Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler.
Number of rules (primarily dangerous function names) in C/C++ ruleset: 223
Examining data/liblivemedia-2020.01.19/liveMedia/AC3AudioFileServerMediaSubsession.cpp
Examining data/liblivemedia-2020.01.19/liveMedia/AC3AudioRTPSink.cpp
Examining data/liblivemedia-2020.01.19/liveMedia/AC3AudioRTPSource.cpp
Examining data/liblivemedia-2020.01.19/liveMedia/AC3AudioStreamFramer.cpp
Examining data/liblivemedia-2020.01.19/liveMedia/ADTSAudioFileServerMediaSubsession.cpp
Examining data/liblivemedia-2020.01.19/liveMedia/ADTSAudioFileSource.cpp
Examining data/liblivemedia-2020.01.19/liveMedia/AMRAudioFileServerMediaSubsession.cpp
Examining data/liblivemedia-2020.01.19/liveMedia/AMRAudioFileSink.cpp
Examining data/liblivemedia-2020.01.19/liveMedia/AMRAudioFileSource.cpp
Examining data/liblivemedia-2020.01.19/liveMedia/AMRAudioRTPSink.cpp
Examining data/liblivemedia-2020.01.19/liveMedia/AMRAudioRTPSource.cpp
Examining data/liblivemedia-2020.01.19/liveMedia/AMRAudioSource.cpp
Examining data/liblivemedia-2020.01.19/liveMedia/AudioInputDevice.cpp
Examining data/liblivemedia-2020.01.19/liveMedia/AudioRTPSink.cpp
Examining data/liblivemedia-2020.01.19/liveMedia/AVIFileSink.cpp
Examining data/liblivemedia-2020.01.19/liveMedia/Base64.cpp
Examining data/liblivemedia-2020.01.19/liveMedia/BasicUDPSink.cpp
Examining data/liblivemedia-2020.01.19/liveMedia/BasicUDPSource.cpp
Examining data/liblivemedia-2020.01.19/liveMedia/BitVector.cpp
Examining data/liblivemedia-2020.01.19/liveMedia/ByteStreamFileSource.cpp
Examining data/liblivemedia-2020.01.19/liveMedia/ByteStreamMemoryBufferSource.cpp
Examining data/liblivemedia-2020.01.19/liveMedia/ByteStreamMultiFileSource.cpp
Examining data/liblivemedia-2020.01.19/liveMedia/DeviceSource.cpp
Examining data/liblivemedia-2020.01.19/liveMedia/DigestAuthentication.cpp
Examining data/liblivemedia-2020.01.19/liveMedia/DVVideoFileServerMediaSubsession.cpp
Examining data/liblivemedia-2020.01.19/liveMedia/DVVideoRTPSink.cpp
Examining data/liblivemedia-2020.01.19/liveMedia/DVVideoRTPSource.cpp
Examining data/liblivemedia-2020.01.19/liveMedia/DVVideoStreamFramer.cpp
Examining data/liblivemedia-2020.01.19/liveMedia/EBMLNumber.cpp
Examining data/liblivemedia-2020.01.19/liveMedia/FileServerMediaSubsession.cpp
Examining data/liblivemedia-2020.01.19/liveMedia/FileSink.cpp
Examining data/liblivemedia-2020.01.19/liveMedia/FramedFileSource.cpp
Examining data/liblivemedia-2020.01.19/liveMedia/FramedFilter.cpp
Examining data/liblivemedia-2020.01.19/liveMedia/FramedSource.cpp
Examining data/liblivemedia-2020.01.19/liveMedia/GSMAudioRTPSink.cpp
Examining data/liblivemedia-2020.01.19/liveMedia/H261VideoRTPSource.cpp
Examining data/liblivemedia-2020.01.19/liveMedia/H263plusVideoFileServerMediaSubsession.cpp
Examining data/liblivemedia-2020.01.19/liveMedia/H263plusVideoRTPSink.cpp
Examining data/liblivemedia-2020.01.19/liveMedia/H263plusVideoRTPSource.cpp
Examining data/liblivemedia-2020.01.19/liveMedia/H263plusVideoStreamFramer.cpp
Examining data/liblivemedia-2020.01.19/liveMedia/H263plusVideoStreamParser.cpp
Examining data/liblivemedia-2020.01.19/liveMedia/H264or5VideoRTPSink.cpp
Examining data/liblivemedia-2020.01.19/liveMedia/H264or5VideoFileSink.cpp
Examining data/liblivemedia-2020.01.19/liveMedia/H264or5VideoStreamDiscreteFramer.cpp
Examining data/liblivemedia-2020.01.19/liveMedia/H264or5VideoStreamFramer.cpp
Examining data/liblivemedia-2020.01.19/liveMedia/H264VideoFileServerMediaSubsession.cpp
Examining data/liblivemedia-2020.01.19/liveMedia/H264VideoFileSink.cpp
Examining data/liblivemedia-2020.01.19/liveMedia/H264VideoRTPSink.cpp
Examining data/liblivemedia-2020.01.19/liveMedia/H264VideoRTPSource.cpp
Examining data/liblivemedia-2020.01.19/liveMedia/H264VideoStreamDiscreteFramer.cpp
Examining data/liblivemedia-2020.01.19/liveMedia/H264VideoStreamFramer.cpp
Examining data/liblivemedia-2020.01.19/liveMedia/H265VideoFileServerMediaSubsession.cpp
Examining data/liblivemedia-2020.01.19/liveMedia/H265VideoFileSink.cpp
Examining data/liblivemedia-2020.01.19/liveMedia/H265VideoRTPSink.cpp
Examining data/liblivemedia-2020.01.19/liveMedia/Locale.cpp
Examining data/liblivemedia-2020.01.19/liveMedia/H265VideoRTPSource.cpp
Examining data/liblivemedia-2020.01.19/liveMedia/H265VideoStreamDiscreteFramer.cpp
Examining data/liblivemedia-2020.01.19/liveMedia/H265VideoStreamFramer.cpp
Examining data/liblivemedia-2020.01.19/liveMedia/InputFile.cpp
Examining data/liblivemedia-2020.01.19/liveMedia/JPEGVideoRTPSink.cpp
Examining data/liblivemedia-2020.01.19/liveMedia/JPEGVideoRTPSource.cpp
Examining data/liblivemedia-2020.01.19/liveMedia/JPEGVideoSource.cpp
Examining data/liblivemedia-2020.01.19/liveMedia/MatroskaDemuxedTrack.cpp
Examining data/liblivemedia-2020.01.19/liveMedia/MatroskaFile.cpp
Examining data/liblivemedia-2020.01.19/liveMedia/MatroskaFileParser.cpp
Examining data/liblivemedia-2020.01.19/liveMedia/MatroskaFileServerDemux.cpp
Examining data/liblivemedia-2020.01.19/liveMedia/Media.cpp
Examining data/liblivemedia-2020.01.19/liveMedia/MediaSink.cpp
Examining data/liblivemedia-2020.01.19/liveMedia/MatroskaFileServerMediaSubsession.cpp
Examining data/liblivemedia-2020.01.19/liveMedia/MediaSource.cpp
Examining data/liblivemedia-2020.01.19/liveMedia/MP3ADU.cpp
Examining data/liblivemedia-2020.01.19/liveMedia/MP3ADUdescriptor.cpp
Examining data/liblivemedia-2020.01.19/liveMedia/MP3ADUinterleaving.cpp
Examining data/liblivemedia-2020.01.19/liveMedia/MP3ADURTPSink.cpp
Examining data/liblivemedia-2020.01.19/liveMedia/MP3ADURTPSource.cpp
Examining data/liblivemedia-2020.01.19/liveMedia/MP3ADUTranscoder.cpp
Examining data/liblivemedia-2020.01.19/liveMedia/MP3AudioFileServerMediaSubsession.cpp
Examining data/liblivemedia-2020.01.19/liveMedia/MP3AudioMatroskaFileServerMediaSubsession.cpp
Examining data/liblivemedia-2020.01.19/liveMedia/MP3FileSource.cpp
Examining data/liblivemedia-2020.01.19/liveMedia/ProxyServerMediaSession.cpp
Examining data/liblivemedia-2020.01.19/liveMedia/MP3Internals.cpp
Examining data/liblivemedia-2020.01.19/liveMedia/MP3InternalsHuffman.cpp
Examining data/liblivemedia-2020.01.19/liveMedia/MP3InternalsHuffmanTable.cpp
Examining data/liblivemedia-2020.01.19/liveMedia/MP3StreamState.cpp
Examining data/liblivemedia-2020.01.19/liveMedia/MP3Transcoder.cpp
Examining data/liblivemedia-2020.01.19/liveMedia/MPEG1or2AudioRTPSink.cpp
Examining data/liblivemedia-2020.01.19/liveMedia/MPEG1or2AudioRTPSource.cpp
Examining data/liblivemedia-2020.01.19/liveMedia/MPEG1or2AudioStreamFramer.cpp
Examining data/liblivemedia-2020.01.19/liveMedia/MPEG1or2Demux.cpp
Examining data/liblivemedia-2020.01.19/liveMedia/MPEG1or2DemuxedElementaryStream.cpp
Examining data/liblivemedia-2020.01.19/liveMedia/MPEG4ESVideoRTPSink.cpp
Examining data/liblivemedia-2020.01.19/liveMedia/OggFile.cpp
Examining data/liblivemedia-2020.01.19/liveMedia/MPEG1or2DemuxedServerMediaSubsession.cpp
Examining data/liblivemedia-2020.01.19/liveMedia/MPEG1or2FileServerDemux.cpp
Examining data/liblivemedia-2020.01.19/liveMedia/MPEG1or2VideoFileServerMediaSubsession.cpp
Examining data/liblivemedia-2020.01.19/liveMedia/MPEG1or2VideoRTPSink.cpp
Examining data/liblivemedia-2020.01.19/liveMedia/MPEG1or2VideoRTPSource.cpp
Examining data/liblivemedia-2020.01.19/liveMedia/MPEG1or2VideoStreamDiscreteFramer.cpp
Examining data/liblivemedia-2020.01.19/liveMedia/MPEG1or2VideoStreamFramer.cpp
Examining data/liblivemedia-2020.01.19/liveMedia/MPEG2IndexFromTransportStream.cpp
Examining data/liblivemedia-2020.01.19/liveMedia/MPEG2TransportFileServerMediaSubsession.cpp
Examining data/liblivemedia-2020.01.19/liveMedia/MPEG2TransportStreamFramer.cpp
Examining data/liblivemedia-2020.01.19/liveMedia/MPEG2TransportStreamFromESSource.cpp
Examining data/liblivemedia-2020.01.19/liveMedia/OggDemuxedTrack.cpp
Examining data/liblivemedia-2020.01.19/liveMedia/MPEG2TransportStreamFromPESSource.cpp
Examining data/liblivemedia-2020.01.19/liveMedia/MPEG2TransportStreamIndexFile.cpp
Examining data/liblivemedia-2020.01.19/liveMedia/MPEG2TransportStreamTrickModeFilter.cpp
Examining data/liblivemedia-2020.01.19/liveMedia/MPEG2TransportUDPServerMediaSubsession.cpp
Examining data/liblivemedia-2020.01.19/liveMedia/MPEG4ESVideoRTPSource.cpp
Examining data/liblivemedia-2020.01.19/liveMedia/MPEG4GenericRTPSink.cpp
Examining data/liblivemedia-2020.01.19/liveMedia/MPEG4GenericRTPSource.cpp
Examining data/liblivemedia-2020.01.19/liveMedia/MPEG4LATMAudioRTPSink.cpp
Examining data/liblivemedia-2020.01.19/liveMedia/MPEG4LATMAudioRTPSource.cpp
Examining data/liblivemedia-2020.01.19/liveMedia/MPEG4VideoFileServerMediaSubsession.cpp
Examining data/liblivemedia-2020.01.19/liveMedia/MPEG4VideoStreamDiscreteFramer.cpp
Examining data/liblivemedia-2020.01.19/liveMedia/RTSPCommon.cpp
Examining data/liblivemedia-2020.01.19/liveMedia/MPEG4VideoStreamFramer.cpp
Examining data/liblivemedia-2020.01.19/liveMedia/MPEGVideoStreamFramer.cpp
Examining data/liblivemedia-2020.01.19/liveMedia/MPEGVideoStreamParser.cpp
Examining data/liblivemedia-2020.01.19/liveMedia/MultiFramedRTPSource.cpp
Examining data/liblivemedia-2020.01.19/liveMedia/OggFileParser.cpp
Examining data/liblivemedia-2020.01.19/liveMedia/OggFileServerDemux.cpp
Examining data/liblivemedia-2020.01.19/liveMedia/OggFileServerMediaSubsession.cpp
Examining data/liblivemedia-2020.01.19/liveMedia/MediaSession.cpp
Examining data/liblivemedia-2020.01.19/liveMedia/ourMD5.cpp
Examining data/liblivemedia-2020.01.19/liveMedia/OutputFile.cpp
Examining data/liblivemedia-2020.01.19/liveMedia/QCELPAudioRTPSource.cpp
Examining data/liblivemedia-2020.01.19/liveMedia/PassiveServerMediaSubsession.cpp
Examining data/liblivemedia-2020.01.19/liveMedia/QuickTimeFileSink.cpp
Examining data/liblivemedia-2020.01.19/liveMedia/QuickTimeGenericRTPSource.cpp
Examining data/liblivemedia-2020.01.19/liveMedia/RTCP.cpp
Examining data/liblivemedia-2020.01.19/liveMedia/rtcp_from_spec.c
Examining data/liblivemedia-2020.01.19/liveMedia/rtcp_from_spec.h
Examining data/liblivemedia-2020.01.19/liveMedia/RTPInterface.cpp
Examining data/liblivemedia-2020.01.19/liveMedia/RTPSource.cpp
Examining data/liblivemedia-2020.01.19/liveMedia/RTSPClient.cpp
Examining data/liblivemedia-2020.01.19/liveMedia/RTSPRegisterSender.cpp
Examining data/liblivemedia-2020.01.19/liveMedia/ServerMediaSession.cpp
Examining data/liblivemedia-2020.01.19/liveMedia/RTSPServerSupportingHTTPStreaming.cpp
Examining data/liblivemedia-2020.01.19/liveMedia/SimpleRTPSink.cpp
Examining data/liblivemedia-2020.01.19/liveMedia/SimpleRTPSource.cpp
Examining data/liblivemedia-2020.01.19/liveMedia/SIPClient.cpp
Examining data/liblivemedia-2020.01.19/liveMedia/TLSState.cpp
Examining data/liblivemedia-2020.01.19/liveMedia/StreamParser.cpp
Examining data/liblivemedia-2020.01.19/liveMedia/RTPSink.cpp
Examining data/liblivemedia-2020.01.19/liveMedia/StreamReplicator.cpp
Examining data/liblivemedia-2020.01.19/liveMedia/T140TextRTPSink.cpp
Examining data/liblivemedia-2020.01.19/liveMedia/TextRTPSink.cpp
Examining data/liblivemedia-2020.01.19/liveMedia/TheoraVideoRTPSink.cpp
Examining data/liblivemedia-2020.01.19/liveMedia/TheoraVideoRTPSource.cpp
Examining data/liblivemedia-2020.01.19/liveMedia/uLawAudioFilter.cpp
Examining data/liblivemedia-2020.01.19/liveMedia/VideoRTPSink.cpp
Examining data/liblivemedia-2020.01.19/liveMedia/VorbisAudioRTPSource.cpp
Examining data/liblivemedia-2020.01.19/liveMedia/VP8VideoRTPSink.cpp
Examining data/liblivemedia-2020.01.19/liveMedia/VP8VideoRTPSource.cpp
Examining data/liblivemedia-2020.01.19/liveMedia/VP9VideoRTPSink.cpp
Examining data/liblivemedia-2020.01.19/liveMedia/VP9VideoRTPSource.cpp
Examining data/liblivemedia-2020.01.19/liveMedia/WAVAudioFileSource.cpp
Examining data/liblivemedia-2020.01.19/liveMedia/RTSPServerRegister.cpp
Examining data/liblivemedia-2020.01.19/liveMedia/OnDemandServerMediaSubsession.cpp
Examining data/liblivemedia-2020.01.19/liveMedia/MultiFramedRTPSink.cpp
Examining data/liblivemedia-2020.01.19/liveMedia/MPEG2TransportStreamAccumulator.cpp
Examining data/liblivemedia-2020.01.19/liveMedia/WAVAudioFileServerMediaSubsession.cpp
Examining data/liblivemedia-2020.01.19/liveMedia/RawVideoRTPSource.cpp
Examining data/liblivemedia-2020.01.19/liveMedia/RawVideoRTPSink.cpp
Examining data/liblivemedia-2020.01.19/liveMedia/MPEG2TransportStreamParser.cpp
Examining data/liblivemedia-2020.01.19/liveMedia/GenericMediaServer.cpp
Examining data/liblivemedia-2020.01.19/liveMedia/JPEG2000VideoRTPSource.cpp
Examining data/liblivemedia-2020.01.19/liveMedia/JPEG2000VideoRTPSink.cpp
Examining data/liblivemedia-2020.01.19/liveMedia/OggFileSink.cpp
Examining data/liblivemedia-2020.01.19/liveMedia/VorbisAudioRTPSink.cpp
Examining data/liblivemedia-2020.01.19/liveMedia/MPEG2TransportStreamParser_PAT.cpp
Examining data/liblivemedia-2020.01.19/liveMedia/MPEG2TransportStreamParser_PMT.cpp
Examining data/liblivemedia-2020.01.19/liveMedia/HLSSegmenter.cpp
Examining data/liblivemedia-2020.01.19/liveMedia/TCPStreamSink.cpp
Examining data/liblivemedia-2020.01.19/liveMedia/MPEG2TransportStreamParser_STREAM.cpp
Examining data/liblivemedia-2020.01.19/liveMedia/MPEG2TransportStreamDemuxedTrack.cpp
Examining data/liblivemedia-2020.01.19/liveMedia/MPEG2TransportStreamDemux.cpp
Examining data/liblivemedia-2020.01.19/liveMedia/MPEG2TransportStreamMultiplexor.cpp
Examining data/liblivemedia-2020.01.19/liveMedia/RTSPServer.cpp
Examining data/liblivemedia-2020.01.19/groupsock/GroupEId.cpp
Examining data/liblivemedia-2020.01.19/groupsock/Groupsock.cpp
Examining data/liblivemedia-2020.01.19/groupsock/include/NetCommon.h
Examining data/liblivemedia-2020.01.19/groupsock/inet.c
Examining data/liblivemedia-2020.01.19/groupsock/IOHandlers.cpp
Examining data/liblivemedia-2020.01.19/groupsock/NetAddress.cpp
Examining data/liblivemedia-2020.01.19/groupsock/NetInterface.cpp
Examining data/liblivemedia-2020.01.19/groupsock/GroupsockHelper.cpp
Examining data/liblivemedia-2020.01.19/UsageEnvironment/HashTable.cpp
Examining data/liblivemedia-2020.01.19/UsageEnvironment/strDup.cpp
Examining data/liblivemedia-2020.01.19/UsageEnvironment/UsageEnvironment.cpp
Examining data/liblivemedia-2020.01.19/BasicUsageEnvironment/BasicHashTable.cpp
Examining data/liblivemedia-2020.01.19/BasicUsageEnvironment/BasicTaskScheduler.cpp
Examining data/liblivemedia-2020.01.19/BasicUsageEnvironment/BasicTaskScheduler0.cpp
Examining data/liblivemedia-2020.01.19/BasicUsageEnvironment/BasicUsageEnvironment.cpp
Examining data/liblivemedia-2020.01.19/BasicUsageEnvironment/BasicUsageEnvironment0.cpp
Examining data/liblivemedia-2020.01.19/BasicUsageEnvironment/DelayQueue.cpp
Examining data/liblivemedia-2020.01.19/testProgs/MPEG2TransportStreamIndexer.cpp
Examining data/liblivemedia-2020.01.19/testProgs/openRTSP.cpp
Examining data/liblivemedia-2020.01.19/testProgs/playCommon.cpp
Examining data/liblivemedia-2020.01.19/testProgs/playSIP.cpp
Examining data/liblivemedia-2020.01.19/testProgs/registerRTSPStream.cpp
Examining data/liblivemedia-2020.01.19/testProgs/sapWatch.cpp
Examining data/liblivemedia-2020.01.19/testProgs/testAMRAudioStreamer.cpp
Examining data/liblivemedia-2020.01.19/testProgs/testDVVideoStreamer.cpp
Examining data/liblivemedia-2020.01.19/testProgs/testGSMStreamer.cpp
Examining data/liblivemedia-2020.01.19/testProgs/testH264VideoStreamer.cpp
Examining data/liblivemedia-2020.01.19/testProgs/testH264VideoToTransportStream.cpp
Examining data/liblivemedia-2020.01.19/testProgs/testMKVStreamer.cpp
Examining data/liblivemedia-2020.01.19/testProgs/testH265VideoToTransportStream.cpp
Examining data/liblivemedia-2020.01.19/testProgs/testOggStreamer.cpp
Examining data/liblivemedia-2020.01.19/testProgs/testMP3Receiver.cpp
Examining data/liblivemedia-2020.01.19/testProgs/testMP3Streamer.cpp
Examining data/liblivemedia-2020.01.19/testProgs/testMPEG1or2AudioVideoStreamer.cpp
Examining data/liblivemedia-2020.01.19/testProgs/testMPEG1or2ProgramToTransportStream.cpp
Examining data/liblivemedia-2020.01.19/testProgs/testMPEG1or2Splitter.cpp
Examining data/liblivemedia-2020.01.19/testProgs/testMPEG1or2VideoReceiver.cpp
Examining data/liblivemedia-2020.01.19/testProgs/testMPEG1or2VideoStreamer.cpp
Examining data/liblivemedia-2020.01.19/testProgs/testMPEG2TransportReceiver.cpp
Examining data/liblivemedia-2020.01.19/testProgs/testMPEG2TransportStreamer.cpp
Examining data/liblivemedia-2020.01.19/testProgs/testMPEG2TransportStreamTrickPlay.cpp
Examining data/liblivemedia-2020.01.19/testProgs/testMPEG4VideoStreamer.cpp
Examining data/liblivemedia-2020.01.19/testProgs/testOnDemandRTSPServer.cpp
Examining data/liblivemedia-2020.01.19/testProgs/testRelay.cpp
Examining data/liblivemedia-2020.01.19/testProgs/testReplicator.cpp
Examining data/liblivemedia-2020.01.19/testProgs/testRTSPClient.cpp
Examining data/liblivemedia-2020.01.19/testProgs/testWAVAudioStreamer.cpp
Examining data/liblivemedia-2020.01.19/testProgs/vobStreamer.cpp
Examining data/liblivemedia-2020.01.19/testProgs/testH265VideoStreamer.cpp
Examining data/liblivemedia-2020.01.19/testProgs/testMKVSplitter.cpp
Examining data/liblivemedia-2020.01.19/testProgs/mikeyParse.cpp
Examining data/liblivemedia-2020.01.19/testProgs/testH264VideoToHLSSegments.cpp
Examining data/liblivemedia-2020.01.19/testProgs/live555HLSProxy.cpp
Examining data/liblivemedia-2020.01.19/testProgs/testMPEG2TransportStreamSplitter.cpp
Examining data/liblivemedia-2020.01.19/mediaServer/DynamicRTSPServer.cpp
Examining data/liblivemedia-2020.01.19/mediaServer/live555MediaServer.cpp
Examining data/liblivemedia-2020.01.19/proxyServer/live555ProxyServer.cpp
Examining data/liblivemedia-2020.01.19/WindowsAudioInputDevice/showAudioInputPorts.cpp
Examining data/liblivemedia-2020.01.19/WindowsAudioInputDevice/WindowsAudioInputDevice_common.cpp
Examining data/liblivemedia-2020.01.19/WindowsAudioInputDevice/WindowsAudioInputDevice_mixer.cpp
Examining data/liblivemedia-2020.01.19/WindowsAudioInputDevice/WindowsAudioInputDevice_noMixer.cpp
FINAL RESULTS:
data/liblivemedia-2020.01.19/BasicUsageEnvironment/BasicUsageEnvironment0.cpp:23:9: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
#define snprintf _snprintf
data/liblivemedia-2020.01.19/BasicUsageEnvironment/BasicUsageEnvironment0.cpp:23:18: [4] (format) _snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
#define snprintf _snprintf
data/liblivemedia-2020.01.19/WindowsAudioInputDevice/WindowsAudioInputDevice_mixer.cpp:110:7: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(portNameBuffer, portNameFmt, mixer.ports[j].name, mixerNameBuffer);
data/liblivemedia-2020.01.19/WindowsAudioInputDevice/WindowsAudioInputDevice_mixer.cpp:215:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(resultMsg, "Failed to enable input port: %s failed (0x%08x)\n", errReason, errCode);
data/liblivemedia-2020.01.19/groupsock/GroupsockHelper.cpp:753:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(tmp, "This computer has an invalid IP address: %s", AddressString(from).val());
data/liblivemedia-2020.01.19/liveMedia/AMRAudioFileSink.cpp:76:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(headerBuffer, "#!AMR%s%s\n",
data/liblivemedia-2020.01.19/liveMedia/DVVideoRTPSink.cpp:92:3: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(fFmtpSDPLine, fmtpSDPFmt, rtpPayloadType(), profileName);
data/liblivemedia-2020.01.19/liveMedia/DigestAuthentication.cpp:118:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf((char*)ha1Data, "%s:%s:%s", username(), realm(), password());
data/liblivemedia-2020.01.19/liveMedia/DigestAuthentication.cpp:125:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf((char*)ha2Data, "%s:%s", cmd, url);
data/liblivemedia-2020.01.19/liveMedia/DigestAuthentication.cpp:133:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf((char*)digestData, "%s:%s:%s",
data/liblivemedia-2020.01.19/liveMedia/FileSink.cpp:100:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(fPerFrameFileNameBuffer, "%s-%lu.%06lu-%u", fPerFrameFileNamePrefix,
data/liblivemedia-2020.01.19/liveMedia/FileSink.cpp:103:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(fPerFrameFileNameBuffer, "%s-%lu.%06lu", fPerFrameFileNamePrefix,
data/liblivemedia-2020.01.19/liveMedia/GenericMediaServer.cpp:25:9: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
#define snprintf _snprintf
data/liblivemedia-2020.01.19/liveMedia/GenericMediaServer.cpp:25:18: [4] (format) _snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
#define snprintf _snprintf
data/liblivemedia-2020.01.19/liveMedia/H264VideoRTPSink.cpp:121:3: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(fmtp, fmtpFmt,
data/liblivemedia-2020.01.19/liveMedia/H265VideoRTPSink.cpp:166:3: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(fmtp, fmtpFmt,
data/liblivemedia-2020.01.19/liveMedia/HLSSegmenter.cpp:74:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(fOutputSegmentFileName, "%s%03u.ts", fFileNamePrefix, fCurrentSegmentCounter);
data/liblivemedia-2020.01.19/liveMedia/MP3InternalsHuffman.cpp:353:5: [4] (buffer) sscanf:
The scanf() family's %s operation, without a limit specification, permits
buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
different input function.
sscanf(line,"%s %s %u %u %u %u",command,rsf_ht[n].tablename,
data/liblivemedia-2020.01.19/liveMedia/MP3InternalsHuffman.cpp:376:5: [4] (buffer) sscanf:
The scanf() family's %s operation, without a limit specification, permits
buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
different input function.
sscanf(line,"%s %u",command,&t);
data/liblivemedia-2020.01.19/liveMedia/MP3StreamState.cpp:26:9: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
#define snprintf _snprintf
data/liblivemedia-2020.01.19/liveMedia/MP3StreamState.cpp:26:18: [4] (format) _snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
#define snprintf _snprintf
data/liblivemedia-2020.01.19/liveMedia/MP3StreamState.cpp:182:3: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(buffer, formatStr,
data/liblivemedia-2020.01.19/liveMedia/MP3StreamState.cpp:186:3: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf(buffer, bufferSize, formatStr,
data/liblivemedia-2020.01.19/liveMedia/MPEG2TransportStreamParser_STREAM.cpp:295:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(fileName, "%s-0x%04x-0x%04x%s",
data/liblivemedia-2020.01.19/liveMedia/MPEG4ESVideoRTPSink.cpp:130:3: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(fmtp, fmtpFmt, rtpPayloadType(), fProfileAndLevelIndication);
data/liblivemedia-2020.01.19/liveMedia/MPEG4GenericRTPSink.cpp:65:3: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(fmtp, fmtpFmt,
data/liblivemedia-2020.01.19/liveMedia/MPEG4GenericRTPSource.cpp:91:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(fMIMEType, "%s/MPEG4-GENERIC", mediumName);
data/liblivemedia-2020.01.19/liveMedia/MPEG4LATMAudioRTPSink.cpp:42:3: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(fmtp, fmtpFmt,
data/liblivemedia-2020.01.19/liveMedia/MatroskaFile.cpp:58:15: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
static void fprintf(FILE* fid, CuePoint* cuePoint); // used for debugging; it's static to allow for "cuePoint == NULL"
data/liblivemedia-2020.01.19/liveMedia/MatroskaFile.cpp:692:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(sPropParameterSetsStr, "%s,%s", sps_base64, pps_base64);
data/liblivemedia-2020.01.19/liveMedia/MatroskaFile.cpp:773:13: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
CuePoint::fprintf(fid, fCuePoints);
data/liblivemedia-2020.01.19/liveMedia/MatroskaFile.cpp:1028:16: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
void CuePoint::fprintf(FILE* fid, CuePoint* cuePoint) {
data/liblivemedia-2020.01.19/liveMedia/MatroskaFile.cpp:1031:5: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(fid, cuePoint->left());
data/liblivemedia-2020.01.19/liveMedia/MatroskaFile.cpp:1035:5: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(fid, cuePoint->right());
data/liblivemedia-2020.01.19/liveMedia/MediaSession.cpp:141:10: [4] (buffer) sscanf:
The scanf() family's %s operation, without a limit specification, permits
buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
different input function.
if ((sscanf(sdpLine, "m=%s %hu RTP/AVP %u",
data/liblivemedia-2020.01.19/liveMedia/MediaSession.cpp:143:3: [4] (buffer) sscanf:
The scanf() family's %s operation, without a limit specification, permits
buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
different input function.
sscanf(sdpLine, "m=%s %hu/%*u RTP/AVP %u",
data/liblivemedia-2020.01.19/liveMedia/MediaSession.cpp:147:17: [4] (buffer) sscanf:
The scanf() family's %s operation, without a limit specification, permits
buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
different input function.
} else if ((sscanf(sdpLine, "m=%s %hu UDP %u",
data/liblivemedia-2020.01.19/liveMedia/MediaSession.cpp:149:3: [4] (buffer) sscanf:
The scanf() family's %s operation, without a limit specification, permits
buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
different input function.
sscanf(sdpLine, "m=%s %hu udp %u",
data/liblivemedia-2020.01.19/liveMedia/MediaSession.cpp:151:3: [4] (buffer) sscanf:
The scanf() family's %s operation, without a limit specification, permits
buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
different input function.
sscanf(sdpLine, "m=%s %hu RAW/RAW/UDP %u",
data/liblivemedia-2020.01.19/liveMedia/MediaSession.cpp:287:7: [4] (buffer) sscanf:
The scanf() family's %s operation, without a limit specification, permits
buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
different input function. If the scanf format is influenceable by an
attacker, it's exploitable.
if (sscanf(sdpLine, searchFormat, buffer) == 1) {
data/liblivemedia-2020.01.19/liveMedia/MediaSession.cpp:303:7: [4] (buffer) sscanf:
The scanf() family's %s operation, without a limit specification, permits
buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
different input function. If the scanf format is influenceable by an
attacker, it's exploitable.
if (sscanf(sdpLine, searchFormat, buffer1, buffer2) == 2) {
data/liblivemedia-2020.01.19/liveMedia/MediaSession.cpp:1010:10: [4] (buffer) sscanf:
The scanf() family's %s operation, without a limit specification, permits
buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
different input function.
|| sscanf(sdpLine, "a=rtpmap: %u %s",
data/liblivemedia-2020.01.19/liveMedia/MediaSession.cpp:1344:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(mimeType, "%s/%s", mediumName(), codecName());
data/liblivemedia-2020.01.19/liveMedia/MediaSession.cpp:1391:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(mimeType, "%s/%s", mediumName(), codecName());
data/liblivemedia-2020.01.19/liveMedia/MediaSession.cpp:1425:9: [4] (buffer) sscanf:
The scanf() family's %s operation, without a limit specification, permits
buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
different input function. If the scanf format is influenceable by an
attacker, it's exploitable.
if (sscanf(fStrValueToLower, valueIsHexadecimal ? "%x" : "%d", &fIntValue) != 1) {
data/liblivemedia-2020.01.19/liveMedia/OnDemandServerMediaSubsession.cpp:455:3: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(sdpLines, sdpFmt,
data/liblivemedia-2020.01.19/liveMedia/PassiveServerMediaSubsession.cpp:108:5: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(sdpLines, sdpFmt,
data/liblivemedia-2020.01.19/liveMedia/QuickTimeFileSink.cpp:2185:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(description, "Hinted %s track",
data/liblivemedia-2020.01.19/liveMedia/QuickTimeFileSink.cpp:2235:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(newSDPLines, "%s%s%d\r\n",
data/liblivemedia-2020.01.19/liveMedia/QuickTimeFileSink.cpp:2328:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(rtpmapString, "%s/%d",
data/liblivemedia-2020.01.19/liveMedia/RTCP.cpp:25:9: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
#define snprintf _snprintf
data/liblivemedia-2020.01.19/liveMedia/RTCP.cpp:25:18: [4] (format) _snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
#define snprintf _snprintf
data/liblivemedia-2020.01.19/liveMedia/RTPSink.cpp:150:5: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(rtpmapLine, rtpmapFmt,
data/liblivemedia-2020.01.19/liveMedia/RTSPClient.cpp:132:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(paramString, "%s: %s\r\n", parameterName, parameterValue);
data/liblivemedia-2020.01.19/liveMedia/RTSPClient.cpp:150:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(paramString, "%s\r\n", parameterName);
data/liblivemedia-2020.01.19/liveMedia/RTSPClient.cpp:361:3: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(fUserAgentHeaderStr, formatStr, userAgentName);
data/liblivemedia-2020.01.19/liveMedia/RTSPClient.cpp:404:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(userAgentName, "%s%s%s%s%s", applicationName, libPrefix, libName, libVersionStr, libSuffix);
data/liblivemedia-2020.01.19/liveMedia/RTSPClient.cpp:501:7: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(contentLengthHeader, contentLengthHeaderFmt, contentStrLen);
data/liblivemedia-2020.01.19/liveMedia/RTSPClient.cpp:525:5: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(cmd, cmdFmt,
data/liblivemedia-2020.01.19/liveMedia/RTSPClient.cpp:553:7: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(err, errFmt, request->commandName());
data/liblivemedia-2020.01.19/liveMedia/RTSPClient.cpp:584:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(sessionStr, "Session: %s\r\n", sessionId);
data/liblivemedia-2020.01.19/liveMedia/RTSPClient.cpp:685:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(cmdURL, "%s%s%s", prefix, separator, suffix);
data/liblivemedia-2020.01.19/liveMedia/RTSPClient.cpp:715:5: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(transportStr, transportFmt,
data/liblivemedia-2020.01.19/liveMedia/RTSPClient.cpp:728:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(extraHeaders, "%s%s%s", transportStr, sessionStr, blocksizeStr);
data/liblivemedia-2020.01.19/liveMedia/RTSPClient.cpp:770:7: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(extraHeaders, extraHeadersFmt,
data/liblivemedia-2020.01.19/liveMedia/RTSPClient.cpp:787:7: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(extraHeaders, extraHeadersFmt,
data/liblivemedia-2020.01.19/liveMedia/RTSPClient.cpp:812:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(cmdURL, "%s%s%s", prefix, separator, suffix);
data/liblivemedia-2020.01.19/liveMedia/RTSPClient.cpp:828:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(extraHeaders, "%s%s%s%s", sessionStr, scaleStr, speedStr, rangeStr);
data/liblivemedia-2020.01.19/liveMedia/RTSPClient.cpp:949:7: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(authenticatorStr, authFmt,
data/liblivemedia-2020.01.19/liveMedia/RTSPClient.cpp:958:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(usernamePassword, "%s:%s", auth.username(), auth.password());
data/liblivemedia-2020.01.19/liveMedia/RTSPClient.cpp:963:7: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(authenticatorStr, authFmt, response);
data/liblivemedia-2020.01.19/liveMedia/RTSPClient.cpp:1794:6: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(newBaseURL, "%.*s/stream=%s",
data/liblivemedia-2020.01.19/liveMedia/RTSPRegisterSender.cpp:38:3: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(fakeRTSPURL, fakeRTSPURLFmt, remoteClientNameOrAddress, remoteClientPortNum);
data/liblivemedia-2020.01.19/liveMedia/RTSPRegisterSender.cpp:122:7: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(proxyURLSuffixParameterStr, proxyURLSuffixParameterFmt, request_REGISTER->proxyURLSuffix());
data/liblivemedia-2020.01.19/liveMedia/RTSPRegisterSender.cpp:128:5: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(transportHeaderStr, transportHeaderFmt,
data/liblivemedia-2020.01.19/liveMedia/RTSPRegisterSender.cpp:202:7: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(proxyURLSuffixParameterStr, proxyURLSuffixParameterFmt, request_DEREGISTER->proxyURLSuffix());
data/liblivemedia-2020.01.19/liveMedia/RTSPRegisterSender.cpp:208:5: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(transportHeaderStr, transportHeaderFmt,
data/liblivemedia-2020.01.19/liveMedia/RTSPServer.cpp:62:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(resultURL, "%s%s", urlPrefix, sessionName);
data/liblivemedia-2020.01.19/liveMedia/RTSPServer.cpp:84:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(urlBuffer, "rtsp://%s/", AddressString(ourAddress).val());
data/liblivemedia-2020.01.19/liveMedia/RTSPServer.cpp:86:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(urlBuffer, "rtsp://%s:%hu/",
data/liblivemedia-2020.01.19/liveMedia/RTSPServer.cpp:323:7: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(urlTotalSuffix, urlPreSuffix);
data/liblivemedia-2020.01.19/liveMedia/RTSPServer.cpp:326:5: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(urlTotalSuffix, urlSuffix);
data/liblivemedia-2020.01.19/liveMedia/RTSPServer.cpp:774:6: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(urlTotalSuffix, urlPreSuffix);
data/liblivemedia-2020.01.19/liveMedia/RTSPServer.cpp:777:4: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(urlTotalSuffix, urlSuffix);
data/liblivemedia-2020.01.19/liveMedia/RTSPServer.cpp:811:6: [4] (buffer) sscanf:
The scanf() family's %s operation, without a limit specification, permits
buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
different input function.
if (sscanf((char*)fRequestBuffer, "%*s %s", url) == 1) {
data/liblivemedia-2020.01.19/liveMedia/RTSPServer.cpp:1278:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(concatenatedStreamName, "%s/%s", urlPreSuffix, urlSuffix);
data/liblivemedia-2020.01.19/liveMedia/RTSPServer.cpp:1740:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buf, "Range: clock=%s-\r\n", absStart);
data/liblivemedia-2020.01.19/liveMedia/RTSPServer.cpp:1742:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buf, "Range: clock=%s-%s\r\n", absStart, absEnd);
data/liblivemedia-2020.01.19/liveMedia/RTSPServer.cpp:1795:7: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(rtpInfo, rtpInfoFmt,
data/liblivemedia-2020.01.19/liveMedia/RTSPServerRegister.cpp:361:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(fAllowedCommandNames, "%s%s", baseAllowedCommandNames, newAllowedCommandName);
data/liblivemedia-2020.01.19/liveMedia/RTSPServerSupportingHTTPStreaming.cpp:210:3: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(s, playlistPrefixFmt, targetDuration);
data/liblivemedia-2020.01.19/liveMedia/RTSPServerSupportingHTTPStreaming.cpp:217:5: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(s, playlistMediaFileSpecFmt, dur, urlSuffix, durSoFar, dur);
data/liblivemedia-2020.01.19/liveMedia/RTSPServerSupportingHTTPStreaming.cpp:224:3: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(s, playlistSuffixFmt);
data/liblivemedia-2020.01.19/liveMedia/RawVideoRTPSink.cpp:44:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(fFmtpSDPLine, "a=fmtp:%d sampling=%s;width=%u;height=%u;depth=%u;colorimetry=%s\r\n",
data/liblivemedia-2020.01.19/liveMedia/SIPClient.cpp:49:3: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(fUserAgentHeaderStr, formatStr, userAgentName);
data/liblivemedia-2020.01.19/liveMedia/SIPClient.cpp:120:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(userAgentName, "%s%s%s%s%s",
data/liblivemedia-2020.01.19/liveMedia/SIPClient.cpp:218:7: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(rtpmapLine, rtpmapFmt,
data/liblivemedia-2020.01.19/liveMedia/SIPClient.cpp:242:5: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(fInviteSDPDescription, inviteSDPFmt,
data/liblivemedia-2020.01.19/liveMedia/SIPClient.cpp:278:5: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(fInviteCmd, cmdFmt,
data/liblivemedia-2020.01.19/liveMedia/SIPClient.cpp:540:11: [4] (buffer) sscanf:
The scanf() family's %s operation, without a limit specification, permits
buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
different input function.
if (sscanf(lineStart, "To:%*[^;]; tag=%s", toTagStr) == 1) {
data/liblivemedia-2020.01.19/liveMedia/SIPClient.cpp:669:5: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(cmd, cmdFmt,
data/liblivemedia-2020.01.19/liveMedia/SIPClient.cpp:711:5: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(cmd, cmdFmt,
data/liblivemedia-2020.01.19/liveMedia/SIPClient.cpp:882:5: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(authenticatorStr, authFmt,
data/liblivemedia-2020.01.19/liveMedia/ServerMediaSession.cpp:28:9: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
#define snprintf _snprintf
data/liblivemedia-2020.01.19/liveMedia/ServerMediaSession.cpp:28:18: [4] (format) _snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
#define snprintf _snprintf
data/liblivemedia-2020.01.19/liveMedia/ServerMediaSession.cpp:74:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(libNamePlusVersionStr, "%s%s", libNameStr, libVersionStr);
data/liblivemedia-2020.01.19/liveMedia/ServerMediaSession.cpp:224:5: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(sourceFilterLine, sourceFilterFmt, ipAddressStr.val());
data/liblivemedia-2020.01.19/liveMedia/ServerMediaSession.cpp:287:5: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf(sdp, sdpLength, sdpPrefixFmt,
data/liblivemedia-2020.01.19/liveMedia/ServerMediaSession.cpp:434:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buf, "a=range:clock=%s-%s\r\n", absStart, absEnd);
data/liblivemedia-2020.01.19/liveMedia/ServerMediaSession.cpp:436:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buf, "a=range:clock=%s-\r\n", absStart);
data/liblivemedia-2020.01.19/liveMedia/TheoraVideoRTPSink.cpp:105:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(fFmtpSDPLine, "a=fmtp:%d sampling=%s;width=%u;height=%u;delivery-method=out_band/rtsp;configuration=%s\r\n", rtpPayloadType(), pf_to_str[pf], width, height, base64PackedHeaders);
data/liblivemedia-2020.01.19/liveMedia/VorbisAudioRTPSink.cpp:114:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(fFmtpSDPLine, "a=fmtp:%d configuration=%s\r\n", rtpPayloadType(), base64PackedHeaders);
data/liblivemedia-2020.01.19/mediaServer/DynamicRTSPServer.cpp:188:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(indexFileName, "%sx", fileName);
data/liblivemedia-2020.01.19/proxyServer/live555ProxyServer.cpp:217:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(streamName, "%s", "proxyStream"); // there's just one stream; give it this name
data/liblivemedia-2020.01.19/testProgs/MPEG2TransportStreamIndexer.cpp:69:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(outputFileName, "%sx", inputFileName);
data/liblivemedia-2020.01.19/testProgs/live555HLSProxy.cpp:289:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(ourM3U8FileName, "%s.m3u8", hlsPrefix);
data/liblivemedia-2020.01.19/testProgs/playCommon.cpp:29:9: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
#define snprintf _snprintf
data/liblivemedia-2020.01.19/testProgs/playCommon.cpp:29:18: [4] (format) _snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
#define snprintf _snprintf
data/liblivemedia-2020.01.19/testProgs/testH264VideoToHLSSegments.cpp:76:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(ourM3U8FileName, "%s.m3u8", OUR_HLS_FILENAME_PREFIX);
data/liblivemedia-2020.01.19/testProgs/testMKVSplitter.cpp:85:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(fileName, "%s-%d", mimeType, trackNumber);
data/liblivemedia-2020.01.19/testProgs/testMPEG2TransportStreamTrickPlay.cpp:77:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(indexFileName, "%sx", inputFileName);
data/liblivemedia-2020.01.19/groupsock/inet.c:65:10: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
return random();
data/liblivemedia-2020.01.19/groupsock/inet.c:70:3: [3] (random) srand:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
srand(x);
data/liblivemedia-2020.01.19/groupsock/inet.c:72:3: [3] (random) srandom:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
srandom(x);
data/liblivemedia-2020.01.19/liveMedia/rtcp_from_spec.c:149:17: [3] (random) drand48:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
t = t * (drand48() + 0.5);
data/liblivemedia-2020.01.19/liveMedia/rtcp_from_spec.h:46:9: [3] (random) drand48:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
#define drand48 drand30
data/liblivemedia-2020.01.19/BasicUsageEnvironment/BasicUsageEnvironment0.cpp:72:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char errMsg[RESULT_MSG_BUFFER_MAX] = "\0";
data/liblivemedia-2020.01.19/UsageEnvironment/strDup.cpp:29:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(copy, str, len);
data/liblivemedia-2020.01.19/WindowsAudioInputDevice/WindowsAudioInputDevice_common.cpp:45:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char errMsgPrefix[100];
data/liblivemedia-2020.01.19/WindowsAudioInputDevice/WindowsAudioInputDevice_common.cpp:46:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(errMsgPrefix, "Failed to set audio input port number to %d: ", portIndex);
data/liblivemedia-2020.01.19/WindowsAudioInputDevice/WindowsAudioInputDevice_mixer.cpp:29:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[MIXER_LONG_NAME_CHARS];
data/liblivemedia-2020.01.19/WindowsAudioInputDevice/WindowsAudioInputDevice_mixer.cpp:37:8: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
void open(unsigned numChannels, unsigned samplingFrequency, unsigned granularityInMS);
data/liblivemedia-2020.01.19/WindowsAudioInputDevice/WindowsAudioInputDevice_mixer.cpp:38:8: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
void open(); // open with default parameters
data/liblivemedia-2020.01.19/WindowsAudioInputDevice/WindowsAudioInputDevice_mixer.cpp:48:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[MAXPNAMELEN];
data/liblivemedia-2020.01.19/WindowsAudioInputDevice/WindowsAudioInputDevice_mixer.cpp:81:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char portNameBuffer[2*MAXPNAMELEN+10/*slop*/];
data/liblivemedia-2020.01.19/WindowsAudioInputDevice/WindowsAudioInputDevice_mixer.cpp:82:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char mixerNameBuffer[MAXPNAMELEN];
data/liblivemedia-2020.01.19/WindowsAudioInputDevice/WindowsAudioInputDevice_mixer.cpp:151:11: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
mixer.open();
data/liblivemedia-2020.01.19/WindowsAudioInputDevice/WindowsAudioInputDevice_mixer.cpp:206:28: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
ourMixers[fCurMixerId].open(fNumChannels, fSamplingFrequency, fGranularityInMS);
data/liblivemedia-2020.01.19/WindowsAudioInputDevice/WindowsAudioInputDevice_mixer.cpp:214:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char resultMsg[100];
data/liblivemedia-2020.01.19/WindowsAudioInputDevice/WindowsAudioInputDevice_mixer.cpp:241:13: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
void Mixer::open(unsigned numChannels, unsigned samplingFrequency, unsigned granularityInMS) {
data/liblivemedia-2020.01.19/WindowsAudioInputDevice/WindowsAudioInputDevice_mixer.cpp:301:13: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
void Mixer::open() {
data/liblivemedia-2020.01.19/WindowsAudioInputDevice/WindowsAudioInputDevice_mixer.cpp:302:3: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
open(1, 8000, 20);
data/liblivemedia-2020.01.19/WindowsAudioInputDevice/WindowsAudioInputDevice_mixer.cpp:323:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&mlc, &mlt, sizeof mlc);
data/liblivemedia-2020.01.19/WindowsAudioInputDevice/WindowsAudioInputDevice_mixer.cpp:381:5: [2] (buffer) wchar_t:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
wchar_t portname[MIXER_LONG_NAME_CHARS+1];
data/liblivemedia-2020.01.19/WindowsAudioInputDevice/WindowsAudioInputDevice_mixer.cpp:384:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char portname[MIXER_LONG_NAME_CHARS+1];
data/liblivemedia-2020.01.19/WindowsAudioInputDevice/WindowsAudioInputDevice_noMixer.cpp:27:8: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
void open(unsigned numChannels, unsigned samplingFrequency, unsigned granularityInMS);
data/liblivemedia-2020.01.19/WindowsAudioInputDevice/WindowsAudioInputDevice_noMixer.cpp:28:8: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
void open(); // open with default parameters
data/liblivemedia-2020.01.19/WindowsAudioInputDevice/WindowsAudioInputDevice_noMixer.cpp:33:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[MAXPNAMELEN];
data/liblivemedia-2020.01.19/WindowsAudioInputDevice/WindowsAudioInputDevice_noMixer.cpp:103:10: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
port.open(); // to set the port name
data/liblivemedia-2020.01.19/WindowsAudioInputDevice/WindowsAudioInputDevice_noMixer.cpp:136:39: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
ourAudioInputPorts[fCurPortIndex].open(fNumChannels, fSamplingFrequency, fGranularityInMS);
data/liblivemedia-2020.01.19/WindowsAudioInputDevice/WindowsAudioInputDevice_noMixer.cpp:149:22: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
void AudioInputPort::open(unsigned numChannels, unsigned samplingFrequency, unsigned granularityInMS) {
data/liblivemedia-2020.01.19/WindowsAudioInputDevice/WindowsAudioInputDevice_noMixer.cpp:174:22: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
void AudioInputPort::open() {
data/liblivemedia-2020.01.19/WindowsAudioInputDevice/WindowsAudioInputDevice_noMixer.cpp:175:3: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
open(1, 8000, 20);
data/liblivemedia-2020.01.19/groupsock/Groupsock.cpp:544:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[100];
data/liblivemedia-2020.01.19/groupsock/Groupsock.cpp:545:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, "trying to use bad socket (%d)", sock);
data/liblivemedia-2020.01.19/groupsock/Groupsock.cpp:556:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[100];
data/liblivemedia-2020.01.19/groupsock/Groupsock.cpp:557:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, "Attempting to replace an existing socket (%d)", sock);
data/liblivemedia-2020.01.19/groupsock/GroupsockHelper.cpp:156:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmpBuffer[100];
data/liblivemedia-2020.01.19/groupsock/GroupsockHelper.cpp:157:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(tmpBuffer, "bind() error (port number: %d): ",
data/liblivemedia-2020.01.19/groupsock/GroupsockHelper.cpp:304:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmpBuffer[100];
data/liblivemedia-2020.01.19/groupsock/GroupsockHelper.cpp:305:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(tmpBuffer, "bind() error (port number: %d): ",
data/liblivemedia-2020.01.19/groupsock/GroupsockHelper.cpp:401:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmpBuf[100];
data/liblivemedia-2020.01.19/groupsock/GroupsockHelper.cpp:402:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(tmpBuf, "writeSocket(%d), sendTo() error: wrote %d bytes instead of %u: ", socket, bytesSent, bufferSize);
data/liblivemedia-2020.01.19/groupsock/GroupsockHelper.cpp:700:16: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char readBuffer[20];
data/liblivemedia-2020.01.19/groupsock/GroupsockHelper.cpp:722:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char hostname[100];
data/liblivemedia-2020.01.19/groupsock/GroupsockHelper.cpp:752:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmp[100];
data/liblivemedia-2020.01.19/groupsock/GroupsockHelper.cpp:787:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char timeString[9]; // holds hh:mm:ss plus trailing '\0'
data/liblivemedia-2020.01.19/groupsock/GroupsockHelper.cpp:792:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(timeString, "??:??:??");
data/liblivemedia-2020.01.19/groupsock/GroupsockHelper.cpp:805:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char timeString[50];
data/liblivemedia-2020.01.19/groupsock/GroupsockHelper.cpp:806:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(timeString, "%lu.%06ld", tvNow.tv_sec, tvNow.tv_usec);
data/liblivemedia-2020.01.19/groupsock/IOHandlers.cpp:35:17: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static unsigned char ioBuffer[ioBufferSize];
data/liblivemedia-2020.01.19/groupsock/NetAddress.cpp:104:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char hostentBuf[512];
data/liblivemedia-2020.01.19/groupsock/NetAddress.cpp:307:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(fVal, "%u.%u.%u.%u", (addrNBO>>24)&0xFF, (addrNBO>>16)&0xFF, (addrNBO>>8)&0xFF, addrNBO&0xFF);
data/liblivemedia-2020.01.19/liveMedia/AC3AudioRTPSink.cpp:56:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char headers[2];
data/liblivemedia-2020.01.19/liveMedia/ADTSAudioFileSource.cpp:43:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char fixedHeader[4]; // it's actually 3.5 bytes long
data/liblivemedia-2020.01.19/liveMedia/ADTSAudioFileSource.cpp:104:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char audioSpecificConfig[2];
data/liblivemedia-2020.01.19/liveMedia/ADTSAudioFileSource.cpp:108:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(fConfigStr, "%02X%02x", audioSpecificConfig[0], audioSpecificConfig[1]);
data/liblivemedia-2020.01.19/liveMedia/ADTSAudioFileSource.cpp:119:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char headers[7];
data/liblivemedia-2020.01.19/liveMedia/AMRAudioFileSink.cpp:75:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char headerBuffer[100];
data/liblivemedia-2020.01.19/liveMedia/AMRAudioFileSource.cpp:41:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[100];
data/liblivemedia-2020.01.19/liveMedia/AMRAudioFileSource.cpp:62:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char channelDesc[4];
data/liblivemedia-2020.01.19/liveMedia/AMRAudioRTPSink.cpp:129:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[100];
data/liblivemedia-2020.01.19/liveMedia/AMRAudioRTPSink.cpp:130:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, "a=fmtp:%d octet-align=1\r\n", rtpPayloadType());
data/liblivemedia-2020.01.19/liveMedia/Base64.cpp:25:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char base64DecodeTable[256];
data/liblivemedia-2020.01.19/liveMedia/Base64.cpp:61:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char inTmp[4], outTmp[4];
data/liblivemedia-2020.01.19/liveMedia/BitVector.cpp:38:17: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static unsigned char const singleBitMask[8]
data/liblivemedia-2020.01.19/liveMedia/BitVector.cpp:46:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char tmpBuf[4];
data/liblivemedia-2020.01.19/liveMedia/BitVector.cpp:86:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char tmpBuf[4];
data/liblivemedia-2020.01.19/liveMedia/ByteStreamMultiFileSource.cpp:36:26: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
fFileNameArray = new char const*[fNumSources];
data/liblivemedia-2020.01.19/liveMedia/DigestAuthentication.cpp:91:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char nonceBuf[33];
data/liblivemedia-2020.01.19/liveMedia/DigestAuthentication.cpp:110:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ha1Buf[33];
data/liblivemedia-2020.01.19/liveMedia/DigestAuthentication.cpp:126:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ha2Buf[33];
data/liblivemedia-2020.01.19/liveMedia/EBMLNumber.cpp:31:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char printBuf[2*EBML_NUMBER_MAX_LEN + 1];
data/liblivemedia-2020.01.19/liveMedia/EBMLNumber.cpp:35:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(to, "%02X", data[i]);
data/liblivemedia-2020.01.19/liveMedia/GenericMediaServer.cpp:271:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char sessionIdStr[8+1];
data/liblivemedia-2020.01.19/liveMedia/GenericMediaServer.cpp:272:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(sessionIdStr, "%08X", fOurSessionId);
data/liblivemedia-2020.01.19/liveMedia/GenericMediaServer.cpp:319:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char sessionIdStr[8+1];
data/liblivemedia-2020.01.19/liveMedia/GenericMediaServer.cpp:340:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char sessionIdStr[8+1];
data/liblivemedia-2020.01.19/liveMedia/H263plusVideoStreamParser.cpp:174:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(fTo, fNextHeader, H263_REQUIRE_HEADER_SIZE_BYTES);
data/liblivemedia-2020.01.19/liveMedia/H263plusVideoStreamParser.cpp:208:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(fNextHeader, bufferIndex - H263_STARTCODE_SIZE_BYTES, H263_REQUIRE_HEADER_SIZE_BYTES);
data/liblivemedia-2020.01.19/liveMedia/H263plusVideoStreamParser.cpp:213:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(fTo, fTo+H263_REQUIRE_HEADER_SIZE_BYTES, H263_REQUIRE_HEADER_SIZE_BYTES);
data/liblivemedia-2020.01.19/liveMedia/H264or5VideoFileSink.cpp:44:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char const start_code[4] = {0x00, 0x00, 0x00, 0x01};
data/liblivemedia-2020.01.19/liveMedia/H264or5VideoStreamFramer.cpp:230:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char const* nal_unit_type_description_h264[32] = {
data/liblivemedia-2020.01.19/liveMedia/H264or5VideoStreamFramer.cpp:264:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char const* nal_unit_type_description_h265[64] = {
data/liblivemedia-2020.01.19/liveMedia/H264or5VideoStreamFramer.cpp:809:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char const* sei_payloadType_description_h264[MAX_SEI_PAYLOAD_TYPE_DESCRIPTION_H264+1] = {
data/liblivemedia-2020.01.19/liveMedia/H265VideoRTPSink.cpp:137:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char interopConstraintsStr[100];
data/liblivemedia-2020.01.19/liveMedia/H265VideoRTPSink.cpp:138:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(interopConstraintsStr, "%02X%02X%02X%02X%02X%02X",
data/liblivemedia-2020.01.19/liveMedia/InputFile.cpp:34:11: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fid = fopen(fileName, "rb");
data/liblivemedia-2020.01.19/liveMedia/JPEGVideoRTPSource.cpp:166:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(p, codelens, ncodes);
data/liblivemedia-2020.01.19/liveMedia/JPEGVideoRTPSource.cpp:168:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(p, symbols, nsymbols);
data/liblivemedia-2020.01.19/liveMedia/JPEGVideoRTPSource.cpp:212:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ptr, qtables, tableSize);
data/liblivemedia-2020.01.19/liveMedia/JPEGVideoRTPSource.cpp:222:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ptr, qtables, tableSize);
data/liblivemedia-2020.01.19/liveMedia/JPEGVideoRTPSource.cpp:271:17: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static unsigned char const defaultQuantizers[128] = {
data/liblivemedia-2020.01.19/liveMedia/JPEGVideoRTPSource.cpp:410:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char newQtables[128];
data/liblivemedia-2020.01.19/liveMedia/MP3ADU.cpp:36:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buf[SegmentBufSize];
data/liblivemedia-2020.01.19/liveMedia/MP3ADURTPSink.cpp:92:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char aduDescriptor[2];
data/liblivemedia-2020.01.19/liveMedia/MP3ADUTranscoder.cpp:55:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[30];
data/liblivemedia-2020.01.19/liveMedia/MP3ADUTranscoder.cpp:56:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buffer, " bandwidth %d", outBitrate());
data/liblivemedia-2020.01.19/liveMedia/MP3ADUinterleaving.cpp:258:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char dummyBuf[2000];
data/liblivemedia-2020.01.19/liveMedia/MP3ADUinterleaving.cpp:330:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char frameData[MAX_FRAME_SIZE]; // ditto
data/liblivemedia-2020.01.19/liveMedia/MP3FileSource.cpp:106:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[200];
data/liblivemedia-2020.01.19/liveMedia/MP3FileSource.cpp:143:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmp[200];
data/liblivemedia-2020.01.19/liveMedia/MP3FileSource.cpp:144:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(tmp,
data/liblivemedia-2020.01.19/liveMedia/MP3InternalsHuffman.cpp:323:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tablename[3]; /*string, containing table_description */
data/liblivemedia-2020.01.19/liveMedia/MP3InternalsHuffman.cpp:343:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char command[100],line[100];
data/liblivemedia-2020.01.19/liveMedia/MP3InternalsHuffman.cpp:394:33: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
rsf_ht[n].val = (unsigned char (*)[2])
data/liblivemedia-2020.01.19/liveMedia/MP3InternalsHuffman.cpp:434:17: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static unsigned char const slen[2][16] = {
data/liblivemedia-2020.01.19/liveMedia/MP3InternalsHuffman.cpp:439:17: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static unsigned char const stab[3][6][4] = {
data/liblivemedia-2020.01.19/liveMedia/MP3StreamState.cpp:196:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char hbuf[8];
data/liblivemedia-2020.01.19/liveMedia/MP3StreamState.cpp:230:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buf[70 /*was: 40*/];
data/liblivemedia-2020.01.19/liveMedia/MP3StreamState.cpp:240:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buf[1000];
data/liblivemedia-2020.01.19/liveMedia/MPEG1or2FileServerDemux.cpp:189:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char fBuf[MFSD_DUMMY_SINK_BUFFER_SIZE];
data/liblivemedia-2020.01.19/liveMedia/MPEG1or2VideoStreamFramer.cpp:74:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char fSavedVSHBuffer[VSH_MAX_SIZE];
data/liblivemedia-2020.01.19/liveMedia/MPEG2TransportStreamParser_STREAM.cpp:292:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fileName[100];
data/liblivemedia-2020.01.19/liveMedia/MPEG4ESVideoRTPSink.cpp:133:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(endPtr, "%02X", config[i]);
data/liblivemedia-2020.01.19/liveMedia/MPEG4ESVideoRTPSink.cpp:136:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(endPtr, "\r\n");
data/liblivemedia-2020.01.19/liveMedia/MPEG4GenericRTPSink.cpp:112:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char headers[4];
data/liblivemedia-2020.01.19/liveMedia/MPEG4VideoStreamFramer.cpp:431:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char errMsg[200];
data/liblivemedia-2020.01.19/liveMedia/MPEG4VideoStreamFramer.cpp:432:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(errMsg, "Not enough bits in VOL header: %d/8 >= %d\n", fNumBitsSeenSoFar, curFrameSize());
data/liblivemedia-2020.01.19/liveMedia/MatroskaFile.cpp:598:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(&configStr[2*i], "%02X", track->codecPrivate[i]);
data/liblivemedia-2020.01.19/liveMedia/MatroskaFileParser.cpp:1379:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&result, &resultAsUnsigned, sizeof result);
data/liblivemedia-2020.01.19/liveMedia/MatroskaFileParser.cpp:1388:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&resultDouble, &resultAsUnsigned64, sizeof resultDouble);
data/liblivemedia-2020.01.19/liveMedia/Media.cpp:154:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(mediumName, "liveMedia%d", fNameGenerator++);
data/liblivemedia-2020.01.19/liveMedia/MediaSession.cpp:71:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char CNAME[maxCNAMElen+1];
data/liblivemedia-2020.01.19/liveMedia/MediaSession.cpp:76:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(CNAME, "unknown host %d", (unsigned)(our_random()*0x7FFFFFFF));
data/liblivemedia-2020.01.19/liveMedia/MediaSession.cpp:233:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char typeStr[20];
data/liblivemedia-2020.01.19/liveMedia/MediaSession.cpp:234:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(typeStr, "%d", subsession->fRTPPayloadFormat);
data/liblivemedia-2020.01.19/liveMedia/MultiFramedRTPSink.cpp:144:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char paddingBuffer[255]; //max padding
data/liblivemedia-2020.01.19/liveMedia/OggFileParser.cpp:136:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[8];
data/liblivemedia-2020.01.19/liveMedia/OggFileParser.cpp:207:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char const* headerName[3] = { "identification", "comment", "setup" };
data/liblivemedia-2020.01.19/liveMedia/OutputFile.cpp:47:11: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fid = fopen(fileName, "wb");
data/liblivemedia-2020.01.19/liveMedia/QuickTimeFileSink.cpp:211:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char specialHeaderBytes[SPECIAL_HEADER_BUFFER_SIZE]; // ditto
data/liblivemedia-2020.01.19/liveMedia/QuickTimeFileSink.cpp:2184:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char description[100];
data/liblivemedia-2020.01.19/liveMedia/QuickTimeFileSink.cpp:2219:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(&newSDPLines[i], "%d", fCurrentIOState->fTrackID);
data/liblivemedia-2020.01.19/liveMedia/RTCP.cpp:357:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char nameBytes[4];
data/liblivemedia-2020.01.19/liveMedia/RTPSink.cpp:141:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(encodingParamsPart, "/%d", numChannels());
data/liblivemedia-2020.01.19/liveMedia/RTSPClient.cpp:271:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char parseBuffer[parseBufferSize];
data/liblivemedia-2020.01.19/liveMedia/RTSPClient.cpp:593:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[100];
data/liblivemedia-2020.01.19/liveMedia/RTSPClient.cpp:598:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, "Speed: %.3f\r\n",speed);
data/liblivemedia-2020.01.19/liveMedia/RTSPClient.cpp:605:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[100];
data/liblivemedia-2020.01.19/liveMedia/RTSPClient.cpp:611:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, "Scale: %f\r\n", scale);
data/liblivemedia-2020.01.19/liveMedia/RTSPClient.cpp:618:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[100];
data/liblivemedia-2020.01.19/liveMedia/RTSPClient.cpp:639:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, "Range: npt=%.3f-\r\n", start);
data/liblivemedia-2020.01.19/liveMedia/RTSPClient.cpp:643:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, "Range: npt=%.3f-%.3f\r\n", start, end);
data/liblivemedia-2020.01.19/liveMedia/RTSPClient.cpp:989:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(blocksizeStr, "Blocksize: %u\r\n", maxPacketSize);
data/liblivemedia-2020.01.19/liveMedia/RTSPClient.cpp:1026:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cmdName[RTSP_PARAM_STRING_MAX];
data/liblivemedia-2020.01.19/liveMedia/RTSPClient.cpp:1027:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char urlPreSuffix[RTSP_PARAM_STRING_MAX];
data/liblivemedia-2020.01.19/liveMedia/RTSPClient.cpp:1028:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char urlSuffix[RTSP_PARAM_STRING_MAX];
data/liblivemedia-2020.01.19/liveMedia/RTSPClient.cpp:1029:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cseq[RTSP_PARAM_STRING_MAX];
data/liblivemedia-2020.01.19/liveMedia/RTSPClient.cpp:1030:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char sessionId[RTSP_PARAM_STRING_MAX];
data/liblivemedia-2020.01.19/liveMedia/RTSPClient.cpp:1044:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmpBuf[2*RTSP_PARAM_STRING_MAX];
data/liblivemedia-2020.01.19/liveMedia/RTSPClient.cpp:1821:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmpBuf[200];
data/liblivemedia-2020.01.19/liveMedia/RTSPClient.cpp:1822:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(tmpBuf, "Response buffer size (%d) is too small for \"Content-Length:\" %d (need a buffer size of >= %d bytes\n",
data/liblivemedia-2020.01.19/liveMedia/RTSPCommon.cpp:36:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char hex[3];
data/liblivemedia-2020.01.19/liveMedia/RTSPCommon.cpp:349:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char buf[200];
data/liblivemedia-2020.01.19/liveMedia/RTSPServer.cpp:80:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char urlBuffer[100]; // more than big enough for "rtsp://<ip-address>:<port>/"
data/liblivemedia-2020.01.19/liveMedia/RTSPServer.cpp:319:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char urlTotalSuffix[2*RTSP_PARAM_STRING_MAX];
data/liblivemedia-2020.01.19/liveMedia/RTSPServer.cpp:696:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cmdName[RTSP_PARAM_STRING_MAX];
data/liblivemedia-2020.01.19/liveMedia/RTSPServer.cpp:697:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char urlPreSuffix[RTSP_PARAM_STRING_MAX];
data/liblivemedia-2020.01.19/liveMedia/RTSPServer.cpp:698:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char urlSuffix[RTSP_PARAM_STRING_MAX];
data/liblivemedia-2020.01.19/liveMedia/RTSPServer.cpp:699:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cseq[RTSP_PARAM_STRING_MAX];
data/liblivemedia-2020.01.19/liveMedia/RTSPServer.cpp:700:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char sessionIdStr[RTSP_PARAM_STRING_MAX];
data/liblivemedia-2020.01.19/liveMedia/RTSPServer.cpp:770:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char urlTotalSuffix[2*RTSP_PARAM_STRING_MAX];
data/liblivemedia-2020.01.19/liveMedia/RTSPServer.cpp:832:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char sessionCookie[RTSP_PARAM_STRING_MAX];
data/liblivemedia-2020.01.19/liveMedia/RTSPServer.cpp:833:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char acceptStr[RTSP_PARAM_STRING_MAX];
data/liblivemedia-2020.01.19/liveMedia/RTSPServer.cpp:1439:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char timeoutParameterString[100];
data/liblivemedia-2020.01.19/liveMedia/RTSPServer.cpp:1441:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(timeoutParameterString, ";timeout=%u", fOurRTSPServer.fReclamationSeconds);
data/liblivemedia-2020.01.19/liveMedia/RTSPServer.cpp:1640:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[100];
data/liblivemedia-2020.01.19/liveMedia/RTSPServer.cpp:1645:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, "Scale: %f\r\n", scale);
data/liblivemedia-2020.01.19/liveMedia/RTSPServer.cpp:1766:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, "Range: npt=%.3f-\r\n", rangeStart);
data/liblivemedia-2020.01.19/liveMedia/RTSPServer.cpp:1768:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, "Range: npt=%.3f-%.3f\r\n", rangeStart, rangeEnd);
data/liblivemedia-2020.01.19/liveMedia/RTSPServerRegister.cpp:398:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char proxyStreamNameBuf[100];
data/liblivemedia-2020.01.19/liveMedia/RTSPServerRegister.cpp:400:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(proxyStreamNameBuf, "registeredProxyStream-%u", ++fRegisteredProxyCounter);
data/liblivemedia-2020.01.19/liveMedia/RTSPServerSupportingHTTPStreaming.cpp:65:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char buf[200];
data/liblivemedia-2020.01.19/liveMedia/SIPClient.cpp:468:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char readBuffer[readBufSize+1]; char* readBuf = readBuffer;
data/liblivemedia-2020.01.19/liveMedia/SIPClient.cpp:578:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmpBuf[200];
data/liblivemedia-2020.01.19/liveMedia/SIPClient.cpp:579:11: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(tmpBuf, "Read buffer size (%d) is too small for \"Content-Length:\" %d (need a buffer size of >= %d bytes\n",
data/liblivemedia-2020.01.19/liveMedia/SIPClient.cpp:768:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char parseBuffer[parseBufferSize];
data/liblivemedia-2020.01.19/liveMedia/ServerMediaSession.cpp:251:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[100];
data/liblivemedia-2020.01.19/liveMedia/ServerMediaSession.cpp:252:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, "a=range:npt=0-%.3f\r\n", dur);
data/liblivemedia-2020.01.19/liveMedia/ServerMediaSession.cpp:360:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[100];
data/liblivemedia-2020.01.19/liveMedia/ServerMediaSession.cpp:361:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, "track%d", fTrackNumber);
data/liblivemedia-2020.01.19/liveMedia/ServerMediaSession.cpp:431:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[100];
data/liblivemedia-2020.01.19/liveMedia/ServerMediaSession.cpp:452:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[100];
data/liblivemedia-2020.01.19/liveMedia/ServerMediaSession.cpp:453:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, "a=range:npt=0-%.3f\r\n", ourDuration);
data/liblivemedia-2020.01.19/liveMedia/WAVAudioFileSource.cpp:153:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char errMsg[100];
data/liblivemedia-2020.01.19/liveMedia/WAVAudioFileSource.cpp:154:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(errMsg, "Bad # channels: %d", fNumChannels);
data/liblivemedia-2020.01.19/liveMedia/ourMD5.cpp:45:34: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
void transform64Bytes(unsigned char const block[64]); // does the actual MD5 transform
data/liblivemedia-2020.01.19/liveMedia/ourMD5.cpp:50:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char fWorkingBuffer[64];
data/liblivemedia-2020.01.19/liveMedia/ourMD5.cpp:107:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((unsigned char*)&fWorkingBuffer[bufferBytesInUse], (unsigned char*)inputData, bufferBytesRemaining);
data/liblivemedia-2020.01.19/liveMedia/ourMD5.cpp:118:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((unsigned char*)&fWorkingBuffer[bufferBytesInUse], (unsigned char*)&inputData[i], inputDataSize - i);
data/liblivemedia-2020.01.19/liveMedia/ourMD5.cpp:123:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char digestInBytes[DIGEST_SIZE_IN_BYTES];
data/liblivemedia-2020.01.19/liveMedia/ourMD5.cpp:139:31: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static void unpack32(unsigned char out[4], u_int32_t in) {
data/liblivemedia-2020.01.19/liveMedia/ourMD5.cpp:145:31: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static void unpack64(unsigned char out[8], u_int64_t in) {
data/liblivemedia-2020.01.19/liveMedia/ourMD5.cpp:151:17: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static unsigned char const PADDING[64] = {
data/liblivemedia-2020.01.19/liveMedia/ourMD5.cpp:159:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char bitCountInBytes[8];
data/liblivemedia-2020.01.19/liveMedia/ourMD5.cpp:238:44: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
void MD5Context::transform64Bytes(unsigned char const block[64]) {
data/liblivemedia-2020.01.19/mediaServer/DynamicRTSPServer.cpp:50:15: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE* fid = fopen(streamName, "rb");
data/liblivemedia-2020.01.19/proxyServer/live555ProxyServer.cpp:215:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char streamName[30];
data/liblivemedia-2020.01.19/proxyServer/live555ProxyServer.cpp:219:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(streamName, "proxyStream-%d", i); // there's more than one stream; distinguish them by name
data/liblivemedia-2020.01.19/testProgs/live555HLSProxy.cpp:293:22: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE* ourM3U8Fid = fopen(ourM3U8FileName, "wb");
data/liblivemedia-2020.01.19/testProgs/mikeyParse.cpp:31:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char const* payloadTypeName[256];
data/liblivemedia-2020.01.19/testProgs/mikeyParse.cpp:32:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char const* dataTypeComment[256];
data/liblivemedia-2020.01.19/testProgs/playCommon.cpp:811:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char outFileName[1000];
data/liblivemedia-2020.01.19/testProgs/playCommon.cpp:816:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(outFileName, "stdout");
data/liblivemedia-2020.01.19/testProgs/playCommon.cpp:876:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(outFileName, "stdout");
data/liblivemedia-2020.01.19/testProgs/playCommon.cpp:967:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char periodicFileNameSuffix[100];
data/liblivemedia-2020.01.19/testProgs/playCommon.cpp:1483:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char timestampStr[100];
data/liblivemedia-2020.01.19/testProgs/playCommon.cpp:1484:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(timestampStr, "%ld%03ld", timeNow.tv_sec, (long)(timeNow.tv_usec/1000));
data/liblivemedia-2020.01.19/testProgs/sapWatch.cpp:26:17: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static unsigned char packet[maxPacketSize+1];
data/liblivemedia-2020.01.19/testProgs/testAMRAudioStreamer.cpp:62:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char CNAME[maxCNAMElen+1];
data/liblivemedia-2020.01.19/testProgs/testDVVideoStreamer.cpp:64:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char CNAME[maxCNAMElen+1];
data/liblivemedia-2020.01.19/testProgs/testGSMStreamer.cpp:103:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char CNAME[maxCNAMElen+1];
data/liblivemedia-2020.01.19/testProgs/testH264VideoStreamer.cpp:69:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char CNAME[maxCNAMElen+1];
data/liblivemedia-2020.01.19/testProgs/testH264VideoToHLSSegments.cpp:77:18: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
ourM3U8Fid = fopen(ourM3U8FileName, "wb");
data/liblivemedia-2020.01.19/testProgs/testH265VideoStreamer.cpp:70:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char CNAME[maxCNAMElen+1];
data/liblivemedia-2020.01.19/testProgs/testMKVStreamer.cpp:86:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char CNAME[maxCNAMElen+1];
data/liblivemedia-2020.01.19/testProgs/testMP3Receiver.cpp:105:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char CNAME[maxCNAMElen+1];
data/liblivemedia-2020.01.19/testProgs/testMP3Streamer.cpp:112:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char CNAME[maxCNAMElen+1];
data/liblivemedia-2020.01.19/testProgs/testMPEG1or2AudioVideoStreamer.cpp:98:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char CNAME[maxCNAMElen+1];
data/liblivemedia-2020.01.19/testProgs/testMPEG1or2VideoReceiver.cpp:92:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char CNAME[maxCNAMElen+1];
data/liblivemedia-2020.01.19/testProgs/testMPEG1or2VideoStreamer.cpp:93:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char CNAME[maxCNAMElen+1];
data/liblivemedia-2020.01.19/testProgs/testMPEG2TransportReceiver.cpp:92:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char CNAME[maxCNAMElen+1];
data/liblivemedia-2020.01.19/testProgs/testMPEG2TransportStreamer.cpp:88:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char CNAME[maxCNAMElen+1];
data/liblivemedia-2020.01.19/testProgs/testMPEG4VideoStreamer.cpp:62:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char CNAME[maxCNAMElen+1];
data/liblivemedia-2020.01.19/testProgs/testOggStreamer.cpp:88:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char CNAME[maxCNAMElen+1];
data/liblivemedia-2020.01.19/testProgs/testRTSPClient.cpp:513:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char uSecsStr[6+1]; // used to output the 'microseconds' part of the presentation time
data/liblivemedia-2020.01.19/testProgs/testRTSPClient.cpp:514:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(uSecsStr, "%06u", (unsigned)presentationTime.tv_usec);
data/liblivemedia-2020.01.19/testProgs/testWAVAudioStreamer.cpp:194:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char CNAME[maxCNAMElen+1];
data/liblivemedia-2020.01.19/testProgs/vobStreamer.cpp:145:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char CNAME[maxCNAMElen+1];
data/liblivemedia-2020.01.19/BasicUsageEnvironment/BasicUsageEnvironment0.cpp:75:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for (char* p = errMsg + strlen(errMsg); p != errMsg && (*p == '\r' || *p == '\n' || *p == '.' || *p == '\0'); --p) {
data/liblivemedia-2020.01.19/BasicUsageEnvironment/BasicUsageEnvironment0.cpp:93:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
unsigned msgLength = strlen(msg);
data/liblivemedia-2020.01.19/UsageEnvironment/strDup.cpp:25:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t len = strlen(str) + 1;
data/liblivemedia-2020.01.19/UsageEnvironment/strDup.cpp:46:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
resultBufSize = strlen(str) + 1;
data/liblivemedia-2020.01.19/WindowsAudioInputDevice/WindowsAudioInputDevice_mixer.cpp:97:7: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(mixerNameBuffer, mixer.name, sizeof mixerNameBuffer);
data/liblivemedia-2020.01.19/WindowsAudioInputDevice/WindowsAudioInputDevice_mixer.cpp:191:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(allowedDeviceNames[i])) == 0) {
data/liblivemedia-2020.01.19/WindowsAudioInputDevice/WindowsAudioInputDevice_mixer.cpp:251:9: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(name, mc.szPname, MAXPNAMELEN);
data/liblivemedia-2020.01.19/WindowsAudioInputDevice/WindowsAudioInputDevice_mixer.cpp:266:11: [1] (buffer) wcsncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
wcsncpy(ml.Target.szPname, wic.szPname, MAXPNAMELEN);
data/liblivemedia-2020.01.19/WindowsAudioInputDevice/WindowsAudioInputDevice_mixer.cpp:268:11: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(ml.Target.szPname, wic.szPname, MAXPNAMELEN);
data/liblivemedia-2020.01.19/WindowsAudioInputDevice/WindowsAudioInputDevice_mixer.cpp:331:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(ports[i].name, mlc.szName, MIXER_LONG_NAME_CHARS);
data/liblivemedia-2020.01.19/WindowsAudioInputDevice/WindowsAudioInputDevice_mixer.cpp:382:5: [1] (buffer) wcsncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
wcsncpy(portname, ml.szName, MIXER_LONG_NAME_CHARS);
data/liblivemedia-2020.01.19/WindowsAudioInputDevice/WindowsAudioInputDevice_mixer.cpp:385:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(portname, ml.szName, MIXER_LONG_NAME_CHARS);
data/liblivemedia-2020.01.19/WindowsAudioInputDevice/WindowsAudioInputDevice_noMixer.cpp:121:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(allowedDeviceNames[i])) == 0) {
data/liblivemedia-2020.01.19/WindowsAudioInputDevice/WindowsAudioInputDevice_noMixer.cpp:162:9: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(name, wic.szPname, MAXPNAMELEN);
data/liblivemedia-2020.01.19/liveMedia/AMRAudioFileSink.cpp:79:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
unsigned headerLength = strlen(headerBuffer);
data/liblivemedia-2020.01.19/liveMedia/Base64.cpp:43:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
return base64Decode(in, strlen(in), resultSize, trimTrailingZeros);
data/liblivemedia-2020.01.19/liveMedia/ByteStreamFileSource.cpp:144:18: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
fFrameSize = read(fileno(fFid), fTo, fMaxSize);
data/liblivemedia-2020.01.19/liveMedia/DVVideoRTPSink.cpp:87:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
unsigned fmtpSDPFmtSize = strlen(fmtpSDPFmt)
data/liblivemedia-2020.01.19/liveMedia/DVVideoRTPSink.cpp:89:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
+ strlen(profileName);
data/liblivemedia-2020.01.19/liveMedia/DigestAuthentication.cpp:112:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(ha1Buf, password(), 32);
data/liblivemedia-2020.01.19/liveMedia/DigestAuthentication.cpp:115:33: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
unsigned const ha1DataLen = strlen(username()) + 1
data/liblivemedia-2020.01.19/liveMedia/DigestAuthentication.cpp:116:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
+ strlen(realm()) + 1 + strlen(password());
data/liblivemedia-2020.01.19/liveMedia/DigestAuthentication.cpp:116:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
+ strlen(realm()) + 1 + strlen(password());
data/liblivemedia-2020.01.19/liveMedia/DigestAuthentication.cpp:123:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
unsigned const ha2DataLen = strlen(cmd) + 1 + strlen(url);
data/liblivemedia-2020.01.19/liveMedia/DigestAuthentication.cpp:123:49: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
unsigned const ha2DataLen = strlen(cmd) + 1 + strlen(url);
data/liblivemedia-2020.01.19/liveMedia/DigestAuthentication.cpp:131:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
= 32 + 1 + strlen(nonce()) + 1 + 32;
data/liblivemedia-2020.01.19/liveMedia/FileSink.cpp:37:40: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
fPerFrameFileNameBuffer = new char[strlen(perFrameFileNamePrefix) + 100];
data/liblivemedia-2020.01.19/liveMedia/H264VideoRTPSink.cpp:116:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
unsigned fmtpFmtSize = strlen(fmtpFmt)
data/liblivemedia-2020.01.19/liveMedia/H264VideoRTPSink.cpp:119:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
+ strlen(sps_base64) + strlen(pps_base64);
data/liblivemedia-2020.01.19/liveMedia/H264VideoRTPSink.cpp:119:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
+ strlen(sps_base64) + strlen(pps_base64);
data/liblivemedia-2020.01.19/liveMedia/H264VideoRTPSource.cpp:144:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
s += strlen(s) + 1;
data/liblivemedia-2020.01.19/liveMedia/H265VideoRTPSink.cpp:156:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
unsigned fmtpFmtSize = strlen(fmtpFmt)
data/liblivemedia-2020.01.19/liveMedia/H265VideoRTPSink.cpp:161:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
+ strlen(interopConstraintsStr)
data/liblivemedia-2020.01.19/liveMedia/H265VideoRTPSink.cpp:162:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
+ strlen(sprop_vps)
data/liblivemedia-2020.01.19/liveMedia/H265VideoRTPSink.cpp:163:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
+ strlen(sprop_sps)
data/liblivemedia-2020.01.19/liveMedia/H265VideoRTPSink.cpp:164:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
+ strlen(sprop_pps);
data/liblivemedia-2020.01.19/liveMedia/HLSSegmenter.cpp:46:37: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
fOutputSegmentFileName = new char[strlen(fileNamePrefix) + 20/*more than enough*/];
data/liblivemedia-2020.01.19/liveMedia/MPEG4ESVideoRTPSink.cpp:124:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
unsigned fmtpFmtSize = strlen(fmtpFmt)
data/liblivemedia-2020.01.19/liveMedia/MPEG4ESVideoRTPSink.cpp:131:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
char* endPtr = &fmtp[strlen(fmtp)];
data/liblivemedia-2020.01.19/liveMedia/MPEG4GenericRTPSink.cpp:41:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t const len = strlen(mpeg4Mode) + 1;
data/liblivemedia-2020.01.19/liveMedia/MPEG4GenericRTPSink.cpp:59:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
unsigned fmtpFmtSize = strlen(fmtpFmt)
data/liblivemedia-2020.01.19/liveMedia/MPEG4GenericRTPSink.cpp:62:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
+ strlen(fMPEG4Mode)
data/liblivemedia-2020.01.19/liveMedia/MPEG4GenericRTPSink.cpp:63:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
+ strlen(fConfigString);
data/liblivemedia-2020.01.19/liveMedia/MPEG4GenericRTPSource.cpp:88:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(mediumName) + 14 /* strlen("/MPEG4-GENERIC") */ + 1;
data/liblivemedia-2020.01.19/liveMedia/MPEG4LATMAudioRTPSink.cpp:38:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
unsigned fmtpFmtSize = strlen(fmtpFmt)
data/liblivemedia-2020.01.19/liveMedia/MPEG4LATMAudioRTPSink.cpp:40:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
+ strlen(fStreamMuxConfigString);
data/liblivemedia-2020.01.19/liveMedia/MPEG4LATMAudioRTPSource.cpp:202:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
unsigned ascSize = (strlen(configStr)+1)/2 + 1;
data/liblivemedia-2020.01.19/liveMedia/MPEG4LATMAudioRTPSource.cpp:247:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
configSize = (strlen(configStr)+1)/2;
data/liblivemedia-2020.01.19/liveMedia/MatroskaFile.cpp:689:38: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
= new char[sps_base64 == NULL ? 0 : strlen(sps_base64) +
data/liblivemedia-2020.01.19/liveMedia/MatroskaFile.cpp:690:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
pps_base64 == NULL ? 0 : strlen(pps_base64) +
data/liblivemedia-2020.01.19/liveMedia/MediaSession.cpp:273:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(inputLine) < 2 || inputLine[1] != '='
data/liblivemedia-2020.01.19/liveMedia/MediaSession.cpp:299:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t sdpLineSize = strlen(sdpLine) + 1;
data/liblivemedia-2020.01.19/liveMedia/MediaSession.cpp:346:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t len = strlen(sdpLine) + 1;
data/liblivemedia-2020.01.19/liveMedia/MediaSession.cpp:1085:33: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
unsigned const sdpLineLen = strlen(sdpLine);
data/liblivemedia-2020.01.19/liveMedia/MediaSession.cpp:1343:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
= new char[strlen(mediumName()) + strlen(codecName()) + 2] ;
data/liblivemedia-2020.01.19/liveMedia/MediaSession.cpp:1343:38: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
= new char[strlen(mediumName()) + strlen(codecName()) + 2] ;
data/liblivemedia-2020.01.19/liveMedia/MediaSession.cpp:1390:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
= new char[strlen(mediumName()) + strlen(codecName()) + 2] ;
data/liblivemedia-2020.01.19/liveMedia/MediaSession.cpp:1390:38: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
= new char[strlen(mediumName()) + strlen(codecName()) + 2] ;
data/liblivemedia-2020.01.19/liveMedia/OnDemandServerMediaSubsession.cpp:445:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
unsigned sdpFmtSize = strlen(sdpFmt)
data/liblivemedia-2020.01.19/liveMedia/OnDemandServerMediaSubsession.cpp:446:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
+ strlen(mediaType) + 5 /* max short len */ + 3 /* max char len */
data/liblivemedia-2020.01.19/liveMedia/OnDemandServerMediaSubsession.cpp:447:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
+ strlen(ipAddressStr.val())
data/liblivemedia-2020.01.19/liveMedia/OnDemandServerMediaSubsession.cpp:449:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
+ strlen(rtpmapLine)
data/liblivemedia-2020.01.19/liveMedia/OnDemandServerMediaSubsession.cpp:450:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
+ strlen(rtcpmuxLine)
data/liblivemedia-2020.01.19/liveMedia/OnDemandServerMediaSubsession.cpp:451:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
+ strlen(rangeLine)
data/liblivemedia-2020.01.19/liveMedia/OnDemandServerMediaSubsession.cpp:452:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
+ strlen(auxSDPLine)
data/liblivemedia-2020.01.19/liveMedia/OnDemandServerMediaSubsession.cpp:453:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
+ strlen(trackId());
data/liblivemedia-2020.01.19/liveMedia/PassiveServerMediaSubsession.cpp:98:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
unsigned sdpFmtSize = strlen(sdpFmt)
data/liblivemedia-2020.01.19/liveMedia/PassiveServerMediaSubsession.cpp:99:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
+ strlen(mediaType) + 5 /* max short len */ + 3 /* max char len */
data/liblivemedia-2020.01.19/liveMedia/PassiveServerMediaSubsession.cpp:100:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
+ strlen(groupAddressStr.val()) + 3 /* max char len */
data/liblivemedia-2020.01.19/liveMedia/PassiveServerMediaSubsession.cpp:102:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
+ strlen(rtpmapLine)
data/liblivemedia-2020.01.19/liveMedia/PassiveServerMediaSubsession.cpp:103:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
+ strlen(rtcpmuxLine)
data/liblivemedia-2020.01.19/liveMedia/PassiveServerMediaSubsession.cpp:104:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
+ strlen(rangeLine)
data/liblivemedia-2020.01.19/liveMedia/PassiveServerMediaSubsession.cpp:105:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
+ strlen(auxSDPLine)
data/liblivemedia-2020.01.19/liveMedia/PassiveServerMediaSubsession.cpp:106:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
+ strlen(trackId());
data/liblivemedia-2020.01.19/liveMedia/QuickTimeFileSink.cpp:1241:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
unsigned strLength = strlen(str);
data/liblivemedia-2020.01.19/liveMedia/QuickTimeFileSink.cpp:2202:32: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
char* newSDPLines = new char[strlen(sdpLines)+100/*overkill*/];
data/liblivemedia-2020.01.19/liveMedia/QuickTimeFileSink.cpp:2221:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int j = i + strlen(&newSDPLines[i]);
data/liblivemedia-2020.01.19/liveMedia/QuickTimeFileSink.cpp:2326:35: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
unsigned rtpmapStringLength = strlen(ourSubsession.codecName()) + 20;
data/liblivemedia-2020.01.19/liveMedia/RTCP.cpp:1178:35: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
unsigned const reasonLength = strlen(reason);
data/liblivemedia-2020.01.19/liveMedia/RTCP.cpp:1259:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
unsigned length = strlen((char const*)value);
data/liblivemedia-2020.01.19/liveMedia/RTPSink.cpp:146:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
unsigned rtpmapFmtSize = strlen(rtpmapFmt)
data/liblivemedia-2020.01.19/liveMedia/RTPSink.cpp:147:32: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
+ 3 /* max char len */ + strlen(rtpPayloadFormatName())
data/liblivemedia-2020.01.19/liveMedia/RTPSink.cpp:148:32: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
+ 20 /* max int len */ + strlen(encodingParamsPart);
data/liblivemedia-2020.01.19/liveMedia/RTSPClient.cpp:131:32: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
char* paramString = new char[strlen(parameterName) + strlen(parameterValue) + 10];
data/liblivemedia-2020.01.19/liveMedia/RTSPClient.cpp:131:56: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
char* paramString = new char[strlen(parameterName) + strlen(parameterValue) + 10];
data/liblivemedia-2020.01.19/liveMedia/RTSPClient.cpp:145:59: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
unsigned parameterNameLen = parameterName == NULL ? 0 : strlen(parameterName);
data/liblivemedia-2020.01.19/liveMedia/RTSPClient.cpp:358:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
unsigned const headerSize = strlen(formatStr) + strlen(userAgentName);
data/liblivemedia-2020.01.19/liveMedia/RTSPClient.cpp:358:51: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
unsigned const headerSize = strlen(formatStr) + strlen(userAgentName);
data/liblivemedia-2020.01.19/liveMedia/RTSPClient.cpp:362:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
fUserAgentHeaderStrLen = strlen(fUserAgentHeaderStr);
data/liblivemedia-2020.01.19/liveMedia/RTSPClient.cpp:402:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
= strlen(applicationName) + strlen(libPrefix) + strlen(libName) + strlen(libVersionStr) + strlen(libSuffix) + 1;
data/liblivemedia-2020.01.19/liveMedia/RTSPClient.cpp:402:33: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
= strlen(applicationName) + strlen(libPrefix) + strlen(libName) + strlen(libVersionStr) + strlen(libSuffix) + 1;
data/liblivemedia-2020.01.19/liveMedia/RTSPClient.cpp:402:53: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
= strlen(applicationName) + strlen(libPrefix) + strlen(libName) + strlen(libVersionStr) + strlen(libSuffix) + 1;
data/liblivemedia-2020.01.19/liveMedia/RTSPClient.cpp:402:71: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
= strlen(applicationName) + strlen(libPrefix) + strlen(libName) + strlen(libVersionStr) + strlen(libSuffix) + 1;
data/liblivemedia-2020.01.19/liveMedia/RTSPClient.cpp:402:95: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
= strlen(applicationName) + strlen(libPrefix) + strlen(libName) + strlen(libVersionStr) + strlen(libSuffix) + 1;
data/liblivemedia-2020.01.19/liveMedia/RTSPClient.cpp:494:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
unsigned contentStrLen = strlen(contentStr);
data/liblivemedia-2020.01.19/liveMedia/RTSPClient.cpp:498:42: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
unsigned contentLengthHeaderSize = strlen(contentLengthHeaderFmt)
data/liblivemedia-2020.01.19/liveMedia/RTSPClient.cpp:516:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
unsigned cmdSize = strlen(cmdFmt)
data/liblivemedia-2020.01.19/liveMedia/RTSPClient.cpp:517:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
+ strlen(request->commandName()) + strlen(cmdURL) + strlen(protocolStr)
data/liblivemedia-2020.01.19/liveMedia/RTSPClient.cpp:517:42: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
+ strlen(request->commandName()) + strlen(cmdURL) + strlen(protocolStr)
data/liblivemedia-2020.01.19/liveMedia/RTSPClient.cpp:517:59: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
+ strlen(request->commandName()) + strlen(cmdURL) + strlen(protocolStr)
data/liblivemedia-2020.01.19/liveMedia/RTSPClient.cpp:519:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
+ strlen(authenticatorStr)
data/liblivemedia-2020.01.19/liveMedia/RTSPClient.cpp:521:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
+ strlen(extraHeaders)
data/liblivemedia-2020.01.19/liveMedia/RTSPClient.cpp:522:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
+ strlen(contentLengthHeader)
data/liblivemedia-2020.01.19/liveMedia/RTSPClient.cpp:544:35: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
cmd = base64Encode(origCmd, strlen(cmd));
data/liblivemedia-2020.01.19/liveMedia/RTSPClient.cpp:549:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (write(cmd, strlen(cmd)) < 0) {
data/liblivemedia-2020.01.19/liveMedia/RTSPClient.cpp:551:34: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
unsigned const errLength = strlen(errFmt) + strlen(request->commandName());
data/liblivemedia-2020.01.19/liveMedia/RTSPClient.cpp:551:51: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
unsigned const errLength = strlen(errFmt) + strlen(request->commandName());
data/liblivemedia-2020.01.19/liveMedia/RTSPClient.cpp:583:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sessionStr = new char[20+strlen(sessionId)];
data/liblivemedia-2020.01.19/liveMedia/RTSPClient.cpp:683:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
cmdURL = new char[strlen(prefix) + strlen(separator) + strlen(suffix) + 1];
data/liblivemedia-2020.01.19/liveMedia/RTSPClient.cpp:683:40: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
cmdURL = new char[strlen(prefix) + strlen(separator) + strlen(suffix) + 1];
data/liblivemedia-2020.01.19/liveMedia/RTSPClient.cpp:683:60: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
cmdURL = new char[strlen(prefix) + strlen(separator) + strlen(suffix) + 1];
data/liblivemedia-2020.01.19/liveMedia/RTSPClient.cpp:712:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
unsigned transportSize = strlen(transportFmt)
data/liblivemedia-2020.01.19/liveMedia/RTSPClient.cpp:713:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
+ strlen(transportTypeStr) + strlen(modeStr) + strlen(portTypeStr) + 2*5 /* max port len */;
data/liblivemedia-2020.01.19/liveMedia/RTSPClient.cpp:713:36: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
+ strlen(transportTypeStr) + strlen(modeStr) + strlen(portTypeStr) + 2*5 /* max port len */;
data/liblivemedia-2020.01.19/liveMedia/RTSPClient.cpp:713:54: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
+ strlen(transportTypeStr) + strlen(modeStr) + strlen(portTypeStr) + 2*5 /* max port len */;
data/liblivemedia-2020.01.19/liveMedia/RTSPClient.cpp:726:45: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
extraHeaders = new char[transportSize + strlen(sessionStr) + strlen(blocksizeStr)];
data/liblivemedia-2020.01.19/liveMedia/RTSPClient.cpp:726:66: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
extraHeaders = new char[transportSize + strlen(sessionStr) + strlen(blocksizeStr)];
data/liblivemedia-2020.01.19/liveMedia/RTSPClient.cpp:765:35: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
unsigned extraHeadersSize = strlen(extraHeadersFmt)
data/liblivemedia-2020.01.19/liveMedia/RTSPClient.cpp:766:4: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
+ strlen(serverAddressString.val())
data/liblivemedia-2020.01.19/liveMedia/RTSPClient.cpp:767:4: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
+ strlen(fSessionCookie);
data/liblivemedia-2020.01.19/liveMedia/RTSPClient.cpp:782:35: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
unsigned extraHeadersSize = strlen(extraHeadersFmt)
data/liblivemedia-2020.01.19/liveMedia/RTSPClient.cpp:783:4: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
+ strlen(serverAddressString.val())
data/liblivemedia-2020.01.19/liveMedia/RTSPClient.cpp:784:4: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
+ strlen(fSessionCookie);
data/liblivemedia-2020.01.19/liveMedia/RTSPClient.cpp:810:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
cmdURL = new char[strlen(prefix) + strlen(separator) + strlen(suffix) + 1];
data/liblivemedia-2020.01.19/liveMedia/RTSPClient.cpp:810:42: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
cmdURL = new char[strlen(prefix) + strlen(separator) + strlen(suffix) + 1];
data/liblivemedia-2020.01.19/liveMedia/RTSPClient.cpp:810:62: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
cmdURL = new char[strlen(prefix) + strlen(separator) + strlen(suffix) + 1];
data/liblivemedia-2020.01.19/liveMedia/RTSPClient.cpp:826:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
extraHeaders = new char[strlen(sessionStr) + strlen(scaleStr) + strlen(speedStr) + strlen(rangeStr) + 1];
data/liblivemedia-2020.01.19/liveMedia/RTSPClient.cpp:826:52: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
extraHeaders = new char[strlen(sessionStr) + strlen(scaleStr) + strlen(speedStr) + strlen(rangeStr) + 1];
data/liblivemedia-2020.01.19/liveMedia/RTSPClient.cpp:826:71: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
extraHeaders = new char[strlen(sessionStr) + strlen(scaleStr) + strlen(speedStr) + strlen(rangeStr) + 1];
data/liblivemedia-2020.01.19/liveMedia/RTSPClient.cpp:826:90: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
extraHeaders = new char[strlen(sessionStr) + strlen(scaleStr) + strlen(speedStr) + strlen(rangeStr) + 1];
data/liblivemedia-2020.01.19/liveMedia/RTSPClient.cpp:945:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
unsigned authBufSize = strlen(authFmt)
data/liblivemedia-2020.01.19/liveMedia/RTSPClient.cpp:946:4: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
+ strlen(auth.username()) + strlen(auth.realm())
data/liblivemedia-2020.01.19/liveMedia/RTSPClient.cpp:946:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
+ strlen(auth.username()) + strlen(auth.realm())
data/liblivemedia-2020.01.19/liveMedia/RTSPClient.cpp:947:4: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
+ strlen(auth.nonce()) + strlen(url) + strlen(response);
data/liblivemedia-2020.01.19/liveMedia/RTSPClient.cpp:947:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
+ strlen(auth.nonce()) + strlen(url) + strlen(response);
data/liblivemedia-2020.01.19/liveMedia/RTSPClient.cpp:947:41: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
+ strlen(auth.nonce()) + strlen(url) + strlen(response);
data/liblivemedia-2020.01.19/liveMedia/RTSPClient.cpp:956:41: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
unsigned usernamePasswordLength = strlen(auth.username()) + 1 + strlen(auth.password());
data/liblivemedia-2020.01.19/liveMedia/RTSPClient.cpp:956:71: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
unsigned usernamePasswordLength = strlen(auth.username()) + 1 + strlen(auth.password());
data/liblivemedia-2020.01.19/liveMedia/RTSPClient.cpp:961:36: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
unsigned const authBufSize = strlen(authFmt) + strlen(response) + 1;
data/liblivemedia-2020.01.19/liveMedia/RTSPClient.cpp:961:54: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
unsigned const authBufSize = strlen(authFmt) + strlen(response) + 1;
data/liblivemedia-2020.01.19/liveMedia/RTSPClient.cpp:1047:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
write(tmpBuf, strlen(tmpBuf));
data/liblivemedia-2020.01.19/liveMedia/RTSPClient.cpp:1108:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
fields += strlen(field);
data/liblivemedia-2020.01.19/liveMedia/RTSPClient.cpp:1167:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
paramsStr += strlen(field);
data/liblivemedia-2020.01.19/liveMedia/RTSPClient.cpp:1192:53: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
char const* afterSessionId = sessionParamsStr + strlen(sessionId);
data/liblivemedia-2020.01.19/liveMedia/RTSPClient.cpp:1322:35: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
unsigned parameterNameLen = strlen(parameterName);
data/liblivemedia-2020.01.19/liveMedia/RTSPClient.cpp:1342:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
unsigned resultLen = strlen(resultValueString);
data/liblivemedia-2020.01.19/liveMedia/RTSPClient.cpp:1460:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
unsigned prefixLen = strlen(prefix);
data/liblivemedia-2020.01.19/liveMedia/RTSPClient.cpp:1597:19: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
int bytesRead = read((u_int8_t*)&fResponseBuffer[fResponseBytesAlreadySeen], fResponseBufferBytesLeft);
data/liblivemedia-2020.01.19/liveMedia/RTSPClient.cpp:1695:7: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(headerDataCopy, fResponseBuffer, fResponseBytesAlreadySeen);
data/liblivemedia-2020.01.19/liveMedia/RTSPClient.cpp:1791:64: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
= (oldBaseURLTail - fBaseURL) + 8/* for "/stream=" */ + strlen(headerParamsStr);
data/liblivemedia-2020.01.19/liveMedia/RTSPClient.cpp:1946:17: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
int RTSPClient::read(u_int8_t* buffer, unsigned bufferSize) {
data/liblivemedia-2020.01.19/liveMedia/RTSPClient.cpp:1948:17: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
return fTLS.read(buffer, bufferSize);
data/liblivemedia-2020.01.19/liveMedia/RTSPCommon.cpp:254:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t len = strlen(utcTimes) + 1;
data/liblivemedia-2020.01.19/liveMedia/RTSPCommon.cpp:323:37: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
unsigned const commandNameLen = strlen(commandName);
data/liblivemedia-2020.01.19/liveMedia/RTSPCommon.cpp:371:24: [1] (buffer) wcslen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
wcstombs(buf, inBuf, wcslen(inBuf));
data/liblivemedia-2020.01.19/liveMedia/RTSPRegisterSender.cpp:36:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
unsigned fakeRTSPURLSize = strlen(fakeRTSPURLFmt) + strlen(remoteClientNameOrAddress) + 5/* max port num len */;
data/liblivemedia-2020.01.19/liveMedia/RTSPRegisterSender.cpp:36:55: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
unsigned fakeRTSPURLSize = strlen(fakeRTSPURLFmt) + strlen(remoteClientNameOrAddress) + 5/* max port num len */;
data/liblivemedia-2020.01.19/liveMedia/RTSPRegisterSender.cpp:119:46: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
unsigned proxyURLSuffixParameterSize = strlen(proxyURLSuffixParameterFmt)
data/liblivemedia-2020.01.19/liveMedia/RTSPRegisterSender.cpp:120:4: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
+ strlen(request_REGISTER->proxyURLSuffix());
data/liblivemedia-2020.01.19/liveMedia/RTSPRegisterSender.cpp:126:36: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
unsigned transportHeaderSize = strlen(transportHeaderFmt) + 100/*conservative*/ + strlen(proxyURLSuffixParameterStr);
data/liblivemedia-2020.01.19/liveMedia/RTSPRegisterSender.cpp:126:87: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
unsigned transportHeaderSize = strlen(transportHeaderFmt) + 100/*conservative*/ + strlen(proxyURLSuffixParameterStr);
data/liblivemedia-2020.01.19/liveMedia/RTSPRegisterSender.cpp:199:46: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
unsigned proxyURLSuffixParameterSize = strlen(proxyURLSuffixParameterFmt)
data/liblivemedia-2020.01.19/liveMedia/RTSPRegisterSender.cpp:200:4: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
+ strlen(request_DEREGISTER->proxyURLSuffix());
data/liblivemedia-2020.01.19/liveMedia/RTSPRegisterSender.cpp:206:36: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
unsigned transportHeaderSize = strlen(transportHeaderFmt) + strlen(proxyURLSuffixParameterStr);
data/liblivemedia-2020.01.19/liveMedia/RTSPRegisterSender.cpp:206:65: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
unsigned transportHeaderSize = strlen(transportHeaderFmt) + strlen(proxyURLSuffixParameterStr);
data/liblivemedia-2020.01.19/liveMedia/RTSPServer.cpp:61:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
char* resultURL = new char[strlen(urlPrefix) + strlen(sessionName) + 1];
data/liblivemedia-2020.01.19/liveMedia/RTSPServer.cpp:61:50: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
char* resultURL = new char[strlen(urlPrefix) + strlen(sessionName) + 1];
data/liblivemedia-2020.01.19/liveMedia/RTSPServer.cpp:324:7: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(urlTotalSuffix, "/");
data/liblivemedia-2020.01.19/liveMedia/RTSPServer.cpp:352:35: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
unsigned sdpDescriptionSize = strlen(sdpDescription);
data/liblivemedia-2020.01.19/liveMedia/RTSPServer.cpp:386:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
unsigned headerNameLen = strlen(headerName);
data/liblivemedia-2020.01.19/liveMedia/RTSPServer.cpp:775:6: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(urlTotalSuffix, "/");
data/liblivemedia-2020.01.19/liveMedia/RTSPServer.cpp:885:61: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
send(fClientOutputSocket, (char const*)fResponseBuffer, strlen((char*)fResponseBuffer), 0);
data/liblivemedia-2020.01.19/liveMedia/RTSPServer.cpp:1080:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
unsigned const contentLen = strlen(contentStr);
data/liblivemedia-2020.01.19/liveMedia/RTSPServer.cpp:1098:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
unsigned const contentLen = strlen(contentStr);
data/liblivemedia-2020.01.19/liveMedia/RTSPServer.cpp:1238:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
fields += strlen(field);
data/liblivemedia-2020.01.19/liveMedia/RTSPServer.cpp:1277:36: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
concatenatedStreamName = new char[strlen(urlPreSuffix) + strlen(urlSuffix) + 2]; // allow for the "/" and the trailing '\0'
data/liblivemedia-2020.01.19/liveMedia/RTSPServer.cpp:1277:59: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
concatenatedStreamName = new char[strlen(urlPreSuffix) + strlen(urlSuffix) + 2]; // allow for the "/" and the trailing '\0'
data/liblivemedia-2020.01.19/liveMedia/RTSPServer.cpp:1566:38: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
unsigned const urlPreSuffixLen = strlen(urlPreSuffix);
data/liblivemedia-2020.01.19/liveMedia/RTSPServer.cpp:1627:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
unsigned rtspURLSize = strlen(rtspURL);
data/liblivemedia-2020.01.19/liveMedia/RTSPServer.cpp:1690:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
unsigned rtpInfoFmtSize = strlen(rtpInfoFmt);
data/liblivemedia-2020.01.19/liveMedia/RTSPServer.cpp:1788:4: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
+ strlen(prevRTPInfo)
data/liblivemedia-2020.01.19/liveMedia/RTSPServer.cpp:1790:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
+ rtspURLSize + strlen(urlSuffix)
data/liblivemedia-2020.01.19/liveMedia/RTSPServer.cpp:1808:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
unsigned rtpInfoLen = strlen(rtpInfo);
data/liblivemedia-2020.01.19/liveMedia/RTSPServerRegister.cpp:289:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
fields += strlen(field);
data/liblivemedia-2020.01.19/liveMedia/RTSPServerRegister.cpp:360:37: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
fAllowedCommandNames = new char[strlen(baseAllowedCommandNames) + strlen(newAllowedCommandName) + 1/* for '\0' */];
data/liblivemedia-2020.01.19/liveMedia/RTSPServerRegister.cpp:360:71: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
fAllowedCommandNames = new char[strlen(baseAllowedCommandNames) + strlen(newAllowedCommandName) + 1/* for '\0' */];
data/liblivemedia-2020.01.19/liveMedia/RTSPServerSupportingHTTPStreaming.cpp:145:63: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
send(fClientOutputSocket, (char const*)fResponseBuffer, strlen((char*)fResponseBuffer), 0);
data/liblivemedia-2020.01.19/liveMedia/RTSPServerSupportingHTTPStreaming.cpp:189:45: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
unsigned const playlistPrefixFmt_maxLen = strlen(playlistPrefixFmt) + maxIntLen;
data/liblivemedia-2020.01.19/liveMedia/RTSPServerSupportingHTTPStreaming.cpp:194:52: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
unsigned const playlistMediaFileSpecFmt_maxLen = strlen(playlistMediaFileSpecFmt) + maxIntLen + strlen(urlSuffix) + 2*maxIntLen;
data/liblivemedia-2020.01.19/liveMedia/RTSPServerSupportingHTTPStreaming.cpp:194:99: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
unsigned const playlistMediaFileSpecFmt_maxLen = strlen(playlistMediaFileSpecFmt) + maxIntLen + strlen(urlSuffix) + 2*maxIntLen;
data/liblivemedia-2020.01.19/liveMedia/RTSPServerSupportingHTTPStreaming.cpp:198:45: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
unsigned const playlistSuffixFmt_maxLen = strlen(playlistSuffixFmt);
data/liblivemedia-2020.01.19/liveMedia/RTSPServerSupportingHTTPStreaming.cpp:211:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
s += strlen(s);
data/liblivemedia-2020.01.19/liveMedia/RTSPServerSupportingHTTPStreaming.cpp:218:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
s += strlen(s);
data/liblivemedia-2020.01.19/liveMedia/RTSPServerSupportingHTTPStreaming.cpp:225:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
s += strlen(s);
data/liblivemedia-2020.01.19/liveMedia/RTSPServerSupportingHTTPStreaming.cpp:243:59: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
send(fClientOutputSocket, (char const*)fResponseBuffer, strlen((char*)fResponseBuffer), 0);
data/liblivemedia-2020.01.19/liveMedia/RawVideoRTPSink.cpp:202:34: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((strncmp("RGB", fSampling, strlen(fSampling)) == 0) || (strncmp("BGR", fSampling, strlen(fSampling)) == 0)) {
data/liblivemedia-2020.01.19/liveMedia/RawVideoRTPSink.cpp:202:89: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((strncmp("RGB", fSampling, strlen(fSampling)) == 0) || (strncmp("BGR", fSampling, strlen(fSampling)) == 0)) {
data/liblivemedia-2020.01.19/liveMedia/RawVideoRTPSink.cpp:224:40: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
else if ((strncmp("RGBA", fSampling, strlen(fSampling)) == 0) || (strncmp("BGRA", fSampling, strlen(fSampling)) == 0)) {
data/liblivemedia-2020.01.19/liveMedia/RawVideoRTPSink.cpp:224:96: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
else if ((strncmp("RGBA", fSampling, strlen(fSampling)) == 0) || (strncmp("BGRA", fSampling, strlen(fSampling)) == 0)) {
data/liblivemedia-2020.01.19/liveMedia/RawVideoRTPSink.cpp:242:48: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
} else if (strncmp("YCbCr-4:4:4", fSampling, strlen(fSampling)) == 0) {
data/liblivemedia-2020.01.19/liveMedia/RawVideoRTPSink.cpp:263:48: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
} else if (strncmp("YCbCr-4:2:2", fSampling, strlen(fSampling)) == 0) {
data/liblivemedia-2020.01.19/liveMedia/RawVideoRTPSink.cpp:281:48: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
} else if (strncmp("YCbCr-4:1:1", fSampling, strlen(fSampling)) == 0) {
data/liblivemedia-2020.01.19/liveMedia/RawVideoRTPSink.cpp:299:48: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
} else if (strncmp("YCbCr-4:2:0", fSampling, strlen(fSampling)) == 0) {
data/liblivemedia-2020.01.19/liveMedia/SIPClient.cpp:46:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
unsigned const headerSize = strlen(formatStr) + strlen(userAgentName);
data/liblivemedia-2020.01.19/liveMedia/SIPClient.cpp:46:51: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
unsigned const headerSize = strlen(formatStr) + strlen(userAgentName);
data/liblivemedia-2020.01.19/liveMedia/SIPClient.cpp:50:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
fUserAgentHeaderStrLen = strlen(fUserAgentHeaderStr);
data/liblivemedia-2020.01.19/liveMedia/SIPClient.cpp:69:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
fMIMESubtypeSize = strlen(fMIMESubtype);
data/liblivemedia-2020.01.19/liveMedia/SIPClient.cpp:73:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
fApplicationNameSize = strlen(fApplicationName);
data/liblivemedia-2020.01.19/liveMedia/SIPClient.cpp:78:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
fOurAddressStrSize = strlen(fOurAddressStr);
data/liblivemedia-2020.01.19/liveMedia/SIPClient.cpp:118:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
= fApplicationNameSize + strlen(libPrefix) + strlen(libName) + strlen(libVersionStr) + strlen(libSuffix) + 1;
data/liblivemedia-2020.01.19/liveMedia/SIPClient.cpp:118:50: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
= fApplicationNameSize + strlen(libPrefix) + strlen(libName) + strlen(libVersionStr) + strlen(libSuffix) + 1;
data/liblivemedia-2020.01.19/liveMedia/SIPClient.cpp:118:68: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
= fApplicationNameSize + strlen(libPrefix) + strlen(libName) + strlen(libVersionStr) + strlen(libSuffix) + 1;
data/liblivemedia-2020.01.19/liveMedia/SIPClient.cpp:118:92: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
= fApplicationNameSize + strlen(libPrefix) + strlen(libName) + strlen(libVersionStr) + strlen(libSuffix) + 1;
data/liblivemedia-2020.01.19/liveMedia/SIPClient.cpp:144:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
fUserNameSize = strlen(fUserName);
data/liblivemedia-2020.01.19/liveMedia/SIPClient.cpp:191:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
fURLSize = strlen(fURL);
data/liblivemedia-2020.01.19/liveMedia/SIPClient.cpp:215:32: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
unsigned rtpmapFmtSize = strlen(rtpmapFmt)
data/liblivemedia-2020.01.19/liveMedia/SIPClient.cpp:220:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
rtpmapLineSize = strlen(rtpmapLine);
data/liblivemedia-2020.01.19/liveMedia/SIPClient.cpp:234:33: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
unsigned inviteSDPFmtSize = strlen(inviteSDPFmt)
data/liblivemedia-2020.01.19/liveMedia/SIPClient.cpp:248:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
unsigned inviteSDPSize = strlen(fInviteSDPDescription);
data/liblivemedia-2020.01.19/liveMedia/SIPClient.cpp:265:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
unsigned inviteCmdSize = strlen(cmdFmt)
data/liblivemedia-2020.01.19/liveMedia/SIPClient.cpp:273:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
+ strlen(authenticatorStr)
data/liblivemedia-2020.01.19/liveMedia/SIPClient.cpp:290:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
fInviteCmdSize = strlen(fInviteCmd);
data/liblivemedia-2020.01.19/liveMedia/SIPClient.cpp:542:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
fToTagStrSize = strlen(fToTagStr);
data/liblivemedia-2020.01.19/liveMedia/SIPClient.cpp:624:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
fUserNameSize = strlen(fUserName);
data/liblivemedia-2020.01.19/liveMedia/SIPClient.cpp:661:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
unsigned cmdSize = strlen(cmdFmt)
data/liblivemedia-2020.01.19/liveMedia/SIPClient.cpp:677:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!sendRequest(cmd, strlen(cmd))) {
data/liblivemedia-2020.01.19/liveMedia/SIPClient.cpp:703:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
unsigned cmdSize = strlen(cmdFmt)
data/liblivemedia-2020.01.19/liveMedia/SIPClient.cpp:719:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!sendRequest(cmd, strlen(cmd))) {
data/liblivemedia-2020.01.19/liveMedia/SIPClient.cpp:878:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
unsigned authBufSize = strlen(authFmt)
data/liblivemedia-2020.01.19/liveMedia/SIPClient.cpp:879:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
+ strlen(authenticator->username()) + strlen(authenticator->realm())
data/liblivemedia-2020.01.19/liveMedia/SIPClient.cpp:879:45: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
+ strlen(authenticator->username()) + strlen(authenticator->realm())
data/liblivemedia-2020.01.19/liveMedia/SIPClient.cpp:880:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
+ strlen(authenticator->nonce()) + strlen(url) + strlen(response);
data/liblivemedia-2020.01.19/liveMedia/SIPClient.cpp:880:42: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
+ strlen(authenticator->nonce()) + strlen(url) + strlen(response);
data/liblivemedia-2020.01.19/liveMedia/SIPClient.cpp:880:56: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
+ strlen(authenticator->nonce()) + strlen(url) + strlen(response);
data/liblivemedia-2020.01.19/liveMedia/ServerMediaSession.cpp:73:38: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
libNamePlusVersionStr = new char[strlen(libNameStr) + strlen(libVersionStr) + 1];
data/liblivemedia-2020.01.19/liveMedia/ServerMediaSession.cpp:73:59: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
libNamePlusVersionStr = new char[strlen(libNameStr) + strlen(libVersionStr) + 1];
data/liblivemedia-2020.01.19/liveMedia/ServerMediaSession.cpp:213:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
unsigned ipAddressStrSize = strlen(ipAddressStr.val());
data/liblivemedia-2020.01.19/liveMedia/ServerMediaSession.cpp:221:42: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
unsigned const sourceFilterFmtSize = strlen(sourceFilterFmt) + ipAddressStrSize + 1;
data/liblivemedia-2020.01.19/liveMedia/ServerMediaSession.cpp:242:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sdpLength += strlen(sdpLines);
data/liblivemedia-2020.01.19/liveMedia/ServerMediaSession.cpp:272:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sdpLength += strlen(sdpPrefixFmt)
data/liblivemedia-2020.01.19/liveMedia/ServerMediaSession.cpp:274:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
+ strlen(fDescriptionSDPString)
data/liblivemedia-2020.01.19/liveMedia/ServerMediaSession.cpp:275:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
+ strlen(fInfoSDPString)
data/liblivemedia-2020.01.19/liveMedia/ServerMediaSession.cpp:276:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
+ strlen(libNameStr) + strlen(libVersionStr)
data/liblivemedia-2020.01.19/liveMedia/ServerMediaSession.cpp:276:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
+ strlen(libNameStr) + strlen(libVersionStr)
data/liblivemedia-2020.01.19/liveMedia/ServerMediaSession.cpp:277:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
+ strlen(sourceFilterLine)
data/liblivemedia-2020.01.19/liveMedia/ServerMediaSession.cpp:278:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
+ strlen(rangeLine)
data/liblivemedia-2020.01.19/liveMedia/ServerMediaSession.cpp:279:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
+ strlen(fDescriptionSDPString)
data/liblivemedia-2020.01.19/liveMedia/ServerMediaSession.cpp:280:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
+ strlen(fInfoSDPString)
data/liblivemedia-2020.01.19/liveMedia/ServerMediaSession.cpp:281:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
+ strlen(fMiscSDPLines);
data/liblivemedia-2020.01.19/liveMedia/ServerMediaSession.cpp:304:33: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
unsigned mediaSDPLength = strlen(mediaSDP);
data/liblivemedia-2020.01.19/liveMedia/TLSState.cpp:73:15: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
int TLSState::read(u_int8_t* buffer, unsigned bufferSize) {
data/liblivemedia-2020.01.19/liveMedia/TheoraVideoRTPSink.cpp:103:39: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
unsigned fmtpSDPLineMaxSize = 200 + strlen(base64PackedHeaders);// 200 => more than enough space
data/liblivemedia-2020.01.19/liveMedia/VorbisAudioRTPSink.cpp:112:38: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
unsigned fmtpSDPLineMaxSize = 50 + strlen(base64PackedHeaders); // 50 => more than enough space
data/liblivemedia-2020.01.19/liveMedia/WAVAudioFileSource.cpp:85:15: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
#define nextc fgetc(fid)
data/liblivemedia-2020.01.19/liveMedia/WAVAudioFileSource.cpp:293:22: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
numBytesRead = read(fileno(fFid), fTo, bytesToRead);
data/liblivemedia-2020.01.19/mediaServer/DynamicRTSPServer.cpp:186:33: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
unsigned indexFileNameLen = strlen(fileName) + 2; // allow for trailing "x\0"
data/liblivemedia-2020.01.19/testProgs/MPEG2TransportStreamIndexer.cpp:48:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len = strlen(inputFileName);
data/liblivemedia-2020.01.19/testProgs/live555HLSProxy.cpp:287:32: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ourM3U8FileName = new char[strlen(hlsPrefix) + 5/*strlen(".m3u8")*/ + 1];
data/liblivemedia-2020.01.19/testProgs/playSIP.cpp:40:41: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
char const* suffix = &applicationName[strlen(applicationName)];
data/liblivemedia-2020.01.19/testProgs/testH264VideoToHLSSegments.cpp:75:38: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
char* ourM3U8FileName = new char[strlen(OUR_HLS_FILENAME_PREFIX) + 5/*strlen(".m3u8")*/ + 1];
data/liblivemedia-2020.01.19/testProgs/testMKVSplitter.cpp:84:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
char* fileName = new char[strlen(mimeType) + 100/*more than enough space*/];
data/liblivemedia-2020.01.19/testProgs/testMPEG2TransportStreamTrickPlay.cpp:52:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len = strlen(inputFileName);
ANALYSIS SUMMARY:
Hits = 612
Lines analyzed = 65645 in approximately 2.01 seconds (32627 lines/second)
Physical Source Lines of Code (SLOC) = 45931
Hits@level = [0] 756 [1] 262 [2] 224 [3] 5 [4] 121 [5] 0
Hits@level+ = [0+] 1368 [1+] 612 [2+] 350 [3+] 126 [4+] 121 [5+] 0
Hits/KSLOC@level+ = [0+] 29.7838 [1+] 13.3243 [2+] 7.62013 [3+] 2.74325 [4+] 2.63439 [5+] 0
Dot directories skipped = 1 (--followdotdir overrides)
Minimum risk level = 1
Not every hit is necessarily a security vulnerability.
There may be other security vulnerabilities; review your code!
See 'Secure Programming HOWTO'
(https://dwheeler.com/secure-programs) for more information.