Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler.
Number of rules (primarily dangerous function names) in C/C++ ruleset: 223
Examining data/webrtc-audio-processing-0.3/webrtc/common_types.cc
Examining data/webrtc-audio-processing-0.3/webrtc/system_wrappers/source/rw_lock_generic.h
Examining data/webrtc-audio-processing-0.3/webrtc/system_wrappers/source/rw_lock_win.cc
Examining data/webrtc-audio-processing-0.3/webrtc/system_wrappers/source/metrics_default.cc
Examining data/webrtc-audio-processing-0.3/webrtc/system_wrappers/source/event_timer_win.h
Examining data/webrtc-audio-processing-0.3/webrtc/system_wrappers/source/critical_section_win.h
Examining data/webrtc-audio-processing-0.3/webrtc/system_wrappers/source/trace_posix.cc
Examining data/webrtc-audio-processing-0.3/webrtc/system_wrappers/source/rw_lock_posix.h
Examining data/webrtc-audio-processing-0.3/webrtc/system_wrappers/source/file_impl.cc
Examining data/webrtc-audio-processing-0.3/webrtc/system_wrappers/source/file_impl.h
Examining data/webrtc-audio-processing-0.3/webrtc/system_wrappers/source/logging.cc
Examining data/webrtc-audio-processing-0.3/webrtc/system_wrappers/source/critical_section_win.cc
Examining data/webrtc-audio-processing-0.3/webrtc/system_wrappers/source/aligned_malloc.cc
Examining data/webrtc-audio-processing-0.3/webrtc/system_wrappers/source/trace_win.cc
Examining data/webrtc-audio-processing-0.3/webrtc/system_wrappers/source/trace_win.h
Examining data/webrtc-audio-processing-0.3/webrtc/system_wrappers/source/cpu_features.cc
Examining data/webrtc-audio-processing-0.3/webrtc/system_wrappers/source/event_timer_win.cc
Examining data/webrtc-audio-processing-0.3/webrtc/system_wrappers/source/critical_section.cc
Examining data/webrtc-audio-processing-0.3/webrtc/system_wrappers/source/sleep.cc
Examining data/webrtc-audio-processing-0.3/webrtc/system_wrappers/source/critical_section_posix.h
Examining data/webrtc-audio-processing-0.3/webrtc/system_wrappers/source/thread_win.h
Examining data/webrtc-audio-processing-0.3/webrtc/system_wrappers/source/rw_lock_win.h
Examining data/webrtc-audio-processing-0.3/webrtc/system_wrappers/source/rw_lock_generic.cc
Examining data/webrtc-audio-processing-0.3/webrtc/system_wrappers/source/event.cc
Examining data/webrtc-audio-processing-0.3/webrtc/system_wrappers/source/trace_impl.h
Examining data/webrtc-audio-processing-0.3/webrtc/system_wrappers/source/rw_lock.cc
Examining data/webrtc-audio-processing-0.3/webrtc/system_wrappers/source/thread_posix.cc
Examining data/webrtc-audio-processing-0.3/webrtc/system_wrappers/source/event_timer_posix.cc
Examining data/webrtc-audio-processing-0.3/webrtc/system_wrappers/source/rw_lock_posix.cc
Examining data/webrtc-audio-processing-0.3/webrtc/system_wrappers/source/event_timer_posix.h
Examining data/webrtc-audio-processing-0.3/webrtc/system_wrappers/source/trace_posix.h
Examining data/webrtc-audio-processing-0.3/webrtc/system_wrappers/source/thread_posix.h
Examining data/webrtc-audio-processing-0.3/webrtc/system_wrappers/source/critical_section_posix.cc
Examining data/webrtc-audio-processing-0.3/webrtc/system_wrappers/source/thread.cc
Examining data/webrtc-audio-processing-0.3/webrtc/system_wrappers/source/thread_win.cc
Examining data/webrtc-audio-processing-0.3/webrtc/system_wrappers/source/trace_impl.cc
Examining data/webrtc-audio-processing-0.3/webrtc/system_wrappers/include/file_wrapper.h
Examining data/webrtc-audio-processing-0.3/webrtc/system_wrappers/include/scoped_vector.h
Examining data/webrtc-audio-processing-0.3/webrtc/system_wrappers/include/compile_assert_c.h
Examining data/webrtc-audio-processing-0.3/webrtc/system_wrappers/include/asm_defines.h
Examining data/webrtc-audio-processing-0.3/webrtc/system_wrappers/include/logging.h
Examining data/webrtc-audio-processing-0.3/webrtc/system_wrappers/include/aligned_malloc.h
Examining data/webrtc-audio-processing-0.3/webrtc/system_wrappers/include/rw_lock_wrapper.h
Examining data/webrtc-audio-processing-0.3/webrtc/system_wrappers/include/sleep.h
Examining data/webrtc-audio-processing-0.3/webrtc/system_wrappers/include/stl_util.h
Examining data/webrtc-audio-processing-0.3/webrtc/system_wrappers/include/cpu_features_wrapper.h
Examining data/webrtc-audio-processing-0.3/webrtc/system_wrappers/include/metrics.h
Examining data/webrtc-audio-processing-0.3/webrtc/system_wrappers/include/event_wrapper.h
Examining data/webrtc-audio-processing-0.3/webrtc/system_wrappers/include/aligned_array.h
Examining data/webrtc-audio-processing-0.3/webrtc/system_wrappers/include/static_instance.h
Examining data/webrtc-audio-processing-0.3/webrtc/system_wrappers/include/trace.h
Examining data/webrtc-audio-processing-0.3/webrtc/system_wrappers/include/critical_section_wrapper.h
Examining data/webrtc-audio-processing-0.3/webrtc/system_wrappers/include/thread_wrapper.h
Examining data/webrtc-audio-processing-0.3/webrtc/modules/audio_processing/rms_level.h
Examining data/webrtc-audio-processing-0.3/webrtc/modules/audio_processing/audio_buffer.h
Examining data/webrtc-audio-processing-0.3/webrtc/modules/audio_processing/processing_component.cc
Examining data/webrtc-audio-processing-0.3/webrtc/modules/audio_processing/typing_detection.h
Examining data/webrtc-audio-processing-0.3/webrtc/modules/audio_processing/vad/pitch_internal.cc
Examining data/webrtc-audio-processing-0.3/webrtc/modules/audio_processing/vad/gmm.h
Examining data/webrtc-audio-processing-0.3/webrtc/modules/audio_processing/vad/pitch_based_vad.cc
Examining data/webrtc-audio-processing-0.3/webrtc/modules/audio_processing/vad/voice_activity_detector.h
Examining data/webrtc-audio-processing-0.3/webrtc/modules/audio_processing/vad/vad_circular_buffer.cc
Examining data/webrtc-audio-processing-0.3/webrtc/modules/audio_processing/vad/vad_circular_buffer.h
Examining data/webrtc-audio-processing-0.3/webrtc/modules/audio_processing/vad/pitch_internal.h
Examining data/webrtc-audio-processing-0.3/webrtc/modules/audio_processing/vad/voice_gmm_tables.h
Examining data/webrtc-audio-processing-0.3/webrtc/modules/audio_processing/vad/gmm.cc
Examining data/webrtc-audio-processing-0.3/webrtc/modules/audio_processing/vad/standalone_vad.h
Examining data/webrtc-audio-processing-0.3/webrtc/modules/audio_processing/vad/standalone_vad.cc
Examining data/webrtc-audio-processing-0.3/webrtc/modules/audio_processing/vad/common.h
Examining data/webrtc-audio-processing-0.3/webrtc/modules/audio_processing/vad/voice_activity_detector.cc
Examining data/webrtc-audio-processing-0.3/webrtc/modules/audio_processing/vad/vad_audio_proc.h
Examining data/webrtc-audio-processing-0.3/webrtc/modules/audio_processing/vad/vad_audio_proc.cc
Examining data/webrtc-audio-processing-0.3/webrtc/modules/audio_processing/vad/noise_gmm_tables.h
Examining data/webrtc-audio-processing-0.3/webrtc/modules/audio_processing/vad/pole_zero_filter.cc
Examining data/webrtc-audio-processing-0.3/webrtc/modules/audio_processing/vad/pole_zero_filter.h
Examining data/webrtc-audio-processing-0.3/webrtc/modules/audio_processing/vad/vad_audio_proc_internal.h
Examining data/webrtc-audio-processing-0.3/webrtc/modules/audio_processing/vad/pitch_based_vad.h
Examining data/webrtc-audio-processing-0.3/webrtc/modules/audio_processing/audio_processing_impl.cc
Examining data/webrtc-audio-processing-0.3/webrtc/modules/audio_processing/echo_control_mobile_impl.h
Examining data/webrtc-audio-processing-0.3/webrtc/modules/audio_processing/logging/aec_logging_file_handling.h
Examining data/webrtc-audio-processing-0.3/webrtc/modules/audio_processing/logging/aec_logging.h
Examining data/webrtc-audio-processing-0.3/webrtc/modules/audio_processing/logging/aec_logging_file_handling.cc
Examining data/webrtc-audio-processing-0.3/webrtc/modules/audio_processing/audio_processing_impl.h
Examining data/webrtc-audio-processing-0.3/webrtc/modules/audio_processing/rms_level.cc
Examining data/webrtc-audio-processing-0.3/webrtc/modules/audio_processing/beamformer/matrix.h
Examining data/webrtc-audio-processing-0.3/webrtc/modules/audio_processing/beamformer/covariance_matrix_generator.cc
Examining data/webrtc-audio-processing-0.3/webrtc/modules/audio_processing/beamformer/nonlinear_beamformer.h
Examining data/webrtc-audio-processing-0.3/webrtc/modules/audio_processing/beamformer/matrix_test_helpers.h
Examining data/webrtc-audio-processing-0.3/webrtc/modules/audio_processing/beamformer/beamformer.h
Examining data/webrtc-audio-processing-0.3/webrtc/modules/audio_processing/beamformer/nonlinear_beamformer.cc
Examining data/webrtc-audio-processing-0.3/webrtc/modules/audio_processing/beamformer/covariance_matrix_generator.h
Examining data/webrtc-audio-processing-0.3/webrtc/modules/audio_processing/beamformer/array_util.cc
Examining data/webrtc-audio-processing-0.3/webrtc/modules/audio_processing/beamformer/complex_matrix.h
Examining data/webrtc-audio-processing-0.3/webrtc/modules/audio_processing/beamformer/array_util.h
Examining data/webrtc-audio-processing-0.3/webrtc/modules/audio_processing/three_band_filter_bank.cc
Examining data/webrtc-audio-processing-0.3/webrtc/modules/audio_processing/high_pass_filter_impl.cc
Examining data/webrtc-audio-processing-0.3/webrtc/modules/audio_processing/agc/histogram.cc
Examining data/webrtc-audio-processing-0.3/webrtc/modules/audio_processing/agc/agc.h
Examining data/webrtc-audio-processing-0.3/webrtc/modules/audio_processing/agc/gain_map_internal.h
Examining data/webrtc-audio-processing-0.3/webrtc/modules/audio_processing/agc/agc_manager_direct.cc
Examining data/webrtc-audio-processing-0.3/webrtc/modules/audio_processing/agc/agc_manager_direct.h
Examining data/webrtc-audio-processing-0.3/webrtc/modules/audio_processing/agc/utility.cc
Examining data/webrtc-audio-processing-0.3/webrtc/modules/audio_processing/agc/agc.cc
Examining data/webrtc-audio-processing-0.3/webrtc/modules/audio_processing/agc/utility.h
Examining data/webrtc-audio-processing-0.3/webrtc/modules/audio_processing/agc/legacy/digital_agc.c
Examining data/webrtc-audio-processing-0.3/webrtc/modules/audio_processing/agc/legacy/digital_agc.h
Examining data/webrtc-audio-processing-0.3/webrtc/modules/audio_processing/agc/legacy/analog_agc.c
Examining data/webrtc-audio-processing-0.3/webrtc/modules/audio_processing/agc/legacy/analog_agc.h
Examining data/webrtc-audio-processing-0.3/webrtc/modules/audio_processing/agc/legacy/gain_control.h
Examining data/webrtc-audio-processing-0.3/webrtc/modules/audio_processing/agc/histogram.h
Examining data/webrtc-audio-processing-0.3/webrtc/modules/audio_processing/splitting_filter.h
Examining data/webrtc-audio-processing-0.3/webrtc/modules/audio_processing/echo_cancellation_impl.h
Examining data/webrtc-audio-processing-0.3/webrtc/modules/audio_processing/include/audio_processing.h
Examining data/webrtc-audio-processing-0.3/webrtc/modules/audio_processing/aecm/aecm_defines.h
Examining data/webrtc-audio-processing-0.3/webrtc/modules/audio_processing/aecm/aecm_core_c.c
Examining data/webrtc-audio-processing-0.3/webrtc/modules/audio_processing/aecm/aecm_core.h
Examining data/webrtc-audio-processing-0.3/webrtc/modules/audio_processing/aecm/include/echo_control_mobile.h
Examining data/webrtc-audio-processing-0.3/webrtc/modules/audio_processing/aecm/echo_control_mobile.c
Examining data/webrtc-audio-processing-0.3/webrtc/modules/audio_processing/aecm/aecm_core_neon.c
Examining data/webrtc-audio-processing-0.3/webrtc/modules/audio_processing/aecm/aecm_core_mips.c
Examining data/webrtc-audio-processing-0.3/webrtc/modules/audio_processing/aecm/aecm_core.c
Examining data/webrtc-audio-processing-0.3/webrtc/modules/audio_processing/three_band_filter_bank.h
Examining data/webrtc-audio-processing-0.3/webrtc/modules/audio_processing/common.h
Examining data/webrtc-audio-processing-0.3/webrtc/modules/audio_processing/audio_buffer.cc
Examining data/webrtc-audio-processing-0.3/webrtc/modules/audio_processing/noise_suppression_impl.h
Examining data/webrtc-audio-processing-0.3/webrtc/modules/audio_processing/transient/wpd_node.cc
Examining data/webrtc-audio-processing-0.3/webrtc/modules/audio_processing/transient/wpd_tree.h
Examining data/webrtc-audio-processing-0.3/webrtc/modules/audio_processing/transient/moving_moments.h
Examining data/webrtc-audio-processing-0.3/webrtc/modules/audio_processing/transient/moving_moments.cc
Examining data/webrtc-audio-processing-0.3/webrtc/modules/audio_processing/transient/click_annotate.cc
Examining data/webrtc-audio-processing-0.3/webrtc/modules/audio_processing/transient/file_utils.h
Examining data/webrtc-audio-processing-0.3/webrtc/modules/audio_processing/transient/daubechies_8_wavelet_coeffs.h
Examining data/webrtc-audio-processing-0.3/webrtc/modules/audio_processing/transient/dyadic_decimator.h
Examining data/webrtc-audio-processing-0.3/webrtc/modules/audio_processing/transient/transient_detector.cc
Examining data/webrtc-audio-processing-0.3/webrtc/modules/audio_processing/transient/wpd_tree.cc
Examining data/webrtc-audio-processing-0.3/webrtc/modules/audio_processing/transient/common.h
Examining data/webrtc-audio-processing-0.3/webrtc/modules/audio_processing/transient/wpd_node.h
Examining data/webrtc-audio-processing-0.3/webrtc/modules/audio_processing/transient/transient_suppressor.cc
Examining data/webrtc-audio-processing-0.3/webrtc/modules/audio_processing/transient/transient_suppressor.h
Examining data/webrtc-audio-processing-0.3/webrtc/modules/audio_processing/transient/transient_detector.h
Examining data/webrtc-audio-processing-0.3/webrtc/modules/audio_processing/transient/file_utils.cc
Examining data/webrtc-audio-processing-0.3/webrtc/modules/audio_processing/level_estimator_impl.cc
Examining data/webrtc-audio-processing-0.3/webrtc/modules/audio_processing/voice_detection_impl.h
Examining data/webrtc-audio-processing-0.3/webrtc/modules/audio_processing/gain_control_impl.h
Examining data/webrtc-audio-processing-0.3/webrtc/modules/audio_processing/voice_detection_impl.cc
Examining data/webrtc-audio-processing-0.3/webrtc/modules/audio_processing/echo_control_mobile_impl.cc
Examining data/webrtc-audio-processing-0.3/webrtc/modules/audio_processing/ns/nsx_defines.h
Examining data/webrtc-audio-processing-0.3/webrtc/modules/audio_processing/ns/nsx_core.h
Examining data/webrtc-audio-processing-0.3/webrtc/modules/audio_processing/ns/defines.h
Examining data/webrtc-audio-processing-0.3/webrtc/modules/audio_processing/ns/noise_suppression_x.c
Examining data/webrtc-audio-processing-0.3/webrtc/modules/audio_processing/ns/noise_suppression.c
Examining data/webrtc-audio-processing-0.3/webrtc/modules/audio_processing/ns/ns_core.h
Examining data/webrtc-audio-processing-0.3/webrtc/modules/audio_processing/ns/include/noise_suppression_x.h
Examining data/webrtc-audio-processing-0.3/webrtc/modules/audio_processing/ns/include/noise_suppression.h
Examining data/webrtc-audio-processing-0.3/webrtc/modules/audio_processing/ns/ns_core.c
Examining data/webrtc-audio-processing-0.3/webrtc/modules/audio_processing/ns/nsx_core_neon.c
Examining data/webrtc-audio-processing-0.3/webrtc/modules/audio_processing/ns/nsx_core.c
Examining data/webrtc-audio-processing-0.3/webrtc/modules/audio_processing/ns/nsx_core_mips.c
Examining data/webrtc-audio-processing-0.3/webrtc/modules/audio_processing/ns/nsx_core_c.c
Examining data/webrtc-audio-processing-0.3/webrtc/modules/audio_processing/ns/windows_private.h
Examining data/webrtc-audio-processing-0.3/webrtc/modules/audio_processing/high_pass_filter_impl.h
Examining data/webrtc-audio-processing-0.3/webrtc/modules/audio_processing/aec/aec_core_sse2.c
Examining data/webrtc-audio-processing-0.3/webrtc/modules/audio_processing/aec/aec_rdft.c
Examining data/webrtc-audio-processing-0.3/webrtc/modules/audio_processing/aec/aec_core_mips.c
Examining data/webrtc-audio-processing-0.3/webrtc/modules/audio_processing/aec/aec_resampler.c
Examining data/webrtc-audio-processing-0.3/webrtc/modules/audio_processing/aec/aec_rdft_neon.c
Examining data/webrtc-audio-processing-0.3/webrtc/modules/audio_processing/aec/aec_core_neon.c
Examining data/webrtc-audio-processing-0.3/webrtc/modules/audio_processing/aec/aec_rdft.h
Examining data/webrtc-audio-processing-0.3/webrtc/modules/audio_processing/aec/echo_cancellation_internal.h
Examining data/webrtc-audio-processing-0.3/webrtc/modules/audio_processing/aec/aec_resampler.h
Examining data/webrtc-audio-processing-0.3/webrtc/modules/audio_processing/aec/aec_rdft_sse2.c
Examining data/webrtc-audio-processing-0.3/webrtc/modules/audio_processing/aec/include/echo_cancellation.h
Examining data/webrtc-audio-processing-0.3/webrtc/modules/audio_processing/aec/aec_core_internal.h
Examining data/webrtc-audio-processing-0.3/webrtc/modules/audio_processing/aec/aec_core.c
Examining data/webrtc-audio-processing-0.3/webrtc/modules/audio_processing/aec/aec_core.h
Examining data/webrtc-audio-processing-0.3/webrtc/modules/audio_processing/aec/echo_cancellation.c
Examining data/webrtc-audio-processing-0.3/webrtc/modules/audio_processing/aec/aec_common.h
Examining data/webrtc-audio-processing-0.3/webrtc/modules/audio_processing/intelligibility/intelligibility_enhancer.cc
Examining data/webrtc-audio-processing-0.3/webrtc/modules/audio_processing/intelligibility/intelligibility_utils.h
Examining data/webrtc-audio-processing-0.3/webrtc/modules/audio_processing/intelligibility/intelligibility_utils.cc
Examining data/webrtc-audio-processing-0.3/webrtc/modules/audio_processing/intelligibility/intelligibility_enhancer.h
Examining data/webrtc-audio-processing-0.3/webrtc/modules/audio_processing/noise_suppression_impl.cc
Examining data/webrtc-audio-processing-0.3/webrtc/modules/audio_processing/utility/delay_estimator.h
Examining data/webrtc-audio-processing-0.3/webrtc/modules/audio_processing/utility/delay_estimator_wrapper.h
Examining data/webrtc-audio-processing-0.3/webrtc/modules/audio_processing/utility/delay_estimator_internal.h
Examining data/webrtc-audio-processing-0.3/webrtc/modules/audio_processing/utility/delay_estimator.c
Examining data/webrtc-audio-processing-0.3/webrtc/modules/audio_processing/utility/delay_estimator_wrapper.c
Examining data/webrtc-audio-processing-0.3/webrtc/modules/audio_processing/echo_cancellation_impl.cc
Examining data/webrtc-audio-processing-0.3/webrtc/modules/audio_processing/gain_control_impl.cc
Examining data/webrtc-audio-processing-0.3/webrtc/modules/audio_processing/level_estimator_impl.h
Examining data/webrtc-audio-processing-0.3/webrtc/modules/audio_processing/processing_component.h
Examining data/webrtc-audio-processing-0.3/webrtc/modules/audio_processing/splitting_filter.cc
Examining data/webrtc-audio-processing-0.3/webrtc/modules/audio_processing/typing_detection.cc
Examining data/webrtc-audio-processing-0.3/webrtc/modules/audio_coding/codecs/isac/bandwidth_info.h
Examining data/webrtc-audio-processing-0.3/webrtc/modules/audio_coding/codecs/isac/main/source/pitch_filter.c
Examining data/webrtc-audio-processing-0.3/webrtc/modules/audio_coding/codecs/isac/main/source/codec.h
Examining data/webrtc-audio-processing-0.3/webrtc/modules/audio_coding/codecs/isac/main/source/encode_lpc_swb.c
Examining data/webrtc-audio-processing-0.3/webrtc/modules/audio_coding/codecs/isac/main/source/structs.h
Examining data/webrtc-audio-processing-0.3/webrtc/modules/audio_coding/codecs/isac/main/source/filterbank_tables.c
Examining data/webrtc-audio-processing-0.3/webrtc/modules/audio_coding/codecs/isac/main/source/encode_lpc_swb.h
Examining data/webrtc-audio-processing-0.3/webrtc/modules/audio_coding/codecs/isac/main/source/lpc_tables.h
Examining data/webrtc-audio-processing-0.3/webrtc/modules/audio_coding/codecs/isac/main/source/lpc_gain_swb_tables.h
Examining data/webrtc-audio-processing-0.3/webrtc/modules/audio_coding/codecs/isac/main/source/filterbank_tables.h
Examining data/webrtc-audio-processing-0.3/webrtc/modules/audio_coding/codecs/isac/main/source/lpc_shape_swb16_tables.h
Examining data/webrtc-audio-processing-0.3/webrtc/modules/audio_coding/codecs/isac/main/source/filter_functions.c
Examining data/webrtc-audio-processing-0.3/webrtc/modules/audio_coding/codecs/isac/main/source/entropy_coding.c
Examining data/webrtc-audio-processing-0.3/webrtc/modules/audio_coding/codecs/isac/main/source/settings.h
Examining data/webrtc-audio-processing-0.3/webrtc/modules/audio_coding/codecs/isac/main/source/arith_routines_logist.c
Examining data/webrtc-audio-processing-0.3/webrtc/modules/audio_coding/codecs/isac/main/source/lpc_gain_swb_tables.c
Examining data/webrtc-audio-processing-0.3/webrtc/modules/audio_coding/codecs/isac/main/source/filterbanks.c
Examining data/webrtc-audio-processing-0.3/webrtc/modules/audio_coding/codecs/isac/main/source/lpc_shape_swb12_tables.h
Examining data/webrtc-audio-processing-0.3/webrtc/modules/audio_coding/codecs/isac/main/source/pitch_lag_tables.c
Examining data/webrtc-audio-processing-0.3/webrtc/modules/audio_coding/codecs/isac/main/source/pitch_lag_tables.h
Examining data/webrtc-audio-processing-0.3/webrtc/modules/audio_coding/codecs/isac/main/source/pitch_gain_tables.c
Examining data/webrtc-audio-processing-0.3/webrtc/modules/audio_coding/codecs/isac/main/source/lpc_shape_swb16_tables.c
Examining data/webrtc-audio-processing-0.3/webrtc/modules/audio_coding/codecs/isac/main/source/lpc_shape_swb12_tables.c
Examining data/webrtc-audio-processing-0.3/webrtc/modules/audio_coding/codecs/isac/main/source/arith_routines_hist.c
Examining data/webrtc-audio-processing-0.3/webrtc/modules/audio_coding/codecs/isac/main/source/pitch_gain_tables.h
Examining data/webrtc-audio-processing-0.3/webrtc/modules/audio_coding/codecs/isac/main/source/entropy_coding.h
Examining data/webrtc-audio-processing-0.3/webrtc/modules/audio_coding/codecs/isac/main/source/spectrum_ar_model_tables.c
Examining data/webrtc-audio-processing-0.3/webrtc/modules/audio_coding/codecs/isac/main/source/pitch_estimator.h
Examining data/webrtc-audio-processing-0.3/webrtc/modules/audio_coding/codecs/isac/main/source/arith_routines.h
Examining data/webrtc-audio-processing-0.3/webrtc/modules/audio_coding/codecs/isac/main/source/intialize.c
Examining data/webrtc-audio-processing-0.3/webrtc/modules/audio_coding/codecs/isac/main/source/os_specific_inline.h
Examining data/webrtc-audio-processing-0.3/webrtc/modules/audio_coding/codecs/isac/main/source/arith_routines.c
Examining data/webrtc-audio-processing-0.3/webrtc/modules/audio_coding/codecs/isac/main/source/spectrum_ar_model_tables.h
Examining data/webrtc-audio-processing-0.3/webrtc/modules/audio_coding/codecs/isac/main/source/lpc_tables.c
Examining data/webrtc-audio-processing-0.3/webrtc/modules/audio_coding/codecs/isac/main/source/lpc_analysis.c
Examining data/webrtc-audio-processing-0.3/webrtc/modules/audio_coding/codecs/isac/main/source/pitch_estimator.c
Examining data/webrtc-audio-processing-0.3/webrtc/modules/audio_coding/codecs/isac/main/source/lpc_analysis.h
Examining data/webrtc-audio-processing-0.3/webrtc/modules/audio_coding/codecs/isac/main/include/isac.h
Examining data/webrtc-audio-processing-0.3/webrtc/modules/interface/module_common_types.h
Examining data/webrtc-audio-processing-0.3/webrtc/modules/utility/interface/audio_frame_operations.h
Examining data/webrtc-audio-processing-0.3/webrtc/common_types.h
Examining data/webrtc-audio-processing-0.3/webrtc/base/thread_annotations.h
Examining data/webrtc-audio-processing-0.3/webrtc/base/thread_checker_impl.h
Examining data/webrtc-audio-processing-0.3/webrtc/base/scoped_ptr.h
Examining data/webrtc-audio-processing-0.3/webrtc/base/stringutils.h
Examining data/webrtc-audio-processing-0.3/webrtc/base/platform_file.cc
Examining data/webrtc-audio-processing-0.3/webrtc/base/criticalsection.cc
Examining data/webrtc-audio-processing-0.3/webrtc/base/safe_conversions_impl.h
Examining data/webrtc-audio-processing-0.3/webrtc/base/platform_thread.h
Examining data/webrtc-audio-processing-0.3/webrtc/base/template_util.h
Examining data/webrtc-audio-processing-0.3/webrtc/base/event.h
Examining data/webrtc-audio-processing-0.3/webrtc/base/basictypes.h
Examining data/webrtc-audio-processing-0.3/webrtc/base/thread_checker_impl.cc
Examining data/webrtc-audio-processing-0.3/webrtc/base/criticalsection.h
Examining data/webrtc-audio-processing-0.3/webrtc/base/maybe.h
Examining data/webrtc-audio-processing-0.3/webrtc/base/platform_thread.cc
Examining data/webrtc-audio-processing-0.3/webrtc/base/atomicops.h
Examining data/webrtc-audio-processing-0.3/webrtc/base/arraysize.h
Examining data/webrtc-audio-processing-0.3/webrtc/base/stringutils.cc
Examining data/webrtc-audio-processing-0.3/webrtc/base/thread_checker.h
Examining data/webrtc-audio-processing-0.3/webrtc/base/platform_file.h
Examining data/webrtc-audio-processing-0.3/webrtc/base/checks.h
Examining data/webrtc-audio-processing-0.3/webrtc/base/event.cc
Examining data/webrtc-audio-processing-0.3/webrtc/base/checks.cc
Examining data/webrtc-audio-processing-0.3/webrtc/base/constructormagic.h
Examining data/webrtc-audio-processing-0.3/webrtc/base/safe_conversions.h
Examining data/webrtc-audio-processing-0.3/webrtc/common.h
Examining data/webrtc-audio-processing-0.3/webrtc/common_audio/lapped_transform.cc
Examining data/webrtc-audio-processing-0.3/webrtc/common_audio/blocker.cc
Examining data/webrtc-audio-processing-0.3/webrtc/common_audio/fft4g.h
Examining data/webrtc-audio-processing-0.3/webrtc/common_audio/wav_file.h
Examining data/webrtc-audio-processing-0.3/webrtc/common_audio/audio_converter.cc
Examining data/webrtc-audio-processing-0.3/webrtc/common_audio/blocker.h
Examining data/webrtc-audio-processing-0.3/webrtc/common_audio/window_generator.h
Examining data/webrtc-audio-processing-0.3/webrtc/common_audio/vad/vad_core.h
Examining data/webrtc-audio-processing-0.3/webrtc/common_audio/vad/vad_filterbank.c
Examining data/webrtc-audio-processing-0.3/webrtc/common_audio/vad/vad_gmm.h
Examining data/webrtc-audio-processing-0.3/webrtc/common_audio/vad/vad.cc
Examining data/webrtc-audio-processing-0.3/webrtc/common_audio/vad/vad_gmm.c
Examining data/webrtc-audio-processing-0.3/webrtc/common_audio/vad/include/webrtc_vad.h
Examining data/webrtc-audio-processing-0.3/webrtc/common_audio/vad/include/vad.h
Examining data/webrtc-audio-processing-0.3/webrtc/common_audio/vad/vad_sp.h
Examining data/webrtc-audio-processing-0.3/webrtc/common_audio/vad/webrtc_vad.c
Examining data/webrtc-audio-processing-0.3/webrtc/common_audio/vad/vad_sp.c
Examining data/webrtc-audio-processing-0.3/webrtc/common_audio/vad/vad_filterbank.h
Examining data/webrtc-audio-processing-0.3/webrtc/common_audio/vad/vad_core.c
Examining data/webrtc-audio-processing-0.3/webrtc/common_audio/real_fourier.cc
Examining data/webrtc-audio-processing-0.3/webrtc/common_audio/fft4g.c
Examining data/webrtc-audio-processing-0.3/webrtc/common_audio/audio_converter.h
Examining data/webrtc-audio-processing-0.3/webrtc/common_audio/fir_filter_neon.h
Examining data/webrtc-audio-processing-0.3/webrtc/common_audio/wav_header.h
Examining data/webrtc-audio-processing-0.3/webrtc/common_audio/audio_ring_buffer.cc
Examining data/webrtc-audio-processing-0.3/webrtc/common_audio/fir_filter.h
Examining data/webrtc-audio-processing-0.3/webrtc/common_audio/include/audio_util.h
Examining data/webrtc-audio-processing-0.3/webrtc/common_audio/channel_buffer.h
Examining data/webrtc-audio-processing-0.3/webrtc/common_audio/real_fourier.h
Examining data/webrtc-audio-processing-0.3/webrtc/common_audio/window_generator.cc
Examining data/webrtc-audio-processing-0.3/webrtc/common_audio/fir_filter_sse.cc
Examining data/webrtc-audio-processing-0.3/webrtc/common_audio/ring_buffer.c
Examining data/webrtc-audio-processing-0.3/webrtc/common_audio/fir_filter_sse.h
Examining data/webrtc-audio-processing-0.3/webrtc/common_audio/channel_buffer.cc
Examining data/webrtc-audio-processing-0.3/webrtc/common_audio/real_fourier_openmax.h
Examining data/webrtc-audio-processing-0.3/webrtc/common_audio/real_fourier_ooura.h
Examining data/webrtc-audio-processing-0.3/webrtc/common_audio/fir_filter.cc
Examining data/webrtc-audio-processing-0.3/webrtc/common_audio/audio_util.cc
Examining data/webrtc-audio-processing-0.3/webrtc/common_audio/fir_filter_neon.cc
Examining data/webrtc-audio-processing-0.3/webrtc/common_audio/lapped_transform.h
Examining data/webrtc-audio-processing-0.3/webrtc/common_audio/sparse_fir_filter.h
Examining data/webrtc-audio-processing-0.3/webrtc/common_audio/signal_processing/resample.c
Examining data/webrtc-audio-processing-0.3/webrtc/common_audio/signal_processing/filter_ar_fast_q12.c
Examining data/webrtc-audio-processing-0.3/webrtc/common_audio/signal_processing/downsample_fast_mips.c
Examining data/webrtc-audio-processing-0.3/webrtc/common_audio/signal_processing/cross_correlation_neon.c
Examining data/webrtc-audio-processing-0.3/webrtc/common_audio/signal_processing/copy_set_operations.c
Examining data/webrtc-audio-processing-0.3/webrtc/common_audio/signal_processing/resample_by_2_internal.h
Examining data/webrtc-audio-processing-0.3/webrtc/common_audio/signal_processing/resample_fractional.c
Examining data/webrtc-audio-processing-0.3/webrtc/common_audio/signal_processing/refl_coef_to_lpc.c
Examining data/webrtc-audio-processing-0.3/webrtc/common_audio/signal_processing/complex_bit_reverse_mips.c
Examining data/webrtc-audio-processing-0.3/webrtc/common_audio/signal_processing/complex_fft_mips.c
Examining data/webrtc-audio-processing-0.3/webrtc/common_audio/signal_processing/filter_ma_fast_q12.c
Examining data/webrtc-audio-processing-0.3/webrtc/common_audio/signal_processing/lpc_to_refl_coef.c
Examining data/webrtc-audio-processing-0.3/webrtc/common_audio/signal_processing/complex_fft.c
Examining data/webrtc-audio-processing-0.3/webrtc/common_audio/signal_processing/sqrt_of_one_minus_x_squared.c
Examining data/webrtc-audio-processing-0.3/webrtc/common_audio/signal_processing/spl_sqrt_floor_mips.c
Examining data/webrtc-audio-processing-0.3/webrtc/common_audio/signal_processing/splitting_filter.c
Examining data/webrtc-audio-processing-0.3/webrtc/common_audio/signal_processing/filter_ar.c
Examining data/webrtc-audio-processing-0.3/webrtc/common_audio/signal_processing/filter_ar_fast_q12_mips.c
Examining data/webrtc-audio-processing-0.3/webrtc/common_audio/signal_processing/division_operations.c
Examining data/webrtc-audio-processing-0.3/webrtc/common_audio/signal_processing/real_fft.c
Examining data/webrtc-audio-processing-0.3/webrtc/common_audio/signal_processing/ilbc_specific_functions.c
Examining data/webrtc-audio-processing-0.3/webrtc/common_audio/signal_processing/randomization_functions.c
Examining data/webrtc-audio-processing-0.3/webrtc/common_audio/signal_processing/resample_48khz.c
Examining data/webrtc-audio-processing-0.3/webrtc/common_audio/signal_processing/levinson_durbin.c
Examining data/webrtc-audio-processing-0.3/webrtc/common_audio/signal_processing/cross_correlation_mips.c
Examining data/webrtc-audio-processing-0.3/webrtc/common_audio/signal_processing/auto_corr_to_refl_coef.c
Examining data/webrtc-audio-processing-0.3/webrtc/common_audio/signal_processing/vector_scaling_operations.c
Examining data/webrtc-audio-processing-0.3/webrtc/common_audio/signal_processing/include/spl_inl_armv7.h
Examining data/webrtc-audio-processing-0.3/webrtc/common_audio/signal_processing/include/signal_processing_library.h
Examining data/webrtc-audio-processing-0.3/webrtc/common_audio/signal_processing/include/spl_inl.h
Examining data/webrtc-audio-processing-0.3/webrtc/common_audio/signal_processing/include/spl_inl_mips.h
Examining data/webrtc-audio-processing-0.3/webrtc/common_audio/signal_processing/include/real_fft.h
Examining data/webrtc-audio-processing-0.3/webrtc/common_audio/signal_processing/get_scaling_square.c
Examining data/webrtc-audio-processing-0.3/webrtc/common_audio/signal_processing/cross_correlation.c
Examining data/webrtc-audio-processing-0.3/webrtc/common_audio/signal_processing/complex_fft_tables.h
Examining data/webrtc-audio-processing-0.3/webrtc/common_audio/signal_processing/auto_correlation.c
Examining data/webrtc-audio-processing-0.3/webrtc/common_audio/signal_processing/vector_scaling_operations_mips.c
Examining data/webrtc-audio-processing-0.3/webrtc/common_audio/signal_processing/resample_by_2_internal.c
Examining data/webrtc-audio-processing-0.3/webrtc/common_audio/signal_processing/resample_by_2.c
Examining data/webrtc-audio-processing-0.3/webrtc/common_audio/signal_processing/downsample_fast.c
Examining data/webrtc-audio-processing-0.3/webrtc/common_audio/signal_processing/get_hanning_window.c
Examining data/webrtc-audio-processing-0.3/webrtc/common_audio/signal_processing/spl_init.c
Examining data/webrtc-audio-processing-0.3/webrtc/common_audio/signal_processing/spl_sqrt.c
Examining data/webrtc-audio-processing-0.3/webrtc/common_audio/signal_processing/min_max_operations.c
Examining data/webrtc-audio-processing-0.3/webrtc/common_audio/signal_processing/resample_by_2_mips.c
Examining data/webrtc-audio-processing-0.3/webrtc/common_audio/signal_processing/min_max_operations_neon.c
Examining data/webrtc-audio-processing-0.3/webrtc/common_audio/signal_processing/min_max_operations_mips.c
Examining data/webrtc-audio-processing-0.3/webrtc/common_audio/signal_processing/dot_product_with_scale.c
Examining data/webrtc-audio-processing-0.3/webrtc/common_audio/signal_processing/downsample_fast_neon.c
Examining data/webrtc-audio-processing-0.3/webrtc/common_audio/signal_processing/spl_sqrt_floor.c
Examining data/webrtc-audio-processing-0.3/webrtc/common_audio/signal_processing/complex_bit_reverse.c
Examining data/webrtc-audio-processing-0.3/webrtc/common_audio/signal_processing/energy.c
Examining data/webrtc-audio-processing-0.3/webrtc/common_audio/sparse_fir_filter.cc
Examining data/webrtc-audio-processing-0.3/webrtc/common_audio/real_fourier_ooura.cc
Examining data/webrtc-audio-processing-0.3/webrtc/common_audio/audio_ring_buffer.h
Examining data/webrtc-audio-processing-0.3/webrtc/common_audio/ring_buffer.h
Examining data/webrtc-audio-processing-0.3/webrtc/common_audio/resampler/sinusoidal_linear_chirp_source.cc
Examining data/webrtc-audio-processing-0.3/webrtc/common_audio/resampler/push_resampler.cc
Examining data/webrtc-audio-processing-0.3/webrtc/common_audio/resampler/sinc_resampler_neon.cc
Examining data/webrtc-audio-processing-0.3/webrtc/common_audio/resampler/sinusoidal_linear_chirp_source.h
Examining data/webrtc-audio-processing-0.3/webrtc/common_audio/resampler/push_sinc_resampler.cc
Examining data/webrtc-audio-processing-0.3/webrtc/common_audio/resampler/include/resampler.h
Examining data/webrtc-audio-processing-0.3/webrtc/common_audio/resampler/include/push_resampler.h
Examining data/webrtc-audio-processing-0.3/webrtc/common_audio/resampler/push_sinc_resampler.h
Examining data/webrtc-audio-processing-0.3/webrtc/common_audio/resampler/sinc_resampler.h
Examining data/webrtc-audio-processing-0.3/webrtc/common_audio/resampler/sinc_resampler.cc
Examining data/webrtc-audio-processing-0.3/webrtc/common_audio/resampler/resampler.cc
Examining data/webrtc-audio-processing-0.3/webrtc/common_audio/resampler/sinc_resampler_sse.cc
Examining data/webrtc-audio-processing-0.3/webrtc/common_audio/wav_file.cc
Examining data/webrtc-audio-processing-0.3/webrtc/common_audio/wav_header.cc
Examining data/webrtc-audio-processing-0.3/webrtc/typedefs.h
FINAL RESULTS:
data/webrtc-audio-processing-0.3/webrtc/base/checks.cc:43:3: [4] (format) vfprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
vfprintf(stderr, format, args);
data/webrtc-audio-processing-0.3/webrtc/base/stringutils.h:96:9: [4] (format) vsnprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
#ifndef vsnprintf
data/webrtc-audio-processing-0.3/webrtc/base/stringutils.h:97:12: [4] (format) vsnprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
inline int vsnprintf(wchar_t* buf, size_t n, const wchar_t* fmt, va_list args) {
data/webrtc-audio-processing-0.3/webrtc/base/stringutils.h:211:13: [4] (format) vsnprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
int len = vsnprintf(buffer, buflen, format, args);
data/webrtc-audio-processing-0.3/webrtc/system_wrappers/source/file_impl.cc:216:19: [4] (format) vfprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
int num_chars = vfprintf(id_, format, args);
data/webrtc-audio-processing-0.3/webrtc/system_wrappers/source/trace_impl.cc:493:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(file_name_with_counter_utf8 + length_to_, "_%lu%s",
data/webrtc-audio-processing-0.3/webrtc/system_wrappers/source/trace_impl.cc:521:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(file_name_with_counter_utf8 + length_without_file_ending, "_%lu%s",
data/webrtc-audio-processing-0.3/webrtc/system_wrappers/source/trace_impl.cc:593:9: [4] (format) vsnprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
vsnprintf(temp_buff, WEBRTC_TRACE_MAX_MESSAGE_SIZE - 1, msg, args);
data/webrtc-audio-processing-0.3/webrtc/system_wrappers/source/trace_posix.cc:78:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(trace_message, "Local Date: %s", ctime_r(&t, buffer));
data/webrtc-audio-processing-0.3/webrtc/base/criticalsection.cc:19:3: [3] (misc) InitializeCriticalSection:
Exceptions can be thrown in low-memory situations. Use
InitializeCriticalSectionAndSpinCount instead.
InitializeCriticalSection(&crit_);
data/webrtc-audio-processing-0.3/webrtc/base/criticalsection.cc:41:3: [3] (misc) EnterCriticalSection:
On some versions of Windows, exceptions can be thrown in low-memory
situations. Use InitializeCriticalSectionAndSpinCount instead.
EnterCriticalSection(&crit_);
data/webrtc-audio-processing-0.3/webrtc/common_audio/signal_processing/spl_init.c:124:3: [3] (misc) EnterCriticalSection:
On some versions of Windows, exceptions can be thrown in low-memory
situations. Use InitializeCriticalSectionAndSpinCount instead.
EnterCriticalSection(&lock);
data/webrtc-audio-processing-0.3/webrtc/system_wrappers/source/critical_section_win.cc:16:3: [3] (misc) InitializeCriticalSection:
Exceptions can be thrown in low-memory situations. Use
InitializeCriticalSectionAndSpinCount instead.
InitializeCriticalSection(&crit);
data/webrtc-audio-processing-0.3/webrtc/system_wrappers/source/critical_section_win.cc:25:3: [3] (misc) EnterCriticalSection:
On some versions of Windows, exceptions can be thrown in low-memory
situations. Use InitializeCriticalSectionAndSpinCount instead.
EnterCriticalSection(&crit);
data/webrtc-audio-processing-0.3/webrtc/system_wrappers/source/rw_lock_win.cc:68:13: [3] (misc) LoadLibrary:
Ensure that the full path to the library is specified, or current directory
may be used (CWE-829, CWE-20). Use registry entry or GetWindowsDirectory to
find library path, if you aren't already.
library = LoadLibrary(TEXT("Kernel32.dll"));
data/webrtc-audio-processing-0.3/webrtc/base/checks.cc:69:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char mangled[201];
data/webrtc-audio-processing-0.3/webrtc/base/stringutils.h:191:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buffer, source, srclen * sizeof(CTYPE));
data/webrtc-audio-processing-0.3/webrtc/common_audio/audio_converter.cc:37:14: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
std::memcpy(dst[i], src[i], dst_frames() * sizeof(*dst[i]));
data/webrtc-audio-processing-0.3/webrtc/common_audio/blocker.cc:124:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(window_.get(), window, block_size_ * sizeof(*window_.get()));
data/webrtc-audio-processing-0.3/webrtc/common_audio/channel_buffer.h:126:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(data_.get(), data, size * sizeof(*data));
data/webrtc-audio-processing-0.3/webrtc/common_audio/fir_filter.cc:106:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(
data/webrtc-audio-processing-0.3/webrtc/common_audio/fir_filter.cc:112:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&state_[state_length_ - length], in, length * sizeof(*in));
data/webrtc-audio-processing-0.3/webrtc/common_audio/fir_filter_neon.cc:48:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&state_[state_length_], in, length * sizeof(*in));
data/webrtc-audio-processing-0.3/webrtc/common_audio/fir_filter_sse.cc:48:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&state_[state_length_], in, length * sizeof(*in));
data/webrtc-audio-processing-0.3/webrtc/common_audio/lapped_transform.cc:32:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(parent_->real_buf_.Row(i), input[i],
data/webrtc-audio-processing-0.3/webrtc/common_audio/lapped_transform.cc:50:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(output[i], parent_->real_buf_.Row(i),
data/webrtc-audio-processing-0.3/webrtc/common_audio/resampler/push_resampler.cc:81:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(dst, src, src_length * sizeof(T));
data/webrtc-audio-processing-0.3/webrtc/common_audio/resampler/push_sinc_resampler.cc:95:10: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
std::memcpy(destination, source_ptr_, frames * sizeof(*destination));
data/webrtc-audio-processing-0.3/webrtc/common_audio/resampler/resampler.cc:464:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(samplesOut, samplesIn, lengthIn * sizeof(int16_t));
data/webrtc-audio-processing-0.3/webrtc/common_audio/resampler/sinc_resampler.cc:334:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(r1_, r3_, sizeof(*input_buffer_.get()) * kKernelSize);
data/webrtc-audio-processing-0.3/webrtc/common_audio/ring_buffer.c:139:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(data, buf_ptr_1, buf_ptr_bytes_1);
data/webrtc-audio-processing-0.3/webrtc/common_audio/ring_buffer.c:140:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(((char*) data) + buf_ptr_bytes_1, buf_ptr_2, buf_ptr_bytes_2);
data/webrtc-audio-processing-0.3/webrtc/common_audio/ring_buffer.c:144:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(data, buf_ptr_1, buf_ptr_bytes_1);
data/webrtc-audio-processing-0.3/webrtc/common_audio/ring_buffer.c:177:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(self->data + self->write_pos * self->element_size,
data/webrtc-audio-processing-0.3/webrtc/common_audio/ring_buffer.c:183:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(self->data + self->write_pos * self->element_size,
data/webrtc-audio-processing-0.3/webrtc/common_audio/signal_processing/include/signal_processing_library.h:102:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(v1, v2, (length) * sizeof(int16_t))
data/webrtc-audio-processing-0.3/webrtc/common_audio/signal_processing/real_fft.c:69:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(complex_data_out, complex_buffer, sizeof(int16_t) * (n + 2));
data/webrtc-audio-processing-0.3/webrtc/common_audio/signal_processing/real_fft.c:87:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(complex_buffer, complex_data_in, sizeof(int16_t) * (n + 2));
data/webrtc-audio-processing-0.3/webrtc/common_audio/signal_processing/resample_48khz.c:41:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(tmpmem + 8, state->S_48_32, 8 * sizeof(int32_t));
data/webrtc-audio-processing-0.3/webrtc/common_audio/signal_processing/resample_48khz.c:42:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(state->S_48_32, tmpmem + 488, 8 * sizeof(int32_t));
data/webrtc-audio-processing-0.3/webrtc/common_audio/signal_processing/resample_48khz.c:79:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(tmpmem + 8, state->S_32_24, 8 * sizeof(int32_t));
data/webrtc-audio-processing-0.3/webrtc/common_audio/signal_processing/resample_48khz.c:80:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(state->S_32_24, tmpmem + 328, 8 * sizeof(int32_t));
data/webrtc-audio-processing-0.3/webrtc/common_audio/signal_processing/resample_48khz.c:123:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(tmpmem + 8, state->S_24_16, 8 * sizeof(int32_t));
data/webrtc-audio-processing-0.3/webrtc/common_audio/signal_processing/resample_48khz.c:124:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(state->S_24_16, tmpmem + 248, 8 * sizeof(int32_t));
data/webrtc-audio-processing-0.3/webrtc/common_audio/signal_processing/resample_48khz.c:162:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(tmpmem + 256, state->S_16_12, 8 * sizeof(int32_t));
data/webrtc-audio-processing-0.3/webrtc/common_audio/signal_processing/resample_48khz.c:163:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(state->S_16_12, tmpmem + 416, 8 * sizeof(int32_t));
data/webrtc-audio-processing-0.3/webrtc/common_audio/sparse_fir_filter.cc:48:12: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
std::memcpy(&state_[0],
data/webrtc-audio-processing-0.3/webrtc/common_audio/sparse_fir_filter.cc:55:12: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
std::memcpy(&state_[state_.size() - length], in, length * sizeof(*in));
data/webrtc-audio-processing-0.3/webrtc/common_audio/wav_file.cc:49:20: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
: file_handle_(fopen(filename.c_str(), "rb")) {
data/webrtc-audio-processing-0.3/webrtc/common_audio/wav_file.cc:109:20: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
file_handle_(fopen(filename.c_str(), "wb")) {
data/webrtc-audio-processing-0.3/webrtc/common_audio/wav_header.cc:211:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buf, &header, kWavHeaderSize);
data/webrtc-audio-processing-0.3/webrtc/common_types.h:291:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char plname[RTP_PAYLOAD_NAME_SIZE];
data/webrtc-audio-processing-0.3/webrtc/common_types.h:695:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char plName[kPayloadNameSize];
data/webrtc-audio-processing-0.3/webrtc/modules/audio_coding/codecs/isac/main/source/entropy_coding.c:598:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&tmp[1], &a[1], (m - 1) * sizeof(double));
data/webrtc-audio-processing-0.3/webrtc/modules/audio_coding/codecs/isac/main/source/entropy_coding.c:620:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&a[1], &tmp[1], (m - 1) * sizeof(double));
data/webrtc-audio-processing-0.3/webrtc/modules/audio_coding/codecs/isac/main/source/entropy_coding.c:705:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&poly[1], ptrIO, sizeof(double) * vecSize);
data/webrtc-audio-processing-0.3/webrtc/modules/audio_coding/codecs/isac/main/source/entropy_coding.c:1200:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(encData->indexLPCShape, idx, UB_LPC_ORDER *
data/webrtc-audio-processing-0.3/webrtc/modules/audio_coding/codecs/isac/main/source/entropy_coding.c:1215:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(encData->indexLPCShape, idx, UB_LPC_ORDER *
data/webrtc-audio-processing-0.3/webrtc/modules/audio_coding/codecs/isac/main/source/entropy_coding.c:1380:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(lpcGainIndex, idx, UB_LPC_GAIN_DIM * sizeof(int));
data/webrtc-audio-processing-0.3/webrtc/modules/audio_coding/codecs/isac/main/source/filter_functions.c:146:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(tmpbuffer, wfdata->buffer, sizeof(double) * PITCH_WLPCBUFLEN);
data/webrtc-audio-processing-0.3/webrtc/modules/audio_coding/codecs/isac/main/source/filter_functions.c:147:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(tmpbuffer+PITCH_WLPCBUFLEN, in, sizeof(double) * PITCH_FRAME_LEN);
data/webrtc-audio-processing-0.3/webrtc/modules/audio_coding/codecs/isac/main/source/filter_functions.c:148:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(wfdata->buffer, tmpbuffer+PITCH_FRAME_LEN, sizeof(double) * PITCH_WLPCBUFLEN);
data/webrtc-audio-processing-0.3/webrtc/modules/audio_coding/codecs/isac/main/source/filter_functions.c:195:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(weiout, weoutbuf+PITCH_WLPCORDER, sizeof(double) * PITCH_FRAME_LEN);
data/webrtc-audio-processing-0.3/webrtc/modules/audio_coding/codecs/isac/main/source/filter_functions.c:196:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(whiout, whoutbuf+PITCH_WLPCORDER, sizeof(double) * PITCH_FRAME_LEN);
data/webrtc-audio-processing-0.3/webrtc/modules/audio_coding/codecs/isac/main/source/filter_functions.c:229:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(data_vec+1, in, sizeof(double) * (N-1));
data/webrtc-audio-processing-0.3/webrtc/modules/audio_coding/codecs/isac/main/source/lpc_analysis.c:438:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(corrMat[frameCntr], corrSubFrame,
data/webrtc-audio-processing-0.3/webrtc/modules/audio_coding/codecs/isac/main/source/lpc_analysis.c:513:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&aPolynom[1], &filtCoeffVecs[(subFrameCntr * (UB_LPC_ORDER + 1)) +
data/webrtc-audio-processing-0.3/webrtc/modules/audio_coding/codecs/isac/main/source/pitch_estimator.c:166:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buf_dec, State->dec_buffer, sizeof(double) * (PITCH_CORR_LEN2+PITCH_CORR_STEP2+PITCH_MAX_LAG/2-PITCH_FRAME_LEN/2+2));
data/webrtc-audio-processing-0.3/webrtc/modules/audio_coding/codecs/isac/main/source/pitch_estimator.c:177:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(State->dec_buffer, buf_dec+PITCH_FRAME_LEN/2, sizeof(double) * (PITCH_CORR_LEN2+PITCH_CORR_STEP2+PITCH_MAX_LAG/2-PITCH_FRAME_LEN/2+2));
data/webrtc-audio-processing-0.3/webrtc/modules/audio_coding/codecs/isac/main/source/pitch_estimator.c:492:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(Whitened, State->whitened_buf, sizeof(double) * QLOOKAHEAD);
data/webrtc-audio-processing-0.3/webrtc/modules/audio_coding/codecs/isac/main/source/pitch_estimator.c:498:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(State->whitened_buf, Whitened+PITCH_FRAME_LEN, sizeof(double) * QLOOKAHEAD);
data/webrtc-audio-processing-0.3/webrtc/modules/audio_coding/codecs/isac/main/source/pitch_estimator.c:614:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(inbuf, State->inbuf, sizeof(double) * QLOOKAHEAD);
data/webrtc-audio-processing-0.3/webrtc/modules/audio_coding/codecs/isac/main/source/pitch_estimator.c:615:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(inbuf+QLOOKAHEAD, in, sizeof(double) * PITCH_FRAME_LEN);
data/webrtc-audio-processing-0.3/webrtc/modules/audio_coding/codecs/isac/main/source/pitch_filter.c:276:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(filter_parameters.buffer, filter_state->ubuf,
data/webrtc-audio-processing-0.3/webrtc/modules/audio_coding/codecs/isac/main/source/pitch_filter.c:278:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(filter_parameters.damper_state, filter_state->ystate,
data/webrtc-audio-processing-0.3/webrtc/modules/audio_processing/aec/aec_core.c:387:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(efw, dfw, sizeof(efw[0][0]) * 2 * PART_LEN1);
data/webrtc-audio-processing-0.3/webrtc/modules/audio_processing/aec/aec_core.c:431:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(xfw,
data/webrtc-audio-processing-0.3/webrtc/modules/audio_processing/aec/aec_core.c:993:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(aec->xfwBuf, xfw_ptr, sizeof(float) * 2 * PART_LEN1);
data/webrtc-audio-processing-0.3/webrtc/modules/audio_processing/aec/aec_core.c:1050:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(hNlPref, &hNl[minPrefBand], sizeof(float) * prefBandSize);
data/webrtc-audio-processing-0.3/webrtc/modules/audio_processing/aec/aec_core.c:1165:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(aec->dBuf, aec->dBuf + PART_LEN, sizeof(float) * PART_LEN);
data/webrtc-audio-processing-0.3/webrtc/modules/audio_processing/aec/aec_core.c:1166:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(aec->eBuf, aec->eBuf + PART_LEN, sizeof(float) * PART_LEN);
data/webrtc-audio-processing-0.3/webrtc/modules/audio_processing/aec/aec_core.c:1170:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(aec->dBufH[j], aec->dBufH[j] + PART_LEN, sizeof(float) * PART_LEN);
data/webrtc-audio-processing-0.3/webrtc/modules/audio_processing/aec/aec_core.c:1216:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(aec->dBufH[i] + PART_LEN, nearend_ptr, sizeof(nearend));
data/webrtc-audio-processing-0.3/webrtc/modules/audio_processing/aec/aec_core.c:1219:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(aec->dBuf + PART_LEN, nearend_ptr, sizeof(nearend));
data/webrtc-audio-processing-0.3/webrtc/modules/audio_processing/aec/aec_core.c:1238:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(fft, aec->dBuf, sizeof(float) * PART_LEN2);
data/webrtc-audio-processing-0.3/webrtc/modules/audio_processing/aec/aec_core.c:1310:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(aec->xfBuf[0] + aec->xfBufBlockPos * PART_LEN1,
data/webrtc-audio-processing-0.3/webrtc/modules/audio_processing/aec/aec_core.c:1313:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(aec->xfBuf[1] + aec->xfBufBlockPos * PART_LEN1,
data/webrtc-audio-processing-0.3/webrtc/modules/audio_processing/aec/aec_core.c:1341:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(aec->eBuf + PART_LEN, e, sizeof(float) * PART_LEN);
data/webrtc-audio-processing-0.3/webrtc/modules/audio_processing/aec/aec_core.c:1343:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(fft + PART_LEN, e, sizeof(float) * PART_LEN);
data/webrtc-audio-processing-0.3/webrtc/modules/audio_processing/aec/aec_core.c:1712:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(fft, farend, sizeof(float) * PART_LEN2);
data/webrtc-audio-processing-0.3/webrtc/modules/audio_processing/aec/aec_core.c:1717:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(fft, farend, sizeof(float) * PART_LEN2);
data/webrtc-audio-processing-0.3/webrtc/modules/audio_processing/aec/aec_core_neon.c:622:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(efw, dfw, sizeof(efw[0][0]) * 2 * PART_LEN1);
data/webrtc-audio-processing-0.3/webrtc/modules/audio_processing/aec/aec_core_neon.c:679:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(xfw,
data/webrtc-audio-processing-0.3/webrtc/modules/audio_processing/aec/aec_core_sse2.c:602:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(efw, dfw, sizeof(efw[0][0]) * 2 * PART_LEN1);
data/webrtc-audio-processing-0.3/webrtc/modules/audio_processing/aec/aec_core_sse2.c:663:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(xfw,
data/webrtc-audio-processing-0.3/webrtc/modules/audio_processing/aec/aec_resampler.c:84:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&obj->buffer[FRAME_LEN + kResamplingDelay],
data/webrtc-audio-processing-0.3/webrtc/modules/audio_processing/aec/echo_cancellation.c:153:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char filename[64];
data/webrtc-audio-processing-0.3/webrtc/modules/audio_processing/aec/echo_cancellation.c:154:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(filename, "aec_buf%d.dat", webrtc_aec_instance_count);
data/webrtc-audio-processing-0.3/webrtc/modules/audio_processing/aec/echo_cancellation.c:155:22: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
aecpc->bufFile = fopen(filename, "wb");
data/webrtc-audio-processing-0.3/webrtc/modules/audio_processing/aec/echo_cancellation.c:156:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(filename, "aec_skew%d.dat", webrtc_aec_instance_count);
data/webrtc-audio-processing-0.3/webrtc/modules/audio_processing/aec/echo_cancellation.c:157:23: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
aecpc->skewFile = fopen(filename, "wb");
data/webrtc-audio-processing-0.3/webrtc/modules/audio_processing/aec/echo_cancellation.c:158:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(filename, "aec_delay%d.dat", webrtc_aec_instance_count);
data/webrtc-audio-processing-0.3/webrtc/modules/audio_processing/aec/echo_cancellation.c:159:24: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
aecpc->delayFile = fopen(filename, "wb");
data/webrtc-audio-processing-0.3/webrtc/modules/audio_processing/aec/echo_cancellation.c:649:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(out[i], nearend[i], sizeof(nearend[i][0]) * nrOfSamples);
data/webrtc-audio-processing-0.3/webrtc/modules/audio_processing/aec/echo_cancellation.c:774:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(out[i], near[i], sizeof(near[i][0]) * num_samples);
data/webrtc-audio-processing-0.3/webrtc/modules/audio_processing/aecm/aecm_core.c:166:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&(self->far_history[self->far_history_pos * PART_LEN1]),
data/webrtc-audio-processing-0.3/webrtc/modules/audio_processing/aecm/aecm_core.c:287:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(aecm->channelStored, echo_path, sizeof(int16_t) * PART_LEN1);
data/webrtc-audio-processing-0.3/webrtc/modules/audio_processing/aecm/aecm_core.c:289:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(aecm->channelAdapt16, echo_path, sizeof(int16_t) * PART_LEN1);
data/webrtc-audio-processing-0.3/webrtc/modules/audio_processing/aecm/aecm_core.c:328:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(aecm->channelStored, aecm->channelAdapt16, sizeof(int16_t) * PART_LEN1);
data/webrtc-audio-processing-0.3/webrtc/modules/audio_processing/aecm/aecm_core.c:350:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(aecm->channelAdapt16, aecm->channelStored,
data/webrtc-audio-processing-0.3/webrtc/modules/audio_processing/aecm/aecm_core.c:637:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(out, out_ptr, FRAME_LEN * sizeof(int16_t));
data/webrtc-audio-processing-0.3/webrtc/modules/audio_processing/aecm/aecm_core.c:1184:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(aecm->farBuf + aecm->farBufWritePos, farend + writePos,
data/webrtc-audio-processing-0.3/webrtc/modules/audio_processing/aecm/aecm_core.c:1191:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(aecm->farBuf + aecm->farBufWritePos, farend + writePos,
data/webrtc-audio-processing-0.3/webrtc/modules/audio_processing/aecm/aecm_core.c:1224:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(farend + readPos, aecm->farBuf + aecm->farBufReadPos,
data/webrtc-audio-processing-0.3/webrtc/modules/audio_processing/aecm/aecm_core.c:1230:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(farend + readPos, aecm->farBuf + aecm->farBufReadPos,
data/webrtc-audio-processing-0.3/webrtc/modules/audio_processing/aecm/aecm_core_c.c:135:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(aecm->xBuf, aecm->xBuf + PART_LEN, sizeof(int16_t) * PART_LEN);
data/webrtc-audio-processing-0.3/webrtc/modules/audio_processing/aecm/aecm_core_c.c:136:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(aecm->dBufNoisy,
data/webrtc-audio-processing-0.3/webrtc/modules/audio_processing/aecm/aecm_core_c.c:141:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(aecm->dBufClean,
data/webrtc-audio-processing-0.3/webrtc/modules/audio_processing/aecm/aecm_core_c.c:343:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(aecm->xBuf + PART_LEN, farend, sizeof(int16_t) * PART_LEN);
data/webrtc-audio-processing-0.3/webrtc/modules/audio_processing/aecm/aecm_core_c.c:344:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(aecm->dBufNoisy + PART_LEN, nearendNoisy, sizeof(int16_t) * PART_LEN);
data/webrtc-audio-processing-0.3/webrtc/modules/audio_processing/aecm/aecm_core_c.c:347:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(aecm->dBufClean + PART_LEN,
data/webrtc-audio-processing-0.3/webrtc/modules/audio_processing/aecm/aecm_core_mips.c:424:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(aecm->xBuf, aecm->xBuf + PART_LEN, sizeof(int16_t) * PART_LEN);
data/webrtc-audio-processing-0.3/webrtc/modules/audio_processing/aecm/aecm_core_mips.c:425:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(aecm->dBufNoisy,
data/webrtc-audio-processing-0.3/webrtc/modules/audio_processing/aecm/aecm_core_mips.c:429:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(aecm->dBufClean,
data/webrtc-audio-processing-0.3/webrtc/modules/audio_processing/aecm/aecm_core_mips.c:536:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(aecm->channelStored, aecm->channelAdapt16,
data/webrtc-audio-processing-0.3/webrtc/modules/audio_processing/aecm/aecm_core_mips.c:582:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(aecm->channelAdapt16,
data/webrtc-audio-processing-0.3/webrtc/modules/audio_processing/aecm/aecm_core_mips.c:865:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(aecm->xBuf + PART_LEN, farend, sizeof(int16_t) * PART_LEN);
data/webrtc-audio-processing-0.3/webrtc/modules/audio_processing/aecm/aecm_core_mips.c:866:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(aecm->dBufNoisy + PART_LEN,
data/webrtc-audio-processing-0.3/webrtc/modules/audio_processing/aecm/aecm_core_mips.c:870:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(aecm->dBufClean + PART_LEN,
data/webrtc-audio-processing-0.3/webrtc/modules/audio_processing/aecm/echo_control_mobile.c:106:31: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
aecm->aecmCore->farFile = fopen("aecFar.pcm","wb");
data/webrtc-audio-processing-0.3/webrtc/modules/audio_processing/aecm/echo_control_mobile.c:107:32: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
aecm->aecmCore->nearFile = fopen("aecNear.pcm","wb");
data/webrtc-audio-processing-0.3/webrtc/modules/audio_processing/aecm/echo_control_mobile.c:108:31: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
aecm->aecmCore->outFile = fopen("aecOut.pcm","wb");
data/webrtc-audio-processing-0.3/webrtc/modules/audio_processing/aecm/echo_control_mobile.c:111:21: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
aecm->bufFile = fopen("aecBuf.dat", "wb");
data/webrtc-audio-processing-0.3/webrtc/modules/audio_processing/aecm/echo_control_mobile.c:112:23: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
aecm->delayFile = fopen("aecDelay.dat", "wb");
data/webrtc-audio-processing-0.3/webrtc/modules/audio_processing/aecm/echo_control_mobile.c:113:25: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
aecm->preCompFile = fopen("preComp.pcm", "wb");
data/webrtc-audio-processing-0.3/webrtc/modules/audio_processing/aecm/echo_control_mobile.c:114:26: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
aecm->postCompFile = fopen("postComp.pcm", "wb");
data/webrtc-audio-processing-0.3/webrtc/modules/audio_processing/aecm/echo_control_mobile.c:307:17: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(out, nearendNoisy, sizeof(short) * nrOfSamples);
data/webrtc-audio-processing-0.3/webrtc/modules/audio_processing/aecm/echo_control_mobile.c:311:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(out, nearendClean, sizeof(short) * nrOfSamples);
data/webrtc-audio-processing-0.3/webrtc/modules/audio_processing/aecm/echo_control_mobile.c:405:17: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&(aecm->farendOld[i][0]), farend_ptr,
data/webrtc-audio-processing-0.3/webrtc/modules/audio_processing/aecm/echo_control_mobile.c:410:17: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(farend, &(aecm->farendOld[i][0]), FRAME_LEN * sizeof(short));
data/webrtc-audio-processing-0.3/webrtc/modules/audio_processing/aecm/echo_control_mobile.c:611:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(echo_path_ptr, aecm->aecmCore->channelStored, size_bytes);
data/webrtc-audio-processing-0.3/webrtc/modules/audio_processing/agc/agc_manager_direct.cc:92:15: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
: file_(fopen(filename, "wb")) {
data/webrtc-audio-processing-0.3/webrtc/modules/audio_processing/agc/legacy/analog_agc.c:232:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(tmp_speech, &in_mic[0][i * 16], 16 * sizeof(short));
data/webrtc-audio-processing-0.3/webrtc/modules/audio_processing/agc/legacy/analog_agc.c:1218:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(stt->env[0], stt->env[1], 10 * sizeof(int32_t));
data/webrtc-audio-processing-0.3/webrtc/modules/audio_processing/agc/legacy/analog_agc.c:1219:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(stt->Rxx16w32_array[0],
data/webrtc-audio-processing-0.3/webrtc/modules/audio_processing/agc/legacy/analog_agc.c:1321:14: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
stt->fpt = fopen("./agc_test_log.txt", "wt");
data/webrtc-audio-processing-0.3/webrtc/modules/audio_processing/agc/legacy/analog_agc.c:1322:17: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
stt->agcLog = fopen("./agc_debug_log.txt", "wt");
data/webrtc-audio-processing-0.3/webrtc/modules/audio_processing/agc/legacy/analog_agc.c:1323:29: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
stt->digitalAgc.logFile = fopen("./agc_log.txt", "wt");
data/webrtc-audio-processing-0.3/webrtc/modules/audio_processing/agc/legacy/digital_agc.c:336:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(out[i], in_near[i], 10 * L * sizeof(in_near[i][0]));
data/webrtc-audio-processing-0.3/webrtc/modules/audio_processing/audio_buffer.cc:447:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(low_pass_reference_channels_->channels()[i],
data/webrtc-audio-processing-0.3/webrtc/modules/audio_processing/audio_processing_impl.cc:905:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char filename[AudioProcessing::kMaxFilenameSize]) {
data/webrtc-audio-processing-0.3/webrtc/modules/audio_processing/audio_processing_impl.h:105:33: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
int StartDebugRecording(const char filename[kMaxFilenameSize]) override;
data/webrtc-audio-processing-0.3/webrtc/modules/audio_processing/echo_control_mobile_impl.cc:211:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(external_echo_path_, echo_path, size_bytes);
data/webrtc-audio-processing-0.3/webrtc/modules/audio_processing/include/audio_processing.h:409:41: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
virtual int StartDebugRecording(const char filename[kMaxFilenameSize]) = 0;
data/webrtc-audio-processing-0.3/webrtc/modules/audio_processing/intelligibility/intelligibility_enhancer.cc:142:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(audio[i], temp_render_out_buffer_.channels()[i],
data/webrtc-audio-processing-0.3/webrtc/modules/audio_processing/logging/aec_logging_file_handling.cc:32:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char filename[64];
data/webrtc-audio-processing-0.3/webrtc/modules/audio_processing/logging/aec_logging_file_handling.cc:45:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char filename[64];
data/webrtc-audio-processing-0.3/webrtc/modules/audio_processing/logging/aec_logging_file_handling.cc:54:11: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
*file = fopen(filename, "wb");
data/webrtc-audio-processing-0.3/webrtc/modules/audio_processing/ns/ns_core.c:862:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buffer,
data/webrtc-audio-processing-0.3/webrtc/modules/audio_processing/ns/ns_core.c:866:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buffer + buffer_length - frame_length,
data/webrtc-audio-processing-0.3/webrtc/modules/audio_processing/ns/ns_core.c:1180:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(self->noise, noise, sizeof(*noise) * self->magnLen);
data/webrtc-audio-processing-0.3/webrtc/modules/audio_processing/ns/ns_core.c:1181:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(self->magnPrevAnalyze, magn, sizeof(*magn) * self->magnLen);
data/webrtc-audio-processing-0.3/webrtc/modules/audio_processing/ns/ns_core.c:1310:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(self->magnPrevProcess, magn, sizeof(*magn) * self->magnLen);
data/webrtc-audio-processing-0.3/webrtc/modules/audio_processing/ns/ns_core.c:1311:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(self->noisePrev, self->noise, sizeof(self->noise[0]) * self->magnLen);
data/webrtc-audio-processing-0.3/webrtc/modules/audio_processing/ns/nsx_core.c:516:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(inst->synthesisBuffer, inst->synthesisBuffer + inst->blockLen10ms,
data/webrtc-audio-processing-0.3/webrtc/modules/audio_processing/ns/nsx_core.c:529:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(inst->analysisBuffer, inst->analysisBuffer + inst->blockLen10ms,
data/webrtc-audio-processing-0.3/webrtc/modules/audio_processing/ns/nsx_core.c:531:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(inst->analysisBuffer + inst->anaLen - inst->blockLen10ms, new_speech,
data/webrtc-audio-processing-0.3/webrtc/modules/audio_processing/ns/nsx_core.c:748:18: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
inst->infile = fopen("indebug.pcm", "wb");
data/webrtc-audio-processing-0.3/webrtc/modules/audio_processing/ns/nsx_core.c:749:19: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
inst->outfile = fopen("outdebug.pcm", "wb");
data/webrtc-audio-processing-0.3/webrtc/modules/audio_processing/ns/nsx_core.c:750:17: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
inst->file1 = fopen("file1.pcm", "wb");
data/webrtc-audio-processing-0.3/webrtc/modules/audio_processing/ns/nsx_core.c:751:17: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
inst->file2 = fopen("file2.pcm", "wb");
data/webrtc-audio-processing-0.3/webrtc/modules/audio_processing/ns/nsx_core.c:752:17: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
inst->file3 = fopen("file3.pcm", "wb");
data/webrtc-audio-processing-0.3/webrtc/modules/audio_processing/ns/nsx_core.c:753:17: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
inst->file4 = fopen("file4.pcm", "wb");
data/webrtc-audio-processing-0.3/webrtc/modules/audio_processing/ns/nsx_core.c:754:17: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
inst->file5 = fopen("file5.pcm", "wb");
data/webrtc-audio-processing-0.3/webrtc/modules/audio_processing/ns/nsx_core.c:1445:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(inst->synthesisBuffer, inst->synthesisBuffer + inst->blockLen10ms,
data/webrtc-audio-processing-0.3/webrtc/modules/audio_processing/ns/nsx_core.c:1581:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(inst->dataBufHBFX[i], inst->dataBufHBFX[i] + inst->blockLen10ms,
data/webrtc-audio-processing-0.3/webrtc/modules/audio_processing/ns/nsx_core.c:1583:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(inst->dataBufHBFX[i] + block_shift, speechFrameHB[i],
data/webrtc-audio-processing-0.3/webrtc/modules/audio_processing/ns/nsx_core.c:2043:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(inst->dataBufHBFX[i], inst->dataBufHBFX[i] + inst->blockLen10ms,
data/webrtc-audio-processing-0.3/webrtc/modules/audio_processing/ns/nsx_core.c:2045:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(inst->dataBufHBFX[i] + inst->anaLen - inst->blockLen10ms,
data/webrtc-audio-processing-0.3/webrtc/modules/audio_processing/ns/nsx_core_mips.c:345:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(inst->analysisBuffer, inst->analysisBuffer + inst->blockLen10ms,
data/webrtc-audio-processing-0.3/webrtc/modules/audio_processing/ns/nsx_core_mips.c:347:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(inst->analysisBuffer + inst->anaLen - inst->blockLen10ms, new_speech,
data/webrtc-audio-processing-0.3/webrtc/modules/audio_processing/ns/nsx_core_mips.c:748:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(inst->synthesisBuffer, inst->synthesisBuffer + inst->blockLen10ms,
data/webrtc-audio-processing-0.3/webrtc/modules/audio_processing/transient/click_annotate.cc:57:23: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
int chunk_size_ms = atoi(argv[3]);
data/webrtc-audio-processing-0.3/webrtc/modules/audio_processing/transient/click_annotate.cc:63:24: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
int sample_rate_hz = atoi(argv[4]);
data/webrtc-audio-processing-0.3/webrtc/modules/audio_processing/transient/transient_suppressor.cc:221:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&data[i * data_length_],
data/webrtc-audio-processing-0.3/webrtc/modules/audio_processing/transient/transient_suppressor.cc:346:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&in_buffer_[buffer_delay_ + i * analysis_length_],
data/webrtc-audio-processing-0.3/webrtc/modules/audio_processing/transient/wpd_node.cc:67:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(data_.get(), new_data, length * sizeof(data_[0]));
data/webrtc-audio-processing-0.3/webrtc/modules/audio_processing/vad/pole_zero_filter.cc:42:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(numerator_coefficients_, numerator_coefficients,
data/webrtc-audio-processing-0.3/webrtc/modules/audio_processing/vad/pole_zero_filter.cc:44:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(denominator_coefficients_, denominator_coefficients,
data/webrtc-audio-processing-0.3/webrtc/modules/audio_processing/vad/pole_zero_filter.cc:92:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(past_input_, &in[num_input_samples - order_numerator_],
data/webrtc-audio-processing-0.3/webrtc/modules/audio_processing/vad/pole_zero_filter.cc:94:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(past_output_, &output[num_input_samples - order_denominator_],
data/webrtc-audio-processing-0.3/webrtc/modules/audio_processing/vad/standalone_vad.cc:55:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&buffer_[index_], data, sizeof(int16_t) * length);
data/webrtc-audio-processing-0.3/webrtc/modules/audio_processing/vad/vad_audio_proc.cc:73:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(audio_buffer_, &audio_buffer_[kNumSamplesToProcess],
data/webrtc-audio-processing-0.3/webrtc/modules/interface/module_common_types.h:324:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(fragmentationOffset, src.fragmentationOffset,
data/webrtc-audio-processing-0.3/webrtc/modules/interface/module_common_types.h:328:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(fragmentationLength, src.fragmentationLength,
data/webrtc-audio-processing-0.3/webrtc/modules/interface/module_common_types.h:332:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(fragmentationTimeDiff, src.fragmentationTimeDiff,
data/webrtc-audio-processing-0.3/webrtc/modules/interface/module_common_types.h:336:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(fragmentationPlType, src.fragmentationPlType,
data/webrtc-audio-processing-0.3/webrtc/modules/interface/module_common_types.h:354:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(fragmentationOffset, oldOffsets,
data/webrtc-audio-processing-0.3/webrtc/modules/interface/module_common_types.h:364:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(fragmentationLength, oldLengths,
data/webrtc-audio-processing-0.3/webrtc/modules/interface/module_common_types.h:374:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(fragmentationTimeDiff, oldTimeDiffs,
data/webrtc-audio-processing-0.3/webrtc/modules/interface/module_common_types.h:384:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(fragmentationPlType, oldTimePlTypes,
data/webrtc-audio-processing-0.3/webrtc/modules/interface/module_common_types.h:597:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(data_, data, sizeof(int16_t) * length);
data/webrtc-audio-processing-0.3/webrtc/modules/interface/module_common_types.h:621:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(data_, src.data_, sizeof(int16_t) * length);
data/webrtc-audio-processing-0.3/webrtc/modules/interface/module_common_types.h:701:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(data_, rhs.data_,
data/webrtc-audio-processing-0.3/webrtc/system_wrappers/include/trace.h:64:28: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static int32_t TraceFile(char file_name[1024]);
data/webrtc-audio-processing-0.3/webrtc/system_wrappers/source/aligned_malloc.cc:82:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(header_pointer, &memory_start, sizeof(uintptr_t));
data/webrtc-audio-processing-0.3/webrtc/system_wrappers/source/file_impl.cc:91:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(file_name_utf8, file_name_utf8_, length);
data/webrtc-audio-processing-0.3/webrtc/system_wrappers/source/file_impl.cc:115:3: [2] (buffer) wchar_t:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
wchar_t wide_file_name[kMaxFileNameSize];
data/webrtc-audio-processing-0.3/webrtc/system_wrappers/source/file_impl.cc:118:3: [2] (buffer) MultiByteToWideChar:
Requires maximum length in CHARACTERS, not bytes (CWE-120).
MultiByteToWideChar(CP_UTF8,
data/webrtc-audio-processing-0.3/webrtc/system_wrappers/source/file_impl.cc:140:16: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
tmp_id = fopen(file_name_utf8, "rt");
data/webrtc-audio-processing-0.3/webrtc/system_wrappers/source/file_impl.cc:142:16: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
tmp_id = fopen(file_name_utf8, "wt");
data/webrtc-audio-processing-0.3/webrtc/system_wrappers/source/file_impl.cc:146:16: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
tmp_id = fopen(file_name_utf8, "rb");
data/webrtc-audio-processing-0.3/webrtc/system_wrappers/source/file_impl.cc:148:16: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
tmp_id = fopen(file_name_utf8, "wb");
data/webrtc-audio-processing-0.3/webrtc/system_wrappers/source/file_impl.cc:155:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(file_name_utf8_, file_name_utf8, length + 1);
data/webrtc-audio-processing-0.3/webrtc/system_wrappers/source/file_impl.h:64:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char file_name_utf8_[kMaxFileNameSize];
data/webrtc-audio-processing-0.3/webrtc/system_wrappers/source/trace_impl.cc:81:10: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
return sprintf(trace_message, "%10u; ", thread_id);
data/webrtc-audio-processing-0.3/webrtc/system_wrappers/source/trace_impl.cc:93:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(sz_message, "STATEINFO ; ");
data/webrtc-audio-processing-0.3/webrtc/system_wrappers/source/trace_impl.cc:96:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(sz_message, "WARNING ; ");
data/webrtc-audio-processing-0.3/webrtc/system_wrappers/source/trace_impl.cc:99:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(sz_message, "ERROR ; ");
data/webrtc-audio-processing-0.3/webrtc/system_wrappers/source/trace_impl.cc:102:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(sz_message, "CRITICAL ; ");
data/webrtc-audio-processing-0.3/webrtc/system_wrappers/source/trace_impl.cc:105:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(sz_message, "DEBUGINFO ; ");
data/webrtc-audio-processing-0.3/webrtc/system_wrappers/source/trace_impl.cc:108:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(sz_message, "MODULECALL; ");
data/webrtc-audio-processing-0.3/webrtc/system_wrappers/source/trace_impl.cc:111:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(sz_message, "MEMORY ; ");
data/webrtc-audio-processing-0.3/webrtc/system_wrappers/source/trace_impl.cc:114:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(sz_message, "TIMER ; ");
data/webrtc-audio-processing-0.3/webrtc/system_wrappers/source/trace_impl.cc:117:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(sz_message, "STREAM ; ");
data/webrtc-audio-processing-0.3/webrtc/system_wrappers/source/trace_impl.cc:120:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(sz_message, "APICALL ; ");
data/webrtc-audio-processing-0.3/webrtc/system_wrappers/source/trace_impl.cc:123:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(sz_message, "DEBUG ; ");
data/webrtc-audio-processing-0.3/webrtc/system_wrappers/source/trace_impl.cc:153:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(trace_message, " VOICE:%5ld %5ld;", id_engine,
data/webrtc-audio-processing-0.3/webrtc/system_wrappers/source/trace_impl.cc:157:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(trace_message, " VIDEO:%5ld %5ld;", id_engine,
data/webrtc-audio-processing-0.3/webrtc/system_wrappers/source/trace_impl.cc:161:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(trace_message, " UTILITY:%5ld %5ld;", id_engine,
data/webrtc-audio-processing-0.3/webrtc/system_wrappers/source/trace_impl.cc:165:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(trace_message, " RTP/RTCP:%5ld %5ld;", id_engine,
data/webrtc-audio-processing-0.3/webrtc/system_wrappers/source/trace_impl.cc:169:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(trace_message, " TRANSPORT:%5ld %5ld;", id_engine,
data/webrtc-audio-processing-0.3/webrtc/system_wrappers/source/trace_impl.cc:173:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(trace_message, "AUDIO CODING:%5ld %5ld;", id_engine,
data/webrtc-audio-processing-0.3/webrtc/system_wrappers/source/trace_impl.cc:177:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(trace_message, " SRTP:%5ld %5ld;", id_engine,
data/webrtc-audio-processing-0.3/webrtc/system_wrappers/source/trace_impl.cc:181:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(trace_message, " AUDIO MIX/S:%5ld %5ld;", id_engine,
data/webrtc-audio-processing-0.3/webrtc/system_wrappers/source/trace_impl.cc:185:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(trace_message, " AUDIO MIX/C:%5ld %5ld;", id_engine,
data/webrtc-audio-processing-0.3/webrtc/system_wrappers/source/trace_impl.cc:189:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(trace_message, "VIDEO CODING:%5ld %5ld;", id_engine,
data/webrtc-audio-processing-0.3/webrtc/system_wrappers/source/trace_impl.cc:194:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(trace_message, " VIDEO MIX:%5ld %5ld;", id_engine,
data/webrtc-audio-processing-0.3/webrtc/system_wrappers/source/trace_impl.cc:198:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(trace_message, " FILE:%5ld %5ld;", id_engine,
data/webrtc-audio-processing-0.3/webrtc/system_wrappers/source/trace_impl.cc:202:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(trace_message, " AUDIO PROC:%5ld %5ld;", id_engine,
data/webrtc-audio-processing-0.3/webrtc/system_wrappers/source/trace_impl.cc:206:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(trace_message, "AUDIO DEVICE:%5ld %5ld;", id_engine,
data/webrtc-audio-processing-0.3/webrtc/system_wrappers/source/trace_impl.cc:210:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(trace_message, "VIDEO RENDER:%5ld %5ld;", id_engine,
data/webrtc-audio-processing-0.3/webrtc/system_wrappers/source/trace_impl.cc:214:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(trace_message, "VIDEO CAPTUR:%5ld %5ld;", id_engine,
data/webrtc-audio-processing-0.3/webrtc/system_wrappers/source/trace_impl.cc:218:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(trace_message, " BWE RBE:%5ld %5ld;", id_engine,
data/webrtc-audio-processing-0.3/webrtc/system_wrappers/source/trace_impl.cc:230:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(trace_message, " VOICE:%11ld;", idl);
data/webrtc-audio-processing-0.3/webrtc/system_wrappers/source/trace_impl.cc:233:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(trace_message, " VIDEO:%11ld;", idl);
data/webrtc-audio-processing-0.3/webrtc/system_wrappers/source/trace_impl.cc:236:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(trace_message, " UTILITY:%11ld;", idl);
data/webrtc-audio-processing-0.3/webrtc/system_wrappers/source/trace_impl.cc:239:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(trace_message, " RTP/RTCP:%11ld;", idl);
data/webrtc-audio-processing-0.3/webrtc/system_wrappers/source/trace_impl.cc:242:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(trace_message, " TRANSPORT:%11ld;", idl);
data/webrtc-audio-processing-0.3/webrtc/system_wrappers/source/trace_impl.cc:245:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(trace_message, "AUDIO CODING:%11ld;", idl);
data/webrtc-audio-processing-0.3/webrtc/system_wrappers/source/trace_impl.cc:248:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(trace_message, " SRTP:%11ld;", idl);
data/webrtc-audio-processing-0.3/webrtc/system_wrappers/source/trace_impl.cc:251:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(trace_message, " AUDIO MIX/S:%11ld;", idl);
data/webrtc-audio-processing-0.3/webrtc/system_wrappers/source/trace_impl.cc:254:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(trace_message, " AUDIO MIX/C:%11ld;", idl);
data/webrtc-audio-processing-0.3/webrtc/system_wrappers/source/trace_impl.cc:257:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(trace_message, "VIDEO CODING:%11ld;", idl);
data/webrtc-audio-processing-0.3/webrtc/system_wrappers/source/trace_impl.cc:260:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(trace_message, " VIDEO MIX:%11ld;", idl);
data/webrtc-audio-processing-0.3/webrtc/system_wrappers/source/trace_impl.cc:263:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(trace_message, " FILE:%11ld;", idl);
data/webrtc-audio-processing-0.3/webrtc/system_wrappers/source/trace_impl.cc:266:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(trace_message, " AUDIO PROC:%11ld;", idl);
data/webrtc-audio-processing-0.3/webrtc/system_wrappers/source/trace_impl.cc:269:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(trace_message, "AUDIO DEVICE:%11ld;", idl);
data/webrtc-audio-processing-0.3/webrtc/system_wrappers/source/trace_impl.cc:272:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(trace_message, "VIDEO RENDER:%11ld;", idl);
data/webrtc-audio-processing-0.3/webrtc/system_wrappers/source/trace_impl.cc:275:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(trace_message, "VIDEO CAPTUR:%11ld;", idl);
data/webrtc-audio-processing-0.3/webrtc/system_wrappers/source/trace_impl.cc:278:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(trace_message, " BWE RBE:%11ld;", idl);
data/webrtc-audio-processing-0.3/webrtc/system_wrappers/source/trace_impl.cc:296:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char file_name_with_counter_utf8[FileWrapper::kMaxFileNameSize];
data/webrtc-audio-processing-0.3/webrtc/system_wrappers/source/trace_impl.cc:315:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char file_name_utf8[FileWrapper::kMaxFileNameSize]) {
data/webrtc-audio-processing-0.3/webrtc/system_wrappers/source/trace_impl.cc:328:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char msg[WEBRTC_TRACE_MAX_MESSAGE_SIZE],
data/webrtc-audio-processing-0.3/webrtc/system_wrappers/source/trace_impl.cc:358:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char trace_message[WEBRTC_TRACE_MAX_MESSAGE_SIZE],
data/webrtc-audio-processing-0.3/webrtc/system_wrappers/source/trace_impl.cc:379:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char old_file_name[FileWrapper::kMaxFileNameSize];
data/webrtc-audio-processing-0.3/webrtc/system_wrappers/source/trace_impl.cc:380:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char new_file_name[FileWrapper::kMaxFileNameSize];
data/webrtc-audio-processing-0.3/webrtc/system_wrappers/source/trace_impl.cc:396:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char message[WEBRTC_TRACE_MAX_MESSAGE_SIZE + 1];
data/webrtc-audio-processing-0.3/webrtc/system_wrappers/source/trace_impl.cc:406:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char trace_message[WEBRTC_TRACE_MAX_MESSAGE_SIZE];
data/webrtc-audio-processing-0.3/webrtc/system_wrappers/source/trace_impl.cc:407:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(trace_message, msg, length);
data/webrtc-audio-processing-0.3/webrtc/system_wrappers/source/trace_impl.cc:417:31: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char msg[WEBRTC_TRACE_MAX_MESSAGE_SIZE]) {
data/webrtc-audio-processing-0.3/webrtc/system_wrappers/source/trace_impl.cc:421:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char trace_message[WEBRTC_TRACE_MAX_MESSAGE_SIZE];
data/webrtc-audio-processing-0.3/webrtc/system_wrappers/source/trace_impl.cc:464:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char file_name_utf8[FileWrapper::kMaxFileNameSize],
data/webrtc-audio-processing-0.3/webrtc/system_wrappers/source/trace_impl.cc:465:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char file_name_with_counter_utf8[FileWrapper::kMaxFileNameSize],
data/webrtc-audio-processing-0.3/webrtc/system_wrappers/source/trace_impl.cc:492:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(file_name_with_counter_utf8, file_name_utf8, length_to_);
data/webrtc-audio-processing-0.3/webrtc/system_wrappers/source/trace_impl.cc:500:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char file_name_utf8[FileWrapper::kMaxFileNameSize],
data/webrtc-audio-processing-0.3/webrtc/system_wrappers/source/trace_impl.cc:501:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char file_name_with_counter_utf8[FileWrapper::kMaxFileNameSize],
data/webrtc-audio-processing-0.3/webrtc/system_wrappers/source/trace_impl.cc:519:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(file_name_with_counter_utf8, file_name_utf8,
data/webrtc-audio-processing-0.3/webrtc/system_wrappers/source/trace_impl.cc:538:26: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
int32_t Trace::TraceFile(char file_name[FileWrapper::kMaxFileNameSize]) {
data/webrtc-audio-processing-0.3/webrtc/system_wrappers/source/trace_impl.cc:585:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char temp_buff[WEBRTC_TRACE_MAX_MESSAGE_SIZE];
data/webrtc-audio-processing-0.3/webrtc/system_wrappers/source/trace_impl.h:43:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
int32_t TraceFileImpl(char file_name[FileWrapper::kMaxFileNameSize]);
data/webrtc-audio-processing-0.3/webrtc/system_wrappers/source/trace_impl.h:75:28: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char msg[WEBRTC_TRACE_MAX_MESSAGE_SIZE],
data/webrtc-audio-processing-0.3/webrtc/system_wrappers/source/trace_impl.h:79:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char trace_message[WEBRTC_TRACE_MAX_MESSAGE_SIZE],
data/webrtc-audio-processing-0.3/webrtc/system_wrappers/source/trace_impl.h:84:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char file_name_utf8[FileWrapper::kMaxFileNameSize],
data/webrtc-audio-processing-0.3/webrtc/system_wrappers/source/trace_impl.h:85:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char file_name_with_counter_utf8[FileWrapper::kMaxFileNameSize],
data/webrtc-audio-processing-0.3/webrtc/system_wrappers/source/trace_impl.h:89:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char file_name_utf8[FileWrapper::kMaxFileNameSize],
data/webrtc-audio-processing-0.3/webrtc/system_wrappers/source/trace_impl.h:90:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char file_name_with_counter_utf8[FileWrapper::kMaxFileNameSize],
data/webrtc-audio-processing-0.3/webrtc/system_wrappers/source/trace_posix.cc:67:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(trace_message, "(%2u:%2u:%2u:%3u |%5lu) ", system_time->tm_hour,
data/webrtc-audio-processing-0.3/webrtc/system_wrappers/source/trace_posix.cc:77:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[26]; // man ctime says buffer should have room for >=26 bytes.
data/webrtc-audio-processing-0.3/webrtc/system_wrappers/source/trace_win.cc:48:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(trace_message, "(%2u:%2u:%2u:%3u |%5u) ", system_time.wHour,
data/webrtc-audio-processing-0.3/webrtc/system_wrappers/source/trace_win.cc:65:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(trace_message, "(%2u:%2u:%2u:%3u |%5u) ", system_time.wHour,
data/webrtc-audio-processing-0.3/webrtc/system_wrappers/source/trace_win.cc:79:3: [2] (buffer) TCHAR:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
TCHAR sz_date_str[20];
data/webrtc-audio-processing-0.3/webrtc/system_wrappers/source/trace_win.cc:80:3: [2] (buffer) TCHAR:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
TCHAR sz_time_str[20];
data/webrtc-audio-processing-0.3/webrtc/system_wrappers/source/trace_win.cc:90:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(trace_message, "Local Date: %ls Local Time: %ls", sz_date_str,
data/webrtc-audio-processing-0.3/webrtc/base/platform_thread.cc:61:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
RTC_DCHECK(strlen(name) < 64);
data/webrtc-audio-processing-0.3/webrtc/base/stringutils.cc:105:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
return strncmp(s1, s2, strlen(s2)) == 0;
data/webrtc-audio-processing-0.3/webrtc/base/stringutils.cc:109:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t s1_length = strlen(s1);
data/webrtc-audio-processing-0.3/webrtc/base/stringutils.cc:110:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t s2_length = strlen(s2);
data/webrtc-audio-processing-0.3/webrtc/base/stringutils.h:75:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
inline size_t strlen(const wchar_t* s) {
data/webrtc-audio-processing-0.3/webrtc/base/stringutils.h:76:10: [1] (buffer) wcslen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
return wcslen(s);
data/webrtc-audio-processing-0.3/webrtc/common_audio/audio_ring_buffer.cc:45:18: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
RTC_CHECK_EQ(read, frames);
data/webrtc-audio-processing-0.3/webrtc/common_audio/wav_file.cc:74:16: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
RTC_CHECK_LE(read, num_samples_remaining_);
data/webrtc-audio-processing-0.3/webrtc/common_audio/wav_file.cc:75:57: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
num_samples_remaining_ -= rtc::checked_cast<uint32_t>(read);
data/webrtc-audio-processing-0.3/webrtc/common_audio/wav_file.cc:82:10: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
return read;
data/webrtc-audio-processing-0.3/webrtc/common_audio/wav_file.cc:96:10: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
return read;
data/webrtc-audio-processing-0.3/webrtc/system_wrappers/source/file_impl.cc:77:18: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
ReadLockScoped read(*rw_lock_);
data/webrtc-audio-processing-0.3/webrtc/system_wrappers/source/file_impl.cc:78:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t length = strlen(file_name_utf8_);
data/webrtc-audio-processing-0.3/webrtc/system_wrappers/source/file_impl.cc:97:18: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
ReadLockScoped read(*rw_lock_);
data/webrtc-audio-processing-0.3/webrtc/system_wrappers/source/file_impl.cc:106:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t length = strlen(file_name_utf8);
data/webrtc-audio-processing-0.3/webrtc/system_wrappers/source/trace_impl.cc:467:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int32_t length = (int32_t)strlen(file_name_utf8);
data/webrtc-audio-processing-0.3/webrtc/system_wrappers/source/trace_impl.cc:503:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int32_t length = (int32_t)strlen(file_name_utf8);
data/webrtc-audio-processing-0.3/webrtc/system_wrappers/source/trace_posix.cc:79:38: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int32_t len = static_cast<int32_t>(strlen(trace_message));
data/webrtc-audio-processing-0.3/webrtc/system_wrappers/source/trace_win.cc:94:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
return static_cast<int32_t>(strlen(trace_message) + 1);
ANALYSIS SUMMARY:
Hits = 313
Lines analyzed = 76839 in approximately 1.98 seconds (38870 lines/second)
Physical Source Lines of Code (SLOC) = 49713
Hits@level = [0] 42 [1] 19 [2] 279 [3] 6 [4] 9 [5] 0
Hits@level+ = [0+] 355 [1+] 313 [2+] 294 [3+] 15 [4+] 9 [5+] 0
Hits/KSLOC@level+ = [0+] 7.14099 [1+] 6.29614 [2+] 5.91395 [3+] 0.301732 [4+] 0.181039 [5+] 0
Dot directories skipped = 1 (--followdotdir overrides)
Minimum risk level = 1
Not every hit is necessarily a security vulnerability.
There may be other security vulnerabilities; review your code!
See 'Secure Programming HOWTO'
(https://dwheeler.com/secure-programs) for more information.