Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler.
Number of rules (primarily dangerous function names) in C/C++ ruleset: 223
Examining data/libldac-2.0.2.3+git20200429+ed310a0/abr/inc/ldacBT_abr.h
Examining data/libldac-2.0.2.3+git20200429+ed310a0/abr/src/ldacBT_abr.c
Examining data/libldac-2.0.2.3+git20200429+ed310a0/inc/ldacBT.h
Examining data/libldac-2.0.2.3+git20200429+ed310a0/src/bitalloc_ldac.c
Examining data/libldac-2.0.2.3+git20200429+ed310a0/src/bitalloc_sub_ldac.c
Examining data/libldac-2.0.2.3+git20200429+ed310a0/src/encode_ldac.c
Examining data/libldac-2.0.2.3+git20200429+ed310a0/src/fixp_ldac.h
Examining data/libldac-2.0.2.3+git20200429+ed310a0/src/func_fixp_ldac.c
Examining data/libldac-2.0.2.3+git20200429+ed310a0/src/ldac.h
Examining data/libldac-2.0.2.3+git20200429+ed310a0/src/ldacBT.c
Examining data/libldac-2.0.2.3+git20200429+ed310a0/src/ldacBT_api.c
Examining data/libldac-2.0.2.3+git20200429+ed310a0/src/ldacBT_ex.h
Examining data/libldac-2.0.2.3+git20200429+ed310a0/src/ldacBT_internal.c
Examining data/libldac-2.0.2.3+git20200429+ed310a0/src/ldacBT_internal.h
Examining data/libldac-2.0.2.3+git20200429+ed310a0/src/ldaclib.c
Examining data/libldac-2.0.2.3+git20200429+ed310a0/src/ldaclib.h
Examining data/libldac-2.0.2.3+git20200429+ed310a0/src/ldaclib_api.c
Examining data/libldac-2.0.2.3+git20200429+ed310a0/src/mdct_fixp_ldac.c
Examining data/libldac-2.0.2.3+git20200429+ed310a0/src/mdct_ldac.c
Examining data/libldac-2.0.2.3+git20200429+ed310a0/src/memory_ldac.c
Examining data/libldac-2.0.2.3+git20200429+ed310a0/src/pack_ldac.c
Examining data/libldac-2.0.2.3+git20200429+ed310a0/src/proto_ldac.h
Examining data/libldac-2.0.2.3+git20200429+ed310a0/src/quant_fixp_ldac.c
Examining data/libldac-2.0.2.3+git20200429+ed310a0/src/quant_ldac.c
Examining data/libldac-2.0.2.3+git20200429+ed310a0/src/setpcm_fixp_ldac.c
Examining data/libldac-2.0.2.3+git20200429+ed310a0/src/setpcm_ldac.c
Examining data/libldac-2.0.2.3+git20200429+ed310a0/src/sigana_fixp_ldac.c
Examining data/libldac-2.0.2.3+git20200429+ed310a0/src/sigana_ldac.c
Examining data/libldac-2.0.2.3+git20200429+ed310a0/src/struct_ldac.h
Examining data/libldac-2.0.2.3+git20200429+ed310a0/src/tables_ldac.c
Examining data/libldac-2.0.2.3+git20200429+ed310a0/src/tables_sigproc_fixp_ldac.c
Examining data/libldac-2.0.2.3+git20200429+ed310a0/src/tables_sigproc_ldac.c

FINAL RESULTS:

data/libldac-2.0.2.3+git20200429+ed310a0/src/bitalloc_sub_ldac.c:82:23:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
static const unsigned char sa_bitlen_maxdif_0_ldac[LDAC_NIDSF] = {
data/libldac-2.0.2.3+git20200429+ed310a0/src/bitalloc_sub_ldac.c:136:23:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
static const unsigned char sa_bitlen_maxdif_1_ldac[LDAC_NIDSF] = {
data/libldac-2.0.2.3+git20200429+ed310a0/src/bitalloc_sub_ldac.c:187:23:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
static const unsigned char sa_bitlen_absmax_2_ldac[LDAC_NIDSF>>1] = {
data/libldac-2.0.2.3+git20200429+ed310a0/src/ldacBT_api.c:359:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char a_frm_header[LDACBT_FRMHDRBYTES + 2];
data/libldac-2.0.2.3+git20200429+ed310a0/src/ldacBT_internal.c:237:30:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
            char *p_lch_8 = (char *)ap_pcm[0];
data/libldac-2.0.2.3+git20200429+ed310a0/src/ldacBT_internal.c:238:30:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
            char *p_rch_8 = (char *)ap_pcm[1];
data/libldac-2.0.2.3+git20200429+ed310a0/src/ldacBT_internal.c:256:30:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
            char *p_lch_8 = (char *)ap_pcm[0];
data/libldac-2.0.2.3+git20200429+ed310a0/src/ldacBT_internal.c:257:30:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
            char *p_rch_8 = (char *)ap_pcm[1];
data/libldac-2.0.2.3+git20200429+ed310a0/src/ldacBT_internal.h:102:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char strModeName[4];
data/libldac-2.0.2.3+git20200429+ed310a0/src/ldacBT_internal.h:133:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char buf[LDACBT_ENC_STREAM_BUF_SZ];
data/libldac-2.0.2.3+git20200429+ed310a0/src/ldacBT_internal.h:139:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char buf[LDACBT_ENC_PCM_BUF_SZ]; 
data/libldac-2.0.2.3+git20200429+ed310a0/src/ldacBT_internal.h:183:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char *ap_pcm[LDAC_PRCNCH];
data/libldac-2.0.2.3+git20200429+ed310a0/src/ldacBT_internal.h:184:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char a_pcm[LDAC_PRCNCH * LDACBT_MAX_LSU * LDACBT_PCM_WLEN_MAX];
data/libldac-2.0.2.3+git20200429+ed310a0/src/ldaclib_api.c:739:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char *ap_buf[LDAC_PRCNCH];
data/libldac-2.0.2.3+git20200429+ed310a0/src/struct_ldac.h:74:36:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
#define copy_data_ldac(p1, p2, n)  memcpy((p2), (p1), (n))
data/libldac-2.0.2.3+git20200429+ed310a0/src/struct_ldac.h:75:36:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
#define copy_seq_s_ldac(p1, p2, n) memcpy((p2), (p1), (n)*sizeof(short))
data/libldac-2.0.2.3+git20200429+ed310a0/src/struct_ldac.h:76:36:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
#define copy_seq_l_ldac(p1, p2, n) memcpy((p2), (p1), (n)*sizeof(int))
data/libldac-2.0.2.3+git20200429+ed310a0/src/struct_ldac.h:77:36:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
#define copy_seq_f_ldac(p1, p2, n) memcpy((p2), (p1), (n)*sizeof(SCALAR))
data/libldac-2.0.2.3+git20200429+ed310a0/src/tables_ldac.c:30:25:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
DECLFUNC const unsigned char ga_ln_framesmpls_ldac[LDAC_NSUPSMPLRATEID] = {
data/libldac-2.0.2.3+git20200429+ed310a0/src/tables_ldac.c:34:25:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
DECLFUNC const unsigned char ga_max_nbands_ldac[LDAC_NSUPSMPLRATEID] = {
data/libldac-2.0.2.3+git20200429+ed310a0/src/tables_ldac.c:38:16:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
DECLFUNC const char gaa_nlnn_shift_ldac[LDAC_NSUPSMPLRATEID][LDAC_NSFTSTEP] = {
data/libldac-2.0.2.3+git20200429+ed310a0/src/tables_ldac.c:48:25:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
DECLFUNC const unsigned char ga_ch_ldac[LDAC_NCHCONFIGID] = {
data/libldac-2.0.2.3+git20200429+ed310a0/src/tables_ldac.c:52:25:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
DECLFUNC const unsigned char ga_chconfig_id_ldac[LDAC_MAXNCH+1] = {
data/libldac-2.0.2.3+git20200429+ed310a0/src/tables_ldac.c:56:16:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
DECLFUNC const char gaa_block_setting_ldac[LDAC_NCHCONFIGID][LDAC_MAXNCH+2]=
data/libldac-2.0.2.3+git20200429+ed310a0/src/tables_ldac.c:85:25:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
DECLFUNC const unsigned char ga_idsp_ldac[LDAC_MAXNQUS] = {
data/libldac-2.0.2.3+git20200429+ed310a0/src/tables_ldac.c:99:25:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
DECLFUNC const unsigned char ga_nsps_ldac[LDAC_MAXNQUS] = {
data/libldac-2.0.2.3+git20200429+ed310a0/src/tables_ldac.c:128:25:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
DECLFUNC const unsigned char ga_nqus_ldac[LDAC_MAXNBANDS+1] = {
data/libldac-2.0.2.3+git20200429+ed310a0/src/tables_ldac.c:135:25:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
DECLFUNC const unsigned char ga_wl_ldac[LDAC_NIDWL] = {
data/libldac-2.0.2.3+git20200429+ed310a0/src/tables_ldac.c:173:25:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
DECLFUNC const unsigned char gaa_resamp_grad_ldac[LDAC_MAXGRADQU][LDAC_MAXGRADQU] = {
data/libldac-2.0.2.3+git20200429+ed310a0/src/tables_ldac.c:379:25:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
DECLFUNC const unsigned char gaa_sfcwgt_ldac[LDAC_NSFCWTBL][LDAC_MAXNQUS] = {

ANALYSIS SUMMARY:

Hits = 30
Lines analyzed = 8668 in approximately 0.32 seconds (27029 lines/second)
Physical Source Lines of Code (SLOC) = 6015
Hits@level = [0]   0 [1]   0 [2]  30 [3]   0 [4]   0 [5]   0
Hits@level+ = [0+]  30 [1+]  30 [2+]  30 [3+]   0 [4+]   0 [5+]   0
Hits/KSLOC@level+ = [0+] 4.98753 [1+] 4.98753 [2+] 4.98753 [3+]   0 [4+]   0 [5+]   0
Dot directories skipped = 1 (--followdotdir overrides)
Minimum risk level = 1
Not every hit is necessarily a security vulnerability.
There may be other security vulnerabilities; review your code!
See 'Secure Programming HOWTO'
(https://dwheeler.com/secure-programs) for more information.