Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler. Number of rules (primarily dangerous function names) in C/C++ ruleset: 223 Examining data/codec2-0.9.2/misc/16_8_short.c Examining data/codec2-0.9.2/misc/de.c Examining data/codec2-0.9.2/misc/dvdongle2.c Examining data/codec2-0.9.2/misc/extract.c Examining data/codec2-0.9.2/misc/ge_train.c Examining data/codec2-0.9.2/misc/generate_wideband_map.c Examining data/codec2-0.9.2/misc/genlsp.c Examining data/codec2-0.9.2/misc/mksine.c Examining data/codec2-0.9.2/misc/pre.c Examining data/codec2-0.9.2/misc/raw2h.c Examining data/codec2-0.9.2/misc/sd.c Examining data/codec2-0.9.2/misc/sd.h Examining data/codec2-0.9.2/misc/speexnoisesup.c Examining data/codec2-0.9.2/misc/t16_8.c Examining data/codec2-0.9.2/misc/t16_8_short.c Examining data/codec2-0.9.2/misc/t48_8.c Examining data/codec2-0.9.2/misc/tc2wideband.c Examining data/codec2-0.9.2/misc/tcodec2.c Examining data/codec2-0.9.2/misc/tdct2.c Examining data/codec2-0.9.2/misc/tdec.c Examining data/codec2-0.9.2/misc/tinterp.c Examining data/codec2-0.9.2/misc/tlininterp.c Examining data/codec2-0.9.2/misc/tnlp.c Examining data/codec2-0.9.2/misc/tprede.c Examining data/codec2-0.9.2/misc/tquant.c Examining data/codec2-0.9.2/misc/tsrc.c Examining data/codec2-0.9.2/misc/vq_train_jvm.c Examining data/codec2-0.9.2/misc/vqtrain.c Examining data/codec2-0.9.2/src/H2064_516_sparse.h Examining data/codec2-0.9.2/src/H2064_516_sparse_test.h Examining data/codec2-0.9.2/src/HRA_112_112.c Examining data/codec2-0.9.2/src/HRA_112_112.h Examining data/codec2-0.9.2/src/HRA_112_112_test.h Examining data/codec2-0.9.2/src/HRAb_396_504.c Examining data/codec2-0.9.2/src/HRAb_396_504.h Examining data/codec2-0.9.2/src/_kiss_fft_guts.h Examining data/codec2-0.9.2/src/ampexp.h Examining data/codec2-0.9.2/src/bpf.h Examining data/codec2-0.9.2/src/bpfb.h Examining data/codec2-0.9.2/src/c2dec.c Examining data/codec2-0.9.2/src/c2demo.c Examining data/codec2-0.9.2/src/c2enc.c Examining data/codec2-0.9.2/src/c2file.h Examining data/codec2-0.9.2/src/c2sim.c Examining data/codec2-0.9.2/src/c2wideband.h Examining data/codec2-0.9.2/src/c2wideband_map.h Examining data/codec2-0.9.2/src/codebook.c Examining data/codec2-0.9.2/src/codebookd.c Examining data/codec2-0.9.2/src/codebookdt.c Examining data/codec2-0.9.2/src/codebookge.c Examining data/codec2-0.9.2/src/codebookjvm.c Examining data/codec2-0.9.2/src/codebooknewamp1.c Examining data/codec2-0.9.2/src/codebooknewamp1_energy.c Examining data/codec2-0.9.2/src/codebookres.c Examining data/codec2-0.9.2/src/codebookvq.c Examining data/codec2-0.9.2/src/codec2.c Examining data/codec2-0.9.2/src/codec2.h Examining data/codec2-0.9.2/src/codec2_cohpsk.h Examining data/codec2-0.9.2/src/codec2_fdmdv.h Examining data/codec2-0.9.2/src/codec2_fft.c Examining data/codec2-0.9.2/src/codec2_fft.h Examining data/codec2-0.9.2/src/codec2_fifo.c Examining data/codec2-0.9.2/src/codec2_fifo.h Examining data/codec2-0.9.2/src/codec2_fm.h Examining data/codec2-0.9.2/src/codec2_internal.h Examining data/codec2-0.9.2/src/codec2_ofdm.h Examining data/codec2-0.9.2/src/cohpsk.c Examining data/codec2-0.9.2/src/cohpsk_ch.c Examining data/codec2-0.9.2/src/cohpsk_defs.h Examining data/codec2-0.9.2/src/cohpsk_demod.c Examining data/codec2-0.9.2/src/cohpsk_get_test_bits.c Examining data/codec2-0.9.2/src/cohpsk_internal.h Examining data/codec2-0.9.2/src/cohpsk_mod.c Examining data/codec2-0.9.2/src/cohpsk_put_test_bits.c Examining data/codec2-0.9.2/src/comp.h Examining data/codec2-0.9.2/src/comp_prim.h Examining data/codec2-0.9.2/src/dct2.h Examining data/codec2-0.9.2/src/debug_alloc.h Examining data/codec2-0.9.2/src/defines.h Examining data/codec2-0.9.2/src/drs232.c Examining data/codec2-0.9.2/src/drs232_ldpc.c Examining data/codec2-0.9.2/src/dump.c Examining data/codec2-0.9.2/src/dump.h Examining data/codec2-0.9.2/src/fdmdv.c Examining data/codec2-0.9.2/src/fdmdv_channel.c Examining data/codec2-0.9.2/src/fdmdv_demod.c Examining data/codec2-0.9.2/src/fdmdv_get_test_bits.c Examining data/codec2-0.9.2/src/fdmdv_internal.h Examining data/codec2-0.9.2/src/fdmdv_mod.c Examining data/codec2-0.9.2/src/fdmdv_put_test_bits.c Examining data/codec2-0.9.2/src/filter.c Examining data/codec2-0.9.2/src/filter.h Examining data/codec2-0.9.2/src/filter_coef.h Examining data/codec2-0.9.2/src/fm.c Examining data/codec2-0.9.2/src/fm_demod.c Examining data/codec2-0.9.2/src/fm_fir_coeff.h Examining data/codec2-0.9.2/src/fmfsk.c Examining data/codec2-0.9.2/src/fmfsk.h Examining data/codec2-0.9.2/src/fmfsk_demod.c Examining data/codec2-0.9.2/src/fmfsk_mod.c Examining data/codec2-0.9.2/src/freedv_api.c Examining data/codec2-0.9.2/src/freedv_api.h Examining data/codec2-0.9.2/src/freedv_api_internal.h Examining data/codec2-0.9.2/src/freedv_data_channel.c Examining data/codec2-0.9.2/src/freedv_data_channel.h Examining data/codec2-0.9.2/src/freedv_rx.c Examining data/codec2-0.9.2/src/freedv_tx.c Examining data/codec2-0.9.2/src/freedv_vhf_framing.c Examining data/codec2-0.9.2/src/freedv_vhf_framing.h Examining data/codec2-0.9.2/src/fsk.c Examining data/codec2-0.9.2/src/fsk_demod.c Examining data/codec2-0.9.2/src/fsk_get_test_bits.c Examining data/codec2-0.9.2/src/fsk_mod.c Examining data/codec2-0.9.2/src/fsk_mod_ext_vco.c Examining data/codec2-0.9.2/src/fsk_put_test_bits.c Examining data/codec2-0.9.2/src/generate_codebook.c Examining data/codec2-0.9.2/src/golay23.c Examining data/codec2-0.9.2/src/golay23.h Examining data/codec2-0.9.2/src/golaydectable.h Examining data/codec2-0.9.2/src/golayenctable.h Examining data/codec2-0.9.2/src/gp_interleaver.c Examining data/codec2-0.9.2/src/gp_interleaver.h Examining data/codec2-0.9.2/src/hanning.h Examining data/codec2-0.9.2/src/horus_api.c Examining data/codec2-0.9.2/src/horus_api.h Examining data/codec2-0.9.2/src/horus_demod.c Examining data/codec2-0.9.2/src/horus_l2.c Examining data/codec2-0.9.2/src/horus_l2.h Examining data/codec2-0.9.2/src/ht_coeff.h Examining data/codec2-0.9.2/src/insert_errors.c Examining data/codec2-0.9.2/src/interldpc.c Examining data/codec2-0.9.2/src/interldpc.h Examining data/codec2-0.9.2/src/interp.c Examining data/codec2-0.9.2/src/interp.h Examining data/codec2-0.9.2/src/kiss_fft.c Examining data/codec2-0.9.2/src/kiss_fft.h Examining data/codec2-0.9.2/src/kiss_fftr.c Examining data/codec2-0.9.2/src/kiss_fftr.h Examining data/codec2-0.9.2/src/ldpc_dec.c Examining data/codec2-0.9.2/src/ldpc_dec_test.c Examining data/codec2-0.9.2/src/ldpc_enc.c Examining data/codec2-0.9.2/src/ldpc_enc_test.c Examining data/codec2-0.9.2/src/ldpc_noise.c Examining data/codec2-0.9.2/src/linreg.c Examining data/codec2-0.9.2/src/linreg.h Examining data/codec2-0.9.2/src/lpc.c Examining data/codec2-0.9.2/src/lpc.h Examining data/codec2-0.9.2/src/lsp.c Examining data/codec2-0.9.2/src/lsp.h Examining data/codec2-0.9.2/src/machdep.h Examining data/codec2-0.9.2/src/mbest.c Examining data/codec2-0.9.2/src/mbest.h Examining data/codec2-0.9.2/src/modem_probe.c Examining data/codec2-0.9.2/src/modem_probe.h Examining data/codec2-0.9.2/src/modem_stats.c Examining data/codec2-0.9.2/src/modem_stats.h Examining data/codec2-0.9.2/src/mpdecode_core.c Examining data/codec2-0.9.2/src/mpdecode_core.h Examining data/codec2-0.9.2/src/mpdecode_core_test.c Examining data/codec2-0.9.2/src/mpdecode_core_test.h Examining data/codec2-0.9.2/src/newamp1.c Examining data/codec2-0.9.2/src/newamp1.h Examining data/codec2-0.9.2/src/newamp2.c Examining data/codec2-0.9.2/src/newamp2.h Examining data/codec2-0.9.2/src/nlp.c Examining data/codec2-0.9.2/src/nlp.h Examining data/codec2-0.9.2/src/noise_samples.h Examining data/codec2-0.9.2/src/octave.c Examining data/codec2-0.9.2/src/octave.h Examining data/codec2-0.9.2/src/ofdm.c Examining data/codec2-0.9.2/src/ofdm_demod.c Examining data/codec2-0.9.2/src/ofdm_gen_test_bits.c Examining data/codec2-0.9.2/src/ofdm_get_test_bits.c Examining data/codec2-0.9.2/src/ofdm_internal.h Examining data/codec2-0.9.2/src/ofdm_mod.c Examining data/codec2-0.9.2/src/ofdm_put_test_bits.c Examining data/codec2-0.9.2/src/optparse.h Examining data/codec2-0.9.2/src/os.h Examining data/codec2-0.9.2/src/pack.c Examining data/codec2-0.9.2/src/phase.c Examining data/codec2-0.9.2/src/phase.h Examining data/codec2-0.9.2/src/phaseexp.h Examining data/codec2-0.9.2/src/phi0.c Examining data/codec2-0.9.2/src/phi0.h Examining data/codec2-0.9.2/src/pilot_coeff.h Examining data/codec2-0.9.2/src/pilots_coh.h Examining data/codec2-0.9.2/src/postfilter.c Examining data/codec2-0.9.2/src/postfilter.h Examining data/codec2-0.9.2/src/quantise.c Examining data/codec2-0.9.2/src/quantise.h Examining data/codec2-0.9.2/src/resample.c Examining data/codec2-0.9.2/src/rn.h Examining data/codec2-0.9.2/src/rn_coh.h Examining data/codec2-0.9.2/src/rxdec_coeff.h Examining data/codec2-0.9.2/src/sine.c Examining data/codec2-0.9.2/src/sine.h Examining data/codec2-0.9.2/src/ssbfilt_coeff.h Examining data/codec2-0.9.2/src/tdma.c Examining data/codec2-0.9.2/src/tdma.h Examining data/codec2-0.9.2/src/test_bits.h Examining data/codec2-0.9.2/src/test_bits_coh.h Examining data/codec2-0.9.2/src/test_bits_ofdm.h Examining data/codec2-0.9.2/src/varicode.c Examining data/codec2-0.9.2/src/varicode.h Examining data/codec2-0.9.2/src/varicode_table.h Examining data/codec2-0.9.2/src/vhf_deframe_c2.c Examining data/codec2-0.9.2/src/vhf_frame_c2.c Examining data/codec2-0.9.2/src/wval.h Examining data/codec2-0.9.2/src/fsk.h Examining data/codec2-0.9.2/stm32/inc/debugblinky.h Examining data/codec2-0.9.2/stm32/inc/gdb_stdio.h Examining data/codec2-0.9.2/stm32/inc/iir_duc.h Examining data/codec2-0.9.2/stm32/inc/iir_tuner.h Examining data/codec2-0.9.2/stm32/inc/memtools.h Examining data/codec2-0.9.2/stm32/inc/menu.h Examining data/codec2-0.9.2/stm32/inc/morse.h Examining data/codec2-0.9.2/stm32/inc/new_i2c.h Examining data/codec2-0.9.2/stm32/inc/sfx.h Examining data/codec2-0.9.2/stm32/inc/si53xx.h Examining data/codec2-0.9.2/stm32/inc/sine.h Examining data/codec2-0.9.2/stm32/inc/sm1000_leds_switches.h Examining data/codec2-0.9.2/stm32/inc/sounds.h Examining data/codec2-0.9.2/stm32/inc/stm32f4_adc.h Examining data/codec2-0.9.2/stm32/inc/stm32f4_adc_tuner.h Examining data/codec2-0.9.2/stm32/inc/stm32f4_dac.h Examining data/codec2-0.9.2/stm32/inc/stm32f4_dacduc.h Examining data/codec2-0.9.2/stm32/inc/stm32f4_usart.h Examining data/codec2-0.9.2/stm32/inc/stm32f4_usb_vcp.h Examining data/codec2-0.9.2/stm32/inc/stm32f4_vrom.h Examining data/codec2-0.9.2/stm32/inc/stm32f4xx_conf.h Examining data/codec2-0.9.2/stm32/inc/tm_stm32f4_gpio.h Examining data/codec2-0.9.2/stm32/inc/tm_stm32f4_mco_output.h Examining data/codec2-0.9.2/stm32/inc/tone.h Examining data/codec2-0.9.2/stm32/inc/tot.h Examining data/codec2-0.9.2/stm32/src/adc_rec.c Examining data/codec2-0.9.2/stm32/src/adc_rec_usb.c Examining data/codec2-0.9.2/stm32/src/adc_sd.c Examining data/codec2-0.9.2/stm32/src/adc_sfdr_ut.c Examining data/codec2-0.9.2/stm32/src/adcdac_ut.c Examining data/codec2-0.9.2/stm32/src/codec2_profile.c Examining data/codec2-0.9.2/stm32/src/dac_it.c Examining data/codec2-0.9.2/stm32/src/dac_play.c Examining data/codec2-0.9.2/stm32/src/dac_ut.c Examining data/codec2-0.9.2/stm32/src/dac_ut_fast.c Examining data/codec2-0.9.2/stm32/src/debugblinky.c Examining data/codec2-0.9.2/stm32/src/fast_dac_ut.c Examining data/codec2-0.9.2/stm32/src/fdmdv_dump_rt.c Examining data/codec2-0.9.2/stm32/src/fdmdv_profile.c Examining data/codec2-0.9.2/stm32/src/fft_test.c Examining data/codec2-0.9.2/stm32/src/freedv_rx_profile.c Examining data/codec2-0.9.2/stm32/src/freedv_tx_profile.c Examining data/codec2-0.9.2/stm32/src/gdb_stdio.c Examining data/codec2-0.9.2/stm32/src/iir_duc.c Examining data/codec2-0.9.2/stm32/src/iir_tuner.c Examining data/codec2-0.9.2/stm32/src/init.c Examining data/codec2-0.9.2/stm32/src/mco_ut.c Examining data/codec2-0.9.2/stm32/src/memtools.c Examining data/codec2-0.9.2/stm32/src/menu.c Examining data/codec2-0.9.2/stm32/src/morse.c Examining data/codec2-0.9.2/stm32/src/new_i2c.c Examining data/codec2-0.9.2/stm32/src/power_ut.c Examining data/codec2-0.9.2/stm32/src/sfx.c Examining data/codec2-0.9.2/stm32/src/si5351_ut.c Examining data/codec2-0.9.2/stm32/src/si53xx.c Examining data/codec2-0.9.2/stm32/src/sine.c Examining data/codec2-0.9.2/stm32/src/sm1000_leds_switches.c Examining data/codec2-0.9.2/stm32/src/sm1000_leds_switches_ut.c Examining data/codec2-0.9.2/stm32/src/sm1000_main.c Examining data/codec2-0.9.2/stm32/src/sounds.c Examining data/codec2-0.9.2/stm32/src/stm32f4_adc.c Examining data/codec2-0.9.2/stm32/src/stm32f4_adc_tuner.c Examining data/codec2-0.9.2/stm32/src/stm32f4_dac.c Examining data/codec2-0.9.2/stm32/src/stm32f4_dacduc.c Examining data/codec2-0.9.2/stm32/src/stm32f4_dacloduc.c Examining data/codec2-0.9.2/stm32/src/stm32f4_machdep.c Examining data/codec2-0.9.2/stm32/src/stm32f4_pwm.c Examining data/codec2-0.9.2/stm32/src/stm32f4_usart.c Examining data/codec2-0.9.2/stm32/src/stm32f4_usb_vcp.c Examining data/codec2-0.9.2/stm32/src/stm32f4_vrom.c Examining data/codec2-0.9.2/stm32/src/system_stm32f4xx.c Examining data/codec2-0.9.2/stm32/src/timer_ut.c Examining data/codec2-0.9.2/stm32/src/tm_stm32f4_gpio.c Examining data/codec2-0.9.2/stm32/src/tm_stm32f4_mco_output.c Examining data/codec2-0.9.2/stm32/src/tone.c Examining data/codec2-0.9.2/stm32/src/tot.c Examining data/codec2-0.9.2/stm32/src/tuner_ut.c Examining data/codec2-0.9.2/stm32/src/usart_ut.c Examining data/codec2-0.9.2/stm32/src/usb_vcp_ut.c Examining data/codec2-0.9.2/stm32/src/usb_vsp_ut.c Examining data/codec2-0.9.2/stm32/stlink/elfsym.c Examining data/codec2-0.9.2/stm32/stlink/elfsym.h Examining data/codec2-0.9.2/stm32/unittest/src/init.c Examining data/codec2-0.9.2/stm32/unittest/src/semihosting.c Examining data/codec2-0.9.2/stm32/unittest/src/semihosting.h Examining data/codec2-0.9.2/stm32/unittest/src/tst_api_demod.c Examining data/codec2-0.9.2/stm32/unittest/src/tst_api_demod_700d_profile.c Examining data/codec2-0.9.2/stm32/unittest/src/tst_api_mod.c Examining data/codec2-0.9.2/stm32/unittest/src/tst_api_mod_700d_profile.c Examining data/codec2-0.9.2/stm32/unittest/src/tst_api_tx.c Examining data/codec2-0.9.2/stm32/unittest/src/tst_codec2_dec.c Examining data/codec2-0.9.2/stm32/unittest/src/tst_codec2_enc.c Examining data/codec2-0.9.2/stm32/unittest/src/tst_codec2_fft_init.c Examining data/codec2-0.9.2/stm32/unittest/src/tst_ldpc_dec.c Examining data/codec2-0.9.2/stm32/unittest/src/tst_ldpc_enc.c Examining data/codec2-0.9.2/stm32/unittest/src/tst_ofdm_demod.c Examining data/codec2-0.9.2/stm32/unittest/src/tst_ofdm_mod.c Examining data/codec2-0.9.2/stm32/unittest/src/tst_semihost.c Examining data/codec2-0.9.2/stm32/usb_conf/usb_bsp.c Examining data/codec2-0.9.2/stm32/usb_conf/usb_bsp.h Examining data/codec2-0.9.2/stm32/usb_conf/usb_conf.h Examining data/codec2-0.9.2/stm32/usb_conf/usbd_conf.h Examining data/codec2-0.9.2/stm32/usb_conf/usbd_desc.c Examining data/codec2-0.9.2/stm32/usb_conf/usbd_desc.h Examining data/codec2-0.9.2/stm32/usb_conf/usbd_usr.c Examining data/codec2-0.9.2/stm32/usb_lib/cdc/usbd_cdc_core.c Examining data/codec2-0.9.2/stm32/usb_lib/cdc/usbd_cdc_core.h Examining data/codec2-0.9.2/stm32/usb_lib/cdc/usbd_cdc_vcp.c Examining data/codec2-0.9.2/stm32/usb_lib/cdc/usbd_cdc_vcp.h Examining data/codec2-0.9.2/stm32/usb_lib/core/usbd_core.c Examining data/codec2-0.9.2/stm32/usb_lib/core/usbd_core.h Examining data/codec2-0.9.2/stm32/usb_lib/core/usbd_def.h Examining data/codec2-0.9.2/stm32/usb_lib/core/usbd_ioreq.c Examining data/codec2-0.9.2/stm32/usb_lib/core/usbd_ioreq.h Examining data/codec2-0.9.2/stm32/usb_lib/core/usbd_req.c Examining data/codec2-0.9.2/stm32/usb_lib/core/usbd_req.h Examining data/codec2-0.9.2/stm32/usb_lib/core/usbd_usr.h Examining data/codec2-0.9.2/stm32/usb_lib/otg/usb_core.c Examining data/codec2-0.9.2/stm32/usb_lib/otg/usb_core.h Examining data/codec2-0.9.2/stm32/usb_lib/otg/usb_dcd.c Examining data/codec2-0.9.2/stm32/usb_lib/otg/usb_dcd.h Examining data/codec2-0.9.2/stm32/usb_lib/otg/usb_dcd_int.c Examining data/codec2-0.9.2/stm32/usb_lib/otg/usb_dcd_int.h Examining data/codec2-0.9.2/stm32/usb_lib/otg/usb_defines.h Examining data/codec2-0.9.2/stm32/usb_lib/otg/usb_regs.h Examining data/codec2-0.9.2/unittest/compare_floats.c Examining data/codec2-0.9.2/unittest/compare_ints.c Examining data/codec2-0.9.2/unittest/fdmdv_mem.c Examining data/codec2-0.9.2/unittest/function_trace.c Examining data/codec2-0.9.2/unittest/hts1a.h Examining data/codec2-0.9.2/unittest/hts1a_1300.h Examining data/codec2-0.9.2/unittest/ofdm_mem.c Examining data/codec2-0.9.2/unittest/ofdm_stack.c Examining data/codec2-0.9.2/unittest/sd.c Examining data/codec2-0.9.2/unittest/sd.h Examining data/codec2-0.9.2/unittest/t_helpers.c Examining data/codec2-0.9.2/unittest/t_helpers.h Examining data/codec2-0.9.2/unittest/tcohpsk.c Examining data/codec2-0.9.2/unittest/tcontphase.c Examining data/codec2-0.9.2/unittest/tdeframer.c Examining data/codec2-0.9.2/unittest/test_phi0.c Examining data/codec2-0.9.2/unittest/tfdmdv.c Examining data/codec2-0.9.2/unittest/tfifo.c Examining data/codec2-0.9.2/unittest/tfmfsk.c Examining data/codec2-0.9.2/unittest/tfreedv_data_channel.c Examining data/codec2-0.9.2/unittest/tfsk.c Examining data/codec2-0.9.2/unittest/tnewamp1.c Examining data/codec2-0.9.2/unittest/tnlp.c Examining data/codec2-0.9.2/unittest/tofdm.c Examining data/codec2-0.9.2/unittest/tprede.c Examining data/codec2-0.9.2/unittest/tst_codec2_fft_init.c Examining data/codec2-0.9.2/lpcnet/src/4stage_direct_split_vq.c Examining data/codec2-0.9.2/lpcnet/src/4stage_pred_vq.c Examining data/codec2-0.9.2/lpcnet/src/_kiss_fft_guts.h Examining data/codec2-0.9.2/lpcnet/src/arch.h Examining data/codec2-0.9.2/lpcnet/src/celt_lpc.c Examining data/codec2-0.9.2/lpcnet/src/celt_lpc.h Examining data/codec2-0.9.2/lpcnet/src/codec2_kiss_fft.h Examining data/codec2-0.9.2/lpcnet/src/codec2_pitch.c Examining data/codec2-0.9.2/lpcnet/src/codec2_pitch.h Examining data/codec2-0.9.2/lpcnet/src/common.h Examining data/codec2-0.9.2/lpcnet/src/diff32.c Examining data/codec2-0.9.2/lpcnet/src/dump_data.c Examining data/codec2-0.9.2/lpcnet/src/freq.c Examining data/codec2-0.9.2/lpcnet/src/freq.h Examining data/codec2-0.9.2/lpcnet/src/idct.c Examining data/codec2-0.9.2/lpcnet/src/kiss_fft.c Examining data/codec2-0.9.2/lpcnet/src/kiss_fft.h Examining data/codec2-0.9.2/lpcnet/src/lpcnet.c Examining data/codec2-0.9.2/lpcnet/src/lpcnet.h Examining data/codec2-0.9.2/lpcnet/src/lpcnet_dec.c Examining data/codec2-0.9.2/lpcnet/src/lpcnet_dump.c Examining data/codec2-0.9.2/lpcnet/src/lpcnet_dump.h Examining data/codec2-0.9.2/lpcnet/src/lpcnet_enc.c Examining data/codec2-0.9.2/lpcnet/src/lpcnet_freedv.c Examining data/codec2-0.9.2/lpcnet/src/lpcnet_freedv.h Examining data/codec2-0.9.2/lpcnet/src/lpcnet_freedv_internal.h Examining data/codec2-0.9.2/lpcnet/src/lpcnet_quant.c Examining data/codec2-0.9.2/lpcnet/src/lpcnet_quant.h Examining data/codec2-0.9.2/lpcnet/src/mbest.c Examining data/codec2-0.9.2/lpcnet/src/mbest.h Examining data/codec2-0.9.2/lpcnet/src/nnet.c Examining data/codec2-0.9.2/lpcnet/src/nnet.h Examining data/codec2-0.9.2/lpcnet/src/nnet2f32.c Examining data/codec2-0.9.2/lpcnet/src/nnet_rw.c Examining data/codec2-0.9.2/lpcnet/src/nnet_rw.h Examining data/codec2-0.9.2/lpcnet/src/opus_types.h Examining data/codec2-0.9.2/lpcnet/src/pitch.c Examining data/codec2-0.9.2/lpcnet/src/pitch.h Examining data/codec2-0.9.2/lpcnet/src/quant2c.c Examining data/codec2-0.9.2/lpcnet/src/quant_dec.c Examining data/codec2-0.9.2/lpcnet/src/quant_enc.c Examining data/codec2-0.9.2/lpcnet/src/quant_feat.c Examining data/codec2-0.9.2/lpcnet/src/quant_test.c Examining data/codec2-0.9.2/lpcnet/src/ramp.c Examining data/codec2-0.9.2/lpcnet/src/tansig_table.h Examining data/codec2-0.9.2/lpcnet/src/tcodec2_pitch.c Examining data/codec2-0.9.2/lpcnet/src/tdump.c Examining data/codec2-0.9.2/lpcnet/src/test_lpcnet.c Examining data/codec2-0.9.2/lpcnet/src/test_vec.c Examining data/codec2-0.9.2/lpcnet/src/vec.h Examining data/codec2-0.9.2/lpcnet/src/vec_avx.h Examining data/codec2-0.9.2/lpcnet/src/vec_neon.h Examining data/codec2-0.9.2/lpcnet/src/weight.c Examining data/codec2-0.9.2/lpcnet191005/nnet_data.c Examining data/codec2-0.9.2/lpcnet191005/nnet_data.h FINAL RESULTS: data/codec2-0.9.2/stm32/src/stm32f4_machdep.c:83:9: [5] (buffer) strncat: Easily used incorrectly (e.g., incorrectly computing the correct maximum size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf, or automatically resizing strings. Risk is high; the length parameter appears to be a constant, instead of computing the number of characters left. strncat(buf, tmp, sizeof(buf)-1); data/codec2-0.9.2/lpcnet/src/nnet2f32.c:27:15: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. int ret = sprintf(cmd, "set -x; diff %s copy.f32; if [ $? -eq 0 ]; then { echo PASS; exit 0; } else { echo FAIL; exit 1; } fi", argv[1]); data/codec2-0.9.2/lpcnet/src/nnet2f32.c:28:11: [4] (shell) system: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. ret = system(cmd); data/codec2-0.9.2/lpcnet/src/quant2c.c:36:5: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(fnames, argv[1]); data/codec2-0.9.2/lpcnet/src/quant2c.c:41:9: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(fn, p); data/codec2-0.9.2/lpcnet/src/quant_feat.c:133:13: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(label, optarg); data/codec2-0.9.2/lpcnet/src/quant_feat.c:149:13: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(fnames, optarg); data/codec2-0.9.2/lpcnet/src/quant_feat.c:154:17: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(fn, p); data/codec2-0.9.2/lpcnet/src/quant_test.c:79:13: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(label, optarg); data/codec2-0.9.2/misc/generate_wideband_map.c:135:5: [4] (format) fprintf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. fprintf(stderr, usage, argv[0]); data/codec2-0.9.2/misc/generate_wideband_map.c:136:5: [4] (format) fprintf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. fprintf(stderr, format); data/codec2-0.9.2/misc/generate_wideband_map.c:152:3: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. printf(header); data/codec2-0.9.2/misc/vq_train_jvm.c:453:3: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(filename, "%s1.txt", argv[4]); data/codec2-0.9.2/misc/vq_train_jvm.c:464:3: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(filename, "%s2.txt", argv[4]); data/codec2-0.9.2/misc/vq_train_jvm.c:475:3: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(filename, "%s3.txt", argv[4]); data/codec2-0.9.2/src/c2sim.c:265:3: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(phaseexp_arg, optarg); data/codec2-0.9.2/src/c2sim.c:267:3: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(ampexp_arg, optarg); data/codec2-0.9.2/src/c2sim.c:278:17: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(file_name, "%s_am.out", optarg); data/codec2-0.9.2/src/c2sim.c:285:17: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(file_name, "%s_hm.out", optarg); data/codec2-0.9.2/src/c2sim.c:292:17: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(file_name, "%s_Wo.out", optarg); data/codec2-0.9.2/src/c2sim.c:375:7: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(out_file,optarg); data/codec2-0.9.2/src/cohpsk_ch.c:191:6: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(fname, "%s/%s", raw_dir, SLOW_FADING_FILE_NAME); data/codec2-0.9.2/src/cohpsk_ch.c:205:6: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(fname, "%s/%s", raw_dir, FAST_FADING_FILE_NAME); data/codec2-0.9.2/src/cohpsk_ch.c:212:6: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(fname, "%s/%s", raw_dir, FASTER_FADING_FILE_NAME); data/codec2-0.9.2/src/dump.c:37:9: [4] (format) fprintf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. #define fprintf gdb_stdio_fprintf data/codec2-0.9.2/src/dump.c:79:5: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(prefix, p); data/codec2-0.9.2/src/dump.c:150:2: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(s,"%s_sn.txt", prefix); data/codec2-0.9.2/src/dump.c:173:2: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(s,"%s_sw.txt", prefix); data/codec2-0.9.2/src/dump.c:191:2: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(s,"%s_sw_.txt", prefix); data/codec2-0.9.2/src/dump.c:209:2: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(s,"%s_ew.txt", prefix); data/codec2-0.9.2/src/dump.c:228:2: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(s,"%s_softdec.txt", prefix); data/codec2-0.9.2/src/dump.c:246:2: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(s,"%s_model.txt", prefix); data/codec2-0.9.2/src/dump.c:254:9: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat(line, s); data/codec2-0.9.2/src/dump.c:259:9: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat(line,s); data/codec2-0.9.2/src/dump.c:264:5: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat(line,s); data/codec2-0.9.2/src/dump.c:276:2: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(s,"%s_qmodel.txt", prefix); data/codec2-0.9.2/src/dump.c:284:9: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat(line, s); data/codec2-0.9.2/src/dump.c:289:9: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat(line, s); data/codec2-0.9.2/src/dump.c:294:5: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat(line, s); data/codec2-0.9.2/src/dump.c:305:2: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(s,"%s_phase.txt", prefix); data/codec2-0.9.2/src/dump.c:324:2: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(s,"%s_phase_.txt", prefix); data/codec2-0.9.2/src/dump.c:344:2: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(s,"%s_hephase.txt", prefix); data/codec2-0.9.2/src/dump.c:361:2: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(s,"%s_snr.txt", prefix); data/codec2-0.9.2/src/dump.c:375:2: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(s,"%s_lpc_snr.txt", prefix); data/codec2-0.9.2/src/dump.c:392:2: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(s,"%s_pwb.txt", prefix); data/codec2-0.9.2/src/dump.c:409:2: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(s,"%s_pw.txt", prefix); data/codec2-0.9.2/src/dump.c:426:2: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(s,"%s_rw.txt", prefix); data/codec2-0.9.2/src/dump.c:443:2: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(s,"%s_weights.txt", prefix); data/codec2-0.9.2/src/dump.c:460:2: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(s,"%s_lsp.txt", prefix); data/codec2-0.9.2/src/dump.c:477:2: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(s,"%s_lsp_.txt", prefix); data/codec2-0.9.2/src/dump.c:494:2: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(s,"%s_mel.txt", prefix); data/codec2-0.9.2/src/dump.c:511:2: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(s,"%s_mel_indexes.txt", prefix); data/codec2-0.9.2/src/dump.c:528:2: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(s,"%s_ak.txt", prefix); data/codec2-0.9.2/src/dump.c:545:2: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(s,"%s_ak_.txt", prefix); data/codec2-0.9.2/src/dump.c:562:2: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(s,"%s_fw.txt", prefix); data/codec2-0.9.2/src/dump.c:579:2: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(s,"%s_e.txt", prefix); data/codec2-0.9.2/src/dump.c:599:2: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(s,"%s_sq.txt", prefix); data/codec2-0.9.2/src/dump.c:619:2: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(s,"%s_dec.txt", prefix); data/codec2-0.9.2/src/dump.c:635:2: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(s,"%s_bg.txt", prefix); data/codec2-0.9.2/src/dump.c:649:2: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(s,"%s_E.txt", prefix); data/codec2-0.9.2/src/dump.c:665:2: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(s,"%s_rk.txt", prefix); data/codec2-0.9.2/src/generate_codebook.c:150:5: [4] (format) fprintf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. fprintf(stderr, usage, argv[0]); data/codec2-0.9.2/src/generate_codebook.c:151:5: [4] (format) fprintf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. fprintf(stderr, format); data/codec2-0.9.2/src/generate_codebook.c:168:3: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. printf(header); data/codec2-0.9.2/src/golay23.c:213:9: [4] (format) fprintf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. fprintf(enc, x < 4095 ? " 0x%x,\n" : " 0x%x\n", encoding_table[x]); data/codec2-0.9.2/src/golay23.c:221:9: [4] (format) fprintf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. fprintf(dec, x < 2047 ? " 0x%x,\n" : " 0x%x\n", decoding_table[x]); data/codec2-0.9.2/src/horus_api.c:334:9: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat(hex_out, hex); data/codec2-0.9.2/src/horus_l2.c:659:21: [4] (format) fprintf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. fprintf("mask: 0x%x tx[%d] = 0x%x ", mask, i, tx[i]); data/codec2-0.9.2/src/horus_l2.c:663:21: [4] (format) fprintf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. fprintf("0x%x\n", tx[i]); data/codec2-0.9.2/src/horus_l2.c:689:21: [4] (format) fprintf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. fprintf("mask: 0x%x tx[%d] = 0x%x ", mask, i, tx[i]); data/codec2-0.9.2/src/horus_l2.c:693:21: [4] (format) fprintf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. fprintf("0x%x\n", tx[i]); data/codec2-0.9.2/src/modem_probe.c:66:2: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(run,runname); data/codec2-0.9.2/src/modem_probe.c:67:2: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(mod,modname); data/codec2-0.9.2/src/modem_probe.c:156:2: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(npti->name,tracename); data/codec2-0.9.2/src/octave.c:67:10: [4] (format) vsnprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. rc = vsnprintf(&buffer[*buf_idx_ptr], max_buf - *buf_idx_ptr, pFormat, ap); data/codec2-0.9.2/src/tdma.c:522:17: [4] (format) fprintf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. fprintf(stderr,underline); data/codec2-0.9.2/stm32/inc/gdb_stdio.h:41:9: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. #define printf gdb_stdio_printf data/codec2-0.9.2/stm32/src/codec2_profile.c:42:9: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. #define printf gdb_stdio_printf data/codec2-0.9.2/stm32/src/fdmdv_dump_rt.c:53:9: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. #define printf gdb_stdio_printf data/codec2-0.9.2/stm32/src/fdmdv_dump_rt.c:54:9: [4] (format) fprintf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. #define fprintf gdb_stdio_fprintf data/codec2-0.9.2/stm32/src/fdmdv_profile.c:43:9: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. #define printf gdb_stdio_printf data/codec2-0.9.2/stm32/src/freedv_rx_profile.c:44:9: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. #define printf gdb_stdio_printf data/codec2-0.9.2/stm32/src/freedv_rx_profile.c:49:9: [4] (format) fprintf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. #define fprintf gdb_stdio_fprintf data/codec2-0.9.2/stm32/src/freedv_tx_profile.c:40:9: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. #define printf gdb_stdio_printf data/codec2-0.9.2/stm32/src/gdb_stdio.c:62:5: [4] (format) vsnprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. vsnprintf(str, MAX_STR, format, arg); data/codec2-0.9.2/stm32/src/gdb_stdio.c:77:5: [4] (format) vsnprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. vsnprintf(str, MAX_STR, format, arg); data/codec2-0.9.2/stm32/src/power_ut.c:45:9: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. #define printf gdb_stdio_printf data/codec2-0.9.2/stm32/src/stm32f4_machdep.c:37:9: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. #define printf gdb_stdio_printf data/codec2-0.9.2/stm32/src/stm32f4_usart.c:67:3: [4] (format) vsnprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. vsnprintf(s, MAX_FMT_SIZE, fmt, ap); data/codec2-0.9.2/stm32/unittest/src/tst_api_demod.c:155:26: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. memtools_find_unused(printf); data/codec2-0.9.2/stm32/unittest/src/tst_api_demod.c:236:26: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. memtools_find_unused(printf); data/codec2-0.9.2/stm32/unittest/src/tst_api_mod.c:129:26: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. memtools_find_unused(printf); data/codec2-0.9.2/stm32/unittest/src/tst_api_mod.c:219:26: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. memtools_find_unused(printf); data/codec2-0.9.2/unittest/compare_floats.c:29:17: [4] (format) fprintf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. fprintf(stderr, usage, argv[0]); data/codec2-0.9.2/unittest/compare_floats.c:35:9: [4] (format) fprintf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. fprintf(stderr, usage, argv[0]); data/codec2-0.9.2/unittest/compare_ints.c:88:17: [4] (format) fprintf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. fprintf(stderr, usage, argv[0]); data/codec2-0.9.2/unittest/compare_ints.c:94:9: [4] (format) fprintf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. fprintf(stderr, usage, argv[0]); data/codec2-0.9.2/lpcnet/src/diff32.c:25:6: [3] (buffer) getopt_long: Some older implementations do not protect against internal buffer overflows (CWE-120, CWE-20). Check implementation on installation, or limit the size of all string inputs. o = getopt_long(argc,argv,"sc",long_opts,&opt_idx); data/codec2-0.9.2/lpcnet/src/dump_data.c:290:11: [3] (buffer) getopt_long: Some older implementations do not protect against internal buffer overflows (CWE-120, CWE-20). Check implementation on installation, or limit the size of all string inputs. o = getopt_long(argc,argv,"chn:rtz:i",long_opts,&opt_idx); data/codec2-0.9.2/lpcnet/src/idct.c:46:17: [3] (buffer) getopt_long: Some older implementations do not protect against internal buffer overflows (CWE-120, CWE-20). Check implementation on installation, or limit the size of all string inputs. while ((c = getopt_long (argc, argv, "t:sm", long_options, &opt_index)) != -1) { data/codec2-0.9.2/lpcnet/src/lpcnet_dec.c:88:17: [3] (buffer) getopt_long: Some older implementations do not protect against internal buffer overflows (CWE-120, CWE-20). Check implementation on installation, or limit the size of all string inputs. while ((c = getopt_long (argc, argv, "b:d:n:o:p:svi:u:r:", long_options, &opt_index)) != -1) { data/codec2-0.9.2/lpcnet/src/lpcnet_enc.c:81:17: [3] (buffer) getopt_long: Some older implementations do not protect against internal buffer overflows (CWE-120, CWE-20). Check implementation on installation, or limit the size of all string inputs. while ((c = getopt_long (argc, argv, "d:n:o:p:svi:u:", long_options, &opt_index)) != -1) { data/codec2-0.9.2/lpcnet/src/quant_dec.c:54:17: [3] (buffer) getopt_long: Some older implementations do not protect against internal buffer overflows (CWE-120, CWE-20). Check implementation on installation, or limit the size of all string inputs. while ((c = getopt_long (argc, argv, "d:n:o:p:v", long_options, &opt_index)) != -1) { data/codec2-0.9.2/lpcnet/src/quant_enc.c:49:17: [3] (buffer) getopt_long: Some older implementations do not protect against internal buffer overflows (CWE-120, CWE-20). Check implementation on installation, or limit the size of all string inputs. while ((c = getopt_long (argc, argv, "d:n:o:p:v", long_options, &opt_index)) != -1) { data/codec2-0.9.2/lpcnet/src/quant_feat.c:93:17: [3] (buffer) getopt_long: Some older implementations do not protect against internal buffer overflows (CWE-120, CWE-20). Check implementation on installation, or limit the size of all string inputs. while ((c = getopt_long (argc, argv, "ad:q:vs:f:p:e:u:l:m:h:wg:o:ix:", long_options, &opt_index)) != -1) { data/codec2-0.9.2/lpcnet/src/quant_test.c:67:17: [3] (buffer) getopt_long: Some older implementations do not protect against internal buffer overflows (CWE-120, CWE-20). Check implementation on installation, or limit the size of all string inputs. while ((c = getopt_long (argc, argv, "d:l:o:p:s:v", long_options, &opt_index)) != -1) { data/codec2-0.9.2/lpcnet/src/test_lpcnet.c:53:6: [3] (buffer) getopt_long: Some older implementations do not protect against internal buffer overflows (CWE-120, CWE-20). Check implementation on installation, or limit the size of all string inputs. o = getopt_long(argc,argv,"ihn:l:",long_opts,&opt_idx); data/codec2-0.9.2/misc/extract.c:37:17: [3] (buffer) getopt_long: Some older implementations do not protect against internal buffer overflows (CWE-120, CWE-20). Check implementation on installation, or limit the size of all string inputs. while ((c = getopt_long (argc, argv, "s:e:t:g:p:d:", long_options, &opt_index)) != -1) { data/codec2-0.9.2/misc/tdec.c:64:19: [3] (buffer) getopt: Some older implementations do not protect against internal buffer overflows (CWE-120, CWE-20). Check implementation on installation, or limit the size of all string inputs. while ((opt = getopt(argc, argv, "cdef")) != -1) { data/codec2-0.9.2/misc/tlininterp.c:69:19: [3] (buffer) getopt: Some older implementations do not protect against internal buffer overflows (CWE-120, CWE-20). Check implementation on installation, or limit the size of all string inputs. while ((opt = getopt(argc, argv, "cdf")) != -1) { data/codec2-0.9.2/misc/tsrc.c:62:19: [3] (buffer) getopt: Some older implementations do not protect against internal buffer overflows (CWE-120, CWE-20). Check implementation on installation, or limit the size of all string inputs. while ((opt = getopt(argc, argv, "lc")) != -1) { data/codec2-0.9.2/misc/vqtrain.c:99:13: [3] (buffer) getopt_long: Some older implementations do not protect against internal buffer overflows (CWE-120, CWE-20). Check implementation on installation, or limit the size of all string inputs. o = getopt_long(argc,argv,"hr:s:",long_opts,&opt_idx); data/codec2-0.9.2/src/c2dec.c:186:19: [3] (buffer) getopt_long: Some older implementations do not protect against internal buffer overflows (CWE-120, CWE-20). Check implementation on installation, or limit the size of all string inputs. int opt = getopt_long(argc, argv, opt_string, data/codec2-0.9.2/src/c2sim.c:180:19: [3] (buffer) getopt_long: Some older implementations do not protect against internal buffer overflows (CWE-120, CWE-20). Check implementation on installation, or limit the size of all string inputs. int opt = getopt_long(argc, argv, opt_string, data/codec2-0.9.2/src/cohpsk_demod.c:92:13: [3] (buffer) getopt_long: Some older implementations do not protect against internal buffer overflows (CWE-120, CWE-20). Check implementation on installation, or limit the size of all string inputs. o = getopt_long(argc,argv,"ho:nsv",long_opts,&opt_idx); data/codec2-0.9.2/src/fsk_demod.c:106:13: [3] (buffer) getopt_long: Some older implementations do not protect against internal buffer overflows (CWE-120, CWE-20). Check implementation on installation, or limit the size of all string inputs. o = getopt_long(argc,argv,"fhlp:cdt::sb:u:",long_opts,&opt_idx); data/codec2-0.9.2/src/fsk_demod.c:236:9: [3] (random) srand: This function is not sufficiently random for security-related functions such as key and nonce creation (CWE-327). Use a more secure technique for acquiring random values. srand(158324); data/codec2-0.9.2/src/fsk_get_test_bits.c:72:5: [3] (random) srand: This function is not sufficiently random for security-related functions such as key and nonce creation (CWE-327). Use a more secure technique for acquiring random values. srand(158324); data/codec2-0.9.2/src/fsk_get_test_bits.c:78:5: [3] (random) srand: This function is not sufficiently random for security-related functions such as key and nonce creation (CWE-327). Use a more secure technique for acquiring random values. srand(158324); data/codec2-0.9.2/src/fsk_put_test_bits.c:63:5: [3] (random) srand: This function is not sufficiently random for security-related functions such as key and nonce creation (CWE-327). Use a more secure technique for acquiring random values. srand(158324); data/codec2-0.9.2/src/horus_demod.c:71:13: [3] (buffer) getopt_long: Some older implementations do not protect against internal buffer overflows (CWE-120, CWE-20). Check implementation on installation, or limit the size of all string inputs. o = getopt_long(argc,argv,"hvcm:t::",long_opts,&opt_idx); data/codec2-0.9.2/unittest/compare_floats.c:23:19: [3] (buffer) getopt: Some older implementations do not protect against internal buffer overflows (CWE-120, CWE-20). Check implementation on installation, or limit the size of all string inputs. while ((opt = getopt(argc, argv, "t:")) != -1) { data/codec2-0.9.2/unittest/compare_ints.c:70:19: [3] (buffer) getopt: Some older implementations do not protect against internal buffer overflows (CWE-120, CWE-20). Check implementation on installation, or limit the size of all string inputs. while ((opt = getopt(argc, argv, "b:cst:n:")) != -1) { data/codec2-0.9.2/unittest/ofdm_stack.c:74:19: [3] (buffer) getopt: Some older implementations do not protect against internal buffer overflows (CWE-120, CWE-20). Check implementation on installation, or limit the size of all string inputs. while ((opt = getopt(argc, argv, "df:p")) != -1) { data/codec2-0.9.2/unittest/tdeframer.c:71:5: [3] (random) srand: This function is not sufficiently random for security-related functions such as key and nonce creation (CWE-327). Use a more secure technique for acquiring random values. srand(1); data/codec2-0.9.2/unittest/tfmfsk.c:108:2: [3] (random) srand: This function is not sufficiently random for security-related functions such as key and nonce creation (CWE-327). Use a more secure technique for acquiring random values. srand(1); data/codec2-0.9.2/unittest/tfsk.c:123:2: [3] (random) srand: This function is not sufficiently random for security-related functions such as key and nonce creation (CWE-327). Use a more secure technique for acquiring random values. srand(1); data/codec2-0.9.2/unittest/tofdm.c:169:17: [3] (buffer) getopt_long: Some older implementations do not protect against internal buffer overflows (CWE-120, CWE-20). Check implementation on installation, or limit the size of all string inputs. while ((c = getopt_long (argc, argv, "n:l", long_options, &opt_index)) != -1) { data/codec2-0.9.2/lpcnet/src/common.h:78:32: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. #define RNN_COPY(dst, src, n) (memcpy((dst), (src), (n)*sizeof(*(dst)) + 0*((dst)-(src)) )) data/codec2-0.9.2/lpcnet/src/diff32.c:29:15: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). stride = atoi(optarg); data/codec2-0.9.2/lpcnet/src/diff32.c:47:19: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). FILE *file1 = fopen(argv[dx], "rb"); data/codec2-0.9.2/lpcnet/src/diff32.c:53:19: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). FILE *file2 = fopen(argv[dx+1], "rb"); data/codec2-0.9.2/lpcnet/src/dump_data.c:159:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(features, Ly, sizeof(float)*NB_BANDS); data/codec2-0.9.2/lpcnet/src/dump_data.c:212:12: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char data[4*FRAME_SIZE]; data/codec2-0.9.2/lpcnet/src/dump_data.c:315:18: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). fuzz = atoi(optarg); data/codec2-0.9.2/lpcnet/src/dump_data.c:349:12: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). f1 = fopen(argv[dx], "rb"); data/codec2-0.9.2/lpcnet/src/dump_data.c:358:15: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). ffeat = fopen(argv[dx+1], "wb"); data/codec2-0.9.2/lpcnet/src/dump_data.c:365:14: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fpcm = fopen(argv[dx+2], "wb"); data/codec2-0.9.2/lpcnet/src/idct.c:55:22: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). stride = atoi(optarg); data/codec2-0.9.2/lpcnet/src/lpcnet.c:88:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(lpcnet->old_input[0], in, FRAME_INPUT_SIZE*sizeof(in[0])); data/codec2-0.9.2/lpcnet/src/lpcnet.c:131:21: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). lpcnet->ftest = fopen(file_name, "wb"); data/codec2-0.9.2/lpcnet/src/lpcnet.c:164:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(lpc, lpcnet->old_lpc[FEATURES_DELAY-1], LPC_ORDER*sizeof(lpc[0])); data/codec2-0.9.2/lpcnet/src/lpcnet_dec.c:91:24: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if ((fin = fopen(optarg, "rb")) == NULL) { data/codec2-0.9.2/lpcnet/src/lpcnet_dec.c:97:25: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if ((fout = fopen(optarg, "wb")) == NULL) { data/codec2-0.9.2/lpcnet/src/lpcnet_dec.c:107:19: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). dec = atoi(optarg); data/codec2-0.9.2/lpcnet/src/lpcnet_dec.c:111:26: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). num_stages = atoi(optarg); data/codec2-0.9.2/lpcnet/src/lpcnet_dec.c:115:26: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). pitch_bits = atoi(optarg); data/codec2-0.9.2/lpcnet/src/lpcnet_dec.c:161:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char frame[q->bits_per_frame]; data/codec2-0.9.2/lpcnet/src/lpcnet_enc.c:84:24: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if ((fin = fopen(optarg, "rb")) == NULL) { data/codec2-0.9.2/lpcnet/src/lpcnet_enc.c:90:25: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if ((fout = fopen(optarg, "wb")) == NULL) { data/codec2-0.9.2/lpcnet/src/lpcnet_enc.c:96:19: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). dec = atoi(optarg); data/codec2-0.9.2/lpcnet/src/lpcnet_enc.c:100:26: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). num_stages = atoi(optarg); data/codec2-0.9.2/lpcnet/src/lpcnet_enc.c:104:26: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). pitch_bits = atoi(optarg); data/codec2-0.9.2/lpcnet/src/lpcnet_enc.c:141:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char frame[lpcnet_bits_per_frame(lf)]; data/codec2-0.9.2/lpcnet/src/lpcnet_quant.c:179:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char str[80]; sprintf(str,"Stage %d:", s+1); data/codec2-0.9.2/lpcnet/src/lpcnet_quant.c:179:23: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. char str[80]; sprintf(str,"Stage %d:", s+1); data/codec2-0.9.2/lpcnet/src/nnet2f32.c:26:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char cmd[256]; data/codec2-0.9.2/lpcnet/src/nnet_rw.c:220:17: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). FILE *f32 = fopen(fn, "wb"); data/codec2-0.9.2/lpcnet/src/nnet_rw.c:244:17: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). FILE *f32 = fopen(fn, "rb"); assert(f32 != NULL); data/codec2-0.9.2/lpcnet/src/nnet_rw.c:265:17: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). FILE *f32 = fopen(fn, "rb"); assert(f32 != NULL); data/codec2-0.9.2/lpcnet/src/quant2c.c:24:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char fnames[256]; data/codec2-0.9.2/lpcnet/src/quant2c.c:25:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char fn[256]; data/codec2-0.9.2/lpcnet/src/quant2c.c:49:12: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fq=fopen(fn, "rb"); data/codec2-0.9.2/lpcnet/src/quant_dec.c:57:19: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). dec = atoi(optarg); data/codec2-0.9.2/lpcnet/src/quant_dec.c:61:26: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). num_stages = atoi(optarg); data/codec2-0.9.2/lpcnet/src/quant_dec.c:65:26: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). pitch_bits = atoi(optarg); data/codec2-0.9.2/lpcnet/src/quant_dec.c:89:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char frame[q->bits_per_frame]; data/codec2-0.9.2/lpcnet/src/quant_enc.c:52:19: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). dec = atoi(optarg); data/codec2-0.9.2/lpcnet/src/quant_enc.c:56:26: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). num_stages = atoi(optarg); data/codec2-0.9.2/lpcnet/src/quant_enc.c:60:26: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). pitch_bits = atoi(optarg); data/codec2-0.9.2/lpcnet/src/quant_enc.c:84:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char frame[q->bits_per_frame]; data/codec2-0.9.2/lpcnet/src/quant_feat.c:47:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char fnames[256]; data/codec2-0.9.2/lpcnet/src/quant_feat.c:48:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char fn[256]; data/codec2-0.9.2/lpcnet/src/quant_feat.c:57:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char label[80] = ""; data/codec2-0.9.2/lpcnet/src/quant_feat.c:101:21: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). first = atoi(optarg); data/codec2-0.9.2/lpcnet/src/quant_feat.c:107:26: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). lpcnet_fsv = fopen(optarg, "wt"); assert(lpcnet_fsv != NULL); data/codec2-0.9.2/lpcnet/src/quant_feat.c:110:19: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). dec = atoi(optarg); data/codec2-0.9.2/lpcnet/src/quant_feat.c:115:22: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fpitch = fopen(optarg, "rt"); assert(fpitch != NULL); data/codec2-0.9.2/lpcnet/src/quant_feat.c:136:31: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). mbest_survivors = atoi(optarg); data/codec2-0.9.2/lpcnet/src/quant_feat.c:140:26: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). pitch_bits = atoi(optarg); data/codec2-0.9.2/lpcnet/src/quant_feat.c:162:20: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fq=fopen(fn, "rb"); data/codec2-0.9.2/lpcnet/src/quant_test.c:48:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char label[80] = ""; data/codec2-0.9.2/lpcnet/src/quant_test.c:71:26: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). lpcnet_fsv = fopen(optarg, "wt"); assert(lpcnet_fsv != NULL); data/codec2-0.9.2/lpcnet/src/quant_test.c:74:19: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). dec = atoi(optarg); data/codec2-0.9.2/lpcnet/src/quant_test.c:82:26: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). pitch_bits = atoi(optarg); data/codec2-0.9.2/lpcnet/src/quant_test.c:105:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char frame[bits_per_frame]; data/codec2-0.9.2/lpcnet/src/ramp.c:13:18: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). FILE *fout = fopen("ramp.f32", "wb"); assert(fout != NULL); data/codec2-0.9.2/lpcnet/src/tcodec2_pitch.c:42:16: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if ((fin = fopen(argv[1],"rb")) == NULL) { data/codec2-0.9.2/lpcnet/src/tcodec2_pitch.c:49:17: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if ((fout = fopen(argv[2],"wt")) == NULL) { data/codec2-0.9.2/lpcnet/src/tdump.c:54:12: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). f1 = fopen(argv[1], "rb"); data/codec2-0.9.2/lpcnet/src/tdump.c:63:15: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). ffeat = fopen(argv[2], "wb"); data/codec2-0.9.2/lpcnet/src/test_lpcnet.c:83:15: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fin = fopen(argv[dx], "rb"); data/codec2-0.9.2/lpcnet/src/test_lpcnet.c:92:16: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fout = fopen(argv[dx+1], "wb"); data/codec2-0.9.2/misc/16_8_short.c:30:11: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). f16 = fopen(argv[1], "rb"); data/codec2-0.9.2/misc/16_8_short.c:32:10: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). f8 = fopen(argv[2], "wb"); data/codec2-0.9.2/misc/de.c:33:22: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). else if ( (fin = fopen(argv[1],"rb")) == NULL ) { data/codec2-0.9.2/misc/de.c:40:23: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). else if ( (fout = fopen(argv[2],"wb")) == NULL ) { data/codec2-0.9.2/misc/dvdongle2.c:240:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char response[MAX_STR]; data/codec2-0.9.2/misc/dvdongle2.c:245:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char msg_data[MAX_MSG_LEN]; data/codec2-0.9.2/misc/dvdongle2.c:251:9: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). f = fopen("/tmp/log.txt", "wt"); data/codec2-0.9.2/misc/dvdongle2.c:256:10: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fd = open("/dev/ttyUSB0", O_RDWR | O_NOCTTY | O_NDELAY); data/codec2-0.9.2/misc/dvdongle2.c:268:8: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fin = fopen(argv[1],"rb"); data/codec2-0.9.2/misc/dvdongle2.c:273:9: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fout = fopen(argv[2],"wb"); data/codec2-0.9.2/misc/extract.c:40:18: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). st = atoi(optarg); data/codec2-0.9.2/misc/extract.c:43:18: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). en = atoi(optarg); data/codec2-0.9.2/misc/extract.c:46:22: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). stride = atoi(optarg); data/codec2-0.9.2/misc/extract.c:55:27: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). frame_delay = atoi(optarg); data/codec2-0.9.2/misc/extract.c:68:11: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fin = fopen(argv[optind],"rb"); assert(fin != NULL); data/codec2-0.9.2/misc/extract.c:69:12: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fout = fopen(argv[optind+1],"wb"); assert(fout != NULL); data/codec2-0.9.2/misc/ge_train.c:224:10: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). ndim = atoi(argv[1]); data/codec2-0.9.2/misc/ge_train.c:225:16: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). nb_vectors = atoi(argv[2]); data/codec2-0.9.2/misc/ge_train.c:226:19: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). nb_entries = 1<<atoi(argv[3]); data/codec2-0.9.2/misc/generate_wideband_map.c:110:25: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. load(FILE * file, const char * name, float b[Nt][K]) data/codec2-0.9.2/misc/generate_wideband_map.c:112:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char line[1024]; data/codec2-0.9.2/misc/generate_wideband_map.c:141:15: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). FILE * in = fopen(argv[i + 2], "r"); data/codec2-0.9.2/misc/genlsp.c:84:12: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fspc = fopen(argv[1],"rb"); data/codec2-0.9.2/misc/genlsp.c:90:12: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). flsp = fopen(argv[2],"wt"); data/codec2-0.9.2/misc/genlsp.c:170:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(lsp_prev, lsp, sizeof(lsp)); data/codec2-0.9.2/misc/mksine.c:33:22: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). } else if ( (f = fopen(argv[1],"wb")) == NULL ) { data/codec2-0.9.2/misc/pre.c:33:22: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). else if ( (fin = fopen(argv[1],"rb")) == NULL ) { data/codec2-0.9.2/misc/pre.c:40:23: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). else if ( (fout = fopen(argv[2],"wb")) == NULL ) { data/codec2-0.9.2/misc/raw2h.c:25:12: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fraw = fopen(argv[1] ,"rb"); data/codec2-0.9.2/misc/raw2h.c:27:15: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fheader = fopen(argv[2],"wt"); data/codec2-0.9.2/misc/raw2h.c:29:15: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). samples = atoi(argv[4]); data/codec2-0.9.2/misc/speexnoisesup.c:33:22: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). else if ( (fin = fopen(argv[1],"rb")) == NULL ) { data/codec2-0.9.2/misc/speexnoisesup.c:39:22: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). else if ((fout = fopen(argv[2],"wb")) == NULL) { data/codec2-0.9.2/misc/t16_8.c:47:11: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). f16 = fopen("out16.raw", "wb"); data/codec2-0.9.2/misc/t16_8.c:49:10: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). f8 = fopen("out8.raw", "wb"); data/codec2-0.9.2/misc/t16_8_short.c:45:11: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). f16 = fopen("out16_short.raw", "wb"); data/codec2-0.9.2/misc/t16_8_short.c:47:10: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). f8 = fopen("out8.raw", "wb"); data/codec2-0.9.2/misc/t48_8.c:48:11: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). f48 = fopen("out48.raw", "wb"); data/codec2-0.9.2/misc/t48_8.c:50:10: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). f8 = fopen("out8.raw", "wb"); data/codec2-0.9.2/misc/tc2wideband.c:288:17: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). FILE *fin = fopen(argv[1], "rb"); data/codec2-0.9.2/misc/tc2wideband.c:349:18: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). FILE *fout = fopen("tc2wideband_out.txt", "wt"); data/codec2-0.9.2/misc/tcodec2.c:72:11: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fin = fopen("../raw/hts1a.raw", "rb"); data/codec2-0.9.2/misc/tcodec2.c:74:12: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fout = fopen("hts1a_test.raw", "wb"); data/codec2-0.9.2/misc/tcodec2.c:112:11: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fin = fopen("../raw/hts1a.raw", "rb"); data/codec2-0.9.2/misc/tcodec2.c:114:12: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fout = fopen("hts1a_test.raw", "wb"); data/codec2-0.9.2/misc/tcodec2.c:166:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&c2->prev_model, &model, sizeof(MODEL)); data/codec2-0.9.2/misc/tcodec2.c:193:11: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fin = fopen("../raw/hts1a.raw", "rb"); data/codec2-0.9.2/misc/tcodec2.c:195:12: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fout = fopen("hts1a_test.raw", "wb"); data/codec2-0.9.2/misc/tcodec2.c:197:13: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fbits = fopen("hts1a_test3.bit", "wb"); data/codec2-0.9.2/misc/tdec.c:47:15: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fin = fopen(argv[1], "rb"); data/codec2-0.9.2/misc/tdec.c:53:16: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fout = fopen(argv[2], "wb"); data/codec2-0.9.2/misc/tdec.c:56:11: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). dec = atoi(argv[3]); data/codec2-0.9.2/misc/tinterp.c:59:9: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). f = fopen(file,"wt"); data/codec2-0.9.2/misc/tinterp.c:68:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char tmp[MAX_STR]; data/codec2-0.9.2/misc/tinterp.c:73:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(tmp, s, p-s); data/codec2-0.9.2/misc/tinterp.c:83:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char tmp[MAX_STR]; data/codec2-0.9.2/misc/tinterp.c:88:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(tmp, s, p-s); data/codec2-0.9.2/misc/tinterp.c:90:12: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). *num = atoi(tmp); data/codec2-0.9.2/misc/tinterp.c:99:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char s[1024]; data/codec2-0.9.2/misc/tinterp.c:102:9: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). f = fopen(file,"rt"); data/codec2-0.9.2/misc/tlininterp.c:48:15: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fin = fopen(argv[1], "rb"); data/codec2-0.9.2/misc/tlininterp.c:54:16: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fout = fopen(argv[2], "wb"); data/codec2-0.9.2/misc/tnlp.c:82:14: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). Fs = atoi(argv[argc+1]); data/codec2-0.9.2/misc/tnlp.c:105:16: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if ((fin = fopen(argv[1],"rb")) == NULL) { data/codec2-0.9.2/misc/tnlp.c:112:17: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if ((fout = fopen(argv[2],"wt")) == NULL) { data/codec2-0.9.2/misc/tprede.c:33:14: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fprede = fopen("prede.txt", "wt"); data/codec2-0.9.2/misc/tquant.c:89:10: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fe = fopen("energy_err.txt", "wt"); data/codec2-0.9.2/misc/tquant.c:113:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char s[MAX_STR]; data/codec2-0.9.2/misc/tquant.c:143:5: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(s,"lsp%d_err.txt", lsp_number+1); data/codec2-0.9.2/misc/tquant.c:144:12: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). flsp = fopen(s, "wt"); data/codec2-0.9.2/misc/tquant.c:173:9: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). f = fopen("quant_pitch.txt","wt"); data/codec2-0.9.2/misc/tquant.c:197:9: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). f = fopen("quant_pitch_err.txt","wt"); data/codec2-0.9.2/misc/tsrc.c:45:15: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fin = fopen(argv[1], "rb"); data/codec2-0.9.2/misc/tsrc.c:51:16: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fout = fopen(argv[2], "wb"); data/codec2-0.9.2/misc/vq_train_jvm.c:288:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char filename[256]; data/codec2-0.9.2/misc/vq_train_jvm.c:298:10: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). ndim = atoi(argv[2]); data/codec2-0.9.2/misc/vq_train_jvm.c:299:16: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). nb_vectors = atoi(argv[3]); data/codec2-0.9.2/misc/vq_train_jvm.c:300:16: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). nb_entries = atoi(argv[3]); data/codec2-0.9.2/misc/vq_train_jvm.c:304:12: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). ftrain = fopen(argv[1],"rt"); assert(ftrain != NULL); data/codec2-0.9.2/misc/vq_train_jvm.c:454:9: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fcb = fopen(filename, "wt"); assert(fcb != NULL); data/codec2-0.9.2/misc/vq_train_jvm.c:465:9: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fcb = fopen(filename, "wt"); assert(fcb != NULL); data/codec2-0.9.2/misc/vq_train_jvm.c:476:9: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fcb = fopen(filename, "wt"); assert(fcb != NULL); data/codec2-0.9.2/misc/vqtrain.c:103:20: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fres = fopen(optarg,"wb"); assert(fres != NULL); data/codec2-0.9.2/misc/vqtrain.c:130:14: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). ftrain = fopen(argv[dx],"rb"); data/codec2-0.9.2/misc/vqtrain.c:138:9: [2] (integer) atol: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). k = atol(argv[dx+1]); data/codec2-0.9.2/misc/vqtrain.c:139:9: [2] (integer) atol: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). m = atol(argv[dx+2]); data/codec2-0.9.2/misc/vqtrain.c:162:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(cb, cent, k*sizeof(float)); data/codec2-0.9.2/misc/vqtrain.c:224:7: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&cb[i*k], ¢[i*k], k*sizeof(float)); data/codec2-0.9.2/misc/vqtrain.c:232:11: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fvq = fopen(argv[dx+3],"wt"); data/codec2-0.9.2/src/c2dec.c:97:22: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). else if ( (fin = fopen(argv[2],"rb")) == NULL ) { data/codec2-0.9.2/src/c2dec.c:104:23: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). else if ( (fout = fopen(argv[3],"wb")) == NULL ) { data/codec2-0.9.2/src/c2dec.c:158:20: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). bit_rate = atoi(argv[1]); data/codec2-0.9.2/src/c2dec.c:197:23: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). nstart_bit = atoi(optarg); data/codec2-0.9.2/src/c2dec.c:199:21: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). nend_bit = atoi(optarg); data/codec2-0.9.2/src/c2dec.c:201:22: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if ((fber = fopen(optarg,"wt")) == NULL) { data/codec2-0.9.2/src/c2dec.c:223:46: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). codec2_load_codebook(codec2, atoi(optarg)-1, argv[optind]); data/codec2-0.9.2/src/c2dec.c:228:27: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). f_ratek = fopen(optarg, "rb"); data/codec2-0.9.2/src/c2demo.c:62:17: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if ( (fin = fopen(argv[1],"rb")) == NULL ) { data/codec2-0.9.2/src/c2demo.c:68:18: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if ( (fout = fopen(argv[2],"wb")) == NULL ) { data/codec2-0.9.2/src/c2enc.c:88:22: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). else if ( (fin = fopen(argv[2],"rb")) == NULL ) { data/codec2-0.9.2/src/c2enc.c:95:23: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). else if ( (fout = fopen(argv[3],"wb")) == NULL ) { data/codec2-0.9.2/src/c2enc.c:106:13: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(out_hdr.magic,c2_file_magic,sizeof(c2_file_magic)); data/codec2-0.9.2/src/c2enc.c:143:42: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). codec2_load_codebook(codec2, atoi(argv[i+1])-1, argv[i+2]); data/codec2-0.9.2/src/c2file.h:11:7: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. const char c2_file_magic[3] = {0xc0, 0xde, 0xc2}; data/codec2-0.9.2/src/c2file.h:14:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char magic[3]; data/codec2-0.9.2/src/c2sim.c:107:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char ampexp_arg[MAX_STR]; data/codec2-0.9.2/src/c2sim.c:108:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char phaseexp_arg[MAX_STR]; data/codec2-0.9.2/src/c2sim.c:109:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char out_file[MAX_STR]; data/codec2-0.9.2/src/c2sim.c:187:21: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). Fs= atoi(optarg); data/codec2-0.9.2/src/c2sim.c:193:21: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). K = atoi(optarg); data/codec2-0.9.2/src/c2sim.c:195:25: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). order = atoi(optarg); data/codec2-0.9.2/src/c2sim.c:207:28: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). decimate = atoi(optarg); data/codec2-0.9.2/src/c2sim.c:223:26: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if ((fvoicing = fopen(optarg,"rt")) == NULL) { data/codec2-0.9.2/src/c2sim.c:229:25: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if ((flspmel = fopen(optarg,"rb")) == NULL) { data/codec2-0.9.2/src/c2sim.c:235:21: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if ((fWo = fopen(optarg,"rb")) == NULL) { data/codec2-0.9.2/src/c2sim.c:241:21: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if ((fam = fopen(optarg,"rb")) == NULL) { data/codec2-0.9.2/src/c2sim.c:247:21: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if ((fhm = fopen(optarg,"rb")) == NULL) { data/codec2-0.9.2/src/c2sim.c:253:21: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if ((faw = fopen(optarg,"rb")) == NULL) { data/codec2-0.9.2/src/c2sim.c:259:22: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if ((fjvm = fopen(optarg,"wt")) == NULL) { data/codec2-0.9.2/src/c2sim.c:277:17: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char file_name[MAX_STR]; data/codec2-0.9.2/src/c2sim.c:280:21: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if ((fam = fopen(file_name,"rb")) == NULL) { data/codec2-0.9.2/src/c2sim.c:287:21: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if ((fhm = fopen(file_name,"rb")) == NULL) { data/codec2-0.9.2/src/c2sim.c:294:22: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if ((fWo = fopen(file_name,"rb")) == NULL) { data/codec2-0.9.2/src/c2sim.c:302:26: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if ((flspEWov = fopen(optarg,"wb")) == NULL) { data/codec2-0.9.2/src/c2sim.c:311:32: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if ((ften_ms_centre = fopen(optarg,"wb")) == NULL) { data/codec2-0.9.2/src/c2sim.c:370:24: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). else if ((fout = fopen(optarg,"wb")) == NULL) { data/codec2-0.9.2/src/c2sim.c:388:21: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). else if ((fin = fopen(argv[optind],"rb")) == NULL) { data/codec2-0.9.2/src/c2sim.c:753:7: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(lsps_bw, lsps_, sizeof(float)*order); data/codec2-0.9.2/src/codec2.c:2688:34: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if ((codec2_state->fmlfeat = fopen(filename, "wb")) == NULL) { data/codec2-0.9.2/src/codec2.c:2698:14: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if ((f = fopen(filename, "rb")) == NULL) { data/codec2-0.9.2/src/codec2_fft.c:28:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(out,in,sizeof(arm_cfft_instance_f32)); data/codec2-0.9.2/src/codec2_fft.c:31:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy((void*)out->pBitRevTable,in->pBitRevTable,out->bitRevLength * sizeof(uint16_t)); data/codec2-0.9.2/src/codec2_fft.c:32:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy((void*)out->pTwiddle,in->pTwiddle,out->fftLen * sizeof(float32_t)); data/codec2-0.9.2/src/codec2_fft.c:143:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(in,inout,cfg->nfft*sizeof(kiss_fft_cpx)); data/codec2-0.9.2/src/codec2_fft.h:87:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(out,in,cfg->instance->fftLen*2*sizeof(float)); data/codec2-0.9.2/src/cohpsk.c:1206:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(rx_bits, coh->ptest_bits_coh_tx, sizeof(int)*COHPSK_BITS_PER_FRAME); data/codec2-0.9.2/src/cohpsk_ch.c:112:26: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). else if ( (fin = fopen(argv[1],"rb")) == NULL ) { data/codec2-0.9.2/src/cohpsk_ch.c:119:27: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). else if ( (fout = fopen(argv[2],"wb")) == NULL ) { data/codec2-0.9.2/src/cohpsk_ch.c:129:18: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). Fs = atoi(argv[arg+1]); data/codec2-0.9.2/src/cohpsk_ch.c:134:23: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). foff_hz = atoi(argv[arg+1]); data/codec2-0.9.2/src/cohpsk_ch.c:188:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char fname[256]; data/codec2-0.9.2/src/cohpsk_ch.c:192:23: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). ffading = fopen(fname, "rb"); data/codec2-0.9.2/src/cohpsk_ch.c:206:23: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). ffading = fopen(fname, "rb"); data/codec2-0.9.2/src/cohpsk_ch.c:213:23: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). ffading = fopen(fname, "rb"); data/codec2-0.9.2/src/cohpsk_demod.c:63:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char rx_bits_char[COHPSK_BITS_PER_FRAME]; data/codec2-0.9.2/src/cohpsk_demod.c:96:30: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if ( (foct = fopen(optarg,"wt")) == NULL ) { data/codec2-0.9.2/src/cohpsk_demod.c:137:22: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). else if ( (fin = fopen(argv[dx],"rb")) == NULL ) { data/codec2-0.9.2/src/cohpsk_demod.c:144:23: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). else if ( (fout = fopen(argv[dx+1],"wb")) == NULL ) { data/codec2-0.9.2/src/cohpsk_get_test_bits.c:43:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char tx_bits_char[COHPSK_BITS_PER_FRAME]; data/codec2-0.9.2/src/cohpsk_get_test_bits.c:53:23: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). else if ( (fout = fopen(argv[1],"wb")) == NULL ) { data/codec2-0.9.2/src/cohpsk_get_test_bits.c:61:15: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). numBits = atoi(argv[2]); data/codec2-0.9.2/src/cohpsk_get_test_bits.c:66:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(tx_bits, ptest_bits_coh, sizeof(int)*COHPSK_BITS_PER_FRAME); data/codec2-0.9.2/src/cohpsk_mod.c:54:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char tx_bits_char[2*COHPSK_BITS_PER_FRAME]; data/codec2-0.9.2/src/cohpsk_mod.c:71:22: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). else if ( (fin = fopen(argv[1],"rb")) == NULL ) { data/codec2-0.9.2/src/cohpsk_mod.c:78:23: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). else if ( (fout = fopen(argv[2],"wb")) == NULL ) { data/codec2-0.9.2/src/cohpsk_put_test_bits.c:46:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char rx_bits[COHPSK_BITS_PER_FRAME]; data/codec2-0.9.2/src/cohpsk_put_test_bits.c:62:22: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). else if ( (fin = fopen(argv[1],"rb")) == NULL ) { data/codec2-0.9.2/src/cohpsk_put_test_bits.c:73:22: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if ( (foct = fopen(argv[2],"wt")) == NULL ) { data/codec2-0.9.2/src/drs232.c:109:22: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). else if ( (fin = fopen(argv[1],"rb")) == NULL ) { data/codec2-0.9.2/src/drs232.c:116:23: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). else if ( (fout = fopen(argv[2],"wb")) == NULL ) { data/codec2-0.9.2/src/drs232_ldpc.c:148:22: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). else if ( (fin = fopen(argv[1],"rb")) == NULL ) { data/codec2-0.9.2/src/drs232_ldpc.c:155:23: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). else if ( (fout = fopen(argv[2],"wb")) == NULL ) { data/codec2-0.9.2/src/dump.c:38:9: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). #define fopen gdb_stdio_fopen data/codec2-0.9.2/src/dump.c:75:8: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char prefix[MAX_STR]; data/codec2-0.9.2/src/dump.c:145:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char s[MAX_STR]; data/codec2-0.9.2/src/dump.c:151:8: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fsn = fopen(s, "wt"); data/codec2-0.9.2/src/dump.c:168:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char s[MAX_STR]; data/codec2-0.9.2/src/dump.c:174:8: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fsw = fopen(s, "wt"); data/codec2-0.9.2/src/dump.c:186:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char s[MAX_STR]; data/codec2-0.9.2/src/dump.c:192:9: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fsw_ = fopen(s, "wt"); data/codec2-0.9.2/src/dump.c:204:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char s[MAX_STR]; data/codec2-0.9.2/src/dump.c:210:8: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). few = fopen(s, "wt"); data/codec2-0.9.2/src/dump.c:223:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char s[MAX_STR]; data/codec2-0.9.2/src/dump.c:229:13: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fsoftdec = fopen(s, "wt"); data/codec2-0.9.2/src/dump.c:240:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char s[MAX_STR]; data/codec2-0.9.2/src/dump.c:241:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char line[MAX_STR*10]; data/codec2-0.9.2/src/dump.c:247:11: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fmodel = fopen(s, "wt"); data/codec2-0.9.2/src/dump.c:251:5: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(line,"%12f %12d ", model->Wo, model->L); data/codec2-0.9.2/src/dump.c:253:2: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(s,"%12f ",model->A[l]); data/codec2-0.9.2/src/dump.c:258:2: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(s,"%12f ", 0.0); data/codec2-0.9.2/src/dump.c:263:5: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(s,"%d\n",model->voiced); data/codec2-0.9.2/src/dump.c:270:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char s[MAX_STR]; data/codec2-0.9.2/src/dump.c:271:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char line[4096]; data/codec2-0.9.2/src/dump.c:277:12: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fqmodel = fopen(s, "wt"); data/codec2-0.9.2/src/dump.c:281:5: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(line,"%12f %12d ", model->Wo, model->L); data/codec2-0.9.2/src/dump.c:283:2: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(s,"%12f ",model->A[l]); data/codec2-0.9.2/src/dump.c:288:2: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(s,"%12f ", 0.0); data/codec2-0.9.2/src/dump.c:293:5: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(s,"%d\n",model->voiced); data/codec2-0.9.2/src/dump.c:300:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char s[MAX_STR]; data/codec2-0.9.2/src/dump.c:306:11: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fphase = fopen(s, "wt"); data/codec2-0.9.2/src/dump.c:319:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char s[MAX_STR]; data/codec2-0.9.2/src/dump.c:325:12: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fphase_ = fopen(s, "wt"); data/codec2-0.9.2/src/dump.c:339:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char s[MAX_STR]; data/codec2-0.9.2/src/dump.c:345:13: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fhephase = fopen(s, "wt"); data/codec2-0.9.2/src/dump.c:356:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char s[MAX_STR]; data/codec2-0.9.2/src/dump.c:362:9: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fsnr = fopen(s, "wt"); data/codec2-0.9.2/src/dump.c:370:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char s[MAX_STR]; data/codec2-0.9.2/src/dump.c:376:12: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). flpcsnr = fopen(s, "wt"); data/codec2-0.9.2/src/dump.c:387:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char s[MAX_STR]; data/codec2-0.9.2/src/dump.c:393:9: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fpwb = fopen(s, "wt"); data/codec2-0.9.2/src/dump.c:404:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char s[MAX_STR]; data/codec2-0.9.2/src/dump.c:410:8: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fpw = fopen(s, "wt"); data/codec2-0.9.2/src/dump.c:421:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char s[MAX_STR]; data/codec2-0.9.2/src/dump.c:427:8: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). frw = fopen(s, "wt"); data/codec2-0.9.2/src/dump.c:438:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char s[MAX_STR]; data/codec2-0.9.2/src/dump.c:444:13: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fweights = fopen(s, "wt"); data/codec2-0.9.2/src/dump.c:455:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char s[MAX_STR]; data/codec2-0.9.2/src/dump.c:461:9: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). flsp = fopen(s, "wt"); data/codec2-0.9.2/src/dump.c:472:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char s[MAX_STR]; data/codec2-0.9.2/src/dump.c:478:10: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). flsp_ = fopen(s, "wt"); data/codec2-0.9.2/src/dump.c:489:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char s[MAX_STR]; data/codec2-0.9.2/src/dump.c:495:9: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fmel = fopen(s, "wt"); data/codec2-0.9.2/src/dump.c:506:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char s[MAX_STR]; data/codec2-0.9.2/src/dump.c:512:17: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fmel_indexes = fopen(s, "wt"); data/codec2-0.9.2/src/dump.c:523:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char s[MAX_STR]; data/codec2-0.9.2/src/dump.c:529:8: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fak = fopen(s, "wt"); data/codec2-0.9.2/src/dump.c:540:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char s[MAX_STR]; data/codec2-0.9.2/src/dump.c:546:9: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fak_ = fopen(s, "wt"); data/codec2-0.9.2/src/dump.c:557:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char s[MAX_STR]; data/codec2-0.9.2/src/dump.c:563:8: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). ffw = fopen(s, "wt"); data/codec2-0.9.2/src/dump.c:574:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char s[MAX_STR]; data/codec2-0.9.2/src/dump.c:580:7: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fe = fopen(s, "wt"); data/codec2-0.9.2/src/dump.c:594:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char s[MAX_STR]; data/codec2-0.9.2/src/dump.c:600:8: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fsq = fopen(s, "wt"); data/codec2-0.9.2/src/dump.c:614:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char s[MAX_STR]; data/codec2-0.9.2/src/dump.c:620:9: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fdec = fopen(s, "wt"); data/codec2-0.9.2/src/dump.c:630:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char s[MAX_STR]; data/codec2-0.9.2/src/dump.c:636:8: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fbg = fopen(s, "wt"); data/codec2-0.9.2/src/dump.c:644:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char s[MAX_STR]; data/codec2-0.9.2/src/dump.c:650:7: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fE = fopen(s, "wt"); data/codec2-0.9.2/src/dump.c:660:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char s[MAX_STR]; data/codec2-0.9.2/src/dump.c:666:8: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). frk = fopen(s, "wt"); data/codec2-0.9.2/src/fdmdv.c:586:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(fdmdv->prev_tx_symbols, tx_symbols, sizeof(COMP)*(fdmdv->Nc+1)); data/codec2-0.9.2/src/fdmdv.c:678:6: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&pilot_lut[M_FAC*(f-4)], pilot, M_FAC*sizeof(COMP)); data/codec2-0.9.2/src/fdmdv.c:1147:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&rx_fdm_mem[NRX_FDM_MEM-nin],&rx_fdm[0],nin*sizeof(COMP)); data/codec2-0.9.2/src/fdmdv.c:1665:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(fdmdv->prev_rx_symbols, rx_symbols, sizeof(COMP)*(fdmdv->Nc+1)); data/codec2-0.9.2/src/fdmdv_channel.c:55:22: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). else if ( (fin = fopen(argv[1],"rb")) == NULL ) { data/codec2-0.9.2/src/fdmdv_channel.c:62:23: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). else if ( (fout = fopen(argv[2],"wb")) == NULL ) { data/codec2-0.9.2/src/fdmdv_demod.c:92:22: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). else if ( (fin = fopen(argv[1],"rb")) == NULL ) { data/codec2-0.9.2/src/fdmdv_demod.c:99:23: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). else if ( (fout = fopen(argv[2],"wb")) == NULL ) { data/codec2-0.9.2/src/fdmdv_demod.c:106:14: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). Nc = atoi(argv[3]); data/codec2-0.9.2/src/fdmdv_demod.c:159:6: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&rx_fdm_log[rx_fdm_log_col_index], rx_fdm, sizeof(COMP)*nin_prev); data/codec2-0.9.2/src/fdmdv_demod.c:168:6: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&rx_bits_log[bits_per_fdmdv_frame*f], rx_bits, sizeof(int)*bits_per_fdmdv_frame); data/codec2-0.9.2/src/fdmdv_demod.c:186:13: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(codec_bits, rx_bits, bits_per_fdmdv_frame*sizeof(int)); data/codec2-0.9.2/src/fdmdv_demod.c:190:13: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&codec_bits[bits_per_fdmdv_frame], rx_bits, bits_per_fdmdv_frame*sizeof(int)); data/codec2-0.9.2/src/fdmdv_demod.c:221:14: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if ((foct = fopen(argv[4],"wt")) == NULL ) { data/codec2-0.9.2/src/fdmdv_get_test_bits.c:58:23: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). else if ( (fout = fopen(argv[1],"wb")) == NULL ) { data/codec2-0.9.2/src/fdmdv_get_test_bits.c:64:15: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). numBits = atoi(argv[2]); data/codec2-0.9.2/src/fdmdv_get_test_bits.c:67:14: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). Nc = atoi(argv[3]); data/codec2-0.9.2/src/fdmdv_mod.c:68:22: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). else if ( (fin = fopen(argv[1],"rb")) == NULL ) { data/codec2-0.9.2/src/fdmdv_mod.c:75:23: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). else if ( (fout = fopen(argv[2],"wb")) == NULL ) { data/codec2-0.9.2/src/fdmdv_mod.c:82:14: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). Nc = atoi(argv[3]); data/codec2-0.9.2/src/fdmdv_put_test_bits.c:61:22: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). else if ( (fin = fopen(argv[1],"rb")) == NULL ) { data/codec2-0.9.2/src/fdmdv_put_test_bits.c:68:14: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). Nc = atoi(argv[2]); data/codec2-0.9.2/src/filter.c:117:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(filter->cBuf, cSamples, count * sizeof(complex float)); data/codec2-0.9.2/src/filter.c:180:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(filter->cBuf, cSamples, count * sizeof(complex float)); data/codec2-0.9.2/src/fm_demod.c:62:22: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). else if ( (fin = fopen(argv[1],"rb")) == NULL ) { data/codec2-0.9.2/src/fm_demod.c:69:23: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). else if ( (fout = fopen(argv[2],"wb")) == NULL ) { data/codec2-0.9.2/src/fmfsk.c:196:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy (&oldsamps[nold], &fmfsk_in[0] , sizeof(float)*nin ); data/codec2-0.9.2/src/fmfsk_demod.c:57:10: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). Fs = atoi(argv[1]); data/codec2-0.9.2/src/fmfsk_demod.c:58:10: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). Rb = atoi(argv[2]); data/codec2-0.9.2/src/fmfsk_demod.c:64:8: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fin = fopen(argv[3],"r"); data/codec2-0.9.2/src/fmfsk_demod.c:70:9: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fout = fopen(argv[4],"w"); data/codec2-0.9.2/src/fmfsk_mod.c:51:10: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). Fs = atoi(argv[1]); data/codec2-0.9.2/src/fmfsk_mod.c:52:10: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). Rb = atoi(argv[2]); data/codec2-0.9.2/src/fmfsk_mod.c:57:9: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fin = fopen(argv[3],"r"); data/codec2-0.9.2/src/fmfsk_mod.c:63:10: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fout = fopen(argv[4],"w"); data/codec2-0.9.2/src/freedv_api.c:779:17: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char s[2]; data/codec2-0.9.2/src/freedv_api.c:849:17: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char s[2]; data/codec2-0.9.2/src/freedv_api.c:988:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char s[2]; data/codec2-0.9.2/src/freedv_api.c:1101:17: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char s[2]; data/codec2-0.9.2/src/freedv_api.c:1192:13: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char s[2]; data/codec2-0.9.2/src/freedv_api.c:1247:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(tx_bits, f->packed_codec_bits, bits_per_interleaved_frame); data/codec2-0.9.2/src/freedv_api.c:1259:13: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char s[2]; data/codec2-0.9.2/src/freedv_api.c:1433:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(f->packed_codec_bits, packed_codec_bits, bytes_per_codec_frame * codec_frames); data/codec2-0.9.2/src/freedv_api.c:1453:17: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(f->packed_codec_bits_tx + (f->modem_frame_count_tx*codec_frames+j)*bytes_per_codec_frame, packed_codec_bits, bytes_per_codec_frame); data/codec2-0.9.2/src/freedv_api.c:1709:13: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(f->rx_bits, f->fdmdv_bits, bits_per_fdmdv_frame*sizeof(int)); data/codec2-0.9.2/src/freedv_api.c:1714:13: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&f->rx_bits[bits_per_fdmdv_frame], f->fdmdv_bits, bits_per_fdmdv_frame*sizeof(int)); data/codec2-0.9.2/src/freedv_api.c:1961:17: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char rx_bits_char[COHPSK_BITS_PER_FRAME]; data/codec2-0.9.2/src/freedv_api.c:1978:17: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char rx_bits_char[COHPSK_BITS_PER_FRAME]; data/codec2-0.9.2/src/freedv_api.c:2381:21: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(f->packed_codec_bits+j*data_bits_per_frame, out_char, data_bits_per_frame); data/codec2-0.9.2/src/freedv_api.c:2651:18: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(packed_codec_bits, f->packed_codec_bits + (i + frames*f->modem_frame_count_rx)* bytes_per_codec_frame, bytes_per_codec_frame); data/codec2-0.9.2/src/freedv_api.c:2663:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(packed_codec_bits, f->packed_codec_bits, bytes_per_codec_frame * codec_frames); data/codec2-0.9.2/src/freedv_data_channel.c:36:17: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static unsigned char fdc_header_bcast[6] = { 0xff, 0xff, 0xff, 0xff, 0xff, 0xff }; data/codec2-0.9.2/src/freedv_data_channel.c:121:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(fdc->rx_header, fdc->tx_header, 8); data/codec2-0.9.2/src/freedv_data_channel.c:158:6: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(fdc->packet_rx + fdc->packet_rx_cnt, fdc->rx_header, 6); data/codec2-0.9.2/src/freedv_data_channel.c:164:17: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(fdc->packet_rx + fdc->packet_rx_cnt, data, 6); data/codec2-0.9.2/src/freedv_data_channel.c:172:13: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(fdc->packet_rx + fdc->packet_rx_cnt, fdc_header_bcast, sizeof(fdc_header_bcast)); data/codec2-0.9.2/src/freedv_data_channel.c:179:17: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(fdc->packet_rx + 6, data, 6); data/codec2-0.9.2/src/freedv_data_channel.c:180:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(fdc->packet_rx, fdc_header_bcast, 6); data/codec2-0.9.2/src/freedv_data_channel.c:196:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(fdc->packet_rx + fdc->packet_rx_cnt, data, copy_bits); data/codec2-0.9.2/src/freedv_data_channel.c:208:17: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(fdc->rx_header, fdc->packet_rx, 6); data/codec2-0.9.2/src/freedv_data_channel.c:213:26: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char tmp[6]; data/codec2-0.9.2/src/freedv_data_channel.c:214:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(tmp, fdc->packet_rx, 6); data/codec2-0.9.2/src/freedv_data_channel.c:215:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(fdc->packet_rx, fdc->packet_rx + 6, 6); data/codec2-0.9.2/src/freedv_data_channel.c:216:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(fdc->packet_rx + 6, tmp, 6); data/codec2-0.9.2/src/freedv_data_channel.c:243:6: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(fdc->packet_tx, fdc->tx_header, size); data/codec2-0.9.2/src/freedv_data_channel.c:247:17: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(data, fdc->tx_header, size); data/codec2-0.9.2/src/freedv_data_channel.c:256:22: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char tmp[6]; data/codec2-0.9.2/src/freedv_data_channel.c:261:13: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(tmp, fdc->packet_tx, 6); data/codec2-0.9.2/src/freedv_data_channel.c:262:6: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(fdc->packet_tx, fdc->packet_tx + 6, 6); data/codec2-0.9.2/src/freedv_data_channel.c:263:6: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(fdc->packet_tx + 6, tmp, 6); data/codec2-0.9.2/src/freedv_data_channel.c:276:21: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(fdc->packet_tx + 6, fdc->packet_tx, 6); data/codec2-0.9.2/src/freedv_data_channel.c:294:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(data, fdc->packet_tx + fdc->packet_tx_cnt, copy); data/codec2-0.9.2/src/freedv_data_channel.c:303:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(fdc->tx_header, header, 6); data/codec2-0.9.2/src/freedv_data_channel.h:47:14: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char rx_header[8]; data/codec2-0.9.2/src/freedv_data_channel.h:48:14: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char packet_rx[FREEDV_DATA_CHANNEL_PACKET_MAX + 2]; data/codec2-0.9.2/src/freedv_data_channel.h:51:14: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char tx_header[8]; data/codec2-0.9.2/src/freedv_data_channel.h:52:14: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char packet_tx[FREEDV_DATA_CHANNEL_PACKET_MAX + 2]; data/codec2-0.9.2/src/freedv_rx.c:104:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char f2020[80] = {0}; data/codec2-0.9.2/src/freedv_rx.c:106:9: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(f2020,"|2020"); data/codec2-0.9.2/src/freedv_rx.c:138:22: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). else if ( (fin = fopen(argv[2],"rb")) == NULL ) { data/codec2-0.9.2/src/freedv_rx.c:145:23: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). else if ( (fout = fopen(argv[3],"wb")) == NULL ) { data/codec2-0.9.2/src/freedv_rx.c:177:37: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). interleave_frames = atoi(argv[i+1]); data/codec2-0.9.2/src/freedv_rx.c:218:12: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). ftxt = fopen("freedv_rx_log.txt","wt"); data/codec2-0.9.2/src/freedv_rx.c:257:22: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char encoded[bytes_per_codec_frame * codec_frames]; data/codec2-0.9.2/src/freedv_tx.c:39:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char tx_str[80]; data/codec2-0.9.2/src/freedv_tx.c:104:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char f2020[80] = {0}; data/codec2-0.9.2/src/freedv_tx.c:106:9: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(f2020,"|2020"); data/codec2-0.9.2/src/freedv_tx.c:142:22: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). else if ( (fin = fopen(argv[2],"rb")) == NULL ) { data/codec2-0.9.2/src/freedv_tx.c:148:23: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). else if ( (fout = fopen(argv[3],"wb")) == NULL ) { data/codec2-0.9.2/src/freedv_tx.c:181:37: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). interleave_frames = atoi(argv[i+1]); data/codec2-0.9.2/src/freedv_tx.c:184:28: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). use_clip = atoi(argv[i+1]); data/codec2-0.9.2/src/freedv_tx.c:187:29: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). use_txbpf = atoi(argv[i+1]); data/codec2-0.9.2/src/freedv_tx.c:209:18: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char header[6] = { 0x12, 0x34, 0x56, 0x78, 0x9a, 0xbc }; data/codec2-0.9.2/src/freedv_tx.c:231:5: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(my_cb_state.tx_str, "cq cq cq hello world\r"); data/codec2-0.9.2/src/freedv_tx.c:253:22: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char encoded[bytes_per_codec_frame * codec_frames]; data/codec2-0.9.2/src/fsk.c:510:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(stats->f_est, fsk->stats->f_est, fsk->mode*sizeof(float)); data/codec2-0.9.2/src/fsk.c:713:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char mp_name_tmp[20]; /* Temporary string for modem probe trace names */ data/codec2-0.9.2/src/fsk.c:851:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy((void*)&(fsk->samp_old[0]),(void*)&(fsk_in[nin-nstash]),sizeof(COMP)*nstash); data/codec2-0.9.2/src/fsk_demod.c:126:34: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). stats_rate = atoi(optarg); data/codec2-0.9.2/src/fsk_demod.c:136:21: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). P = atoi(optarg); data/codec2-0.9.2/src/fsk_demod.c:140:33: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). fsk_lower = atoi(optarg); data/codec2-0.9.2/src/fsk_demod.c:145:33: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). fsk_upper = atoi(optarg); data/codec2-0.9.2/src/fsk_demod.c:182:9: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). M = atoi(argv[dx]); data/codec2-0.9.2/src/fsk_demod.c:183:10: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). Fs = atoi(argv[dx + 1]); data/codec2-0.9.2/src/fsk_demod.c:184:10: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). Rs = atoi(argv[dx + 2]); data/codec2-0.9.2/src/fsk_demod.c:199:15: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fin = fopen(argv[dx + 3],"r"); data/codec2-0.9.2/src/fsk_demod.c:205:16: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fout = fopen(argv[dx + 4],"w"); data/codec2-0.9.2/src/fsk_get_test_bits.c:50:14: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). bitcnt = atoi(argv[2]); data/codec2-0.9.2/src/fsk_get_test_bits.c:60:16: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fout = fopen(argv[1],"w"); data/codec2-0.9.2/src/fsk_mod.c:52:9: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). M = atoi(argv[1]); data/codec2-0.9.2/src/fsk_mod.c:53:10: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). Fs = atoi(argv[2]); data/codec2-0.9.2/src/fsk_mod.c:54:10: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). Rs = atoi(argv[3]); data/codec2-0.9.2/src/fsk_mod.c:55:10: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). f1 = atoi(argv[4]); data/codec2-0.9.2/src/fsk_mod.c:56:10: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). fs = atoi(argv[5]); data/codec2-0.9.2/src/fsk_mod.c:61:9: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fin = fopen(argv[6],"r"); data/codec2-0.9.2/src/fsk_mod.c:67:10: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fout = fopen(argv[7],"w"); data/codec2-0.9.2/src/fsk_mod_ext_vco.c:57:15: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fin = fopen(argv[1],"r"); data/codec2-0.9.2/src/fsk_mod_ext_vco.c:63:16: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fout = fopen(argv[2],"w"); data/codec2-0.9.2/src/fsk_mod_ext_vco.c:66:9: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). m = atoi(argv[3]); log2m = log2(m); data/codec2-0.9.2/src/fsk_mod_ext_vco.c:71:14: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). os = atoi(argv[5]); data/codec2-0.9.2/src/fsk_put_test_bits.c:50:15: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fin = fopen(argv[1],"r"); data/codec2-0.9.2/src/generate_codebook.c:123:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char line[1024]; data/codec2-0.9.2/src/generate_codebook.c:156:17: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). FILE * in = fopen(argv[i + 2], "r"); data/codec2-0.9.2/src/golay23.c:206:17: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). FILE *enc = fopen("golayenctable.h", "w"); data/codec2-0.9.2/src/golay23.c:207:17: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). FILE *dec = fopen("golaydectable.h", "w"); data/codec2-0.9.2/src/horus_api.c:331:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char hex[3]; data/codec2-0.9.2/src/horus_api.c:333:9: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(hex, "%02X", payload_bytes[b]); data/codec2-0.9.2/src/horus_api.c:405:23: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). FILE *f = fopen("packetbits.txt", "wt"); assert(f != NULL); data/codec2-0.9.2/src/horus_demod.c:89:34: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). stats_rate = atoi(optarg); data/codec2-0.9.2/src/horus_demod.c:139:15: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fin = fopen(argv[dx],"rb"); data/codec2-0.9.2/src/horus_demod.c:145:16: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fout = fopen(argv[dx + 1],"w"); data/codec2-0.9.2/src/horus_demod.c:172:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char ascii_out[max_ascii_out]; data/codec2-0.9.2/src/horus_l2.c:136:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(pout, uw, sizeof(uw)); pout += sizeof(uw); data/codec2-0.9.2/src/horus_l2.c:137:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(pout, input_payload_data, num_payload_data_bytes); pout += num_payload_data_bytes; data/codec2-0.9.2/src/horus_l2.c:486:14: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char out[nbytes]; data/codec2-0.9.2/src/horus_l2.c:533:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(inout, out, nbytes); data/codec2-0.9.2/src/horus_l2.c:547:14: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char inout[nbytes]; data/codec2-0.9.2/src/horus_l2.c:548:14: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char inter[nbytes]; data/codec2-0.9.2/src/horus_l2.c:549:14: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char incopy[nbytes]; data/codec2-0.9.2/src/horus_l2.c:558:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(inter, inout, nbytes); /* snap shot of interleaved bytes */ data/codec2-0.9.2/src/horus_l2.c:631:14: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char input_payload[nbytes]; data/codec2-0.9.2/src/horus_l2.c:633:14: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char tx[num_tx_data_bytes]; data/codec2-0.9.2/src/horus_l2.c:634:14: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char output_payload[sizeof(input_payload)]; data/codec2-0.9.2/src/horus_l2.c:783:14: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char tx[num_tx_data_bytes]; data/codec2-0.9.2/src/horus_l2.c:793:15: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). FILE *f = fopen("../octave/horus_tx_bits_binary.txt","wt"); data/codec2-0.9.2/src/horus_l2.c:815:14: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char output_payload[nbytes]; data/codec2-0.9.2/src/horus_l2.c:819:14: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char rx[45] = { data/codec2-0.9.2/src/horus_l2.c:830:15: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). FILE *f = fopen("../octave/horus_rx_bits_binary.bin","rb"); data/codec2-0.9.2/src/horus_l2.c:848:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&h, output_payload, nbytes); data/codec2-0.9.2/src/horus_l2.c:851:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char crc_str[80]; data/codec2-0.9.2/src/horus_l2.c:854:9: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(crc_str, "CRC OK"); data/codec2-0.9.2/src/horus_l2.c:856:9: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(crc_str, "CRC BAD"); data/codec2-0.9.2/src/horus_l2.c:868:16: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). FILE *fh = fopen("../octave/horus_rx_bits_hex.txt","wt"); data/codec2-0.9.2/src/insert_errors.c:51:22: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). else if ( (fin = fopen(argv[1],"rb")) == NULL ) { data/codec2-0.9.2/src/insert_errors.c:58:23: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). else if ( (fout = fopen(argv[2],"wb")) == NULL ) { data/codec2-0.9.2/src/insert_errors.c:64:19: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if ((ferror = fopen(argv[3],"rb")) == NULL ) { data/codec2-0.9.2/src/interldpc.c:127:14: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char pbits[ldpc->NumberParityBits]; data/codec2-0.9.2/src/interldpc.c:134:18: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char tx_bits_char_padded[ldpc->ldpc_data_bits_per_frame]; data/codec2-0.9.2/src/interldpc.c:136:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(tx_bits_char_padded, tx_bits_char, ldpc->data_bits_per_frame); data/codec2-0.9.2/src/kiss_fft.c:378:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(fout,tmpbuf,sizeof(kiss_fft_cpx)*st->nfft); data/codec2-0.9.2/src/ldpc_dec.c:170:14: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char ibits[data_bits_per_frame]; data/codec2-0.9.2/src/ldpc_dec.c:171:14: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char pbits[NumberParityBits]; data/codec2-0.9.2/src/ldpc_dec.c:218:26: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). else if ( (fin = fopen(argv[1],"rb")) == NULL ) { data/codec2-0.9.2/src/ldpc_dec.c:225:27: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). else if ( (fout = fopen(argv[2],"wb")) == NULL ) { data/codec2-0.9.2/src/ldpc_dec.c:245:32: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). unused_data_bits = atoi(argv[arg+1]); data/codec2-0.9.2/src/ldpc_dec.c:306:17: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(input_float, llr_tmp, sizeof(float)*CodeLength); data/codec2-0.9.2/src/ldpc_dec_test.c:142:25: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). ldpc.max_iter = atoi(argv[i+1]); data/codec2-0.9.2/src/ldpc_dec_test.c:149:14: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char ibits[data_bits_per_frame]; data/codec2-0.9.2/src/ldpc_dec_test.c:150:14: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char pbits[NumberParityBits]; data/codec2-0.9.2/src/ldpc_dec_test.c:151:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char out_char[CodeLength]; data/codec2-0.9.2/src/ldpc_dec_test.c:197:26: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). else if ( (fin = fopen(argv[1],"rb")) == NULL ) { data/codec2-0.9.2/src/ldpc_dec_test.c:204:27: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). else if ( (fout = fopen(argv[2],"wb")) == NULL ) { data/codec2-0.9.2/src/ldpc_enc.c:39:14: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char ibits[NUMBERROWSHCOLS]; data/codec2-0.9.2/src/ldpc_enc.c:40:14: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char pbits[NUMBERPARITYBITS]; data/codec2-0.9.2/src/ldpc_enc.c:113:22: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). else if ( (fin = fopen(argv[1],"rb")) == NULL ) { data/codec2-0.9.2/src/ldpc_enc.c:120:23: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). else if ( (fout = fopen(argv[2],"wb")) == NULL ) { data/codec2-0.9.2/src/ldpc_enc.c:133:28: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). unused_data_bits = atoi(argv[arg+1]); data/codec2-0.9.2/src/ldpc_enc.c:140:19: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). Nframes = atoi(argv[arg+1]); data/codec2-0.9.2/src/ldpc_enc_test.c:38:14: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char ibits[NUMBERROWSHCOLS]; data/codec2-0.9.2/src/ldpc_enc_test.c:39:14: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char pbits[NUMBERPARITYBITS]; data/codec2-0.9.2/src/ldpc_enc_test.c:96:22: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). else if ( (fin = fopen(argv[1],"rb")) == NULL ) { data/codec2-0.9.2/src/ldpc_enc_test.c:103:23: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). else if ( (fout = fopen(argv[2],"wb")) == NULL ) { data/codec2-0.9.2/src/ldpc_enc_test.c:118:19: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). Nframes = atoi(argv[arg+1]); data/codec2-0.9.2/src/ldpc_noise.c:43:22: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). else if ( (fin = fopen(argv[1],"rb")) == NULL ) { data/codec2-0.9.2/src/ldpc_noise.c:50:23: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). else if ( (fout = fopen(argv[2],"wb")) == NULL ) { data/codec2-0.9.2/src/modem_probe.c:52:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char name[255]; data/codec2-0.9.2/src/modem_probe.c:87:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(newbuf+i,cur->data,cur->len); data/codec2-0.9.2/src/modem_probe.c:105:20: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). FILE * dumpfile = fopen(run,"w"); data/codec2-0.9.2/src/modem_probe.c:179:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(ndat->data,(void*)&(samp[0]),sizeof(int32_t)*cnt); data/codec2-0.9.2/src/modem_probe.c:206:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(ndat->data,(void*)&(samp[0]),sizeof(float)*cnt); data/codec2-0.9.2/src/modem_probe.c:232:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(ndat->data,(void*)&(samp[0]),sizeof(COMP)*cnt); data/codec2-0.9.2/src/octave.c:90:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buffer[OCTAVE_BUFSIZE]; data/codec2-0.9.2/src/octave.c:108:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buffer[OCTAVE_BUFSIZE]; data/codec2-0.9.2/src/octave.c:127:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buffer[OCTAVE_BUFSIZE]; data/codec2-0.9.2/src/ofdm_demod.c:205:37: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). interleave_frames = atoi(options.optarg); data/codec2-0.9.2/src/ofdm_demod.c:210:27: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). ldpc_en = atoi(options.optarg); data/codec2-0.9.2/src/ofdm_demod.c:226:23: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). val = atoi(options.optarg); data/codec2-0.9.2/src/ofdm_demod.c:241:22: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). ns = atoi(options.optarg); data/codec2-0.9.2/src/ofdm_demod.c:244:44: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). phase_est_bandwidth_mode = atoi(options.optarg); data/codec2-0.9.2/src/ofdm_demod.c:247:39: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). data_bits_per_frame = atoi(options.optarg); data/codec2-0.9.2/src/ofdm_demod.c:253:27: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). verbose = atoi(options.optarg); data/codec2-0.9.2/src/ofdm_demod.c:258:31: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). start_secs = atoi(options.optarg); data/codec2-0.9.2/src/ofdm_demod.c:261:29: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). len_secs = atoi(options.optarg); data/codec2-0.9.2/src/ofdm_demod.c:264:30: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). skip_secs = atoi(options.optarg); data/codec2-0.9.2/src/ofdm_demod.c:284:20: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if ((fin = fopen(fin_name, "rb")) == NULL) { data/codec2-0.9.2/src/ofdm_demod.c:291:21: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if ((fout = fopen(fout_name, "wb")) == NULL) { data/codec2-0.9.2/src/ofdm_demod.c:298:21: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if ((foct = fopen(log_name, "wt")) == NULL) { data/codec2-0.9.2/src/ofdm_gen_test_bits.c:114:26: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). frames = atoi(options.optarg); data/codec2-0.9.2/src/ofdm_gen_test_bits.c:132:21: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if ((fout = fopen(fout_name, "wb")) == NULL) { data/codec2-0.9.2/src/ofdm_gen_test_bits.c:212:21: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char s[2]; data/codec2-0.9.2/src/ofdm_get_test_bits.c:58:23: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). else if ( (fout = fopen(argv[1],"wb")) == NULL ) { data/codec2-0.9.2/src/ofdm_get_test_bits.c:81:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char tx_bits_char[ofdm_bitsperframe]; data/codec2-0.9.2/src/ofdm_get_test_bits.c:89:19: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). Nframes = atoi(argv[3]); data/codec2-0.9.2/src/ofdm_get_test_bits.c:91:20: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). int Nsec = atoi(argv[2]); data/codec2-0.9.2/src/ofdm_mod.c:166:23: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). val = atoi(options.optarg); data/codec2-0.9.2/src/ofdm_mod.c:181:22: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). ns = atoi(options.optarg); data/codec2-0.9.2/src/ofdm_mod.c:185:24: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). Nsec = atoi(options.optarg); data/codec2-0.9.2/src/ofdm_mod.c:188:37: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). interleave_frames = atoi(options.optarg); data/codec2-0.9.2/src/ofdm_mod.c:197:27: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). ldpc_en = atoi(options.optarg); data/codec2-0.9.2/src/ofdm_mod.c:211:39: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). data_bits_per_frame = atoi(options.optarg); data/codec2-0.9.2/src/ofdm_mod.c:217:27: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). verbose = atoi(options.optarg); data/codec2-0.9.2/src/ofdm_mod.c:231:20: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if ((fin = fopen(fin_name, "rb")) == NULL) { data/codec2-0.9.2/src/ofdm_mod.c:238:21: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if ((fout = fopen(fout_name, "wb")) == NULL) { data/codec2-0.9.2/src/ofdm_mod.c:386:29: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char s[2]; data/codec2-0.9.2/src/ofdm_put_test_bits.c:71:22: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). else if ( (fin = fopen(argv[1],"rb")) == NULL ) { data/codec2-0.9.2/src/ofdm_put_test_bits.c:96:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char rx_bits[Nbitsperframe]; data/codec2-0.9.2/src/optparse.h:60:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char errmsg[64]; data/codec2-0.9.2/src/optparse.h:226:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char str[2] = {0, 0}; data/codec2-0.9.2/src/optparse.h:248:13: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char str[2] = {0, 0}; data/codec2-0.9.2/src/optparse.h:329:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char optstring[96 * 3 + 1]; /* 96 ASCII printable characters */ data/codec2-0.9.2/src/resample.c:108:22: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). else if ( (fin = fopen(argv[3],"rb")) == NULL ) { data/codec2-0.9.2/src/resample.c:115:23: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). else if ( (fout = fopen(argv[4],"wb")) == NULL ) { data/codec2-0.9.2/src/resample.c:137:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(input_short, &input_short[nin], left_over); data/codec2-0.9.2/src/tdma.c:266:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&mod_bits[0],&frame_bits[0],frame_size_bits*sizeof(u8)); data/codec2-0.9.2/src/tdma.c:271:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&mod_bits[uw_offset],uw,mode.uw_len*sizeof(u8)); data/codec2-0.9.2/src/tdma.c:326:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&frame_bits[0],&demod_bits[f_start],frame_size_bits*sizeof(u8)); data/codec2-0.9.2/src/tdma.c:411:13: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&frame_samps[0],&sample_buffer[tdma->sample_sync_offset+rdemod_offset],slot_samps*sizeof(COMP)); data/codec2-0.9.2/src/tdma.c:683:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&sample_buffer[n_slots*slot_samps],&samps[0],move_samps); data/codec2-0.9.2/src/varicode.c:429:5: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(ascii_in, "CQ CQ CQ this is VK5DGR"); data/codec2-0.9.2/src/varicode.c:454:5: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(ascii_in, "s=vk5dgr qth=adelaide"); data/codec2-0.9.2/src/varicode_table.h:34:10: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char const varicode_table1[256] = { data/codec2-0.9.2/src/vhf_deframe_c2.c:64:15: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fin = fopen(argv[2],"r"); data/codec2-0.9.2/src/vhf_deframe_c2.c:70:16: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fout = fopen(argv[3],"w"); data/codec2-0.9.2/src/vhf_frame_c2.c:62:15: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fin = fopen(argv[2],"r"); data/codec2-0.9.2/src/vhf_frame_c2.c:68:16: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fout = fopen(argv[3],"w"); data/codec2-0.9.2/stm32/inc/gdb_stdio.h:42:9: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). #define fopen gdb_stdio_fopen data/codec2-0.9.2/stm32/src/adc_rec.c:58:12: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fadc = fopen("adc.raw", "wb"); data/codec2-0.9.2/stm32/src/adc_sfdr_ut.c:57:12: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fadc = fopen("adc.raw", "wb"); data/codec2-0.9.2/stm32/src/codec2_profile.c:43:9: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). #define fopen gdb_stdio_fopen data/codec2-0.9.2/stm32/src/codec2_profile.c:66:11: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fin = fopen(inputfile, "rb"); data/codec2-0.9.2/stm32/src/codec2_profile.c:72:12: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fout = fopen(outputfile, "wb"); data/codec2-0.9.2/stm32/src/codec2_profile.c:126:11: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fin = fopen(inputfile, "rb"); data/codec2-0.9.2/stm32/src/dac_play.c:42:17: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fplay = fopen("stm_in.raw", "rb"); data/codec2-0.9.2/stm32/src/fdmdv_dump_rt.c:55:9: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). #define fopen gdb_stdio_fopen data/codec2-0.9.2/stm32/src/fdmdv_dump_rt.c:133:28: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). FILE *ft = fopen("scatter.txt", "wt"); data/codec2-0.9.2/stm32/src/fdmdv_profile.c:44:9: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). #define fopen gdb_stdio_fopen data/codec2-0.9.2/stm32/src/fdmdv_profile.c:127:17: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(codec_bits, rx_bits, bits_per_fdmdv_frame*sizeof(int)); data/codec2-0.9.2/stm32/src/fdmdv_profile.c:129:17: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&codec_bits[bits_per_fdmdv_frame], rx_bits, bits_per_fdmdv_frame*sizeof(int)); data/codec2-0.9.2/stm32/src/freedv_rx_profile.c:45:9: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). #define fopen gdb_stdio_fopen data/codec2-0.9.2/stm32/src/freedv_rx_profile.c:79:11: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fin = fopen("mod_16k.raw", "rb"); data/codec2-0.9.2/stm32/src/freedv_rx_profile.c:85:12: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fout = fopen("speechout_16k.raw", "wb"); data/codec2-0.9.2/stm32/src/freedv_rx_profile.c:91:14: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). ftotal = fopen("total.txt", "wt"); data/codec2-0.9.2/stm32/src/freedv_tx_profile.c:41:9: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). #define fopen gdb_stdio_fopen data/codec2-0.9.2/stm32/src/freedv_tx_profile.c:61:11: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fin = fopen("stm_in.raw", "rb"); data/codec2-0.9.2/stm32/src/freedv_tx_profile.c:67:12: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fout = fopen("mod.raw", "wb"); data/codec2-0.9.2/stm32/src/gdb_stdio.c:59:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char str[MAX_STR]; data/codec2-0.9.2/stm32/src/gdb_stdio.c:74:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char str[MAX_STR]; data/codec2-0.9.2/stm32/src/iir_duc.c:338:9: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). f = fopen("iir_duc_s.txt", "wt"); assert(f != NULL); data/codec2-0.9.2/stm32/src/iir_duc.c:344:9: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). f = fopen("iir_duc.txt", "wt"); assert(f != NULL); data/codec2-0.9.2/stm32/src/iir_tuner.c:181:9: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). f = fopen("iir_tuner_s.txt", "wt"); assert(f != NULL); data/codec2-0.9.2/stm32/src/iir_tuner.c:187:9: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). f = fopen("iir_tuner.txt", "wt"); assert(f != NULL); data/codec2-0.9.2/stm32/src/iir_tuner.c:207:9: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). f = fopen("iir_tuner2.txt", "wt"); assert(f != NULL); data/codec2-0.9.2/stm32/src/power_ut.c:46:9: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). #define fopen gdb_stdio_fopen data/codec2-0.9.2/stm32/src/power_ut.c:76:11: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fin = fopen(inputfile, "rb"); data/codec2-0.9.2/stm32/src/sm1000_main.c:1101:16: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char period[6]; data/codec2-0.9.2/stm32/src/sm1000_main.c:1167:16: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char period[6]; data/codec2-0.9.2/stm32/src/sm1000_main.c:1248:16: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char freq[6]; data/codec2-0.9.2/stm32/src/sm1000_main.c:1313:16: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char wpm[5]; data/codec2-0.9.2/stm32/src/sm1000_main.c:1376:16: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char vol[5]; data/codec2-0.9.2/stm32/src/stm32f4_machdep.c:47:8: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char buf[BUF_SZ]; data/codec2-0.9.2/stm32/src/stm32f4_machdep.c:76:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char tmp[80]; data/codec2-0.9.2/stm32/src/stm32f4_usart.c:64:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char s[MAX_FMT_SIZE]; data/codec2-0.9.2/stm32/src/stm32f4_vrom.c:424:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(new_block.data, in, size); data/codec2-0.9.2/stm32/src/stm32f4_vrom.c:501:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(data, block->data, offset); data/codec2-0.9.2/stm32/src/stm32f4_vrom.c:502:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&data[offset], in, block_sz - offset); data/codec2-0.9.2/stm32/src/stm32f4_vrom.c:505:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(data, in, size); data/codec2-0.9.2/stm32/src/stm32f4_vrom.c:506:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&data[size], &(block->data[size]), data/codec2-0.9.2/stm32/src/stm32f4_vrom.c:539:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&data[block_offset], in, data/codec2-0.9.2/stm32/src/stm32f4_vrom.c:618:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(out_ptr, &(block->data[block_offset]), block_sz); data/codec2-0.9.2/stm32/src/stm32f4_vrom.c:631:4: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(out_ptr, block->data, block_sz); data/codec2-0.9.2/stm32/src/tuner_ut.c:54:14: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). ftuner = fopen("tuner.raw", "wb"); data/codec2-0.9.2/stm32/stlink/elfsym.c:32:14: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if((fd = open(file, O_RDWR)) == ERR) { data/codec2-0.9.2/stm32/unittest/src/tst_api_demod.c:101:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char dummy[SPARE_RAM]; data/codec2-0.9.2/stm32/unittest/src/tst_api_demod.c:123:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char config[8]; data/codec2-0.9.2/stm32/unittest/src/tst_api_demod.c:124:13: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). f_cfg = open("stm_cfg.txt", O_RDONLY); data/codec2-0.9.2/stm32/unittest/src/tst_api_demod.c:172:12: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). f_in = open("stm_in.raw", O_RDONLY); data/codec2-0.9.2/stm32/unittest/src/tst_api_demod.c:178:13: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). f_out = open("stm_out.raw", (O_CREAT | O_WRONLY), 0644); data/codec2-0.9.2/stm32/unittest/src/tst_api_mod.c:74:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char tx_str[80]; data/codec2-0.9.2/stm32/unittest/src/tst_api_mod.c:137:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char config[8]; data/codec2-0.9.2/stm32/unittest/src/tst_api_mod.c:138:13: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). f_cfg = open("stm_cfg.txt", O_RDONLY); data/codec2-0.9.2/stm32/unittest/src/tst_api_mod.c:222:5: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(my_cb_state.tx_str, "cq cq cq hello world\r"); data/codec2-0.9.2/stm32/unittest/src/tst_api_mod.c:235:12: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). f_in = open("stm_in.raw", O_RDONLY); data/codec2-0.9.2/stm32/unittest/src/tst_api_mod.c:241:13: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). f_out = open("stm_out.raw", (O_CREAT | O_WRONLY), 0644); data/codec2-0.9.2/stm32/unittest/src/tst_api_mod_700d_profile.c:54:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char tx_str[80]; data/codec2-0.9.2/stm32/unittest/src/tst_api_mod_700d_profile.c:132:5: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(my_cb_state.tx_str, "cq cq cq hello world\r"); data/codec2-0.9.2/stm32/unittest/src/tst_api_tx.c:64:11: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fin = fopen("stm_in.raw", "rb"); data/codec2-0.9.2/stm32/unittest/src/tst_api_tx.c:70:12: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fout = fopen("mod.raw", "wb"); data/codec2-0.9.2/stm32/unittest/src/tst_codec2_dec.c:74:8: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char fin_buffer[1024]; data/codec2-0.9.2/stm32/unittest/src/tst_codec2_dec.c:75:43: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static __attribute__ ((section (".ccm"))) char fout_buffer[4*8192]; data/codec2-0.9.2/stm32/unittest/src/tst_codec2_dec.c:94:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char config[8]; data/codec2-0.9.2/stm32/unittest/src/tst_codec2_dec.c:95:13: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). f_cfg = open("stm_cfg.txt", O_RDONLY); data/codec2-0.9.2/stm32/unittest/src/tst_codec2_dec.c:126:17: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). FILE* fin = fopen("stm_in.raw", "rb"); data/codec2-0.9.2/stm32/unittest/src/tst_codec2_dec.c:133:18: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). FILE *fout = fopen("stm_out.raw", "wb" ); data/codec2-0.9.2/stm32/unittest/src/tst_codec2_enc.c:72:43: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static __attribute__ ((section (".ccm"))) char fin_buffer[8*8192]; data/codec2-0.9.2/stm32/unittest/src/tst_codec2_enc.c:73:1: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char fout_buffer[1024]; data/codec2-0.9.2/stm32/unittest/src/tst_codec2_enc.c:95:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char config[8]; data/codec2-0.9.2/stm32/unittest/src/tst_codec2_enc.c:96:13: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). f_cfg = open("stm_cfg.txt", O_RDONLY); data/codec2-0.9.2/stm32/unittest/src/tst_codec2_enc.c:130:17: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). FILE* fin = fopen("stm_in.raw", "rb"); data/codec2-0.9.2/stm32/unittest/src/tst_codec2_enc.c:137:18: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). FILE* fout = fopen("stm_out.raw", "wb"); data/codec2-0.9.2/stm32/unittest/src/tst_ldpc_dec.c:54:8: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char fin_buffer[1024]; data/codec2-0.9.2/stm32/unittest/src/tst_ldpc_dec.c:55:43: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static __attribute__ ((section (".ccm"))) char fout_buffer[8*8192]; data/codec2-0.9.2/stm32/unittest/src/tst_ldpc_dec.c:91:14: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char ibits[data_bits_per_frame]; data/codec2-0.9.2/stm32/unittest/src/tst_ldpc_dec.c:92:14: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char pbits[NumberParityBits]; data/codec2-0.9.2/stm32/unittest/src/tst_ldpc_dec.c:116:17: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). FILE* fin = fopen("stm_in.raw", "rb"); data/codec2-0.9.2/stm32/unittest/src/tst_ldpc_dec.c:124:12: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fout = fopen("stm_out.raw", "wb"); data/codec2-0.9.2/stm32/unittest/src/tst_ldpc_enc.c:42:43: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static __attribute__ ((section (".ccm"))) char fin_buffer[8*8192]; data/codec2-0.9.2/stm32/unittest/src/tst_ldpc_enc.c:43:1: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char fout_buffer[1024]; data/codec2-0.9.2/stm32/unittest/src/tst_ldpc_enc.c:57:14: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char ibits[HRA_112_112_NUMBERROWSHCOLS]; data/codec2-0.9.2/stm32/unittest/src/tst_ldpc_enc.c:58:14: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char pbits[HRA_112_112_NUMBERPARITYBITS]; data/codec2-0.9.2/stm32/unittest/src/tst_ldpc_enc.c:79:17: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). FILE* fin = fopen("stm_in.raw", "rb"); data/codec2-0.9.2/stm32/unittest/src/tst_ldpc_enc.c:86:18: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). FILE* fout = fopen("stm_out.raw", "wb"); data/codec2-0.9.2/stm32/unittest/src/tst_ofdm_demod.c:94:8: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char fout_buffer[4*4096]; data/codec2-0.9.2/stm32/unittest/src/tst_ofdm_demod.c:95:43: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static __attribute__ ((section (".ccm"))) char fdiag_buffer[4*8192]; data/codec2-0.9.2/stm32/unittest/src/tst_ofdm_demod.c:96:43: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static __attribute__ ((section (".ccm"))) char fin_buffer[4096*8]; data/codec2-0.9.2/stm32/unittest/src/tst_ofdm_demod.c:135:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char config[8]; data/codec2-0.9.2/stm32/unittest/src/tst_ofdm_demod.c:136:12: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fcfg = fopen("stm_cfg.txt", "r"); data/codec2-0.9.2/stm32/unittest/src/tst_ofdm_demod.c:214:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char rx_bits_char[ofdm_bitsperframe]; data/codec2-0.9.2/stm32/unittest/src/tst_ofdm_demod.c:229:17: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). FILE* fin = fopen("stm_in.raw", "rb"); data/codec2-0.9.2/stm32/unittest/src/tst_ofdm_demod.c:237:12: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fout = fopen("stm_out.raw", "wb"); data/codec2-0.9.2/stm32/unittest/src/tst_ofdm_demod.c:244:13: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fdiag = fopen("stm_diag.raw", "wb"); data/codec2-0.9.2/stm32/unittest/src/tst_ofdm_mod.c:104:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char config[8]; data/codec2-0.9.2/stm32/unittest/src/tst_ofdm_mod.c:105:12: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fcfg = fopen("stm_cfg.txt", "r"); data/codec2-0.9.2/stm32/unittest/src/tst_ofdm_mod.c:184:15: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). int sin = open("stm_in.raw", O_RDONLY); data/codec2-0.9.2/stm32/unittest/src/tst_ofdm_mod.c:190:16: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). int sout = open("mod.raw", O_WRONLY|O_TRUNC|O_CREAT, 0666); data/codec2-0.9.2/stm32/unittest/src/tst_semihost.c:27:17: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). FILE *fin = fopen("stm_in.raw", "rb"); data/codec2-0.9.2/stm32/unittest/src/tst_semihost.c:33:18: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). FILE *fout = fopen("stm_out.raw", "wb"); data/codec2-0.9.2/unittest/compare_floats.c:41:16: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). FILE *f1 = fopen(fname1, "rb"); data/codec2-0.9.2/unittest/compare_floats.c:48:16: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). FILE *f2 = fopen(fname2, "rb"); data/codec2-0.9.2/unittest/compare_ints.c:73:25: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). bytes = atoi(optarg); data/codec2-0.9.2/unittest/compare_ints.c:82:35: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). numerrorstoexit = atoi(optarg); data/codec2-0.9.2/unittest/compare_ints.c:100:16: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). FILE *f1 = fopen(fname1, "rb"); data/codec2-0.9.2/unittest/compare_ints.c:107:16: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). FILE *f2 = fopen(fname2, "rb"); data/codec2-0.9.2/unittest/function_trace.c:9:13: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fp_trace = fopen("function_trace.out", "w"); data/codec2-0.9.2/unittest/ofdm_stack.c:80:22: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). frames = atoi(optarg); data/codec2-0.9.2/unittest/tcohpsk.c:182:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&tx_bits_log[COHPSK_BITS_PER_FRAME*f], tx_bits, sizeof(int)*COHPSK_BITS_PER_FRAME); data/codec2-0.9.2/unittest/tcohpsk.c:183:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&tx_fdm_frame_log[COHPSK_M*NSYMROWPILOT*f], tx_fdm_frame, sizeof(COMP)*COHPSK_M*NSYMROWPILOT); data/codec2-0.9.2/unittest/tcohpsk.c:184:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&ch_fdm_frame_log[COHPSK_M*NSYMROWPILOT*f], ch_fdm_frame, sizeof(COMP)*COHPSK_M*NSYMROWPILOT); data/codec2-0.9.2/unittest/tcohpsk.c:237:13: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&rx_bits_log[COHPSK_BITS_PER_FRAME*log_bits], rx_bits, sizeof(int)*COHPSK_BITS_PER_FRAME); data/codec2-0.9.2/unittest/tcohpsk.c:258:12: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fout = fopen("tcohpsk_out.txt","wt"); data/codec2-0.9.2/unittest/tcontphase.c:111:17: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if ((fout = fopen(argv[1],"wb")) == NULL) { data/codec2-0.9.2/unittest/tfdmdv.c:114:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(fdmdv->prev_tx_symbols, tx_symbols, sizeof(COMP)*(FDMDV_NC+1)); data/codec2-0.9.2/unittest/tfdmdv.c:179:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(fdmdv->prev_rx_symbols, rx_symbols, sizeof(COMP)*(FDMDV_NC+1)); data/codec2-0.9.2/unittest/tfdmdv.c:196:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&tx_bits_log[FDMDV_BITS_PER_FRAME*f], tx_bits, sizeof(int)*FDMDV_BITS_PER_FRAME); data/codec2-0.9.2/unittest/tfdmdv.c:197:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&tx_symbols_log[(FDMDV_NC+1)*f], tx_symbols, sizeof(COMP)*(FDMDV_NC+1)); data/codec2-0.9.2/unittest/tfdmdv.c:198:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&tx_fdm_log[M_FAC*f], tx_fdm, sizeof(COMP)*M_FAC); data/codec2-0.9.2/unittest/tfdmdv.c:200:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&pilot_baseband1_log[f*NPILOTBASEBAND], fdmdv->pilot_baseband1, sizeof(COMP)*NPILOTBASEBAND); data/codec2-0.9.2/unittest/tfdmdv.c:201:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&pilot_baseband2_log[f*NPILOTBASEBAND], fdmdv->pilot_baseband2, sizeof(COMP)*NPILOTBASEBAND); data/codec2-0.9.2/unittest/tfdmdv.c:202:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&pilot_lpf1_log[f*NPILOTLPF], fdmdv->pilot_lpf1, sizeof(COMP)*NPILOTLPF); data/codec2-0.9.2/unittest/tfdmdv.c:203:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&pilot_lpf2_log[f*NPILOTLPF], fdmdv->pilot_lpf2, sizeof(COMP)*NPILOTLPF); data/codec2-0.9.2/unittest/tfdmdv.c:204:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&S1_log[f*MPILOTFFT], fdmdv->S1, sizeof(COMP)*MPILOTFFT); data/codec2-0.9.2/unittest/tfdmdv.c:205:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&S2_log[f*MPILOTFFT], fdmdv->S2, sizeof(COMP)*MPILOTFFT); data/codec2-0.9.2/unittest/tfdmdv.c:223:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&env_log[NT*P*f], env, sizeof(float)*NT*P); data/codec2-0.9.2/unittest/tfdmdv.c:234:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&rx_bits_log[FDMDV_BITS_PER_FRAME*f], rx_bits, sizeof(int)*FDMDV_BITS_PER_FRAME); data/codec2-0.9.2/unittest/tfdmdv.c:251:12: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fout = fopen("tfdmdv_out.txt","wt"); data/codec2-0.9.2/unittest/tfmfsk.c:92:14: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). Fs = atoi(argv[2]); data/codec2-0.9.2/unittest/tfmfsk.c:93:14: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). Rs = atoi(argv[3]); data/codec2-0.9.2/unittest/tfmfsk.c:96:15: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fin = fopen(argv[4],"r"); data/codec2-0.9.2/unittest/tfmfsk.c:97:16: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fout = fopen(argv[5],"w"); data/codec2-0.9.2/unittest/tfreedv_data_channel.c:163:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(packet, testvec[vector].data, testvec[vector].data_size); data/codec2-0.9.2/unittest/tfreedv_data_channel.c:220:18: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char frame[frame_size]; data/codec2-0.9.2/unittest/tfsk.c:104:13: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). M = atoi(argv[2]); data/codec2-0.9.2/unittest/tfsk.c:105:14: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). f1 = atoi(argv[3]); data/codec2-0.9.2/unittest/tfsk.c:106:14: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). fs = atoi(argv[4]); data/codec2-0.9.2/unittest/tfsk.c:107:14: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). Fs = atoi(argv[5]); data/codec2-0.9.2/unittest/tfsk.c:108:14: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). Rs = atoi(argv[6]); data/codec2-0.9.2/unittest/tfsk.c:111:15: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fin = fopen(argv[7],"r"); data/codec2-0.9.2/unittest/tfsk.c:112:16: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fout = fopen(argv[8],"w"); data/codec2-0.9.2/unittest/tnewamp1.c:115:17: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). FILE *fin = fopen(argv[1], "rb"); data/codec2-0.9.2/unittest/tnewamp1.c:281:18: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). FILE *fout = fopen("tnewamp1_out.txt","wt"); data/codec2-0.9.2/unittest/tnlp.c:82:14: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). Fs = atoi(argv[argc+1]); data/codec2-0.9.2/unittest/tnlp.c:105:16: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if ((fin = fopen(argv[1],"rb")) == NULL) { data/codec2-0.9.2/unittest/tnlp.c:112:17: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if ((fout = fopen(argv[2],"wt")) == NULL) { data/codec2-0.9.2/unittest/tofdm.c:172:22: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). opt_Nc = atoi(optarg); data/codec2-0.9.2/unittest/tofdm.c:200:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(ofdm_config_default, ofdm_get_config_param(), sizeof(struct OFDM_CONFIG)); data/codec2-0.9.2/unittest/tofdm.c:301:22: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char ibits[HRA_112_112_NUMBERROWSHCOLS]; data/codec2-0.9.2/unittest/tofdm.c:302:22: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char pbits[HRA_112_112_NUMBERPARITYBITS]; data/codec2-0.9.2/unittest/tofdm.c:338:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&tx_bits_log[ofdm_bitsperframe*f], tx_bits, sizeof(int)*ofdm_bitsperframe); data/codec2-0.9.2/unittest/tofdm.c:339:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&tx_log[ofdm_samplesperframe*f], tx, sizeof(COMP)*ofdm_samplesperframe); data/codec2-0.9.2/unittest/tofdm.c:383:15: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). FILE *fin=fopen("~/codec2-dev/octave/ofdm_test.raw", "rb"); data/codec2-0.9.2/unittest/tofdm.c:496:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&rxbuf_in_log[nin_tot], rxbuf_in, sizeof(COMP)*nin); data/codec2-0.9.2/unittest/tofdm.c:537:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&rx_bits_log[ofdm_bitsperframe*f], rx_bits, sizeof(rx_bits)); data/codec2-0.9.2/unittest/tofdm.c:555:12: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fout = fopen("tofdm_out.txt","wt"); data/codec2-0.9.2/unittest/tprede.c:33:14: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fprede = fopen("prede.txt", "wt"); data/codec2-0.9.2/lpcnet/src/kiss_fft.h:47:33: [1] (free) memalign: On some systems (though not Linux-based systems) an attempt to free() results from memalign() may fail. This may, on a few systems, be exploitable. Also note that memalign() may not check that the boundary parameter is correct (CWE-676). Use posix_memalign instead (defined in POSIX's 1003.1d). Don't switch to valloc(); it is marked as obsolete in BSD 4.3, as legacy in SUSv2, and is no longer defined in SUSv3. In some cases, malloc()'s alignment may be sufficient. #define KISS_FFT_MALLOC(nbytes) memalign(16,nbytes) data/codec2-0.9.2/misc/dvdongle2.c:172:9: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). n = read(fd, data, len); data/codec2-0.9.2/misc/dvdongle2.c:332:6: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). r = read(fd, &data, 1); data/codec2-0.9.2/src/dump.c:255:16: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). assert(strlen(line) < MAX_STR*10); data/codec2-0.9.2/src/dump.c:260:16: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). assert(strlen(line) < MAX_STR*10); data/codec2-0.9.2/src/dump.c:285:16: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). assert(strlen(line) < 4096); data/codec2-0.9.2/src/dump.c:290:16: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). assert(strlen(line) < 4096); data/codec2-0.9.2/src/horus_api.c:256:43: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). hstates->total_payload_bits = strlen(ascii_out)*7; data/codec2-0.9.2/src/modem_probe.c:64:16: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). mod = malloc((strlen(modname)+1)*sizeof(char)); data/codec2-0.9.2/src/modem_probe.c:65:16: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). run = malloc((strlen(runname)+1)*sizeof(char)); data/codec2-0.9.2/src/ofdm_demod.c:109:26: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). char *pn = argv[0] + strlen(argv[0]); data/codec2-0.9.2/src/ofdm_gen_test_bits.c:76:26: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). char *pn = argv[0] + strlen (argv[0]); data/codec2-0.9.2/src/ofdm_mod.c:83:26: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). char *pn = argv[0] + strlen(argv[0]); data/codec2-0.9.2/src/varicode.c:431:12: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). assert(strlen(ascii_in) < length); data/codec2-0.9.2/src/varicode.c:433:20: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). for(i=0; i<strlen(ascii_in); i++) data/codec2-0.9.2/src/varicode.c:437:93: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). n_varicode_bits_out = varicode_encode(varicode, ascii_in, VARICODE_MAX_BITS*length, strlen(ascii_in), code_num); data/codec2-0.9.2/src/varicode.c:455:11: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). len = strlen(ascii_in); data/codec2-0.9.2/src/varicode.c:459:12: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). assert(strlen(ascii_in) < length); data/codec2-0.9.2/src/varicode.c:461:20: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). for(i=0; i<strlen(ascii_in); i++) data/codec2-0.9.2/src/varicode.c:465:93: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). n_varicode_bits_out = varicode_encode(varicode, ascii_in, VARICODE_MAX_BITS*length, strlen(ascii_in), code_num); data/codec2-0.9.2/stm32/src/gdb_stdio.c:66:25: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). gdb_stdio_strlen1 = strlen(str); data/codec2-0.9.2/stm32/src/gdb_stdio.c:80:25: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). gdb_stdio_strlen1 = strlen(str); data/codec2-0.9.2/stm32/src/gdb_stdio.c:89:25: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). gdb_stdio_strlen1 = strlen(file_name); data/codec2-0.9.2/stm32/src/gdb_stdio.c:90:25: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). gdb_stdio_strlen2 = strlen(mode); data/codec2-0.9.2/stm32/src/stm32f4_machdep.c:82:10: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if ((strlen(buf) + strlen(tmp)) < BUF_SZ) data/codec2-0.9.2/stm32/src/stm32f4_machdep.c:82:24: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if ((strlen(buf) + strlen(tmp)) < BUF_SZ) data/codec2-0.9.2/stm32/src/stm32f4_usart.c:56:19: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). for (int i=0; i<strlen(s); i++) { data/codec2-0.9.2/stm32/stlink/elfsym.c:49:9: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). if((read(fd, base_ptr, elf_stats.st_size)) < elf_stats.st_size) { data/codec2-0.9.2/stm32/unittest/src/tst_api_demod.c:129:9: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). if (read(f_cfg, &config[0], 8) != 8) { data/codec2-0.9.2/stm32/unittest/src/tst_api_demod.c:190:20: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). while((nread = read(f_in, demod_in, (sizeof(short) * nin))) == (nin * sizeof(short))) { data/codec2-0.9.2/stm32/unittest/src/tst_api_mod.c:143:9: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). if (read(f_cfg, &config[0], 8) != 8) { data/codec2-0.9.2/stm32/unittest/src/tst_api_mod.c:253:24: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). while ((num_read = read(f_in, speech_in, (sizeof(short) * n_speech_samples))) == data/codec2-0.9.2/stm32/unittest/src/tst_codec2_dec.c:100:9: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). if (read(f_cfg, &config[0], 8) != 8) { data/codec2-0.9.2/stm32/unittest/src/tst_codec2_enc.c:101:9: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). if (read(f_cfg, &config[0], 8) != 8) { data/codec2-0.9.2/stm32/unittest/src/tst_ofdm_mod.c:196:12: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). while (read(sin, tx_bits_char, sizeof(char) * Nbitsperframe) == Nbitsperframe) { ANALYSIS SUMMARY: Hits = 863 Lines analyzed = 527161 in approximately 61.73 seconds (8540 lines/second) Physical Source Lines of Code (SLOC) = 491338 Hits@level = [0] 1720 [1] 35 [2] 700 [3] 31 [4] 96 [5] 1 Hits@level+ = [0+] 2583 [1+] 863 [2+] 828 [3+] 128 [4+] 97 [5+] 1 Hits/KSLOC@level+ = [0+] 5.25707 [1+] 1.75643 [2+] 1.68519 [3+] 0.260513 [4+] 0.19742 [5+] 0.00203526 Dot directories skipped = 1 (--followdotdir overrides) Minimum risk level = 1 Not every hit is necessarily a security vulnerability. There may be other security vulnerabilities; review your code! See 'Secure Programming HOWTO' (https://dwheeler.com/secure-programs) for more information.