Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler. Number of rules (primarily dangerous function names) in C/C++ ruleset: 223 Examining data/freedv-1.4.3~1gdc71a1c/src/afreedvplugin.c Examining data/freedv-1.4.3~1gdc71a1c/src/comp.h Examining data/freedv-1.4.3~1gdc71a1c/src/dlg_audiooptions.cpp Examining data/freedv-1.4.3~1gdc71a1c/src/dlg_audiooptions.h Examining data/freedv-1.4.3~1gdc71a1c/src/dlg_filter.h Examining data/freedv-1.4.3~1gdc71a1c/src/dlg_options.cpp Examining data/freedv-1.4.3~1gdc71a1c/src/dlg_options.h Examining data/freedv-1.4.3~1gdc71a1c/src/dlg_plugin.cpp Examining data/freedv-1.4.3~1gdc71a1c/src/dlg_plugin.h Examining data/freedv-1.4.3~1gdc71a1c/src/fdmdv2_defines.h Examining data/freedv-1.4.3~1gdc71a1c/src/fdmdv2_pa_wrapper.cpp Examining data/freedv-1.4.3~1gdc71a1c/src/fdmdv2_pa_wrapper.h Examining data/freedv-1.4.3~1gdc71a1c/src/fdmdv2_plot.cpp Examining data/freedv-1.4.3~1gdc71a1c/src/fdmdv2_plot.h Examining data/freedv-1.4.3~1gdc71a1c/src/fdmdv2_plot_scalar.cpp Examining data/freedv-1.4.3~1gdc71a1c/src/fdmdv2_plot_scalar.h Examining data/freedv-1.4.3~1gdc71a1c/src/fdmdv2_plot_scatter.cpp Examining data/freedv-1.4.3~1gdc71a1c/src/fdmdv2_plot_scatter.h Examining data/freedv-1.4.3~1gdc71a1c/src/fdmdv2_plot_spectrum.cpp Examining data/freedv-1.4.3~1gdc71a1c/src/fdmdv2_plot_spectrum.h Examining data/freedv-1.4.3~1gdc71a1c/src/fdmdv2_plot_waterfall.cpp Examining data/freedv-1.4.3~1gdc71a1c/src/fdmdv2_plot_waterfall.h Examining data/freedv-1.4.3~1gdc71a1c/src/hamlib.cpp Examining data/freedv-1.4.3~1gdc71a1c/src/hamlib.h Examining data/freedv-1.4.3~1gdc71a1c/src/osx_interface.h Examining data/freedv-1.4.3~1gdc71a1c/src/serialport.cpp Examining data/freedv-1.4.3~1gdc71a1c/src/serialport.h Examining data/freedv-1.4.3~1gdc71a1c/src/sox/band.h Examining data/freedv-1.4.3~1gdc71a1c/src/sox/biquad.c Examining data/freedv-1.4.3~1gdc71a1c/src/sox/biquad.h Examining data/freedv-1.4.3~1gdc71a1c/src/sox/biquads.c Examining data/freedv-1.4.3~1gdc71a1c/src/sox/effects.c Examining data/freedv-1.4.3~1gdc71a1c/src/sox/effects.h Examining data/freedv-1.4.3~1gdc71a1c/src/sox/effects_i.c Examining data/freedv-1.4.3~1gdc71a1c/src/sox/formats_i.c Examining data/freedv-1.4.3~1gdc71a1c/src/sox/libsox.c Parsing failed to find end of parameter list; semicolon terminated it in (file, "sun c " STRINGIZE(__SUNPRO_C), #else NULL, #endif /* sox_arch */ NULL }; if (!info.version) { info.version = sox_version(); } if (!info.ar Examining data/freedv-1.4.3~1gdc71a1c/src/sox/sox.h Examining data/freedv-1.4.3~1gdc71a1c/src/sox/sox_i.h Examining data/freedv-1.4.3~1gdc71a1c/src/sox/soxomp.h Examining data/freedv-1.4.3~1gdc71a1c/src/sox/util.h Examining data/freedv-1.4.3~1gdc71a1c/src/sox/xmalloc.c Examining data/freedv-1.4.3~1gdc71a1c/src/sox/xmalloc.h Examining data/freedv-1.4.3~1gdc71a1c/src/sox_biquad.c Examining data/freedv-1.4.3~1gdc71a1c/src/sox_biquad.h Examining data/freedv-1.4.3~1gdc71a1c/src/topFrame.cpp Examining data/freedv-1.4.3~1gdc71a1c/src/topFrame.h Examining data/freedv-1.4.3~1gdc71a1c/src/dlg_filter.cpp Examining data/freedv-1.4.3~1gdc71a1c/src/dlg_ptt.cpp Examining data/freedv-1.4.3~1gdc71a1c/src/dlg_ptt.h Examining data/freedv-1.4.3~1gdc71a1c/src/fdmdv2_main.h Examining data/freedv-1.4.3~1gdc71a1c/src/fdmdv2_main.cpp FINAL RESULTS: data/freedv-1.4.3~1gdc71a1c/src/dlg_ptt.cpp:562:34: [4] (format) sprintf: Potential format string problem (CWE-134). Make format string constant. hamlib_serial_config.sprintf(" %d, %d, %d", data/freedv-1.4.3~1gdc71a1c/src/fdmdv2_main.cpp:1147:13: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(callsign_checksum_cr, "%s%2x", callsign, checksum); data/freedv-1.4.3~1gdc71a1c/src/fdmdv2_main.cpp:1150:13: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(callsign, callsign_checksum_cr); data/freedv-1.4.3~1gdc71a1c/src/fdmdv2_main.cpp:1201:21: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(s1,"rx_txtmsg %s", m_callsign); data/freedv-1.4.3~1gdc71a1c/src/fdmdv2_main.cpp:3656:9: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(arg[argc++], "%s", filterType); data/freedv-1.4.3~1gdc71a1c/src/fdmdv2_main.cpp:3662:9: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(arg[argc++], "%s", filterType); data/freedv-1.4.3~1gdc71a1c/src/fdmdv2_main.cpp:4737:13: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(value, v.mb_str().data()); data/freedv-1.4.3~1gdc71a1c/src/fdmdv2_plot_scalar.cpp:62:5: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(m_a_fmt, a_fmt); data/freedv-1.4.3~1gdc71a1c/src/fdmdv2_plot_scalar.cpp:305:13: [4] (format) sprintf: Potential format string problem (CWE-134). Make format string constant. sprintf(buf, m_a_fmt, a); data/freedv-1.4.3~1gdc71a1c/src/sox/effects_i.c:41:5: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(*usage, lines[0]); data/freedv-1.4.3~1gdc71a1c/src/sox/effects_i.c:44:7: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat(*usage, lines[i]); data/freedv-1.4.3~1gdc71a1c/src/sox/formats_i.c:34:3: [4] (format) vsnprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. vsnprintf(ft->sox_errstr, sizeof(ft->sox_errstr), fmt, args); data/freedv-1.4.3~1gdc71a1c/src/sox/formats_i.c:36:3: [4] (format) vsprintf: Potential format string problem (CWE-134). Make format string constant. vsprintf(ft->sox_errstr, fmt, args); data/freedv-1.4.3~1gdc71a1c/src/sox/libsox.c:82:5: [4] (format) fprintf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. fprintf(file, "sun c " STRINGIZE(__SUNPRO_C), data/freedv-1.4.3~1gdc71a1c/src/sox/libsox.c:119:5: [4] (format) vfprintf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. vfprintf(stderr, fmt, ap); data/freedv-1.4.3~1gdc71a1c/src/sox/sox.h:73:47: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. #define LSX_PRINTF12 __attribute__ ((format (printf, 1, 2))) /* Function has printf-style arguments. */ data/freedv-1.4.3~1gdc71a1c/src/sox/sox_i.h:211:25: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. __attribute__ ((format (printf, 3, 4))); data/freedv-1.4.3~1gdc71a1c/src/sox/util.h:118:9: [4] (tmpfile) mktemp: Temporary file race condition (CWE-377). #define mktemp _mktemp data/freedv-1.4.3~1gdc71a1c/src/sox/util.h:122:9: [4] (shell) popen: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. #define popen _popen data/freedv-1.4.3~1gdc71a1c/src/sox/util.h:124:9: [4] (format) snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. #define snprintf _snprintf data/freedv-1.4.3~1gdc71a1c/src/sox/util.h:124:18: [4] (format) _snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. #define snprintf _snprintf data/freedv-1.4.3~1gdc71a1c/src/sox/xmalloc.h:29:29: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). #define lsx_strdup(p) ((p)? strcpy((char *)lsx_malloc(strlen(p) + 1), p) : NULL) data/freedv-1.4.3~1gdc71a1c/src/fdmdv2_main.cpp:212:22: [3] (misc) LoadLibrary: Ensure that the full path to the library is specified, or current directory may be used (CWE-829, CWE-20). Use registry entry or GetWindowsDirectory to find library path, if you aren't already. m_plugInHandle = LoadLibrary(dll_path); data/freedv-1.4.3~1gdc71a1c/src/afreedvplugin.c:52:5: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(name, "aFreeDVplugIn"); data/freedv-1.4.3~1gdc71a1c/src/afreedvplugin.c:73:5: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(param_names[0], "SymbolRate"); data/freedv-1.4.3~1gdc71a1c/src/afreedvplugin.c:74:5: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy(param_names[1], "NumTones"); data/freedv-1.4.3~1gdc71a1c/src/afreedvplugin.c:95:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char txt[80]; data/freedv-1.4.3~1gdc71a1c/src/afreedvplugin.c:100:27: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). states->symbol_rate = atoi(txt); data/freedv-1.4.3~1gdc71a1c/src/afreedvplugin.c:103:25: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). states->num_tones = atoi(txt); data/freedv-1.4.3~1gdc71a1c/src/dlg_filter.cpp:733:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char *argBass[10]; data/freedv-1.4.3~1gdc71a1c/src/dlg_filter.cpp:734:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char *argTreble[10]; data/freedv-1.4.3~1gdc71a1c/src/dlg_filter.cpp:735:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char *argMid[10]; data/freedv-1.4.3~1gdc71a1c/src/dlg_filter.cpp:736:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char argstorage[10][80]; data/freedv-1.4.3~1gdc71a1c/src/dlg_filter.cpp:747:5: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(argBass[0], "bass"); data/freedv-1.4.3~1gdc71a1c/src/dlg_filter.cpp:748:5: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(argBass[1], "%f", eqBass->gaindB+1E-6); data/freedv-1.4.3~1gdc71a1c/src/dlg_filter.cpp:749:5: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(argBass[2], "%f", eqBass->freqHz); data/freedv-1.4.3~1gdc71a1c/src/dlg_filter.cpp:753:5: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(argTreble[0], "treble"); data/freedv-1.4.3~1gdc71a1c/src/dlg_filter.cpp:754:5: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(argTreble[1], "%f", eqTreble->gaindB+1E-6); data/freedv-1.4.3~1gdc71a1c/src/dlg_filter.cpp:755:5: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(argTreble[2], "%f", eqTreble->freqHz); data/freedv-1.4.3~1gdc71a1c/src/dlg_filter.cpp:759:5: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(argTreble[0], "equalizer"); data/freedv-1.4.3~1gdc71a1c/src/dlg_filter.cpp:760:5: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(argTreble[1], "%f", eqMid->freqHz); data/freedv-1.4.3~1gdc71a1c/src/dlg_filter.cpp:761:5: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(argTreble[2], "%f", eqMid->Q); data/freedv-1.4.3~1gdc71a1c/src/dlg_filter.cpp:762:5: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(argTreble[3], "%f", eqMid->gaindB+1E-6); data/freedv-1.4.3~1gdc71a1c/src/dlg_options.cpp:793:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char s[80]; data/freedv-1.4.3~1gdc71a1c/src/dlg_options.cpp:794:5: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(s, "hello from FreeDV!"); data/freedv-1.4.3~1gdc71a1c/src/dlg_options.cpp:800:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char fifo_counters[256]; data/freedv-1.4.3~1gdc71a1c/src/dlg_options.cpp:802:5: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(fifo_counters, "Fifos: infull1: %d outempty1: %d infull2: %d outempty2: %d", g_infifo1_full, g_outfifo1_empty, g_infifo2_full, g_outfifo2_empty); data/freedv-1.4.3~1gdc71a1c/src/dlg_options.cpp:806:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char pa_counters1[256]; data/freedv-1.4.3~1gdc71a1c/src/dlg_options.cpp:809:5: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(pa_counters1, "PortAudio1: inUnderflow: %d inOverflow: %d outUnderflow %d outOverflow %d framesPerBuf: %d", g_PAstatus1[0], g_PAstatus1[1], g_PAstatus1[2], g_PAstatus1[3], g_PAframesPerBuffer1); data/freedv-1.4.3~1gdc71a1c/src/dlg_options.cpp:812:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char pa_counters2[256]; data/freedv-1.4.3~1gdc71a1c/src/dlg_options.cpp:815:5: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(pa_counters2, "PortAudio2: inUnderflow: %d inOverflow: %d outUnderflow %d outOverflow %d framesPerBuf: %d", g_PAstatus2[0], g_PAstatus2[1], g_PAstatus2[2], g_PAstatus2[3], g_PAframesPerBuffer2); data/freedv-1.4.3~1gdc71a1c/src/fdmdv2_main.cpp:241:13: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char s[256]; data/freedv-1.4.3~1gdc71a1c/src/fdmdv2_main.cpp:247:13: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char param_name1[80], param_name2[80]; data/freedv-1.4.3~1gdc71a1c/src/fdmdv2_main.cpp:248:13: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char *param_names[2] = {param_name1, param_name2}; data/freedv-1.4.3~1gdc71a1c/src/fdmdv2_main.cpp:615:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char sqsnr[15]; data/freedv-1.4.3~1gdc71a1c/src/fdmdv2_main.cpp:617:5: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(sqsnr, "%4.1f", g_SquelchLevel); data/freedv-1.4.3~1gdc71a1c/src/fdmdv2_main.cpp:709:13: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). ftest = fopen("ftest.raw", "wb"); data/freedv-1.4.3~1gdc71a1c/src/fdmdv2_main.cpp:1045:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char snr[15]; data/freedv-1.4.3~1gdc71a1c/src/fdmdv2_main.cpp:1046:5: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(snr, "%d", (int)(g_snr+0.5)); // round to nearest dB data/freedv-1.4.3~1gdc71a1c/src/fdmdv2_main.cpp:1128:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char callsign[MAX_CALLSIGN]; data/freedv-1.4.3~1gdc71a1c/src/fdmdv2_main.cpp:1143:13: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char callsign_checksum_cr[MAX_CALLSIGN+1]; data/freedv-1.4.3~1gdc71a1c/src/fdmdv2_main.cpp:1200:21: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char s1[MAX_CALLSIGN]; data/freedv-1.4.3~1gdc71a1c/src/fdmdv2_main.cpp:1250:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char bits[80], freqoffset[80]; data/freedv-1.4.3~1gdc71a1c/src/fdmdv2_main.cpp:1251:9: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(bits, "Bits: %d", horus_get_total_payload_bits(g_horus)); wxString bits_string(bits); m_textBits->SetLabel(bits_string); data/freedv-1.4.3~1gdc71a1c/src/fdmdv2_main.cpp:1252:9: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(freqoffset, "FrqOff: %4.0f", g_stats.foff); data/freedv-1.4.3~1gdc71a1c/src/fdmdv2_main.cpp:1285:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char bits[80], errors[80], ber[80], resyncs[80], clockoffset[80], freqoffset[80], syncmetric[80]; data/freedv-1.4.3~1gdc71a1c/src/fdmdv2_main.cpp:1286:9: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(bits, "Bits: %d", freedv_get_total_bits(g_pfreedv)); wxString bits_string(bits); m_textBits->SetLabel(bits_string); data/freedv-1.4.3~1gdc71a1c/src/fdmdv2_main.cpp:1287:9: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(errors, "Errs: %d", freedv_get_total_bit_errors(g_pfreedv)); wxString errors_string(errors); m_textErrors->SetLabel(errors_string); data/freedv-1.4.3~1gdc71a1c/src/fdmdv2_main.cpp:1289:9: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(ber, "BER: %4.3f", b); wxString ber_string(ber); m_textBER->SetLabel(ber_string); data/freedv-1.4.3~1gdc71a1c/src/fdmdv2_main.cpp:1290:9: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(resyncs, "Resyncs: %d", g_resyncs); wxString resyncs_string(resyncs); m_textResyncs->SetLabel(resyncs_string); data/freedv-1.4.3~1gdc71a1c/src/fdmdv2_main.cpp:1292:9: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(freqoffset, "FrqOff: %3.1f", g_stats.foff); data/freedv-1.4.3~1gdc71a1c/src/fdmdv2_main.cpp:1294:9: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(syncmetric, "Sync: %3.2f", g_stats.sync_metric); data/freedv-1.4.3~1gdc71a1c/src/fdmdv2_main.cpp:1302:13: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char var_str[80]; sprintf(var_str, "Var: %4.1f", var); data/freedv-1.4.3~1gdc71a1c/src/fdmdv2_main.cpp:1302:31: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. char var_str[80]; sprintf(var_str, "Var: %4.1f", var); data/freedv-1.4.3~1gdc71a1c/src/fdmdv2_main.cpp:1308:13: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(clockoffset, "ClkOff: %5d", (int)round(g_stats.clock_offset*1E6)); data/freedv-1.4.3~1gdc71a1c/src/fdmdv2_main.cpp:1515:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char sqsnr[15]; data/freedv-1.4.3~1gdc71a1c/src/fdmdv2_main.cpp:1517:5: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(sqsnr, "%4.1f", g_SquelchLevel); // 0.5 dB steps data/freedv-1.4.3~1gdc71a1c/src/fdmdv2_main.cpp:1628:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char e[80]; sprintf(e,"ptt"); processTxtEvent(e); data/freedv-1.4.3~1gdc71a1c/src/fdmdv2_main.cpp:1628:21: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. char e[80]; sprintf(e,"ptt"); processTxtEvent(e); data/freedv-1.4.3~1gdc71a1c/src/fdmdv2_main.cpp:1863:13: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char s[100]; sprintf(s, "rx sync"); data/freedv-1.4.3~1gdc71a1c/src/fdmdv2_main.cpp:1863:26: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. char s[100]; sprintf(s, "rx sync"); data/freedv-1.4.3~1gdc71a1c/src/fdmdv2_main.cpp:2892:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char e[80]; sprintf(e,"start"); processTxtEvent(e); data/freedv-1.4.3~1gdc71a1c/src/fdmdv2_main.cpp:2892:21: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. char e[80]; sprintf(e,"start"); processTxtEvent(e); data/freedv-1.4.3~1gdc71a1c/src/fdmdv2_main.cpp:2984:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char e[80]; sprintf(e,"stop"); processTxtEvent(e); data/freedv-1.4.3~1gdc71a1c/src/fdmdv2_main.cpp:2984:21: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. char e[80]; sprintf(e,"stop"); processTxtEvent(e); data/freedv-1.4.3~1gdc71a1c/src/fdmdv2_main.cpp:3640:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char *arg[SBQ_MAX_ARGS]; data/freedv-1.4.3~1gdc71a1c/src/fdmdv2_main.cpp:3641:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char argstorage[SBQ_MAX_ARGS][80]; data/freedv-1.4.3~1gdc71a1c/src/fdmdv2_main.cpp:3657:9: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(arg[argc++], "%f", gaindB+1E-6); data/freedv-1.4.3~1gdc71a1c/src/fdmdv2_main.cpp:3658:9: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(arg[argc++], "%f", freqHz); data/freedv-1.4.3~1gdc71a1c/src/fdmdv2_main.cpp:3663:9: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(arg[argc++], "%f", freqHz); data/freedv-1.4.3~1gdc71a1c/src/fdmdv2_main.cpp:3664:9: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(arg[argc++], "%f", Q); data/freedv-1.4.3~1gdc71a1c/src/fdmdv2_main.cpp:3665:9: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(arg[argc++], "%f", gaindB+1E-6); data/freedv-1.4.3~1gdc71a1c/src/fdmdv2_main.cpp:3950:13: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(outfreedv, infreedv, sizeof(short)*nfreedv); data/freedv-1.4.3~1gdc71a1c/src/fdmdv2_main.cpp:4193:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char ascii_out[max_ascii_out]; data/freedv-1.4.3~1gdc71a1c/src/fdmdv2_main.cpp:4582:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[1024]; data/freedv-1.4.3~1gdc71a1c/src/fdmdv2_main.cpp:4583:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char reply[80]; data/freedv-1.4.3~1gdc71a1c/src/fdmdv2_main.cpp:4596:9: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(reply,"nope\n"); data/freedv-1.4.3~1gdc71a1c/src/fdmdv2_main.cpp:4603:17: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(reply,"ok\n"); data/freedv-1.4.3~1gdc71a1c/src/fdmdv2_main.cpp:4612:17: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(reply,"ok\n"); data/freedv-1.4.3~1gdc71a1c/src/fdmdv2_main.cpp:4618:17: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(reply,"ok\n"); data/freedv-1.4.3~1gdc71a1c/src/fdmdv2_main.cpp:4624:17: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(reply,"ok\n"); data/freedv-1.4.3~1gdc71a1c/src/fdmdv2_main.cpp:4835:19: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). m_hidPort = open(wxGetApp().m_strRigHidPort.c_str(),O_RDWR,0); data/freedv-1.4.3~1gdc71a1c/src/fdmdv2_main.h:629:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char m_callsign[MAX_CALLSIGN]; data/freedv-1.4.3~1gdc71a1c/src/fdmdv2_plot.cpp:254:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[15]; data/freedv-1.4.3~1gdc71a1c/src/fdmdv2_plot.cpp:273:9: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(buf, "%1.1f Hz",(double)(p / 10)); data/freedv-1.4.3~1gdc71a1c/src/fdmdv2_plot.cpp:280:9: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(buf, "%1.0f", (double)((m_rGrid.GetHeight() - p) * -10)); data/freedv-1.4.3~1gdc71a1c/src/fdmdv2_plot_scalar.cpp:248:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[15]; data/freedv-1.4.3~1gdc71a1c/src/fdmdv2_plot_scalar.cpp:279:13: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(buf, "%2.1fs", t); data/freedv-1.4.3~1gdc71a1c/src/fdmdv2_plot_scalar.h:61:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char m_a_fmt[15]; data/freedv-1.4.3~1gdc71a1c/src/fdmdv2_plot_spectrum.cpp:166:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[15]; data/freedv-1.4.3~1gdc71a1c/src/fdmdv2_plot_spectrum.cpp:187:5: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(buf, "%4.0fHz", (float)MAX_F_HZ - STEP_F_HZ); data/freedv-1.4.3~1gdc71a1c/src/fdmdv2_plot_spectrum.cpp:204:9: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(buf, "%4.0fHz", f); data/freedv-1.4.3~1gdc71a1c/src/fdmdv2_plot_spectrum.cpp:226:9: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(buf, "%3.0fdB", mag); data/freedv-1.4.3~1gdc71a1c/src/fdmdv2_plot_waterfall.cpp:234:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[15]; data/freedv-1.4.3~1gdc71a1c/src/fdmdv2_plot_waterfall.cpp:255:5: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(buf, "%4.0fHz", (float)MAX_F_HZ - STEP_F_HZ); data/freedv-1.4.3~1gdc71a1c/src/fdmdv2_plot_waterfall.cpp:271:9: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(buf, "%4.0fHz", f); data/freedv-1.4.3~1gdc71a1c/src/fdmdv2_plot_waterfall.cpp:293:9: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(buf, "%3.0fs", time); data/freedv-1.4.3~1gdc71a1c/src/hamlib.cpp:85:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char name[128]; data/freedv-1.4.3~1gdc71a1c/src/hamlib.cpp:121:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char civ_addr[5]; data/freedv-1.4.3~1gdc71a1c/src/serialport.cpp:43:9: [2] (buffer) TCHAR: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. TCHAR lpszFunction[100]; data/freedv-1.4.3~1gdc71a1c/src/serialport.cpp:59:9: [2] (buffer) TCHAR: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. TCHAR nameWithStrangePrefix[100]; data/freedv-1.4.3~1gdc71a1c/src/serialport.cpp:193:18: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if((com_handle=open(name, O_NONBLOCK|O_RDWR))== COM_HANDLE_INVALID) data/freedv-1.4.3~1gdc71a1c/src/sox/effects.c:40:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(obuf, ibuf, *isamp * sizeof(*obuf)); data/freedv-1.4.3~1gdc71a1c/src/sox/effects.c:83:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(argv2 + 1, argv, argc * sizeof(*argv2)); data/freedv-1.4.3~1gdc71a1c/src/sox/effects_i.c:358:21: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). else if (!(file = fopen(filename, "r"))) { data/freedv-1.4.3~1gdc71a1c/src/sox/libsox.c:26:10: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char versionstr[20]; data/freedv-1.4.3~1gdc71a1c/src/sox/libsox.c:28:3: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(versionstr, "%d.%d.%d", data/freedv-1.4.3~1gdc71a1c/src/sox/libsox.c:39:12: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char arch[30]; data/freedv-1.4.3~1gdc71a1c/src/sox/libsox.c:116:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char base_name[128]; data/freedv-1.4.3~1gdc71a1c/src/sox/sox.h:1549:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char sox_errstr[256]; /**< Failure error text */ data/freedv-1.4.3~1gdc71a1c/src/sox/util.h:120:9: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). #define open _open data/freedv-1.4.3~1gdc71a1c/src/sox/xmalloc.h:30:31: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. #define lsx_memdup(p,s) ((p)? memcpy(lsx_malloc(s), p, s) : NULL) data/freedv-1.4.3~1gdc71a1c/src/sox_biquad.c:70:36: [2] (integer) atol: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). sampleRate = (argc == 4) ? atol(argv[4]) : 8000; data/freedv-1.4.3~1gdc71a1c/src/sox_biquad.c:73:36: [2] (integer) atol: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). sampleRate = (argc == 3) ? atol(argv[3]) : 8000; data/freedv-1.4.3~1gdc71a1c/src/dlg_options.cpp:795:39: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). UDPSend(wxGetApp().m_udp_port, s, strlen(s)+1); data/freedv-1.4.3~1gdc71a1c/src/dlg_ptt.cpp:342:22: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if(gl.gl_pathv[i][strlen(gl.gl_pathv[i])-1]=='/') data/freedv-1.4.3~1gdc71a1c/src/fdmdv2_main.cpp:1129:5: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(callsign, (const char*) wxGetApp().m_callSign.mb_str(wxConvUTF8), MAX_CALLSIGN-1); data/freedv-1.4.3~1gdc71a1c/src/fdmdv2_main.cpp:1133:54: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if ((unsigned)codec2_fifo_used(g_txDataInFifo) < strlen(callsign)) { data/freedv-1.4.3~1gdc71a1c/src/fdmdv2_main.cpp:1145:24: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). for(i=0; i<strlen(callsign); i++) data/freedv-1.4.3~1gdc71a1c/src/fdmdv2_main.cpp:1148:34: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). callsign_checksum_cr[strlen(callsign)+2] = 13; data/freedv-1.4.3~1gdc71a1c/src/fdmdv2_main.cpp:1149:34: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). callsign_checksum_cr[strlen(callsign)+3] = 0; data/freedv-1.4.3~1gdc71a1c/src/fdmdv2_main.cpp:1153:22: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). callsign[strlen(callsign)] = 13; data/freedv-1.4.3~1gdc71a1c/src/fdmdv2_main.cpp:1154:22: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). callsign[strlen(callsign)+1] = 0; data/freedv-1.4.3~1gdc71a1c/src/fdmdv2_main.cpp:1161:20: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). for(i=0; i<strlen(callsign); i++) { data/freedv-1.4.3~1gdc71a1c/src/fdmdv2_main.cpp:1185:21: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(m_callsign) > 2) { data/freedv-1.4.3~1gdc71a1c/src/fdmdv2_main.cpp:1186:45: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). for(unsigned int i=0; i<strlen(m_callsign)-2; i++) data/freedv-1.4.3~1gdc71a1c/src/fdmdv2_main.cpp:1190:46: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). int ret = sscanf(&m_callsign[strlen(m_callsign)-2], "%2x", &checksum_tx); data/freedv-1.4.3~1gdc71a1c/src/fdmdv2_main.cpp:1195:32: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). m_callsign[strlen(m_callsign)-2] = 0; data/freedv-1.4.3~1gdc71a1c/src/fdmdv2_main.cpp:1865:51: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). UDPSend(wxGetApp().m_udp_port, s, strlen(s)+1); data/freedv-1.4.3~1gdc71a1c/src/fdmdv2_main.cpp:4204:34: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). for (i=0; i<(int)strlen(ascii_out); i++) { data/freedv-1.4.3~1gdc71a1c/src/fdmdv2_main.cpp:4211:59: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). UDPSend(wxGetApp().m_udp_port, ascii_out, strlen(ascii_out)); data/freedv-1.4.3~1gdc71a1c/src/fdmdv2_main.cpp:4632:51: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if ( m_udp_sock->SendTo(m_udp_addr, reply, strlen(reply)).LastCount() != strlen(reply)) { data/freedv-1.4.3~1gdc71a1c/src/fdmdv2_main.cpp:4632:81: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if ( m_udp_sock->SendTo(m_udp_addr, reply, strlen(reply)).LastCount() != strlen(reply)) { data/freedv-1.4.3~1gdc71a1c/src/fdmdv2_plot_scalar.cpp:61:12: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). assert(strlen(a_fmt) < 15); data/freedv-1.4.3~1gdc71a1c/src/hamlib.cpp:131:5: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(m_rig->state.rigport.pathname, serial_port, FILPATHLEN - 1); data/freedv-1.4.3~1gdc71a1c/src/serialport.cpp:26:24: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). name, (int)strlen(name), useRTS, RTSPos, useDTR, DTRPos); data/freedv-1.4.3~1gdc71a1c/src/sox/biquad.c:51:32: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if ((size_t)p->width_type >= strlen(all_width_types)) data/freedv-1.4.3~1gdc71a1c/src/sox/effects_i.c:39:37: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). for (len = i = 0; i < n; len += strlen(lines[i++]) + 1); data/freedv-1.4.3~1gdc71a1c/src/sox/effects_i.c:43:7: [1] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). Risk is low because the source is a constant character. strcat(*usage, "\n"); data/freedv-1.4.3~1gdc71a1c/src/sox/formats_i.c:200:17: [1] (buffer) getc: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). getc((FILE*)ft->fp); data/freedv-1.4.3~1gdc71a1c/src/sox/formats_i.c:259:33: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (lsx_writebuf(ft, c, strlen(c)) != strlen(c)) data/freedv-1.4.3~1gdc71a1c/src/sox/formats_i.c:259:47: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (lsx_writebuf(ft, c, strlen(c)) != strlen(c)) data/freedv-1.4.3~1gdc71a1c/src/sox/libsox.c:184:47: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). dot_pos = dot_pos ? dot_pos : base_name + strlen(base_name); data/freedv-1.4.3~1gdc71a1c/src/sox/sox.h:1464:27: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). sox_format_handler_read read; /**< called to read (decode) a block of samples */ data/freedv-1.4.3~1gdc71a1c/src/sox/xmalloc.h:29:55: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). #define lsx_strdup(p) ((p)? strcpy((char *)lsx_malloc(strlen(p) + 1), p) : NULL) ANALYSIS SUMMARY: Hits = 165 Lines analyzed = 20430 in approximately 0.54 seconds (37702 lines/second) Physical Source Lines of Code (SLOC) = 12914 Hits@level = [0] 132 [1] 31 [2] 111 [3] 1 [4] 22 [5] 0 Hits@level+ = [0+] 297 [1+] 165 [2+] 134 [3+] 23 [4+] 22 [5+] 0 Hits/KSLOC@level+ = [0+] 22.9983 [1+] 12.7768 [2+] 10.3763 [3+] 1.78101 [4+] 1.70358 [5+] 0 Dot directories skipped = 1 (--followdotdir overrides) Minimum risk level = 1 Not every hit is necessarily a security vulnerability. There may be other security vulnerabilities; review your code! See 'Secure Programming HOWTO' (https://dwheeler.com/secure-programs) for more information.