Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler. Number of rules (primarily dangerous function names) in C/C++ ruleset: 223 Examining data/libldac-2.0.2.3+git20200429+ed310a0/abr/inc/ldacBT_abr.h Examining data/libldac-2.0.2.3+git20200429+ed310a0/abr/src/ldacBT_abr.c Examining data/libldac-2.0.2.3+git20200429+ed310a0/inc/ldacBT.h Examining data/libldac-2.0.2.3+git20200429+ed310a0/src/bitalloc_ldac.c Examining data/libldac-2.0.2.3+git20200429+ed310a0/src/bitalloc_sub_ldac.c Examining data/libldac-2.0.2.3+git20200429+ed310a0/src/encode_ldac.c Examining data/libldac-2.0.2.3+git20200429+ed310a0/src/fixp_ldac.h Examining data/libldac-2.0.2.3+git20200429+ed310a0/src/func_fixp_ldac.c Examining data/libldac-2.0.2.3+git20200429+ed310a0/src/ldac.h Examining data/libldac-2.0.2.3+git20200429+ed310a0/src/ldacBT.c Examining data/libldac-2.0.2.3+git20200429+ed310a0/src/ldacBT_api.c Examining data/libldac-2.0.2.3+git20200429+ed310a0/src/ldacBT_ex.h Examining data/libldac-2.0.2.3+git20200429+ed310a0/src/ldacBT_internal.c Examining data/libldac-2.0.2.3+git20200429+ed310a0/src/ldacBT_internal.h Examining data/libldac-2.0.2.3+git20200429+ed310a0/src/ldaclib.c Examining data/libldac-2.0.2.3+git20200429+ed310a0/src/ldaclib.h Examining data/libldac-2.0.2.3+git20200429+ed310a0/src/ldaclib_api.c Examining data/libldac-2.0.2.3+git20200429+ed310a0/src/mdct_fixp_ldac.c Examining data/libldac-2.0.2.3+git20200429+ed310a0/src/mdct_ldac.c Examining data/libldac-2.0.2.3+git20200429+ed310a0/src/memory_ldac.c Examining data/libldac-2.0.2.3+git20200429+ed310a0/src/pack_ldac.c Examining data/libldac-2.0.2.3+git20200429+ed310a0/src/proto_ldac.h Examining data/libldac-2.0.2.3+git20200429+ed310a0/src/quant_fixp_ldac.c Examining data/libldac-2.0.2.3+git20200429+ed310a0/src/quant_ldac.c Examining data/libldac-2.0.2.3+git20200429+ed310a0/src/setpcm_fixp_ldac.c Examining data/libldac-2.0.2.3+git20200429+ed310a0/src/setpcm_ldac.c Examining data/libldac-2.0.2.3+git20200429+ed310a0/src/sigana_fixp_ldac.c Examining data/libldac-2.0.2.3+git20200429+ed310a0/src/sigana_ldac.c Examining data/libldac-2.0.2.3+git20200429+ed310a0/src/struct_ldac.h Examining data/libldac-2.0.2.3+git20200429+ed310a0/src/tables_ldac.c Examining data/libldac-2.0.2.3+git20200429+ed310a0/src/tables_sigproc_fixp_ldac.c Examining data/libldac-2.0.2.3+git20200429+ed310a0/src/tables_sigproc_ldac.c FINAL RESULTS: data/libldac-2.0.2.3+git20200429+ed310a0/src/bitalloc_sub_ldac.c:82:23: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static const unsigned char sa_bitlen_maxdif_0_ldac[LDAC_NIDSF] = { data/libldac-2.0.2.3+git20200429+ed310a0/src/bitalloc_sub_ldac.c:136:23: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static const unsigned char sa_bitlen_maxdif_1_ldac[LDAC_NIDSF] = { data/libldac-2.0.2.3+git20200429+ed310a0/src/bitalloc_sub_ldac.c:187:23: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static const unsigned char sa_bitlen_absmax_2_ldac[LDAC_NIDSF>>1] = { data/libldac-2.0.2.3+git20200429+ed310a0/src/ldacBT_api.c:359:14: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char a_frm_header[LDACBT_FRMHDRBYTES + 2]; data/libldac-2.0.2.3+git20200429+ed310a0/src/ldacBT_internal.c:237:30: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char *p_lch_8 = (char *)ap_pcm[0]; data/libldac-2.0.2.3+git20200429+ed310a0/src/ldacBT_internal.c:238:30: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char *p_rch_8 = (char *)ap_pcm[1]; data/libldac-2.0.2.3+git20200429+ed310a0/src/ldacBT_internal.c:256:30: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char *p_lch_8 = (char *)ap_pcm[0]; data/libldac-2.0.2.3+git20200429+ed310a0/src/ldacBT_internal.c:257:30: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char *p_rch_8 = (char *)ap_pcm[1]; data/libldac-2.0.2.3+git20200429+ed310a0/src/ldacBT_internal.h:102:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char strModeName[4]; data/libldac-2.0.2.3+git20200429+ed310a0/src/ldacBT_internal.h:133:14: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char buf[LDACBT_ENC_STREAM_BUF_SZ]; data/libldac-2.0.2.3+git20200429+ed310a0/src/ldacBT_internal.h:139:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[LDACBT_ENC_PCM_BUF_SZ]; data/libldac-2.0.2.3+git20200429+ed310a0/src/ldacBT_internal.h:183:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char *ap_pcm[LDAC_PRCNCH]; data/libldac-2.0.2.3+git20200429+ed310a0/src/ldacBT_internal.h:184:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char a_pcm[LDAC_PRCNCH * LDACBT_MAX_LSU * LDACBT_PCM_WLEN_MAX]; data/libldac-2.0.2.3+git20200429+ed310a0/src/ldaclib_api.c:739:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char *ap_buf[LDAC_PRCNCH]; data/libldac-2.0.2.3+git20200429+ed310a0/src/struct_ldac.h:74:36: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. #define copy_data_ldac(p1, p2, n) memcpy((p2), (p1), (n)) data/libldac-2.0.2.3+git20200429+ed310a0/src/struct_ldac.h:75:36: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. #define copy_seq_s_ldac(p1, p2, n) memcpy((p2), (p1), (n)*sizeof(short)) data/libldac-2.0.2.3+git20200429+ed310a0/src/struct_ldac.h:76:36: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. #define copy_seq_l_ldac(p1, p2, n) memcpy((p2), (p1), (n)*sizeof(int)) data/libldac-2.0.2.3+git20200429+ed310a0/src/struct_ldac.h:77:36: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. #define copy_seq_f_ldac(p1, p2, n) memcpy((p2), (p1), (n)*sizeof(SCALAR)) data/libldac-2.0.2.3+git20200429+ed310a0/src/tables_ldac.c:30:25: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. DECLFUNC const unsigned char ga_ln_framesmpls_ldac[LDAC_NSUPSMPLRATEID] = { data/libldac-2.0.2.3+git20200429+ed310a0/src/tables_ldac.c:34:25: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. DECLFUNC const unsigned char ga_max_nbands_ldac[LDAC_NSUPSMPLRATEID] = { data/libldac-2.0.2.3+git20200429+ed310a0/src/tables_ldac.c:38:16: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. DECLFUNC const char gaa_nlnn_shift_ldac[LDAC_NSUPSMPLRATEID][LDAC_NSFTSTEP] = { data/libldac-2.0.2.3+git20200429+ed310a0/src/tables_ldac.c:48:25: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. DECLFUNC const unsigned char ga_ch_ldac[LDAC_NCHCONFIGID] = { data/libldac-2.0.2.3+git20200429+ed310a0/src/tables_ldac.c:52:25: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. DECLFUNC const unsigned char ga_chconfig_id_ldac[LDAC_MAXNCH+1] = { data/libldac-2.0.2.3+git20200429+ed310a0/src/tables_ldac.c:56:16: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. DECLFUNC const char gaa_block_setting_ldac[LDAC_NCHCONFIGID][LDAC_MAXNCH+2]= data/libldac-2.0.2.3+git20200429+ed310a0/src/tables_ldac.c:85:25: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. DECLFUNC const unsigned char ga_idsp_ldac[LDAC_MAXNQUS] = { data/libldac-2.0.2.3+git20200429+ed310a0/src/tables_ldac.c:99:25: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. DECLFUNC const unsigned char ga_nsps_ldac[LDAC_MAXNQUS] = { data/libldac-2.0.2.3+git20200429+ed310a0/src/tables_ldac.c:128:25: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. DECLFUNC const unsigned char ga_nqus_ldac[LDAC_MAXNBANDS+1] = { data/libldac-2.0.2.3+git20200429+ed310a0/src/tables_ldac.c:135:25: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. DECLFUNC const unsigned char ga_wl_ldac[LDAC_NIDWL] = { data/libldac-2.0.2.3+git20200429+ed310a0/src/tables_ldac.c:173:25: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. DECLFUNC const unsigned char gaa_resamp_grad_ldac[LDAC_MAXGRADQU][LDAC_MAXGRADQU] = { data/libldac-2.0.2.3+git20200429+ed310a0/src/tables_ldac.c:379:25: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. DECLFUNC const unsigned char gaa_sfcwgt_ldac[LDAC_NSFCWTBL][LDAC_MAXNQUS] = { ANALYSIS SUMMARY: Hits = 30 Lines analyzed = 8668 in approximately 0.32 seconds (27029 lines/second) Physical Source Lines of Code (SLOC) = 6015 Hits@level = [0] 0 [1] 0 [2] 30 [3] 0 [4] 0 [5] 0 Hits@level+ = [0+] 30 [1+] 30 [2+] 30 [3+] 0 [4+] 0 [5+] 0 Hits/KSLOC@level+ = [0+] 4.98753 [1+] 4.98753 [2+] 4.98753 [3+] 0 [4+] 0 [5+] 0 Dot directories skipped = 1 (--followdotdir overrides) Minimum risk level = 1 Not every hit is necessarily a security vulnerability. There may be other security vulnerabilities; review your code! See 'Secure Programming HOWTO' (https://dwheeler.com/secure-programs) for more information.