Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler.
Number of rules (primarily dangerous function names) in C/C++ ruleset: 223
Examining data/jerasure-2.0.0+2017.04.10.git.de1739cc84/Examples/cauchy_01.c
Examining data/jerasure-2.0.0+2017.04.10.git.de1739cc84/Examples/cauchy_02.c
Examining data/jerasure-2.0.0+2017.04.10.git.de1739cc84/Examples/cauchy_03.c
Examining data/jerasure-2.0.0+2017.04.10.git.de1739cc84/Examples/cauchy_04.c
Examining data/jerasure-2.0.0+2017.04.10.git.de1739cc84/Examples/decoder.c
Examining data/jerasure-2.0.0+2017.04.10.git.de1739cc84/Examples/encoder.c
Examining data/jerasure-2.0.0+2017.04.10.git.de1739cc84/Examples/jerasure_01.c
Examining data/jerasure-2.0.0+2017.04.10.git.de1739cc84/Examples/jerasure_02.c
Examining data/jerasure-2.0.0+2017.04.10.git.de1739cc84/Examples/jerasure_03.c
Examining data/jerasure-2.0.0+2017.04.10.git.de1739cc84/Examples/jerasure_04.c
Examining data/jerasure-2.0.0+2017.04.10.git.de1739cc84/Examples/jerasure_05.c
Examining data/jerasure-2.0.0+2017.04.10.git.de1739cc84/Examples/jerasure_06.c
Examining data/jerasure-2.0.0+2017.04.10.git.de1739cc84/Examples/jerasure_07.c
Examining data/jerasure-2.0.0+2017.04.10.git.de1739cc84/Examples/jerasure_08.c
Examining data/jerasure-2.0.0+2017.04.10.git.de1739cc84/Examples/liberation_01.c
Examining data/jerasure-2.0.0+2017.04.10.git.de1739cc84/Examples/reed_sol_01.c
Examining data/jerasure-2.0.0+2017.04.10.git.de1739cc84/Examples/reed_sol_02.c
Examining data/jerasure-2.0.0+2017.04.10.git.de1739cc84/Examples/reed_sol_03.c
Examining data/jerasure-2.0.0+2017.04.10.git.de1739cc84/Examples/reed_sol_04.c
Examining data/jerasure-2.0.0+2017.04.10.git.de1739cc84/Examples/reed_sol_test_gf.c
Examining data/jerasure-2.0.0+2017.04.10.git.de1739cc84/Examples/reed_sol_time_gf.c
Examining data/jerasure-2.0.0+2017.04.10.git.de1739cc84/Examples/test_galois.c
Examining data/jerasure-2.0.0+2017.04.10.git.de1739cc84/include/cauchy.h
Examining data/jerasure-2.0.0+2017.04.10.git.de1739cc84/include/galois.h
Examining data/jerasure-2.0.0+2017.04.10.git.de1739cc84/include/jerasure.h
Examining data/jerasure-2.0.0+2017.04.10.git.de1739cc84/include/liberation.h
Examining data/jerasure-2.0.0+2017.04.10.git.de1739cc84/include/reed_sol.h
Examining data/jerasure-2.0.0+2017.04.10.git.de1739cc84/include/timing.h
Examining data/jerasure-2.0.0+2017.04.10.git.de1739cc84/src/cauchy.c
Examining data/jerasure-2.0.0+2017.04.10.git.de1739cc84/src/cauchy_best_r6.c
Examining data/jerasure-2.0.0+2017.04.10.git.de1739cc84/src/galois.c
Examining data/jerasure-2.0.0+2017.04.10.git.de1739cc84/src/jerasure.c
Examining data/jerasure-2.0.0+2017.04.10.git.de1739cc84/src/liberation.c
Examining data/jerasure-2.0.0+2017.04.10.git.de1739cc84/src/reed_sol.c
Examining data/jerasure-2.0.0+2017.04.10.git.de1739cc84/src/timing.c

FINAL RESULTS:

data/jerasure-2.0.0+2017.04.10.git.de1739cc84/Examples/decoder.c:149:3:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
		strcpy(cs1, cs2);
data/jerasure-2.0.0+2017.04.10.git.de1739cc84/Examples/decoder.c:152:3:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
		strcpy(cs1, argv[1]);
data/jerasure-2.0.0+2017.04.10.git.de1739cc84/Examples/decoder.c:164:2:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
	sprintf(fname, "%s/Coding/%s_meta.txt", curdir, cs1);
data/jerasure-2.0.0+2017.04.10.git.de1739cc84/Examples/decoder.c:172:6:  [4] (buffer) fscanf:
  The scanf() family's %s operation, without a limit specification, permits
  buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
  different input function.
	if (fscanf(fp, "%s", temp) != 1) {
data/jerasure-2.0.0+2017.04.10.git.de1739cc84/Examples/decoder.c:186:6:  [4] (buffer) fscanf:
  The scanf() family's %s operation, without a limit specification, permits
  buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
  different input function.
	if (fscanf(fp, "%s", c_tech) != 1) {
data/jerasure-2.0.0+2017.04.10.git.de1739cc84/Examples/decoder.c:260:4:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
			sprintf(fname, "%s/Coding/%s_k%0*d%s", curdir, cs1, md, i, extension);
data/jerasure-2.0.0+2017.04.10.git.de1739cc84/Examples/decoder.c:283:4:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
			sprintf(fname, "%s/Coding/%s_m%0*d%s", curdir, cs1, md, i, extension);
data/jerasure-2.0.0+2017.04.10.git.de1739cc84/Examples/decoder.c:340:3:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
		sprintf(fname, "%s/Coding/%s_decoded%s", curdir, cs1, extension);
data/jerasure-2.0.0+2017.04.10.git.de1739cc84/Examples/encoder.c:407:3:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
		strcpy(s1, s2);
data/jerasure-2.0.0+2017.04.10.git.de1739cc84/Examples/encoder.c:410:3:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
		strcpy(s1, argv[1]);
data/jerasure-2.0.0+2017.04.10.git.de1739cc84/Examples/encoder.c:541:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
				sprintf(fname, "%s/Coding/%s_k%0*d%s", curdir, s1, md, i, extension);
data/jerasure-2.0.0+2017.04.10.git.de1739cc84/Examples/encoder.c:557:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
				sprintf(fname, "%s/Coding/%s_m%0*d%s", curdir, s1, md, i, extension);
data/jerasure-2.0.0+2017.04.10.git.de1739cc84/Examples/encoder.c:575:3:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
		sprintf(fname, "%s/Coding/%s_meta.txt", curdir, s1);
data/jerasure-2.0.0+2017.04.10.git.de1739cc84/Examples/cauchy_02.c:101:20:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    up = (unsigned char *) ptrs[i];
data/jerasure-2.0.0+2017.04.10.git.de1739cc84/Examples/cauchy_02.c:181:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(dcopy[i], data[i], sizeof(long)*w);
data/jerasure-2.0.0+2017.04.10.git.de1739cc84/Examples/cauchy_03.c:105:20:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    up = (unsigned char *) ptrs[i];
data/jerasure-2.0.0+2017.04.10.git.de1739cc84/Examples/cauchy_03.c:199:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(dcopy[i], data[i], sizeof(long)*w);
data/jerasure-2.0.0+2017.04.10.git.de1739cc84/Examples/cauchy_04.c:102:20:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    up = (unsigned char *) ptrs[i];
data/jerasure-2.0.0+2017.04.10.git.de1739cc84/Examples/cauchy_04.c:181:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(dcopy[i], data[i], sizeof(long)*w);
data/jerasure-2.0.0+2017.04.10.git.de1739cc84/Examples/decoder.c:82:1:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
char *Methods[N] = {"reed_sol_van", "reed_sol_r6_op", "cauchy_orig", "cauchy_good", "liberation", "blaum_roth", "liber8tion", "rdp", "evenodd", "no_coding"};
data/jerasure-2.0.0+2017.04.10.git.de1739cc84/Examples/decoder.c:166:7:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
	fp = fopen(fname, "rb");
data/jerasure-2.0.0+2017.04.10.git.de1739cc84/Examples/decoder.c:171:10:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	temp = (char *)malloc(sizeof(char)*(strlen(argv[1])+20));
data/jerasure-2.0.0+2017.04.10.git.de1739cc84/Examples/decoder.c:185:12:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	c_tech = (char *)malloc(sizeof(char)*(strlen(argv[1])+20));
data/jerasure-2.0.0+2017.04.10.git.de1739cc84/Examples/decoder.c:219:2:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
	sprintf(temp, "%d", k);
data/jerasure-2.0.0+2017.04.10.git.de1739cc84/Examples/decoder.c:261:9:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
			fp = fopen(fname, "rb");
data/jerasure-2.0.0+2017.04.10.git.de1739cc84/Examples/decoder.c:284:10:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
				fp = fopen(fname, "rb");
data/jerasure-2.0.0+2017.04.10.git.de1739cc84/Examples/decoder.c:342:9:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
			fp = fopen(fname, "wb");
data/jerasure-2.0.0+2017.04.10.git.de1739cc84/Examples/decoder.c:345:9:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
			fp = fopen(fname, "ab");
data/jerasure-2.0.0+2017.04.10.git.de1739cc84/Examples/encoder.c:80:1:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
char *Methods[N] = {"reed_sol_van", "reed_sol_r6_op", "cauchy_orig", "cauchy_good", "liberation", "blaum_roth", "liber8tion", "no_coding"};
data/jerasure-2.0.0+2017.04.10.git.de1739cc84/Examples/encoder.c:122:2:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	char temp[5];
data/jerasure-2.0.0+2017.04.10.git.de1739cc84/Examples/encoder.c:334:8:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
		fp = fopen(argv[1], "rb");
data/jerasure-2.0.0+2017.04.10.git.de1739cc84/Examples/encoder.c:422:2:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
	sprintf(temp, "%d", k);
data/jerasure-2.0.0+2017.04.10.git.de1739cc84/Examples/encoder.c:543:12:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
					fp2 = fopen(fname, "wb");
data/jerasure-2.0.0+2017.04.10.git.de1739cc84/Examples/encoder.c:546:12:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
					fp2 = fopen(fname, "ab");
data/jerasure-2.0.0+2017.04.10.git.de1739cc84/Examples/encoder.c:559:12:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
					fp2 = fopen(fname, "wb");
data/jerasure-2.0.0+2017.04.10.git.de1739cc84/Examples/encoder.c:562:12:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
					fp2 = fopen(fname, "ab");
data/jerasure-2.0.0+2017.04.10.git.de1739cc84/Examples/encoder.c:576:9:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
		fp2 = fopen(fname, "wb");
data/jerasure-2.0.0+2017.04.10.git.de1739cc84/Examples/jerasure_03.c:105:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
  memcpy(matrix_copy, matrix, sizeof(int)*k*k);
data/jerasure-2.0.0+2017.04.10.git.de1739cc84/Examples/jerasure_03.c:110:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(matrix_copy, matrix, sizeof(int)*k*k);
data/jerasure-2.0.0+2017.04.10.git.de1739cc84/Examples/jerasure_04.c:104:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
  memcpy(bitmatrix_copy, bitmatrix, sizeof(int)*k*w*k*w);
data/jerasure-2.0.0+2017.04.10.git.de1739cc84/Examples/jerasure_04.c:109:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(bitmatrix_copy, bitmatrix, sizeof(int)*k*w*k*w);
data/jerasure-2.0.0+2017.04.10.git.de1739cc84/Examples/jerasure_06.c:89:20:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    up = (unsigned char *) ptrs[i];
data/jerasure-2.0.0+2017.04.10.git.de1739cc84/Examples/jerasure_07.c:89:20:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    up = (unsigned char *) ptrs[i];
data/jerasure-2.0.0+2017.04.10.git.de1739cc84/Examples/jerasure_08.c:92:20:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    up = (unsigned char *) ptrs[i];
data/jerasure-2.0.0+2017.04.10.git.de1739cc84/Examples/liberation_01.c:90:20:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    up = (unsigned char *) ptrs[i];
data/jerasure-2.0.0+2017.04.10.git.de1739cc84/Examples/reed_sol_01.c:146:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(dcopy[i], data[i], sizeof(long));
data/jerasure-2.0.0+2017.04.10.git.de1739cc84/Examples/reed_sol_01.c:159:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(ccopy[i], coding[i], sizeof(long));
data/jerasure-2.0.0+2017.04.10.git.de1739cc84/Examples/reed_sol_01.c:173:7:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
      memcpy((erasures[i] < k) ? data[erasures[i]] : coding[erasures[i]-k], &l, sizeof(long));
data/jerasure-2.0.0+2017.04.10.git.de1739cc84/Examples/reed_sol_03.c:147:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(dcopy[i], data[i], sizeof(long));
data/jerasure-2.0.0+2017.04.10.git.de1739cc84/Examples/reed_sol_03.c:159:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(ccopy[i], coding[i], sizeof(long));
data/jerasure-2.0.0+2017.04.10.git.de1739cc84/Examples/reed_sol_03.c:173:7:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
      memcpy((erasures[i] < k) ? data[erasures[i]] : coding[erasures[i]-k], &l, sizeof(long));
data/jerasure-2.0.0+2017.04.10.git.de1739cc84/Examples/reed_sol_04.c:94:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
  memcpy(copy, a32, sizeof(int)*4);
data/jerasure-2.0.0+2017.04.10.git.de1739cc84/Examples/reed_sol_test_gf.c:166:7:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
      memcpy(old_values[i], (erasures[i] < k) ? data[erasures[i]] : coding[erasures[i]-k], BUFSIZE);
data/jerasure-2.0.0+2017.04.10.git.de1739cc84/Examples/reed_sol_time_gf.c:174:7:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
      memcpy(old_values[i], (erasures[i] < k) ? data[erasures[i]] : coding[erasures[i]-k], bufsize);
data/jerasure-2.0.0+2017.04.10.git.de1739cc84/src/jerasure.c:65:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char s[30];
data/jerasure-2.0.0+2017.04.10.git.de1739cc84/src/jerasure.c:72:5:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
    sprintf(s, "%u", w2-1);
data/jerasure-2.0.0+2017.04.10.git.de1739cc84/src/jerasure.c:354:15:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
              memcpy(pptr, dptr, packetsize);
data/jerasure-2.0.0+2017.04.10.git.de1739cc84/src/jerasure.c:373:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
  memcpy(parity_ptr, data_ptrs[0], size);
data/jerasure-2.0.0+2017.04.10.git.de1739cc84/src/jerasure.c:612:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(dptr, sptr, size);
data/jerasure-2.0.0+2017.04.10.git.de1739cc84/src/jerasure.c:902:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(ptr, bitmatrix+k*w*w*(row_ids[i]-k), k*w*w*sizeof(int));
data/jerasure-2.0.0+2017.04.10.git.de1739cc84/src/jerasure.c:925:7:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
      memcpy(ptr, inverse+k*w*w*row_ids[k+i], sizeof(int)*k*w*w);
data/jerasure-2.0.0+2017.04.10.git.de1739cc84/src/jerasure.c:946:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(ptr, bitmatrix+drive*k*w*w, sizeof(int)*k*w*w);
data/jerasure-2.0.0+2017.04.10.git.de1739cc84/src/jerasure.c:1225:7:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
      memcpy(dptr, sptr, packetsize);
data/jerasure-2.0.0+2017.04.10.git.de1739cc84/src/reed_sol.c:155:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
  memcpy(coding_ptrs[0], data_ptrs[0], size);
data/jerasure-2.0.0+2017.04.10.git.de1739cc84/src/reed_sol.c:161:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
  memcpy(coding_ptrs[1], data_ptrs[k-1], size);
data/jerasure-2.0.0+2017.04.10.git.de1739cc84/Examples/decoder.c:145:35:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	cs1 = (char*)malloc(sizeof(char)*strlen(argv[1]));
data/jerasure-2.0.0+2017.04.10.git.de1739cc84/Examples/decoder.c:161:44:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	fname = (char *)malloc(sizeof(char*)*(100+strlen(argv[1])+20));
data/jerasure-2.0.0+2017.04.10.git.de1739cc84/Examples/decoder.c:171:38:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	temp = (char *)malloc(sizeof(char)*(strlen(argv[1])+20));
data/jerasure-2.0.0+2017.04.10.git.de1739cc84/Examples/decoder.c:185:40:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	c_tech = (char *)malloc(sizeof(char)*(strlen(argv[1])+20));
data/jerasure-2.0.0+2017.04.10.git.de1739cc84/Examples/decoder.c:220:7:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	md = strlen(temp);
data/jerasure-2.0.0+2017.04.10.git.de1739cc84/Examples/encoder.c:403:35:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	s1 = (char*)malloc(sizeof(char)*(strlen(argv[1])+20));
data/jerasure-2.0.0+2017.04.10.git.de1739cc84/Examples/encoder.c:421:38:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	fname = (char*)malloc(sizeof(char)*(strlen(argv[1])+strlen(curdir)+20));
data/jerasure-2.0.0+2017.04.10.git.de1739cc84/Examples/encoder.c:421:54:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	fname = (char*)malloc(sizeof(char)*(strlen(argv[1])+strlen(curdir)+20));
data/jerasure-2.0.0+2017.04.10.git.de1739cc84/Examples/encoder.c:423:7:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	md = strlen(temp);
data/jerasure-2.0.0+2017.04.10.git.de1739cc84/src/jerasure.c:73:10:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    fw = strlen(s);

ANALYSIS SUMMARY:

Hits = 75
Lines analyzed = 10012 in approximately 0.61 seconds (16371 lines/second)
Physical Source Lines of Code (SLOC) = 7197
Hits@level = [0] 926 [1]  10 [2]  52 [3]   0 [4]  13 [5]   0
Hits@level+ = [0+] 1001 [1+]  75 [2+]  65 [3+]  13 [4+]  13 [5+]   0
Hits/KSLOC@level+ = [0+] 139.086 [1+] 10.421 [2+] 9.03154 [3+] 1.80631 [4+] 1.80631 [5+]   0
Dot directories skipped = 1 (--followdotdir overrides)
Minimum risk level = 1
Not every hit is necessarily a security vulnerability.
There may be other security vulnerabilities; review your code!
See 'Secure Programming HOWTO'
(https://dwheeler.com/secure-programs) for more information.