.61c9d02e/examples/rnn.c:495:23:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        int str_len = strlen(line);
data/darknet-0.0.0+git20180914.61c9d02e/examples/segmenter.c:142:13:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120).
            strncpy(input, filename, 256);
data/darknet-0.0.0+git20180914.61c9d02e/examples/segmenter.c:226:19:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        int len = strlen(gpu_list);
data/darknet-0.0.0+git20180914.61c9d02e/examples/super.c:78:13:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120).
            strncpy(input, filename, 256);
data/darknet-0.0.0+git20180914.61c9d02e/examples/tag.c:97:13:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120).
            strncpy(input, filename, 256);
data/darknet-0.0.0+git20180914.61c9d02e/examples/voxel.c:120:13:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120).
            strncpy(input, filename, 256);
data/darknet-0.0.0+git20180914.61c9d02e/examples/writing.c:95:13:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120).
            strncpy(input, filename, 256);
data/darknet-0.0.0+git20180914.61c9d02e/examples/yolo.c:278:13:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120).
            strncpy(input, filename, 256);
data/darknet-0.0.0+git20180914.61c9d02e/src/data.c:506:20:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    for(i = 0; i < strlen(begin) && i < n && begin[i] != '.'; ++i){
data/darknet-0.0.0+git20180914.61c9d02e/src/option_list.c:55:18:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    size_t len = strlen(s);
data/darknet-0.0.0+git20180914.61c9d02e/src/parser.c:289:19:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        int len = strlen(a);
data/darknet-0.0.0+git20180914.61c9d02e/src/parser.c:329:19:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        int len = strlen(a);
data/darknet-0.0.0+git20180914.61c9d02e/src/parser.c:390:19:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        int len = strlen(a);
data/darknet-0.0.0+git20180914.61c9d02e/src/parser.c:604:15:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    int len = strlen(l);
data/darknet-0.0.0+git20180914.61c9d02e/src/parser.c:707:19:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        int len = strlen(l);
data/darknet-0.0.0+git20180914.61c9d02e/src/stb_image.h:346:15:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
   int      (*read)  (void *user,char *data,int size);   // fill 'data' with 'size' bytes.  return number of bytes actually read
data/darknet-0.0.0+git20180914.61c9d02e/src/stb_image.h:1392:19:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
   int n = (s->io.read)(s->io_user_data,(char*)s->buffer_start,s->buflen);
data/darknet-0.0.0+git20180914.61c9d02e/src/stb_image.h:1419:14:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
   if (s->io.read) {
data/darknet-0.0.0+git20180914.61c9d02e/src/stb_image.h:1435:14:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
   if (s->io.read) {
data/darknet-0.0.0+git20180914.61c9d02e/src/stb_image.h:1448:14:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
   if (s->io.read) {
data/darknet-0.0.0+git20180914.61c9d02e/src/stb_image.h:1455:25:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
         count = (s->io.read)(s->io_user_data, (char*) buffer + blen, n - blen);
data/darknet-0.0.0+git20180914.61c9d02e/src/utils.c:40:19:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        int len = strlen(gpu_list);
data/darknet-0.0.0+git20180914.61c9d02e/src/utils.c:229:46:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    sprintf(output, "%s%s%s", buffer, rep, p+strlen(orig));
data/darknet-0.0.0+git20180914.61c9d02e/src/utils.c:290:18:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    size_t len = strlen(s);
data/darknet-0.0.0+git20180914.61c9d02e/src/utils.c:305:18:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    size_t len = strlen(s);
data/darknet-0.0.0+git20180914.61c9d02e/src/utils.c:318:18:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    size_t len = strlen(s);
data/darknet-0.0.0+git20180914.61c9d02e/src/utils.c:345:19:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    size_t curr = strlen(line);
data/darknet-0.0.0+git20180914.61c9d02e/src/utils.c:359:16:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        curr = strlen(line);
data/darknet-0.0.0+git20180914.61c9d02e/src/utils.c:369:16:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
    int next = read(fd, &n, sizeof(int));
data/darknet-0.0.0+git20180914.61c9d02e/src/utils.c:384:20:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
        int next = read(fd, buffer + n, bytes-n);
data/darknet-0.0.0+git20180914.61c9d02e/src/utils.c:406:20:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
        int next = read(fd, buffer + n, bytes-n);
data/darknet-0.0.0+git20180914.61c9d02e/src/utils.c:425:25:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    char *copy = malloc(strlen(s)+1);
data/darknet-0.0.0+git20180914.61c9d02e/src/utils.c:426:5:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120).
    strncpy(copy, s, strlen(s)+1);
data/darknet-0.0.0+git20180914.61c9d02e/src/utils.c:426:22:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    strncpy(copy, s, strlen(s)+1);

ANALYSIS SUMMARY:

Hits = 561
Lines analyzed = 36233 in approximately 1.28 seconds (28265 lines/second)
Physical Source Lines of Code (SLOC) = 28606
Hits@level = [0] 669 [1]  62 [2] 280 [3] 109 [4] 110 [5]   0
Hits@level+ = [0+] 1230 [1+] 561 [2+] 499 [3+] 219 [4+] 110 [5+]   0
Hits/KSLOC@level+ = [0+] 42.998 [1+] 19.6113 [2+] 17.4439 [3+] 7.65574 [4+] 3.84535 [5+]   0
Dot directories skipped = 1 (--followdotdir overrides)
Minimum risk level = 1
Not every hit is necessarily a security vulnerability.
There may be other security vulnerabilities; review your code!
See 'Secure Programming HOWTO'
(https://dwheeler.com/secure-programs) for more information.