Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler. Number of rules (primarily dangerous function names) in C/C++ ruleset: 223 Examining data/libspatialaudio-0.3.0+git20180730+dfsg1/include/AmbisonicBase.h Examining data/libspatialaudio-0.3.0+git20180730+dfsg1/include/AmbisonicBinauralizer.h Examining data/libspatialaudio-0.3.0+git20180730+dfsg1/include/AmbisonicCommons.h Examining data/libspatialaudio-0.3.0+git20180730+dfsg1/include/AmbisonicDecoder.h Examining data/libspatialaudio-0.3.0+git20180730+dfsg1/include/AmbisonicDecoderPresets.h Examining data/libspatialaudio-0.3.0+git20180730+dfsg1/include/AmbisonicEncoder.h Examining data/libspatialaudio-0.3.0+git20180730+dfsg1/include/AmbisonicEncoderDist.h Examining data/libspatialaudio-0.3.0+git20180730+dfsg1/include/AmbisonicMicrophone.h Examining data/libspatialaudio-0.3.0+git20180730+dfsg1/include/AmbisonicProcessor.h Examining data/libspatialaudio-0.3.0+git20180730+dfsg1/include/AmbisonicPsychoacousticFilters.h Examining data/libspatialaudio-0.3.0+git20180730+dfsg1/include/AmbisonicSource.h Examining data/libspatialaudio-0.3.0+git20180730+dfsg1/include/AmbisonicSpeaker.h Examining data/libspatialaudio-0.3.0+git20180730+dfsg1/include/AmbisonicTypesDefinesCommons.h Examining data/libspatialaudio-0.3.0+git20180730+dfsg1/include/AmbisonicZoomer.h Examining data/libspatialaudio-0.3.0+git20180730+dfsg1/include/Ambisonics.h Examining data/libspatialaudio-0.3.0+git20180730+dfsg1/include/BFormat.h Examining data/libspatialaudio-0.3.0+git20180730+dfsg1/include/SpeakersBinauralizer.h Examining data/libspatialaudio-0.3.0+git20180730+dfsg1/include/hrtf/hrtf.h Examining data/libspatialaudio-0.3.0+git20180730+dfsg1/include/hrtf/mit_hrtf.h Examining data/libspatialaudio-0.3.0+git20180730+dfsg1/include/hrtf/sofa_hrtf.h Examining data/libspatialaudio-0.3.0+git20180730+dfsg1/include/mit_hrtf_filter.h Examining data/libspatialaudio-0.3.0+git20180730+dfsg1/include/mit_hrtf_lib.h Examining data/libspatialaudio-0.3.0+git20180730+dfsg1/source/AmbisonicBase.cpp Examining data/libspatialaudio-0.3.0+git20180730+dfsg1/source/AmbisonicBinauralizer.cpp Examining data/libspatialaudio-0.3.0+git20180730+dfsg1/source/AmbisonicCommons.cpp Examining data/libspatialaudio-0.3.0+git20180730+dfsg1/source/AmbisonicDecoder.cpp Examining data/libspatialaudio-0.3.0+git20180730+dfsg1/source/AmbisonicEncoder.cpp Examining data/libspatialaudio-0.3.0+git20180730+dfsg1/source/AmbisonicEncoderDist.cpp Examining data/libspatialaudio-0.3.0+git20180730+dfsg1/source/AmbisonicMicrophone.cpp Examining data/libspatialaudio-0.3.0+git20180730+dfsg1/source/AmbisonicProcessor.cpp Examining data/libspatialaudio-0.3.0+git20180730+dfsg1/source/AmbisonicSource.cpp Examining data/libspatialaudio-0.3.0+git20180730+dfsg1/source/AmbisonicSpeaker.cpp Examining data/libspatialaudio-0.3.0+git20180730+dfsg1/source/AmbisonicZoomer.cpp Examining data/libspatialaudio-0.3.0+git20180730+dfsg1/source/BFormat.cpp Examining data/libspatialaudio-0.3.0+git20180730+dfsg1/source/SpeakersBinauralizer.cpp Examining data/libspatialaudio-0.3.0+git20180730+dfsg1/source/hrtf/mit_hrtf.cpp Examining data/libspatialaudio-0.3.0+git20180730+dfsg1/source/hrtf/sofa_hrtf.cpp Examining data/libspatialaudio-0.3.0+git20180730+dfsg1/source/kiss_fft/_kiss_fft_guts.h Examining data/libspatialaudio-0.3.0+git20180730+dfsg1/source/kiss_fft/kiss_fft.c Examining data/libspatialaudio-0.3.0+git20180730+dfsg1/source/kiss_fft/kiss_fft.h Examining data/libspatialaudio-0.3.0+git20180730+dfsg1/source/kiss_fft/kiss_fftr.c Examining data/libspatialaudio-0.3.0+git20180730+dfsg1/source/kiss_fft/kiss_fftr.h Examining data/libspatialaudio-0.3.0+git20180730+dfsg1/source/mit_hrtf_lib.c FINAL RESULTS: data/libspatialaudio-0.3.0+git20180730+dfsg1/source/AmbisonicBinauralizer.cpp:168:13: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(m_pfScratchBufferA.data(), ppfAccumulator[niEar][niChannel], m_nTaps * sizeof(float)); data/libspatialaudio-0.3.0+git20180730+dfsg1/source/AmbisonicBinauralizer.cpp:230:13: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(m_pfScratchBufferB.data(), pBFSrc->m_ppfChannels[niChannel], m_nBlockSize * sizeof(float)); data/libspatialaudio-0.3.0+git20180730+dfsg1/source/AmbisonicBinauralizer.cpp:261:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(ppfDst[0], m_pfScratchBufferA.data(), m_nBlockSize * sizeof(float)); data/libspatialaudio-0.3.0+git20180730+dfsg1/source/AmbisonicBinauralizer.cpp:262:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(ppfDst[1], m_pfScratchBufferC.data(), m_nBlockSize * sizeof(float)); data/libspatialaudio-0.3.0+git20180730+dfsg1/source/AmbisonicBinauralizer.cpp:267:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(m_pfOverlap[0].data(), &m_pfScratchBufferA[m_nBlockSize], m_nOverlapLength * sizeof(float)); data/libspatialaudio-0.3.0+git20180730+dfsg1/source/AmbisonicBinauralizer.cpp:268:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(m_pfOverlap[1].data(), &m_pfScratchBufferC[m_nBlockSize], m_nOverlapLength * sizeof(float)); data/libspatialaudio-0.3.0+git20180730+dfsg1/source/AmbisonicBinauralizer.cpp:279:17: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(m_pfScratchBufferB.data(), pBFSrc->m_ppfChannels[niChannel], m_nBlockSize * sizeof(float)); data/libspatialaudio-0.3.0+git20180730+dfsg1/source/AmbisonicBinauralizer.cpp:296:13: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(ppfDst[niEar], m_pfScratchBufferA.data(), m_nBlockSize * sizeof(float)); data/libspatialaudio-0.3.0+git20180730+dfsg1/source/AmbisonicBinauralizer.cpp:299:13: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(m_pfOverlap[niEar].data(), &m_pfScratchBufferA[m_nBlockSize], m_nOverlapLength * sizeof(float)); data/libspatialaudio-0.3.0+git20180730+dfsg1/source/AmbisonicProcessor.cpp:133:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(m_pfScratchBufferA, pfPsychIR[i_m].get(), m_nTaps * sizeof(float)); data/libspatialaudio-0.3.0+git20180730+dfsg1/source/AmbisonicProcessor.cpp:431:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(m_pfScratchBufferA, pBFSrcDst->m_ppfChannels[niChannel], m_nBlockSize * sizeof(float)); data/libspatialaudio-0.3.0+git20180730+dfsg1/source/AmbisonicProcessor.cpp:447:17: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(pBFSrcDst->m_ppfChannels[niChannel], m_pfScratchBufferA, m_nBlockSize * sizeof(float)); data/libspatialaudio-0.3.0+git20180730+dfsg1/source/AmbisonicProcessor.cpp:452:17: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(m_pfOverlap[niChannel], &m_pfScratchBufferA[m_nBlockSize], m_nOverlapLength * sizeof(float)); data/libspatialaudio-0.3.0+git20180730+dfsg1/source/BFormat.cpp:62:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(m_ppfChannels[nChannel], pfData, nSamples * sizeof(float)); data/libspatialaudio-0.3.0+git20180730+dfsg1/source/BFormat.cpp:67:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(pfData, m_ppfChannels[nChannel], nSamples * sizeof(float)); data/libspatialaudio-0.3.0+git20180730+dfsg1/source/BFormat.cpp:72:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(m_pfData.data(), bf.m_pfData.data(), m_nDataLength * sizeof(float)); data/libspatialaudio-0.3.0+git20180730+dfsg1/source/SpeakersBinauralizer.cpp:126:17: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(m_pfScratchBufferA.data(), ppfAccumulator[niEar][niChannel], m_nTaps * sizeof(float)); data/libspatialaudio-0.3.0+git20180730+dfsg1/source/SpeakersBinauralizer.cpp:155:13: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(m_pfScratchBufferB.data(), pBFSrc[niChannel], m_nBlockSize * sizeof(float)); data/libspatialaudio-0.3.0+git20180730+dfsg1/source/SpeakersBinauralizer.cpp:173:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(ppfDst[niEar], m_pfScratchBufferA.data(), m_nBlockSize * sizeof(float)); data/libspatialaudio-0.3.0+git20180730+dfsg1/source/SpeakersBinauralizer.cpp:176:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(m_pfOverlap[niEar].data(), &m_pfScratchBufferA[m_nBlockSize], m_nOverlapLength * sizeof(float)); data/libspatialaudio-0.3.0+git20180730+dfsg1/source/kiss_fft/kiss_fft.c:378:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(fout,tmpbuf,sizeof(kiss_fft_cpx)*st->nfft); ANALYSIS SUMMARY: Hits = 21 Lines analyzed = 5468 in approximately 0.19 seconds (28587 lines/second) Physical Source Lines of Code (SLOC) = 3540 Hits@level = [0] 5 [1] 0 [2] 21 [3] 0 [4] 0 [5] 0 Hits@level+ = [0+] 26 [1+] 21 [2+] 21 [3+] 0 [4+] 0 [5+] 0 Hits/KSLOC@level+ = [0+] 7.34463 [1+] 5.9322 [2+] 5.9322 [3+] 0 [4+] 0 [5+] 0 Dot directories skipped = 1 (--followdotdir overrides) Minimum risk level = 1 Not every hit is necessarily a security vulnerability. There may be other security vulnerabilities; review your code! See 'Secure Programming HOWTO' (https://dwheeler.com/secure-programs) for more information.