Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler.
Number of rules (primarily dangerous function names) in C/C++ ruleset: 223
Examining data/libopenmpt-0.4.11/build/svn_version/svn_version.h
Examining data/libopenmpt-0.4.11/libopenmpt/libopenmpt_modplug_cpp.cpp
Examining data/libopenmpt-0.4.11/libopenmpt/libopenmpt_test.cpp
Examining data/libopenmpt-0.4.11/libopenmpt/libopenmpt_c.cpp
Examining data/libopenmpt-0.4.11/libopenmpt/libopenmpt_ext_impl.cpp
Examining data/libopenmpt-0.4.11/libopenmpt/libopenmpt_cxx.cpp
Examining data/libopenmpt-0.4.11/libopenmpt/libopenmpt.h
Examining data/libopenmpt-0.4.11/libopenmpt/libopenmpt_stream_callbacks_buffer.h
Examining data/libopenmpt-0.4.11/libopenmpt/libopenmpt_version.h
Examining data/libopenmpt-0.4.11/libopenmpt/libopenmpt.hpp
Examining data/libopenmpt-0.4.11/libopenmpt/libopenmpt_stream_callbacks_file.h
Examining data/libopenmpt-0.4.11/libopenmpt/libopenmpt_impl.hpp
Examining data/libopenmpt-0.4.11/libopenmpt/libopenmpt_ext.hpp
Examining data/libopenmpt-0.4.11/libopenmpt/libopenmpt_ext.h
Examining data/libopenmpt-0.4.11/libopenmpt/libopenmpt_impl.cpp
Examining data/libopenmpt-0.4.11/libopenmpt/libopenmpt_internal.h
Examining data/libopenmpt-0.4.11/libopenmpt/libopenmpt_stream_callbacks_fd.h
Examining data/libopenmpt-0.4.11/libopenmpt/libopenmpt_modplug.c
Examining data/libopenmpt-0.4.11/libopenmpt/libopenmpt_ext_impl.hpp
Examining data/libopenmpt-0.4.11/libopenmpt/libopenmpt_config.h
Examining data/libopenmpt-0.4.11/soundlib/Snd_defs.h
Examining data/libopenmpt-0.4.11/soundlib/MixerSettings.cpp
Examining data/libopenmpt-0.4.11/soundlib/Load_669.cpp
Examining data/libopenmpt-0.4.11/soundlib/ModSample.cpp
Examining data/libopenmpt-0.4.11/soundlib/OPL.cpp
Examining data/libopenmpt-0.4.11/soundlib/SampleFormatMP3.cpp
Examining data/libopenmpt-0.4.11/soundlib/SampleIO.h
Examining data/libopenmpt-0.4.11/soundlib/SampleFormatMediaFoundation.cpp
Examining data/libopenmpt-0.4.11/soundlib/Load_c67.cpp
Examining data/libopenmpt-0.4.11/soundlib/Load_stm.cpp
Examining data/libopenmpt-0.4.11/soundlib/Dither.cpp
Examining data/libopenmpt-0.4.11/soundlib/Snd_flt.cpp
Examining data/libopenmpt-0.4.11/soundlib/SampleFormatVorbis.cpp
Examining data/libopenmpt-0.4.11/soundlib/patternContainer.h
Examining data/libopenmpt-0.4.11/soundlib/UMXTools.cpp
Examining data/libopenmpt-0.4.11/soundlib/modsmp_ctrl.h
Examining data/libopenmpt-0.4.11/soundlib/MixerLoops.cpp
Examining data/libopenmpt-0.4.11/soundlib/ModSample.h
Examining data/libopenmpt-0.4.11/soundlib/WAVTools.cpp
Examining data/libopenmpt-0.4.11/soundlib/OggStream.h
Examining data/libopenmpt-0.4.11/soundlib/RowVisitor.h
Examining data/libopenmpt-0.4.11/soundlib/Loaders.h
Examining data/libopenmpt-0.4.11/soundlib/SampleFormats.cpp
Examining data/libopenmpt-0.4.11/soundlib/MixFuncTable.cpp
Examining data/libopenmpt-0.4.11/soundlib/modcommand.cpp
Examining data/libopenmpt-0.4.11/soundlib/Load_mdl.cpp
Examining data/libopenmpt-0.4.11/soundlib/Load_ptm.cpp
Examining data/libopenmpt-0.4.11/soundlib/Load_plm.cpp
Examining data/libopenmpt-0.4.11/soundlib/WindowedFIR.h
Examining data/libopenmpt-0.4.11/soundlib/Load_mtm.cpp
Examining data/libopenmpt-0.4.11/soundlib/pattern.h
Examining data/libopenmpt-0.4.11/soundlib/Load_psm.cpp
Examining data/libopenmpt-0.4.11/soundlib/tuningbase.cpp
Examining data/libopenmpt-0.4.11/soundlib/FloatMixer.h
Examining data/libopenmpt-0.4.11/soundlib/MixerInterface.h
Examining data/libopenmpt-0.4.11/soundlib/Load_itp.cpp
Examining data/libopenmpt-0.4.11/soundlib/patternContainer.cpp
Examining data/libopenmpt-0.4.11/soundlib/Load_med.cpp
Examining data/libopenmpt-0.4.11/soundlib/MPEGFrame.cpp
Examining data/libopenmpt-0.4.11/soundlib/Load_amf.cpp
Examining data/libopenmpt-0.4.11/soundlib/modcommand.h
Examining data/libopenmpt-0.4.11/soundlib/Dlsbank.cpp
Examining data/libopenmpt-0.4.11/soundlib/MixerLoops.h
Examining data/libopenmpt-0.4.11/soundlib/UpgradeModule.cpp
Examining data/libopenmpt-0.4.11/soundlib/SampleFormatOpus.cpp
Examining data/libopenmpt-0.4.11/soundlib/Load_s3m.cpp
Examining data/libopenmpt-0.4.11/soundlib/MIDIEvents.cpp
Examining data/libopenmpt-0.4.11/soundlib/Sndfile.cpp
Examining data/libopenmpt-0.4.11/soundlib/Fastmix.cpp
Examining data/libopenmpt-0.4.11/soundlib/mod_specifications.h
Examining data/libopenmpt-0.4.11/soundlib/Load_imf.cpp
Examining data/libopenmpt-0.4.11/soundlib/tuning.cpp
Examining data/libopenmpt-0.4.11/soundlib/Sndmix.cpp
Examining data/libopenmpt-0.4.11/soundlib/ContainerUMX.cpp
Examining data/libopenmpt-0.4.11/soundlib/Snd_fx.cpp
Examining data/libopenmpt-0.4.11/soundlib/ContainerXPK.cpp
Examining data/libopenmpt-0.4.11/soundlib/Load_ams.cpp
Examining data/libopenmpt-0.4.11/soundlib/Load_mo3.cpp
Examining data/libopenmpt-0.4.11/soundlib/ContainerPP20.cpp
Examining data/libopenmpt-0.4.11/soundlib/MixerSettings.h
Examining data/libopenmpt-0.4.11/soundlib/Load_okt.cpp
Examining data/libopenmpt-0.4.11/soundlib/tuning.h
Examining data/libopenmpt-0.4.11/soundlib/MPEGFrame.h
Examining data/libopenmpt-0.4.11/soundlib/BitReader.h
Examining data/libopenmpt-0.4.11/soundlib/Load_dsm.cpp
Examining data/libopenmpt-0.4.11/soundlib/InstrumentExtensions.cpp
Examining data/libopenmpt-0.4.11/soundlib/Sndfile.h
Examining data/libopenmpt-0.4.11/soundlib/UMXTools.h
Examining data/libopenmpt-0.4.11/soundlib/Load_mt2.cpp
Examining data/libopenmpt-0.4.11/soundlib/ModSequence.cpp
Examining data/libopenmpt-0.4.11/soundlib/Tagging.h
Examining data/libopenmpt-0.4.11/soundlib/ModInstrument.h
Examining data/libopenmpt-0.4.11/soundlib/ModChannel.h
Examining data/libopenmpt-0.4.11/soundlib/WindowedFIR.cpp
Examining data/libopenmpt-0.4.11/soundlib/Paula.cpp
Examining data/libopenmpt-0.4.11/soundlib/ContainerMMCMP.cpp
Examining data/libopenmpt-0.4.11/soundlib/Load_stp.cpp
Examining data/libopenmpt-0.4.11/soundlib/SampleIO.cpp
Examining data/libopenmpt-0.4.11/soundlib/WAVTools.h
Examining data/libopenmpt-0.4.11/soundlib/modsmp_ctrl.cpp
Examining data/libopenmpt-0.4.11/soundlib/tuningcollection.h
Examining data/libopenmpt-0.4.11/soundlib/Mixer.h
Examining data/libopenmpt-0.4.11/soundlib/Load_it.cpp
Examining data/libopenmpt-0.4.11/soundlib/S3MTools.h
Examining data/libopenmpt-0.4.11/soundlib/ModSampleCopy.h
Examining data/libopenmpt-0.4.11/soundlib/ITTools.cpp
Examining data/libopenmpt-0.4.11/soundlib/Tagging.cpp
Examining data/libopenmpt-0.4.11/soundlib/ModInstrument.cpp
Examining data/libopenmpt-0.4.11/soundlib/ITTools.h
Examining data/libopenmpt-0.4.11/soundlib/MixFuncTable.h
Examining data/libopenmpt-0.4.11/soundlib/OggStream.cpp
Examining data/libopenmpt-0.4.11/soundlib/Dlsbank.h
Examining data/libopenmpt-0.4.11/soundlib/Load_gdm.cpp
Examining data/libopenmpt-0.4.11/soundlib/Load_xm.cpp
Examining data/libopenmpt-0.4.11/soundlib/ITCompression.cpp
Examining data/libopenmpt-0.4.11/soundlib/MIDIEvents.h
Examining data/libopenmpt-0.4.11/soundlib/Message.h
Examining data/libopenmpt-0.4.11/soundlib/tuningbase.h
Examining data/libopenmpt-0.4.11/soundlib/Load_dbm.cpp
Examining data/libopenmpt-0.4.11/soundlib/SoundFilePlayConfig.h
Examining data/libopenmpt-0.4.11/soundlib/Load_ult.cpp
Examining data/libopenmpt-0.4.11/soundlib/pattern.cpp
Examining data/libopenmpt-0.4.11/soundlib/S3MTools.cpp
Examining data/libopenmpt-0.4.11/soundlib/ChunkReader.h
Examining data/libopenmpt-0.4.11/soundlib/ModSequence.h
Examining data/libopenmpt-0.4.11/soundlib/Resampler.h
Examining data/libopenmpt-0.4.11/soundlib/plugins/dmo/ParamEq.cpp
Examining data/libopenmpt-0.4.11/soundlib/plugins/dmo/Chorus.h
Examining data/libopenmpt-0.4.11/soundlib/plugins/dmo/WavesReverb.cpp
Examining data/libopenmpt-0.4.11/soundlib/plugins/dmo/Echo.h
Examining data/libopenmpt-0.4.11/soundlib/plugins/dmo/Compressor.h
Examining data/libopenmpt-0.4.11/soundlib/plugins/dmo/Echo.cpp
Examining data/libopenmpt-0.4.11/soundlib/plugins/dmo/DMOPlugin.h
Examining data/libopenmpt-0.4.11/soundlib/plugins/dmo/Compressor.cpp
Examining data/libopenmpt-0.4.11/soundlib/plugins/dmo/ParamEq.h
Examining data/libopenmpt-0.4.11/soundlib/plugins/dmo/WavesReverb.h
Examining data/libopenmpt-0.4.11/soundlib/plugins/dmo/Distortion.cpp
Examining data/libopenmpt-0.4.11/soundlib/plugins/dmo/Gargle.cpp
Examining data/libopenmpt-0.4.11/soundlib/plugins/dmo/I3DL2Reverb.h
Examining data/libopenmpt-0.4.11/soundlib/plugins/dmo/Flanger.cpp
Examining data/libopenmpt-0.4.11/soundlib/plugins/dmo/Chorus.cpp
Examining data/libopenmpt-0.4.11/soundlib/plugins/dmo/I3DL2Reverb.cpp
Examining data/libopenmpt-0.4.11/soundlib/plugins/dmo/Flanger.h
Examining data/libopenmpt-0.4.11/soundlib/plugins/dmo/DMOPlugin.cpp
Examining data/libopenmpt-0.4.11/soundlib/plugins/dmo/Distortion.h
Examining data/libopenmpt-0.4.11/soundlib/plugins/dmo/Gargle.h
Examining data/libopenmpt-0.4.11/soundlib/plugins/PlugInterface.cpp
Examining data/libopenmpt-0.4.11/soundlib/plugins/PluginManager.cpp
Examining data/libopenmpt-0.4.11/soundlib/plugins/DigiBoosterEcho.h
Examining data/libopenmpt-0.4.11/soundlib/plugins/PluginStructs.h
Examining data/libopenmpt-0.4.11/soundlib/plugins/LFOPlugin.h
Examining data/libopenmpt-0.4.11/soundlib/plugins/PlugInterface.h
Examining data/libopenmpt-0.4.11/soundlib/plugins/LFOPlugin.cpp
Examining data/libopenmpt-0.4.11/soundlib/plugins/PluginManager.h
Examining data/libopenmpt-0.4.11/soundlib/plugins/DigiBoosterEcho.cpp
Examining data/libopenmpt-0.4.11/soundlib/plugins/PluginMixBuffer.h
Examining data/libopenmpt-0.4.11/soundlib/SampleFormatFLAC.cpp
Examining data/libopenmpt-0.4.11/soundlib/load_j2b.cpp
Examining data/libopenmpt-0.4.11/soundlib/RowVisitor.cpp
Examining data/libopenmpt-0.4.11/soundlib/Dither.h
Examining data/libopenmpt-0.4.11/soundlib/MIDIMacros.cpp
Examining data/libopenmpt-0.4.11/soundlib/SoundFilePlayConfig.cpp
Examining data/libopenmpt-0.4.11/soundlib/opal.h
Examining data/libopenmpt-0.4.11/soundlib/Message.cpp
Examining data/libopenmpt-0.4.11/soundlib/ModChannel.cpp
Examining data/libopenmpt-0.4.11/soundlib/Container.h
Examining data/libopenmpt-0.4.11/soundlib/MIDIMacros.h
Examining data/libopenmpt-0.4.11/soundlib/Load_digi.cpp
Examining data/libopenmpt-0.4.11/soundlib/AudioReadTarget.h
Examining data/libopenmpt-0.4.11/soundlib/Load_wav.cpp
Examining data/libopenmpt-0.4.11/soundlib/tuningCollection.cpp
Examining data/libopenmpt-0.4.11/soundlib/ITCompression.h
Examining data/libopenmpt-0.4.11/soundlib/Load_mid.cpp
Examining data/libopenmpt-0.4.11/soundlib/AudioCriticalSection.h
Examining data/libopenmpt-0.4.11/soundlib/XMTools.h
Examining data/libopenmpt-0.4.11/soundlib/Load_uax.cpp
Examining data/libopenmpt-0.4.11/soundlib/Paula.h
Examining data/libopenmpt-0.4.11/soundlib/OPL.h
Examining data/libopenmpt-0.4.11/soundlib/Load_far.cpp
Examining data/libopenmpt-0.4.11/soundlib/XMTools.cpp
Examining data/libopenmpt-0.4.11/soundlib/mod_specifications.cpp
Examining data/libopenmpt-0.4.11/soundlib/Load_dmf.cpp
Examining data/libopenmpt-0.4.11/soundlib/Load_dtm.cpp
Examining data/libopenmpt-0.4.11/soundlib/IntMixer.h
Examining data/libopenmpt-0.4.11/soundlib/AudioCriticalSection.cpp
Examining data/libopenmpt-0.4.11/soundlib/Load_sfx.cpp
Examining data/libopenmpt-0.4.11/soundlib/Tables.h
Examining data/libopenmpt-0.4.11/soundlib/Load_mod.cpp
Examining data/libopenmpt-0.4.11/soundlib/Tables.cpp
Examining data/libopenmpt-0.4.11/test/TestToolsLib.h
Examining data/libopenmpt-0.4.11/test/test.h
Examining data/libopenmpt-0.4.11/test/test.cpp
Examining data/libopenmpt-0.4.11/test/TestTools.h
Examining data/libopenmpt-0.4.11/test/TestToolsLib.cpp
Examining data/libopenmpt-0.4.11/test/TestToolsTracker.h
Examining data/libopenmpt-0.4.11/common/mptStringParse.cpp
Examining data/libopenmpt-0.4.11/common/mptBaseMacros.h
Examining data/libopenmpt-0.4.11/common/mptRandom.cpp
Examining data/libopenmpt-0.4.11/common/mptAssert.h
Examining data/libopenmpt-0.4.11/common/mptLibrary.h
Examining data/libopenmpt-0.4.11/common/CompilerDetect.h
Examining data/libopenmpt-0.4.11/common/FileReaderFwd.h
Examining data/libopenmpt-0.4.11/common/Profiler.cpp
Examining data/libopenmpt-0.4.11/common/version.cpp
Examining data/libopenmpt-0.4.11/common/mptMemory.h
Examining data/libopenmpt-0.4.11/common/ComponentManager.h
Examining data/libopenmpt-0.4.11/common/mptTime.cpp
Examining data/libopenmpt-0.4.11/common/mptWine.h
Examining data/libopenmpt-0.4.11/common/FlagSet.h
Examining data/libopenmpt-0.4.11/common/versionNumber.h
Examining data/libopenmpt-0.4.11/common/mptStringFormat.h
Examining data/libopenmpt-0.4.11/common/mptWine.cpp
Examining data/libopenmpt-0.4.11/common/misc_util.h
Examining data/libopenmpt-0.4.11/common/mptBaseTypes.h
Examining data/libopenmpt-0.4.11/common/mptString.cpp
Examining data/libopenmpt-0.4.11/common/mptOS.h
Examining data/libopenmpt-0.4.11/common/mptMutex.h
Examining data/libopenmpt-0.4.11/common/mptBaseUtils.h
Examining data/libopenmpt-0.4.11/common/mptOS.cpp
Examining data/libopenmpt-0.4.11/common/mptStringParse.h
Examining data/libopenmpt-0.4.11/common/mptTime.h
Examining data/libopenmpt-0.4.11/common/mptCPU.h
Examining data/libopenmpt-0.4.11/common/Profiler.h
Examining data/libopenmpt-0.4.11/common/Logging.h
Examining data/libopenmpt-0.4.11/common/stdafx.h
Examining data/libopenmpt-0.4.11/common/mptFileIO.h
Examining data/libopenmpt-0.4.11/common/misc_util.cpp
Examining data/libopenmpt-0.4.11/common/BuildSettings.h
Examining data/libopenmpt-0.4.11/common/mptPathString.h
Examining data/libopenmpt-0.4.11/common/FileReader.h
Examining data/libopenmpt-0.4.11/common/mptFileIO.cpp
Examining data/libopenmpt-0.4.11/common/mptUUID.h
Examining data/libopenmpt-0.4.11/common/mptExceptionText.h
Examining data/libopenmpt-0.4.11/common/Logging.cpp
Examining data/libopenmpt-0.4.11/common/serialization_utils.h
Examining data/libopenmpt-0.4.11/common/ComponentManager.cpp
Examining data/libopenmpt-0.4.11/common/serialization_utils.cpp
Examining data/libopenmpt-0.4.11/common/mptStringBuffer.cpp
Examining data/libopenmpt-0.4.11/common/mptAlloc.h
Examining data/libopenmpt-0.4.11/common/mptRandom.h
Examining data/libopenmpt-0.4.11/common/mptLibrary.cpp
Examining data/libopenmpt-0.4.11/common/Endianness.h
Examining data/libopenmpt-0.4.11/common/mptBufferIO.h
Examining data/libopenmpt-0.4.11/common/mptAlloc.cpp
Examining data/libopenmpt-0.4.11/common/mptException.h
Examining data/libopenmpt-0.4.11/common/mptPathString.cpp
Examining data/libopenmpt-0.4.11/common/mptIO.cpp
Examining data/libopenmpt-0.4.11/common/mptStringFormat.cpp
Examining data/libopenmpt-0.4.11/common/mptCPU.cpp
Examining data/libopenmpt-0.4.11/common/version.h
Examining data/libopenmpt-0.4.11/common/mptStringBuffer.h
Examining data/libopenmpt-0.4.11/common/mptCRC.h
Examining data/libopenmpt-0.4.11/common/FileReader.cpp
Examining data/libopenmpt-0.4.11/common/mptThread.h
Examining data/libopenmpt-0.4.11/common/mptUUID.cpp
Examining data/libopenmpt-0.4.11/common/mptIO.h
Examining data/libopenmpt-0.4.11/common/mptSpan.h
Examining data/libopenmpt-0.4.11/common/mptString.h
Examining data/libopenmpt-0.4.11/libmodplug/modplug.h
Examining data/libopenmpt-0.4.11/libmodplug/stdafx.h
Examining data/libopenmpt-0.4.11/libmodplug/sndfile.h
Examining data/libopenmpt-0.4.11/openmpt123/openmpt123.cpp
Examining data/libopenmpt-0.4.11/openmpt123/openmpt123_config.hpp
Examining data/libopenmpt-0.4.11/openmpt123/openmpt123_allegro42.hpp
Examining data/libopenmpt-0.4.11/openmpt123/openmpt123_waveout.hpp
Examining data/libopenmpt-0.4.11/openmpt123/openmpt123.hpp
Examining data/libopenmpt-0.4.11/openmpt123/openmpt123_flac.hpp
Examining data/libopenmpt-0.4.11/openmpt123/openmpt123_portaudio.hpp
Examining data/libopenmpt-0.4.11/openmpt123/openmpt123_sdl2.hpp
Examining data/libopenmpt-0.4.11/openmpt123/openmpt123_raw.hpp
Examining data/libopenmpt-0.4.11/openmpt123/openmpt123_mmio.hpp
Examining data/libopenmpt-0.4.11/openmpt123/openmpt123_sndfile.hpp
Examining data/libopenmpt-0.4.11/openmpt123/openmpt123_pulseaudio.hpp
Examining data/libopenmpt-0.4.11/openmpt123/openmpt123_sdl.hpp
Examining data/libopenmpt-0.4.11/openmpt123/openmpt123_stdout.hpp
Examining data/libopenmpt-0.4.11/sounddsp/EQ.h
Examining data/libopenmpt-0.4.11/sounddsp/EQ.cpp
Examining data/libopenmpt-0.4.11/sounddsp/Reverb.cpp
Examining data/libopenmpt-0.4.11/sounddsp/DSP.cpp
Examining data/libopenmpt-0.4.11/sounddsp/AGC.h
Examining data/libopenmpt-0.4.11/sounddsp/Reverb.h
Examining data/libopenmpt-0.4.11/sounddsp/AGC.cpp
Examining data/libopenmpt-0.4.11/sounddsp/DSP.h
Examining data/libopenmpt-0.4.11/examples/libopenmpt_example_c_mem.c
Examining data/libopenmpt-0.4.11/examples/libopenmpt_example_cxx.cpp
Examining data/libopenmpt-0.4.11/examples/libopenmpt_example_c.c
Examining data/libopenmpt-0.4.11/examples/libopenmpt_example_c_stdout.c
Examining data/libopenmpt-0.4.11/examples/libopenmpt_example_c_unsafe.c
Examining data/libopenmpt-0.4.11/examples/libopenmpt_example_c_probe.c
Examining data/libopenmpt-0.4.11/soundbase/SampleFormatConverters.h
Examining data/libopenmpt-0.4.11/soundbase/SampleFormat.h
Examining data/libopenmpt-0.4.11/soundbase/SampleFormatCopy.h
Examining data/libopenmpt-0.4.11/debian/tests/pattern-dump-c.c
Examining data/libopenmpt-0.4.11/debian/tests/pattern-dump-cpp.cpp
Examining data/libopenmpt-0.4.11/debian/tests/pattern-dump-modplug.c
FINAL RESULTS:
data/libopenmpt-0.4.11/common/Logging.cpp:62:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
std::strcpy(g_FacilitySolo, solo.c_str());
data/libopenmpt-0.4.11/common/Logging.cpp:63:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
std::strcpy(g_FacilityBlocked, blocked.c_str());
data/libopenmpt-0.4.11/common/Logging.cpp:197:2: [4] (format) vsnprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
vsnprintf(message, LOGBUF_SIZE, format, va);
data/libopenmpt-0.4.11/common/mptBaseMacros.h:242:79: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
#define MPT_PRINTF_FUNC(formatstringindex,varargsindex) __attribute__((format(printf, formatstringindex, varargsindex)))
data/libopenmpt-0.4.11/common/mptOS.cpp:148:48: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
Version::Version(mpt::Windows::Version::System system, mpt::Windows::Version::ServicePack servicePack, mpt::Windows::Version::Build build) noexcept
data/libopenmpt-0.4.11/common/mptOS.cpp:150:13: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
, m_System(system)
data/libopenmpt-0.4.11/common/mptOS.h:113:40: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
Version(mpt::Windows::Version::System system, mpt::Windows::Version::ServicePack servicePack, mpt::Windows::Version::Build build) noexcept;
data/libopenmpt-0.4.11/libmodplug/stdafx.h:96:9: [4] (buffer) lstrcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer.
#define lstrcpy strcpy
data/libopenmpt-0.4.11/libmodplug/stdafx.h:96:17: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
#define lstrcpy strcpy
data/libopenmpt-0.4.11/libmodplug/stdafx.h:116:20: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
#define wsprintf sprintf
data/libopenmpt-0.4.11/libopenmpt/libopenmpt_c.cpp:41:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
std::strcpy( dst, src );
data/libopenmpt-0.4.11/libopenmpt/libopenmpt_modplug.c:147:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(file->name,name);
data/libopenmpt-0.4.11/libopenmpt/libopenmpt_modplug.c:161:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(file->message,message);
data/libopenmpt-0.4.11/soundlib/Dlsbank.cpp:1706:35: [4] (buffer) lstrcpyA:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
if ((key >= 24) && (key <= 84)) lstrcpyA(s, szMidiPercussionNames[key-24]);
data/libopenmpt-0.4.11/soundlib/Dlsbank.cpp:1709:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(&s[strlen(s)], " (%s", pDlsIns->szName);
data/libopenmpt-0.4.11/soundlib/Dlsbank.cpp:1716:4: [4] (buffer) lstrcatA:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120).
lstrcatA(s, ")");
data/libopenmpt-0.4.11/soundlib/Load_mid.cpp:330:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(pIns->name, szMidiProgramNames[program]);
data/libopenmpt-0.4.11/soundlib/Load_mid.cpp:334:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(pIns->name, szMidiPercussionNames[note - 24]);
data/libopenmpt-0.4.11/soundlib/SampleFormats.cpp:297:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(m_szNames[targetSample], srcSong.m_szNames[sourceSample]);
data/libopenmpt-0.4.11/test/test.cpp:456:14: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
int size = snprintf(NULL, 0, format, x); // get required size, requires c99 compliant snprintf which msvc does not have
data/libopenmpt-0.4.11/test/test.cpp:458:3: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf(&(temp[0]), size + 1, format, x);
data/libopenmpt-0.4.11/test/test.cpp:2791:24: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
MPT_TEST_PRINTF(char, sprintf, "%s", char);
data/libopenmpt-0.4.11/test/test.cpp:2792:24: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
MPT_TEST_PRINTF(char, sprintf, "%S", wchar_t);
data/libopenmpt-0.4.11/test/test.cpp:2793:24: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
MPT_TEST_PRINTF(char, sprintf, "%hs", char);
data/libopenmpt-0.4.11/test/test.cpp:2794:24: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
MPT_TEST_PRINTF(char, sprintf, "%hS", char);
data/libopenmpt-0.4.11/test/test.cpp:2795:24: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
MPT_TEST_PRINTF(char, sprintf, "%ls", wchar_t);
data/libopenmpt-0.4.11/test/test.cpp:2796:24: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
MPT_TEST_PRINTF(char, sprintf, "%lS", wchar_t);
data/libopenmpt-0.4.11/test/test.cpp:2797:24: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
MPT_TEST_PRINTF(char, sprintf, "%ws", wchar_t);
data/libopenmpt-0.4.11/test/test.cpp:2798:24: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
MPT_TEST_PRINTF(char, sprintf, "%wS", wchar_t);
data/libopenmpt-0.4.11/test/test.cpp:2801:29: [4] (buffer) swprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
MPT_TEST_PRINTF_N(wchar_t, swprintf, L"%s", wchar_t);
data/libopenmpt-0.4.11/test/test.cpp:2802:29: [4] (buffer) swprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
MPT_TEST_PRINTF_N(wchar_t, swprintf, L"%S", char);
data/libopenmpt-0.4.11/test/test.cpp:2803:29: [4] (buffer) swprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
MPT_TEST_PRINTF_N(wchar_t, swprintf, L"%hs", char);
data/libopenmpt-0.4.11/test/test.cpp:2804:29: [4] (buffer) swprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
MPT_TEST_PRINTF_N(wchar_t, swprintf, L"%hS", char);
data/libopenmpt-0.4.11/test/test.cpp:2805:29: [4] (buffer) swprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
MPT_TEST_PRINTF_N(wchar_t, swprintf, L"%ls", wchar_t);
data/libopenmpt-0.4.11/test/test.cpp:2806:29: [4] (buffer) swprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
MPT_TEST_PRINTF_N(wchar_t, swprintf, L"%lS", wchar_t);
data/libopenmpt-0.4.11/test/test.cpp:2807:29: [4] (buffer) swprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
MPT_TEST_PRINTF_N(wchar_t, swprintf, L"%ws", wchar_t);
data/libopenmpt-0.4.11/test/test.cpp:2808:29: [4] (buffer) swprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
MPT_TEST_PRINTF_N(wchar_t, swprintf, L"%wS", wchar_t);
data/libopenmpt-0.4.11/common/misc_util.cpp:98:13: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
std::string getenv(const std::string &env_var, const std::string &def)
data/libopenmpt-0.4.11/common/misc_util.cpp:104:25: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
const char *val = std::getenv(env_var.c_str());
data/libopenmpt-0.4.11/common/misc_util.h:226:13: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
std::string getenv(const std::string &env_var, const std::string &def = std::string());
data/libopenmpt-0.4.11/common/mptLibrary.cpp:122:16: [3] (misc) LoadLibraryEx:
Ensure that the full path to the library is specified, or current directory
may be used (CWE-829, CWE-20). Use registry entry or GetWindowsDirectory to
find library path, if you aren't already.
hModule = LoadLibraryEx(path.GetFileName().AsNative().c_str(), NULL, LOAD_LIBRARY_SEARCH_DEFAULT_DIRS);
data/libopenmpt-0.4.11/common/mptLibrary.cpp:125:16: [3] (misc) LoadLibraryEx:
Ensure that the full path to the library is specified, or current directory
may be used (CWE-829, CWE-20). Use registry entry or GetWindowsDirectory to
find library path, if you aren't already.
hModule = LoadLibraryEx(path.GetFileName().AsNative().c_str(), NULL, LOAD_LIBRARY_SEARCH_SYSTEM32);
data/libopenmpt-0.4.11/common/mptLibrary.cpp:139:18: [3] (misc) LoadLibrary:
Ensure that the full path to the library is specified, or current directory
may be used (CWE-829, CWE-20). Use registry entry or GetWindowsDirectory to
find library path, if you aren't already.
hModule = LoadLibrary((dllPath + path.GetFileName()).AsNative().c_str());
data/libopenmpt-0.4.11/common/mptLibrary.cpp:144:16: [3] (misc) LoadLibrary:
Ensure that the full path to the library is specified, or current directory
may be used (CWE-829, CWE-20). Use registry entry or GetWindowsDirectory to
find library path, if you aren't already.
hModule = LoadLibrary(path.GetFileName().AsNative().c_str());
data/libopenmpt-0.4.11/common/mptLibrary.cpp:149:16: [3] (misc) LoadLibraryEx:
Ensure that the full path to the library is specified, or current directory
may be used (CWE-829, CWE-20). Use registry entry or GetWindowsDirectory to
find library path, if you aren't already.
hModule = LoadLibraryEx(path.GetFileName().AsNative().c_str(), NULL, LOAD_LIBRARY_SEARCH_APPLICATION_DIR);
data/libopenmpt-0.4.11/common/mptLibrary.cpp:152:16: [3] (misc) LoadLibraryEx:
Ensure that the full path to the library is specified, or current directory
may be used (CWE-829, CWE-20). Use registry entry or GetWindowsDirectory to
find library path, if you aren't already.
hModule = LoadLibraryEx(path.GetFileName().AsNative().c_str(), NULL, LOAD_LIBRARY_SEARCH_DLL_LOAD_DIR);
data/libopenmpt-0.4.11/common/mptLibrary.cpp:164:16: [3] (misc) LoadLibrary:
Ensure that the full path to the library is specified, or current directory
may be used (CWE-829, CWE-20). Use registry entry or GetWindowsDirectory to
find library path, if you aren't already.
hModule = LoadLibrary(path.GetFileName().AsNative().c_str());
data/libopenmpt-0.4.11/common/mptLibrary.cpp:171:18: [3] (misc) LoadLibrary:
Ensure that the full path to the library is specified, or current directory
may be used (CWE-829, CWE-20). Use registry entry or GetWindowsDirectory to
find library path, if you aren't already.
hModule = LoadLibrary((dllPath + path.GetFileName()).AsNative().c_str());
data/libopenmpt-0.4.11/common/mptLibrary.cpp:180:18: [3] (misc) LoadLibrary:
Ensure that the full path to the library is specified, or current directory
may be used (CWE-829, CWE-20). Use registry entry or GetWindowsDirectory to
find library path, if you aren't already.
hModule = LoadLibrary((dllPath + path.GetFileName()).AsNative().c_str());
data/libopenmpt-0.4.11/common/mptLibrary.cpp:185:16: [3] (misc) LoadLibrary:
Ensure that the full path to the library is specified, or current directory
may be used (CWE-829, CWE-20). Use registry entry or GetWindowsDirectory to
find library path, if you aren't already.
hModule = LoadLibrary(path.GetFileName().AsNative().c_str());
data/libopenmpt-0.4.11/common/mptMutex.h:96:12: [3] (misc) InitializeCriticalSection:
Exceptions can be thrown in low-memory situations. Use
InitializeCriticalSectionAndSpinCount instead.
mutex() { InitializeCriticalSection(&impl); }
data/libopenmpt-0.4.11/common/mptMutex.h:98:16: [3] (misc) EnterCriticalSection:
On some versions of Windows, exceptions can be thrown in low-memory
situations. Use InitializeCriticalSectionAndSpinCount instead.
void lock() { EnterCriticalSection(&impl); }
data/libopenmpt-0.4.11/common/mptMutex.h:108:22: [3] (misc) InitializeCriticalSection:
Exceptions can be thrown in low-memory situations. Use
InitializeCriticalSectionAndSpinCount instead.
recursive_mutex() { InitializeCriticalSection(&impl); }
data/libopenmpt-0.4.11/common/mptMutex.h:110:16: [3] (misc) EnterCriticalSection:
On some versions of Windows, exceptions can be thrown in low-memory
situations. Use InitializeCriticalSectionAndSpinCount instead.
void lock() { EnterCriticalSection(&impl); }
data/libopenmpt-0.4.11/common/mptOS.cpp:630:19: [3] (misc) LoadLibrary:
Ensure that the full path to the library is specified, or current directory
may be used (CWE-829, CWE-20). Use registry entry or GetWindowsDirectory to
find library path, if you aren't already.
HMODULE hNTDLL = LoadLibrary(TEXT("ntdll.dll"));
data/libopenmpt-0.4.11/common/mptRandom.cpp:116:7: [3] (random) srand:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
std::srand(seed);
data/libopenmpt-0.4.11/common/mptRandom.cpp:226:18: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
result ^= mpt::random<result_type>(*rd_fallback);
data/libopenmpt-0.4.11/common/mptRandom.h:112:10: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
inline T random(Trng & rng)
data/libopenmpt-0.4.11/common/mptRandom.h:133:10: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
inline T random(Trng & rng)
data/libopenmpt-0.4.11/common/mptRandom.h:160:10: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
inline T random(Trng & rng, std::size_t required_entropy_bits)
data/libopenmpt-0.4.11/common/mptRandom.h:218:41: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
return ((b - a) * static_cast<T>(mpt::random<uint_type, bits>(rng)) / static_cast<T>((static_cast<uint_type>(1u) << bits))) + a;
data/libopenmpt-0.4.11/common/mptRandom.h:224:10: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
inline T random(Trng & rng, T min, T max)
data/libopenmpt-0.4.11/common/mptRandom.h:252:16: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
: state(mpt::random<state_type>(rd))
data/libopenmpt-0.4.11/common/mptRandom.h:314:15: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
reseed(mpt::random<uint32>(rd));
data/libopenmpt-0.4.11/common/mptRandom.h:538:15: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
return mpt::random<unsigned int>(rng);
data/libopenmpt-0.4.11/common/mptUUID.cpp:443:22: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
result.Data1 = mpt::random<uint32>(prng);
data/libopenmpt-0.4.11/common/mptUUID.cpp:444:22: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
result.Data2 = mpt::random<uint16>(prng);
data/libopenmpt-0.4.11/common/mptUUID.cpp:445:22: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
result.Data3 = mpt::random<uint16>(prng);
data/libopenmpt-0.4.11/common/mptUUID.cpp:446:22: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
result.Data4 = mpt::random<uint64>(prng);
data/libopenmpt-0.4.11/libmodplug/stdafx.h:40:9: [3] (random) srandom:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
#define srandom(_seed) srand(_seed)
data/libopenmpt-0.4.11/libmodplug/stdafx.h:40:25: [3] (random) srand:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
#define srandom(_seed) srand(_seed)
data/libopenmpt-0.4.11/libmodplug/stdafx.h:41:9: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
#define random() rand()
data/libopenmpt-0.4.11/openmpt123/openmpt123.cpp:2424:8: [3] (random) srand:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
std::srand( std::uniform_int_distribution<unsigned int>()( prng ) );
data/libopenmpt-0.4.11/openmpt123/openmpt123.hpp:85:12: [3] (misc) InitializeCriticalSection:
Exceptions can be thrown in low-memory situations. Use
InitializeCriticalSectionAndSpinCount instead.
mutex() { InitializeCriticalSection(&impl); }
data/libopenmpt-0.4.11/openmpt123/openmpt123.hpp:87:16: [3] (misc) EnterCriticalSection:
On some versions of Windows, exceptions can be thrown in low-memory
situations. Use InitializeCriticalSectionAndSpinCount instead.
void lock() { EnterCriticalSection(&impl); }
data/libopenmpt-0.4.11/openmpt123/openmpt123.hpp:368:14: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if ( std::getenv( "COLUMNS" ) ) {
data/libopenmpt-0.4.11/openmpt123/openmpt123.hpp:369:35: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
std::istringstream istr( std::getenv( "COLUMNS" ) );
data/libopenmpt-0.4.11/openmpt123/openmpt123.hpp:376:14: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if ( std::getenv( "ROWS" ) ) {
data/libopenmpt-0.4.11/openmpt123/openmpt123.hpp:377:35: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
std::istringstream istr( std::getenv( "ROWS" ) );
data/libopenmpt-0.4.11/soundlib/Dither.cpp:164:20: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
unoise = (mpt::random<unsigned int>(prng, noise_bits) + mpt::random<unsigned int>(prng, noise_bits)) >> 1;
data/libopenmpt-0.4.11/soundlib/Dither.cpp:164:66: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
unoise = (mpt::random<unsigned int>(prng, noise_bits) + mpt::random<unsigned int>(prng, noise_bits)) >> 1;
data/libopenmpt-0.4.11/soundlib/Dither.cpp:167:19: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
unoise = mpt::random<unsigned int>(prng, noise_bits);
data/libopenmpt-0.4.11/soundlib/Load_mod.cpp:388:25: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
case 3: p[i] = mpt::random<int8>(rng); break; // Noise
data/libopenmpt-0.4.11/soundlib/Snd_fx.cpp:1841:47: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
chn.nVolSwing = static_cast<int16>(((mpt::random<int8>(AccessPRNG()) * pIns->nVolSwing) / 64 + 1) * (m_playBehaviour[kITSwingBehaviour] ? chn.nInsVol : ((chn.nVolume + 1) / 2)) / 199);
data/libopenmpt-0.4.11/soundlib/Snd_fx.cpp:1846:47: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
chn.nPanSwing = static_cast<int16>(((mpt::random<int8>(AccessPRNG()) * pIns->nPanSwing * 4) / 128));
data/libopenmpt-0.4.11/soundlib/Snd_fx.cpp:1855:73: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
int32 d = ((int32)pIns->nCutSwing * (int32)(static_cast<int32>(mpt::random<int8>(AccessPRNG())) + 1)) / 128;
data/libopenmpt-0.4.11/soundlib/Snd_fx.cpp:1862:73: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
int32 d = ((int32)pIns->nResSwing * (int32)(static_cast<int32>(mpt::random<int8>(AccessPRNG())) + 1)) / 128;
data/libopenmpt-0.4.11/soundlib/Sndmix.cpp:777:16: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
return mpt::random<int, 7>(AccessPRNG()) - 0x40;
data/libopenmpt-0.4.11/soundlib/Sndmix.cpp:1740:19: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
vdelta = mpt::random<int, 7>(AccessPRNG()) - 0x40;
data/libopenmpt-0.4.11/soundlib/plugins/LFOPlugin.cpp:462:22: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
m_nextRandom = mpt::random<int32>(m_PRNG) / static_cast<float>(int32_min);
data/libopenmpt-0.4.11/test/test.cpp:186:33: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
std::string env_srcdir = mpt::getenv( "srcdir" );
data/libopenmpt-0.4.11/test/test.cpp:2261:45: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
VERIFY_EQUAL_QUIET_NONCONT(IsInRange(mpt::random<uint16, 7>(prng), 0u, 127u), true);
data/libopenmpt-0.4.11/test/test.cpp:2262:45: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
VERIFY_EQUAL_QUIET_NONCONT(IsInRange(mpt::random<uint16, 8>(prng), 0u, 255u), true);
data/libopenmpt-0.4.11/test/test.cpp:2263:45: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
VERIFY_EQUAL_QUIET_NONCONT(IsInRange(mpt::random<uint16, 9>(prng), 0u, 511u), true);
data/libopenmpt-0.4.11/test/test.cpp:2264:45: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
VERIFY_EQUAL_QUIET_NONCONT(IsInRange(mpt::random<uint64, 1>(prng), 0u, 1u), true);
data/libopenmpt-0.4.11/test/test.cpp:2265:45: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
VERIFY_EQUAL_QUIET_NONCONT(IsInRange(mpt::random<uint16>(prng, 7), 0u, 127u), true);
data/libopenmpt-0.4.11/test/test.cpp:2266:45: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
VERIFY_EQUAL_QUIET_NONCONT(IsInRange(mpt::random<uint16>(prng, 8), 0u, 255u), true);
data/libopenmpt-0.4.11/test/test.cpp:2267:45: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
VERIFY_EQUAL_QUIET_NONCONT(IsInRange(mpt::random<uint16>(prng, 9), 0u, 511u), true);
data/libopenmpt-0.4.11/test/test.cpp:2268:45: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
VERIFY_EQUAL_QUIET_NONCONT(IsInRange(mpt::random<uint64>(prng, 1), 0u, 1u), true);
data/libopenmpt-0.4.11/test/test.cpp:2270:45: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
VERIFY_EQUAL_QUIET_NONCONT(IsInRange(mpt::random<int16, 7>(prng), 0, 127), true);
data/libopenmpt-0.4.11/test/test.cpp:2271:45: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
VERIFY_EQUAL_QUIET_NONCONT(IsInRange(mpt::random<int16, 8>(prng), 0, 255), true);
data/libopenmpt-0.4.11/test/test.cpp:2272:45: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
VERIFY_EQUAL_QUIET_NONCONT(IsInRange(mpt::random<int16, 9>(prng), 0, 511), true);
data/libopenmpt-0.4.11/test/test.cpp:2273:45: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
VERIFY_EQUAL_QUIET_NONCONT(IsInRange(mpt::random<int64, 1>(prng), 0, 1), true);
data/libopenmpt-0.4.11/test/test.cpp:2274:45: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
VERIFY_EQUAL_QUIET_NONCONT(IsInRange(mpt::random<int16>(prng, 7), 0, 127), true);
data/libopenmpt-0.4.11/test/test.cpp:2275:45: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
VERIFY_EQUAL_QUIET_NONCONT(IsInRange(mpt::random<int16>(prng, 8), 0, 255), true);
data/libopenmpt-0.4.11/test/test.cpp:2276:45: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
VERIFY_EQUAL_QUIET_NONCONT(IsInRange(mpt::random<int16>(prng, 9), 0, 511), true);
data/libopenmpt-0.4.11/test/test.cpp:2277:45: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
VERIFY_EQUAL_QUIET_NONCONT(IsInRange(mpt::random<int64>(prng, 1), 0, 1), true);
data/libopenmpt-0.4.11/test/test.cpp:2279:45: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
VERIFY_EQUAL_QUIET_NONCONT(IsInRange(mpt::random<float>(prng, 0.0f, 1.0f), 0.0f, 1.0f), true);
data/libopenmpt-0.4.11/test/test.cpp:2280:45: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
VERIFY_EQUAL_QUIET_NONCONT(IsInRange(mpt::random<double>(prng, 0.0, 1.0), 0.0, 1.0), true);
data/libopenmpt-0.4.11/test/test.cpp:2281:45: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
VERIFY_EQUAL_QUIET_NONCONT(IsInRange(mpt::random<double>(prng, -1.0, 1.0), -1.0, 1.0), true);
data/libopenmpt-0.4.11/test/test.cpp:2282:45: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
VERIFY_EQUAL_QUIET_NONCONT(IsInRange(mpt::random<double>(prng, -1.0, 0.0), -1.0, 0.0), true);
data/libopenmpt-0.4.11/test/test.cpp:2283:45: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
VERIFY_EQUAL_QUIET_NONCONT(IsInRange(mpt::random<double>(prng, 1.0, 2.0), 1.0, 2.0), true);
data/libopenmpt-0.4.11/test/test.cpp:2284:45: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
VERIFY_EQUAL_QUIET_NONCONT(IsInRange(mpt::random<double>(prng, 1.0, 3.0), 1.0, 3.0), true);
data/libopenmpt-0.4.11/test/test.cpp:2291:24: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
uint8 value = mpt::random<uint8>(prng);
data/libopenmpt-0.4.11/test/test.cpp:2303:23: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
int8 value = mpt::random<int8>(prng);
data/libopenmpt-0.4.11/test/test.cpp:2315:24: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
uint8 value = mpt::random<uint8>(prng, 1);
data/libopenmpt-0.4.11/test/test.cpp:4144:7: [3] (random) srand:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
std::srand(0);
data/libopenmpt-0.4.11/test/test.cpp:4147:24: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
sampleData[i] = mpt::random<int8>(*s_PRNG);
data/libopenmpt-0.4.11/test/test.cpp:4212:14: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
return mpt::random(*s_PRNG, 0.0, 1.0);
data/libopenmpt-0.4.11/common/Endianness.h:182:8: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
std::memcpy(&test, probe, sizeof(endian_probe_type));
data/libopenmpt-0.4.11/common/Endianness.h:946:10: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
std::memcpy(data.data(), &val, sizeof(val));
data/libopenmpt-0.4.11/common/Endianness.h:1133:8: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
std::memcpy(&val, mem, sizeof(value_type));
data/libopenmpt-0.4.11/common/Endianness.h:1164:8: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
std::memcpy(&val, mem, sizeof(value_type));
data/libopenmpt-0.4.11/common/Endianness.h:1195:8: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
std::memcpy(&val, mem, sizeof(value_type));
data/libopenmpt-0.4.11/common/FileReader.h:582:8: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
std::memcpy(&target, buf, sizeof(T));
data/libopenmpt-0.4.11/common/FileReader.h:865:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[64];
data/libopenmpt-0.4.11/common/FileReader.h:894:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[64];
data/libopenmpt-0.4.11/common/Logging.cpp:57:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char g_FacilitySolo[1024] = {0};
data/libopenmpt-0.4.11/common/Logging.cpp:58:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char g_FacilityBlocked[1024] = {0};
data/libopenmpt-0.4.11/common/Logging.cpp:131:15: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
s_logfile.open(P_("mptrack.log"), std::ios::app);
data/libopenmpt-0.4.11/common/Logging.cpp:194:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char message[LOGBUF_SIZE];
data/libopenmpt-0.4.11/common/mptCPU.cpp:25:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ProcVendorID[16+1] = "";
data/libopenmpt-0.4.11/common/mptCPU.cpp:26:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ProcBrandID[4*4*3+1] = "";
data/libopenmpt-0.4.11/common/mptCPU.cpp:38:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
typedef char cpuid_result_string[12];
data/libopenmpt-0.4.11/common/mptCPU.h:42:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern char ProcVendorID[16+1];
data/libopenmpt-0.4.11/common/mptCPU.h:43:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern char ProcBrandID[4*4*3+1];
data/libopenmpt-0.4.11/common/mptFileIO.cpp:149:3: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fopen(filename.AsNativePrefixed().c_str(), fopen_mode.c_str())
data/libopenmpt-0.4.11/common/mptFileIO.cpp:462:9: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
m_File.open(m_Filename, std::ios::binary | std::ios::in);
data/libopenmpt-0.4.11/common/mptFileIO.cpp:478:9: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
m_File.open(m_Filename, std::ios::binary | std::ios::in);
data/libopenmpt-0.4.11/common/mptFileIO.h:71:7: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
base.open(mpt::ToCharset(mpt::CharsetLocale, filename.AsNative()).c_str(), mode);
data/libopenmpt-0.4.11/common/mptFileIO.h:73:7: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
base.open(filename.AsNativePrefixed().c_str(), mode);
data/libopenmpt-0.4.11/common/mptFileIO.h:94:7: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
void open(const mpt::PathString & filename, std::ios_base::openmode mode = std::ios_base::in | std::ios_base::out)
data/libopenmpt-0.4.11/common/mptFileIO.h:98:7: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
void open(const char * filename, std::ios_base::openmode mode = std::ios_base::in | std::ios_base::out) = delete;
data/libopenmpt-0.4.11/common/mptFileIO.h:99:7: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
void open(const std::string & filename, std::ios_base::openmode mode = std::ios_base::in | std::ios_base::out) = delete;
data/libopenmpt-0.4.11/common/mptFileIO.h:101:7: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
void open(const wchar_t * filename, std::ios_base::openmode mode = std::ios_base::in | std::ios_base::out) = delete;
data/libopenmpt-0.4.11/common/mptFileIO.h:102:7: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
void open(const std::wstring & filename, std::ios_base::openmode mode = std::ios_base::in | std::ios_base::out) = delete;
data/libopenmpt-0.4.11/common/mptFileIO.h:119:7: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
void open(const mpt::PathString & filename, std::ios_base::openmode mode = std::ios_base::in)
data/libopenmpt-0.4.11/common/mptFileIO.h:123:7: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
void open(const char * filename, std::ios_base::openmode mode = std::ios_base::in) = delete;
data/libopenmpt-0.4.11/common/mptFileIO.h:124:7: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
void open(const std::string & filename, std::ios_base::openmode mode = std::ios_base::in) = delete;
data/libopenmpt-0.4.11/common/mptFileIO.h:126:7: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
void open(const wchar_t * filename, std::ios_base::openmode mode = std::ios_base::in) = delete;
data/libopenmpt-0.4.11/common/mptFileIO.h:127:7: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
void open(const std::wstring & filename, std::ios_base::openmode mode = std::ios_base::in) = delete;
data/libopenmpt-0.4.11/common/mptFileIO.h:153:7: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
void open(const mpt::PathString & filename, std::ios_base::openmode mode = std::ios_base::out)
data/libopenmpt-0.4.11/common/mptFileIO.h:157:7: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
void open(const char * filename, std::ios_base::openmode mode = std::ios_base::out) = delete;
data/libopenmpt-0.4.11/common/mptFileIO.h:158:7: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
void open(const std::string & filename, std::ios_base::openmode mode = std::ios_base::out) = delete;
data/libopenmpt-0.4.11/common/mptFileIO.h:160:7: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
void open(const wchar_t * filename, std::ios_base::openmode mode = std::ios_base::out) = delete;
data/libopenmpt-0.4.11/common/mptFileIO.h:161:7: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
void open(const std::wstring & filename, std::ios_base::openmode mode = std::ios_base::out) = delete;
data/libopenmpt-0.4.11/common/mptIO.h:257:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
std::memcpy(&val, bytes, sizeof(T));
data/libopenmpt-0.4.11/common/mptIO.h:278:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
std::memcpy(&val, bytes, sizeof(T));
data/libopenmpt-0.4.11/common/mptIO.h:299:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
std::memcpy(&val, bytes, sizeof(T));
data/libopenmpt-0.4.11/common/mptMemory.h:185:8: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
std::memcpy(&dst, &src, sizeof(Tdst));
data/libopenmpt-0.4.11/common/mptRandom.cpp:90:8: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
std::memcpy(bytes, &time, sizeof(time));
data/libopenmpt-0.4.11/common/mptRandom.cpp:98:8: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
std::memcpy(bytes, &time, sizeof(time));
data/libopenmpt-0.4.11/common/mptString.cpp:1300:23: [2] (buffer) MultiByteToWideChar:
Requires maximum length in CHARACTERS, not bytes (CWE-120).
int required_size = MultiByteToWideChar(codepage, 0, reinterpret_cast<const char*>(src.c_str()), -1, nullptr, 0);
data/libopenmpt-0.4.11/common/mptString.cpp:1307:4: [2] (buffer) MultiByteToWideChar:
Requires maximum length in CHARACTERS, not bytes (CWE-120).
MultiByteToWideChar(codepage, 0, reinterpret_cast<const char*>(src.c_str()), -1, decoded_string.data(), required_size);
data/libopenmpt-0.4.11/common/mptString.cpp:1312:4: [2] (buffer) MultiByteToWideChar:
Requires maximum length in CHARACTERS, not bytes (CWE-120).
MultiByteToWideChar(codepage, 0, reinterpret_cast<const char*>(src.c_str()), -1, decoded_string.data(), required_size);
data/libopenmpt-0.4.11/common/mptString.cpp:1339:10: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
std::memcpy(outbuf, &tmp, sizeof(widechar));
data/libopenmpt-0.4.11/common/mptString.cpp:1723:22: [2] (buffer) MultiByteToWideChar:
Requires maximum length in CHARACTERS, not bytes (CWE-120).
int required_size = MultiByteToWideChar(codepage, 0, src.c_str(), -1, nullptr, 0);
data/libopenmpt-0.4.11/common/mptString.cpp:1730:3: [2] (buffer) MultiByteToWideChar:
Requires maximum length in CHARACTERS, not bytes (CWE-120).
MultiByteToWideChar(codepage, 0, src.c_str(), -1, decoded_string.data(), required_size);
data/libopenmpt-0.4.11/common/mptString.cpp:1735:3: [2] (buffer) MultiByteToWideChar:
Requires maximum length in CHARACTERS, not bytes (CWE-120).
MultiByteToWideChar(codepage, 0, src.c_str(), -1, decoded_string.data(), required_size);
data/libopenmpt-0.4.11/common/mptTime.cpp:60:2: [2] (buffer) TCHAR:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
TCHAR buf[bufsize];
data/libopenmpt-0.4.11/common/serialization_utils.cpp:127:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
std::memcpy(&val, m_ID.data(), m_ID.length());
data/libopenmpt-0.4.11/common/serialization_utils.cpp:430:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char temp[sizeof(s_EntryID)];
data/libopenmpt-0.4.11/common/serialization_utils.cpp:442:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char storedIdBuf[256];
data/libopenmpt-0.4.11/common/serialization_utils.h:291:15: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const char s_EntryID[3];
data/libopenmpt-0.4.11/debian/tests/pattern-dump-c.c:16:21: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE* in_file = fopen(argv[1], "rb");
data/libopenmpt-0.4.11/debian/tests/pattern-dump-modplug.c:17:21: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE* in_file = fopen(filename, "rb");
data/libopenmpt-0.4.11/examples/libopenmpt_example_c.c:105:9: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
file = fopen( argv[1], "rb" );
data/libopenmpt-0.4.11/examples/libopenmpt_example_c_mem.c:108:9: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
file = fopen( filename, "rb" );
data/libopenmpt-0.4.11/examples/libopenmpt_example_c_probe.c:73:9: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
file = fopen( filename, "rb" );
data/libopenmpt-0.4.11/examples/libopenmpt_example_c_stdout.c:118:9: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
file = fopen( argv[1], "rb" );
data/libopenmpt-0.4.11/examples/libopenmpt_example_c_unsafe.c:46:9: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
file = fopen( argv[1], "rb" );
data/libopenmpt-0.4.11/libmodplug/sndfile.h:441:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char szName[MAX_CHANNELNAME]; // changed from CHAR
data/libopenmpt-0.4.11/libmodplug/sndfile.h:526:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char szMidiGlb[9*32]; // changed from CHAR
data/libopenmpt-0.4.11/libmodplug/sndfile.h:527:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char szMidiSFXExt[16*32]; // changed from CHAR
data/libopenmpt-0.4.11/libmodplug/sndfile.h:528:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char szMidiZXXExt[128*32]; // changed from CHAR
data/libopenmpt-0.4.11/libmodplug/sndfile.h:579:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char m_szNames[MAX_INSTRUMENTS][32]; // changed from CHAR
data/libopenmpt-0.4.11/libopenmpt/libopenmpt_cxx.cpp:33:8: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
std::memcpy( text, text_.c_str(), text_.length() + 1 );
data/libopenmpt-0.4.11/libopenmpt/libopenmpt_cxx.cpp:44:8: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
std::memcpy( text, text_, std::strlen( text_ ) + 1 );
data/libopenmpt-0.4.11/libopenmpt/libopenmpt_cxx.cpp:67:8: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
std::memcpy( text, text_, std::strlen( text_ ) + 1 );
data/libopenmpt-0.4.11/libopenmpt/libopenmpt_impl.cpp:746:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[ PROBE_RECOMMENDED_SIZE ];
data/libopenmpt-0.4.11/libopenmpt/libopenmpt_impl.cpp:788:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[ PROBE_RECOMMENDED_SIZE ];
data/libopenmpt-0.4.11/libopenmpt/libopenmpt_modplug.c:130:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&file->settings,&globalsettings,sizeof(ModPlug_Settings));
data/libopenmpt-0.4.11/libopenmpt/libopenmpt_modplug.c:311:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(settings,&globalsettings,sizeof(ModPlug_Settings));
data/libopenmpt-0.4.11/libopenmpt/libopenmpt_modplug.c:317:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&globalsettings,settings,sizeof(ModPlug_Settings));
data/libopenmpt-0.4.11/libopenmpt/libopenmpt_modplug.c:481:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[32];
data/libopenmpt-0.4.11/libopenmpt/libopenmpt_modplug.c:498:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[32];
data/libopenmpt-0.4.11/libopenmpt/libopenmpt_modplug.c:547:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&file->patterns[pattern][r*numc+c],¬e,sizeof(ModPlugNote));
data/libopenmpt-0.4.11/libopenmpt/libopenmpt_modplug_cpp.cpp:85:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
std::memcpy( that->CompressionTable, self_union.CompressionTable, sizeof( self_union.CompressionTable ) );
data/libopenmpt-0.4.11/libopenmpt/libopenmpt_modplug_cpp.cpp:307:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[32];
data/libopenmpt-0.4.11/libopenmpt/libopenmpt_modplug_cpp.cpp:323:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[32];
data/libopenmpt-0.4.11/libopenmpt/libopenmpt_stream_callbacks_buffer.h:85:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( dst, (const char*)s->file_data + s->file_pos, valid_bytes );
data/libopenmpt-0.4.11/openmpt123/openmpt123.cpp:521:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char sndfile_info[128];
data/libopenmpt-0.4.11/openmpt123/openmpt123.cpp:882:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const char * const channel_tags[4][4] = {
data/libopenmpt-0.4.11/openmpt123/openmpt123.cpp:1187:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cpu_str[64] = "";
data/libopenmpt-0.4.11/openmpt123/openmpt123.cpp:1196:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( cpu_str, "%.2f%%", cpu_smooth * 100.0 );
data/libopenmpt-0.4.11/openmpt123/openmpt123.cpp:1637:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[BUFFER_SIZE];
data/libopenmpt-0.4.11/openmpt123/openmpt123.cpp:1647:17: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
file_stream.open( utf8_to_wstring( filename ), std::ios::binary );
data/libopenmpt-0.4.11/openmpt123/openmpt123.cpp:1652:17: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
file_stream.open( filename, std::ios::binary );
data/libopenmpt-0.4.11/openmpt123/openmpt123.cpp:1713:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[BUFFER_SIZE];
data/libopenmpt-0.4.11/openmpt123/openmpt123.cpp:1723:17: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
file_stream.open( utf8_to_wstring( filename ), std::ios::binary );
data/libopenmpt-0.4.11/openmpt123/openmpt123.cpp:1728:17: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
file_stream.open( filename, std::ios::binary );
data/libopenmpt-0.4.11/openmpt123/openmpt123.cpp:1880:6: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[BUFFER_SIZE];
data/libopenmpt-0.4.11/openmpt123/openmpt123.cpp:1889:16: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
file_stream.open( utf8_to_wstring( filename ), std::ios::binary );
data/libopenmpt-0.4.11/openmpt123/openmpt123.cpp:1891:16: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
file_stream.open( filename, std::ios::binary );
data/libopenmpt-0.4.11/openmpt123/openmpt123.hpp:46:22: [2] (buffer) MultiByteToWideChar:
Requires maximum length in CHARACTERS, not bytes (CWE-120).
int required_size = MultiByteToWideChar( CP_UTF8, 0, utf8_string.c_str(), -1, NULL, 0 );
data/libopenmpt-0.4.11/openmpt123/openmpt123.hpp:51:2: [2] (buffer) MultiByteToWideChar:
Requires maximum length in CHARACTERS, not bytes (CWE-120).
MultiByteToWideChar( CP_UTF8, 0, utf8_string.data(), -1, &unicode_buf[0], required_size );
data/libopenmpt-0.4.11/openmpt123/openmpt123.hpp:66:22: [2] (buffer) MultiByteToWideChar:
Requires maximum length in CHARACTERS, not bytes (CWE-120).
int required_size = MultiByteToWideChar( CP_ACP, 0, locale_string.c_str(), -1, NULL, 0 );
data/libopenmpt-0.4.11/openmpt123/openmpt123.hpp:71:2: [2] (buffer) MultiByteToWideChar:
Requires maximum length in CHARACTERS, not bytes (CWE-120).
MultiByteToWideChar( CP_ACP, 0, locale_string.data(), -1, &unicode_buf[0], required_size );
data/libopenmpt-0.4.11/openmpt123/openmpt123_allegro42.hpp:141:11: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
std::memcpy( reinterpret_cast<unsigned char *>( p ) + ( ( ( frame * channels ) + channel ) * sizeof( std::uint8_t ) ), &u8sample, sizeof( std::uint8_t ) );
data/libopenmpt-0.4.11/openmpt123/openmpt123_allegro42.hpp:144:11: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
std::memcpy( reinterpret_cast<unsigned char *>( p ) + ( ( ( frame * channels ) + channel ) * sizeof( std::uint16_t ) ), &u16sample, sizeof( std::uint16_t ) );
data/libopenmpt-0.4.11/openmpt123/openmpt123_mmio.hpp:98:10: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
std::memcpy( data_info.pchNext, &( buffers[channel][frame] ), sizeof( float ) );
data/libopenmpt-0.4.11/openmpt123/openmpt123_mmio.hpp:111:10: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
std::memcpy( data_info.pchNext, &( buffers[channel][frame] ), sizeof( std::int16_t ) );
data/libopenmpt-0.4.11/openmpt123/openmpt123_sdl.hpp:102:10: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
std::memcpy( stream, &sample, sizeof( std::int16_t ) );
data/libopenmpt-0.4.11/openmpt123/openmpt123_sdl2.hpp:103:8: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
std::memcpy( &audiospec_obtained, &audiospec, sizeof( SDL_AudioSpec ) );
data/libopenmpt-0.4.11/openmpt123/openmpt123_sdl2.hpp:129:10: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
std::memcpy( stream, &sample, sizeof( Tsample ) );
data/libopenmpt-0.4.11/openmpt123/openmpt123_waveout.hpp:152:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[ sizeof( Tsample ) ];
data/libopenmpt-0.4.11/openmpt123/openmpt123_waveout.hpp:153:10: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
std::memcpy( buf, &val, sizeof( Tsample ) );
data/libopenmpt-0.4.11/soundlib/ContainerMMCMP.cpp:28:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char id[8]; // "ziRCONia"
data/libopenmpt-0.4.11/soundlib/ContainerPP20.cpp:116:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char magic[4]; // "PP20"
data/libopenmpt-0.4.11/soundlib/ContainerXPK.cpp:29:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char XPKF[4];
data/libopenmpt-0.4.11/soundlib/ContainerXPK.cpp:31:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char SQSH[4];
data/libopenmpt-0.4.11/soundlib/ContainerXPK.cpp:33:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char Name[16];
data/libopenmpt-0.4.11/soundlib/Dlsbank.cpp:358:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char achPresetName[20];
data/libopenmpt-0.4.11/soundlib/Dlsbank.cpp:387:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char achInstName[20];
data/libopenmpt-0.4.11/soundlib/Dlsbank.cpp:411:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char achSampleName[20];
data/libopenmpt-0.4.11/soundlib/Dlsbank.cpp:828:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char sid[5];
data/libopenmpt-0.4.11/soundlib/Dlsbank.cpp:829:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(sid, &pchunk->id, 4);
data/libopenmpt-0.4.11/soundlib/Dlsbank.cpp:977:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char sdbg[5];
data/libopenmpt-0.4.11/soundlib/Dlsbank.cpp:978:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(sdbg, &header.id, 4);
data/libopenmpt-0.4.11/soundlib/Dlsbank.cpp:1383:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char sdbg[5];
data/libopenmpt-0.4.11/soundlib/Dlsbank.cpp:1384:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(sdbg, &chunkHeader.id, 4);
data/libopenmpt-0.4.11/soundlib/Dlsbank.cpp:1506:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(waveData.data(), &chunk, 12);
data/libopenmpt-0.4.11/soundlib/Dlsbank.cpp:1704:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char s[64] = "";
data/libopenmpt-0.4.11/soundlib/Dlsbank.h:68:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char szName[32];
data/libopenmpt-0.4.11/soundlib/Dlsbank.h:75:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char szName[20];
data/libopenmpt-0.4.11/soundlib/ITTools.cpp:170:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(id, "IMPI", 4);
data/libopenmpt-0.4.11/soundlib/ITTools.cpp:406:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(iti.dummy, "XTPM", 4);
data/libopenmpt-0.4.11/soundlib/ITTools.cpp:442:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(id, "IMPS", 4);
data/libopenmpt-0.4.11/soundlib/ITTools.h:46:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char id[4]; // Magic Bytes (IMPM)
data/libopenmpt-0.4.11/soundlib/ITTools.h:47:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char songname[26]; // Song Name, null-terminated (but may also contain nulls)
data/libopenmpt-0.4.11/soundlib/ITTools.h:121:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char id[4]; // Magic Bytes (IMPI)
data/libopenmpt-0.4.11/soundlib/ITTools.h:122:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char filename[13]; // DOS Filename, null-terminated
data/libopenmpt-0.4.11/soundlib/ITTools.h:128:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char reserved1[2]; // Reserved
data/libopenmpt-0.4.11/soundlib/ITTools.h:135:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[26]; // Instrument Name, null-terminated (but may also contain nulls)
data/libopenmpt-0.4.11/soundlib/ITTools.h:136:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char reserved3[6]; // Even more reserved bytes
data/libopenmpt-0.4.11/soundlib/ITTools.h:158:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char id[4]; // Magic Bytes (IMPI)
data/libopenmpt-0.4.11/soundlib/ITTools.h:159:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char filename[13]; // DOS Filename, null-terminated
data/libopenmpt-0.4.11/soundlib/ITTools.h:173:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[26]; // Instrument Name, null-terminated (but may also contain nulls)
data/libopenmpt-0.4.11/soundlib/ITTools.h:183:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char dummy[4]; // IT saves some additional padding bytes to match the size of the old instrument format for simplified loading. We use them for some hacks.
data/libopenmpt-0.4.11/soundlib/ITTools.h:242:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char id[4]; // Magic Bytes (IMPS)
data/libopenmpt-0.4.11/soundlib/ITTools.h:243:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char filename[13]; // DOS Filename, null-terminated
data/libopenmpt-0.4.11/soundlib/ITTools.h:247:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[26]; // Sample Name, null-terminated (but may also contain nulls)
data/libopenmpt-0.4.11/soundlib/Load_669.cpp:20:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char magic[2]; // 'if' (0x6669, ha ha) or 'JN'
data/libopenmpt-0.4.11/soundlib/Load_669.cpp:21:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char songMessage[108]; // Song Message
data/libopenmpt-0.4.11/soundlib/Load_669.cpp:35:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char filename[13];
data/libopenmpt-0.4.11/soundlib/Load_amf.cpp:24:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char signature[32];
data/libopenmpt-0.4.11/soundlib/Load_amf.cpp:39:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[22];
data/libopenmpt-0.4.11/soundlib/Load_amf.cpp:71:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char amf[3];
data/libopenmpt-0.4.11/soundlib/Load_amf.cpp:73:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char title[32];
data/libopenmpt-0.4.11/soundlib/Load_ams.cpp:445:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[11];
data/libopenmpt-0.4.11/soundlib/Load_ams.cpp:976:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char patternName[11];
data/libopenmpt-0.4.11/soundlib/Load_ams.cpp:1027:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(sample.sampleb(), source.sampleb(), source.GetSampleSizeInBytes());
data/libopenmpt-0.4.11/soundlib/Load_c67.cpp:31:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char sampleNames[32][13];
data/libopenmpt-0.4.11/soundlib/Load_c67.cpp:33:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fmInstrNames[32][13];
data/libopenmpt-0.4.11/soundlib/Load_dbm.cpp:27:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char dbm0[4];
data/libopenmpt-0.4.11/soundlib/Load_dbm.cpp:30:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char reserved[2];
data/libopenmpt-0.4.11/soundlib/Load_dbm.cpp:93:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[30];
data/libopenmpt-0.4.11/soundlib/Load_dbm.cpp:369:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[44];
data/libopenmpt-0.4.11/soundlib/Load_dbm.cpp:600:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&plugin.Info.dwPluginId1, "DBM0", 4);
data/libopenmpt-0.4.11/soundlib/Load_dbm.cpp:601:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&plugin.Info.dwPluginId2, "Echo", 4);
data/libopenmpt-0.4.11/soundlib/Load_dbm.cpp:685:6: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(sample.sampleb(), smpData, sample.GetSampleSizeInBytes());
data/libopenmpt-0.4.11/soundlib/Load_digi.cpp:19:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char signature[20];
data/libopenmpt-0.4.11/soundlib/Load_digi.cpp:20:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char versionStr[4]; // Supposed to be "V1.6" or similar, but other values like "TAP!" have been found as well.
data/libopenmpt-0.4.11/soundlib/Load_digi.cpp:24:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char unknown[19];
data/libopenmpt-0.4.11/soundlib/Load_dmf.cpp:26:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char signature[4]; // "DDMF"
data/libopenmpt-0.4.11/soundlib/Load_dmf.cpp:28:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tracker[8]; // "XTRACKER"
data/libopenmpt-0.4.11/soundlib/Load_dmf.cpp:29:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char songname[30];
data/libopenmpt-0.4.11/soundlib/Load_dmf.cpp:30:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char composer[20];
data/libopenmpt-0.4.11/soundlib/Load_dsm.cpp:31:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char magic[4];
data/libopenmpt-0.4.11/soundlib/Load_dsm.cpp:40:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char songName[28];
data/libopenmpt-0.4.11/soundlib/Load_dsm.cpp:62:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char filename[13];
data/libopenmpt-0.4.11/soundlib/Load_dsm.cpp:70:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char sampleName[28];
data/libopenmpt-0.4.11/soundlib/Load_dsm.cpp:109:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fileMagic0[4];
data/libopenmpt-0.4.11/soundlib/Load_dsm.cpp:110:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fileMagic1[4];
data/libopenmpt-0.4.11/soundlib/Load_dsm.cpp:111:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fileMagic2[4];
data/libopenmpt-0.4.11/soundlib/Load_dtm.cpp:27:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char magic[4];
data/libopenmpt-0.4.11/soundlib/Load_dtm.cpp:85:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[22];
data/libopenmpt-0.4.11/soundlib/Load_far.cpp:21:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char songName[40];
data/libopenmpt-0.4.11/soundlib/Load_far.cpp:58:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[32];
data/libopenmpt-0.4.11/soundlib/Load_gdm.cpp:27:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char magic[4]; // ID: 'GDM\xFE'
data/libopenmpt-0.4.11/soundlib/Load_gdm.cpp:28:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char songTitle[32]; // Music's title
data/libopenmpt-0.4.11/soundlib/Load_gdm.cpp:29:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char songMusician[32]; // Name of music's composer
data/libopenmpt-0.4.11/soundlib/Load_gdm.cpp:30:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char dosEOF[3]; // 13, 10, 26
data/libopenmpt-0.4.11/soundlib/Load_gdm.cpp:31:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char magic2[4]; // ID: 'GMFS'
data/libopenmpt-0.4.11/soundlib/Load_gdm.cpp:78:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[32]; // sample's name
data/libopenmpt-0.4.11/soundlib/Load_gdm.cpp:79:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fileName[12]; // sample's filename
data/libopenmpt-0.4.11/soundlib/Load_imf.cpp:19:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[12]; // Channel name (ASCIIZ-String, max 11 chars)
data/libopenmpt-0.4.11/soundlib/Load_imf.cpp:35:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char title[32]; // Songname (ASCIIZ-String, max. 31 chars)
data/libopenmpt-0.4.11/soundlib/Load_imf.cpp:46:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char im10[4]; // 'IM10'
data/libopenmpt-0.4.11/soundlib/Load_imf.cpp:88:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[32]; // Inst. name (ASCIIZ-String, max. 31 chars)
data/libopenmpt-0.4.11/soundlib/Load_imf.cpp:95:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ii10[4]; // 'II10'
data/libopenmpt-0.4.11/soundlib/Load_imf.cpp:159:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char filename[13]; // Sample filename (12345678.ABC) */
data/libopenmpt-0.4.11/soundlib/Load_imf.cpp:172:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char is10[4]; // 'IS10'
data/libopenmpt-0.4.11/soundlib/Load_it.cpp:340:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[MAX_PATTERNNAME] = "";
data/libopenmpt-0.4.11/soundlib/Load_it.cpp:1361:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(itHeader.id, "IMPM", 4);
data/libopenmpt-0.4.11/soundlib/Load_it.cpp:1417:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&itHeader.reserved, "OMPT", 4);
data/libopenmpt-0.4.11/soundlib/Load_it.cpp:1530:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[MAX_PATTERNNAME];
data/libopenmpt-0.4.11/soundlib/Load_it.cpp:1544:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[MAX_CHANNELNAME];
data/libopenmpt-0.4.11/soundlib/Load_it.cpp:1942:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char id[4] = { 'F', 'X', '0', '0' };
data/libopenmpt-0.4.11/soundlib/Load_it.cpp:2013:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char code[4];
data/libopenmpt-0.4.11/soundlib/Load_it.cpp:2086:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char code[4];
data/libopenmpt-0.4.11/soundlib/Load_itp.cpp:283:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char patName[32];
data/libopenmpt-0.4.11/soundlib/Load_mdl.cpp:20:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char id[4]; // "DMDL"
data/libopenmpt-0.4.11/soundlib/Load_mdl.cpp:65:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char title[32];
data/libopenmpt-0.4.11/soundlib/Load_mdl.cpp:66:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char composer[20];
data/libopenmpt-0.4.11/soundlib/Load_mdl.cpp:140:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[16];
data/libopenmpt-0.4.11/soundlib/Load_mdl.cpp:706:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[17] = "";
data/libopenmpt-0.4.11/soundlib/Load_mdl.cpp:807:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[17];
data/libopenmpt-0.4.11/soundlib/Load_med.cpp:65:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char id[4]; // MMD1-MMD3
data/libopenmpt-0.4.11/soundlib/Load_med.cpp:233:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[32];
data/libopenmpt-0.4.11/soundlib/Load_mid.cpp:32:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *szMidiGroupNames[17] =
data/libopenmpt-0.4.11/soundlib/Load_mid.cpp:54:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *szMidiProgramNames[128] =
data/libopenmpt-0.4.11/soundlib/Load_mid.cpp:204:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char *szMidiPercussionNames[61] =
data/libopenmpt-0.4.11/soundlib/Load_mid.cpp:336:4: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(pIns->name, "Percussions");
data/libopenmpt-0.4.11/soundlib/Load_mid.cpp:561:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char magic[4];
data/libopenmpt-0.4.11/soundlib/Load_mid.cpp:591:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char id[4];
data/libopenmpt-0.4.11/soundlib/Load_mo3.cpp:706:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char magic[3]; // MO3
data/libopenmpt-0.4.11/soundlib/Load_mo3.cpp:1340:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(sample.sampleb(), smpFrom.sampleb(), sample.GetSampleSizeInBytes());
data/libopenmpt-0.4.11/soundlib/Load_mo3.cpp:1844:6: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char patName[MAX_PATTERNNAME];
data/libopenmpt-0.4.11/soundlib/Load_mod.cpp:217:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[22];
data/libopenmpt-0.4.11/soundlib/Load_mod.cpp:348:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char am[2]; // "AM"
data/libopenmpt-0.4.11/soundlib/Load_mod.cpp:349:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char zero[4];
data/libopenmpt-0.4.11/soundlib/Load_mod.cpp:473:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[32];
data/libopenmpt-0.4.11/soundlib/Load_mod.cpp:677:33: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static bool CheckMODMagic(const char magic[4], MODMagicResult &result)
data/libopenmpt-0.4.11/soundlib/Load_mod.cpp:757:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char magic[4];
data/libopenmpt-0.4.11/soundlib/Load_mod.cpp:785:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char magic[4];
data/libopenmpt-0.4.11/soundlib/Load_mod.cpp:1181:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char stMagic[16];
data/libopenmpt-0.4.11/soundlib/Load_mod.cpp:1302:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char songname[20];
data/libopenmpt-0.4.11/soundlib/Load_mod.cpp:1455:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char songname[20];
data/libopenmpt-0.4.11/soundlib/Load_mod.cpp:1456:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
std::memcpy(songname, fileHeaders.songname, 20);
data/libopenmpt-0.4.11/soundlib/Load_mod.cpp:1817:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char magic[4];
data/libopenmpt-0.4.11/soundlib/Load_mod.cpp:1863:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char magic[4];
data/libopenmpt-0.4.11/soundlib/Load_mod.cpp:2028:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char magicFORM[4]; // "FORM"
data/libopenmpt-0.4.11/soundlib/Load_mod.cpp:2030:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char magicMODL[4]; // "MODL"
data/libopenmpt-0.4.11/soundlib/Load_mod.cpp:2204:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[20];
data/libopenmpt-0.4.11/soundlib/Load_mod.cpp:2270:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char modMagic[4];
data/libopenmpt-0.4.11/soundlib/Load_mod.cpp:2276:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(modMagic, "M.K.", 4);
data/libopenmpt-0.4.11/soundlib/Load_mod.cpp:2278:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(modMagic, "M!K!", 4);
data/libopenmpt-0.4.11/soundlib/Load_mod.cpp:2281:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(modMagic, "0CHN", 4);
data/libopenmpt-0.4.11/soundlib/Load_mod.cpp:2285:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(modMagic, "00CH", 4);
data/libopenmpt-0.4.11/soundlib/Load_mt2.cpp:34:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char signature[4]; // "MT20"
data/libopenmpt-0.4.11/soundlib/Load_mt2.cpp:37:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char trackerName[32]; // "MadTracker 2.0"
data/libopenmpt-0.4.11/soundlib/Load_mt2.cpp:38:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char songName[64];
data/libopenmpt-0.4.11/soundlib/Load_mt2.cpp:190:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char dll[64];
data/libopenmpt-0.4.11/soundlib/Load_mt2.cpp:191:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char programName[28];
data/libopenmpt-0.4.11/soundlib/Load_mt2.cpp:198:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char reserved[17];
data/libopenmpt-0.4.11/soundlib/Load_mt2.cpp:734:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(mixPlug.pluginData.data(), "fEvN", 4); // 'NvEf' plugin data type
data/libopenmpt-0.4.11/soundlib/Load_mt2.cpp:800:6: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(mptIns->name, "Drum #x");
data/libopenmpt-0.4.11/soundlib/Load_mt2.cpp:896:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char instrName[32];
data/libopenmpt-0.4.11/soundlib/Load_mt2.cpp:1010:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char sampleName[32];
data/libopenmpt-0.4.11/soundlib/Load_mtm.cpp:20:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char id[3]; // MTM file marker
data/libopenmpt-0.4.11/soundlib/Load_mtm.cpp:22:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char songName[20]; // ASCIIZ songname
data/libopenmpt-0.4.11/soundlib/Load_mtm.cpp:40:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char samplename[22];
data/libopenmpt-0.4.11/soundlib/Load_okt.cpp:40:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[20];
data/libopenmpt-0.4.11/soundlib/Load_plm.cpp:19:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char magic[4]; // "PLM\x1A"
data/libopenmpt-0.4.11/soundlib/Load_plm.cpp:22:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char songName[48];
data/libopenmpt-0.4.11/soundlib/Load_plm.cpp:46:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char magic[4]; // "PLS\x1A"
data/libopenmpt-0.4.11/soundlib/Load_plm.cpp:49:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[32];
data/libopenmpt-0.4.11/soundlib/Load_plm.cpp:50:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char filename[12];
data/libopenmpt-0.4.11/soundlib/Load_plm.cpp:55:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char unused[4];
data/libopenmpt-0.4.11/soundlib/Load_plm.cpp:70:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[25];
data/libopenmpt-0.4.11/soundlib/Load_psm.cpp:30:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char formatID[4]; // "PSM " (new format)
data/libopenmpt-0.4.11/soundlib/Load_psm.cpp:32:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fileInfoID[4]; // "FILE"
data/libopenmpt-0.4.11/soundlib/Load_psm.cpp:74:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char songType[9]; // Mostly "MAINSONG " (But not in Extreme Pinball!)
data/libopenmpt-0.4.11/soundlib/Load_psm.cpp:86:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fileName[8]; // Filename of the original module (without extension)
data/libopenmpt-0.4.11/soundlib/Load_psm.cpp:87:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char sampleID[4]; // INS0...INS9 (only last digit of sample ID, i.e. sample 1 and sample 11 are equal)
data/libopenmpt-0.4.11/soundlib/Load_psm.cpp:88:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char sampleName[33];
data/libopenmpt-0.4.11/soundlib/Load_psm.cpp:99:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char padding[19]; // 00 ... 00
data/libopenmpt-0.4.11/soundlib/Load_psm.cpp:129:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fileName[8]; // Filename of the original module (without extension)
data/libopenmpt-0.4.11/soundlib/Load_psm.cpp:130:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char sampleID[8]; // INS0...INS99999
data/libopenmpt-0.4.11/soundlib/Load_psm.cpp:131:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char sampleName[33];
data/libopenmpt-0.4.11/soundlib/Load_psm.cpp:142:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char padding[16]; // 00 ... 00
data/libopenmpt-0.4.11/soundlib/Load_psm.cpp:170:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char songName[10];
data/libopenmpt-0.4.11/soundlib/Load_psm.cpp:197:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char patternID[5];
data/libopenmpt-0.4.11/soundlib/Load_psm.cpp:359:6: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cversion[7];
data/libopenmpt-0.4.11/soundlib/Load_psm.cpp:962:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char formatID[4]; // "PSM\xFE" (PSM16)
data/libopenmpt-0.4.11/soundlib/Load_psm.cpp:963:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char songName[59]; // Song title, padded with nulls
data/libopenmpt-0.4.11/soundlib/Load_psm.cpp:983:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char filler[40];
data/libopenmpt-0.4.11/soundlib/Load_psm.cpp:1000:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char filename[13]; // null-terminated
data/libopenmpt-0.4.11/soundlib/Load_psm.cpp:1001:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[24]; // ditto
data/libopenmpt-0.4.11/soundlib/Load_ptm.cpp:19:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char songname[28]; // Name of song, asciiz string
data/libopenmpt-0.4.11/soundlib/Load_ptm.cpp:30:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char magic[4]; // Song identification, 'PTMF'
data/libopenmpt-0.4.11/soundlib/Load_ptm.cpp:52:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char filename[12]; // Name of external sample file
data/libopenmpt-0.4.11/soundlib/Load_ptm.cpp:61:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char samplename[28]; // Name of sample, ASCIIZ
data/libopenmpt-0.4.11/soundlib/Load_ptm.cpp:62:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char magic[4]; // Sample identification, 'PTMS'
data/libopenmpt-0.4.11/soundlib/Load_s3m.cpp:693:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(fileHeader.magic, "SCRM", 4);
data/libopenmpt-0.4.11/soundlib/Load_sfx.cpp:30:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[22];
data/libopenmpt-0.4.11/soundlib/Load_sfx.cpp:31:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char dummy[2]; // Supposedly sample length, but almost always incorrect
data/libopenmpt-0.4.11/soundlib/Load_stm.cpp:20:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char filename[12]; // Can't have long comments - just filename comments :)
data/libopenmpt-0.4.11/soundlib/Load_stm.cpp:62:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char songname[20];
data/libopenmpt-0.4.11/soundlib/Load_stm.cpp:63:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char trackername[8]; // !Scream! for ST 2.xx
data/libopenmpt-0.4.11/soundlib/Load_stp.cpp:26:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char magic[4];
data/libopenmpt-0.4.11/soundlib/Load_stp.cpp:132:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
std::memcpy(dest.sampleb(), src.sampleb() + start, len);
data/libopenmpt-0.4.11/soundlib/Load_stp.cpp:187:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(newSmp.sampleb() + start, smp.sampleb() + info.loopStart, info.loopLength);
data/libopenmpt-0.4.11/soundlib/Load_ult.cpp:19:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char signature[14]; // "MAS_UTrack_V00"
data/libopenmpt-0.4.11/soundlib/Load_ult.cpp:21:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char songName[32]; // Song Name, not guaranteed to be null-terminated
data/libopenmpt-0.4.11/soundlib/Load_ult.cpp:37:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[32];
data/libopenmpt-0.4.11/soundlib/Load_ult.cpp:38:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char filename[12];
data/libopenmpt-0.4.11/soundlib/Load_xm.cpp:609:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char patName[MAX_PATTERNNAME];
data/libopenmpt-0.4.11/soundlib/Load_xm.cpp:758:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(fileHeader.signature, "Extended Module: ", 17);
data/libopenmpt-0.4.11/soundlib/Load_xm.cpp:1094:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[MAX_PATTERNNAME];
data/libopenmpt-0.4.11/soundlib/Load_xm.cpp:1113:6: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[MAX_CHANNELNAME];
data/libopenmpt-0.4.11/soundlib/MIDIMacros.cpp:327:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(szMidiGlb[MIDIOUT_START], "FF");
data/libopenmpt-0.4.11/soundlib/MIDIMacros.cpp:328:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(szMidiGlb[MIDIOUT_STOP], "FC");
data/libopenmpt-0.4.11/soundlib/MIDIMacros.cpp:329:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(szMidiGlb[MIDIOUT_NOTEON], "9c n v");
data/libopenmpt-0.4.11/soundlib/MIDIMacros.cpp:330:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(szMidiGlb[MIDIOUT_NOTEOFF], "9c n 0");
data/libopenmpt-0.4.11/soundlib/MIDIMacros.cpp:331:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(szMidiGlb[MIDIOUT_PROGRAM], "Cc p");
data/libopenmpt-0.4.11/soundlib/MIDIMacros.h:87:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
typedef char Macro[MACRO_LENGTH];
data/libopenmpt-0.4.11/soundlib/ModChannel.h:202:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char szName[MAX_CHANNELNAME]; // Channel name
data/libopenmpt-0.4.11/soundlib/ModInstrument.h:108:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[MAX_INSTRUMENTNAME];
data/libopenmpt-0.4.11/soundlib/ModInstrument.h:109:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char filename[MAX_INSTRUMENTFILENAME];
data/libopenmpt-0.4.11/soundlib/ModSample.h:45:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char filename[MAX_SAMPLEFILENAME];
data/libopenmpt-0.4.11/soundlib/OggStream.cpp:160:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char rawHeader[sizeof(PageHeader)];
data/libopenmpt-0.4.11/soundlib/OggStream.cpp:161:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
std::memcpy(rawHeader, &pageInfo.header, sizeof(PageHeader));
data/libopenmpt-0.4.11/soundlib/OggStream.h:29:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char capture_pattern[4]; // "OggS"
data/libopenmpt-0.4.11/soundlib/S3MTools.cpp:44:8: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
std::memcpy(patch.data() + 0, mpt::as_raw_memory(length).data(), 4);
data/libopenmpt-0.4.11/soundlib/S3MTools.cpp:45:8: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
std::memcpy(patch.data() + 4, mpt::as_raw_memory(loopStart).data(), 4);
data/libopenmpt-0.4.11/soundlib/S3MTools.cpp:46:8: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
std::memcpy(patch.data() + 8, mpt::as_raw_memory(loopEnd).data(), 4);
data/libopenmpt-0.4.11/soundlib/S3MTools.cpp:71:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(magic, "SCRS", 4);
data/libopenmpt-0.4.11/soundlib/S3MTools.cpp:75:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(magic, "SCRI", 4);
data/libopenmpt-0.4.11/soundlib/S3MTools.cpp:77:8: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
std::memcpy(mpt::as_raw_memory(length ).data(), mptSmp.adlib.data() + 0, 4);
data/libopenmpt-0.4.11/soundlib/S3MTools.cpp:78:8: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
std::memcpy(mpt::as_raw_memory(loopStart).data(), mptSmp.adlib.data() + 4, 4);
data/libopenmpt-0.4.11/soundlib/S3MTools.cpp:79:8: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
std::memcpy(mpt::as_raw_memory(loopEnd ).data(), mptSmp.adlib.data() + 8, 4);
data/libopenmpt-0.4.11/soundlib/S3MTools.h:69:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[28]; // Song Title
data/libopenmpt-0.4.11/soundlib/S3MTools.h:72:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char reserved1[2]; // Reserved
data/libopenmpt-0.4.11/soundlib/S3MTools.h:79:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char magic[4]; // "SCRM" magic bytes
data/libopenmpt-0.4.11/soundlib/S3MTools.h:121:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char filename[12]; // Sample filename
data/libopenmpt-0.4.11/soundlib/S3MTools.h:131:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char reserved2[12]; // Reserved + Internal ST3 stuff
data/libopenmpt-0.4.11/soundlib/S3MTools.h:132:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[28]; // Sample name
data/libopenmpt-0.4.11/soundlib/S3MTools.h:133:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char magic[4]; // "SCRS" magic bytes ("SCRI" for Adlib instruments)
data/libopenmpt-0.4.11/soundlib/SampleFormatFLAC.cpp:580:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(metadata[1]->data.application.id, "riff", 4);
data/libopenmpt-0.4.11/soundlib/SampleFormatFLAC.cpp:600:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(metadata[numBlocks]->data.application.id, "riff", 4);
data/libopenmpt-0.4.11/soundlib/SampleFormatFLAC.cpp:633:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(metadata[numBlocks]->data.application.id, "riff", 4);
data/libopenmpt-0.4.11/soundlib/SampleFormatMP3.cpp:513:8: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
std::memcpy(buf_samples.data(), buf_bytes.data(), buf_bytes_decoded);
data/libopenmpt-0.4.11/soundlib/SampleFormatMP3.cpp:579:8: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
std::memcpy(Samples[sample].sampleb(), data.data() + (data_skip_frames * channels), (data.size() - (data_skip_frames * channels)) * sizeof(int16));
data/libopenmpt-0.4.11/soundlib/SampleFormats.cpp:305:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(targetSmp.sampleb(), sourceSmp.sampleb(), nSize);
data/libopenmpt-0.4.11/soundlib/SampleFormats.cpp:843:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char magic[8]; // "GF1PATCH"
data/libopenmpt-0.4.11/soundlib/SampleFormats.cpp:844:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char version[4]; // "100", or "110"
data/libopenmpt-0.4.11/soundlib/SampleFormats.cpp:845:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char id[10]; // "ID#000002"
data/libopenmpt-0.4.11/soundlib/SampleFormats.cpp:846:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char copyright[60]; // Copyright
data/libopenmpt-0.4.11/soundlib/SampleFormats.cpp:853:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char reserved2[36];
data/libopenmpt-0.4.11/soundlib/SampleFormats.cpp:862:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[16]; // Name of instrument. Gravis doesn't seem to use it
data/libopenmpt-0.4.11/soundlib/SampleFormats.cpp:865:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char reserved[40];
data/libopenmpt-0.4.11/soundlib/SampleFormats.cpp:873:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[7]; // null terminated string. name of the wave.
data/libopenmpt-0.4.11/soundlib/SampleFormats.cpp:889:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char reserved[36];
data/libopenmpt-0.4.11/soundlib/SampleFormats.cpp:931:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char reserved[40];
data/libopenmpt-0.4.11/soundlib/SampleFormats.cpp:2611:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char magic[4]; // FORM
data/libopenmpt-0.4.11/soundlib/SampleFormats.cpp:2613:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char type[4]; // AIFF or AIFC
data/libopenmpt-0.4.11/soundlib/SampleFormats.cpp:3329:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char form[4]; // "FORM"
data/libopenmpt-0.4.11/soundlib/SampleFormats.cpp:3331:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char magic[4]; // "8SVX" or "16SV"
data/libopenmpt-0.4.11/soundlib/Snd_fx.cpp:5203:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&curData, macro, len);
data/libopenmpt-0.4.11/soundlib/Sndfile.cpp:1845:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char origName[MAX_SAMPLENAME];
data/libopenmpt-0.4.11/soundlib/Sndfile.h:444:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char m_szNames[MAX_SAMPLES][MAX_SAMPLENAME]; // Sample names
data/libopenmpt-0.4.11/soundlib/UMXTools.h:22:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char magic[4]; // C1 83 2A 9E
data/libopenmpt-0.4.11/soundlib/WAVTools.cpp:441:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(memory.data() + position, data, numBytes);
data/libopenmpt-0.4.11/soundlib/WAVTools.cpp:626:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[MAX_SAMPLENAME];
data/libopenmpt-0.4.11/soundlib/WAVTools.cpp:630:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char filename[MAX_SAMPLEFILENAME];
data/libopenmpt-0.4.11/soundlib/XMTools.cpp:289:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(signature, "Extended Instrument: ", 21);
data/libopenmpt-0.4.11/soundlib/XMTools.h:28:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char signature[17]; // "Extended Module: "
data/libopenmpt-0.4.11/soundlib/XMTools.h:29:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char songName[20]; // Song Name, not null-terminated (any nulls are treated as spaces)
data/libopenmpt-0.4.11/soundlib/XMTools.h:31:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char trackerName[20]; // Software that was used to create the XM file
data/libopenmpt-0.4.11/soundlib/XMTools.h:113:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[22]; // Instrument Name, not null-terminated (any nulls are treated as spaces)
data/libopenmpt-0.4.11/soundlib/XMTools.h:139:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char signature[21]; // "Extended Instrument: "
data/libopenmpt-0.4.11/soundlib/XMTools.h:140:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[22]; // Instrument Name, not null-terminated (any nulls are treated as spaces)
data/libopenmpt-0.4.11/soundlib/XMTools.h:142:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char trackerName[20]; // Software that was used to create the XI file
data/libopenmpt-0.4.11/soundlib/XMTools.h:178:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[22]; // Sample Name, not null-terminated (any nulls are treated as spaces)
data/libopenmpt-0.4.11/soundlib/load_j2b.cpp:48:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char signature[4]; // MUSE
data/libopenmpt-0.4.11/soundlib/load_j2b.cpp:105:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char songname[64];
data/libopenmpt-0.4.11/soundlib/load_j2b.cpp:193:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[28];
data/libopenmpt-0.4.11/soundlib/load_j2b.cpp:239:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[28];
data/libopenmpt-0.4.11/soundlib/load_j2b.cpp:368:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[32];
data/libopenmpt-0.4.11/soundlib/load_j2b.cpp:411:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[32];
data/libopenmpt-0.4.11/soundlib/modsmp_ctrl.cpp:64:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pNewSmp, smp.samplev(), silenceOffset);
data/libopenmpt-0.4.11/soundlib/modsmp_ctrl.cpp:68:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pNewSmp + silenceOffset + silenceBytes, smp.sampleb() + silenceOffset, smp.GetSampleSizeInBytes() - silenceOffset);
data/libopenmpt-0.4.11/soundlib/modsmp_ctrl.cpp:157:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pNewSmp, smp.sampleb(), newSmpBytes);
data/libopenmpt-0.4.11/soundlib/opal.h:261:16: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE *fd = fopen("exptab.txt", "wb");
data/libopenmpt-0.4.11/soundlib/opal.h:274:10: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fd = fopen("sintab.txt", "wb");
data/libopenmpt-0.4.11/soundlib/plugins/DigiBoosterEcho.cpp:91:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(m_pMixStruct->pluginData.data(), &m_chunk, sizeof(m_chunk));
data/libopenmpt-0.4.11/soundlib/plugins/DigiBoosterEcho.cpp:212:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&m_chunk, data, chunk.size());
data/libopenmpt-0.4.11/soundlib/plugins/DigiBoosterEcho.h:32:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char id[4];
data/libopenmpt-0.4.11/soundlib/plugins/DigiBoosterEcho.h:39:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(result.id, "Echo", 4);
data/libopenmpt-0.4.11/soundlib/plugins/DigiBoosterEcho.h:74:46: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
int32 GetUID() const override { int32le id; memcpy(&id, "Echo", 4); return id; }
data/libopenmpt-0.4.11/soundlib/plugins/LFOPlugin.cpp:307:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char magic[4];
data/libopenmpt-0.4.11/soundlib/plugins/LFOPlugin.cpp:327:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(chunk.magic, "LFO ", 4);
data/libopenmpt-0.4.11/soundlib/plugins/LFOPlugin.cpp:341:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(m_chunkData.data(), &chunk, sizeof(chunk));
data/libopenmpt-0.4.11/soundlib/plugins/LFOPlugin.h:77:44: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
int32 GetUID() const override { int32 id; memcpy(&id, "LFO ", 4); return id; }
data/libopenmpt-0.4.11/soundlib/plugins/PluginManager.cpp:249:2: [2] (buffer) TCHAR:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
TCHAR keyname[128];
data/libopenmpt-0.4.11/soundlib/plugins/PluginManager.cpp:267:7: [2] (buffer) TCHAR:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
TCHAR name[64];
data/libopenmpt-0.4.11/soundlib/plugins/PluginStructs.h:55:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char szName[32]; // User-chosen plugin display name - this is locale ANSI!
data/libopenmpt-0.4.11/soundlib/plugins/PluginStructs.h:56:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char szLibraryName[64]; // original DLL name - this is UTF-8!
data/libopenmpt-0.4.11/soundlib/plugins/dmo/ParamEq.cpp:54:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(out[0], in[0], numFrames * sizeof(float));
data/libopenmpt-0.4.11/soundlib/plugins/dmo/ParamEq.cpp:55:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(out[1], in[1], numFrames * sizeof(float));
data/libopenmpt-0.4.11/soundlib/tuning.cpp:480:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char begin[8];
data/libopenmpt-0.4.11/soundlib/tuning.cpp:496:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char begin2[8];
data/libopenmpt-0.4.11/soundlib/tuning.cpp:572:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char end2[8];
data/libopenmpt-0.4.11/soundlib/tuning.cpp:644:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char end[8];
data/libopenmpt-0.4.11/soundlib/tuning.h:31:15: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const char s_FileExtension[5];
data/libopenmpt-0.4.11/soundlib/tuningcollection.h:31:15: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const char s_FileExtension[4];
data/libopenmpt-0.4.11/test/test.cpp:1533:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
std::memcpy(&uuid2, uuiddata, 16);
data/libopenmpt-0.4.11/test/test.cpp:2533:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[4] = { 'x','x','x','x' };
data/libopenmpt-0.4.11/test/test.cpp:2541:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[4] = { 'x','x','x','x' };
data/libopenmpt-0.4.11/test/test.cpp:2550:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[4] = { 'x','x','x','x' };
data/libopenmpt-0.4.11/test/test.cpp:2558:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[4] = { 'x','x','x','x' };
data/libopenmpt-0.4.11/test/test.cpp:2566:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char buf[4] = { 'f','o','o','b' };
data/libopenmpt-0.4.11/test/test.cpp:2758:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char src_char[256];
data/libopenmpt-0.4.11/test/test.cpp:2759:2: [2] (buffer) wchar_t:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
wchar_t src_wchar_t[256];
data/libopenmpt-0.4.11/test/test.cpp:2760:2: [2] (buffer) TCHAR:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
TCHAR src_TCHAR[256];
data/libopenmpt-0.4.11/test/test.cpp:2762:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char dst_char[256];
data/libopenmpt-0.4.11/test/test.cpp:2763:2: [2] (buffer) wchar_t:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
wchar_t dst_wchar_t[256];
data/libopenmpt-0.4.11/test/test.cpp:2764:2: [2] (buffer) TCHAR:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
TCHAR dst_TCHAR[256];
data/libopenmpt-0.4.11/test/test.cpp:2770:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(src_char, "ab");
data/libopenmpt-0.4.11/test/test.cpp:2771:2: [2] (buffer) wcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer. Risk is low because the source is a constant string.
wcscpy(src_wchar_t, L"ab");
data/libopenmpt-0.4.11/test/test.cpp:2772:2: [2] (buffer) _tcscpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using a function version that stops copying at the end
of the buffer. Risk is low because the source is a constant string.
_tcscpy(src_TCHAR, _T("ab"));
data/libopenmpt-0.4.11/test/test.cpp:4290:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char src0[4] = { '\0', 'X', ' ', 'X' }; // Weird empty buffer
data/libopenmpt-0.4.11/test/test.cpp:4291:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char src1[4] = { 'X', ' ', '\0', 'X' }; // Weird buffer (hello Impulse Tracker)
data/libopenmpt-0.4.11/test/test.cpp:4292:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char src2[4] = { 'X', 'Y', 'Z', ' ' }; // Full buffer, last character space
data/libopenmpt-0.4.11/test/test.cpp:4293:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char src3[4] = { 'X', 'Y', 'Z', '!' }; // Full buffer, last character non-space
data/libopenmpt-0.4.11/test/test.cpp:4294:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char src4[4] = { 'x', 'y', '\t', '\n' }; // Full buffer containing non-space whitespace
data/libopenmpt-0.4.11/test/test.cpp:4295:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char dst1[6]; // Destination buffer, larger than source buffer
data/libopenmpt-0.4.11/test/test.cpp:4296:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char dst2[3]; // Destination buffer, smaller than source buffer
data/libopenmpt-0.4.11/common/Logging.cpp:70:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(std::strlen(g_FacilitySolo) > 0)
data/libopenmpt-0.4.11/common/Logging.cpp:77:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(std::strlen(g_FacilityBlocked) > 0)
data/libopenmpt-0.4.11/common/mptExceptionText.h:33:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(e.what() && (std::strlen(e.what()) > 0))
data/libopenmpt-0.4.11/common/mptExceptionText.h:36:38: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
} else if(typeid(e).name() && (std::strlen(typeid(e).name()) > 0))
data/libopenmpt-0.4.11/common/mptIO.cpp:279:89: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
IO::Offset ReadRawImpl(std::istream & f, mpt::byte * data, std::size_t size) { return f.read(mpt::byte_cast<char *>(data), size) ? f.gcount() : std::streamsize(0); }
data/libopenmpt-0.4.11/common/mptIO.cpp:418:10: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
stream->read(mpt::byte_cast<char*>(dst), count);
data/libopenmpt-0.4.11/common/mptIO.cpp:579:10: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
stream->read(mpt::byte_cast<char*>(dst), count);
data/libopenmpt-0.4.11/common/mptIO.cpp:675:13: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if(!stream.read)
data/libopenmpt-0.4.11/common/mptIO.cpp:686:28: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
int64 readcount = stream.read(stream.stream, dst, count);
data/libopenmpt-0.4.11/common/mptIO.cpp:719:13: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if(!stream.read)
data/libopenmpt-0.4.11/common/mptIO.cpp:727:28: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
int64 readcount = stream.read(stream.stream, dst, count);
data/libopenmpt-0.4.11/common/mptIO.h:951:16: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
std::size_t (*read)( void * stream, void * dst, std::size_t bytes );
data/libopenmpt-0.4.11/common/mptSpan.h:90:118: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
bool operator==(span const & other) const noexcept { return size() == other.size() && (m_beg == other.m_beg || std::equal(begin(), end(), other.begin())); }
data/libopenmpt-0.4.11/common/mptString.h:188:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
return std::strlen(str);
data/libopenmpt-0.4.11/common/mptStringBuffer.h:648:8: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
std::strncpy(destBuffer, srcBuffer, copySize);
data/libopenmpt-0.4.11/common/mptWine.cpp:623:15: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
outputFile.read(&outputFileBuf[0], outputFileBuf.size());
data/libopenmpt-0.4.11/common/mptWine.cpp:640:14: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
errorFile.read(&errorFileBuf[0], errorFileBuf.size());
data/libopenmpt-0.4.11/common/serialization_utils.cpp:107:9: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
iStrm.read(&str[i], 1);
data/libopenmpt-0.4.11/common/serialization_utils.cpp:446:9: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
iStrm.read(storedIdBuf, storedIdLen);
data/libopenmpt-0.4.11/common/serialization_utils.cpp:599:11: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
iStrm.read(&m_Idarray[nOldEnd], nIdsize);
data/libopenmpt-0.4.11/examples/libopenmpt_example_c.c:95:7: [1] (buffer) wcslen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( wcslen( argv[1] ) == 0 ) {
data/libopenmpt-0.4.11/examples/libopenmpt_example_c.c:101:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( strlen( argv[1] ) == 0 ) {
data/libopenmpt-0.4.11/examples/libopenmpt_example_c_mem.c:186:7: [1] (buffer) wcslen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( wcslen( argv[1] ) == 0 ) {
data/libopenmpt-0.4.11/examples/libopenmpt_example_c_mem.c:191:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( strlen( argv[1] ) == 0 ) {
data/libopenmpt-0.4.11/examples/libopenmpt_example_c_probe.c:59:7: [1] (buffer) wcslen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( wcslen( filename ) == 0 ) {
data/libopenmpt-0.4.11/examples/libopenmpt_example_c_probe.c:64:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( strlen( filename ) == 0 ) {
data/libopenmpt-0.4.11/examples/libopenmpt_example_c_stdout.c:108:7: [1] (buffer) wcslen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( wcslen( argv[1] ) == 0 ) {
data/libopenmpt-0.4.11/examples/libopenmpt_example_c_stdout.c:114:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( strlen( argv[1] ) == 0 ) {
data/libopenmpt-0.4.11/examples/libopenmpt_example_cxx.cpp:68:28: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
std::size_t count = mod.read( samplerate, buffersize, left.data(), right.data() );
data/libopenmpt-0.4.11/libmodplug/sndfile.h:605:33: [1] (buffer) lstrcpyn:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
void GetTitle(LPSTR s) const { lstrcpyn(s,m_szNames[0],32); }
data/libopenmpt-0.4.11/libmodplug/stdafx.h:95:9: [1] (buffer) lstrcpyn:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
#define lstrcpyn strncpy
data/libopenmpt-0.4.11/libmodplug/stdafx.h:95:18: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
#define lstrcpyn strncpy
data/libopenmpt-0.4.11/libopenmpt/libopenmpt.h:306:27: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
openmpt_stream_read_func read;
data/libopenmpt-0.4.11/libopenmpt/libopenmpt.hpp:588:14: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
std::size_t read( std::int32_t samplerate, std::size_t count, std::int16_t * mono );
data/libopenmpt-0.4.11/libopenmpt/libopenmpt.hpp:602:14: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
std::size_t read( std::int32_t samplerate, std::size_t count, std::int16_t * left, std::int16_t * right );
data/libopenmpt-0.4.11/libopenmpt/libopenmpt.hpp:618:14: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
std::size_t read( std::int32_t samplerate, std::size_t count, std::int16_t * left, std::int16_t * right, std::int16_t * rear_left, std::int16_t * rear_right );
data/libopenmpt-0.4.11/libopenmpt/libopenmpt.hpp:631:14: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
std::size_t read( std::int32_t samplerate, std::size_t count, float * mono );
data/libopenmpt-0.4.11/libopenmpt/libopenmpt.hpp:645:14: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
std::size_t read( std::int32_t samplerate, std::size_t count, float * left, float * right );
data/libopenmpt-0.4.11/libopenmpt/libopenmpt.hpp:661:14: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
std::size_t read( std::int32_t samplerate, std::size_t count, float * left, float * right, float * rear_left, float * rear_right );
data/libopenmpt-0.4.11/libopenmpt/libopenmpt_c.cpp:37:40: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
char * dst = (char*)std::calloc( std::strlen( src ) + 1, sizeof( char ) );
data/libopenmpt-0.4.11/libopenmpt/libopenmpt_c.cpp:468:73: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
openmpt::callback_stream_wrapper istream = { stream, stream_callbacks.read, stream_callbacks.seek, stream_callbacks.tell };
data/libopenmpt-0.4.11/libopenmpt/libopenmpt_c.cpp:505:73: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
openmpt::callback_stream_wrapper istream = { stream, stream_callbacks.read, stream_callbacks.seek, stream_callbacks.tell };
data/libopenmpt-0.4.11/libopenmpt/libopenmpt_c.cpp:542:74: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
openmpt::callback_stream_wrapper istream = { stream, stream_callbacks.read, stream_callbacks.seek, stream_callbacks.tell };
data/libopenmpt-0.4.11/libopenmpt/libopenmpt_c.cpp:808:21: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
return mod->impl->read( samplerate, count, mono );
data/libopenmpt-0.4.11/libopenmpt/libopenmpt_c.cpp:817:21: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
return mod->impl->read( samplerate, count, left, right );
data/libopenmpt-0.4.11/libopenmpt/libopenmpt_c.cpp:826:21: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
return mod->impl->read( samplerate, count, left, right, rear_left, rear_right );
data/libopenmpt-0.4.11/libopenmpt/libopenmpt_c.cpp:835:21: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
return mod->impl->read( samplerate, count, mono );
data/libopenmpt-0.4.11/libopenmpt/libopenmpt_c.cpp:844:21: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
return mod->impl->read( samplerate, count, left, right );
data/libopenmpt-0.4.11/libopenmpt/libopenmpt_c.cpp:853:21: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
return mod->impl->read( samplerate, count, left, right, rear_left, rear_right );
data/libopenmpt-0.4.11/libopenmpt/libopenmpt_c.cpp:1324:74: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
openmpt::callback_stream_wrapper istream = { stream, stream_callbacks.read, stream_callbacks.seek, stream_callbacks.tell };
data/libopenmpt-0.4.11/libopenmpt/libopenmpt_cxx.cpp:42:47: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
text = static_cast<char*>( std::malloc( std::strlen( text_ ) + 1 ) );
data/libopenmpt-0.4.11/libopenmpt/libopenmpt_cxx.cpp:44:34: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
std::memcpy( text, text_, std::strlen( text_ ) + 1 );
data/libopenmpt-0.4.11/libopenmpt/libopenmpt_cxx.cpp:65:47: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
text = static_cast<char*>( std::malloc( std::strlen( text_ ) + 1 ) );
data/libopenmpt-0.4.11/libopenmpt/libopenmpt_cxx.cpp:67:34: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
std::memcpy( text, text_, std::strlen( text_ ) + 1 );
data/libopenmpt-0.4.11/libopenmpt/libopenmpt_cxx.cpp:249:21: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
std::size_t module::read( std::int32_t samplerate, std::size_t count, std::int16_t * mono ) {
data/libopenmpt-0.4.11/libopenmpt/libopenmpt_cxx.cpp:250:15: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
return impl->read( samplerate, count, mono );
data/libopenmpt-0.4.11/libopenmpt/libopenmpt_cxx.cpp:252:21: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
std::size_t module::read( std::int32_t samplerate, std::size_t count, std::int16_t * left, std::int16_t * right ) {
data/libopenmpt-0.4.11/libopenmpt/libopenmpt_cxx.cpp:253:15: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
return impl->read( samplerate, count, left, right );
data/libopenmpt-0.4.11/libopenmpt/libopenmpt_cxx.cpp:255:21: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
std::size_t module::read( std::int32_t samplerate, std::size_t count, std::int16_t * left, std::int16_t * right, std::int16_t * rear_left, std::int16_t * rear_right ) {
data/libopenmpt-0.4.11/libopenmpt/libopenmpt_cxx.cpp:256:15: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
return impl->read( samplerate, count, left, right, rear_left, rear_right );
data/libopenmpt-0.4.11/libopenmpt/libopenmpt_cxx.cpp:258:21: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
std::size_t module::read( std::int32_t samplerate, std::size_t count, float * mono ) {
data/libopenmpt-0.4.11/libopenmpt/libopenmpt_cxx.cpp:259:15: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
return impl->read( samplerate, count, mono );
data/libopenmpt-0.4.11/libopenmpt/libopenmpt_cxx.cpp:261:21: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
std::size_t module::read( std::int32_t samplerate, std::size_t count, float * left, float * right ) {
data/libopenmpt-0.4.11/libopenmpt/libopenmpt_cxx.cpp:262:15: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
return impl->read( samplerate, count, left, right );
data/libopenmpt-0.4.11/libopenmpt/libopenmpt_cxx.cpp:264:21: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
std::size_t module::read( std::int32_t samplerate, std::size_t count, float * left, float * right, float * rear_left, float * rear_right ) {
data/libopenmpt-0.4.11/libopenmpt/libopenmpt_cxx.cpp:265:15: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
return impl->read( samplerate, count, left, right, rear_left, rear_right );
data/libopenmpt-0.4.11/libopenmpt/libopenmpt_impl.cpp:660:24: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
fstream.read = stream.read;
data/libopenmpt-0.4.11/libopenmpt/libopenmpt_impl.cpp:756:10: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
stream.read( buffer + size_read, size_toread );
data/libopenmpt-0.4.11/libopenmpt/libopenmpt_impl.cpp:792:15: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if ( !stream.read ) {
data/libopenmpt-0.4.11/libopenmpt/libopenmpt_impl.cpp:797:24: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
fstream.read = stream.read;
data/libopenmpt-0.4.11/libopenmpt/libopenmpt_impl.cpp:803:35: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
std::size_t read_count = stream.read( stream.stream, buffer + size_read, size_toread );
data/libopenmpt-0.4.11/libopenmpt/libopenmpt_impl.cpp:830:24: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
fstream.read = stream.read;
data/libopenmpt-0.4.11/libopenmpt/libopenmpt_impl.cpp:922:26: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
std::size_t module_impl::read( std::int32_t samplerate, std::size_t count, std::int16_t * mono ) {
data/libopenmpt-0.4.11/libopenmpt/libopenmpt_impl.cpp:931:26: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
std::size_t module_impl::read( std::int32_t samplerate, std::size_t count, std::int16_t * left, std::int16_t * right ) {
data/libopenmpt-0.4.11/libopenmpt/libopenmpt_impl.cpp:940:26: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
std::size_t module_impl::read( std::int32_t samplerate, std::size_t count, std::int16_t * left, std::int16_t * right, std::int16_t * rear_left, std::int16_t * rear_right ) {
data/libopenmpt-0.4.11/libopenmpt/libopenmpt_impl.cpp:949:26: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
std::size_t module_impl::read( std::int32_t samplerate, std::size_t count, float * mono ) {
data/libopenmpt-0.4.11/libopenmpt/libopenmpt_impl.cpp:958:26: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
std::size_t module_impl::read( std::int32_t samplerate, std::size_t count, float * left, float * right ) {
data/libopenmpt-0.4.11/libopenmpt/libopenmpt_impl.cpp:967:26: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
std::size_t module_impl::read( std::int32_t samplerate, std::size_t count, float * left, float * right, float * rear_left, float * rear_right ) {
data/libopenmpt-0.4.11/libopenmpt/libopenmpt_impl.hpp:68:16: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
std::size_t (*read)( void * stream, void * dst, std::size_t bytes );
data/libopenmpt-0.4.11/libopenmpt/libopenmpt_impl.hpp:162:14: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
std::size_t read( std::int32_t samplerate, std::size_t count, std::int16_t * mono );
data/libopenmpt-0.4.11/libopenmpt/libopenmpt_impl.hpp:163:14: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
std::size_t read( std::int32_t samplerate, std::size_t count, std::int16_t * left, std::int16_t * right );
data/libopenmpt-0.4.11/libopenmpt/libopenmpt_impl.hpp:164:14: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
std::size_t read( std::int32_t samplerate, std::size_t count, std::int16_t * left, std::int16_t * right, std::int16_t * rear_left, std::int16_t * rear_right );
data/libopenmpt-0.4.11/libopenmpt/libopenmpt_impl.hpp:165:14: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
std::size_t read( std::int32_t samplerate, std::size_t count, float * mono );
data/libopenmpt-0.4.11/libopenmpt/libopenmpt_impl.hpp:166:14: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
std::size_t read( std::int32_t samplerate, std::size_t count, float * left, float * right );
data/libopenmpt-0.4.11/libopenmpt/libopenmpt_impl.hpp:167:14: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
std::size_t read( std::int32_t samplerate, std::size_t count, float * left, float * right, float * rear_left, float * rear_right );
data/libopenmpt-0.4.11/libopenmpt/libopenmpt_modplug.c:145:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
file->name = malloc(strlen(name)+1);
data/libopenmpt-0.4.11/libopenmpt/libopenmpt_modplug.c:152:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
file->name = malloc(strlen("")+1);
data/libopenmpt-0.4.11/libopenmpt/libopenmpt_modplug.c:154:4: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(file->name,"");
data/libopenmpt-0.4.11/libopenmpt/libopenmpt_modplug.c:159:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
file->message = malloc(strlen(message)+1);
data/libopenmpt-0.4.11/libopenmpt/libopenmpt_modplug.c:166:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
file->message = malloc(strlen("")+1);
data/libopenmpt-0.4.11/libopenmpt/libopenmpt_modplug.c:168:4: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(file->message,"");
data/libopenmpt-0.4.11/libopenmpt/libopenmpt_modplug.c:486:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(buf,str,31);
data/libopenmpt-0.4.11/libopenmpt/libopenmpt_modplug.c:490:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(buff,buf,32);
data/libopenmpt-0.4.11/libopenmpt/libopenmpt_modplug.c:492:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
return (unsigned int)strlen(buf);
data/libopenmpt-0.4.11/libopenmpt/libopenmpt_modplug.c:503:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(buf,str,31);
data/libopenmpt-0.4.11/libopenmpt/libopenmpt_modplug.c:507:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(buff,buf,32);
data/libopenmpt-0.4.11/libopenmpt/libopenmpt_modplug.c:509:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
return (unsigned int)strlen(buf);
data/libopenmpt-0.4.11/libopenmpt/libopenmpt_modplug_cpp.cpp:191:8: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
std::strncpy( m_szNames[0], mod->get_metadata("title").c_str(), sizeof( m_szNames[0] ) - 1 );
data/libopenmpt-0.4.11/libopenmpt/libopenmpt_modplug_cpp.cpp:312:9: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
std::strncpy( buf, names[ nSample - 1 ].c_str(), 31 );
data/libopenmpt-0.4.11/libopenmpt/libopenmpt_modplug_cpp.cpp:316:8: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
std::strncpy( s, buf, 32 );
data/libopenmpt-0.4.11/libopenmpt/libopenmpt_modplug_cpp.cpp:318:33: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
return static_cast<UINT>( std::strlen( buf ) );
data/libopenmpt-0.4.11/libopenmpt/libopenmpt_modplug_cpp.cpp:328:9: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
std::strncpy( buf, names[ nInstr - 1 ].c_str(), 31 );
data/libopenmpt-0.4.11/libopenmpt/libopenmpt_modplug_cpp.cpp:332:8: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
std::strncpy( s, buf, 32 );
data/libopenmpt-0.4.11/libopenmpt/libopenmpt_modplug_cpp.cpp:334:33: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
return static_cast<UINT>( std::strlen( buf ) );
data/libopenmpt-0.4.11/libopenmpt/libopenmpt_modplug_cpp.cpp:632:7: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
std::strncpy( s, mod->get_metadata("message").c_str(), cbsize );
data/libopenmpt-0.4.11/libopenmpt/libopenmpt_modplug_cpp.cpp:634:33: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
return static_cast<UINT>( std::strlen( s ) + 1 );
data/libopenmpt-0.4.11/libopenmpt/libopenmpt_modplug_cpp.cpp:650:7: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
std::strncpy( s, mod->get_metadata("message_raw").c_str(), cbsize );
data/libopenmpt-0.4.11/libopenmpt/libopenmpt_modplug_cpp.cpp:652:33: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
return static_cast<UINT>( std::strlen( s ) + 1 );
data/libopenmpt-0.4.11/libopenmpt/libopenmpt_modplug_cpp.cpp:740:26: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
frames_rendered = mod->read( get_samplerate(), frames_torender, out );
data/libopenmpt-0.4.11/libopenmpt/libopenmpt_stream_callbacks_fd.h:66:12: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
retval = read( fd, dst, bytes );
data/libopenmpt-0.4.11/openmpt123/openmpt123.cpp:1156:10: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if ( read( STDIN_FILENO, &c, 1 ) != 1 ) {
data/libopenmpt-0.4.11/openmpt123/openmpt123.cpp:1182:24: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
case 1: count = mod.read( flags.samplerate, bufsize, left.data() ); break;
data/libopenmpt-0.4.11/openmpt123/openmpt123.cpp:1183:24: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
case 2: count = mod.read( flags.samplerate, bufsize, left.data(), right.data() ); break;
data/libopenmpt-0.4.11/openmpt123/openmpt123.cpp:1184:24: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
case 4: count = mod.read( flags.samplerate, bufsize, left.data(), right.data(), rear_left.data(), rear_right.data() ); break;
data/libopenmpt-0.4.11/openmpt123/openmpt123_pulseaudio.hpp:35:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( std::strlen(str) == 0 ) {
data/libopenmpt-0.4.11/soundlib/Dlsbank.cpp:1709:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(&s[strlen(s)], " (%s", pDlsIns->szName);
data/libopenmpt-0.4.11/soundlib/Dlsbank.cpp:1710:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t n = strlen(s);
data/libopenmpt-0.4.11/soundlib/Load_mt2.cpp:684:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
const size_t len = strlen(mixPlug.Info.szLibraryName);
data/libopenmpt-0.4.11/soundlib/Load_wav.cpp:139:3: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(m_szNames[channel + 1], "");
data/libopenmpt-0.4.11/soundlib/SampleFormatFLAC.cpp:170:4: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(client.sndFile.m_szNames[client.sample], "");
data/libopenmpt-0.4.11/soundlib/SampleFormatMP3.cpp:659:3: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(m_szNames[sample], "");
data/libopenmpt-0.4.11/soundlib/SampleFormats.cpp:434:2: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(m_szNames[nSample], "");
data/libopenmpt-0.4.11/soundlib/SampleFormats.cpp:2886:3: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(m_szNames[nSample], "");
data/libopenmpt-0.4.11/soundlib/SampleFormats.cpp:3426:3: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(m_szNames[nSample], "");
data/libopenmpt-0.4.11/soundlib/Sndfile.cpp:1387:5: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(m_szNames[nSmp], "");
data/libopenmpt-0.4.11/soundlib/Tables.cpp:180:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
std::size_t lena = std::strlen(a);
data/libopenmpt-0.4.11/soundlib/Tables.cpp:181:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
std::size_t lenb = std::strlen(b);
data/libopenmpt-0.4.11/soundlib/UMXTools.cpp:80:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
std::size_t name_len = std::strlen(name);
data/libopenmpt-0.4.11/soundlib/XMTools.cpp:413:2: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(mptSmp.filename, "");
data/libopenmpt-0.4.11/soundlib/modsmp_ctrl.cpp:399:4: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(sndFile.m_szNames[i], "");
data/libopenmpt-0.4.11/soundlib/modsmp_ctrl.cpp:400:4: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(sample.filename, "");
data/libopenmpt-0.4.11/soundlib/plugins/dmo/DMOPlugin.cpp:532:16: [1] (buffer) wcslen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
text += wcslen(text) + 1;
data/libopenmpt-0.4.11/soundlib/tuning.cpp:482:9: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
inStrm.read(begin, sizeof(begin));
data/libopenmpt-0.4.11/soundlib/tuning.cpp:498:9: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
inStrm.read(begin2, sizeof(begin2));
data/libopenmpt-0.4.11/soundlib/tuning.cpp:574:9: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
inStrm.read(end2, sizeof(end2));
data/libopenmpt-0.4.11/soundlib/tuning.cpp:646:9: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
inStrm.read(reinterpret_cast<char*>(&end), sizeof(end));
data/libopenmpt-0.4.11/test/test.cpp:1490:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
VERIFY_EQUAL(strlen(spec->commands), (size_t)MAX_EFFECTS);
data/libopenmpt-0.4.11/test/test.cpp:1491:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
VERIFY_EQUAL(strlen(spec->volcommands), (size_t)MAX_VOLCMDS);
data/libopenmpt-0.4.11/test/test.cpp:1601:5: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
s.read(&a, 1);
data/libopenmpt-0.4.11/test/test.cpp:4302:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for(size_t i = strlen(dst); i < mpt::size(dst); i++) \
data/libopenmpt-0.4.11/test/test.cpp:4307:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for(size_t i = strlen(dst); i < mpt::size(dst); i++) \
ANALYSIS SUMMARY:
Hits = 681
Lines analyzed = 135642 in approximately 3.22 seconds (42090 lines/second)
Physical Source Lines of Code (SLOC) = 103571
Hits@level = [0] 72 [1] 141 [2] 421 [3] 82 [4] 37 [5] 0
Hits@level+ = [0+] 753 [1+] 681 [2+] 540 [3+] 119 [4+] 37 [5+] 0
Hits/KSLOC@level+ = [0+] 7.27037 [1+] 6.5752 [2+] 5.21381 [3+] 1.14897 [4+] 0.357243 [5+] 0
Dot directories skipped = 1 (--followdotdir overrides)
Minimum risk level = 1
Not every hit is necessarily a security vulnerability.
There may be other security vulnerabilities; review your code!
See 'Secure Programming HOWTO'
(https://dwheeler.com/secure-programs) for more information.