Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler. Number of rules (primarily dangerous function names) in C/C++ ruleset: 223 Examining data/gr-dab-0.4/include/grdab/api.h Examining data/gr-dab-0.4/include/grdab/complex_to_interleaved_float_vcf.h Examining data/gr-dab-0.4/include/grdab/control_stream_to_tag_cc.h Examining data/gr-dab-0.4/include/grdab/crc16_bb.h Examining data/gr-dab-0.4/include/grdab/diff_phasor_vcc.h Examining data/gr-dab-0.4/include/grdab/estimate_sample_rate_bf.h Examining data/gr-dab-0.4/include/grdab/fib_sink_vb.h Examining data/gr-dab-0.4/include/grdab/firecode_check_bb.h Examining data/gr-dab-0.4/include/grdab/fractional_interpolator_triggered_update_cc.h Examining data/gr-dab-0.4/include/grdab/frequency_interleaver_vcc.h Examining data/gr-dab-0.4/include/grdab/insert_null_symbol.h Examining data/gr-dab-0.4/include/grdab/magnitude_equalizer_vcc.h Examining data/gr-dab-0.4/include/grdab/measure_processing_rate.h Examining data/gr-dab-0.4/include/grdab/modulo_ff.h Examining data/gr-dab-0.4/include/grdab/moving_sum_ff.h Examining data/gr-dab-0.4/include/grdab/mp2_decode_bs.h Examining data/gr-dab-0.4/include/grdab/mp4_decode_bs.h Examining data/gr-dab-0.4/include/grdab/ofdm_coarse_frequency_correct.h Examining data/gr-dab-0.4/include/grdab/ofdm_ffe_all_in_one.h Examining data/gr-dab-0.4/include/grdab/ofdm_insert_pilot_vcc.h Examining data/gr-dab-0.4/include/grdab/ofdm_move_and_insert_zero.h Examining data/gr-dab-0.4/include/grdab/ofdm_remove_first_symbol_vcc.h Examining data/gr-dab-0.4/include/grdab/ofdm_sampler.h Examining data/gr-dab-0.4/include/grdab/peak_detector_fb.h Examining data/gr-dab-0.4/include/grdab/prune.h Examining data/gr-dab-0.4/include/grdab/prune_vectors.h Examining data/gr-dab-0.4/include/grdab/puncture_bb.h Examining data/gr-dab-0.4/include/grdab/qpsk_demapper_vcb.h Examining data/gr-dab-0.4/include/grdab/qpsk_mapper_vbc.h Examining data/gr-dab-0.4/include/grdab/reed_solomon_decode_bb.h Examining data/gr-dab-0.4/include/grdab/repartition_vectors.h Examining data/gr-dab-0.4/include/grdab/select_subch_vfvf.h Examining data/gr-dab-0.4/include/grdab/select_vectors.h Examining data/gr-dab-0.4/include/grdab/sum_phasor_trig_vcc.h Examining data/gr-dab-0.4/include/grdab/time_deinterleave_ff.h Examining data/gr-dab-0.4/include/grdab/unpuncture_ff.h Examining data/gr-dab-0.4/include/grdab/unpuncture_vff.h Examining data/gr-dab-0.4/include/grdab/valve_ff.h Examining data/gr-dab-0.4/include/grdab/xrun_monitor_cc.h Examining data/gr-dab-0.4/legacy/dab_ofdm_coarse_frequency_correct.cc Examining data/gr-dab-0.4/legacy/dab_ofdm_coarse_frequency_correct.h Examining data/gr-dab-0.4/lib/FIC.h Examining data/gr-dab-0.4/lib/complex_to_interleaved_float_vcf_impl.cc Examining data/gr-dab-0.4/lib/complex_to_interleaved_float_vcf_impl.h Examining data/gr-dab-0.4/lib/control_stream_to_tag_cc_impl.cc Examining data/gr-dab-0.4/lib/control_stream_to_tag_cc_impl.h Examining data/gr-dab-0.4/lib/crc16.cc Examining data/gr-dab-0.4/lib/crc16.h Examining data/gr-dab-0.4/lib/crc16_bb_impl.cc Examining data/gr-dab-0.4/lib/crc16_bb_impl.h Examining data/gr-dab-0.4/lib/crc16_test.cc Examining data/gr-dab-0.4/lib/dab_concatenate_signals.cc Examining data/gr-dab-0.4/lib/dab_concatenate_signals.h Examining data/gr-dab-0.4/lib/dab_correct_individual_phase_offset_vff.cc Examining data/gr-dab-0.4/lib/dab_correct_individual_phase_offset_vff.h Examining data/gr-dab-0.4/lib/dab_measure_ber_b.cc Examining data/gr-dab-0.4/lib/dab_measure_ber_b.h Examining data/gr-dab-0.4/lib/dab_moving_sum_cc.cc Examining data/gr-dab-0.4/lib/dab_moving_sum_cc.h Examining data/gr-dab-0.4/lib/dab_ofdm_ffs_sample.cc Examining data/gr-dab-0.4/lib/dab_ofdm_ffs_sample.h Examining data/gr-dab-0.4/lib/dab_puncture_vbb.cc Examining data/gr-dab-0.4/lib/dab_puncture_vbb.h Examining data/gr-dab-0.4/lib/dab_sum_elements_vff.cc Examining data/gr-dab-0.4/lib/dab_sum_elements_vff.h Examining data/gr-dab-0.4/lib/diff_phasor_vcc_impl.cc Examining data/gr-dab-0.4/lib/diff_phasor_vcc_impl.h Examining data/gr-dab-0.4/lib/estimate_sample_rate_bf_impl.cc Examining data/gr-dab-0.4/lib/estimate_sample_rate_bf_impl.h Examining data/gr-dab-0.4/lib/fec/char.h Examining data/gr-dab-0.4/lib/fec/decode_rs.h Examining data/gr-dab-0.4/lib/fec/decode_rs_char.c Examining data/gr-dab-0.4/lib/fec/fec.h Examining data/gr-dab-0.4/lib/fec/init_rs.h Examining data/gr-dab-0.4/lib/fec/init_rs_char.c Examining data/gr-dab-0.4/lib/fec/rs-common.h Examining data/gr-dab-0.4/lib/fib_sink_vb_impl.cc Examining data/gr-dab-0.4/lib/fib_sink_vb_impl.h Examining data/gr-dab-0.4/lib/firecode-checker.cpp Examining data/gr-dab-0.4/lib/firecode-checker.h Examining data/gr-dab-0.4/lib/firecode_check_bb_impl.cc Examining data/gr-dab-0.4/lib/firecode_check_bb_impl.h Examining data/gr-dab-0.4/lib/fractional_interpolator_triggered_update_cc_impl.cc Examining data/gr-dab-0.4/lib/fractional_interpolator_triggered_update_cc_impl.h Examining data/gr-dab-0.4/lib/frequency_interleaver_vcc_impl.cc Examining data/gr-dab-0.4/lib/frequency_interleaver_vcc_impl.h Examining data/gr-dab-0.4/lib/insert_null_symbol_impl.cc Examining data/gr-dab-0.4/lib/insert_null_symbol_impl.h Examining data/gr-dab-0.4/lib/magnitude_equalizer_vcc_impl.cc Examining data/gr-dab-0.4/lib/magnitude_equalizer_vcc_impl.h Examining data/gr-dab-0.4/lib/measure_processing_rate_impl.cc Examining data/gr-dab-0.4/lib/measure_processing_rate_impl.h Examining data/gr-dab-0.4/lib/modulo_ff_impl.cc Examining data/gr-dab-0.4/lib/modulo_ff_impl.h Examining data/gr-dab-0.4/lib/moving_sum_ff_impl.cc Examining data/gr-dab-0.4/lib/moving_sum_ff_impl.h Examining data/gr-dab-0.4/lib/mp2_decode_bs_impl.cc Examining data/gr-dab-0.4/lib/mp2_decode_bs_impl.h Examining data/gr-dab-0.4/lib/mp4_decode_bs_impl.cc Examining data/gr-dab-0.4/lib/mp4_decode_bs_impl.h Examining data/gr-dab-0.4/lib/neaacdec.h Examining data/gr-dab-0.4/lib/ofdm_coarse_frequency_correct_impl.cc Examining data/gr-dab-0.4/lib/ofdm_coarse_frequency_correct_impl.h Examining data/gr-dab-0.4/lib/ofdm_ffe_all_in_one_impl.cc Examining data/gr-dab-0.4/lib/ofdm_ffe_all_in_one_impl.h Examining data/gr-dab-0.4/lib/ofdm_insert_pilot_vcc_impl.cc Examining data/gr-dab-0.4/lib/ofdm_insert_pilot_vcc_impl.h Examining data/gr-dab-0.4/lib/ofdm_move_and_insert_zero_impl.cc Examining data/gr-dab-0.4/lib/ofdm_move_and_insert_zero_impl.h Examining data/gr-dab-0.4/lib/ofdm_remove_first_symbol_vcc_impl.cc Examining data/gr-dab-0.4/lib/ofdm_remove_first_symbol_vcc_impl.h Examining data/gr-dab-0.4/lib/ofdm_sampler_impl.cc Examining data/gr-dab-0.4/lib/ofdm_sampler_impl.h Examining data/gr-dab-0.4/lib/peak_detector_fb_impl.cc Examining data/gr-dab-0.4/lib/peak_detector_fb_impl.h Examining data/gr-dab-0.4/lib/prune_impl.cc Examining data/gr-dab-0.4/lib/prune_impl.h Examining data/gr-dab-0.4/lib/prune_vectors_impl.cc Examining data/gr-dab-0.4/lib/prune_vectors_impl.h Examining data/gr-dab-0.4/lib/puncture_bb_impl.cc Examining data/gr-dab-0.4/lib/puncture_bb_impl.h Examining data/gr-dab-0.4/lib/qa_dab.cc Examining data/gr-dab-0.4/lib/qa_dab.h Examining data/gr-dab-0.4/lib/qpsk_demapper_vcb_impl.cc Examining data/gr-dab-0.4/lib/qpsk_demapper_vcb_impl.h Examining data/gr-dab-0.4/lib/qpsk_mapper_vbc_impl.cc Examining data/gr-dab-0.4/lib/qpsk_mapper_vbc_impl.h Examining data/gr-dab-0.4/lib/reed_solomon_decode_bb_impl.cc Examining data/gr-dab-0.4/lib/reed_solomon_decode_bb_impl.h Examining data/gr-dab-0.4/lib/repartition_vectors_impl.cc Examining data/gr-dab-0.4/lib/repartition_vectors_impl.h Examining data/gr-dab-0.4/lib/select_subch_vfvf_impl.cc Examining data/gr-dab-0.4/lib/select_subch_vfvf_impl.h Examining data/gr-dab-0.4/lib/select_vectors_impl.cc Examining data/gr-dab-0.4/lib/select_vectors_impl.h Examining data/gr-dab-0.4/lib/sum_phasor_trig_vcc_impl.cc Examining data/gr-dab-0.4/lib/sum_phasor_trig_vcc_impl.h Examining data/gr-dab-0.4/lib/test_dab.cc Examining data/gr-dab-0.4/lib/time_deinterleave_ff_impl.cc Examining data/gr-dab-0.4/lib/time_deinterleave_ff_impl.h Examining data/gr-dab-0.4/lib/unpuncture_ff_impl.cc Examining data/gr-dab-0.4/lib/unpuncture_ff_impl.h Examining data/gr-dab-0.4/lib/unpuncture_vff_impl.cc Examining data/gr-dab-0.4/lib/unpuncture_vff_impl.h Examining data/gr-dab-0.4/lib/valve_ff_impl.cc Examining data/gr-dab-0.4/lib/valve_ff_impl.h Examining data/gr-dab-0.4/lib/xrun_monitor_cc_impl.cc Examining data/gr-dab-0.4/lib/xrun_monitor_cc_impl.h FINAL RESULTS: data/gr-dab-0.4/legacy/dab_ofdm_coarse_frequency_correct.cc:108:36: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. const char *frame_start = (const char *) input_items[1]; data/gr-dab-0.4/legacy/dab_ofdm_coarse_frequency_correct.cc:111:28: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char *frame_start_out = (char *) output_items[1]; data/gr-dab-0.4/lib/control_stream_to_tag_cc_impl.cc:63:39: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. const char *in_control = (const char *) input_items[1]; data/gr-dab-0.4/lib/control_stream_to_tag_cc_impl.cc:71:7: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(out, in, sizeof(gr_complex)*d_vlen*noutput_items); data/gr-dab-0.4/lib/crc16_bb_impl.cc:63:31: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. const char *in = (const char *) input_items[0]; data/gr-dab-0.4/lib/crc16_bb_impl.cc:64:20: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char *out = (char *) output_items[0]; data/gr-dab-0.4/lib/dab_concatenate_signals.cc:91:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(output_items[0], input_items[d_current_signal], produced*d_itemsize); data/gr-dab-0.4/lib/dab_measure_ber_b.cc:58:28: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. const char *in0 = (const char *) input_items[0]; data/gr-dab-0.4/lib/dab_measure_ber_b.cc:59:28: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. const char *in1 = (const char *) input_items[1]; data/gr-dab-0.4/lib/dab_ofdm_ffs_sample.cc:63:32: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. const char *trigger = (const char *) input_items[1]; data/gr-dab-0.4/lib/dab_puncture_vbb.cc:73:27: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. const char *in = (const char *) input_items[0]; data/gr-dab-0.4/lib/dab_puncture_vbb.cc:74:16: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char *out = (char *) output_items[0]; data/gr-dab-0.4/lib/estimate_sample_rate_bf_impl.cc:82:27: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. const char *in = (const char *) input_items[0]; data/gr-dab-0.4/lib/fec/decode_rs.h:204:7: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(lambda,t,(NROOTS+1)*sizeof(t[0])); data/gr-dab-0.4/lib/fec/decode_rs.h:216:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(®[1],&lambda[1],NROOTS*sizeof(reg[0])); data/gr-dab-0.4/lib/fib_sink_vb_impl.cc:170:23: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char protect_string[4][3] = {"A1", "A2", "A3", "A4"}; data/gr-dab-0.4/lib/fib_sink_vb_impl.cc:325:11: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char label[17]; data/gr-dab-0.4/lib/fib_sink_vb_impl.cc:331:15: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(label, &data[4], 16); data/gr-dab-0.4/lib/fib_sink_vb_impl.cc:341:15: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(label, &data[4], 16); data/gr-dab-0.4/lib/fib_sink_vb_impl.cc:368:15: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(label, &data[5], 16); data/gr-dab-0.4/lib/fib_sink_vb_impl.cc:372:15: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(label, &data[5], 16); data/gr-dab-0.4/lib/fib_sink_vb_impl.cc:413:31: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. const char *in = (const char *) input_items[0]; data/gr-dab-0.4/lib/firecode_check_bb_impl.cc:76:49: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. const unsigned char *in = (const unsigned char *) input_items[0]; data/gr-dab-0.4/lib/firecode_check_bb_impl.cc:77:38: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char *out = (unsigned char *) output_items[0]; data/gr-dab-0.4/lib/firecode_check_bb_impl.cc:85:11: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(out + d_nproduced * d_frame_size, in + d_nconsumed * d_frame_size, d_frame_size * 5); data/gr-dab-0.4/lib/fractional_interpolator_triggered_update_cc_impl.cc:79:32: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. const char *trigger = (const char *) input_items[1]; data/gr-dab-0.4/lib/insert_null_symbol_impl.cc:82:32: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. const char *trigger = (const char *) input_items[1]; data/gr-dab-0.4/lib/mp2_decode_bs_impl.cc:158:11: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. const char quant_lut_step2[3][4] = { data/gr-dab-0.4/lib/mp2_decode_bs_impl.cc:189:11: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. const char quant_lut_step4[6][16] = { data/gr-dab-0.4/lib/mp2_decode_bs_impl.cc:617:49: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. const unsigned char *in = (const unsigned char *) input_items[0]; // input are unpacked bytes data/gr-dab-0.4/lib/mp4_decode_bs_impl.cc:161:7: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(au, v, frame_length); data/gr-dab-0.4/lib/mp4_decode_bs_impl.cc:167:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(buffer, &au[2], count); data/gr-dab-0.4/lib/mp4_decode_bs_impl.cc:296:49: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. const unsigned char *in = (const unsigned char *) input_items[0] + d_superframe_size; data/gr-dab-0.4/lib/neaacdec.h:197:14: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char channel_position[64]; data/gr-dab-0.4/lib/ofdm_insert_pilot_vcc_impl.cc:69:36: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. const char *frame_start = (const char *) input_items[1]; data/gr-dab-0.4/lib/ofdm_insert_pilot_vcc_impl.cc:72:26: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char *o_frame_start = (char *) output_items[1]; data/gr-dab-0.4/lib/ofdm_sampler_impl.cc:148:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&optr[out], &iptr[index], d_fft_length*sizeof(gr_complex)); data/gr-dab-0.4/lib/prune_impl.cc:78:31: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. const char *in = (const char *) input_items[0]; data/gr-dab-0.4/lib/prune_impl.cc:79:20: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char *out = (char *) output_items[0]; data/gr-dab-0.4/lib/prune_impl.cc:86:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(out, in + d_prune_start * d_itemsize, (d_length - d_prune_start - d_prune_end) * d_itemsize); data/gr-dab-0.4/lib/prune_vectors_impl.cc:62:31: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char const *in = (const char *) input_items[0]; data/gr-dab-0.4/lib/prune_vectors_impl.cc:63:20: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char *out = (char *) output_items[0]; data/gr-dab-0.4/lib/prune_vectors_impl.cc:66:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(out, in + d_prune_start * d_itemsize, (d_length - d_prune_start - d_prune_end) * d_itemsize); data/gr-dab-0.4/lib/puncture_bb_impl.cc:82:49: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. const unsigned char *in = (const unsigned char *) input_items[0]; data/gr-dab-0.4/lib/puncture_bb_impl.cc:83:38: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char *out = (unsigned char *) output_items[0]; data/gr-dab-0.4/lib/qpsk_demapper_vcb_impl.cc:62:16: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char *out = (char *) output_items[0]; data/gr-dab-0.4/lib/qpsk_mapper_vbc_impl.cc:61:27: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char const *in = (const char *) input_items[0]; data/gr-dab-0.4/lib/reed_solomon_decode_bb_impl.cc:129:49: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. const unsigned char *in = (const unsigned char *) input_items[0]; data/gr-dab-0.4/lib/reed_solomon_decode_bb_impl.cc:130:38: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char *out = (unsigned char *) output_items[0]; data/gr-dab-0.4/lib/reed_solomon_decode_bb_impl.cc:134:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(superframe, &in[n * d_superframe_size], d_superframe_size); data/gr-dab-0.4/lib/reed_solomon_decode_bb_impl.cc:136:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&out[n * d_superframe_size_rs], superframe, d_superframe_size_rs); data/gr-dab-0.4/lib/repartition_vectors_impl.cc:72:29: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. const char *iptr = (const char *) input_items[0]; data/gr-dab-0.4/lib/repartition_vectors_impl.cc:74:17: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char *optr = (char *) output_items[0]; data/gr-dab-0.4/lib/repartition_vectors_impl.cc:145:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(optr, iptr, d_multiply*d_itemsize*d_vlen_in); data/gr-dab-0.4/lib/select_subch_vfvf_impl.cc:81:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&out[i * d_vlen_out], &in[d_vlen_in * (i * d_total_size + d_address)], data/gr-dab-0.4/lib/select_vectors_impl.cc:72:29: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. const char *iptr = (const char *) input_items[0]; data/gr-dab-0.4/lib/select_vectors_impl.cc:74:17: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char *optr = (char *) output_items[0]; data/gr-dab-0.4/lib/select_vectors_impl.cc:122:7: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(optr, iptr, d_length*d_itemsize); data/gr-dab-0.4/lib/sum_phasor_trig_vcc_impl.cc:64:36: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. const char *frame_start = (const char *) input_items[1]; data/gr-dab-0.4/lib/sum_phasor_trig_vcc_impl.cc:65:26: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char *o_frame_start = (char *) output_items[1]; data/gr-dab-0.4/lib/valve_ff_impl.cc:85:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(out, in, noutput_items * sizeof(float)); data/gr-dab-0.4/lib/xrun_monitor_cc_impl.cc:188:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(out, d_buffer + d_read_index, sizeof(gr_complex) * to_produce_here); data/gr-dab-0.4/lib/xrun_monitor_cc_impl.cc:201:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(out, d_buffer + d_read_index, sizeof(gr_complex) * to_produce_here); data/gr-dab-0.4/lib/xrun_monitor_cc_impl.cc:206:13: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(out+to_produce_here, d_buffer, sizeof(gr_complex) * to_produce_here2); data/gr-dab-0.4/lib/xrun_monitor_cc_impl.cc:226:7: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(out+outpos, in, sizeof(gr_complex) * to_produce); data/gr-dab-0.4/lib/xrun_monitor_cc_impl.cc:250:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(d_buffer + d_write_index, in + to_produce, sizeof(gr_complex) * tosave); data/gr-dab-0.4/lib/xrun_monitor_cc_impl.cc:254:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(d_buffer + d_write_index, in + to_produce, sizeof(gr_complex) * (d_length - d_write_index)); data/gr-dab-0.4/lib/xrun_monitor_cc_impl.cc:255:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(d_buffer, in + to_produce + (d_length - d_write_index), sizeof(gr_complex) * (tosave - (d_length - d_write_index))); ANALYSIS SUMMARY: Hits = 68 Lines analyzed = 12599 in approximately 0.44 seconds (28859 lines/second) Physical Source Lines of Code (SLOC) = 6430 Hits@level = [0] 22 [1] 0 [2] 68 [3] 0 [4] 0 [5] 0 Hits@level+ = [0+] 90 [1+] 68 [2+] 68 [3+] 0 [4+] 0 [5+] 0 Hits/KSLOC@level+ = [0+] 13.9969 [1+] 10.5754 [2+] 10.5754 [3+] 0 [4+] 0 [5+] 0 Dot directories skipped = 1 (--followdotdir overrides) Minimum risk level = 1 Not every hit is necessarily a security vulnerability. There may be other security vulnerabilities; review your code! See 'Secure Programming HOWTO' (https://dwheeler.com/secure-programs) for more information.