Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler.
Number of rules (primarily dangerous function names) in C/C++ ruleset: 223
Examining data/darknet-0.0.0+git20180914.61c9d02e/include/darknet.h
Examining data/darknet-0.0.0+git20180914.61c9d02e/src/shortcut_layer.h
Examining data/darknet-0.0.0+git20180914.61c9d02e/src/gru_layer.c
Examining data/darknet-0.0.0+git20180914.61c9d02e/src/maxpool_layer.c
Examining data/darknet-0.0.0+git20180914.61c9d02e/src/network.h
Examining data/darknet-0.0.0+git20180914.61c9d02e/src/iseg_layer.c
Examining data/darknet-0.0.0+git20180914.61c9d02e/src/utils.h
Examining data/darknet-0.0.0+git20180914.61c9d02e/src/softmax_layer.c
Examining data/darknet-0.0.0+git20180914.61c9d02e/src/gemm.h
Examining data/darknet-0.0.0+git20180914.61c9d02e/src/classifier.h
Examining data/darknet-0.0.0+git20180914.61c9d02e/src/layer.h
Examining data/darknet-0.0.0+git20180914.61c9d02e/src/yolo_layer.c
Examining data/darknet-0.0.0+git20180914.61c9d02e/src/avgpool_layer.h
Examining data/darknet-0.0.0+git20180914.61c9d02e/src/crnn_layer.c
Examining data/darknet-0.0.0+git20180914.61c9d02e/src/cost_layer.c
Examining data/darknet-0.0.0+git20180914.61c9d02e/src/cuda.c
Examining data/darknet-0.0.0+git20180914.61c9d02e/src/activations.c
Examining data/darknet-0.0.0+git20180914.61c9d02e/src/compare.c
Examining data/darknet-0.0.0+git20180914.61c9d02e/src/detection_layer.c
Examining data/darknet-0.0.0+git20180914.61c9d02e/src/normalization_layer.h
Examining data/darknet-0.0.0+git20180914.61c9d02e/src/l2norm_layer.h
Examining data/darknet-0.0.0+git20180914.61c9d02e/src/crop_layer.h
Examining data/darknet-0.0.0+git20180914.61c9d02e/src/upsample_layer.c
Examining data/darknet-0.0.0+git20180914.61c9d02e/src/image.h
Examining data/darknet-0.0.0+git20180914.61c9d02e/src/tree.c
Examining data/darknet-0.0.0+git20180914.61c9d02e/src/blas.c
Examining data/darknet-0.0.0+git20180914.61c9d02e/src/region_layer.c
Examining data/darknet-0.0.0+git20180914.61c9d02e/src/utils.c
Examining data/darknet-0.0.0+git20180914.61c9d02e/src/matrix.c
Examining data/darknet-0.0.0+git20180914.61c9d02e/src/convolutional_layer.c
Examining data/darknet-0.0.0+git20180914.61c9d02e/src/blas.h
Examining data/darknet-0.0.0+git20180914.61c9d02e/src/lstm_layer.c
Examining data/darknet-0.0.0+git20180914.61c9d02e/src/crnn_layer.h
Examining data/darknet-0.0.0+git20180914.61c9d02e/src/network.c
Examining data/darknet-0.0.0+git20180914.61c9d02e/src/parser.h
Examining data/darknet-0.0.0+git20180914.61c9d02e/src/activation_layer.h
Examining data/darknet-0.0.0+git20180914.61c9d02e/src/l2norm_layer.c
Examining data/darknet-0.0.0+git20180914.61c9d02e/src/gru_layer.h
Examining data/darknet-0.0.0+git20180914.61c9d02e/src/softmax_layer.h
Examining data/darknet-0.0.0+git20180914.61c9d02e/src/shortcut_layer.c
Examining data/darknet-0.0.0+git20180914.61c9d02e/src/demo.h
Examining data/darknet-0.0.0+git20180914.61c9d02e/src/tree.h
Examining data/darknet-0.0.0+git20180914.61c9d02e/src/stb_image_write.h
Examining data/darknet-0.0.0+git20180914.61c9d02e/src/lstm_layer.h
Examining data/darknet-0.0.0+git20180914.61c9d02e/src/box.c
Examining data/darknet-0.0.0+git20180914.61c9d02e/src/batchnorm_layer.c
Examining data/darknet-0.0.0+git20180914.61c9d02e/src/rnn_layer.c
Examining data/darknet-0.0.0+git20180914.61c9d02e/src/batchnorm_layer.h
Examining data/darknet-0.0.0+git20180914.61c9d02e/src/logistic_layer.h
Examining data/darknet-0.0.0+git20180914.61c9d02e/src/region_layer.h
Examining data/darknet-0.0.0+git20180914.61c9d02e/src/layer.c
Examining data/darknet-0.0.0+git20180914.61c9d02e/src/maxpool_layer.h
Examining data/darknet-0.0.0+git20180914.61c9d02e/src/local_layer.c
Examining data/darknet-0.0.0+git20180914.61c9d02e/src/activations.h
Examining data/darknet-0.0.0+git20180914.61c9d02e/src/data.h
Examining data/darknet-0.0.0+git20180914.61c9d02e/src/im2col.c
Examining data/darknet-0.0.0+git20180914.61c9d02e/src/col2im.c
Examining data/darknet-0.0.0+git20180914.61c9d02e/src/deconvolutional_layer.h
Examining data/darknet-0.0.0+git20180914.61c9d02e/src/route_layer.h
Examining data/darknet-0.0.0+git20180914.61c9d02e/src/crop_layer.c
Examining data/darknet-0.0.0+git20180914.61c9d02e/src/logistic_layer.c
Examining data/darknet-0.0.0+git20180914.61c9d02e/src/avgpool_layer.c
Examining data/darknet-0.0.0+git20180914.61c9d02e/src/option_list.c
Examining data/darknet-0.0.0+git20180914.61c9d02e/src/deconvolutional_layer.c
Examining data/darknet-0.0.0+git20180914.61c9d02e/src/gemm.c
Examining data/darknet-0.0.0+git20180914.61c9d02e/src/cost_layer.h
Examining data/darknet-0.0.0+git20180914.61c9d02e/src/activation_layer.c
Examining data/darknet-0.0.0+git20180914.61c9d02e/src/parser.c
Examining data/darknet-0.0.0+git20180914.61c9d02e/src/cuda.h
Examining data/darknet-0.0.0+git20180914.61c9d02e/src/dropout_layer.c
Examining data/darknet-0.0.0+git20180914.61c9d02e/src/detection_layer.h
Examining data/darknet-0.0.0+git20180914.61c9d02e/src/convolutional_layer.h
Examining data/darknet-0.0.0+git20180914.61c9d02e/src/data.c
Examining data/darknet-0.0.0+git20180914.61c9d02e/src/local_layer.h
Examining data/darknet-0.0.0+git20180914.61c9d02e/src/im2col.h
Examining data/darknet-0.0.0+git20180914.61c9d02e/src/route_layer.c
Examining data/darknet-0.0.0+git20180914.61c9d02e/src/upsample_layer.h
Examining data/darknet-0.0.0+git20180914.61c9d02e/src/stb_image.h
Examining data/darknet-0.0.0+git20180914.61c9d02e/src/demo.c
Examining data/darknet-0.0.0+git20180914.61c9d02e/src/dropout_layer.h
Examining data/darknet-0.0.0+git20180914.61c9d02e/src/reorg_layer.h
Examining data/darknet-0.0.0+git20180914.61c9d02e/src/list.h
Examining data/darknet-0.0.0+git20180914.61c9d02e/src/yolo_layer.h
Examining data/darknet-0.0.0+git20180914.61c9d02e/src/box.h
Examining data/darknet-0.0.0+git20180914.61c9d02e/src/col2im.h
Examining data/darknet-0.0.0+git20180914.61c9d02e/src/normalization_layer.c
Examining data/darknet-0.0.0+git20180914.61c9d02e/src/connected_layer.c
Examining data/darknet-0.0.0+git20180914.61c9d02e/src/connected_layer.h
Examining data/darknet-0.0.0+git20180914.61c9d02e/src/list.c
Examining data/darknet-0.0.0+git20180914.61c9d02e/src/matrix.h
Examining data/darknet-0.0.0+git20180914.61c9d02e/src/iseg_layer.h
Examining data/darknet-0.0.0+git20180914.61c9d02e/src/option_list.h
Examining data/darknet-0.0.0+git20180914.61c9d02e/src/reorg_layer.c
Examining data/darknet-0.0.0+git20180914.61c9d02e/src/rnn_layer.h
Examining data/darknet-0.0.0+git20180914.61c9d02e/src/image.c
Examining data/darknet-0.0.0+git20180914.61c9d02e/src/image_opencv.cpp
Examining data/darknet-0.0.0+git20180914.61c9d02e/examples/detector.c
Examining data/darknet-0.0.0+git20180914.61c9d02e/examples/art.c
Examining data/darknet-0.0.0+git20180914.61c9d02e/examples/segmenter.c
Examining data/darknet-0.0.0+git20180914.61c9d02e/examples/regressor.c
Examining data/darknet-0.0.0+git20180914.61c9d02e/examples/tag.c
Examining data/darknet-0.0.0+git20180914.61c9d02e/examples/writing.c
Examining data/darknet-0.0.0+git20180914.61c9d02e/examples/dice.c
Examining data/darknet-0.0.0+git20180914.61c9d02e/examples/darknet.c
Examining data/darknet-0.0.0+git20180914.61c9d02e/examples/classifier.c
Examining data/darknet-0.0.0+git20180914.61c9d02e/examples/instance-segmenter.c
Examining data/darknet-0.0.0+git20180914.61c9d02e/examples/nightmare.c
Examining data/darknet-0.0.0+git20180914.61c9d02e/examples/voxel.c
Examining data/darknet-0.0.0+git20180914.61c9d02e/examples/rnn.c
Examining data/darknet-0.0.0+git20180914.61c9d02e/examples/swag.c
Examining data/darknet-0.0.0+git20180914.61c9d02e/examples/attention.c
Examining data/darknet-0.0.0+git20180914.61c9d02e/examples/super.c
Examining data/darknet-0.0.0+git20180914.61c9d02e/examples/cifar.c
Examining data/darknet-0.0.0+git20180914.61c9d02e/examples/captcha.c
Examining data/darknet-0.0.0+git20180914.61c9d02e/examples/coco.c
Examining data/darknet-0.0.0+git20180914.61c9d02e/examples/go.c
Examining data/darknet-0.0.0+git20180914.61c9d02e/examples/rnn_vid.c
Examining data/darknet-0.0.0+git20180914.61c9d02e/examples/lsd.c
Examining data/darknet-0.0.0+git20180914.61c9d02e/examples/yolo.c
FINAL RESULTS:
data/darknet-0.0.0+git20180914.61c9d02e/examples/attention.c:212:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buff, "%s/%s_%d.weights",backup_directory,base, epoch);
data/darknet-0.0.0+git20180914.61c9d02e/examples/attention.c:217:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buff, "%s/%s.backup",backup_directory,base);
data/darknet-0.0.0+git20180914.61c9d02e/examples/attention.c:222:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buff, "%s/%s.weights", backup_directory, base);
data/darknet-0.0.0+git20180914.61c9d02e/examples/captcha.c:87:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buff, "/home/pjreddie/imagenet_backup/%s_%d.weights",base, i);
data/darknet-0.0.0+git20180914.61c9d02e/examples/cifar.c:29:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buff, "%s/%s_%d.weights",backup_directory,base, epoch);
data/darknet-0.0.0+git20180914.61c9d02e/examples/cifar.c:34:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buff, "%s/%s.backup",backup_directory,base);
data/darknet-0.0.0+git20180914.61c9d02e/examples/cifar.c:39:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buff, "%s/%s.weights", backup_directory, base);
data/darknet-0.0.0+git20180914.61c9d02e/examples/cifar.c:82:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buff, "%s/%s_%d.weights",backup_directory,base, epoch);
data/darknet-0.0.0+git20180914.61c9d02e/examples/cifar.c:87:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buff, "%s/%s.backup",backup_directory,base);
data/darknet-0.0.0+git20180914.61c9d02e/examples/cifar.c:92:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buff, "%s/%s.weights", backup_directory, base);
data/darknet-0.0.0+git20180914.61c9d02e/examples/cifar.c:159:9: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buff, "data/cifar/train/%d_%s",i,labels[class]);
data/darknet-0.0.0+git20180914.61c9d02e/examples/cifar.c:166:9: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buff, "data/cifar/test/%d_%s",i,labels[class]);
data/darknet-0.0.0+git20180914.61c9d02e/examples/classifier.c:149:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buff, "%s/%s_%d.weights",backup_directory,base, epoch);
data/darknet-0.0.0+git20180914.61c9d02e/examples/classifier.c:154:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buff, "%s/%s.backup",backup_directory,base);
data/darknet-0.0.0+git20180914.61c9d02e/examples/classifier.c:159:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buff, "%s/%s.weights", backup_directory, base);
data/darknet-0.0.0+git20180914.61c9d02e/examples/classifier.c:1040:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buff, "%3.1f%%: %s\n", predictions[index]*100, names[index]);
data/darknet-0.0.0+git20180914.61c9d02e/examples/coco.c:82:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buff, "%s/%s_%d.weights", backup_directory, base, i);
data/darknet-0.0.0+git20180914.61c9d02e/examples/coco.c:87:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buff, "%s/%s.backup", backup_directory, base);
data/darknet-0.0.0+git20180914.61c9d02e/examples/coco.c:93:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buff, "%s/%s_final.weights", backup_directory, base);
data/darknet-0.0.0+git20180914.61c9d02e/examples/darknet.c:388:9: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buff, "%s/gen_%d", prefix, z);
data/darknet-0.0.0+git20180914.61c9d02e/examples/detector.c:135:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buff, "%s/%s.backup", backup_directory, base);
data/darknet-0.0.0+git20180914.61c9d02e/examples/detector.c:143:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buff, "%s/%s_%d.weights", backup_directory, base, i);
data/darknet-0.0.0+git20180914.61c9d02e/examples/detector.c:152:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buff, "%s/%s_final.weights", backup_directory, base);
data/darknet-0.0.0+git20180914.61c9d02e/examples/dice.c:39:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buff, "%s/%s_%d.weights",backup_directory,base, i);
data/darknet-0.0.0+git20180914.61c9d02e/examples/go.c:190:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buff, "%s/%s_%d.weights", backup_directory,base, epoch);
data/darknet-0.0.0+git20180914.61c9d02e/examples/go.c:196:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buff, "%s/%s.backup",backup_directory,base);
data/darknet-0.0.0+git20180914.61c9d02e/examples/go.c:201:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buff, "%s/%s_%ld.backup",backup_directory,base,get_current_batch(net));
data/darknet-0.0.0+git20180914.61c9d02e/examples/go.c:205:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buff, "%s/%s.weights", backup_directory, base);
data/darknet-0.0.0+git20180914.61c9d02e/examples/go.c:844:9: [4] (buffer) scanf:
The scanf() family's %s operation, without a limit specification, permits
buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
different input function.
scanf("%s", buff);
data/darknet-0.0.0+git20180914.61c9d02e/examples/go.c:867:13: [4] (buffer) scanf:
The scanf() family's %s operation, without a limit specification, permits
buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
different input function.
scanf("%s %d %d", color, &time, &stones);
data/darknet-0.0.0+git20180914.61c9d02e/examples/go.c:884:13: [4] (buffer) scanf:
The scanf() family's %s operation, without a limit specification, permits
buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
different input function.
scanf("%s", comm);
data/darknet-0.0.0+git20180914.61c9d02e/examples/go.c:949:17: [4] (buffer) scanf:
The scanf() family's %s operation, without a limit specification, permits
buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
different input function.
scanf("%s ", color);
data/darknet-0.0.0+git20180914.61c9d02e/examples/go.c:995:17: [4] (buffer) scanf:
The scanf() family's %s operation, without a limit specification, permits
buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
different input function.
scanf("%s", color);
data/darknet-0.0.0+git20180914.61c9d02e/examples/go.c:1043:13: [4] (buffer) scanf:
The scanf() family's %s operation, without a limit specification, permits
buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
different input function.
scanf("%s", type);
data/darknet-0.0.0+git20180914.61c9d02e/examples/go.c:1053:27: [4] (shell) popen:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
FILE *p = popen("./gnugo --mode gtp < game.txt", "r");
data/darknet-0.0.0+git20180914.61c9d02e/examples/go.c:1068:13: [4] (buffer) scanf:
The scanf() family's %s operation, without a limit specification, permits
buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
different input function.
scanf("%s", type);
data/darknet-0.0.0+git20180914.61c9d02e/examples/go.c:1077:23: [4] (shell) popen:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
FILE *p = popen("./gnugo --mode gtp < game.txt", "r");
data/darknet-0.0.0+git20180914.61c9d02e/examples/go.c:1194:15: [4] (shell) popen:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
FILE *p = popen("./gnugo --mode gtp < game.txt", "r");
data/darknet-0.0.0+git20180914.61c9d02e/examples/instance-segmenter.c:124:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buff, "%s/%s_%d.weights",backup_directory,base, epoch);
data/darknet-0.0.0+git20180914.61c9d02e/examples/instance-segmenter.c:129:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buff, "%s/%s.backup",backup_directory,base);
data/darknet-0.0.0+git20180914.61c9d02e/examples/instance-segmenter.c:134:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buff, "%s/%s.weights", backup_directory, base);
data/darknet-0.0.0+git20180914.61c9d02e/examples/lsd.c:653:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buff, "%s/%s_%d.weights", backup_directory, base, i);
data/darknet-0.0.0+git20180914.61c9d02e/examples/lsd.c:655:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buff, "%s/%s_%d.weights", backup_directory, abase, i);
data/darknet-0.0.0+git20180914.61c9d02e/examples/lsd.c:660:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buff, "%s/%s.backup", backup_directory, base);
data/darknet-0.0.0+git20180914.61c9d02e/examples/lsd.c:662:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buff, "%s/%s.backup", backup_directory, abase);
data/darknet-0.0.0+git20180914.61c9d02e/examples/lsd.c:667:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buff, "%s/%s_final.weights", backup_directory, base);
data/darknet-0.0.0+git20180914.61c9d02e/examples/lsd.c:847:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buff, "%s/%s_%d.weights", backup_directory, base, i);
data/darknet-0.0.0+git20180914.61c9d02e/examples/lsd.c:849:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buff, "%s/%s_%d.weights", backup_directory, abase, i);
data/darknet-0.0.0+git20180914.61c9d02e/examples/lsd.c:854:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buff, "%s/%s.backup", backup_directory, base);
data/darknet-0.0.0+git20180914.61c9d02e/examples/lsd.c:856:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buff, "%s/%s.backup", backup_directory, abase);
data/darknet-0.0.0+git20180914.61c9d02e/examples/lsd.c:861:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buff, "%s/%s_final.weights", backup_directory, base);
data/darknet-0.0.0+git20180914.61c9d02e/examples/lsd.c:1018:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buff, "%s/%s_%d.weights", backup_directory, base, i);
data/darknet-0.0.0+git20180914.61c9d02e/examples/lsd.c:1020:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buff, "%s/%s_%d.weights", backup_directory, abase, i);
data/darknet-0.0.0+git20180914.61c9d02e/examples/lsd.c:1025:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buff, "%s/%s.backup", backup_directory, base);
data/darknet-0.0.0+git20180914.61c9d02e/examples/lsd.c:1027:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buff, "%s/%s.backup", backup_directory, abase);
data/darknet-0.0.0+git20180914.61c9d02e/examples/lsd.c:1032:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buff, "%s/%s_final.weights", backup_directory, base);
data/darknet-0.0.0+git20180914.61c9d02e/examples/nightmare.c:394:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buff, "%s/%s_%s_%d_%06d",prefix, imbase, cfgbase, max_layer, e);
data/darknet-0.0.0+git20180914.61c9d02e/examples/nightmare.c:396:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buff, "%s_%s_%d_%06d",imbase, cfgbase, max_layer, e);
data/darknet-0.0.0+git20180914.61c9d02e/examples/regressor.c:97:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buff, "%s/%s_%d.weights",backup_directory,base, epoch);
data/darknet-0.0.0+git20180914.61c9d02e/examples/regressor.c:102:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buff, "%s/%s.backup",backup_directory,base);
data/darknet-0.0.0+git20180914.61c9d02e/examples/regressor.c:107:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buff, "%s/%s.weights", backup_directory, base);
data/darknet-0.0.0+git20180914.61c9d02e/examples/rnn.c:223:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buff, "%s/%s_%d.weights", backup_directory, base, i);
data/darknet-0.0.0+git20180914.61c9d02e/examples/rnn.c:228:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buff, "%s/%s.backup", backup_directory, base);
data/darknet-0.0.0+git20180914.61c9d02e/examples/rnn.c:233:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buff, "%s/%s_final.weights", backup_directory, base);
data/darknet-0.0.0+git20180914.61c9d02e/examples/rnn_vid.c:114:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buff, "%s/%s_%d.weights", backup_directory, base, i);
data/darknet-0.0.0+git20180914.61c9d02e/examples/rnn_vid.c:119:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buff, "%s/%s.backup", backup_directory, base);
data/darknet-0.0.0+git20180914.61c9d02e/examples/rnn_vid.c:124:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buff, "%s/%s_final.weights", backup_directory, base);
data/darknet-0.0.0+git20180914.61c9d02e/examples/rnn_vid.c:141:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buff, "%s%d", name, i);
data/darknet-0.0.0+git20180914.61c9d02e/examples/segmenter.c:112:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buff, "%s/%s_%d.weights",backup_directory,base, epoch);
data/darknet-0.0.0+git20180914.61c9d02e/examples/segmenter.c:117:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buff, "%s/%s.backup",backup_directory,base);
data/darknet-0.0.0+git20180914.61c9d02e/examples/segmenter.c:122:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buff, "%s/%s.weights", backup_directory, base);
data/darknet-0.0.0+git20180914.61c9d02e/examples/super.c:52:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buff, "%s/%s_%d.weights", backup_directory, base, i);
data/darknet-0.0.0+git20180914.61c9d02e/examples/super.c:57:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buff, "%s/%s.backup", backup_directory, base);
data/darknet-0.0.0+git20180914.61c9d02e/examples/super.c:63:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buff, "%s/%s_final.weights", backup_directory, base);
data/darknet-0.0.0+git20180914.61c9d02e/examples/swag.c:63:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buff, "%s/%s_%d.weights", backup_directory, base, i);
data/darknet-0.0.0+git20180914.61c9d02e/examples/swag.c:69:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buff, "%s/%s_final.weights", backup_directory, base);
data/darknet-0.0.0+git20180914.61c9d02e/examples/tag.c:62:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buff, "%s/%s_%d.weights",backup_directory,base, epoch);
data/darknet-0.0.0+git20180914.61c9d02e/examples/tag.c:67:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buff, "%s/%s.backup",backup_directory,base);
data/darknet-0.0.0+git20180914.61c9d02e/examples/tag.c:72:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buff, "%s/%s.weights", backup_directory, base);
data/darknet-0.0.0+git20180914.61c9d02e/examples/voxel.c:23:9: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buff, "%s_%05d_l", prefix, count);
data/darknet-0.0.0+git20180914.61c9d02e/examples/voxel.c:25:9: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buff, "%s_%05d_r", prefix, count);
data/darknet-0.0.0+git20180914.61c9d02e/examples/voxel.c:91:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buff, "%s/%s_%d.weights", backup_directory, base, i);
data/darknet-0.0.0+git20180914.61c9d02e/examples/voxel.c:96:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buff, "%s/%s.backup", backup_directory, base);
data/darknet-0.0.0+git20180914.61c9d02e/examples/voxel.c:102:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buff, "%s/%s_final.weights", backup_directory, base);
data/darknet-0.0.0+git20180914.61c9d02e/examples/writing.c:70:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buff, "%s/%s_batch_%ld.weights", backup_directory, base, get_current_batch(net));
data/darknet-0.0.0+git20180914.61c9d02e/examples/writing.c:76:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buff, "%s/%s_%d.weights",backup_directory,base, epoch);
data/darknet-0.0.0+git20180914.61c9d02e/examples/yolo.c:67:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buff, "%s/%s_%d.weights", backup_directory, base, i);
data/darknet-0.0.0+git20180914.61c9d02e/examples/yolo.c:73:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buff, "%s/%s_final.weights", backup_directory, base);
data/darknet-0.0.0+git20180914.61c9d02e/src/compare.c:61:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buff, "%s/%s_%d_minor_%d.weights",backup_directory,base, epoch, i);
data/darknet-0.0.0+git20180914.61c9d02e/src/compare.c:68:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buff, "%s/%s_%d.weights",backup_directory,base, epoch);
data/darknet-0.0.0+git20180914.61c9d02e/src/convolutional_layer.c:616:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buff, "%s: Output", window);
data/darknet-0.0.0+git20180914.61c9d02e/src/data.c:379:12: [4] (buffer) fscanf:
The scanf() family's %s operation, without a limit specification, permits
buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
different input function.
while((fscanf(file, "%d %s", &id, buff) == 2) && i < num_boxes){
data/darknet-0.0.0+git20180914.61c9d02e/src/data.c:416:12: [4] (buffer) fscanf:
The scanf() family's %s operation, without a limit specification, permits
buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
different input function.
while((fscanf(file, "%d %s", &id, buff) == 2) && i < num_boxes){
data/darknet-0.0.0+git20180914.61c9d02e/src/data.c:690:11: [4] (buffer) fscanf:
The scanf() family's %s operation, without a limit specification, permits
buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
different input function.
while(fscanf(file, "%d %s", &id, buff) == 2){
data/darknet-0.0.0+git20180914.61c9d02e/src/data.c:721:11: [4] (buffer) fscanf:
The scanf() family's %s operation, without a limit specification, permits
buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
different input function.
while(fscanf(file, "%d %s", &id, buff) == 2){
data/darknet-0.0.0+git20180914.61c9d02e/src/demo.c:245:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(name, "%s_%08d", prefix, count);
data/darknet-0.0.0+git20180914.61c9d02e/src/image.c:249:21: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(labelstr, names[j]);
data/darknet-0.0.0+git20180914.61c9d02e/src/image.c:253:21: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(labelstr, names[j]);
data/darknet-0.0.0+git20180914.61c9d02e/src/image.c:553:24: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
if(f == PNG) sprintf(buff, "%s.png", name);
data/darknet-0.0.0+git20180914.61c9d02e/src/image.c:554:24: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
else if (f == BMP) sprintf(buff, "%s.bmp", name);
data/darknet-0.0.0+git20180914.61c9d02e/src/image.c:555:24: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
else if (f == TGA) sprintf(buff, "%s.tga", name);
data/darknet-0.0.0+git20180914.61c9d02e/src/image.c:556:24: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
else if (f == JPG) sprintf(buff, "%s.jpg", name);
data/darknet-0.0.0+git20180914.61c9d02e/src/image.c:557:24: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
else sprintf(buff, "%s.png", name);
data/darknet-0.0.0+git20180914.61c9d02e/src/image.c:584:9: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buff, "%s - Layer %d", name, i);
data/darknet-0.0.0+git20180914.61c9d02e/src/image_opencv.cpp:88:9: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buff, "echo %s >> bad.list", filename);
data/darknet-0.0.0+git20180914.61c9d02e/src/image_opencv.cpp:89:9: [4] (shell) system:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
system(buff);
data/darknet-0.0.0+git20180914.61c9d02e/src/tree.c:96:9: [4] (buffer) sscanf:
The scanf() family's %s operation, without a limit specification, permits
buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
different input function.
sscanf(line, "%s %d", id, &parent);
data/darknet-0.0.0+git20180914.61c9d02e/src/utils.c:221:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buffer, "%s", str);
data/darknet-0.0.0+git20180914.61c9d02e/src/utils.c:223:9: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(output, "%s", str);
data/darknet-0.0.0+git20180914.61c9d02e/src/utils.c:229:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(output, "%s%s%s", buffer, rep, p+strlen(orig));
data/darknet-0.0.0+git20180914.61c9d02e/examples/art.c:11:5: [3] (random) srand:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
srand(2222222);
data/darknet-0.0.0+git20180914.61c9d02e/examples/attention.c:65:5: [3] (random) srand:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
srand(time(0));
data/darknet-0.0.0+git20180914.61c9d02e/examples/attention.c:68:9: [3] (random) srand:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
srand(seed);
data/darknet-0.0.0+git20180914.61c9d02e/examples/attention.c:75:5: [3] (random) srand:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
srand(time(0));
data/darknet-0.0.0+git20180914.61c9d02e/examples/attention.c:238:5: [3] (random) srand:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
srand(time(0));
data/darknet-0.0.0+git20180914.61c9d02e/examples/attention.c:326:5: [3] (random) srand:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
srand(time(0));
data/darknet-0.0.0+git20180914.61c9d02e/examples/attention.c:386:5: [3] (random) srand:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
srand(2222222);
data/darknet-0.0.0+git20180914.61c9d02e/examples/captcha.c:29:5: [3] (random) srand:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
srand(time(0));
data/darknet-0.0.0+git20180914.61c9d02e/examples/captcha.c:97:5: [3] (random) srand:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
srand(2222222);
data/darknet-0.0.0+git20180914.61c9d02e/examples/captcha.c:140:5: [3] (random) srand:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
srand(2222222);
data/darknet-0.0.0+git20180914.61c9d02e/examples/cifar.c:5:5: [3] (random) srand:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
srand(time(0));
data/darknet-0.0.0+git20180914.61c9d02e/examples/cifar.c:50:5: [3] (random) srand:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
srand(time(0));
data/darknet-0.0.0+git20180914.61c9d02e/examples/cifar.c:105:5: [3] (random) srand:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
srand(time(0));
data/darknet-0.0.0+git20180914.61c9d02e/examples/cifar.c:133:5: [3] (random) srand:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
srand(time(0));
data/darknet-0.0.0+git20180914.61c9d02e/examples/cifar.c:174:5: [3] (random) srand:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
srand(time(0));
data/darknet-0.0.0+git20180914.61c9d02e/examples/cifar.c:198:5: [3] (random) srand:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
srand(time(0));
data/darknet-0.0.0+git20180914.61c9d02e/examples/classifier.c:28:5: [3] (random) srand:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
srand(time(0));
data/darknet-0.0.0+git20180914.61c9d02e/examples/classifier.c:31:9: [3] (random) srand:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
srand(seed);
data/darknet-0.0.0+git20180914.61c9d02e/examples/classifier.c:38:5: [3] (random) srand:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
srand(time(0));
data/darknet-0.0.0+git20180914.61c9d02e/examples/classifier.c:100:17: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
if(net->random && count++%40 == 0){
data/darknet-0.0.0+git20180914.61c9d02e/examples/classifier.c:174:5: [3] (random) srand:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
srand(time(0));
data/darknet-0.0.0+git20180914.61c9d02e/examples/classifier.c:239:5: [3] (random) srand:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
srand(time(0));
data/darknet-0.0.0+git20180914.61c9d02e/examples/classifier.c:308:5: [3] (random) srand:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
srand(time(0));
data/darknet-0.0.0+git20180914.61c9d02e/examples/classifier.c:366:5: [3] (random) srand:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
srand(time(0));
data/darknet-0.0.0+git20180914.61c9d02e/examples/classifier.c:425:5: [3] (random) srand:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
srand(time(0));
data/darknet-0.0.0+git20180914.61c9d02e/examples/classifier.c:486:5: [3] (random) srand:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
srand(2222222);
data/darknet-0.0.0+git20180914.61c9d02e/examples/classifier.c:564:5: [3] (random) srand:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
srand(2222222);
data/darknet-0.0.0+git20180914.61c9d02e/examples/classifier.c:619:5: [3] (random) srand:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
srand(time(0));
data/darknet-0.0.0+git20180914.61c9d02e/examples/classifier.c:653:5: [3] (random) srand:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
srand(time(0));
data/darknet-0.0.0+git20180914.61c9d02e/examples/classifier.c:693:5: [3] (random) srand:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
srand(time(0));
data/darknet-0.0.0+git20180914.61c9d02e/examples/classifier.c:763:5: [3] (random) srand:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
srand(time(0));
data/darknet-0.0.0+git20180914.61c9d02e/examples/classifier.c:808:5: [3] (random) srand:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
srand(2222222);
data/darknet-0.0.0+git20180914.61c9d02e/examples/classifier.c:930:5: [3] (random) srand:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
srand(2222222);
data/darknet-0.0.0+git20180914.61c9d02e/examples/classifier.c:996:5: [3] (random) srand:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
srand(2222222);
data/darknet-0.0.0+git20180914.61c9d02e/examples/coco.c:16:5: [3] (random) srand:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
srand(time(0));
data/darknet-0.0.0+git20180914.61c9d02e/examples/coco.c:133:5: [3] (random) srand:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
srand(time(0));
data/darknet-0.0.0+git20180914.61c9d02e/examples/coco.c:217:5: [3] (random) srand:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
srand(time(0));
data/darknet-0.0.0+git20180914.61c9d02e/examples/coco.c:300:5: [3] (random) srand:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
srand(2222222);
data/darknet-0.0.0+git20180914.61c9d02e/examples/detector.c:12:5: [3] (random) srand:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
srand(time(0));
data/darknet-0.0.0+git20180914.61c9d02e/examples/detector.c:18:5: [3] (random) srand:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
srand(time(0));
data/darknet-0.0.0+git20180914.61c9d02e/examples/detector.c:22:9: [3] (random) srand:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
srand(seed);
data/darknet-0.0.0+git20180914.61c9d02e/examples/detector.c:29:5: [3] (random) srand:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
srand(time(0));
data/darknet-0.0.0+git20180914.61c9d02e/examples/detector.c:63:14: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
if(l.random && count++%10 == 0){
data/darknet-0.0.0+git20180914.61c9d02e/examples/detector.c:249:5: [3] (random) srand:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
srand(time(0));
data/darknet-0.0.0+git20180914.61c9d02e/examples/detector.c:379:5: [3] (random) srand:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
srand(time(0));
data/darknet-0.0.0+git20180914.61c9d02e/examples/detector.c:494:5: [3] (random) srand:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
srand(time(0));
data/darknet-0.0.0+git20180914.61c9d02e/examples/detector.c:571:5: [3] (random) srand:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
srand(2222222);
data/darknet-0.0.0+git20180914.61c9d02e/examples/dice.c:7:5: [3] (random) srand:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
srand(time(0));
data/darknet-0.0.0+git20180914.61c9d02e/examples/dice.c:51:5: [3] (random) srand:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
srand(time(0));
data/darknet-0.0.0+git20180914.61c9d02e/examples/dice.c:73:5: [3] (random) srand:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
srand(2222222);
data/darknet-0.0.0+git20180914.61c9d02e/examples/go.c:143:5: [3] (random) srand:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
srand(time(0));
data/darknet-0.0.0+git20180914.61c9d02e/examples/go.c:146:9: [3] (random) srand:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
srand(seed);
data/darknet-0.0.0+git20180914.61c9d02e/examples/go.c:735:5: [3] (random) srand:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
srand(time(0));
data/darknet-0.0.0+git20180914.61c9d02e/examples/go.c:818:5: [3] (random) srand:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
srand(time(0));
data/darknet-0.0.0+git20180914.61c9d02e/examples/go.c:1103:5: [3] (random) srand:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
srand(time(0));
data/darknet-0.0.0+git20180914.61c9d02e/examples/go.c:1230:5: [3] (random) srand:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
srand(time(0));
data/darknet-0.0.0+git20180914.61c9d02e/examples/instance-segmenter.c:16:5: [3] (random) srand:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
srand(time(0));
data/darknet-0.0.0+git20180914.61c9d02e/examples/instance-segmenter.c:19:9: [3] (random) srand:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
srand(seed);
data/darknet-0.0.0+git20180914.61c9d02e/examples/instance-segmenter.c:26:5: [3] (random) srand:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
srand(time(0));
data/darknet-0.0.0+git20180914.61c9d02e/examples/instance-segmenter.c:147:5: [3] (random) srand:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
srand(2222222);
data/darknet-0.0.0+git20180914.61c9d02e/examples/instance-segmenter.c:189:5: [3] (random) srand:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
srand(2222222);
data/darknet-0.0.0+git20180914.61c9d02e/examples/lsd.c:415:5: [3] (random) srand:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
srand(2222222);
data/darknet-0.0.0+git20180914.61c9d02e/examples/lsd.c:473:5: [3] (random) srand:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
srand(2222222);
data/darknet-0.0.0+git20180914.61c9d02e/examples/lsd.c:520:5: [3] (random) srand:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
srand(time(0));
data/darknet-0.0.0+git20180914.61c9d02e/examples/lsd.c:676:5: [3] (random) srand:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
srand(time(0));
data/darknet-0.0.0+git20180914.61c9d02e/examples/lsd.c:873:5: [3] (random) srand:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
srand(time(0));
data/darknet-0.0.0+git20180914.61c9d02e/examples/lsd.c:1298:5: [3] (random) srand:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
srand(2222222);
data/darknet-0.0.0+git20180914.61c9d02e/examples/nightmare.c:290:5: [3] (random) srand:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
srand(0);
data/darknet-0.0.0+git20180914.61c9d02e/examples/regressor.c:15:5: [3] (random) srand:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
srand(time(0));
data/darknet-0.0.0+git20180914.61c9d02e/examples/regressor.c:18:9: [3] (random) srand:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
srand(seed);
data/darknet-0.0.0+git20180914.61c9d02e/examples/regressor.c:25:5: [3] (random) srand:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
srand(time(0));
data/darknet-0.0.0+git20180914.61c9d02e/examples/regressor.c:120:5: [3] (random) srand:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
srand(2222222);
data/darknet-0.0.0+git20180914.61c9d02e/examples/regressor.c:157:5: [3] (random) srand:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
srand(2222222);
data/darknet-0.0.0+git20180914.61c9d02e/examples/rnn.c:159:5: [3] (random) srand:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
srand(time(0));
data/darknet-0.0.0+git20180914.61c9d02e/examples/rnn.c:253:5: [3] (random) srand:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
srand(rseed);
data/darknet-0.0.0+git20180914.61c9d02e/examples/rnn.c:307:5: [3] (random) srand:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
srand(rseed);
data/darknet-0.0.0+git20180914.61c9d02e/examples/rnn.c:352:5: [3] (random) srand:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
srand(rseed);
data/darknet-0.0.0+git20180914.61c9d02e/examples/rnn_vid.c:75:5: [3] (random) srand:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
srand(time(0));
data/darknet-0.0.0+git20180914.61c9d02e/examples/segmenter.c:15:5: [3] (random) srand:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
srand(time(0));
data/darknet-0.0.0+git20180914.61c9d02e/examples/segmenter.c:18:9: [3] (random) srand:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
srand(seed);
data/darknet-0.0.0+git20180914.61c9d02e/examples/segmenter.c:25:5: [3] (random) srand:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
srand(time(0));
data/darknet-0.0.0+git20180914.61c9d02e/examples/segmenter.c:135:5: [3] (random) srand:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
srand(2222222);
data/darknet-0.0.0+git20180914.61c9d02e/examples/segmenter.c:177:5: [3] (random) srand:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
srand(2222222);
data/darknet-0.0.0+git20180914.61c9d02e/examples/super.c:7:5: [3] (random) srand:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
srand(time(0));
data/darknet-0.0.0+git20180914.61c9d02e/examples/super.c:71:5: [3] (random) srand:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
srand(2222222);
data/darknet-0.0.0+git20180914.61c9d02e/examples/swag.c:8:5: [3] (random) srand:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
srand(time(0));
data/darknet-0.0.0+git20180914.61c9d02e/examples/tag.c:5:5: [3] (random) srand:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
srand(time(0));
data/darknet-0.0.0+git20180914.61c9d02e/examples/tag.c:87:5: [3] (random) srand:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
srand(2222222);
data/darknet-0.0.0+git20180914.61c9d02e/examples/voxel.c:43:5: [3] (random) srand:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
srand(time(0));
data/darknet-0.0.0+git20180914.61c9d02e/examples/voxel.c:113:5: [3] (random) srand:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
srand(2222222);
data/darknet-0.0.0+git20180914.61c9d02e/examples/writing.c:6:5: [3] (random) srand:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
srand(time(0));
data/darknet-0.0.0+git20180914.61c9d02e/examples/writing.c:89:5: [3] (random) srand:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
srand(2222222);
data/darknet-0.0.0+git20180914.61c9d02e/examples/yolo.c:9:5: [3] (random) srand:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
srand(time(0));
data/darknet-0.0.0+git20180914.61c9d02e/examples/yolo.c:103:5: [3] (random) srand:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
srand(time(0));
data/darknet-0.0.0+git20180914.61c9d02e/examples/yolo.c:187:5: [3] (random) srand:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
srand(time(0));
data/darknet-0.0.0+git20180914.61c9d02e/examples/yolo.c:271:5: [3] (random) srand:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
srand(2222222);
data/darknet-0.0.0+git20180914.61c9d02e/include/darknet.h:191:9: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
int random;
data/darknet-0.0.0+git20180914.61c9d02e/include/darknet.h:475:9: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
int random;
data/darknet-0.0.0+git20180914.61c9d02e/src/compare.c:12:5: [3] (random) srand:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
srand(time(0));
data/darknet-0.0.0+git20180914.61c9d02e/src/compare.c:88:5: [3] (random) srand:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
srand(time(0));
data/darknet-0.0.0+git20180914.61c9d02e/src/compare.c:234:5: [3] (random) srand:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
srand(time(0));
data/darknet-0.0.0+git20180914.61c9d02e/src/compare.c:266:5: [3] (random) srand:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
srand(time(0));
data/darknet-0.0.0+git20180914.61c9d02e/src/demo.c:202:5: [3] (random) srand:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
srand(2222222);
data/darknet-0.0.0+git20180914.61c9d02e/src/detection_layer.c:45:5: [3] (random) srand:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
srand(0);
data/darknet-0.0.0+git20180914.61c9d02e/src/detection_layer.c:143:22: [3] (random) random:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
if(l.random && *(net.seen) < 64000){
data/darknet-0.0.0+git20180914.61c9d02e/src/gemm.c:250:5: [3] (random) srand:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
srand(0);
data/darknet-0.0.0+git20180914.61c9d02e/src/iseg_layer.c:53:5: [3] (random) srand:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
srand(0);
data/darknet-0.0.0+git20180914.61c9d02e/src/region_layer.c:51:5: [3] (random) srand:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
srand(0);
data/darknet-0.0.0+git20180914.61c9d02e/src/yolo_layer.c:58:5: [3] (random) srand:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
srand(0);
data/darknet-0.0.0+git20180914.61c9d02e/examples/attention.c:28:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(X+b*test.X.cols, test.X.vals[i+b], test.X.cols*sizeof(float));
data/darknet-0.0.0+git20180914.61c9d02e/examples/attention.c:29:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(y+b*test.y.cols, test.y.vals[i+b], test.y.cols*sizeof(float));
data/darknet-0.0.0+git20180914.61c9d02e/examples/attention.c:211:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buff[256];
data/darknet-0.0.0+git20180914.61c9d02e/examples/attention.c:216:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buff[256];
data/darknet-0.0.0+git20180914.61c9d02e/examples/attention.c:221:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buff[256];
data/darknet-0.0.0+git20180914.61c9d02e/examples/attention.c:398:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buff[256];
data/darknet-0.0.0+git20180914.61c9d02e/examples/captcha.c:86:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buff[256];
data/darknet-0.0.0+git20180914.61c9d02e/examples/captcha.c:100:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buff[256];
data/darknet-0.0.0+git20180914.61c9d02e/examples/cifar.c:28:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buff[256];
data/darknet-0.0.0+git20180914.61c9d02e/examples/cifar.c:33:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buff[256];
data/darknet-0.0.0+git20180914.61c9d02e/examples/cifar.c:38:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buff[256];
data/darknet-0.0.0+git20180914.61c9d02e/examples/cifar.c:81:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buff[256];
data/darknet-0.0.0+git20180914.61c9d02e/examples/cifar.c:86:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buff[256];
data/darknet-0.0.0+git20180914.61c9d02e/examples/cifar.c:91:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buff[256];
data/darknet-0.0.0+git20180914.61c9d02e/examples/cifar.c:158:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buff[256];
data/darknet-0.0.0+git20180914.61c9d02e/examples/cifar.c:165:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buff[256];
data/darknet-0.0.0+git20180914.61c9d02e/examples/classifier.c:148:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buff[256];
data/darknet-0.0.0+git20180914.61c9d02e/examples/classifier.c:153:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buff[256];
data/darknet-0.0.0+git20180914.61c9d02e/examples/classifier.c:158:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buff[256];
data/darknet-0.0.0+git20180914.61c9d02e/examples/classifier.c:498:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buff[256];
data/darknet-0.0.0+git20180914.61c9d02e/examples/classifier.c:576:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buff[256];
data/darknet-0.0.0+git20180914.61c9d02e/examples/classifier.c:892:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buff[256];
data/darknet-0.0.0+git20180914.61c9d02e/examples/classifier.c:893:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buff, "/home/pjreddie/tmp/threat_%06d", count);
data/darknet-0.0.0+git20180914.61c9d02e/examples/classifier.c:1039:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buff[1024];
data/darknet-0.0.0+git20180914.61c9d02e/examples/classifier.c:1080:27: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
int layer = layer_s ? atoi(layer_s) : -1;
data/darknet-0.0.0+git20180914.61c9d02e/examples/classifier.c:1083:85: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
else if(0==strcmp(argv[2], "try")) try_classifier(data, cfg, weights, filename, atoi(layer_s));
data/darknet-0.0.0+git20180914.61c9d02e/examples/coco.c:81:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buff[256];
data/darknet-0.0.0+git20180914.61c9d02e/examples/coco.c:86:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buff[256];
data/darknet-0.0.0+git20180914.61c9d02e/examples/coco.c:92:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buff[256];
data/darknet-0.0.0+git20180914.61c9d02e/examples/coco.c:125:12: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
return atoi(p+1);
data/darknet-0.0.0+git20180914.61c9d02e/examples/coco.c:144:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buff[1024];
data/darknet-0.0.0+git20180914.61c9d02e/examples/coco.c:146:16: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE *fp = fopen(buff, "w");
data/darknet-0.0.0+git20180914.61c9d02e/examples/coco.c:230:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buff[1024];
data/darknet-0.0.0+git20180914.61c9d02e/examples/coco.c:232:18: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fps[j] = fopen(buff, "w");
data/darknet-0.0.0+git20180914.61c9d02e/examples/coco.c:258:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char labelpath[4096];
data/darknet-0.0.0+git20180914.61c9d02e/examples/coco.c:303:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buff[256];
data/darknet-0.0.0+git20180914.61c9d02e/examples/darknet.c:387:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buff[256];
data/darknet-0.0.0+git20180914.61c9d02e/examples/darknet.c:481:48: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
speed(argv[2], (argc > 3 && argv[3]) ? atoi(argv[3]) : 0);
data/darknet-0.0.0+git20180914.61c9d02e/examples/darknet.c:485:44: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
oneoff2(argv[2], argv[3], argv[4], atoi(argv[5]));
data/darknet-0.0.0+git20180914.61c9d02e/examples/darknet.c:487:41: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
print_weights(argv[2], argv[3], atoi(argv[4]));
data/darknet-0.0.0+git20180914.61c9d02e/examples/darknet.c:489:44: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
partial(argv[2], argv[3], argv[4], atoi(argv[5]));
data/darknet-0.0.0+git20180914.61c9d02e/examples/darknet.c:495:33: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
mkimg(argv[2], argv[3], atoi(argv[4]), atoi(argv[5]), atoi(argv[6]), argv[7]);
data/darknet-0.0.0+git20180914.61c9d02e/examples/darknet.c:495:48: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
mkimg(argv[2], argv[3], atoi(argv[4]), atoi(argv[5]), atoi(argv[6]), argv[7]);
data/darknet-0.0.0+git20180914.61c9d02e/examples/darknet.c:495:63: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
mkimg(argv[2], argv[3], atoi(argv[4]), atoi(argv[5]), atoi(argv[6]), argv[7]);
data/darknet-0.0.0+git20180914.61c9d02e/examples/detector.c:134:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buff[256];
data/darknet-0.0.0+git20180914.61c9d02e/examples/detector.c:142:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buff[256];
data/darknet-0.0.0+git20180914.61c9d02e/examples/detector.c:151:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buff[256];
data/darknet-0.0.0+git20180914.61c9d02e/examples/detector.c:162:12: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
return atoi(p+1);
data/darknet-0.0.0+git20180914.61c9d02e/examples/detector.c:257:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buff[1024];
data/darknet-0.0.0+git20180914.61c9d02e/examples/detector.c:266:14: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fp = fopen(buff, "w");
data/darknet-0.0.0+git20180914.61c9d02e/examples/detector.c:272:14: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fp = fopen(buff, "w");
data/darknet-0.0.0+git20180914.61c9d02e/examples/detector.c:280:22: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fps[j] = fopen(buff, "w");
data/darknet-0.0.0+git20180914.61c9d02e/examples/detector.c:387:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buff[1024];
data/darknet-0.0.0+git20180914.61c9d02e/examples/detector.c:396:14: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fp = fopen(buff, "w");
data/darknet-0.0.0+git20180914.61c9d02e/examples/detector.c:402:14: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fp = fopen(buff, "w");
data/darknet-0.0.0+git20180914.61c9d02e/examples/detector.c:410:22: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fps[j] = fopen(buff, "w");
data/darknet-0.0.0+git20180914.61c9d02e/examples/detector.c:525:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char labelpath[4096];
data/darknet-0.0.0+git20180914.61c9d02e/examples/detector.c:573:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buff[256];
data/darknet-0.0.0+git20180914.61c9d02e/examples/detector.c:816:23: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
gpus[i] = atoi(gpu_list);
data/darknet-0.0.0+git20180914.61c9d02e/examples/dice.c:38:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buff[256];
data/darknet-0.0.0+git20180914.61c9d02e/examples/dice.c:76:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buff[256];
data/darknet-0.0.0+git20180914.61c9d02e/examples/go.c:36:16: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE *fp = fopen(filename, "rb");
data/darknet-0.0.0+git20180914.61c9d02e/examples/go.c:158:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buff[256];
data/darknet-0.0.0+git20180914.61c9d02e/examples/go.c:189:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buff[256];
data/darknet-0.0.0+git20180914.61c9d02e/examples/go.c:195:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buff[256];
data/darknet-0.0.0+git20180914.61c9d02e/examples/go.c:200:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buff[256];
data/darknet-0.0.0+git20180914.61c9d02e/examples/go.c:404:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(in + 19*19*3*j, im.data, 19*19*3*sizeof(float));
data/darknet-0.0.0+git20180914.61c9d02e/examples/go.c:841:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buff[256];
data/darknet-0.0.0+git20180914.61c9d02e/examples/go.c:847:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ids[256];
data/darknet-0.0.0+git20180914.61c9d02e/examples/go.c:848:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(ids, "%d", id);
data/darknet-0.0.0+git20180914.61c9d02e/examples/go.c:865:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char color[256];
data/darknet-0.0.0+git20180914.61c9d02e/examples/go.c:883:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char comm[256];
data/darknet-0.0.0+git20180914.61c9d02e/examples/go.c:946:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char color[256];
data/darknet-0.0.0+git20180914.61c9d02e/examples/go.c:994:17: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char color[256];
data/darknet-0.0.0+git20180914.61c9d02e/examples/go.c:1042:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char type[256];
data/darknet-0.0.0+git20180914.61c9d02e/examples/go.c:1049:27: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE *f = fopen("game.txt", "w");
data/darknet-0.0.0+git20180914.61c9d02e/examples/go.c:1067:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char type[256];
data/darknet-0.0.0+git20180914.61c9d02e/examples/go.c:1073:23: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE *f = fopen("game.txt", "w");
data/darknet-0.0.0+git20180914.61c9d02e/examples/go.c:1190:15: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE *f = fopen("game.txt", "w");
data/darknet-0.0.0+git20180914.61c9d02e/examples/go.c:1231:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char boards[600][93];
data/darknet-0.0.0+git20180914.61c9d02e/examples/go.c:1342:23: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
gpus[i] = atoi(gpu_list);
data/darknet-0.0.0+git20180914.61c9d02e/examples/instance-segmenter.c:123:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buff[256];
data/darknet-0.0.0+git20180914.61c9d02e/examples/instance-segmenter.c:128:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buff[256];
data/darknet-0.0.0+git20180914.61c9d02e/examples/instance-segmenter.c:133:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buff[256];
data/darknet-0.0.0+git20180914.61c9d02e/examples/instance-segmenter.c:150:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buff[256];
data/darknet-0.0.0+git20180914.61c9d02e/examples/instance-segmenter.c:246:23: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
gpus[i] = atoi(gpu_list);
data/darknet-0.0.0+git20180914.61c9d02e/examples/lsd.c:418:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buff[256];
data/darknet-0.0.0+git20180914.61c9d02e/examples/lsd.c:462:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buff, "out%05d", c);
data/darknet-0.0.0+git20180914.61c9d02e/examples/lsd.c:476:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buff[256];
data/darknet-0.0.0+git20180914.61c9d02e/examples/lsd.c:547:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *ls[2] = {"imagenet", "zzzzzzzz"};
data/darknet-0.0.0+git20180914.61c9d02e/examples/lsd.c:652:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buff[256];
data/darknet-0.0.0+git20180914.61c9d02e/examples/lsd.c:659:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buff[256];
data/darknet-0.0.0+git20180914.61c9d02e/examples/lsd.c:666:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buff[256];
data/darknet-0.0.0+git20180914.61c9d02e/examples/lsd.c:711:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *ls[2] = {"imagenet", "zzzzzzzz"};
data/darknet-0.0.0+git20180914.61c9d02e/examples/lsd.c:846:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buff[256];
data/darknet-0.0.0+git20180914.61c9d02e/examples/lsd.c:853:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buff[256];
data/darknet-0.0.0+git20180914.61c9d02e/examples/lsd.c:860:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buff[256];
data/darknet-0.0.0+git20180914.61c9d02e/examples/lsd.c:907:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *ls[2] = {"imagenet"};
data/darknet-0.0.0+git20180914.61c9d02e/examples/lsd.c:1017:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buff[256];
data/darknet-0.0.0+git20180914.61c9d02e/examples/lsd.c:1024:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buff[256];
data/darknet-0.0.0+git20180914.61c9d02e/examples/lsd.c:1031:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buff[256];
data/darknet-0.0.0+git20180914.61c9d02e/examples/lsd.c:1301:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buff[256];
data/darknet-0.0.0+git20180914.61c9d02e/examples/nightmare.c:299:21: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
int max_layer = atoi(argv[5]);
data/darknet-0.0.0+git20180914.61c9d02e/examples/nightmare.c:392:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buff[256];
data/darknet-0.0.0+git20180914.61c9d02e/examples/regressor.c:96:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buff[256];
data/darknet-0.0.0+git20180914.61c9d02e/examples/regressor.c:101:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buff[256];
data/darknet-0.0.0+git20180914.61c9d02e/examples/regressor.c:106:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buff[256];
data/darknet-0.0.0+git20180914.61c9d02e/examples/regressor.c:123:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buff[256];
data/darknet-0.0.0+git20180914.61c9d02e/examples/regressor.c:220:23: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
gpus[i] = atoi(gpu_list);
data/darknet-0.0.0+git20180914.61c9d02e/examples/rnn.c:28:16: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE *fp = fopen(filename, "r");
data/darknet-0.0.0+git20180914.61c9d02e/examples/rnn.c:51:16: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE *fp = fopen(filename, "r");
data/darknet-0.0.0+git20180914.61c9d02e/examples/rnn.c:222:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buff[256];
data/darknet-0.0.0+git20180914.61c9d02e/examples/rnn.c:227:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buff[256];
data/darknet-0.0.0+git20180914.61c9d02e/examples/rnn.c:232:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buff[256];
data/darknet-0.0.0+git20180914.61c9d02e/examples/rnn_vid.c:47:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(input + i*input_size, re.data, input_size*sizeof(float));
data/darknet-0.0.0+git20180914.61c9d02e/examples/rnn_vid.c:56:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(feats + (b + i*batch)*output_size, output + i*output_size, output_size*sizeof(float));
data/darknet-0.0.0+git20180914.61c9d02e/examples/rnn_vid.c:113:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buff[256];
data/darknet-0.0.0+git20180914.61c9d02e/examples/rnn_vid.c:118:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buff[256];
data/darknet-0.0.0+git20180914.61c9d02e/examples/rnn_vid.c:123:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buff[256];
data/darknet-0.0.0+git20180914.61c9d02e/examples/rnn_vid.c:140:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buff[256];
data/darknet-0.0.0+git20180914.61c9d02e/examples/segmenter.c:111:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buff[256];
data/darknet-0.0.0+git20180914.61c9d02e/examples/segmenter.c:116:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buff[256];
data/darknet-0.0.0+git20180914.61c9d02e/examples/segmenter.c:121:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buff[256];
data/darknet-0.0.0+git20180914.61c9d02e/examples/segmenter.c:138:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buff[256];
data/darknet-0.0.0+git20180914.61c9d02e/examples/segmenter.c:234:23: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
gpus[i] = atoi(gpu_list);
data/darknet-0.0.0+git20180914.61c9d02e/examples/super.c:51:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buff[256];
data/darknet-0.0.0+git20180914.61c9d02e/examples/super.c:56:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buff[256];
data/darknet-0.0.0+git20180914.61c9d02e/examples/super.c:62:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buff[256];
data/darknet-0.0.0+git20180914.61c9d02e/examples/super.c:74:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buff[256];
data/darknet-0.0.0+git20180914.61c9d02e/examples/swag.c:62:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buff[256];
data/darknet-0.0.0+git20180914.61c9d02e/examples/swag.c:68:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buff[256];
data/darknet-0.0.0+git20180914.61c9d02e/examples/tag.c:61:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buff[256];
data/darknet-0.0.0+git20180914.61c9d02e/examples/tag.c:66:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buff[256];
data/darknet-0.0.0+git20180914.61c9d02e/examples/tag.c:71:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buff[256];
data/darknet-0.0.0+git20180914.61c9d02e/examples/tag.c:92:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buff[256];
data/darknet-0.0.0+git20180914.61c9d02e/examples/voxel.c:22:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buff[256];
data/darknet-0.0.0+git20180914.61c9d02e/examples/voxel.c:90:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buff[256];
data/darknet-0.0.0+git20180914.61c9d02e/examples/voxel.c:95:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buff[256];
data/darknet-0.0.0+git20180914.61c9d02e/examples/voxel.c:101:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buff[256];
data/darknet-0.0.0+git20180914.61c9d02e/examples/voxel.c:116:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buff[256];
data/darknet-0.0.0+git20180914.61c9d02e/examples/writing.c:69:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buff[256];
data/darknet-0.0.0+git20180914.61c9d02e/examples/writing.c:75:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buff[256];
data/darknet-0.0.0+git20180914.61c9d02e/examples/writing.c:91:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buff[256];
data/darknet-0.0.0+git20180914.61c9d02e/examples/yolo.c:66:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buff[256];
data/darknet-0.0.0+git20180914.61c9d02e/examples/yolo.c:72:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buff[256];
data/darknet-0.0.0+git20180914.61c9d02e/examples/yolo.c:117:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buff[1024];
data/darknet-0.0.0+git20180914.61c9d02e/examples/yolo.c:119:18: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fps[j] = fopen(buff, "w");
data/darknet-0.0.0+git20180914.61c9d02e/examples/yolo.c:200:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buff[1024];
data/darknet-0.0.0+git20180914.61c9d02e/examples/yolo.c:202:18: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fps[j] = fopen(buff, "w");
data/darknet-0.0.0+git20180914.61c9d02e/examples/yolo.c:228:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char labelpath[4096];
data/darknet-0.0.0+git20180914.61c9d02e/examples/yolo.c:273:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buff[256];
data/darknet-0.0.0+git20180914.61c9d02e/src/blas.c:46:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(x, swap, size*layers*batch*sizeof(float));
data/darknet-0.0.0+git20180914.61c9d02e/src/compare.c:60:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buff[256];
data/darknet-0.0.0+git20180914.61c9d02e/src/compare.c:67:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buff[256];
data/darknet-0.0.0+git20180914.61c9d02e/src/compare.c:180:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(X, im1.data, im1.w*im1.h*im1.c*sizeof(float));
data/darknet-0.0.0+git20180914.61c9d02e/src/compare.c:181:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(X+im1.w*im1.h*im1.c, im2.data, im2.w*im2.h*im2.c*sizeof(float));
data/darknet-0.0.0+git20180914.61c9d02e/src/compare.c:209:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(X, im1.data, im1.w*im1.h*im1.c*sizeof(float));
data/darknet-0.0.0+git20180914.61c9d02e/src/compare.c:210:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(X+im1.w*im1.h*im1.c, im2.data, im2.w*im2.h*im2.c*sizeof(float));
data/darknet-0.0.0+git20180914.61c9d02e/src/compare.c:322:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buff[256];
data/darknet-0.0.0+git20180914.61c9d02e/src/compare.c:323:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buff, "results/battle_%d.log", class);
data/darknet-0.0.0+git20180914.61c9d02e/src/compare.c:324:23: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE *outfp = fopen(buff, "w");
data/darknet-0.0.0+git20180914.61c9d02e/src/convolutional_layer.c:615:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buff[256];
data/darknet-0.0.0+git20180914.61c9d02e/src/cuda.c:34:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[256];
data/darknet-0.0.0+git20180914.61c9d02e/src/cuda.c:43:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[256];
data/darknet-0.0.0+git20180914.61c9d02e/src/data.c:15:18: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE *file = fopen(filename, "r");
data/darknet-0.0.0+git20180914.61c9d02e/src/data.c:61:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char replaced[4096];
data/darknet-0.0.0+git20180914.61c9d02e/src/data.c:141:18: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE *file = fopen(filename, "r");
data/darknet-0.0.0+git20180914.61c9d02e/src/data.c:219:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char labelpath[4096];
data/darknet-0.0.0+git20180914.61c9d02e/src/data.c:257:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char labelpath[4096];
data/darknet-0.0.0+git20180914.61c9d02e/src/data.c:366:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char labelpath[4096];
data/darknet-0.0.0+git20180914.61c9d02e/src/data.c:372:18: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE *file = fopen(labelpath, "r");
data/darknet-0.0.0+git20180914.61c9d02e/src/data.c:374:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buff[32788];
data/darknet-0.0.0+git20180914.61c9d02e/src/data.c:404:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char labelpath[4096];
data/darknet-0.0.0+git20180914.61c9d02e/src/data.c:410:18: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE *file = fopen(labelpath, "r");
data/darknet-0.0.0+git20180914.61c9d02e/src/data.c:412:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buff[32788];
data/darknet-0.0.0+git20180914.61c9d02e/src/data.c:449:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char labelpath[4096];
data/darknet-0.0.0+git20180914.61c9d02e/src/data.c:595:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char labelpath[4096];
data/darknet-0.0.0+git20180914.61c9d02e/src/data.c:611:22: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE *file = fopen(labelpath, "r");
data/darknet-0.0.0+git20180914.61c9d02e/src/data.c:639:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char label[4096];
data/darknet-0.0.0+git20180914.61c9d02e/src/data.c:642:22: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE *file = fopen(label, "r");
data/darknet-0.0.0+git20180914.61c9d02e/src/data.c:678:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char labelpath[4096];
data/darknet-0.0.0+git20180914.61c9d02e/src/data.c:685:18: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE *file = fopen(labelpath, "r");
data/darknet-0.0.0+git20180914.61c9d02e/src/data.c:687:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buff[32788];
data/darknet-0.0.0+git20180914.61c9d02e/src/data.c:705:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char labelpath[4096];
data/darknet-0.0.0+git20180914.61c9d02e/src/data.c:716:18: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE *file = fopen(labelpath, "r");
data/darknet-0.0.0+git20180914.61c9d02e/src/data.c:718:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buff[32788];
data/darknet-0.0.0+git20180914.61c9d02e/src/data.c:937:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(d.X.vals[i], im1.data, h*w*3*sizeof(float));
data/darknet-0.0.0+git20180914.61c9d02e/src/data.c:938:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(d.X.vals[i] + h*w*3, im2.data, h*w*3*sizeof(float));
data/darknet-0.0.0+git20180914.61c9d02e/src/data.c:943:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char imlabel1[4096];
data/darknet-0.0.0+git20180914.61c9d02e/src/data.c:944:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char imlabel2[4096];
data/darknet-0.0.0+git20180914.61c9d02e/src/data.c:947:21: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE *fp1 = fopen(imlabel1, "r");
data/darknet-0.0.0+git20180914.61c9d02e/src/data.c:955:21: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE *fp2 = fopen(imlabel2, "r");
data/darknet-0.0.0+git20180914.61c9d02e/src/data.c:1432:16: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE *fp = fopen(filename, "rb");
data/darknet-0.0.0+git20180914.61c9d02e/src/data.c:1435:18: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char bytes[3073];
data/darknet-0.0.0+git20180914.61c9d02e/src/data.c:1454:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(X+j*d.X.cols, d.X.vals[index], d.X.cols*sizeof(float));
data/darknet-0.0.0+git20180914.61c9d02e/src/data.c:1455:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(y+j*d.y.cols, d.y.vals[index], d.y.cols*sizeof(float));
data/darknet-0.0.0+git20180914.61c9d02e/src/data.c:1464:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(X+j*d.X.cols, d.X.vals[index], d.X.cols*sizeof(float));
data/darknet-0.0.0+git20180914.61c9d02e/src/data.c:1465:15: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
if(y) memcpy(y+j*d.y.cols, d.y.vals[index], d.y.cols*sizeof(float));
data/darknet-0.0.0+git20180914.61c9d02e/src/data.c:1493:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buff[256];
data/darknet-0.0.0+git20180914.61c9d02e/src/data.c:1494:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buff, "data/cifar/cifar-10-batches-bin/data_batch_%d.bin", b+1);
data/darknet-0.0.0+git20180914.61c9d02e/src/data.c:1495:20: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE *fp = fopen(buff, "rb");
data/darknet-0.0.0+git20180914.61c9d02e/src/data.c:1498:22: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char bytes[3073];
data/darknet-0.0.0+git20180914.61c9d02e/src/data.c:1516:16: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE *fp = fopen(filename, "rb");
data/darknet-0.0.0+git20180914.61c9d02e/src/demo.c:60:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(predictions[demo_index] + count, net->layers[i].output, sizeof(float) * l.outputs);
data/darknet-0.0.0+git20180914.61c9d02e/src/demo.c:77:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(l.output, avg + count, sizeof(float) * l.outputs);
data/darknet-0.0.0+git20180914.61c9d02e/src/demo.c:244:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[256];
data/darknet-0.0.0+git20180914.61c9d02e/src/detection_layer.c:54:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(l.output, net.input, l.outputs*l.batch*sizeof(float));
data/darknet-0.0.0+git20180914.61c9d02e/src/image.c:231:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buff[256];
data/darknet-0.0.0+git20180914.61c9d02e/src/image.c:232:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buff, "/usr/share/darknet/data/labels/%d_%d.png", i, j);
data/darknet-0.0.0+git20180914.61c9d02e/src/image.c:244:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char labelstr[4096] = {0};
data/darknet-0.0.0+git20180914.61c9d02e/src/image.c:252:21: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(labelstr, ", ");
data/darknet-0.0.0+git20180914.61c9d02e/src/image.c:516:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(dest.data, src.data, src.h*src.w*src.c*sizeof(float));
data/darknet-0.0.0+git20180914.61c9d02e/src/image.c:523:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(copy.data, p.data, p.h*p.w*p.c*sizeof(float));
data/darknet-0.0.0+git20180914.61c9d02e/src/image.c:551:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buff[256];
data/darknet-0.0.0+git20180914.61c9d02e/src/image.c:582:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buff[256];
data/darknet-0.0.0+git20180914.61c9d02e/src/image_opencv.cpp:87:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buff[256];
data/darknet-0.0.0+git20180914.61c9d02e/src/iseg_layer.c:84:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(l.output, net.input, l.outputs*l.batch*sizeof(float));
data/darknet-0.0.0+git20180914.61c9d02e/src/matrix.c:135:16: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE *fp = fopen(filename, "r");
data/darknet-0.0.0+git20180914.61c9d02e/src/network.c:481:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buff[256];
data/darknet-0.0.0+git20180914.61c9d02e/src/network.c:483:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buff, "Layer %d", i);
data/darknet-0.0.0+git20180914.61c9d02e/src/network.c:600:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(X+b*test.X.cols, test.X.vals[i+b], test.X.cols*sizeof(float));
data/darknet-0.0.0+git20180914.61c9d02e/src/network.c:625:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(X+b*test.X.cols, test.X.vals[i+b], test.X.cols*sizeof(float));
data/darknet-0.0.0+git20180914.61c9d02e/src/option_list.c:9:18: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE *file = fopen(filename, "r");
data/darknet-0.0.0+git20180914.61c9d02e/src/option_list.c:115:18: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if(v) return atoi(v);
data/darknet-0.0.0+git20180914.61c9d02e/src/option_list.c:123:18: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if(v) return atoi(v);
data/darknet-0.0.0+git20180914.61c9d02e/src/parser.c:297:23: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
int val = atoi(a);
data/darknet-0.0.0+git20180914.61c9d02e/src/parser.c:542:17: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
int index = atoi(l);
data/darknet-0.0.0+git20180914.61c9d02e/src/parser.c:615:21: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
int index = atoi(l);
data/darknet-0.0.0+git20180914.61c9d02e/src/parser.c:716:27: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
int step = atoi(l);
data/darknet-0.0.0+git20180914.61c9d02e/src/parser.c:893:18: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE *file = fopen(filename, "r");
data/darknet-0.0.0+git20180914.61c9d02e/src/parser.c:1015:16: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE *fp = fopen(filename, "wb");
data/darknet-0.0.0+git20180914.61c9d02e/src/parser.c:1094:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(a, transpose, rows*cols*sizeof(float));
data/darknet-0.0.0+git20180914.61c9d02e/src/parser.c:1227:16: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE *fp = fopen(filename, "rb");
data/darknet-0.0.0+git20180914.61c9d02e/src/region_layer.c:161:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(l.output, net.input, l.outputs*l.batch*sizeof(float));
data/darknet-0.0.0+git20180914.61c9d02e/src/reorg_layer.c:95:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(l.output, net.input, l.outputs*l.batch*sizeof(float));
data/darknet-0.0.0+git20180914.61c9d02e/src/reorg_layer.c:116:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(net.delta, l.delta, l.outputs*l.batch*sizeof(float));
data/darknet-0.0.0+git20180914.61c9d02e/src/stb_image.h:554:18: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
typedef unsigned char validate_uint32[sizeof(stbi__uint32)==4 ? 1 : -1];
data/darknet-0.0.0+git20180914.61c9d02e/src/stb_image.h:1063:10: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(temp, row0, bytes_copy);
data/darknet-0.0.0+git20180914.61c9d02e/src/stb_image.h:1064:10: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(row0, row1, bytes_copy);
data/darknet-0.0.0+git20180914.61c9d02e/src/stb_image.h:1065:10: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(row1, temp, bytes_copy);
data/darknet-0.0.0+git20180914.61c9d02e/src/stb_image.h:1153:8: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
f = fopen(filename, mode);
data/darknet-0.0.0+git20180914.61c9d02e/src/stb_image.h:1453:10: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buffer, s->img_buffer, blen);
data/darknet-0.0.0+git20180914.61c9d02e/src/stb_image.h:1463:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buffer, s->img_buffer, n);
data/darknet-0.0.0+git20180914.61c9d02e/src/stb_image.h:2905:32: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char tag[5] = {'J','F','I','F','\0'};
data/darknet-0.0.0+git20180914.61c9d02e/src/stb_image.h:2915:32: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char tag[6] = {'A','d','o','b','e','\0'};
data/darknet-0.0.0+git20180914.61c9d02e/src/stb_image.h:3020:29: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char rgb[3] = { 'R', 'G', 'B' };
data/darknet-0.0.0+git20180914.61c9d02e/src/stb_image.h:4092:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(a->zout, a->zbuffer, len);
data/darknet-0.0.0+git20180914.61c9d02e/src/stb_image.h:4416:40: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
case STBI__F_none: memcpy(cur, raw, nk); break;
data/darknet-0.0.0+git20180914.61c9d02e/src/stb_image.h:4572:16: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(final + out_y*a->s->img_x*out_bytes + out_x*out_bytes,
data/darknet-0.0.0+git20180914.61c9d02e/src/stb_image.h:5477:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char raw_data[4] = {0};
data/darknet-0.0.0+git20180914.61c9d02e/src/stb_image.h:6374:16: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( &g->out[pi * 4], &two_back[pi * 4], 4 );
data/darknet-0.0.0+git20180914.61c9d02e/src/stb_image.h:6381:16: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( &g->out[pi * 4], &g->background[pi * 4], 4 );
data/darknet-0.0.0+git20180914.61c9d02e/src/stb_image.h:6392:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( g->background, g->out, 4 * g->w * g->h );
data/darknet-0.0.0+git20180914.61c9d02e/src/stb_image.h:6449:22: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( &g->out[pi * 4], &g->pal[g->bgindex], 4 );
data/darknet-0.0.0+git20180914.61c9d02e/src/stb_image.h:6536:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( out + ((layers - 1) * stride), u, stride );
data/darknet-0.0.0+git20180914.61c9d02e/src/stb_image.h:6671:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[STBI__HDR_BUFLEN];
data/darknet-0.0.0+git20180914.61c9d02e/src/stb_image.h:6799:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[STBI__HDR_BUFLEN];
data/darknet-0.0.0+git20180914.61c9d02e/src/stb_image_write.h:285:8: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
f = fopen(filename, "wb");
data/darknet-0.0.0+git20180914.61c9d02e/src/stb_image_write.h:310:31: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char b[2];
data/darknet-0.0.0+git20180914.61c9d02e/src/stb_image_write.h:316:31: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char b[4];
data/darknet-0.0.0+git20180914.61c9d02e/src/stb_image_write.h:345:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char arr[3];
data/darknet-0.0.0+git20180914.61c9d02e/src/stb_image_write.h:352:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char bg[3] = { 255, 0, 255}, px[3];
data/darknet-0.0.0+git20180914.61c9d02e/src/stb_image_write.h:590:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char scanlineheader[4] = { 2, 2, 0, 0 };
data/darknet-0.0.0+git20180914.61c9d02e/src/stb_image_write.h:591:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char rgbe[4];
data/darknet-0.0.0+git20180914.61c9d02e/src/stb_image_write.h:685:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[128];
data/darknet-0.0.0+git20180914.61c9d02e/src/stb_image_write.h:692:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
len = sprintf(buffer, "EXPOSURE= 1.0000000000000\n\n-Y %d +X %d\n", y, x);
data/darknet-0.0.0+git20180914.61c9d02e/src/stb_image_write.h:1025:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char sig[8] = { 137,80,78,71,13,10,26,10 };
data/darknet-0.0.0+git20180914.61c9d02e/src/stb_image_write.h:1118:8: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
f = fopen(filename, "wb");
data/darknet-0.0.0+git20180914.61c9d02e/src/stb_image_write.h:1364:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char YTable[64], UVTable[64];
data/darknet-0.0.0+git20180914.61c9d02e/src/tree.c:86:16: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE *fp = fopen(filename, "r");
data/darknet-0.0.0+git20180914.61c9d02e/src/utils.c:48:23: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
gpus[i] = atoi(gpu_list);
data/darknet-0.0.0+git20180914.61c9d02e/src/utils.c:64:18: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE *file = fopen(filename, "r");
data/darknet-0.0.0+git20180914.61c9d02e/src/utils.c:69:20: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
map[n-1] = atoi(str);
data/darknet-0.0.0+git20180914.61c9d02e/src/utils.c:91:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(swp, arr+(j*size), size);
data/darknet-0.0.0+git20180914.61c9d02e/src/utils.c:92:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(arr+(j*size), arr+(i*size), size);
data/darknet-0.0.0+git20180914.61c9d02e/src/utils.c:93:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(arr+(i*size), swp, size);
data/darknet-0.0.0+git20180914.61c9d02e/src/utils.c:139:19: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
def = atoi(argv[i+1]);
data/darknet-0.0.0+git20180914.61c9d02e/src/utils.c:218:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[4096] = {0};
data/darknet-0.0.0+git20180914.61c9d02e/src/utils.c:262:16: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE *fp = fopen(filename, "rb");
data/darknet-0.0.0+git20180914.61c9d02e/src/yolo_layer.c:135:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(l.output, net.input, l.outputs*l.batch*sizeof(float));
data/darknet-0.0.0+git20180914.61c9d02e/examples/attention.c:402:13: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(input, filename, 256);
data/darknet-0.0.0+git20180914.61c9d02e/examples/captcha.c:105:13: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(input, filename, 256);
data/darknet-0.0.0+git20180914.61c9d02e/examples/classifier.c:502:13: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(input, filename, 256);
data/darknet-0.0.0+git20180914.61c9d02e/examples/classifier.c:580:13: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(input, filename, 256);
data/darknet-0.0.0+git20180914.61c9d02e/examples/coco.c:307:13: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(input, filename, 256);
data/darknet-0.0.0+git20180914.61c9d02e/examples/detector.c:578:13: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(input, filename, 256);
data/darknet-0.0.0+git20180914.61c9d02e/examples/detector.c:808:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len = strlen(gpu_list);
data/darknet-0.0.0+git20180914.61c9d02e/examples/dice.c:81:13: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(input, filename, 256);
data/darknet-0.0.0+git20180914.61c9d02e/examples/go.c:1136:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(line) == 0 || dnum) {
data/darknet-0.0.0+git20180914.61c9d02e/examples/go.c:1334:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len = strlen(gpu_list);
data/darknet-0.0.0+git20180914.61c9d02e/examples/instance-segmenter.c:154:13: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(input, filename, 256);
data/darknet-0.0.0+git20180914.61c9d02e/examples/instance-segmenter.c:238:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len = strlen(gpu_list);
data/darknet-0.0.0+git20180914.61c9d02e/examples/lsd.c:1315:13: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(input, filename, 256);
data/darknet-0.0.0+git20180914.61c9d02e/examples/regressor.c:127:13: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(input, filename, 256);
data/darknet-0.0.0+git20180914.61c9d02e/examples/regressor.c:212:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len = strlen(gpu_list);
data/darknet-0.0.0+git20180914.61c9d02e/examples/rnn.c:24:50: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
int *read_tokenized_data(char *filename, size_t *read)
data/darknet-0.0.0+git20180914.61c9d02e/examples/rnn.c:47:44: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
char **read_tokens(char *filename, size_t *read)
data/darknet-0.0.0+git20180914.61c9d02e/examples/rnn.c:167:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size = strlen((const char*)text);
data/darknet-0.0.0+git20180914.61c9d02e/examples/rnn.c:263:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len = strlen(seed);
data/darknet-0.0.0+git20180914.61c9d02e/examples/rnn.c:322:20: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
while((c = getc(stdin)) != EOF && c != 0){
data/darknet-0.0.0+git20180914.61c9d02e/examples/rnn.c:365:16: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
while((c = getc(stdin)) != EOF){
data/darknet-0.0.0+git20180914.61c9d02e/examples/rnn.c:397:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len = strlen(seed);
data/darknet-0.0.0+git20180914.61c9d02e/examples/rnn.c:407:9: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
c = getc(stdin);
data/darknet-0.0.0+git20180914.61c9d02e/examples/rnn.c:411:20: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
int next = getc(stdin);
data/darknet-0.0.0+git20180914.61c9d02e/examples/rnn.c:446:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len = strlen(seed);
data/darknet-0.0.0+git20180914.61c9d02e/examples/rnn.c:456:9: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
c = getc(stdin);
data/darknet-0.0.0+git20180914.61c9d02e/examples/rnn.c:459:20: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
int next = getc(stdin);
data/darknet-0.0.0+git20180914.61c9d02e/examples/rnn.c:482:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int seed_len = strlen(seed);
data/darknet-0.0.0+git20180914.61c9d02e/examples/rnn.c:495:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int str_len = strlen(line);
data/darknet-0.0.0+git20180914.61c9d02e/examples/segmenter.c:142:13: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(input, filename, 256);
data/darknet-0.0.0+git20180914.61c9d02e/examples/segmenter.c:226:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len = strlen(gpu_list);
data/darknet-0.0.0+git20180914.61c9d02e/examples/super.c:78:13: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(input, filename, 256);
data/darknet-0.0.0+git20180914.61c9d02e/examples/tag.c:97:13: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(input, filename, 256);
data/darknet-0.0.0+git20180914.61c9d02e/examples/voxel.c:120:13: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(input, filename, 256);
data/darknet-0.0.0+git20180914.61c9d02e/examples/writing.c:95:13: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(input, filename, 256);
data/darknet-0.0.0+git20180914.61c9d02e/examples/yolo.c:278:13: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(input, filename, 256);
data/darknet-0.0.0+git20180914.61c9d02e/src/data.c:506:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for(i = 0; i < strlen(begin) && i < n && begin[i] != '.'; ++i){
data/darknet-0.0.0+git20180914.61c9d02e/src/option_list.c:55:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t len = strlen(s);
data/darknet-0.0.0+git20180914.61c9d02e/src/parser.c:289:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len = strlen(a);
data/darknet-0.0.0+git20180914.61c9d02e/src/parser.c:329:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len = strlen(a);
data/darknet-0.0.0+git20180914.61c9d02e/src/parser.c:390:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len = strlen(a);
data/darknet-0.0.0+git20180914.61c9d02e/src/parser.c:604:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len = strlen(l);
data/darknet-0.0.0+git20180914.61c9d02e/src/parser.c:707:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len = strlen(l);
data/darknet-0.0.0+git20180914.61c9d02e/src/stb_image.h:346:15: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
int (*read) (void *user,char *data,int size); // fill 'data' with 'size' bytes. return number of bytes actually read
data/darknet-0.0.0+git20180914.61c9d02e/src/stb_image.h:1392:19: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
int n = (s->io.read)(s->io_user_data,(char*)s->buffer_start,s->buflen);
data/darknet-0.0.0+git20180914.61c9d02e/src/stb_image.h:1419:14: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (s->io.read) {
data/darknet-0.0.0+git20180914.61c9d02e/src/stb_image.h:1435:14: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (s->io.read) {
data/darknet-0.0.0+git20180914.61c9d02e/src/stb_image.h:1448:14: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (s->io.read) {
data/darknet-0.0.0+git20180914.61c9d02e/src/stb_image.h:1455:25: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
count = (s->io.read)(s->io_user_data, (char*) buffer + blen, n - blen);
data/darknet-0.0.0+git20180914.61c9d02e/src/utils.c:40:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len = strlen(gpu_list);
data/darknet-0.0.0+git20180914.61c9d02e/src/utils.c:229:46: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(output, "%s%s%s", buffer, rep, p+strlen(orig));
data/darknet-0.0.0+git20180914.61c9d02e/src/utils.c:290:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t len = strlen(s);
data/darknet-0.0.0+git20180914.61c9d02e/src/utils.c:305:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t len = strlen(s);
data/darknet-0.0.0+git20180914.61c9d02e/src/utils.c:318:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t len = strlen(s);
data/darknet-0.0.0+git20180914.61c9d02e/src/utils.c:345:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t curr = strlen(line);
data/darknet-0.0.0+git20180914.61c9d02e/src/utils.c:359:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
curr = strlen(line);
data/darknet-0.0.0+git20180914.61c9d02e/src/utils.c:369:16: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
int next = read(fd, &n, sizeof(int));
data/darknet-0.0.0+git20180914.61c9d02e/src/utils.c:384:20: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
int next = read(fd, buffer + n, bytes-n);
data/darknet-0.0.0+git20180914.61c9d02e/src/utils.c:406:20: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
int next = read(fd, buffer + n, bytes-n);
data/darknet-0.0.0+git20180914.61c9d02e/src/utils.c:425:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
char *copy = malloc(strlen(s)+1);
data/darknet-0.0.0+git20180914.61c9d02e/src/utils.c:426:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(copy, s, strlen(s)+1);
data/darknet-0.0.0+git20180914.61c9d02e/src/utils.c:426:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strncpy(copy, s, strlen(s)+1);
ANALYSIS SUMMARY:
Hits = 561
Lines analyzed = 36233 in approximately 1.28 seconds (28265 lines/second)
Physical Source Lines of Code (SLOC) = 28606
Hits@level = [0] 669 [1] 62 [2] 280 [3] 109 [4] 110 [5] 0
Hits@level+ = [0+] 1230 [1+] 561 [2+] 499 [3+] 219 [4+] 110 [5+] 0
Hits/KSLOC@level+ = [0+] 42.998 [1+] 19.6113 [2+] 17.4439 [3+] 7.65574 [4+] 3.84535 [5+] 0
Dot directories skipped = 1 (--followdotdir overrides)
Minimum risk level = 1
Not every hit is necessarily a security vulnerability.
There may be other security vulnerabilities; review your code!
See 'Secure Programming HOWTO'
(https://dwheeler.com/secure-programs) for more information.