Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler.
Number of rules (primarily dangerous function names) in C/C++ ruleset: 223
Examining data/mediastreamer2-2.16.1/build/android/basedescs.h
Examining data/mediastreamer2-2.16.1/build/android/libmediastreamer2_AndroidConfig.h
Examining data/mediastreamer2-2.16.1/build/android/voipdescs.h
Examining data/mediastreamer2-2.16.1/build/iphone/basedescs.h
Examining data/mediastreamer2-2.16.1/build/iphone/voipdescs.h
Examining data/mediastreamer2-2.16.1/build/wp8/mediastreamer2-tester-native/mediastreamer2-tester-native.cpp
Examining data/mediastreamer2-2.16.1/build/wp8/mediastreamer2-tester-native/mediastreamer2-tester-native.h
Examining data/mediastreamer2-2.16.1/build/wp8/mediastreamer2-tester-native/mediastreamer2-tester-video.cpp
Examining data/mediastreamer2-2.16.1/build/wp8/mediastreamer2-tester-native/mediastreamer2-tester-video.h
Examining data/mediastreamer2-2.16.1/build/wp8/mediastreamer2/basedescs.h
Examining data/mediastreamer2-2.16.1/build/wp8/mediastreamer2/voipdescs.h
Examining data/mediastreamer2-2.16.1/include/MSVC/inttypes.h
Examining data/mediastreamer2-2.16.1/include/MSVC/stdint.h
Examining data/mediastreamer2-2.16.1/include/mediastreamer2/allfilters.h
Examining data/mediastreamer2-2.16.1/include/mediastreamer2/bitratecontrol.h
Examining data/mediastreamer2-2.16.1/include/mediastreamer2/bits_rw.h
Examining data/mediastreamer2-2.16.1/include/mediastreamer2/devices.h
Examining data/mediastreamer2-2.16.1/include/mediastreamer2/dsptools.h
Examining data/mediastreamer2-2.16.1/include/mediastreamer2/dtls_srtp.h
Examining data/mediastreamer2-2.16.1/include/mediastreamer2/dtmfgen.h
Examining data/mediastreamer2-2.16.1/include/mediastreamer2/flowcontrol.h
Examining data/mediastreamer2-2.16.1/include/mediastreamer2/formats.h
Examining data/mediastreamer2-2.16.1/include/mediastreamer2/ice.h
Examining data/mediastreamer2-2.16.1/include/mediastreamer2/mediastream.h
Examining data/mediastreamer2-2.16.1/include/mediastreamer2/ms_srtp.h
Examining data/mediastreamer2-2.16.1/include/mediastreamer2/msasync.h
Examining data/mediastreamer2-2.16.1/include/mediastreamer2/msaudiomixer.h
Examining data/mediastreamer2-2.16.1/include/mediastreamer2/mschanadapter.h
Examining data/mediastreamer2-2.16.1/include/mediastreamer2/mscngdtx.h
Examining data/mediastreamer2-2.16.1/include/mediastreamer2/mscodecutils.h
Examining data/mediastreamer2-2.16.1/include/mediastreamer2/mscommon.h
Examining data/mediastreamer2-2.16.1/include/mediastreamer2/msconference.h
Examining data/mediastreamer2-2.16.1/include/mediastreamer2/msequalizer.h
Examining data/mediastreamer2-2.16.1/include/mediastreamer2/mseventqueue.h
Examining data/mediastreamer2-2.16.1/include/mediastreamer2/msextdisplay.h
Examining data/mediastreamer2-2.16.1/include/mediastreamer2/msfactory.h
Examining data/mediastreamer2-2.16.1/include/mediastreamer2/msfilerec.h
Examining data/mediastreamer2-2.16.1/include/mediastreamer2/msfilter.h
Examining data/mediastreamer2-2.16.1/include/mediastreamer2/msgenericplc.h
Examining data/mediastreamer2-2.16.1/include/mediastreamer2/msinterfaces.h
Examining data/mediastreamer2-2.16.1/include/mediastreamer2/msitc.h
Examining data/mediastreamer2-2.16.1/include/mediastreamer2/msjava.h
Examining data/mediastreamer2-2.16.1/include/mediastreamer2/msjpegwriter.h
Examining data/mediastreamer2-2.16.1/include/mediastreamer2/msmediaplayer.h
Examining data/mediastreamer2-2.16.1/include/mediastreamer2/msogl.h
Examining data/mediastreamer2-2.16.1/include/mediastreamer2/msogl_functions.h
Examining data/mediastreamer2-2.16.1/include/mediastreamer2/mspcapfileplayer.h
Examining data/mediastreamer2-2.16.1/include/mediastreamer2/msqueue.h
Examining data/mediastreamer2-2.16.1/include/mediastreamer2/msrtp.h
Examining data/mediastreamer2-2.16.1/include/mediastreamer2/msrtt4103.h
Examining data/mediastreamer2-2.16.1/include/mediastreamer2/mssndcard.h
Examining data/mediastreamer2-2.16.1/include/mediastreamer2/mstee.h
Examining data/mediastreamer2-2.16.1/include/mediastreamer2/mstonedetector.h
Examining data/mediastreamer2-2.16.1/include/mediastreamer2/msudp.h
Examining data/mediastreamer2-2.16.1/include/mediastreamer2/msutils.h
Examining data/mediastreamer2-2.16.1/include/mediastreamer2/msv4l.h
Examining data/mediastreamer2-2.16.1/include/mediastreamer2/msvaddtx.h
Examining data/mediastreamer2-2.16.1/include/mediastreamer2/msvideo.h
Examining data/mediastreamer2-2.16.1/include/mediastreamer2/msvideoout.h
Examining data/mediastreamer2-2.16.1/include/mediastreamer2/msvideopresets.h
Examining data/mediastreamer2-2.16.1/include/mediastreamer2/msvolume.h
Examining data/mediastreamer2-2.16.1/include/mediastreamer2/mswebcam.h
Examining data/mediastreamer2-2.16.1/include/mediastreamer2/qualityindicator.h
Examining data/mediastreamer2-2.16.1/include/mediastreamer2/rfc3984.h
Examining data/mediastreamer2-2.16.1/include/mediastreamer2/stun.h
Examining data/mediastreamer2-2.16.1/include/mediastreamer2/upnp_igd.h
Examining data/mediastreamer2-2.16.1/include/mediastreamer2/x11_helper.h
Examining data/mediastreamer2-2.16.1/include/mediastreamer2/zrtp.h
Examining data/mediastreamer2-2.16.1/include/mediastreamer2/msfileplayer.h
Examining data/mediastreamer2-2.16.1/include/mediastreamer2/msticker.h
Examining data/mediastreamer2-2.16.1/src/android/AudioRecord.cpp
Examining data/mediastreamer2-2.16.1/src/android/AudioRecord.h
Examining data/mediastreamer2-2.16.1/src/android/AudioSystem.cpp
Examining data/mediastreamer2-2.16.1/src/android/AudioSystem.h
Examining data/mediastreamer2-2.16.1/src/android/AudioTrack.cpp
Examining data/mediastreamer2-2.16.1/src/android/AudioTrack.h
Examining data/mediastreamer2-2.16.1/src/android/String8.cpp
Examining data/mediastreamer2-2.16.1/src/android/String8.h
Examining data/mediastreamer2-2.16.1/src/android/android-display-bad.cpp
Examining data/mediastreamer2-2.16.1/src/android/android-display.c
Examining data/mediastreamer2-2.16.1/src/android/android-opengl-display.c
Examining data/mediastreamer2-2.16.1/src/android/android_mediacodec.cpp
Examining data/mediastreamer2-2.16.1/src/android/android_mediacodec.h
Examining data/mediastreamer2-2.16.1/src/android/androidsound.cpp
Examining data/mediastreamer2-2.16.1/src/android/androidsound_depr.cpp
Examining data/mediastreamer2-2.16.1/src/android/androidsound_opensles.cpp
Examining data/mediastreamer2-2.16.1/src/android/androidvideo.cpp
Examining data/mediastreamer2-2.16.1/src/android/audio.h
Examining data/mediastreamer2-2.16.1/src/android/hardware_echo_canceller.cpp
Examining data/mediastreamer2-2.16.1/src/android/hardware_echo_canceller.h
Examining data/mediastreamer2-2.16.1/src/android/loader.cpp
Examining data/mediastreamer2-2.16.1/src/android/loader.h
Examining data/mediastreamer2-2.16.1/src/android/media/NdkMediaCodec.h
Examining data/mediastreamer2-2.16.1/src/android/media/NdkMediaCrypto.h
Examining data/mediastreamer2-2.16.1/src/android/media/NdkMediaDrm.h
Examining data/mediastreamer2-2.16.1/src/android/media/NdkMediaError.h
Examining data/mediastreamer2-2.16.1/src/android/media/NdkMediaExtractor.h
Examining data/mediastreamer2-2.16.1/src/android/media/NdkMediaFormat.h
Examining data/mediastreamer2-2.16.1/src/android/media/NdkMediaMuxer.h
Examining data/mediastreamer2-2.16.1/src/android/mediacodech264dec.c
Examining data/mediastreamer2-2.16.1/src/android/mediacodech264enc.c
Examining data/mediastreamer2-2.16.1/src/audiofilters/aac-eld-android.cpp
Examining data/mediastreamer2-2.16.1/src/audiofilters/aac-eld.c
Examining data/mediastreamer2-2.16.1/src/audiofilters/alaw.c
Examining data/mediastreamer2-2.16.1/src/audiofilters/alsa.c
Examining data/mediastreamer2-2.16.1/src/audiofilters/arts.c
Examining data/mediastreamer2-2.16.1/src/audiofilters/asyncrw.c
Examining data/mediastreamer2-2.16.1/src/audiofilters/asyncrw.h
Examining data/mediastreamer2-2.16.1/src/audiofilters/audiomixer.c
Examining data/mediastreamer2-2.16.1/src/audiofilters/bv16.c
Examining data/mediastreamer2-2.16.1/src/audiofilters/chanadapt.c
Examining data/mediastreamer2-2.16.1/src/audiofilters/devices.c
Examining data/mediastreamer2-2.16.1/src/audiofilters/dtmfgen.c
Examining data/mediastreamer2-2.16.1/src/audiofilters/equalizer.c
Examining data/mediastreamer2-2.16.1/src/audiofilters/flowcontrol.c
Examining data/mediastreamer2-2.16.1/src/audiofilters/g711.c
Examining data/mediastreamer2-2.16.1/src/audiofilters/g711.h
Examining data/mediastreamer2-2.16.1/src/audiofilters/g726.c
Examining data/mediastreamer2-2.16.1/src/audiofilters/g729.c
Examining data/mediastreamer2-2.16.1/src/audiofilters/genericplc.c
Examining data/mediastreamer2-2.16.1/src/audiofilters/gsm.c
Examining data/mediastreamer2-2.16.1/src/audiofilters/l16.c
Examining data/mediastreamer2-2.16.1/src/audiofilters/macsnd.c
Examining data/mediastreamer2-2.16.1/src/audiofilters/msfileplayer.c
Examining data/mediastreamer2-2.16.1/src/audiofilters/msfilerec.c
Examining data/mediastreamer2-2.16.1/src/audiofilters/msg722.c
Examining data/mediastreamer2-2.16.1/src/audiofilters/msgenericplc.c
Examining data/mediastreamer2-2.16.1/src/audiofilters/msopus.c
Examining data/mediastreamer2-2.16.1/src/audiofilters/msresample.c
Examining data/mediastreamer2-2.16.1/src/audiofilters/msspeex.c
Examining data/mediastreamer2-2.16.1/src/audiofilters/msvaddtx.c
Examining data/mediastreamer2-2.16.1/src/audiofilters/msvolume.c
Examining data/mediastreamer2-2.16.1/src/audiofilters/mswasapi.cpp
Examining data/mediastreamer2-2.16.1/src/audiofilters/mswasapi.h
Examining data/mediastreamer2-2.16.1/src/audiofilters/mswasapi_reader.cpp
Examining data/mediastreamer2-2.16.1/src/audiofilters/mswasapi_reader.h
Examining data/mediastreamer2-2.16.1/src/audiofilters/mswasapi_writer.cpp
Examining data/mediastreamer2-2.16.1/src/audiofilters/mswasapi_writer.h
Examining data/mediastreamer2-2.16.1/src/audiofilters/oss.c
Examining data/mediastreamer2-2.16.1/src/audiofilters/pasnd.c
Examining data/mediastreamer2-2.16.1/src/audiofilters/pulseaudio.c
Examining data/mediastreamer2-2.16.1/src/audiofilters/qsa.c
Examining data/mediastreamer2-2.16.1/src/audiofilters/speexec.c
Examining data/mediastreamer2-2.16.1/src/audiofilters/tonedetector.c
Examining data/mediastreamer2-2.16.1/src/audiofilters/ulaw.c
Examining data/mediastreamer2-2.16.1/src/audiofilters/waveheader.h
Examining data/mediastreamer2-2.16.1/src/audiofilters/winsnd.c
Examining data/mediastreamer2-2.16.1/src/audiofilters/winsnd2.c
Examining data/mediastreamer2-2.16.1/src/audiofilters/winsnd3.c
Examining data/mediastreamer2-2.16.1/src/audiofilters/winsndds.cpp
Examining data/mediastreamer2-2.16.1/src/audiofilters/genericplc.h
Examining data/mediastreamer2-2.16.1/src/base/eventqueue.c
Examining data/mediastreamer2-2.16.1/src/base/msasync.c
Examining data/mediastreamer2-2.16.1/src/base/mscommon.c
Examining data/mediastreamer2-2.16.1/src/base/msfactory.c
Examining data/mediastreamer2-2.16.1/src/base/msfilter.c
Examining data/mediastreamer2-2.16.1/src/base/msqueue.c
Examining data/mediastreamer2-2.16.1/src/base/mssndcard.c
Examining data/mediastreamer2-2.16.1/src/base/msvideopresets.c
Examining data/mediastreamer2-2.16.1/src/base/mswebcam.c
Examining data/mediastreamer2-2.16.1/src/base/mtu.c
Examining data/mediastreamer2-2.16.1/src/base/msticker.c
Examining data/mediastreamer2-2.16.1/src/crypto/dtls_srtp.c
Examining data/mediastreamer2-2.16.1/src/crypto/zrtp.c
Examining data/mediastreamer2-2.16.1/src/crypto/ms_srtp.c
Examining data/mediastreamer2-2.16.1/src/dxfilter.cpp
Examining data/mediastreamer2-2.16.1/src/dxfilter.h
Examining data/mediastreamer2-2.16.1/src/ortp-deps/b64.c
Examining data/mediastreamer2-2.16.1/src/ortp-deps/logging.c
Examining data/mediastreamer2-2.16.1/src/ortp-deps/ortp-config-win32.h
Examining data/mediastreamer2-2.16.1/src/ortp-deps/ortp-config.h
Examining data/mediastreamer2-2.16.1/src/ortp-deps/ortp/b64.h
Examining data/mediastreamer2-2.16.1/src/ortp-deps/ortp/logging.h
Examining data/mediastreamer2-2.16.1/src/ortp-deps/ortp/payloadtype.h
Examining data/mediastreamer2-2.16.1/src/ortp-deps/ortp/port.h
Examining data/mediastreamer2-2.16.1/src/ortp-deps/ortp/str_utils.h
Examining data/mediastreamer2-2.16.1/src/ortp-deps/payloadtype.c
Examining data/mediastreamer2-2.16.1/src/ortp-deps/port.c
Examining data/mediastreamer2-2.16.1/src/ortp-deps/str_utils.c
Examining data/mediastreamer2-2.16.1/src/ortp-deps/utils.h
Examining data/mediastreamer2-2.16.1/src/otherfilters/itc.c
Examining data/mediastreamer2-2.16.1/src/otherfilters/join.c
Examining data/mediastreamer2-2.16.1/src/otherfilters/mspcapfileplayer.c
Examining data/mediastreamer2-2.16.1/src/otherfilters/msudp.c
Examining data/mediastreamer2-2.16.1/src/otherfilters/rfc4103_sink.c
Examining data/mediastreamer2-2.16.1/src/otherfilters/rfc4103_source.c
Examining data/mediastreamer2-2.16.1/src/otherfilters/tee.c
Examining data/mediastreamer2-2.16.1/src/otherfilters/void.c
Examining data/mediastreamer2-2.16.1/src/otherfilters/msrtp.c
Examining data/mediastreamer2-2.16.1/src/upnp/upnp_igd.c
Examining data/mediastreamer2-2.16.1/src/upnp/upnp_igd_cmd.c
Examining data/mediastreamer2-2.16.1/src/upnp/upnp_igd_private.h
Examining data/mediastreamer2-2.16.1/src/upnp/upnp_igd_utils.c
Examining data/mediastreamer2-2.16.1/src/upnp/upnp_igd_utils.h
Examining data/mediastreamer2-2.16.1/src/utils/_kiss_fft_guts.h
Examining data/mediastreamer2-2.16.1/src/utils/bits_rw.c
Examining data/mediastreamer2-2.16.1/src/utils/dsptools.c
Examining data/mediastreamer2-2.16.1/src/utils/ffmpeg-priv.c
Examining data/mediastreamer2-2.16.1/src/utils/g722.h
Examining data/mediastreamer2-2.16.1/src/utils/g722_decode.c
Examining data/mediastreamer2-2.16.1/src/utils/g722_encode.c
Examining data/mediastreamer2-2.16.1/src/utils/h264utils.c
Examining data/mediastreamer2-2.16.1/src/utils/h264utils.h
Examining data/mediastreamer2-2.16.1/src/utils/kiss_fft.c
Examining data/mediastreamer2-2.16.1/src/utils/kiss_fft.h
Examining data/mediastreamer2-2.16.1/src/utils/kiss_fftr.c
Examining data/mediastreamer2-2.16.1/src/utils/kiss_fftr.h
Examining data/mediastreamer2-2.16.1/src/utils/mkv_reader.c
Examining data/mediastreamer2-2.16.1/src/utils/msjava.c
Examining data/mediastreamer2-2.16.1/src/utils/opengl_debug.h
Examining data/mediastreamer2-2.16.1/src/utils/opengl_functions.c
Examining data/mediastreamer2-2.16.1/src/utils/opengl_functions.h
Examining data/mediastreamer2-2.16.1/src/utils/opengles_display.c
Examining data/mediastreamer2-2.16.1/src/utils/opengles_display.h
Examining data/mediastreamer2-2.16.1/src/utils/pcap_sender.c
Examining data/mediastreamer2-2.16.1/src/utils/pcap_sender.h
Examining data/mediastreamer2-2.16.1/src/utils/shader_util.c
Examining data/mediastreamer2-2.16.1/src/utils/shader_util.h
Examining data/mediastreamer2-2.16.1/src/utils/stream_regulator.c
Examining data/mediastreamer2-2.16.1/src/utils/stream_regulator.h
Examining data/mediastreamer2-2.16.1/src/utils/swscale.h
Examining data/mediastreamer2-2.16.1/src/utils/vfw-missing.h
Examining data/mediastreamer2-2.16.1/src/utils/x11_helper.c
Examining data/mediastreamer2-2.16.1/src/utils/audiodiff.c
Examining data/mediastreamer2-2.16.1/src/utils/mkv_reader.h
Examining data/mediastreamer2-2.16.1/src/utils/ffmpeg-priv.h
Examining data/mediastreamer2-2.16.1/src/utils/srtp_prefix.h
Examining data/mediastreamer2-2.16.1/src/videofilters/bb10_display.cpp
Examining data/mediastreamer2-2.16.1/src/videofilters/drawdib-display.c
Examining data/mediastreamer2-2.16.1/src/videofilters/extdisplay.c
Examining data/mediastreamer2-2.16.1/src/videofilters/ffmpegjpegwriter.c
Examining data/mediastreamer2-2.16.1/src/videofilters/generic_opengl_display.c
Examining data/mediastreamer2-2.16.1/src/videofilters/glxvideo.c
Examining data/mediastreamer2-2.16.1/src/videofilters/h264dec.c
Examining data/mediastreamer2-2.16.1/src/videofilters/mire.c
Examining data/mediastreamer2-2.16.1/src/videofilters/mkv.c
Examining data/mediastreamer2-2.16.1/src/videofilters/msdscap.cc
Examining data/mediastreamer2-2.16.1/src/videofilters/msv4l.c
Examining data/mediastreamer2-2.16.1/src/videofilters/pixconv.c
Examining data/mediastreamer2-2.16.1/src/videofilters/sizeconv.c
Examining data/mediastreamer2-2.16.1/src/videofilters/theora.c
Examining data/mediastreamer2-2.16.1/src/videofilters/turbojpegnowebcam.c
Examining data/mediastreamer2-2.16.1/src/videofilters/turbojpegwriter.c
Examining data/mediastreamer2-2.16.1/src/videofilters/videodec.c
Examining data/mediastreamer2-2.16.1/src/videofilters/videoenc.c
Examining data/mediastreamer2-2.16.1/src/videofilters/videoout.c
Examining data/mediastreamer2-2.16.1/src/videofilters/videotoolbox.c
Examining data/mediastreamer2-2.16.1/src/videofilters/wincevideods.c
Examining data/mediastreamer2-2.16.1/src/videofilters/winvideo.c
Examining data/mediastreamer2-2.16.1/src/videofilters/winvideo2.c
Examining data/mediastreamer2-2.16.1/src/videofilters/winvideods.c
Examining data/mediastreamer2-2.16.1/src/videofilters/x11video.c
Examining data/mediastreamer2-2.16.1/src/videofilters/vp8.c
Examining data/mediastreamer2-2.16.1/src/videofilters/bb10_capture.cpp
Examining data/mediastreamer2-2.16.1/src/videofilters/msv4l2.c
Examining data/mediastreamer2-2.16.1/src/videofilters/ffmpegnowebcam.c
Examining data/mediastreamer2-2.16.1/src/videofilters/nowebcam.c
Examining data/mediastreamer2-2.16.1/src/voip/audioconference.c
Examining data/mediastreamer2-2.16.1/src/voip/bandwidthcontroller.c
Examining data/mediastreamer2-2.16.1/src/voip/bitratecontrol.c
Examining data/mediastreamer2-2.16.1/src/voip/bitratedriver.c
Examining data/mediastreamer2-2.16.1/src/voip/ioshardware.h
Examining data/mediastreamer2-2.16.1/src/voip/layouts.c
Examining data/mediastreamer2-2.16.1/src/voip/layouts.h
Examining data/mediastreamer2-2.16.1/src/voip/msiframerequestslimiter.c
Examining data/mediastreamer2-2.16.1/src/voip/msmediaplayer.c
Examining data/mediastreamer2-2.16.1/src/voip/msvideo_neon.c
Examining data/mediastreamer2-2.16.1/src/voip/msvideo_neon.h
Examining data/mediastreamer2-2.16.1/src/voip/msvoip.c
Examining data/mediastreamer2-2.16.1/src/voip/msvoip_jni.cc
Examining data/mediastreamer2-2.16.1/src/voip/nowebcam.h
Examining data/mediastreamer2-2.16.1/src/voip/private.h
Examining data/mediastreamer2-2.16.1/src/voip/qosanalyzer.c
Examining data/mediastreamer2-2.16.1/src/voip/qosanalyzer.h
Examining data/mediastreamer2-2.16.1/src/voip/qualityindicator.c
Examining data/mediastreamer2-2.16.1/src/voip/rfc2429.h
Examining data/mediastreamer2-2.16.1/src/voip/rfc3984.c
Examining data/mediastreamer2-2.16.1/src/voip/rfc4103_textstream.c
Examining data/mediastreamer2-2.16.1/src/voip/ringstream.c
Examining data/mediastreamer2-2.16.1/src/voip/scaler.c
Examining data/mediastreamer2-2.16.1/src/voip/scaler.h
Examining data/mediastreamer2-2.16.1/src/voip/stun.c
Examining data/mediastreamer2-2.16.1/src/voip/video_preset_high_fps.c
Examining data/mediastreamer2-2.16.1/src/voip/videostarter.c
Examining data/mediastreamer2-2.16.1/src/voip/vp8rtpfmt.c
Examining data/mediastreamer2-2.16.1/src/voip/vp8rtpfmt.h
Examining data/mediastreamer2-2.16.1/src/voip/msvideo.c
Examining data/mediastreamer2-2.16.1/src/voip/audiostream.c
Examining data/mediastreamer2-2.16.1/src/voip/ice.c
Examining data/mediastreamer2-2.16.1/src/voip/mediastream.c
Examining data/mediastreamer2-2.16.1/src/voip/videostream.c
Examining data/mediastreamer2-2.16.1/src/filter-template.c
Examining data/mediastreamer2-2.16.1/tester/mediastreamer2_adaptive_tester.c
Examining data/mediastreamer2-2.16.1/tester/mediastreamer2_audio_stream_tester.c
Examining data/mediastreamer2-2.16.1/tester/mediastreamer2_basic_audio_tester.c
Examining data/mediastreamer2-2.16.1/tester/mediastreamer2_codec_impl_testers.c
Examining data/mediastreamer2-2.16.1/tester/mediastreamer2_framework_tester.c
Examining data/mediastreamer2-2.16.1/tester/mediastreamer2_jitterbuffer_tester.c
Examining data/mediastreamer2-2.16.1/tester/mediastreamer2_neon_tester.c
Examining data/mediastreamer2-2.16.1/tester/mediastreamer2_player_tester.c
Examining data/mediastreamer2-2.16.1/tester/mediastreamer2_sound_card_tester.c
Examining data/mediastreamer2-2.16.1/tester/mediastreamer2_tester.c
Examining data/mediastreamer2-2.16.1/tester/mediastreamer2_tester.h
Examining data/mediastreamer2-2.16.1/tester/mediastreamer2_tester_private.c
Examining data/mediastreamer2-2.16.1/tester/mediastreamer2_tester_private.h
Examining data/mediastreamer2-2.16.1/tester/mediastreamer2_tester_windows.cpp
Examining data/mediastreamer2-2.16.1/tester/mediastreamer2_tester_windows.h
Examining data/mediastreamer2-2.16.1/tester/mediastreamer2_text_stream_tester.c
Examining data/mediastreamer2-2.16.1/tester/mediastreamer2_video_stream_tester.c
Examining data/mediastreamer2-2.16.1/tools/common.c
Examining data/mediastreamer2-2.16.1/tools/common.h
Examining data/mediastreamer2-2.16.1/tools/echo.c
Examining data/mediastreamer2-2.16.1/tools/ios/mediastreamAppDelegate.h
Examining data/mediastreamer2-2.16.1/tools/ios/mediastreamViewController.h
Examining data/mediastreamer2-2.16.1/tools/mkvstream.c
Examining data/mediastreamer2-2.16.1/tools/msaudiocmp.c
Examining data/mediastreamer2-2.16.1/tools/mtudiscover.c
Examining data/mediastreamer2-2.16.1/tools/pcap_playback.c
Examining data/mediastreamer2-2.16.1/tools/ring.c
Examining data/mediastreamer2-2.16.1/tools/ring_jni.c
Examining data/mediastreamer2-2.16.1/tools/test_x11window.c
Examining data/mediastreamer2-2.16.1/tools/tones.c
Examining data/mediastreamer2-2.16.1/tools/videodisplay.c
Examining data/mediastreamer2-2.16.1/tools/mediastream.c
Examining data/mediastreamer2-2.16.1/tools/bench.c

FINAL RESULTS:

data/mediastreamer2-2.16.1/build/wp8/mediastreamer2-tester-native/mediastreamer2-tester-native.cpp:24:3:  [4] (format) vsnprintf:
  If format strings can be influenced by an attacker, they can be exploited,
  and note that sprintf variations do not always \0-terminate (CWE-134). Use
  a constant for the format specification.
		vsnprintf((char *)str.c_str(), MAX_TRACE_SIZE, fmt, args);
data/mediastreamer2-2.16.1/include/mediastreamer2/mscommon.h:563:9:  [4] (format) fprintf:
  If format strings can be influenced by an attacker, they can be exploited
  (CWE-134). Use a constant for the format specification.
#ifndef fprintf
data/mediastreamer2-2.16.1/include/mediastreamer2/mscommon.h:564:9:  [4] (format) fprintf:
  If format strings can be influenced by an attacker, they can be exploited
  (CWE-134). Use a constant for the format specification.
#define fprintf fprintf
data/mediastreamer2-2.16.1/include/mediastreamer2/mscommon.h:564:17:  [4] (format) fprintf:
  If format strings can be influenced by an attacker, they can be exploited
  (CWE-134). Use a constant for the format specification.
#define fprintf fprintf
data/mediastreamer2-2.16.1/include/mediastreamer2/mscommon.h:566:9:  [4] (format) vfprintf:
  If format strings can be influenced by an attacker, they can be exploited
  (CWE-134). Use a constant for the format specification.
#ifndef vfprintf
data/mediastreamer2-2.16.1/include/mediastreamer2/mscommon.h:567:9:  [4] (format) vfprintf:
  If format strings can be influenced by an attacker, they can be exploited
  (CWE-134). Use a constant for the format specification.
#define vfprintf vfprintf
data/mediastreamer2-2.16.1/include/mediastreamer2/mscommon.h:567:18:  [4] (format) vfprintf:
  If format strings can be influenced by an attacker, they can be exploited
  (CWE-134). Use a constant for the format specification.
#define vfprintf vfprintf
data/mediastreamer2-2.16.1/src/audiofilters/alsa.c:689:25:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
                        sprintf(plug_names[0],"%s:%s", device_names[0], card_names[0]);
data/mediastreamer2-2.16.1/src/audiofilters/alsa.c:706:4:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
			sprintf(plug_names[device_count],"%s:%s", device_names[j], card_names[j]);
data/mediastreamer2-2.16.1/src/audiofilters/msfilerec.c:116:6:  [4] (race) access:
  This usually indicates a security flaw. If an attacker can change anything
  along the path between the call to access() and the file's actual use
  (e.g., by moving files), the attacker can exploit the race condition
  (CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
  and try to open the file directly.
	if (access(filename,R_OK|W_OK)==0){
data/mediastreamer2-2.16.1/src/audiofilters/oss.c:312:6:  [4] (race) access:
  This usually indicates a security flaw. If an attacker can change anything
  along the path between the call to access() and the file's actual use
  (e.g., by moving files), the attacker can exploit the race condition
  (CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
  and try to open the file directly.
	if (access(DSP_NAME,F_OK)==0){
data/mediastreamer2-2.16.1/src/audiofilters/oss.c:319:7:  [4] (race) access:
  This usually indicates a security flaw. If an attacker can change anything
  along the path between the call to access() and the file's actual use
  (e.g., by moving files), the attacker can exploit the race condition
  (CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
  and try to open the file directly.
		if (access(pcmdev,F_OK)==0){
data/mediastreamer2-2.16.1/src/audiofilters/waveheader.h:52:10:  [4] (race) access:
  This usually indicates a security flaw. If an attacker can change anything
  along the path between the call to access() and the file's actual use
  (e.g., by moving files), the attacker can exploit the race condition
  (CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
  and try to open the file directly.
#	define access _access
data/mediastreamer2-2.16.1/src/audiofilters/winsndds.cpp:991:3:  [4] (format) swprintf:
  Potential format string problem (CWE-134). Make format string constant.
		swprintf(snd_card_name, 256, L"%s", lpszDesc);
data/mediastreamer2-2.16.1/src/audiofilters/winsndds.cpp:1001:3:  [4] (format) swprintf:
  Potential format string problem (CWE-134). Make format string constant.
		swprintf(snd_card_name, 256, L"%s", lpszDesc);
data/mediastreamer2-2.16.1/src/audiofilters/winsndds.cpp:1023:3:  [4] (format) swprintf:
  Potential format string problem (CWE-134). Make format string constant.
		swprintf(snd_card_name, 256, L"%s", lpszDesc);
data/mediastreamer2-2.16.1/src/audiofilters/winsndds.cpp:1033:3:  [4] (format) swprintf:
  Potential format string problem (CWE-134). Make format string constant.
		swprintf(snd_card_name, 256, L"%s", lpszDesc);
data/mediastreamer2-2.16.1/src/base/msfactory.c:629:5:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
				strcpy(initroutine_name,de->d_name);
data/mediastreamer2-2.16.1/src/ortp-deps/logging.c:73:7:  [4] (format) vsnprintf:
  If format strings can be influenced by an attacker, they can be exploited,
  and note that sprintf variations do not always \0-terminate (CWE-134). Use
  a constant for the format specification.
		n = vsnprintf (p, size, fmt, cap);
data/mediastreamer2-2.16.1/src/ortp-deps/logging.c:77:7:  [4] (format) vsnprintf:
  If format strings can be influenced by an attacker, they can be exploited,
  and note that sprintf variations do not always \0-terminate (CWE-134). Use
  a constant for the format specification.
		n = vsnprintf (p, size, fmt, ap);
data/mediastreamer2-2.16.1/src/ortp-deps/logging.c:154:2:  [4] (format) fprintf:
  If format strings can be influenced by an attacker, they can be exploited
  (CWE-134). Use a constant for the format specification.
	fprintf(__log_file,"ortp-%s-%s" ENDLINE,lname,msg);
data/mediastreamer2-2.16.1/src/ortp-deps/ortp/logging.h:72:54:  [4] (format) printf:
  If format strings can be influenced by an attacker, they can be exploited
  (CWE-134). Use a constant for the format specification.
#define CHECK_FORMAT_ARGS(m,n) __attribute__((format(printf,m,n)))
data/mediastreamer2-2.16.1/src/ortp-deps/ortp/port.h:147:9:  [4] (format) vsnprintf:
  If format strings can be influenced by an attacker, they can be exploited,
  and note that sprintf variations do not always \0-terminate (CWE-134). Use
  a constant for the format specification.
#define vsnprintf	_vsnprintf
data/mediastreamer2-2.16.1/src/ortp-deps/ortp/port.h:225:9:  [4] (format) snprintf:
  If format strings can be influenced by an attacker, they can be exploited,
  and note that sprintf variations do not always \0-terminate (CWE-134). Use
  a constant for the format specification.
#define snprintf _snprintf
data/mediastreamer2-2.16.1/src/ortp-deps/ortp/port.h:225:18:  [4] (format) _snprintf:
  If format strings can be influenced by an attacker, they can be exploited,
  and note that sprintf variations do not always \0-terminate (CWE-134). Use
  a constant for the format specification.
#define snprintf _snprintf
data/mediastreamer2-2.16.1/src/ortp-deps/port.c:96:2:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
	strcpy(ret,tmp);
data/mediastreamer2-2.16.1/src/ortp-deps/port.c:146:9:  [4] (race) access:
  This usually indicates a security flaw. If an attacker can change anything
  along the path between the call to access() and the file's actual use
  (e.g., by moving files), the attacker can exploit the race condition
  (CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
  and try to open the file directly.
	return access(pathname,F_OK);
data/mediastreamer2-2.16.1/src/upnp/upnp_igd.c:694:7:  [4] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused).
						strcat(variable_name, IGDVarName[service][j]);
data/mediastreamer2-2.16.1/src/utils/shader_util.c:58:17:  [4] (format) printf:
  If format strings can be influenced by an attacker, they can be exploited
  (CWE-134). Use a constant for the format specification.
#define LogInfo printf
data/mediastreamer2-2.16.1/src/utils/shader_util.c:59:18:  [4] (format) printf:
  If format strings can be influenced by an attacker, they can be exploited
  (CWE-134). Use a constant for the format specification.
#define LogError printf
data/mediastreamer2-2.16.1/src/videofilters/mkv.c:1939:5:  [4] (race) access:
  This usually indicates a security flaw. If an attacker can change anything
  along the path between the call to access() and the file's actual use
  (e.g., by moving files), the attacker can exploit the race condition
  (CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
  and try to open the file directly.
	if(access(filename, R_OK | W_OK) == 0) {
data/mediastreamer2-2.16.1/src/videofilters/winvideo2.c:241:3:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
		strcpy(obj->dev,dev);
data/mediastreamer2-2.16.1/src/videofilters/winvideods.c:1364:2:  [4] (format) snprintf:
  If format strings can be influenced by an attacker, they can be exploited,
  and note that sprintf variations do not always \0-terminate (CWE-134). Use
  a constant for the format specification.
	snprintf(s->dev, sizeof(s->dev), (char*)arg);
data/mediastreamer2-2.16.1/src/voip/ice.c:1923:3:  [4] (format) snprintf:
  If format strings can be influenced by an attacker, they can be exploited,
  and note that sprintf variations do not always \0-terminate (CWE-134). Use
  a constant for the format specification.
		snprintf(foundation, len, "%" PRIx64, r);
data/mediastreamer2-2.16.1/src/voip/msmediaplayer.c:119:5:  [4] (race) access:
  This usually indicates a security flaw. If an attacker can change anything
  along the path between the call to access() and the file's actual use
  (e.g., by moving files), the attacker can exploit the race condition
  (CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
  and try to open the file directly.
	if(access(filepath, F_OK) != 0) {
data/mediastreamer2-2.16.1/tester/mediastreamer2_tester.c:32:2:  [4] (format) vfprintf:
  If format strings can be influenced by an attacker, they can be exploited
  (CWE-134). Use a constant for the format specification.
	vfprintf(lev == ORTP_ERROR ? stderr : stdout, fmt, args);
data/mediastreamer2-2.16.1/tester/mediastreamer2_tester.c:38:2:  [4] (format) vfprintf:
  If format strings can be influenced by an attacker, they can be exploited
  (CWE-134). Use a constant for the format specification.
	vfprintf(lev == ORTP_ERROR ? stderr : stdout, fmt, cap);
data/mediastreamer2-2.16.1/tester/mediastreamer2_tester_windows.cpp:32:2:  [4] (format) vsnprintf:
  If format strings can be influenced by an attacker, they can be exploited,
  and note that sprintf variations do not always \0-terminate (CWE-134). Use
  a constant for the format specification.
	vsnprintf((char *)str.c_str(), MAX_TRACE_SIZE, fmt, args);
data/mediastreamer2-2.16.1/tools/common.c:63:5:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
				strcpy(nchannels,separator3+1);
data/mediastreamer2-2.16.1/tools/common.c:67:5:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
				strcpy(clockrate,separator2+1);
data/mediastreamer2-2.16.1/src/audiofilters/msopus.c:121:8:  [3] (buffer) getenv:
  Environment variables are untrustable input if they can be set by an
  attacker. They can have any content and length, and the same variable can
  be set more than once (CWE-807, CWE-20). Check environment variables
  carefully before using them.
	env = getenv("MS2_OPUS_COMPLEXITY");
data/mediastreamer2-2.16.1/src/audiofilters/winsnd.c:271:19:  [3] (misc) LoadLibrary:
  Ensure that the full path to the library is specified, or current directory
  may be used (CWE-829, CWE-20). Use registry entry or GetWindowsDirectory to
  find library path, if you aren't already.
	HINSTANCE hDll = LoadLibrary(L"\\windows\\ossvcs.dll");
data/mediastreamer2-2.16.1/src/audiofilters/winsndds.cpp:1048:21:  [3] (misc) LoadLibrary:
  Ensure that the full path to the library is specified, or current directory
  may be used (CWE-829, CWE-20). Use registry entry or GetWindowsDirectory to
  find library path, if you aren't already.
		ms_lib_instance = LoadLibrary(L"dsound.dll");
data/mediastreamer2-2.16.1/src/base/msfactory.c:171:20:  [3] (buffer) getenv:
  Environment variables are untrustable input if they can be set by an
  attacker. They can have any content and length, and the same variable can
  be set more than once (CWE-807, CWE-20). Check environment variables
  carefully before using them.
	debug_log_enabled=getenv("MEDIASTREAMER_DEBUG");
data/mediastreamer2-2.16.1/src/base/msfactory.c:497:8:  [3] (buffer) getenv:
  Environment variables are untrustable input if they can be set by an
  attacker. They can have any content and length, and the same variable can
  be set more than once (CWE-807, CWE-20). Check environment variables
  carefully before using them.
	tmp = getenv("DEBUG");
data/mediastreamer2-2.16.1/src/base/msticker.c:346:16:  [3] (buffer) getenv:
  Environment variables are untrustable input if they can be set by an
  attacker. They can have any content and length, and the same variable can
  be set more than once (CWE-807, CWE-20). Check environment variables
  carefully before using them.
		env_prio_c = getenv("MS_TICKER_SCHEDPRIO");
data/mediastreamer2-2.16.1/src/base/mtu.c:90:16:  [3] (misc) LoadLibrary:
  Ensure that the full path to the library is specified, or current directory
  may be used (CWE-829, CWE-20). Use registry entry or GetWindowsDirectory to
  find library path, if you aren't already.
		m_IcmpInst = LoadLibrary("icmp.dll");
data/mediastreamer2-2.16.1/src/base/mtu.c:201:2:  [3] (random) srandom:
  This function is not sufficiently random for security-related functions
  such as key and nonce creation (CWE-327). Use a more secure technique for
  acquiring random values.
	srandom(tv.tv_usec);
data/mediastreamer2-2.16.1/src/base/mtu.c:202:12:  [3] (random) random:
  This function is not sufficiently random for security-related functions
  such as key and nonce creation (CWE-327). Use a more secure technique for
  acquiring random values.
	rand_port=random() & 0xFFFF;
data/mediastreamer2-2.16.1/src/ortp-deps/ortp/port.h:148:9:  [3] (random) srandom:
  This function is not sufficiently random for security-related functions
  such as key and nonce creation (CWE-327). Use a more secure technique for
  acquiring random values.
#define srandom		srand
data/mediastreamer2-2.16.1/src/ortp-deps/ortp/port.h:148:18:  [3] (random) srand:
  This function is not sufficiently random for security-related functions
  such as key and nonce creation (CWE-327). Use a more secure technique for
  acquiring random values.
#define srandom		srand
data/mediastreamer2-2.16.1/src/ortp-deps/ortp/port.h:149:9:  [3] (random) random:
  This function is not sufficiently random for security-related functions
  such as key and nonce creation (CWE-327). Use a more secure technique for
  acquiring random values.
#define random		rand
data/mediastreamer2-2.16.1/src/otherfilters/msrtp.c:104:8:  [3] (buffer) getenv:
  Environment variables are untrustable input if they can be set by an
  attacker. They can have any content and length, and the same variable can
  be set more than once (CWE-807, CWE-20). Check environment variables
  carefully before using them.
	tmp = getenv("MS2_RTP_FIXED_DELAY");
data/mediastreamer2-2.16.1/src/utils/x11_helper.c:33:12:  [3] (buffer) getenv:
  Environment variables are untrustable input if they can be set by an
  attacker. They can have any content and length, and the same variable can
  be set more than once (CWE-807, CWE-20). Check environment variables
  carefully before using them.
	display = getenv("DISPLAY");
data/mediastreamer2-2.16.1/src/videofilters/glxvideo.c:73:10:  [3] (buffer) getenv:
  Environment variables are untrustable input if they can be set by an
  attacker. They can have any content and length, and the same variable can
  be set more than once (CWE-807, CWE-20). Check environment variables
  carefully before using them.
	display=getenv("DISPLAY");
data/mediastreamer2-2.16.1/src/videofilters/mire.c:177:10:  [3] (buffer) getenv:
  Environment variables are untrustable input if they can be set by an
  attacker. They can have any content and length, and the same variable can
  be set more than once (CWE-807, CWE-20). Check environment variables
  carefully before using them.
	debug = getenv("DEBUG");
data/mediastreamer2-2.16.1/src/videofilters/msv4l.c:291:14:  [3] (buffer) getenv:
  Environment variables are untrustable input if they can be set by an
  attacker. They can have any content and length, and the same variable can
  be set more than once (CWE-807, CWE-20). Check environment variables
  carefully before using them.
	s->usemire=(getenv("DEBUG")!=NULL);
data/mediastreamer2-2.16.1/src/videofilters/msv4l2.c:446:8:  [3] (buffer) getenv:
  Environment variables are untrustable input if they can be set by an
  attacker. They can have any content and length, and the same variable can
  be set more than once (CWE-807, CWE-20). Check environment variables
  carefully before using them.
	focus=getenv("MS2_CAM_FOCUS");
data/mediastreamer2-2.16.1/src/videofilters/x11video.c:80:10:  [3] (buffer) getenv:
  Environment variables are untrustable input if they can be set by an
  attacker. They can have any content and length, and the same variable can
  be set more than once (CWE-807, CWE-20). Check environment variables
  carefully before using them.
	display=getenv("DISPLAY");
data/mediastreamer2-2.16.1/src/voip/mediastream.c:88:10:  [3] (buffer) getenv:
  Environment variables are untrustable input if they can be set by an
  attacker. They can have any content and length, and the same variable can
  be set more than once (CWE-807, CWE-20). Check environment variables
  carefully before using them.
		penv = getenv("MS_VIDEO_PRIO");
data/mediastreamer2-2.16.1/src/voip/mediastream.c:99:10:  [3] (buffer) getenv:
  Environment variables are untrustable input if they can be set by an
  attacker. They can have any content and length, and the same variable can
  be set more than once (CWE-807, CWE-20). Check environment variables
  carefully before using them.
		penv = getenv("MS_AUDIO_PRIO");
data/mediastreamer2-2.16.1/tester/mediastreamer2_neon_tester.c:37:2:  [3] (random) srand:
  This function is not sufficiently random for security-related functions
  such as key and nonce creation (CWE-327). Use a more secure technique for
  acquiring random values.
	srand(time(0));
data/mediastreamer2-2.16.1/tools/echo.c:72:10:  [3] (buffer) getenv:
  Environment variables are untrustable input if they can be set by an
  attacker. They can have any content and length, and the same variable can
  be set more than once (CWE-807, CWE-20). Check environment variables
  carefully before using them.
	alsadev=getenv("MS2_ALSADEV");
data/mediastreamer2-2.16.1/tools/test_x11window.c:33:32:  [3] (buffer) getenv:
  Environment variables are untrustable input if they can be set by an
  attacker. They can have any content and length, and the same variable can
  be set more than once (CWE-807, CWE-20). Check environment variables
  carefully before using them.
	Display *display=XOpenDisplay(getenv("DISPLAY"));
data/mediastreamer2-2.16.1/build/wp8/mediastreamer2-tester-native/mediastreamer2-tester-native.cpp:21:3:  [2] (buffer) wchar_t:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
		wchar_t wstr[MAX_TRACE_SIZE];
data/mediastreamer2-2.16.1/build/wp8/mediastreamer2-tester-native/mediastreamer2-tester-native.cpp:39:2:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	char fmt2[MAX_TRACE_SIZE];
data/mediastreamer2-2.16.1/build/wp8/mediastreamer2-tester-native/mediastreamer2-tester-native.cpp:71:2:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	char csuitename[MAX_SUITE_NAME_SIZE] = { 0 };
data/mediastreamer2-2.16.1/build/wp8/mediastreamer2-tester-native/mediastreamer2-tester-native.cpp:72:2:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	char ccasename[MAX_SUITE_NAME_SIZE] = { 0 };
data/mediastreamer2-2.16.1/build/wp8/mediastreamer2-tester-native/mediastreamer2-tester-native.cpp:104:2:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	char cname[MAX_SUITE_NAME_SIZE] = { 0 };
data/mediastreamer2-2.16.1/build/wp8/mediastreamer2-tester-native/mediastreamer2-tester-native.cpp:112:2:  [2] (buffer) wchar_t:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	wchar_t wcname[MAX_SUITE_NAME_SIZE];
data/mediastreamer2-2.16.1/build/wp8/mediastreamer2-tester-native/mediastreamer2-tester-native.cpp:120:2:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	char csuitename[MAX_SUITE_NAME_SIZE] = { 0 };
data/mediastreamer2-2.16.1/build/wp8/mediastreamer2-tester-native/mediastreamer2-tester-native.cpp:123:2:  [2] (buffer) wchar_t:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	wchar_t wcname[MAX_SUITE_NAME_SIZE];
data/mediastreamer2-2.16.1/build/wp8/mediastreamer2-tester-native/mediastreamer2-tester-video.cpp:112:2:  [2] (buffer) wchar_t:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	wchar_t wstr[512];
data/mediastreamer2-2.16.1/include/mediastreamer2/dtmfgen.h:40:2:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	char tone_name[8];	/**<Tone name for convenience*/
data/mediastreamer2-2.16.1/include/mediastreamer2/dtmfgen.h:62:2:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	char tone_name[8];
data/mediastreamer2-2.16.1/include/mediastreamer2/ice.h:164:2:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	char ip[64];
data/mediastreamer2-2.16.1/include/mediastreamer2/ice.h:174:2:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	char foundation[32];	/**< Foundation of the candidate (see paragraph 3 of the RFC 5245 for more details */
data/mediastreamer2-2.16.1/include/mediastreamer2/ice.h:209:2:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	char local[32];	/**< Foundation of the local candidate */
data/mediastreamer2-2.16.1/include/mediastreamer2/ice.h:210:2:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	char remote[32];	/**< Foundation of the remote candidate */
data/mediastreamer2-2.16.1/include/mediastreamer2/mscommon.h:160:27:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
typedef struct { unsigned char octet[12]; } UInt96;
data/mediastreamer2-2.16.1/include/mediastreamer2/mscommon.h:161:27:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
typedef struct { unsigned char octet[16]; } UInt128;
data/mediastreamer2-2.16.1/include/mediastreamer2/mstonedetector.h:30:2:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	char tone_name[8];
data/mediastreamer2-2.16.1/include/mediastreamer2/mstonedetector.h:42:2:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	char tone_name[8];
data/mediastreamer2-2.16.1/src/android/androidsound.cpp:364:4:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
			memcpy(m->b_wptr,info.raw,info.size);
data/mediastreamer2-2.16.1/src/android/androidsound_opensles.cpp:434:2:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
	memcpy(m->b_wptr, ictx->recBuffer[ictx->currentBuffer], ictx->inBufSize);
data/mediastreamer2-2.16.1/src/android/androidvideo.cpp:85:2:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	char fps_context[64];
data/mediastreamer2-2.16.1/src/android/mediacodech264dec.c:224:4:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
			memcpy(dst, src, size);
data/mediastreamer2-2.16.1/src/android/mediacodech264dec.c:353:4:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
			memcpy(buf, d->bitstream, size);
data/mediastreamer2-2.16.1/src/android/mediacodech264dec.c:428:6:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
					memcpy(pic.planes[0], buf, ysize);
data/mediastreamer2-2.16.1/src/android/mediacodech264dec.c:429:6:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
					memcpy(pic.planes[1], buf + ysize, usize);
data/mediastreamer2-2.16.1/src/android/mediacodech264dec.c:430:6:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
					memcpy(pic.planes[2], buf + ysize + usize, usize);
data/mediastreamer2-2.16.1/src/android/mediacodech264dec.c:464:2:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	char value[256];
data/mediastreamer2-2.16.1/src/android/mediacodech264enc.c:282:8:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
							memcpy(buf, pic.planes[0], ysize);
data/mediastreamer2-2.16.1/src/android/mediacodech264enc.c:283:8:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
							memcpy(buf + ysize, pic.planes[1], usize);
data/mediastreamer2-2.16.1/src/android/mediacodech264enc.c:284:8:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
							memcpy(buf + ysize + usize, pic.planes[2], usize);
data/mediastreamer2-2.16.1/src/android/mediacodech264enc.c:289:8:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
							memcpy(buf, dst, size);
data/mediastreamer2-2.16.1/src/android/mediacodech264enc.c:395:26:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
	if (vconf != &d->vconf) memcpy(&d->vconf, vconf, sizeof(MSVideoConfiguration));
data/mediastreamer2-2.16.1/src/audiofilters/aac-eld-android.cpp:320:26:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
		retval = set_ptime ( s,atoi ( fmtp+6 ) );
data/mediastreamer2-2.16.1/src/audiofilters/aac-eld-android.cpp:331:2:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	char tmp[16]= {0};
data/mediastreamer2-2.16.1/src/audiofilters/aac-eld-android.cpp:336:26:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
		retval = set_ptime ( s,atoi ( tmp ) );
data/mediastreamer2-2.16.1/src/audiofilters/aac-eld-android.cpp:340:17:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
		int enabled = atoi(tmp);
data/mediastreamer2-2.16.1/src/audiofilters/aac-eld-android.cpp:551:2:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	char config[512];
data/mediastreamer2-2.16.1/src/audiofilters/aac-eld-android.cpp:555:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
		char octet[3];
data/mediastreamer2-2.16.1/src/audiofilters/aac-eld-android.cpp:567:17:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
		int enabled = atoi(config);
data/mediastreamer2-2.16.1/src/audiofilters/aac-eld.c:351:26:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
		retval = set_ptime ( s,atoi ( fmtp+6 ) );
data/mediastreamer2-2.16.1/src/audiofilters/aac-eld.c:361:2:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	char tmp[16]= {0};
data/mediastreamer2-2.16.1/src/audiofilters/aac-eld.c:366:26:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
		retval = set_ptime ( s,atoi ( tmp ) );
data/mediastreamer2-2.16.1/src/audiofilters/aac-eld.c:370:17:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
		int enabled = atoi(tmp);
data/mediastreamer2-2.16.1/src/audiofilters/aac-eld.c:777:2:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	char config[512];
data/mediastreamer2-2.16.1/src/audiofilters/aac-eld.c:781:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
		char octet[3];
data/mediastreamer2-2.16.1/src/audiofilters/alaw.c:91:2:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	char tmp[30];
data/mediastreamer2-2.16.1/src/audiofilters/alaw.c:93:12:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
		s->ptime=atoi(tmp);
data/mediastreamer2-2.16.1/src/audiofilters/alsa.c:651:2:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	char *plug_names[MAX_NUM_DEVICE_ID];
data/mediastreamer2-2.16.1/src/audiofilters/alsa.c:652:2:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	char *card_names[MAX_NUM_DEVICE_ID], *device_names[MAX_NUM_DEVICE_ID];
data/mediastreamer2-2.16.1/src/audiofilters/alsa.c:653:2:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	char *unique_card_names[MAX_NUM_DEVICE_ID], *unique_device_names[MAX_NUM_DEVICE_ID];
data/mediastreamer2-2.16.1/src/audiofilters/bv16.c:78:2:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	char tmp[64];
data/mediastreamer2-2.16.1/src/audiofilters/bv16.c:81:16:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
		s->max_ptime=atoi(tmp);
data/mediastreamer2-2.16.1/src/audiofilters/bv16.c:88:13:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
		int val = atoi(tmp);
data/mediastreamer2-2.16.1/src/audiofilters/bv16.c:99:15:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
		int ptime = atoi(attr+6);
data/mediastreamer2-2.16.1/src/audiofilters/devices.c:314:2:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	char manufacturer[PROP_VALUE_MAX] = {0};
data/mediastreamer2-2.16.1/src/audiofilters/devices.c:315:2:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	char model[PROP_VALUE_MAX] = {0};
data/mediastreamer2-2.16.1/src/audiofilters/devices.c:316:2:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	char platform[PROP_VALUE_MAX] = {0};
data/mediastreamer2-2.16.1/src/audiofilters/g711.c:57:17:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
static unsigned char _u2a[128] = {			/* u- to A-law conversions */
data/mediastreamer2-2.16.1/src/audiofilters/g711.c:78:17:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
static unsigned char _a2u[128] = {			/* A- to u-law conversions */
data/mediastreamer2-2.16.1/src/audiofilters/g726.c:115:2:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	char tmp[16];
data/mediastreamer2-2.16.1/src/audiofilters/g726.c:118:15:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
		set_ptime(s,atoi(tmp));
data/mediastreamer2-2.16.1/src/audiofilters/g726.c:130:15:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
		set_ptime(s,atoi(tmp+6));
data/mediastreamer2-2.16.1/src/audiofilters/g729.c:233:2:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	char buf[64];
data/mediastreamer2-2.16.1/src/audiofilters/g729.c:239:18:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
		obj->max_ptime=atoi(buf);
data/mediastreamer2-2.16.1/src/audiofilters/g729.c:248:14:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
		obj->ptime=atoi(buf);
data/mediastreamer2-2.16.1/src/audiofilters/genericplc.c:139:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
		memcpy(data, context->plc_out_buffer+context->plc_index, samples_ready_nbr*sizeof(int16_t));
data/mediastreamer2-2.16.1/src/audiofilters/genericplc.c:140:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
		memcpy(context->continuity_buffer, context->plc_out_buffer+context->plc_index+samples_ready_nbr, continuity_buffer_sample_nbr * sizeof(int16_t));
data/mediastreamer2-2.16.1/src/audiofilters/genericplc.c:150:4:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
			memcpy(data+samples_ready_nbr, context->plc_out_buffer, (sample_nbr - samples_ready_nbr)*sizeof(int16_t));
data/mediastreamer2-2.16.1/src/audiofilters/genericplc.c:155:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
		memcpy(context->continuity_buffer, context->plc_out_buffer + context->plc_index, 2*continuity_buffer_sample_nbr * sizeof(int16_t));
data/mediastreamer2-2.16.1/src/audiofilters/genericplc.c:159:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
		memcpy(data, context->plc_out_buffer+context->plc_index, sample_nbr*sizeof(int16_t));
data/mediastreamer2-2.16.1/src/audiofilters/genericplc.c:163:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
		memcpy(context->continuity_buffer, context->plc_out_buffer + context->plc_index, 2*continuity_buffer_sample_nbr * sizeof(int16_t));
data/mediastreamer2-2.16.1/src/audiofilters/genericplc.c:188:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
		memcpy(context->plc_buffer+context->plc_buffer_len-data_len, data, data_len);
data/mediastreamer2-2.16.1/src/audiofilters/genericplc.c:190:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
		memcpy(context->plc_buffer, data+data_len-context->plc_buffer_len, context->plc_buffer_len);
data/mediastreamer2-2.16.1/src/audiofilters/genericplc.c:202:2:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
	memcpy(buffer, data+data_len-transitionBufferSize, transitionBufferSize);
data/mediastreamer2-2.16.1/src/audiofilters/genericplc.c:206:2:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
	memcpy(data, context->continuity_buffer, transitionBufferSize);
data/mediastreamer2-2.16.1/src/audiofilters/genericplc.c:208:2:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
	memcpy(context->continuity_buffer, buffer, transitionBufferSize);
data/mediastreamer2-2.16.1/src/audiofilters/gsm.c:45:2:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	char tmp[30];
data/mediastreamer2-2.16.1/src/audiofilters/gsm.c:48:22:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
		return set_ptime(f,atoi(tmp));
data/mediastreamer2-2.16.1/src/audiofilters/gsm.c:56:15:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
		int ptime = atoi(attr+6);
data/mediastreamer2-2.16.1/src/audiofilters/l16.c:106:15:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
		set_ptime(s,atoi(fmtp+6));
data/mediastreamer2-2.16.1/src/audiofilters/l16.c:115:2:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	char tmp[16]={0};
data/mediastreamer2-2.16.1/src/audiofilters/l16.c:118:15:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
		set_ptime(s,atoi(tmp));
data/mediastreamer2-2.16.1/src/audiofilters/macsnd.c:87:2:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	char outName[5];
data/mediastreamer2-2.16.1/src/audiofilters/macsnd.c:88:2:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
	memcpy(outName,&fcc,4);
data/mediastreamer2-2.16.1/src/audiofilters/macsnd.c:185:2:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
	memcpy(card->data, obj->data, sizeof(AuCard));
data/mediastreamer2-2.16.1/src/audiofilters/macsnd.c:359:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
		char uidname[256]={0},devname[256]={0};
data/mediastreamer2-2.16.1/src/audiofilters/msfileplayer.c:188:10:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
	if ((fd=open(file,O_RDONLY|O_BINARY))==-1){
data/mediastreamer2-2.16.1/src/audiofilters/msfileplayer.c:201:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
		char err[PCAP_ERRBUF_SIZE];
data/mediastreamer2-2.16.1/src/audiofilters/msfileplayer.c:349:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
								memcpy(om->b_wptr, payload, bytes);
data/mediastreamer2-2.16.1/src/audiofilters/msfilerec.c:98:9:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
	int fd=open(file,O_RDONLY|O_BINARY);
data/mediastreamer2-2.16.1/src/audiofilters/msfilerec.c:125:8:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
	s->fd=open(filename,flags, S_IRUSR|S_IWUSR);
data/mediastreamer2-2.16.1/src/audiofilters/msfilerec.c:169:2:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
	memcpy(&header.riff_chunk.riff,"RIFF",4);
data/mediastreamer2-2.16.1/src/audiofilters/msfilerec.c:171:2:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
	memcpy(&header.riff_chunk.wave,"WAVE",4);
data/mediastreamer2-2.16.1/src/audiofilters/msfilerec.c:173:2:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
	memcpy(&header.format_chunk.fmt,"fmt ",4);
data/mediastreamer2-2.16.1/src/audiofilters/msfilerec.c:182:2:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
	memcpy(&header.data_chunk.data,"data",4);
data/mediastreamer2-2.16.1/src/audiofilters/msg722.c:137:15:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
		set_ptime(s,atoi(fmtp+6));
data/mediastreamer2-2.16.1/src/audiofilters/msg722.c:145:2:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	char tmp[16]={0};
data/mediastreamer2-2.16.1/src/audiofilters/msg722.c:147:15:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
		set_ptime(s,atoi(tmp));
data/mediastreamer2-2.16.1/src/audiofilters/msg722.c:289:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
		memcpy(decoded_buffer, om->b_wptr+TRANSITION_DELAY*16*sizeof(int16_t), buff_size-TRANSITION_DELAY*16*sizeof(int16_t));
data/mediastreamer2-2.16.1/src/audiofilters/msg722.c:290:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
		memcpy(decoded_buffer+buff_size-TRANSITION_DELAY*16*sizeof(int16_t), s->plc_context->continuity_buffer, TRANSITION_DELAY*16*sizeof(int16_t));
data/mediastreamer2-2.16.1/src/audiofilters/msgenericplc.c:87:4:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
			memcpy(m->b_rptr, continuity_buffer, transitionBufferSize);
data/mediastreamer2-2.16.1/src/audiofilters/msgenericplc.c:184:2:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
	memcpy(&s->cng_data,arg, sizeof(MSCngData));
data/mediastreamer2-2.16.1/src/audiofilters/msopus.c:124:20:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
		opusComplexity = atoi(env);
data/mediastreamer2-2.16.1/src/audiofilters/msopus.c:587:2:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	char buf[64]= {0};
data/mediastreamer2-2.16.1/src/audiofilters/msopus.c:590:22:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
		d->maxplaybackrate=atoi(buf);
data/mediastreamer2-2.16.1/src/audiofilters/msopus.c:593:19:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
		d->maxptime=MIN(atoi(buf),120);
data/mediastreamer2-2.16.1/src/audiofilters/msopus.c:596:11:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
		int val=atoi(buf);
data/mediastreamer2-2.16.1/src/audiofilters/msopus.c:600:19:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
		d->minptime=MAX(atoi(buf),20); // minimum shall be 3 but we do not provide less than 20ms ptime.
data/mediastreamer2-2.16.1/src/audiofilters/msopus.c:603:26:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
		d->maxaveragebitrate = atoi(buf);
data/mediastreamer2-2.16.1/src/audiofilters/msopus.c:606:15:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
		d->stereo = atoi(buf);
data/mediastreamer2-2.16.1/src/audiofilters/msopus.c:609:7:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
		if (atoi(buf) == 1 ) {
data/mediastreamer2-2.16.1/src/audiofilters/msopus.c:617:21:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
		d->useinbandfec = atoi(buf);
data/mediastreamer2-2.16.1/src/audiofilters/msopus.c:620:15:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
		d->usedtx = atoi(buf);
data/mediastreamer2-2.16.1/src/audiofilters/msopus.c:861:2:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	char buf[32];
data/mediastreamer2-2.16.1/src/audiofilters/msopus.c:865:12:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
		d->plc = atoi(buf);
data/mediastreamer2-2.16.1/src/audiofilters/msspeex.c:333:2:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	char buf[64];
data/mediastreamer2-2.16.1/src/audiofilters/msspeex.c:369:26:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
	else if (buf[0]=='"' && atoi(buf+1)>=0){
data/mediastreamer2-2.16.1/src/audiofilters/msspeex.c:370:11:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
		s->mode=atoi(buf+1);
data/mediastreamer2-2.16.1/src/audiofilters/msspeex.c:372:26:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
	else if (buf[0]!='"' && atoi(buf)>=0){
data/mediastreamer2-2.16.1/src/audiofilters/msspeex.c:373:11:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
		s->mode=atoi(buf);
data/mediastreamer2-2.16.1/src/audiofilters/msspeex.c:380:11:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
		int val=atoi(buf);
data/mediastreamer2-2.16.1/src/audiofilters/msspeex.c:558:2:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	char buf[32];
data/mediastreamer2-2.16.1/src/audiofilters/msspeex.c:560:10:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
		s->plc=atoi(buf);
data/mediastreamer2-2.16.1/src/audiofilters/mswasapi_reader.cpp:281:6:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
					memcpy(m->b_wptr, pData, numFramesAvailable * bytesPerFrame);
data/mediastreamer2-2.16.1/src/audiofilters/oss.c:160:9:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
	int fd=open(d->pcmdev,O_RDWR|O_NONBLOCK);
data/mediastreamer2-2.16.1/src/audiofilters/oss.c:167:16:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
	d->pcmfd_read=open(d->pcmdev,O_RDONLY|O_NONBLOCK);
data/mediastreamer2-2.16.1/src/audiofilters/oss.c:173:17:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
	d->pcmfd_write=open(d->pcmdev,O_WRONLY|O_NONBLOCK);
data/mediastreamer2-2.16.1/src/audiofilters/oss.c:203:11:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
	mix_fd = open(d->mixdev, O_WRONLY);
data/mediastreamer2-2.16.1/src/audiofilters/oss.c:228:11:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
	mix_fd = open(d->mixdev, O_RDONLY);
data/mediastreamer2-2.16.1/src/audiofilters/oss.c:250:11:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
	mix_fd = open(d->mixdev, O_WRONLY);
data/mediastreamer2-2.16.1/src/audiofilters/oss.c:310:2:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	char pcmdev[sizeof(DSP_NAME)+3];
data/mediastreamer2-2.16.1/src/audiofilters/oss.c:311:2:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	char mixdev[sizeof(MIXER_NAME)+3];
data/mediastreamer2-2.16.1/src/audiofilters/pasnd.c:34:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char waveoutbuffer[30][3200];
data/mediastreamer2-2.16.1/src/audiofilters/pasnd.c:93:7:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
      memcpy (outputBuffer, wtmpbuff, framesPerBuffer*2);
data/mediastreamer2-2.16.1/src/audiofilters/pasnd.c:117:7:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
      memcpy(rm->b_wptr,inputBuffer, framesPerBuffer*2);
data/mediastreamer2-2.16.1/src/audiofilters/pasnd.c:366:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char pcmdev[1024];
data/mediastreamer2-2.16.1/src/audiofilters/pasnd.c:367:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char mixdev[1024];
data/mediastreamer2-2.16.1/src/audiofilters/pulseaudio.c:30:2:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	char name[PA_STRING_SIZE];
data/mediastreamer2-2.16.1/src/audiofilters/pulseaudio.c:31:2:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	char description[PA_STRING_SIZE];
data/mediastreamer2-2.16.1/src/audiofilters/pulseaudio.c:32:2:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	char source_name[PA_STRING_SIZE];
data/mediastreamer2-2.16.1/src/audiofilters/pulseaudio.c:595:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
				memcpy(om->b_wptr, buffer, nbytes);
data/mediastreamer2-2.16.1/src/audiofilters/qsa.c:526:3:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
		strcpy(params.sw_mixer_subchn_name, "Wave playback channel");
data/mediastreamer2-2.16.1/src/audiofilters/speexec.c:96:15:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
		s->echofile=fopen(fname,"w");
data/mediastreamer2-2.16.1/src/audiofilters/speexec.c:99:14:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
		s->reffile=fopen(fname,"w");
data/mediastreamer2-2.16.1/src/audiofilters/speexec.c:102:16:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
		s->cleanfile=fopen(fname,"w");
data/mediastreamer2-2.16.1/src/audiofilters/ulaw.c:91:2:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	char val[30];
data/mediastreamer2-2.16.1/src/audiofilters/ulaw.c:93:12:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
		s->ptime=atoi(val);
data/mediastreamer2-2.16.1/src/audiofilters/waveheader.h:48:10:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
#	define open _open
data/mediastreamer2-2.16.1/src/audiofilters/waveheader.h:91:2:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	char riff[4] ;	/* "RIFF" (ASCII characters) */
data/mediastreamer2-2.16.1/src/audiofilters/waveheader.h:93:2:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	char wave[4] ;	/* "WAVE" (ASCII characters) */
data/mediastreamer2-2.16.1/src/audiofilters/waveheader.h:99:2:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	char  fmt[4] ;		/* "fmt_" (ASCII characters) */
data/mediastreamer2-2.16.1/src/audiofilters/waveheader.h:112:2:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	char data[4] ;	/* "data" (ASCII characters) */
data/mediastreamer2-2.16.1/src/audiofilters/winsnd.c:64:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char waveoutbuffer[30][3200];
data/mediastreamer2-2.16.1/src/audiofilters/winsnd.c:71:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char waveinbuffer[30][3200];
data/mediastreamer2-2.16.1/src/audiofilters/winsnd.c:186:4:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
			memcpy(rm->b_wptr,wHdr->lpData, wHdr->dwBufferLength);
data/mediastreamer2-2.16.1/src/audiofilters/winsnd.c:573:2:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	char pcmdev[1024];
data/mediastreamer2-2.16.1/src/audiofilters/winsnd.c:574:2:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	char mixdev[1024];
data/mediastreamer2-2.16.1/src/audiofilters/winsnd.c:650:21:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
                    memcpy (d->waveouthdr[pos_whdr].lpData, wtmpbuff, bsize);
data/mediastreamer2-2.16.1/src/audiofilters/winsnd2.c:766:2:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
	memcpy(card->data,obj->data,sizeof(WinSndCard));
data/mediastreamer2-2.16.1/src/audiofilters/winsnd2.c:820:4:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
			char card[256];
data/mediastreamer2-2.16.1/src/audiofilters/winsnd2.c:825:4:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
			char szName[256];
data/mediastreamer2-2.16.1/src/audiofilters/winsnd2.c:834:4:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
			char card[256];
data/mediastreamer2-2.16.1/src/audiofilters/winsnd2.c:839:4:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
			char szName[256];
data/mediastreamer2-2.16.1/src/audiofilters/winsnd2.c:1379:4:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
			char tmp[4096];
data/mediastreamer2-2.16.1/src/audiofilters/winsnd2.c:1380:4:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
			memcpy(tmp, m->b_rptr, msgdsize(m));
data/mediastreamer2-2.16.1/src/audiofilters/winsnd3.c:137:2:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
	memcpy(card->data,obj->data,sizeof(WinSndCard));
data/mediastreamer2-2.16.1/src/audiofilters/winsnd3.c:177:2:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	char card[256]={0};
data/mediastreamer2-2.16.1/src/audiofilters/winsndds.cpp:914:2:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
	memcpy(card->data,obj->data,sizeof(WinSndDsCard));
data/mediastreamer2-2.16.1/src/audiofilters/winsndds.cpp:930:4:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
			memcpy(&d->out_guid, lpguid, sizeof(GUID));
data/mediastreamer2-2.16.1/src/audiofilters/winsndds.cpp:935:4:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
			memcpy(&d->in_guid, lpguid, sizeof(GUID));
data/mediastreamer2-2.16.1/src/audiofilters/winsndds.cpp:958:6:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
					memcpy(&d->out_guid, lpguid, sizeof(GUID));
data/mediastreamer2-2.16.1/src/audiofilters/winsndds.cpp:965:6:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
					memcpy(&d->in_guid, lpguid, sizeof(GUID));
data/mediastreamer2-2.16.1/src/audiofilters/winsndds.cpp:989:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
		char szName[256];
data/mediastreamer2-2.16.1/src/audiofilters/winsndds.cpp:990:3:  [2] (buffer) wchar_t:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
		wchar_t snd_card_name[256];
data/mediastreamer2-2.16.1/src/audiofilters/winsndds.cpp:999:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
		char szName[256];
data/mediastreamer2-2.16.1/src/audiofilters/winsndds.cpp:1000:3:  [2] (buffer) wchar_t:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
		wchar_t snd_card_name[256];
data/mediastreamer2-2.16.1/src/audiofilters/winsndds.cpp:1021:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
		char szName[256];
data/mediastreamer2-2.16.1/src/audiofilters/winsndds.cpp:1022:3:  [2] (buffer) wchar_t:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
		wchar_t snd_card_name[256];
data/mediastreamer2-2.16.1/src/audiofilters/winsndds.cpp:1031:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
		char szName[256];
data/mediastreamer2-2.16.1/src/audiofilters/winsndds.cpp:1032:3:  [2] (buffer) wchar_t:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
		wchar_t snd_card_name[256];
data/mediastreamer2-2.16.1/src/audiofilters/winsndds.cpp:1238:4:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
			memcpy(m->b_rptr, lpInBuf1, bytesFilled);
data/mediastreamer2-2.16.1/src/audiofilters/winsndds.cpp:1249:4:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
			memcpy(m->b_rptr, lpInBuf1, dwInSize1);
data/mediastreamer2-2.16.1/src/audiofilters/winsndds.cpp:1250:4:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
			memcpy(m->b_rptr+dwInSize1, lpInBuf2, dwInSize2);
data/mediastreamer2-2.16.1/src/audiofilters/winsndds.cpp:1713:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
		char input[15360];
data/mediastreamer2-2.16.1/src/audiofilters/winsndds.cpp:1732:4:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
			memcpy(lpOutBuf1, input, dwOutSize1);
data/mediastreamer2-2.16.1/src/audiofilters/winsndds.cpp:1733:4:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
			memcpy(lpOutBuf2, input+dwOutSize1, dwOutSize2);
data/mediastreamer2-2.16.1/src/audiofilters/winsndds.cpp:1738:4:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
			memcpy(lpOutBuf1, input, msize);
data/mediastreamer2-2.16.1/src/audiofilters/winsndds.cpp:1743:4:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
			memcpy(lpOutBuf1, input, dwOutSize1);
data/mediastreamer2-2.16.1/src/audiofilters/winsndds.cpp:1744:4:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
			memcpy(lpOutBuf2, input+dwOutSize1, dwOutSize2);
data/mediastreamer2-2.16.1/src/audiofilters/winsndds.cpp:1855:2:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
	memcpy(&d->in_guid, &wc->in_guid, sizeof(GUID));
data/mediastreamer2-2.16.1/src/audiofilters/winsndds.cpp:1856:2:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
	memcpy(&d->out_guid, &wc->out_guid, sizeof(GUID));
data/mediastreamer2-2.16.1/src/audiofilters/winsndds.cpp:1866:2:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
	memcpy(&d->in_guid, &wc->in_guid, sizeof(GUID));
data/mediastreamer2-2.16.1/src/audiofilters/winsndds.cpp:1867:2:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
	memcpy(&d->out_guid, &wc->out_guid, sizeof(GUID));
data/mediastreamer2-2.16.1/src/base/eventqueue.c:92:19:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
	if (argsize > 0) memcpy(q->wptr + header_size, arg, argsize);
data/mediastreamer2-2.16.1/src/base/mscommon.c:438:10:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
	FILE *f=fopen(path,"rb");
data/mediastreamer2-2.16.1/src/base/msfactory.c:488:2:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	char szDirPath[1024];
data/mediastreamer2-2.16.1/src/base/msfactory.c:490:2:  [2] (buffer) wchar_t:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	wchar_t wszDirPath[1024];
data/mediastreamer2-2.16.1/src/base/msfactory.c:492:2:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	char szPluginFile[1024];
data/mediastreamer2-2.16.1/src/base/msfactory.c:499:26:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
	debug = (tmp != NULL && atoi(tmp) == 1);
data/mediastreamer2-2.16.1/src/base/msfactory.c:526:3:  [2] (buffer) wchar_t:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
		wchar_t wszPluginFile[2048];
data/mediastreamer2-2.16.1/src/base/msfactory.c:527:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
		char filename[512];
data/mediastreamer2-2.16.1/src/base/msfactory.c:559:4:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
			char szPluginName[256];
data/mediastreamer2-2.16.1/src/base/msfactory.c:560:4:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
			char szMethodName[256];
data/mediastreamer2-2.16.1/src/base/msfactory.c:599:2:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	char plugin_name[64];
data/mediastreamer2-2.16.1/src/base/msfactory.c:632:6:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
					strcpy(p,"_init");
data/mediastreamer2-2.16.1/src/base/msfactory.c:643:7:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
						strcpy(p,"_init");
data/mediastreamer2-2.16.1/src/base/msqueue.c:95:14:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
			if (data) memcpy(data+sz,m->b_rptr,cplen);
data/mediastreamer2-2.16.1/src/base/msticker.c:348:44:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
		env_prio = (env_prio_c == NULL)?max_prio:atoi(env_prio_c);
data/mediastreamer2-2.16.1/src/base/msticker.c:549:2:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
	memcpy(ev,&ticker->late_event,sizeof(MSTickerLateEvent));
data/mediastreamer2-2.16.1/src/base/mtu.c:77:2:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	char port[10];
data/mediastreamer2-2.16.1/src/base/mtu.c:78:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char ipaddr[INET6_ADDRSTRLEN];
data/mediastreamer2-2.16.1/src/base/mtu.c:86:12:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  unsigned char reply_buffer[10000];
data/mediastreamer2-2.16.1/src/base/mtu.c:139:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char icmpbuff[2048];
data/mediastreamer2-2.16.1/src/base/mtu.c:182:2:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	char port[10];
data/mediastreamer2-2.16.1/src/crypto/dtls_srtp.c:64:2:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	char peer_fingerprint[256]; /**< used to store peer fingerprint passed through SDP */
data/mediastreamer2-2.16.1/src/crypto/dtls_srtp.c:136:2:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	char fingerprint[256]; /* maximum length of the fingerprint for sha-512: 8+3*64+1 so we're good with 256 bytes buffer */
data/mediastreamer2-2.16.1/src/crypto/dtls_srtp.c:264:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
		memcpy(incoming_dtls_packet->data, msg->b_rptr, msgLength);
data/mediastreamer2-2.16.1/src/crypto/dtls_srtp.c:316:4:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
			char err_str[512];
data/mediastreamer2-2.16.1/src/crypto/dtls_srtp.c:427:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
		memcpy(buf, context->rtp_incoming_buffer->data, dataLength);
data/mediastreamer2-2.16.1/src/crypto/dtls_srtp.c:445:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
		memcpy(buf, context->rtcp_incoming_buffer->data, dataLength);
data/mediastreamer2-2.16.1/src/crypto/dtls_srtp.c:497:6:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
					char dtls_srtp_key_material[128];
data/mediastreamer2-2.16.1/src/crypto/dtls_srtp.c:511:7:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
						memcpy(key, dtls_srtp_key_material, DTLS_SRTP_KEY_LEN);
data/mediastreamer2-2.16.1/src/crypto/dtls_srtp.c:512:7:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
						memcpy(key + DTLS_SRTP_KEY_LEN, dtls_srtp_key_material+2*DTLS_SRTP_KEY_LEN, DTLS_SRTP_SALT_LEN);
data/mediastreamer2-2.16.1/src/crypto/dtls_srtp.c:515:7:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
						memcpy(key, dtls_srtp_key_material+DTLS_SRTP_KEY_LEN, DTLS_SRTP_KEY_LEN);
data/mediastreamer2-2.16.1/src/crypto/dtls_srtp.c:516:7:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
						memcpy(key + DTLS_SRTP_KEY_LEN, dtls_srtp_key_material+2*DTLS_SRTP_KEY_LEN+DTLS_SRTP_SALT_LEN, DTLS_SRTP_SALT_LEN);
data/mediastreamer2-2.16.1/src/crypto/dtls_srtp.c:520:7:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
						memcpy(key, dtls_srtp_key_material, DTLS_SRTP_KEY_LEN);
data/mediastreamer2-2.16.1/src/crypto/dtls_srtp.c:521:7:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
						memcpy(key + DTLS_SRTP_KEY_LEN, dtls_srtp_key_material+2*DTLS_SRTP_KEY_LEN, DTLS_SRTP_SALT_LEN);
data/mediastreamer2-2.16.1/src/crypto/dtls_srtp.c:524:7:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
						memcpy(key, dtls_srtp_key_material+DTLS_SRTP_KEY_LEN, DTLS_SRTP_KEY_LEN);
data/mediastreamer2-2.16.1/src/crypto/dtls_srtp.c:525:7:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
						memcpy(key + DTLS_SRTP_KEY_LEN, dtls_srtp_key_material+2*DTLS_SRTP_KEY_LEN+DTLS_SRTP_SALT_LEN, DTLS_SRTP_SALT_LEN);
data/mediastreamer2-2.16.1/src/crypto/dtls_srtp.c:576:6:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
					char dtls_srtp_key_material[128];
data/mediastreamer2-2.16.1/src/crypto/dtls_srtp.c:592:7:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
						memcpy(key, dtls_srtp_key_material, DTLS_SRTP_KEY_LEN);
data/mediastreamer2-2.16.1/src/crypto/dtls_srtp.c:593:7:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
						memcpy(key + DTLS_SRTP_KEY_LEN, dtls_srtp_key_material+2*DTLS_SRTP_KEY_LEN, DTLS_SRTP_SALT_LEN);
data/mediastreamer2-2.16.1/src/crypto/dtls_srtp.c:596:7:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
						memcpy(key, dtls_srtp_key_material+DTLS_SRTP_KEY_LEN, DTLS_SRTP_KEY_LEN);
data/mediastreamer2-2.16.1/src/crypto/dtls_srtp.c:597:7:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
						memcpy(key + DTLS_SRTP_KEY_LEN, dtls_srtp_key_material+2*DTLS_SRTP_KEY_LEN+DTLS_SRTP_SALT_LEN, DTLS_SRTP_SALT_LEN);
data/mediastreamer2-2.16.1/src/crypto/dtls_srtp.c:601:7:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
						memcpy(key, dtls_srtp_key_material, DTLS_SRTP_KEY_LEN);
data/mediastreamer2-2.16.1/src/crypto/dtls_srtp.c:602:7:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
						memcpy(key + DTLS_SRTP_KEY_LEN, dtls_srtp_key_material+2*DTLS_SRTP_KEY_LEN, DTLS_SRTP_SALT_LEN);
data/mediastreamer2-2.16.1/src/crypto/dtls_srtp.c:605:7:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
						memcpy(key, dtls_srtp_key_material+DTLS_SRTP_KEY_LEN, DTLS_SRTP_KEY_LEN);
data/mediastreamer2-2.16.1/src/crypto/dtls_srtp.c:606:7:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
						memcpy(key + DTLS_SRTP_KEY_LEN, dtls_srtp_key_material+2*DTLS_SRTP_KEY_LEN+DTLS_SRTP_SALT_LEN, DTLS_SRTP_SALT_LEN);
data/mediastreamer2-2.16.1/src/crypto/dtls_srtp.c:739:4:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
			memcpy(context->peer_fingerprint, peer_fingerprint, peer_fingerprint_length);
data/mediastreamer2-2.16.1/src/crypto/zrtp.c:215:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
		memcpy(key, secrets->peerSrtpKey, secrets->peerSrtpKeyLength);
data/mediastreamer2-2.16.1/src/crypto/zrtp.c:216:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
		memcpy(key + secrets->peerSrtpKeyLength, secrets->peerSrtpSalt, secrets->peerSrtpSaltLength);
data/mediastreamer2-2.16.1/src/crypto/zrtp.c:238:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
		memcpy(key, secrets->selfSrtpKey, secrets->selfSrtpKeyLength);
data/mediastreamer2-2.16.1/src/crypto/zrtp.c:239:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
		memcpy(key + secrets->selfSrtpKeyLength, secrets->selfSrtpSalt, secrets->selfSrtpSaltLength);
data/mediastreamer2-2.16.1/src/ortp-deps/b64.c:184:13:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
            char    characters[NUM_ENCODED_DATA_BYTES];
data/mediastreamer2-2.16.1/src/ortp-deps/b64.c:252:22:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
            unsigned char   dummy[NUM_PLAIN_DATA_BYTES];
data/mediastreamer2-2.16.1/src/ortp-deps/b64.c:323:16:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
        signed char         indexes[NUM_ENCODED_DATA_BYTES];    /* 4 */
data/mediastreamer2-2.16.1/src/ortp-deps/b64.c:388:26:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
                unsigned char   bytes[NUM_PLAIN_DATA_BYTES];        /* 3 */
data/mediastreamer2-2.16.1/src/ortp-deps/payloadtype.c:47:2:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
	memcpy(newpayload,payload,sizeof(PayloadType));
data/mediastreamer2-2.16.1/src/ortp-deps/port.c:136:5:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
	fd=fopen(pathname,"r");
data/mediastreamer2-2.16.1/src/ortp-deps/port.c:301:9:  [2] (buffer) TCHAR:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	static TCHAR msgBuf[256];
data/mediastreamer2-2.16.1/src/ortp-deps/port.c:344:9:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	static char buf[80];
data/mediastreamer2-2.16.1/src/ortp-deps/port.c:357:4:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
			sprintf(buf, "Error code : %d", error);
data/mediastreamer2-2.16.1/src/ortp-deps/port.c:577:2:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	char name[64];
data/mediastreamer2-2.16.1/src/ortp-deps/str_utils.c:44:2:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
	memcpy(&dest->net_addr,&source->net_addr,source->net_addrlen);
data/mediastreamer2-2.16.1/src/ortp-deps/str_utils.c:251:4:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
			memcpy(&db->db_base[wlen],mp->b_rptr,mlen);
data/mediastreamer2-2.16.1/src/ortp-deps/str_utils.c:255:4:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
			memcpy(&db->db_base[wlen],mp->b_rptr,remain);
data/mediastreamer2-2.16.1/src/ortp-deps/str_utils.c:274:2:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
	memcpy(newm->b_wptr,mp->b_rptr,len);
data/mediastreamer2-2.16.1/src/ortp-deps/str_utils.c:305:12:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
	if (size) memcpy(mp->b_wptr,data,size);
data/mediastreamer2-2.16.1/src/otherfilters/mspcapfileplayer.c:113:10:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
	if ((fd=open(file,O_RDONLY|O_BINARY))==-1){
data/mediastreamer2-2.16.1/src/otherfilters/mspcapfileplayer.c:124:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
		char err[PCAP_ERRBUF_SIZE];
data/mediastreamer2-2.16.1/src/otherfilters/mspcapfileplayer.c:252:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
								memcpy(om->b_wptr, rtp_header, bytes_pcap);
data/mediastreamer2-2.16.1/src/otherfilters/mspcapfileplayer.c:258:10:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
									memcpy(om->b_wptr, payload, bytes_pcap);
data/mediastreamer2-2.16.1/src/otherfilters/msrtp.c:46:2:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	char relay_session_id[64];
data/mediastreamer2-2.16.1/src/otherfilters/msrtp.c:82:4:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
			memcpy(mp->b_wptr, buf, len);
data/mediastreamer2-2.16.1/src/otherfilters/msrtp.c:89:4:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
			memcpy(mp->b_wptr, buf, len);
data/mediastreamer2-2.16.1/src/otherfilters/msrtp.c:122:24:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
	d->use_task= tmp ? (!!atoi(tmp)) : FALSE;
data/mediastreamer2-2.16.1/src/otherfilters/msrtp.c:493:2:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
	memcpy(&d->cng_data, data, sizeof(MSCngData));
data/mediastreamer2-2.16.1/src/otherfilters/msrtp.c:680:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
				memcpy(cngdata.data, data, datasize);
data/mediastreamer2-2.16.1/src/otherfilters/msudp.c:90:2:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	char port[10];
data/mediastreamer2-2.16.1/src/otherfilters/rfc4103_sink.c:79:2:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	char buf[1000];
data/mediastreamer2-2.16.1/src/otherfilters/rfc4103_sink.c:121:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
		memcpy(&stream->inbuf[stream->inbufsize], data, readsize);
data/mediastreamer2-2.16.1/src/otherfilters/rfc4103_source.c:76:4:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
			memcpy(&payload[payloadsize], &sub, 4);
data/mediastreamer2-2.16.1/src/otherfilters/rfc4103_source.c:82:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
		memcpy(&payload[payloadsize], &t140, 1);
data/mediastreamer2-2.16.1/src/otherfilters/rfc4103_source.c:90:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
				memcpy(&payload[payloadsize], &stream->buf[cur][0], stream->bufsize[cur]);
data/mediastreamer2-2.16.1/src/otherfilters/rfc4103_source.c:99:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
		memcpy(&payload[payloadsize], &stream->buf[pri][0], stream->bufsize[pri]);
data/mediastreamer2-2.16.1/src/otherfilters/rfc4103_source.c:104:2:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
	memcpy(packet->b_wptr, &payload, payloadsize);
data/mediastreamer2-2.16.1/src/upnp/upnp_igd.c:56:7:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
const char *IGDVarName[IGD_SERVICE_SERVCOUNT][IGD_MAXVARS] = {
data/mediastreamer2-2.16.1/src/upnp/upnp_igd.c:64:1:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
char IGDVarCount[IGD_SERVICE_SERVCOUNT] =  {
data/mediastreamer2-2.16.1/src/upnp/upnp_igd.c:403:2:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	char presURL[200];
data/mediastreamer2-2.16.1/src/upnp/upnp_igd.c:683:2:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	char variable_name[sizeof("New") + IGD_MAX_VAR_LEN];
data/mediastreamer2-2.16.1/src/upnp/upnp_igd.c:693:7:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
						strcpy(variable_name, "New");
data/mediastreamer2-2.16.1/src/upnp/upnp_igd_cmd.c:47:2:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
	memcpy(&igd_port_mapping_ctxt->mapping, mapping, sizeof(upnp_igd_port_mapping));
data/mediastreamer2-2.16.1/src/upnp/upnp_igd_cmd.c:149:9:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	static char ret[IGD_MAX_VAL_LEN]; 
data/mediastreamer2-2.16.1/src/upnp/upnp_igd_cmd.c:178:9:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	static char ret[250]; 
data/mediastreamer2-2.16.1/src/upnp/upnp_igd_cmd.c:207:9:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	static char ret[250]; 
data/mediastreamer2-2.16.1/src/upnp/upnp_igd_cmd.c:236:9:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	static char ret[250]; 
data/mediastreamer2-2.16.1/src/upnp/upnp_igd_cmd.c:265:9:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	static char ret[250]; 
data/mediastreamer2-2.16.1/src/upnp/upnp_igd_cmd.c:294:9:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	static char ret[IGD_MAX_VAL_LEN]; 
data/mediastreamer2-2.16.1/src/upnp/upnp_igd_cmd.c:353:2:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	char local_port_str[6], remote_port_str[6];
data/mediastreamer2-2.16.1/src/upnp/upnp_igd_cmd.c:417:2:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	char remote_port_str[6];
data/mediastreamer2-2.16.1/src/upnp/upnp_igd_private.h:65:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char service_id[NAME_SIZE];
data/mediastreamer2-2.16.1/src/upnp/upnp_igd_private.h:66:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char service_type[NAME_SIZE];
data/mediastreamer2-2.16.1/src/upnp/upnp_igd_private.h:67:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char *variables[IGD_MAXVARS];
data/mediastreamer2-2.16.1/src/upnp/upnp_igd_private.h:68:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char event_url[NAME_SIZE];
data/mediastreamer2-2.16.1/src/upnp/upnp_igd_private.h:69:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char control_url[NAME_SIZE];
data/mediastreamer2-2.16.1/src/upnp/upnp_igd_private.h:70:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char sid[NAME_SIZE];
data/mediastreamer2-2.16.1/src/upnp/upnp_igd_private.h:74:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char udn[250];
data/mediastreamer2-2.16.1/src/upnp/upnp_igd_private.h:75:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char desc_doc_url[250];
data/mediastreamer2-2.16.1/src/upnp/upnp_igd_private.h:76:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char friendly_name[250];
data/mediastreamer2-2.16.1/src/upnp/upnp_igd_private.h:77:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char model_name[250];
data/mediastreamer2-2.16.1/src/upnp/upnp_igd_private.h:78:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char model_number[250];
data/mediastreamer2-2.16.1/src/upnp/upnp_igd_private.h:79:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char pres_url[250];
data/mediastreamer2-2.16.1/src/upnp/upnp_igd_private.h:137:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
extern const char *IGDVarName[IGD_SERVICE_SERVCOUNT][IGD_MAXVARS];
data/mediastreamer2-2.16.1/src/upnp/upnp_igd_private.h:138:8:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
extern char IGDVarCount[IGD_SERVICE_SERVCOUNT];
data/mediastreamer2-2.16.1/src/utils/audiodiff.c:49:10:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
	if ((fd=open(file,O_RDONLY|O_BINARY))==-1){
data/mediastreamer2-2.16.1/src/utils/h264utils.c:142:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(&nalu_size, ptr, 4);
data/mediastreamer2-2.16.1/src/utils/h264utils.c:146:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(nalu->b_wptr, ptr+4, nalu_size);
data/mediastreamer2-2.16.1/src/utils/mkv_reader.c:97:2:  [2] (buffer) MultiByteToWideChar:
  Requires maximum length in CHARACTERS, not bytes (CWE-120).
	MultiByteToWideChar(CP_UTF8, 0, filename, -1, fname, (int)strlen(filename));
data/mediastreamer2-2.16.1/src/utils/mkv_reader.c:295:4:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
			memcpy((*block)->codec_state_data, EBML_BinaryGetData((ebml_binary *)codec_state_elt), (*block)->codec_state_size);
data/mediastreamer2-2.16.1/src/utils/mkv_reader.c:304:2:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
	memcpy((*block)->data, m_frame.Data, m_frame.Size);
data/mediastreamer2-2.16.1/src/utils/mkv_reader.c:562:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
		memcpy((*track_out)->codec_private, EBML_BinaryGetData((ebml_binary *)codec_private_elt), data_size);
data/mediastreamer2-2.16.1/src/utils/mkv_reader.h:32:2:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	char muxing_app[MAX_MKV_STRING_LENGTH];
data/mediastreamer2-2.16.1/src/utils/mkv_reader.h:33:2:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	char writing_app[MAX_MKV_STRING_LENGTH];
data/mediastreamer2-2.16.1/src/utils/mkv_reader.h:64:2:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	char codec_id[MAX_MKV_STRING_LENGTH];
data/mediastreamer2-2.16.1/src/videofilters/ffmpegjpegwriter.c:53:14:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
	obj->file = fopen(obj->tmpFilename, "wb");
data/mediastreamer2-2.16.1/src/videofilters/h264dec.c:241:4:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
			memcpy(dst,src,size);
data/mediastreamer2-2.16.1/src/videofilters/h264dec.c:361:2:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	char value[256];
data/mediastreamer2-2.16.1/src/videofilters/mire.c:179:15:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
	if (debug && atoi(debug)==1){
data/mediastreamer2-2.16.1/src/videofilters/mkv.c:93:2:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
	memcpy(dst, src, sizeof(H264Private));
data/mediastreamer2-2.16.1/src/videofilters/mkv.c:126:25:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
		if (size1 != size2 || memcpy(m1->b_rptr, m2->b_rptr, size1) != 0) return FALSE;
data/mediastreamer2-2.16.1/src/videofilters/mkv.c:208:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
		memcpy(&result[i], &buff_size_be, sizeof(buff_size_be));
data/mediastreamer2-2.16.1/src/videofilters/mkv.c:210:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
		memcpy(&result[i], buff->b_rptr, buff_size);
data/mediastreamer2-2.16.1/src/videofilters/mkv.c:221:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
		memcpy(&result[i], &buff_size_be, sizeof(buff_size_be));
data/mediastreamer2-2.16.1/src/videofilters/mkv.c:223:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
		memcpy(&result[i], buff->b_rptr, buff_size);
data/mediastreamer2-2.16.1/src/videofilters/mkv.c:241:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
		memcpy(&nalu_size, r_ptr, sizeof(uint16_t));
data/mediastreamer2-2.16.1/src/videofilters/mkv.c:245:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
		memcpy(nalu->b_wptr, r_ptr, nalu_size);
data/mediastreamer2-2.16.1/src/videofilters/mkv.c:254:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
		memcpy(&nalu_size, r_ptr, sizeof(uint16_t));
data/mediastreamer2-2.16.1/src/videofilters/mkv.c:258:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
		memcpy(nalu->b_wptr, r_ptr, nalu_size);
data/mediastreamer2-2.16.1/src/videofilters/mkv.c:357:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
		memcpy(size->b_wptr, &bufferSize, sizeof(bufferSize));
data/mediastreamer2-2.16.1/src/videofilters/mkv.c:437:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
		memcpy(&naluSize, input->b_rptr, sizeof(uint32_t));
data/mediastreamer2-2.16.1/src/videofilters/mkv.c:441:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
		memcpy(nalu->b_wptr, input->b_rptr, naluSize);
data/mediastreamer2-2.16.1/src/videofilters/mkv.c:662:2:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
	memcpy(*data, obj, *size);
data/mediastreamer2-2.16.1/src/videofilters/mkv.c:666:2:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
	memcpy(obj, data, sizeof(WavPrivate));
data/mediastreamer2-2.16.1/src/videofilters/mkv.c:750:8:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	const char signature[9] = "OpusHead";
data/mediastreamer2-2.16.1/src/videofilters/mkv.c:753:2:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
	memcpy(*data, signature, 8);
data/mediastreamer2-2.16.1/src/videofilters/mkv.c:754:2:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
	memcpy((*data) + 8, obj, 11);
data/mediastreamer2-2.16.1/src/videofilters/mkv.c:758:2:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
	memcpy(obj, data + 8, 11);
data/mediastreamer2-2.16.1/src/videofilters/mkv.c:1162:2:  [2] (buffer) wchar_t:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	wchar_t wpath[MAX_PATH+1];
data/mediastreamer2-2.16.1/src/videofilters/mkv.c:1163:6:  [2] (buffer) MultiByteToWideChar:
  Requires maximum length in CHARACTERS, not bytes (CWE-120).
	if (MultiByteToWideChar(CP_ACP, 0, path, -1, wpath, MAX_PATH+1) == 0) {
data/mediastreamer2-2.16.1/src/videofilters/mkv.c:2476:2:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
	memcpy(tmp->b_wptr, block->data, block->data_length);
data/mediastreamer2-2.16.1/src/videofilters/mkv.c:2566:9:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
		const char *typeString[2] = {"video", "audio"};
data/mediastreamer2-2.16.1/src/videofilters/msdscap.cc:256:2:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
	memcpy(m->b_wptr,p,size);
data/mediastreamer2-2.16.1/src/videofilters/msdscap.cc:286:2:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
	memcpy(str,&fcc,4);
data/mediastreamer2-2.16.1/src/videofilters/msdscap.cc:295:2:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	char fccstr[5];
data/mediastreamer2-2.16.1/src/videofilters/msdscap.cc:296:2:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	char selected_fcc[5];
data/mediastreamer2-2.16.1/src/videofilters/msdscap.cc:714:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
		char szName[256];
data/mediastreamer2-2.16.1/src/videofilters/msv4l.c:330:9:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
		s->fd=open(s->dev,O_RDWR);
data/mediastreamer2-2.16.1/src/videofilters/msv4l.c:659:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
		memcpy(tmp1+(dstartx*bpp),tmp2+(sstartx*bpp),(sw-(2*sstartx))*bpp);
data/mediastreamer2-2.16.1/src/videofilters/msv4l.c:1049:9:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
	int fd=open(devname,O_RDWR);
data/mediastreamer2-2.16.1/src/videofilters/msv4l.c:1060:5:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
	fd=open(devname,O_RDWR);
data/mediastreamer2-2.16.1/src/videofilters/msv4l2.c:48:19:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
#define v4l2_open open
data/mediastreamer2-2.16.1/src/videofilters/msv4l2.c:878:2:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	char devname[32];
data/mediastreamer2-2.16.1/src/videofilters/msv4l2.c:886:6:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
		fd=open(devname,O_RDWR);
data/mediastreamer2-2.16.1/src/videofilters/nowebcam.c:72:2:  [2] (buffer) MultiByteToWideChar:
  Requires maximum length in CHARACTERS, not bytes (CWE-120).
	MultiByteToWideChar(CP_UTF8, 0, jpgpath, -1, wUnicode, 1024);
data/mediastreamer2-2.16.1/src/videofilters/nowebcam.c:128:11:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
	int fd = open(jpgpath, O_RDONLY);
data/mediastreamer2-2.16.1/src/videofilters/theora.c:203:2:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
	memcpy(h->b_wptr,p.packet,p.bytes);
data/mediastreamer2-2.16.1/src/videofilters/theora.c:211:2:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
	memcpy(t->b_wptr,p.packet,p.bytes);
data/mediastreamer2-2.16.1/src/videofilters/theora.c:339:6:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
					memcpy(om->b_wptr,op.packet,op.bytes);
data/mediastreamer2-2.16.1/src/videofilters/theora.c:496:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
				memcpy(om->b_wptr,yuv.y+yuv.y_stride*i,yuv.y_width);
data/mediastreamer2-2.16.1/src/videofilters/theora.c:500:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
				memcpy(om->b_wptr,yuv.u+yuv.uv_stride*i,yuv.uv_width);
data/mediastreamer2-2.16.1/src/videofilters/theora.c:504:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
				memcpy(om->b_wptr,yuv.v+yuv.uv_stride*i,yuv.uv_width);
data/mediastreamer2-2.16.1/src/videofilters/turbojpegwriter.c:42:14:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
	obj->file = fopen(obj->tmpFilename, "wb");
data/mediastreamer2-2.16.1/src/videofilters/videodec.c:137:2:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	char config[512];
data/mediastreamer2-2.16.1/src/videofilters/videodec.c:143:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
		char octet[3];
data/mediastreamer2-2.16.1/src/videofilters/videodec.c:380:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(p, qt, table_len);
data/mediastreamer2-2.16.1/src/videofilters/videodec.c:394:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(p, codelens, ncodes);
data/mediastreamer2-2.16.1/src/videofilters/videodec.c:396:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(p, symbols, nsymbols);
data/mediastreamer2-2.16.1/src/videofilters/videodec.c:667:17:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
static unsigned char smasks[7] = { 0x7f, 0x3f, 0x1f, 0x0f, 0x07, 0x03, 0x01 };
data/mediastreamer2-2.16.1/src/videofilters/videoenc.c:183:11:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
		divider=atoi(equal+1);
data/mediastreamer2-2.16.1/src/videofilters/videoenc.c:201:2:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	char val[10];
data/mediastreamer2-2.16.1/src/videofilters/videoenc.c:203:14:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
		s->profile=atoi(val);
data/mediastreamer2-2.16.1/src/videofilters/videoenc.c:652:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
		memcpy(packet->b_wptr, &jpghdr, sizeof(jpghdr));
data/mediastreamer2-2.16.1/src/videofilters/videoenc.c:657:4:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
			memcpy(packet->b_wptr, &rsthdr, sizeof(rsthdr));
data/mediastreamer2-2.16.1/src/videofilters/videoenc.c:662:4:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
			memcpy(packet->b_wptr, &qtblhdr, sizeof(qtblhdr));
data/mediastreamer2-2.16.1/src/videofilters/videoenc.c:665:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
				memcpy(packet->b_wptr, lqt->b_rptr, msgdsize(lqt));
data/mediastreamer2-2.16.1/src/videofilters/videoenc.c:669:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
				memcpy(packet->b_wptr, cqt->b_rptr, msgdsize(cqt));
data/mediastreamer2-2.16.1/src/videofilters/videoenc.c:680:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
		memcpy(packet->b_wptr, frame->b_rptr + jpghdr.off, data_len);
data/mediastreamer2-2.16.1/src/videofilters/videoenc.c:732:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
				memcpy(_lqt->b_rptr, pbuf_ptr+3, len-3);
data/mediastreamer2-2.16.1/src/videofilters/videoenc.c:740:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
				memcpy(_cqt->b_rptr, pbuf_ptr+3, len-3);
data/mediastreamer2-2.16.1/src/videofilters/videoenc.c:884:26:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
	if (vconf != &s->vconf) memcpy(&s->vconf, vconf, sizeof(MSVideoConfiguration));
data/mediastreamer2-2.16.1/src/videofilters/videoout.c:288:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
		char driver[128];
data/mediastreamer2-2.16.1/src/videofilters/videotoolbox.c:37:9:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	static char complete_message[1024];
data/mediastreamer2-2.16.1/src/videofilters/videotoolbox.c:147:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
				memcpy(nalu->b_wptr, parameter_set, parameter_set_size);
data/mediastreamer2-2.16.1/src/videofilters/vp8.c:514:6:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
					memcpy(packet->m->b_wptr, pkt->data.frame.buf, pkt->data.frame.sz);
data/mediastreamer2-2.16.1/src/videofilters/vp8.c:582:26:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
	if (vconf != &s->vconf) memcpy(&s->vconf, vconf, sizeof(MSVideoConfiguration));
data/mediastreamer2-2.16.1/src/videofilters/vp8.c:1004:6:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
					memcpy(dest, src, s->outbuf.strides[i]);
data/mediastreamer2-2.16.1/src/videofilters/wincevideods.c:51:2:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	char dev[512];
data/mediastreamer2-2.16.1/src/videofilters/wincevideods.c:101:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
		memcpy(buf->b_wptr, byte_buf, size);
data/mediastreamer2-2.16.1/src/videofilters/winvideo.c:43:2:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	char dev[512];
data/mediastreamer2-2.16.1/src/videofilters/winvideo.c:123:2:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	char compname[5];
data/mediastreamer2-2.16.1/src/videofilters/winvideo.c:126:2:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	char dev[80];
data/mediastreamer2-2.16.1/src/videofilters/winvideo.c:127:2:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	char ver[80];
data/mediastreamer2-2.16.1/src/videofilters/winvideo.c:191:2:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
	memcpy(compname,&videoformat.bmiHeader.biCompression,4);
data/mediastreamer2-2.16.1/src/videofilters/winvideo.c:653:2:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	char dev[80];
data/mediastreamer2-2.16.1/src/videofilters/winvideo.c:654:2:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	char ver[80];
data/mediastreamer2-2.16.1/src/videofilters/winvideo.c:655:2:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	char name[160];
data/mediastreamer2-2.16.1/src/videofilters/winvideo2.c:37:2:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	char dev[512];
data/mediastreamer2-2.16.1/src/videofilters/winvideo2.c:93:2:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	char compname[5];
data/mediastreamer2-2.16.1/src/videofilters/winvideo2.c:96:2:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
	memcpy(compname,&videoformat.bmiHeader.biCompression,4);
data/mediastreamer2-2.16.1/src/videofilters/winvideo2.c:231:2:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	char dev[512];
data/mediastreamer2-2.16.1/src/videofilters/winvideo2.c:232:2:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	char ver[512];
data/mediastreamer2-2.16.1/src/videofilters/winvideods.c:49:2:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	char dev[512];
data/mediastreamer2-2.16.1/src/videofilters/winvideods.c:64:2:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	char nowebcamimage[256];
data/mediastreamer2-2.16.1/src/videofilters/winvideods.c:98:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
		memcpy(buf->b_wptr, byte_buf, size);
data/mediastreamer2-2.16.1/src/videofilters/winvideods.c:495:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
		char szName[256];
data/mediastreamer2-2.16.1/src/videofilters/winvideods.c:703:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
		char szName[256];
data/mediastreamer2-2.16.1/src/videofilters/winvideods.c:1483:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
		char szName[256];
data/mediastreamer2-2.16.1/src/videofilters/x11video.c:233:4:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
			char fcc[5]={0};
data/mediastreamer2-2.16.1/src/videofilters/x11video.c:234:4:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
			memcpy(fcc,&imgfmt[i].id,4);
data/mediastreamer2-2.16.1/src/voip/audiostream.c:1054:4:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
			char value[16]={0};
data/mediastreamer2-2.16.1/src/voip/audiostream.c:1058:12:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
					ptime=atoi(value);
data/mediastreamer2-2.16.1/src/voip/bitratedriver.c:63:2:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	char tmp[64];
data/mediastreamer2-2.16.1/src/voip/ice.c:940:2:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	char source_addr_str[64];
data/mediastreamer2-2.16.1/src/voip/ice.c:1005:2:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	char source_addr_str[64];
data/mediastreamer2-2.16.1/src/voip/ice.c:1067:2:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
	memcpy(&session->ss,ss,ss_len);
data/mediastreamer2-2.16.1/src/voip/ice.c:1273:2:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
	memcpy(&m->net_addr, from, fromlen);
data/mediastreamer2-2.16.1/src/voip/ice.c:1277:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
		char to_addr_str[64];
data/mediastreamer2-2.16.1/src/voip/ice.c:1308:2:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	char source_addr_str[64];
data/mediastreamer2-2.16.1/src/voip/ice.c:1309:2:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	char dest_addr_str[64];
data/mediastreamer2-2.16.1/src/voip/ice.c:1310:2:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	char tr_id_str[25];
data/mediastreamer2-2.16.1/src/voip/ice.c:1441:2:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	char local_addr_str[64];
data/mediastreamer2-2.16.1/src/voip/ice.c:1442:2:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	char remote_addr_str[64];
data/mediastreamer2-2.16.1/src/voip/ice.c:1443:2:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	char tr_id_str[25];
data/mediastreamer2-2.16.1/src/voip/ice.c:1622:2:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	char dest_addr_str[256];
data/mediastreamer2-2.16.1/src/voip/ice.c:1623:2:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	char source_addr_str[256];
data/mediastreamer2-2.16.1/src/voip/ice.c:1624:2:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	char tr_id_str[25];
data/mediastreamer2-2.16.1/src/voip/ice.c:1685:2:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	char dest_addr_str[256];
data/mediastreamer2-2.16.1/src/voip/ice.c:1686:2:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	char source_addr_str[256];
data/mediastreamer2-2.16.1/src/voip/ice.c:1687:2:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	char tr_id_str[25];
data/mediastreamer2-2.16.1/src/voip/ice.c:1726:2:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	char local_addr_str[64];
data/mediastreamer2-2.16.1/src/voip/ice.c:1727:2:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	char remote_addr_str[64];
data/mediastreamer2-2.16.1/src/voip/ice.c:1828:2:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
	memcpy(lenpos, &newlen, sizeof(uint16_t));
data/mediastreamer2-2.16.1/src/voip/ice.c:1832:2:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
	memcpy(lenpos, &newlen, sizeof(uint16_t));
data/mediastreamer2-2.16.1/src/voip/ice.c:1930:2:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	char foundation[32];
data/mediastreamer2-2.16.1/src/voip/ice.c:1966:2:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	char addr_str[64];
data/mediastreamer2-2.16.1/src/voip/ice.c:2138:2:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	char taddr_str[64];
data/mediastreamer2-2.16.1/src/voip/ice.c:2178:2:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	char local_addr_str[64];
data/mediastreamer2-2.16.1/src/voip/ice.c:2179:2:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	char remote_addr_str[64];
data/mediastreamer2-2.16.1/src/voip/ice.c:2289:2:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	char source_addr_str[64];
data/mediastreamer2-2.16.1/src/voip/ice.c:2311:2:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	char source_addr_str[64];
data/mediastreamer2-2.16.1/src/voip/ice.c:2334:2:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	char source_addr_str[64];
data/mediastreamer2-2.16.1/src/voip/ice.c:2368:2:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	char srflx_addr_str[64];
data/mediastreamer2-2.16.1/src/voip/ice.c:2369:2:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	char relay_addr_str[64];
data/mediastreamer2-2.16.1/src/voip/ice.c:2501:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
		char tr_id_str[25];
data/mediastreamer2-2.16.1/src/voip/ice.c:2556:2:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	char local_addr_str[64];
data/mediastreamer2-2.16.1/src/voip/ice.c:2557:2:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	char remote_addr_str[64];
data/mediastreamer2-2.16.1/src/voip/ice.c:2653:2:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	char source_addr_str[64];
data/mediastreamer2-2.16.1/src/voip/ice.c:2654:2:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	char recv_addr_str[64];
data/mediastreamer2-2.16.1/src/voip/ice.c:2656:2:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	char tr_id_str[25];
data/mediastreamer2-2.16.1/src/voip/ice.c:2906:2:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	char taddr_str[64];
data/mediastreamer2-2.16.1/src/voip/ice.c:3323:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
		memcpy(dyn_foundation, &foundation, sizeof(foundation));
data/mediastreamer2-2.16.1/src/voip/ice.c:3580:2:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	char local_ip[64];
data/mediastreamer2-2.16.1/src/voip/ice.c:4026:10:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
		pos += sprintf(&tr_id_str[pos], "%02x", ((unsigned char *)tr_id)[j]);
data/mediastreamer2-2.16.1/src/voip/ice.c:4026:54:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
		pos += sprintf(&tr_id_str[pos], "%02x", ((unsigned char *)tr_id)[j]);
data/mediastreamer2-2.16.1/src/voip/ice.c:4171:2:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	char local_rtp_addr[64], local_rtcp_addr[64];
data/mediastreamer2-2.16.1/src/voip/ice.c:4172:2:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	char remote_rtp_addr[64], remote_rtcp_addr[64];
data/mediastreamer2-2.16.1/src/voip/mediastream.c:169:2:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	char name[32] = {0};
data/mediastreamer2-2.16.1/src/voip/mediastream.c:241:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
		memcpy(lstats, stats, sizeof(*stats));
data/mediastreamer2-2.16.1/src/voip/mediastream.c:463:2:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
	memcpy(sessions,&stream->sessions, sizeof(MSMediaStreamSessions));
data/mediastreamer2-2.16.1/src/voip/msmediaplayer.c:129:8:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
		fd = open(filepath, O_RDONLY);
data/mediastreamer2-2.16.1/src/voip/msmediaplayer.c:289:15:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
	FILE *file = fopen(filepath, "rb");
data/mediastreamer2-2.16.1/src/voip/msvideo.c:161:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
		memcpy(dst, src, width);
data/mediastreamer2-2.16.1/src/voip/msvideo.c:182:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
		memcpy(w_ptr, r_ptr, dst_row_stride * dst_roi->h);
data/mediastreamer2-2.16.1/src/voip/msvideo.c:290:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
		memcpy(tmp, p, w);
data/mediastreamer2-2.16.1/src/voip/msvideo.c:291:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
		memcpy(p, bottom_line, w);
data/mediastreamer2-2.16.1/src/voip/msvideo.c:292:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
		memcpy(bottom_line, tmp, w);
data/mediastreamer2-2.16.1/src/voip/msvideo.c:768:7:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
						memcpy(&pict.planes[0][i*w], &y[i*y_byte_per_row], w);
data/mediastreamer2-2.16.1/src/voip/msvideo_neon.c:541:4:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
			memcpy(ydest_ptr,ysrc_ptr,w);
data/mediastreamer2-2.16.1/src/voip/qosanalyzer.c:215:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
		char *data[4];
data/mediastreamer2-2.16.1/src/voip/qosanalyzer.c:609:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
		char *data[4];
data/mediastreamer2-2.16.1/src/voip/stun.c:93:2:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
	memcpy(encoder->ptr, src, len);
data/mediastreamer2-2.16.1/src/voip/stun.c:140:2:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
	memcpy(encoder->lenptr, &ndata, sizeof(ndata));
data/mediastreamer2-2.16.1/src/voip/stun.c:414:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
		memcpy(&stun_addr.ip.v6.addr, decode(decoder, sizeof(UInt128)), sizeof(UInt128));
data/mediastreamer2-2.16.1/src/voip/stun.c:448:2:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
	memcpy(str, decoder->ptr, length);
data/mediastreamer2-2.16.1/src/voip/stun.c:475:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
		memcpy(*reason, decode(decoder, reason_length), reason_length);
data/mediastreamer2-2.16.1/src/voip/stun.c:490:2:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
	memcpy(hmac, decode(decoder, 20), 20);
data/mediastreamer2-2.16.1/src/voip/stun.c:533:2:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
	memcpy(data, decode(decoder, length), length);
data/mediastreamer2-2.16.1/src/voip/stun.c:575:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
		memcpy(addr_in6->sin6_addr.s6_addr, &stun_addr->ip.v6.addr, sizeof(UInt128));
data/mediastreamer2-2.16.1/src/voip/stun.c:590:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
		memcpy(&stun_addr->ip.v6.addr, ((const struct sockaddr_in6 *)addr)->sin6_addr.s6_addr, sizeof(UInt128));
data/mediastreamer2-2.16.1/src/voip/stun.c:632:11:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	unsigned char ha1[16];
data/mediastreamer2-2.16.1/src/voip/stun.c:638:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
		char buf[5] = { '0', 'x', ha1_text[i], ha1_text[i + 1], '\0' };
data/mediastreamer2-2.16.1/src/voip/stun.c:647:11:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	unsigned char ha1[16];
data/mediastreamer2-2.16.1/src/voip/stun.c:648:2:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	char ha1_text[1024];
data/mediastreamer2-2.16.1/src/voip/stun.c:1433:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
		memcpy(new_peer, peer_address, sizeof(MSStunAddress));
data/mediastreamer2-2.16.1/src/voip/stun.c:1475:10:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
									memcpy(msg->b_rptr, ms_stun_message_get_data(stun_msg), msgsize);
data/mediastreamer2-2.16.1/src/voip/stun.c:1483:11:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
										memcpy(&msg->recv_addr.addr.ipi6_addr, &((struct sockaddr_in6 *)relay_sa)->sin6_addr, sizeof(struct in6_addr));
data/mediastreamer2-2.16.1/src/voip/stun.c:1559:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
				memcpy(data, msg->b_rptr, datalen);
data/mediastreamer2-2.16.1/src/voip/vp8rtpfmt.c:102:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char decrypted[sizeof(VP8_BD_VALUE) + 1];
data/mediastreamer2-2.16.1/tester/mediastreamer2_framework_tester.c:193:2:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
	memcpy(wptr, y_plane, planelen), wptr+=planelen;
data/mediastreamer2-2.16.1/tester/mediastreamer2_framework_tester.c:199:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
		memcpy(wptr, u_plane, planelen/4), wptr+=planelen/4;
data/mediastreamer2-2.16.1/tester/mediastreamer2_framework_tester.c:200:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
		memcpy(wptr, v_plane, planelen/4);
data/mediastreamer2-2.16.1/tester/mediastreamer2_framework_tester.c:205:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
		memcpy(wptr, interleave_plane, planelen/2);
data/mediastreamer2-2.16.1/tester/mediastreamer2_jitterbuffer_tester.c:298:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
		memcpy(&final_video_rtp_stats, rtp_session_get_stats(receiverv->ms.sessions.rtp_session), sizeof(rtp_stats_t));
data/mediastreamer2-2.16.1/tester/mediastreamer2_jitterbuffer_tester.c:307:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
		memcpy(&final_audio_rtp_stats, rtp_session_get_stats(receiver->ms.sessions.rtp_session), sizeof(rtp_stats_t));
data/mediastreamer2-2.16.1/tester/mediastreamer2_tester.c:78:13:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
	log_file = fopen(filename, "w");
data/mediastreamer2-2.16.1/tester/mediastreamer2_tester_windows.cpp:29:2:  [2] (buffer) wchar_t:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	wchar_t wstr[MAX_TRACE_SIZE];
data/mediastreamer2-2.16.1/tester/mediastreamer2_tester_windows.cpp:90:2:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	char writable_dir[MAX_WRITABLE_DIR_SIZE] = { 0 };
data/mediastreamer2-2.16.1/tester/mediastreamer2_tester_windows.cpp:112:2:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	char csuitename[MAX_SUITE_NAME_SIZE] = { 0 };
data/mediastreamer2-2.16.1/tester/mediastreamer2_tester_windows.cpp:113:2:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	char ccasename[MAX_SUITE_NAME_SIZE] = { 0 };
data/mediastreamer2-2.16.1/tester/mediastreamer2_tester_windows.cpp:145:2:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	char cname[MAX_SUITE_NAME_SIZE] = { 0 };
data/mediastreamer2-2.16.1/tester/mediastreamer2_tester_windows.cpp:153:2:  [2] (buffer) wchar_t:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	wchar_t wcname[MAX_SUITE_NAME_SIZE];
data/mediastreamer2-2.16.1/tester/mediastreamer2_tester_windows.cpp:161:2:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	char csuitename[MAX_SUITE_NAME_SIZE] = { 0 };
data/mediastreamer2-2.16.1/tester/mediastreamer2_tester_windows.cpp:164:2:  [2] (buffer) wchar_t:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	wchar_t wcname[MAX_SUITE_NAME_SIZE];
data/mediastreamer2-2.16.1/tester/mediastreamer2_tester_windows.cpp:174:2:  [2] (buffer) wchar_t:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	wchar_t wcname[MAX_DEVICE_NAME_SIZE];
data/mediastreamer2-2.16.1/tester/mediastreamer2_tester_windows.cpp:198:2:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	char cPath[MAX_FILEPATH_SIZE] = { 0 };
data/mediastreamer2-2.16.1/tester/mediastreamer2_tester_windows.cpp:221:2:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	char cst[1024];
data/mediastreamer2-2.16.1/tester/mediastreamer2_tester_windows.cpp:286:2:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	char cst[1024];
data/mediastreamer2-2.16.1/tester/mediastreamer2_text_stream_tester.c:56:2:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	char received_chars[4096];
data/mediastreamer2-2.16.1/tools/bench.c:295:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
				char rec_file[128];
data/mediastreamer2-2.16.1/tools/common.c:33:17:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
	pt->clock_rate=atoi(rate);
data/mediastreamer2-2.16.1/tools/common.c:34:15:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
	pt->channels=atoi(channels);
data/mediastreamer2-2.16.1/tools/common.c:39:2:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	char type[64]={0};
data/mediastreamer2-2.16.1/tools/common.c:40:2:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	char subtype[64]={0};
data/mediastreamer2-2.16.1/tools/common.c:41:2:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	char clockrate[64]={0};
data/mediastreamer2-2.16.1/tools/common.c:42:2:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	char nchannels[64];
data/mediastreamer2-2.16.1/tools/mediastream.c:92:2:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	char ip[64];
data/mediastreamer2-2.16.1/tools/mediastream.c:93:2:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	char type[6];
data/mediastreamer2-2.16.1/tools/mediastream.c:100:2:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	char ip[64];
data/mediastreamer2-2.16.1/tools/mediastream.c:423:18:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
				out->payload=atoi(argv[i]);
data/mediastreamer2-2.16.1/tools/mediastream.c:436:16:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
			out->jitter=atoi(argv[i]);
data/mediastreamer2-2.16.1/tools/mediastream.c:439:17:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
			out->bitrate=atoi(argv[i]);
data/mediastreamer2-2.16.1/tools/mediastream.c:442:18:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
			out->vs.width=atoi(argv[i]);
data/mediastreamer2-2.16.1/tools/mediastream.c:445:19:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
			out->vs.height=atoi(argv[i]);
data/mediastreamer2-2.16.1/tools/mediastream.c:456:19:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
			out->ec_len_ms=atoi(argv[i]);
data/mediastreamer2-2.16.1/tools/mediastream.c:459:21:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
			out->ec_delay_ms=atoi(argv[i]);
data/mediastreamer2-2.16.1/tools/mediastream.c:462:22:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
			out->ec_framesize=atoi(argv[i]);
data/mediastreamer2-2.16.1/tools/mediastream.c:506:20:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
			out->el_sustain=atoi(argv[i]);
data/mediastreamer2-2.16.1/tools/mediastream.c:522:25:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
			out->device_rotation=atoi(argv[i]);
data/mediastreamer2-2.16.1/tools/mediastream.c:538:38:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
				out->netsim.max_bandwidth=(float)atoi(argv[i]);
data/mediastreamer2-2.16.1/tools/mediastream.c:547:34:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
				out->netsim.loss_rate=(float)atoi(argv[i]);
data/mediastreamer2-2.16.1/tools/mediastream.c:574:27:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
				out->netsim.latency = atoi(argv[i]);
data/mediastreamer2-2.16.1/tools/mediastream.c:647:19:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
			out->logfile = fopen(argv[i], "a+");
data/mediastreamer2-2.16.1/tools/mediastream.c:797:4:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
			char tmp[30];
data/mediastreamer2-2.16.1/tools/mediastream.c:805:4:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
			char tmp[30];
data/mediastreamer2-2.16.1/tools/mediastream.c:853:4:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
			char foundation[4];
data/mediastreamer2-2.16.1/tools/mediastream.c:1019:4:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
			char commands[128];
data/mediastreamer2-2.16.1/tools/mediastream.c:1304:8:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
	*port=atoi(semicolon+1);
data/mediastreamer2-2.16.1/tools/mediastream.c:1323:2:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	char str[256];
data/mediastreamer2-2.16.1/tools/mediastream.c:1386:12:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
	*video_id=atoi(copy);
data/mediastreamer2-2.16.1/tools/mediastream.c:1387:14:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
	*preview_id=atoi(semicolon+1);
data/mediastreamer2-2.16.1/tools/mkvstream.c:97:10:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
		port = atoi(argv[4]);
data/mediastreamer2-2.16.1/tools/mkvstream.c:99:16:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
		local_port = atoi(argv[3]);
data/mediastreamer2-2.16.1/tools/msaudiocmp.c:37:28:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
		params.max_shift_percent=atoi(argv[3]);
data/mediastreamer2-2.16.1/tools/msaudiocmp.c:40:26:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
		params.chunk_size_ms = atoi(argv[4]);
data/mediastreamer2-2.16.1/tools/pcap_playback.c:151:20:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
				out->payload = atoi(argv[i]);
data/mediastreamer2-2.16.1/include/mediastreamer2/ice.h:253:9:  [1] (buffer) mismatch:
  Function does not check the second iterator for over-read conditions
  (CWE-126). This function is often discouraged by most C++ coding standards
  in favor of its safer alternatives provided since C++14. Consider using a
  form of this function that checks the second iterator before potentially
  overflowing it.
	bool_t mismatch;	/**< Boolean value telling whether there was a mismatch during the answer/offer process */
data/mediastreamer2-2.16.1/src/android/AudioRecord.h:346:25:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
            ssize_t     read(void* buffer, size_t size);
data/mediastreamer2-2.16.1/src/android/androidsound.cpp:789:3:  [1] (obsolete) usleep:
  This C routine is considered obsolete (as opposed to the shell command by
  the same name). The interaction of this function with SIGALRM and other
  timer functions such as sleep(), alarm(), setitimer(), and nanosleep() is
  unspecified (CWE-676). Use nanosleep(2) or setitimer(2) instead.
		usleep(20000);
data/mediastreamer2-2.16.1/src/android/mediacodech264dec.c:475:42:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
			d->sps->b_wptr += b64_decode(b64_sps, strlen(b64_sps), d->sps->b_wptr, sizeof(value));
data/mediastreamer2-2.16.1/src/android/mediacodech264dec.c:477:42:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
			d->pps->b_wptr += b64_decode(b64_pps, strlen(b64_pps), d->pps->b_wptr, sizeof(value));
data/mediastreamer2-2.16.1/src/audiofilters/aac-eld-android.cpp:554:15:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
		int i,j,max=strlen ( config );
data/mediastreamer2-2.16.1/src/audiofilters/aac-eld.c:780:15:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
		int i,j,max=strlen ( config );
data/mediastreamer2-2.16.1/src/audiofilters/alsa.c:274:3:  [1] (obsolete) usleep:
  This C routine is considered obsolete (as opposed to the shell command by
  the same name). The interaction of this function with SIGALRM and other
  timer functions such as sleep(), alarm(), setitimer(), and nanosleep() is
  unspecified (CWE-676). Use nanosleep(2) or setitimer(2) instead.
		usleep(200000);
data/mediastreamer2-2.16.1/src/audiofilters/alsa.c:319:3:  [1] (obsolete) usleep:
  This C routine is considered obsolete (as opposed to the shell command by
  the same name). The interaction of this function with SIGALRM and other
  timer functions such as sleep(), alarm(), setitimer(), and nanosleep() is
  unspecified (CWE-676). Use nanosleep(2) or setitimer(2) instead.
		usleep(200000);
data/mediastreamer2-2.16.1/src/audiofilters/alsa.c:796:17:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
			pos2 = ret + strlen(ret) - 1;
data/mediastreamer2-2.16.1/src/audiofilters/dtmfgen.c:294:6:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120).
					strncpy(ev.tone_name,s->current_tone.tone_name,sizeof(ev.tone_name));
data/mediastreamer2-2.16.1/src/audiofilters/dtmfgen.c:317:6:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120).
					strncpy(ev.tone_name,s->current_tone.tone_name,sizeof(ev.tone_name));
data/mediastreamer2-2.16.1/src/audiofilters/macsnd.c:424:6:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
	int read;
data/mediastreamer2-2.16.1/src/audiofilters/msfileplayer.c:106:8:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
	len = read(fd, (char*)riff_chunk, sizeof(riff_t)) ;
data/mediastreamer2-2.16.1/src/audiofilters/msfileplayer.c:115:8:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
	len = read(fd, (char*)format_chunk, sizeof(format_t)) ;            
data/mediastreamer2-2.16.1/src/audiofilters/msfileplayer.c:129:9:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
		len = read(fd, data_chunk, sizeof(data_t)) ;
data/mediastreamer2-2.16.1/src/audiofilters/mswasapi.cpp:391:52:  [1] (buffer) wcslen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
		wasapicard->id_vector = new std::vector<wchar_t>(wcslen(id) + 1);
data/mediastreamer2-2.16.1/src/audiofilters/mswasapi.cpp:404:14:  [1] (buffer) wcslen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
		inputlen = wcslen(DeviceName->Data()) + 1;
data/mediastreamer2-2.16.1/src/audiofilters/mswasapi.cpp:497:51:  [1] (buffer) wcslen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	wasapicard->id_vector = new std::vector<wchar_t>(wcslen(id) + 1);
data/mediastreamer2-2.16.1/src/audiofilters/mswasapi.cpp:512:13:  [1] (buffer) wcslen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	inputlen = wcslen(wname);
data/mediastreamer2-2.16.1/src/audiofilters/oss.c:348:9:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
				err=read(d->pcmfd_read,rm->b_wptr,bsize);
data/mediastreamer2-2.16.1/src/audiofilters/oss.c:362:14:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
				int sz = read(d->pcmfd_read,rtmpbuff,bsize);
data/mediastreamer2-2.16.1/src/audiofilters/oss.c:384:18:  [1] (obsolete) usleep:
  This C routine is considered obsolete (as opposed to the shell command by
  the same name). The interaction of this function with SIGALRM and other
  timer functions such as sleep(), alarm(), setitimer(), and nanosleep() is
  unspecified (CWE-676). Use nanosleep(2) or setitimer(2) instead.
		if (!did_read) usleep(20000); /*avoid 100%cpu loop for nothing*/
data/mediastreamer2-2.16.1/src/audiofilters/pulseaudio.c:157:2:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120).
	strncpy(pa_device->name, l->name, PA_STRING_SIZE-1);
data/mediastreamer2-2.16.1/src/audiofilters/pulseaudio.c:158:2:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120).
	strncpy(pa_device->description, l->description, PA_STRING_SIZE-1);
data/mediastreamer2-2.16.1/src/audiofilters/pulseaudio.c:178:2:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120).
	strncpy(pa_device->name, l->name, PA_STRING_SIZE -1);
data/mediastreamer2-2.16.1/src/audiofilters/pulseaudio.c:179:2:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120).
	strncpy(pa_device->description, l->description, PA_STRING_SIZE -1);
data/mediastreamer2-2.16.1/src/audiofilters/pulseaudio.c:238:3:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120).
		strncpy(pa_device->source_name,sourceCard_data->name, PA_STRING_SIZE -1);
data/mediastreamer2-2.16.1/src/audiofilters/speexec.c:127:17:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
		size_t buflen=strlen(s->state_str);
data/mediastreamer2-2.16.1/src/audiofilters/speexec.c:130:39:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
		if ((buflen=b64_decode(s->state_str,strlen(s->state_str),buffer,buflen))<=0){
data/mediastreamer2-2.16.1/src/audiofilters/tonedetector.c:176:8:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120).
							strncpy(event.tone_name,tone_def->tone_name,sizeof(event.tone_name));
data/mediastreamer2-2.16.1/src/audiofilters/waveheader.h:49:10:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
#	define read _read
data/mediastreamer2-2.16.1/src/base/msfactory.c:570:22:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
			else szPluginName[strlen(szPluginName)-4]='\0'; /*remove .dll*/
data/mediastreamer2-2.16.1/src/base/msfactory.c:626:39:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
				char *initroutine_name=ms_malloc0(strlen(de->d_name)+10);
data/mediastreamer2-2.16.1/src/base/msfactory.c:696:6:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	if (strlen(obj->plugins_dir) > 0) {
data/mediastreamer2-2.16.1/src/base/mtu.c:246:3:  [1] (obsolete) usleep:
  This C routine is considered obsolete (as opposed to the shell command by
  the same name). The interaction of this function with SIGALRM and other
  timer functions such as sleep(), alarm(), setitimer(), and nanosleep() is
  unspecified (CWE-676). Use nanosleep(2) or setitimer(2) instead.
		usleep(500000);/*wait for an icmp message come back */
data/mediastreamer2-2.16.1/src/crypto/dtls_srtp.c:172:63:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	if (strncasecmp((const char *)fingerprint, peer_fingerprint, strlen((const char *)fingerprint)) == 0) {
data/mediastreamer2-2.16.1/src/crypto/dtls_srtp.c:682:96:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	ret = bctbx_x509_certificate_parse( dtlsContext->crt, (const char *) params->pem_certificate, strlen( params->pem_certificate )+1 );
data/mediastreamer2-2.16.1/src/crypto/dtls_srtp.c:687:86:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	ret =  bctbx_signing_key_parse( dtlsContext->pkey, (const char *) params->pem_pkey, strlen( params->pem_pkey )+1, NULL, 0 );
data/mediastreamer2-2.16.1/src/crypto/dtls_srtp.c:734:36:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
		size_t peer_fingerprint_length = strlen(peer_fingerprint)+1; // include the null termination
data/mediastreamer2-2.16.1/src/crypto/ms_srtp.c:411:26:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	size_t b64_key_length = strlen(b64_key);
data/mediastreamer2-2.16.1/src/crypto/ms_srtp.c:452:26:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	size_t b64_key_length = strlen(b64_key);
data/mediastreamer2-2.16.1/src/ortp-deps/payloadtype.c:27:15:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	int len=(int)strlen(pt->mime_type)+15;
data/mediastreamer2-2.16.1/src/ortp-deps/payloadtype.c:148:7:  [1] (buffer) equal:
  Function does not check the second iterator for over-read conditions
  (CWE-126). This function is often discouraged by most C++ coding standards
  in favor of its safer alternatives provided since C++14. Consider using a
  form of this function that checks the second iterator before potentially
  overflowing it.
		if (equal){
data/mediastreamer2-2.16.1/src/ortp-deps/payloadtype.c:151:28:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
			if (end==NULL) end=fmtp+strlen(fmtp); /*assuming this is the last param */
data/mediastreamer2-2.16.1/src/ortp-deps/payloadtype.c:153:4:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120).
			strncpy(result,equal+1,copied);
data/mediastreamer2-2.16.1/src/ortp-deps/port.c:94:5:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	sz=strlen(tmp)+1;
data/mediastreamer2-2.16.1/src/ortp-deps/port.c:172:19:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	int min=MIN((int)strlen(str),n)+1;
data/mediastreamer2-2.16.1/src/ortp-deps/port.c:174:2:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120).
	strncpy(ret,str,min);
data/mediastreamer2-2.16.1/src/ortp-deps/port.c:391:2:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120).
	strncpy(sa.sun_path,pipename,sizeof(sa.sun_path)-1);
data/mediastreamer2-2.16.1/src/ortp-deps/port.c:431:2:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120).
	strncpy(sa.sun_path,pipename,sizeof(sa.sun_path)-1);
data/mediastreamer2-2.16.1/src/ortp-deps/port.c:441:9:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
	return read(p,buf,len);
data/mediastreamer2-2.16.1/src/otherfilters/msrtp.c:203:48:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	d->relay_session_id_size=(int)b64_decode(tmp, strlen(tmp), (void*)d->relay_session_id, (unsigned int)sizeof(d->relay_session_id));
data/mediastreamer2-2.16.1/src/upnp/upnp_igd.c:455:5:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120).
				strncpy(deviceNode->device.udn, UDN, sizeof(deviceNode->device.udn));
data/mediastreamer2-2.16.1/src/upnp/upnp_igd.c:456:5:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120).
				strncpy(deviceNode->device.desc_doc_url, d_event->Location, sizeof(deviceNode->device.desc_doc_url));
data/mediastreamer2-2.16.1/src/upnp/upnp_igd.c:457:5:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120).
				strncpy(deviceNode->device.friendly_name, friendlyName, sizeof(deviceNode->device.friendly_name));
data/mediastreamer2-2.16.1/src/upnp/upnp_igd.c:458:5:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120).
				strncpy(deviceNode->device.model_name, modelName, sizeof(deviceNode->device.model_name));
data/mediastreamer2-2.16.1/src/upnp/upnp_igd.c:459:5:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120).
				strncpy(deviceNode->device.model_number, modelNumber, sizeof(deviceNode->device.model_number));
data/mediastreamer2-2.16.1/src/upnp/upnp_igd.c:460:5:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120).
				strncpy(deviceNode->device.pres_url, presURL, sizeof(deviceNode->device.pres_url));
data/mediastreamer2-2.16.1/src/upnp/upnp_igd.c:480:8:  [1] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant character.
							strcpy(eventSID, "");
data/mediastreamer2-2.16.1/src/upnp/upnp_igd.c:500:7:  [1] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant character.
						strcpy(deviceNode->device.services[service].variables[var], "");
data/mediastreamer2-2.16.1/src/upnp/upnp_igd_cmd.c:155:7:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
			if(strlen(address) == 0) {
data/mediastreamer2-2.16.1/src/upnp/upnp_igd_cmd.c:184:7:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
			if(strlen(id) == 0) {
data/mediastreamer2-2.16.1/src/upnp/upnp_igd_cmd.c:213:7:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
			if(strlen(id) == 0) {
data/mediastreamer2-2.16.1/src/upnp/upnp_igd_cmd.c:242:7:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
			if(strlen(id) == 0) {
data/mediastreamer2-2.16.1/src/upnp/upnp_igd_cmd.c:271:7:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
			if(strlen(id) == 0) {
data/mediastreamer2-2.16.1/src/upnp/upnp_igd_cmd.c:300:7:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
			if(strlen(status) == 0) {
data/mediastreamer2-2.16.1/src/upnp/upnp_igd_utils.c:39:15:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120).
	char * ret = strncpy(destination, source, num - 1);
data/mediastreamer2-2.16.1/src/upnp/upnp_igd_utils.c:521:26:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
				*controlURL = malloc(strlen(base) + strlen(relcontrolURL) + 1);
data/mediastreamer2-2.16.1/src/upnp/upnp_igd_utils.c:521:41:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
				*controlURL = malloc(strlen(base) + strlen(relcontrolURL) + 1);
data/mediastreamer2-2.16.1/src/upnp/upnp_igd_utils.c:528:24:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
				*eventURL = malloc(strlen(base) + strlen(releventURL) + 1);
data/mediastreamer2-2.16.1/src/upnp/upnp_igd_utils.c:528:39:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
				*eventURL = malloc(strlen(base) + strlen(releventURL) + 1);
data/mediastreamer2-2.16.1/src/utils/audiodiff.c:82:8:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
	err = read(fi->fd,fi->buffer + (zero_pad_samples * fi->nchannels), size);
data/mediastreamer2-2.16.1/src/utils/kiss_fft.h:28:33:  [1] (free) memalign:
  On some systems (though not Linux-based systems) an attempt to free()
  results from memalign() may fail. This may, on a few systems, be
  exploitable. Also note that memalign() may not check that the boundary
  parameter is correct (CWE-676). Use posix_memalign instead (defined in
  POSIX's 1003.1d). Don't switch to valloc(); it is marked as obsolete in BSD
  4.3, as legacy in SUSv2, and is no longer defined in SUSv3. In some cases,
  malloc()'s alignment may be sufficient.
#define KISS_FFT_MALLOC(nbytes) memalign(16,nbytes)
data/mediastreamer2-2.16.1/src/utils/mkv_reader.c:95:22:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	fname = ms_malloc0((strlen(filename) + 1) * sizeof(tchar_t));
data/mediastreamer2-2.16.1/src/utils/mkv_reader.c:97:60:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	MultiByteToWideChar(CP_UTF8, 0, filename, -1, fname, (int)strlen(filename));
data/mediastreamer2-2.16.1/src/utils/mkv_reader.c:99:28:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	mbstowcs(fname, filename, strlen(filename));
data/mediastreamer2-2.16.1/src/utils/mkv_reader.c:493:2:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120).
	strncpy(seg_info_out->muxing_app, muxing_app, sizeof(seg_info_out->muxing_app));
data/mediastreamer2-2.16.1/src/utils/mkv_reader.c:504:2:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120).
	strncpy(seg_info_out->writing_app, writing_app, sizeof(seg_info_out->writing_app));
data/mediastreamer2-2.16.1/src/utils/mkv_reader.c:556:2:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120).
	strncpy((*track_out)->codec_id, codec_id, sizeof((*track_out)->codec_id));
data/mediastreamer2-2.16.1/src/utils/shader_util.c:164:9:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    if (strlen(attribNames[i]))
data/mediastreamer2-2.16.1/src/utils/shader_util.c:173:11:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
      if (strlen(uniformNames[i]))
data/mediastreamer2-2.16.1/src/videofilters/bb10_display.cpp:50:70:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	screen_set_window_property_cv(d->window, SCREEN_PROPERTY_ID_STRING, strlen(d->window_id), d->window_id);
data/mediastreamer2-2.16.1/src/videofilters/h264dec.c:370:39:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
			d->sps->b_wptr+=b64_decode(b64_sps,strlen(b64_sps),d->sps->b_wptr,sizeof(value));
data/mediastreamer2-2.16.1/src/videofilters/h264dec.c:372:39:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
			d->pps->b_wptr+=b64_decode(b64_pps,strlen(b64_pps),d->pps->b_wptr,sizeof(value));
data/mediastreamer2-2.16.1/src/videofilters/msv4l.c:715:3:  [1] (obsolete) usleep:
  This C routine is considered obsolete (as opposed to the shell command by
  the same name). The interaction of this function with SIGALRM and other
  timer functions such as sleep(), alarm(), setitimer(), and nanosleep() is
  unspecified (CWE-676). Use nanosleep(2) or setitimer(2) instead.
		usleep(10000);
data/mediastreamer2-2.16.1/src/videofilters/msv4l2.c:555:5:  [1] (obsolete) usleep:
  This C routine is considered obsolete (as opposed to the shell command by
  the same name). The interaction of this function with SIGALRM and other
  timer functions such as sleep(), alarm(), setitimer(), and nanosleep() is
  unspecified (CWE-676). Use nanosleep(2) or setitimer(2) instead.
				usleep(20000);
data/mediastreamer2-2.16.1/src/videofilters/nowebcam.c:143:9:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
		err = read(fd,jpgbuf,statbuf.st_size);
data/mediastreamer2-2.16.1/src/videofilters/videodec.c:142:16:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
		size_t max = strlen(config);
data/mediastreamer2-2.16.1/src/videofilters/videoenc.c:159:8:  [1] (buffer) equal:
  Function does not check the second iterator for over-read conditions
  (CWE-126). This function is often discouraged by most C++ coding standards
  in favor of its safer alternatives provided since C++14. Consider using a
  form of this function that checks the second iterator before potentially
  overflowing it.
	char *equal;
data/mediastreamer2-2.16.1/src/voip/audiostream.c:384:22:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	size_t filename_len=strlen(filename);
data/mediastreamer2-2.16.1/src/voip/audiostream.c:385:20:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	size_t suffix_len=strlen(suffix);
data/mediastreamer2-2.16.1/src/voip/audiostream.c:1410:13:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	size_t len=strlen(fname);
data/mediastreamer2-2.16.1/src/voip/ice.c:518:8:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
		if ((strlen(ufrag) != strlen(old_ufrag)) || (strcmp(ufrag, old_ufrag) != 0)) return TRUE;
data/mediastreamer2-2.16.1/src/voip/ice.c:518:25:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
		if ((strlen(ufrag) != strlen(old_ufrag)) || (strcmp(ufrag, old_ufrag) != 0)) return TRUE;
data/mediastreamer2-2.16.1/src/voip/ice.c:521:8:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
		if ((strlen(pwd) != strlen(old_pwd)) || (strcmp(pwd, old_pwd) != 0)) return TRUE;
data/mediastreamer2-2.16.1/src/voip/ice.c:521:23:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
		if ((strlen(pwd) != strlen(old_pwd)) || (strcmp(pwd, old_pwd) != 0)) return TRUE;
data/mediastreamer2-2.16.1/src/voip/ice.c:524:6:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	if (strlen(ufrag) != strlen(cl->remote_ufrag) || (strcmp(ufrag, cl->remote_ufrag) != 0)) return TRUE;
data/mediastreamer2-2.16.1/src/voip/ice.c:524:23:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	if (strlen(ufrag) != strlen(cl->remote_ufrag) || (strcmp(ufrag, cl->remote_ufrag) != 0)) return TRUE;
data/mediastreamer2-2.16.1/src/voip/ice.c:525:6:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	if (strlen(pwd) != strlen(cl->remote_pwd) || (strcmp(pwd, cl->remote_pwd) != 0)) return TRUE;
data/mediastreamer2-2.16.1/src/voip/ice.c:525:21:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	if (strlen(pwd) != strlen(cl->remote_pwd) || (strcmp(pwd, cl->remote_pwd) != 0)) return TRUE;
data/mediastreamer2-2.16.1/src/voip/ice.c:703:13:  [1] (buffer) mismatch:
  Function does not check the second iterator for over-read conditions
  (CWE-126). This function is often discouraged by most C++ coding standards
  in favor of its safer alternatives provided since C++14. Consider using a
  form of this function that checks the second iterator before potentially
  overflowing it.
	return cl->mismatch;
data/mediastreamer2-2.16.1/src/voip/ice.c:778:6:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	if (strlen(ufrag) != strlen(session->remote_ufrag) || (strcmp(ufrag, session->remote_ufrag) != 0)) return TRUE;
data/mediastreamer2-2.16.1/src/voip/ice.c:778:23:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	if (strlen(ufrag) != strlen(session->remote_ufrag) || (strcmp(ufrag, session->remote_ufrag) != 0)) return TRUE;
data/mediastreamer2-2.16.1/src/voip/ice.c:779:6:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	if (strlen(pwd) != strlen(session->remote_pwd) || (strcmp(pwd, session->remote_pwd) != 0)) return TRUE;
data/mediastreamer2-2.16.1/src/voip/ice.c:779:21:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	if (strlen(pwd) != strlen(session->remote_pwd) || (strcmp(pwd, session->remote_pwd) != 0)) return TRUE;
data/mediastreamer2-2.16.1/src/voip/ice.c:1913:12:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	return !((strlen(candidate->foundation) == strlen(foundation)) && (strcmp(candidate->foundation, foundation) == 0));
data/mediastreamer2-2.16.1/src/voip/ice.c:1913:45:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	return !((strlen(candidate->foundation) == strlen(foundation)) && (strcmp(candidate->foundation, foundation) == 0));
data/mediastreamer2-2.16.1/src/voip/ice.c:2228:12:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	return !((strlen(p1->local->foundation) == strlen(p2->local->foundation)) && (strcmp(p1->local->foundation, p2->local->foundation) == 0)
data/mediastreamer2-2.16.1/src/voip/ice.c:2228:45:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	return !((strlen(p1->local->foundation) == strlen(p2->local->foundation)) && (strcmp(p1->local->foundation, p2->local->foundation) == 0)
data/mediastreamer2-2.16.1/src/voip/ice.c:2229:8:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
		&& ((strlen(p1->remote->foundation) == strlen(p2->remote->foundation)) && (strcmp(p1->remote->foundation, p2->remote->foundation) == 0)));
data/mediastreamer2-2.16.1/src/voip/ice.c:2229:42:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
		&& ((strlen(p1->remote->foundation) == strlen(p2->remote->foundation)) && (strcmp(p1->remote->foundation, p2->remote->foundation) == 0)));
data/mediastreamer2-2.16.1/src/voip/ice.c:2751:2:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120).
	strncpy(candidate->taddr.ip, ip, sizeof(candidate->taddr.ip));
data/mediastreamer2-2.16.1/src/voip/ice.c:2844:2:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120).
	strncpy(candidate->foundation, foundation, sizeof(candidate->foundation) - 1);
data/mediastreamer2-2.16.1/src/voip/ice.c:3023:7:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
		&& (strlen(c1->base->taddr.ip) == strlen(c2->base->taddr.ip))
data/mediastreamer2-2.16.1/src/voip/ice.c:3023:37:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
		&& (strlen(c1->base->taddr.ip) == strlen(c2->base->taddr.ip))
data/mediastreamer2-2.16.1/src/voip/ice.c:3035:7:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
		if (strlen(other_candidate->foundation) > 0) {
data/mediastreamer2-2.16.1/src/voip/ice.c:3036:4:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120).
			strncpy(candidate->foundation, other_candidate->foundation, sizeof(candidate->foundation) - 1);
data/mediastreamer2-2.16.1/src/voip/ice.c:3306:12:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	return !((strlen(f1->local) == strlen(f2->local)) && (strcmp(f1->local, f2->local) == 0)
data/mediastreamer2-2.16.1/src/voip/ice.c:3306:33:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	return !((strlen(f1->local) == strlen(f2->local)) && (strcmp(f1->local, f2->local) == 0)
data/mediastreamer2-2.16.1/src/voip/ice.c:3307:7:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
		&& (strlen(f1->remote) == strlen(f2->remote)) && (strcmp(f1->remote, f2->remote) == 0));
data/mediastreamer2-2.16.1/src/voip/ice.c:3307:29:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
		&& (strlen(f1->remote) == strlen(f2->remote)) && (strcmp(f1->remote, f2->remote) == 0));
data/mediastreamer2-2.16.1/src/voip/ice.c:3317:2:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120).
	strncpy(foundation.local, pair->local->foundation, sizeof(foundation.local) - 1);
data/mediastreamer2-2.16.1/src/voip/ice.c:3318:2:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120).
	strncpy(foundation.remote, pair->remote->foundation, sizeof(foundation.remote) - 1);
data/mediastreamer2-2.16.1/src/voip/ice.c:3330:7:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	if ((strlen(pair->local->foundation) == strlen(fc->foundation->local)) && (strcmp(pair->local->foundation, fc->foundation->local) == 0)
data/mediastreamer2-2.16.1/src/voip/ice.c:3330:42:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	if ((strlen(pair->local->foundation) == strlen(fc->foundation->local)) && (strcmp(pair->local->foundation, fc->foundation->local) == 0)
data/mediastreamer2-2.16.1/src/voip/ice.c:3331:7:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
		&& (strlen(pair->remote->foundation) == strlen(fc->foundation->remote)) && (strcmp(pair->remote->foundation, fc->foundation->remote) == 0)
data/mediastreamer2-2.16.1/src/voip/ice.c:3331:43:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
		&& (strlen(pair->remote->foundation) == strlen(fc->foundation->remote)) && (strcmp(pair->remote->foundation, fc->foundation->remote) == 0)
data/mediastreamer2-2.16.1/src/voip/ice.c:4033:25:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	size_t len_ufrag = MIN(strlen(ufrag_str), ICE_MAX_UFRAG_LEN);
data/mediastreamer2-2.16.1/src/voip/ice.c:4034:23:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	size_t len_pwd = MIN(strlen(pwd_str), ICE_MAX_PWD_LEN);
data/mediastreamer2-2.16.1/src/voip/msmediaplayer.c:94:35:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	if(video_display_name != NULL && strlen(video_display_name) > 0) {
data/mediastreamer2-2.16.1/src/voip/stun.c:182:15:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	size_t len = strlen(data);
data/mediastreamer2-2.16.1/src/voip/stun.c:202:35:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	if (reason != NULL) reason_len = strlen(reason);
data/mediastreamer2-2.16.1/src/voip/stun.c:627:45:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	bctbx_hmacSha1((const unsigned char *)key, strlen(key), (const unsigned char *)buf, bufsize, 20, (unsigned char *)hmac);
data/mediastreamer2-2.16.1/src/voip/stun.c:637:26:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	for (i = 0, j = 0; (i < strlen(ha1_text)) && (j < sizeof(ha1)); i += 2, j++) {
data/mediastreamer2-2.16.1/src/voip/stun.c:652:39:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	bctbx_md5((unsigned char *)ha1_text, strlen(ha1_text), ha1);
data/mediastreamer2-2.16.1/src/voip/stun.c:920:31:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
		memset(msg->password, '\0', strlen(msg->password));
data/mediastreamer2-2.16.1/src/voip/stun.c:977:59:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
		} else if ((username != NULL) && (password != NULL) && (strlen(username) > 0) && (strlen(password) > 0)) {
data/mediastreamer2-2.16.1/src/voip/stun.c:977:85:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
		} else if ((username != NULL) && (password != NULL) && (strlen(username) > 0) && (strlen(password) > 0)) {
data/mediastreamer2-2.16.1/src/voip/stun.c:979:28:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
			if ((realm != NULL) && (strlen(realm) > 0)) {
data/mediastreamer2-2.16.1/src/voip/stun.c:1331:35:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
		memset(context->password, '\0', strlen(context->password));
data/mediastreamer2-2.16.1/tester/mediastreamer2_text_stream_tester.c:162:13:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	for (; i < strlen(helloworld); i++) {
data/mediastreamer2-2.16.1/tester/mediastreamer2_text_stream_tester.c:167:116:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	BC_ASSERT_TRUE(wait_for_until(&marielle->ts->ms, &margaux->ts->ms, &marielle->stats.number_of_received_char, (int)strlen(helloworld), 5000));
data/mediastreamer2-2.16.1/tester/mediastreamer2_text_stream_tester.c:187:13:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	for (; i < strlen(helloworld); i++) {
data/mediastreamer2-2.16.1/tester/mediastreamer2_text_stream_tester.c:193:116:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	BC_ASSERT_TRUE(wait_for_until(&marielle->ts->ms, &margaux->ts->ms, &marielle->stats.number_of_received_char, (int)strlen(helloworld), 1000));
data/mediastreamer2-2.16.1/tester/mediastreamer2_text_stream_tester.c:212:13:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	for (; i < strlen(helloworld); i++) {
data/mediastreamer2-2.16.1/tester/mediastreamer2_text_stream_tester.c:217:117:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	BC_ASSERT_FALSE(wait_for_until(&marielle->ts->ms, &margaux->ts->ms, &marielle->stats.number_of_received_char, (int)strlen(helloworld), 5000));
data/mediastreamer2-2.16.1/tester/mediastreamer2_text_stream_tester.c:249:13:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	for (; i < strlen(helloworld); i++) {
data/mediastreamer2-2.16.1/tester/mediastreamer2_text_stream_tester.c:255:116:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	BC_ASSERT_TRUE(wait_for_until(&marielle->ts->ms, &margaux->ts->ms, &marielle->stats.number_of_received_char, (int)strlen(helloworld), 1000));
data/mediastreamer2-2.16.1/tools/common.c:45:6:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	if (strlen(name)>=sizeof(clockrate)-1){
data/mediastreamer2-2.16.1/tools/common.c:54:3:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120).
		strncpy(type,name,separator-name);
data/mediastreamer2-2.16.1/tools/common.c:59:4:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120).
			strncpy(subtype,separator+1,separator2-separator-1);
data/mediastreamer2-2.16.1/tools/common.c:62:5:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120).
				strncpy(clockrate,separator2+1,separator3-separator2-1);
data/mediastreamer2-2.16.1/tools/mediastream.c:1283:14:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	for (p=addr+strlen(addr)-1;p>addr;p--){
data/mediastreamer2-2.16.1/tools/mediastream.c:1297:3:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120).
		strncpy(ip,localhost, MIN(len, strlen(localhost)));
data/mediastreamer2-2.16.1/tools/mediastream.c:1297:34:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
		strncpy(ip,localhost, MIN(len, strlen(localhost)));
data/mediastreamer2-2.16.1/tools/mediastream.c:1302:2:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120).
	strncpy(ip,addr,slen);
data/mediastreamer2-2.16.1/tools/mediastream.c:1315:11:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	slen=MIN(strlen(semicolon+1),type_len);
data/mediastreamer2-2.16.1/tools/mediastream.c:1316:2:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120).
	strncpy(type,semicolon+1,slen);
data/mediastreamer2-2.16.1/tools/mediastream.c:1325:2:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120).
	strncpy(str,content,len);
data/mediastreamer2-2.16.1/tools/pcap_playback.c:66:12:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
	MSFilter *read;
data/mediastreamer2-2.16.1/tools/pcap_playback.c:310:37:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
		ms_filter_call_method_noarg(args->read, MS_PLAYER_CLOSE);
data/mediastreamer2-2.16.1/tools/pcap_playback.c:311:31:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
		ms_filter_call_method(args->read, MS_PLAYER_OPEN, args->infile);
data/mediastreamer2-2.16.1/tools/pcap_playback.c:312:31:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
		ms_filter_call_method(args->read, MS_FILTER_SET_SAMPLE_RATE, &args->pt->clock_rate);
data/mediastreamer2-2.16.1/tools/pcap_playback.c:313:37:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
		ms_filter_call_method_noarg(args->read, MS_PLAYER_START);
data/mediastreamer2-2.16.1/tools/pcap_playback.c:314:31:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
		ms_filter_call_method(args->read, MS_PCAP_FILE_PLAYER_SET_LAYER, &layer);
data/mediastreamer2-2.16.1/tools/pcap_playback.c:315:31:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
		ms_filter_call_method(args->read, MS_PCAP_FILE_PLAYER_SET_TIMEREF, &timeref);
data/mediastreamer2-2.16.1/tools/pcap_playback.c:316:39:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
		ms_filter_add_notify_callback(args->read, reader_notify_cb, NULL,FALSE);
data/mediastreamer2-2.16.1/tools/pcap_playback.c:334:39:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
		ms_connection_helper_link(&h, args->read, -1, 0);
data/mediastreamer2-2.16.1/tools/pcap_playback.c:337:40:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
		ms_ticker_attach(args->ticker, args->read);
data/mediastreamer2-2.16.1/tools/pcap_playback.c:360:37:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
		ms_filter_call_method_noarg(args->read, MS_PLAYER_CLOSE);
data/mediastreamer2-2.16.1/tools/pcap_playback.c:361:31:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
		ms_filter_call_method(args->read, MS_PLAYER_OPEN, args->infile);
data/mediastreamer2-2.16.1/tools/pcap_playback.c:362:37:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
		ms_filter_call_method_noarg(args->read, MS_PLAYER_START);
data/mediastreamer2-2.16.1/tools/pcap_playback.c:363:31:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
		ms_filter_call_method(args->read, MS_FILTER_SET_SAMPLE_RATE, &args->pt->clock_rate);
data/mediastreamer2-2.16.1/tools/pcap_playback.c:364:31:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
		ms_filter_call_method(args->read, MS_PCAP_FILE_PLAYER_SET_LAYER, &layer);
data/mediastreamer2-2.16.1/tools/pcap_playback.c:365:31:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
		ms_filter_call_method(args->read, MS_PCAP_FILE_PLAYER_SET_TIMEREF, &timeref);
data/mediastreamer2-2.16.1/tools/pcap_playback.c:383:39:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
		ms_connection_helper_link(&h, args->read, -1, 0);
data/mediastreamer2-2.16.1/tools/pcap_playback.c:387:40:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
		ms_ticker_attach(args->ticker, args->read);
data/mediastreamer2-2.16.1/tools/pcap_playback.c:420:12:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
	if (args->read) {
data/mediastreamer2-2.16.1/tools/pcap_playback.c:421:40:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
		ms_ticker_detach(args->ticker, args->read);
data/mediastreamer2-2.16.1/tools/pcap_playback.c:423:41:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
		ms_connection_helper_unlink(&h, args->read, -1, 0);

ANALYSIS SUMMARY:

Hits = 791
Lines analyzed = 116889 in approximately 3.13 seconds (37357 lines/second)
Physical Source Lines of Code (SLOC) = 85657
Hits@level = [0] 102 [1] 181 [2] 546 [3]  24 [4]  40 [5]   0
Hits@level+ = [0+] 893 [1+] 791 [2+] 610 [3+]  64 [4+]  40 [5+]   0
Hits/KSLOC@level+ = [0+] 10.4253 [1+] 9.23451 [2+] 7.12143 [3+] 0.747166 [4+] 0.466979 [5+]   0
Dot directories skipped = 1 (--followdotdir overrides)
Minimum risk level = 1
Not every hit is necessarily a security vulnerability.
There may be other security vulnerabilities; review your code!
See 'Secure Programming HOWTO'
(https://dwheeler.com/secure-programs) for more information.