Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler.
Number of rules (primarily dangerous function names) in C/C++ ruleset: 223
Examining data/gr-dab-0.4/include/grdab/api.h
Examining data/gr-dab-0.4/include/grdab/complex_to_interleaved_float_vcf.h
Examining data/gr-dab-0.4/include/grdab/control_stream_to_tag_cc.h
Examining data/gr-dab-0.4/include/grdab/crc16_bb.h
Examining data/gr-dab-0.4/include/grdab/diff_phasor_vcc.h
Examining data/gr-dab-0.4/include/grdab/estimate_sample_rate_bf.h
Examining data/gr-dab-0.4/include/grdab/fib_sink_vb.h
Examining data/gr-dab-0.4/include/grdab/firecode_check_bb.h
Examining data/gr-dab-0.4/include/grdab/fractional_interpolator_triggered_update_cc.h
Examining data/gr-dab-0.4/include/grdab/frequency_interleaver_vcc.h
Examining data/gr-dab-0.4/include/grdab/insert_null_symbol.h
Examining data/gr-dab-0.4/include/grdab/magnitude_equalizer_vcc.h
Examining data/gr-dab-0.4/include/grdab/measure_processing_rate.h
Examining data/gr-dab-0.4/include/grdab/modulo_ff.h
Examining data/gr-dab-0.4/include/grdab/moving_sum_ff.h
Examining data/gr-dab-0.4/include/grdab/mp2_decode_bs.h
Examining data/gr-dab-0.4/include/grdab/mp4_decode_bs.h
Examining data/gr-dab-0.4/include/grdab/ofdm_coarse_frequency_correct.h
Examining data/gr-dab-0.4/include/grdab/ofdm_ffe_all_in_one.h
Examining data/gr-dab-0.4/include/grdab/ofdm_insert_pilot_vcc.h
Examining data/gr-dab-0.4/include/grdab/ofdm_move_and_insert_zero.h
Examining data/gr-dab-0.4/include/grdab/ofdm_remove_first_symbol_vcc.h
Examining data/gr-dab-0.4/include/grdab/ofdm_sampler.h
Examining data/gr-dab-0.4/include/grdab/peak_detector_fb.h
Examining data/gr-dab-0.4/include/grdab/prune.h
Examining data/gr-dab-0.4/include/grdab/prune_vectors.h
Examining data/gr-dab-0.4/include/grdab/puncture_bb.h
Examining data/gr-dab-0.4/include/grdab/qpsk_demapper_vcb.h
Examining data/gr-dab-0.4/include/grdab/qpsk_mapper_vbc.h
Examining data/gr-dab-0.4/include/grdab/reed_solomon_decode_bb.h
Examining data/gr-dab-0.4/include/grdab/repartition_vectors.h
Examining data/gr-dab-0.4/include/grdab/select_subch_vfvf.h
Examining data/gr-dab-0.4/include/grdab/select_vectors.h
Examining data/gr-dab-0.4/include/grdab/sum_phasor_trig_vcc.h
Examining data/gr-dab-0.4/include/grdab/time_deinterleave_ff.h
Examining data/gr-dab-0.4/include/grdab/unpuncture_ff.h
Examining data/gr-dab-0.4/include/grdab/unpuncture_vff.h
Examining data/gr-dab-0.4/include/grdab/valve_ff.h
Examining data/gr-dab-0.4/include/grdab/xrun_monitor_cc.h
Examining data/gr-dab-0.4/legacy/dab_ofdm_coarse_frequency_correct.cc
Examining data/gr-dab-0.4/legacy/dab_ofdm_coarse_frequency_correct.h
Examining data/gr-dab-0.4/lib/FIC.h
Examining data/gr-dab-0.4/lib/complex_to_interleaved_float_vcf_impl.cc
Examining data/gr-dab-0.4/lib/complex_to_interleaved_float_vcf_impl.h
Examining data/gr-dab-0.4/lib/control_stream_to_tag_cc_impl.cc
Examining data/gr-dab-0.4/lib/control_stream_to_tag_cc_impl.h
Examining data/gr-dab-0.4/lib/crc16.cc
Examining data/gr-dab-0.4/lib/crc16.h
Examining data/gr-dab-0.4/lib/crc16_bb_impl.cc
Examining data/gr-dab-0.4/lib/crc16_bb_impl.h
Examining data/gr-dab-0.4/lib/crc16_test.cc
Examining data/gr-dab-0.4/lib/dab_concatenate_signals.cc
Examining data/gr-dab-0.4/lib/dab_concatenate_signals.h
Examining data/gr-dab-0.4/lib/dab_correct_individual_phase_offset_vff.cc
Examining data/gr-dab-0.4/lib/dab_correct_individual_phase_offset_vff.h
Examining data/gr-dab-0.4/lib/dab_measure_ber_b.cc
Examining data/gr-dab-0.4/lib/dab_measure_ber_b.h
Examining data/gr-dab-0.4/lib/dab_moving_sum_cc.cc
Examining data/gr-dab-0.4/lib/dab_moving_sum_cc.h
Examining data/gr-dab-0.4/lib/dab_ofdm_ffs_sample.cc
Examining data/gr-dab-0.4/lib/dab_ofdm_ffs_sample.h
Examining data/gr-dab-0.4/lib/dab_puncture_vbb.cc
Examining data/gr-dab-0.4/lib/dab_puncture_vbb.h
Examining data/gr-dab-0.4/lib/dab_sum_elements_vff.cc
Examining data/gr-dab-0.4/lib/dab_sum_elements_vff.h
Examining data/gr-dab-0.4/lib/diff_phasor_vcc_impl.cc
Examining data/gr-dab-0.4/lib/diff_phasor_vcc_impl.h
Examining data/gr-dab-0.4/lib/estimate_sample_rate_bf_impl.cc
Examining data/gr-dab-0.4/lib/estimate_sample_rate_bf_impl.h
Examining data/gr-dab-0.4/lib/fec/char.h
Examining data/gr-dab-0.4/lib/fec/decode_rs.h
Examining data/gr-dab-0.4/lib/fec/decode_rs_char.c
Examining data/gr-dab-0.4/lib/fec/fec.h
Examining data/gr-dab-0.4/lib/fec/init_rs.h
Examining data/gr-dab-0.4/lib/fec/init_rs_char.c
Examining data/gr-dab-0.4/lib/fec/rs-common.h
Examining data/gr-dab-0.4/lib/fib_sink_vb_impl.cc
Examining data/gr-dab-0.4/lib/fib_sink_vb_impl.h
Examining data/gr-dab-0.4/lib/firecode-checker.cpp
Examining data/gr-dab-0.4/lib/firecode-checker.h
Examining data/gr-dab-0.4/lib/firecode_check_bb_impl.cc
Examining data/gr-dab-0.4/lib/firecode_check_bb_impl.h
Examining data/gr-dab-0.4/lib/fractional_interpolator_triggered_update_cc_impl.cc
Examining data/gr-dab-0.4/lib/fractional_interpolator_triggered_update_cc_impl.h
Examining data/gr-dab-0.4/lib/frequency_interleaver_vcc_impl.cc
Examining data/gr-dab-0.4/lib/frequency_interleaver_vcc_impl.h
Examining data/gr-dab-0.4/lib/insert_null_symbol_impl.cc
Examining data/gr-dab-0.4/lib/insert_null_symbol_impl.h
Examining data/gr-dab-0.4/lib/magnitude_equalizer_vcc_impl.cc
Examining data/gr-dab-0.4/lib/magnitude_equalizer_vcc_impl.h
Examining data/gr-dab-0.4/lib/measure_processing_rate_impl.cc
Examining data/gr-dab-0.4/lib/measure_processing_rate_impl.h
Examining data/gr-dab-0.4/lib/modulo_ff_impl.cc
Examining data/gr-dab-0.4/lib/modulo_ff_impl.h
Examining data/gr-dab-0.4/lib/moving_sum_ff_impl.cc
Examining data/gr-dab-0.4/lib/moving_sum_ff_impl.h
Examining data/gr-dab-0.4/lib/mp2_decode_bs_impl.cc
Examining data/gr-dab-0.4/lib/mp2_decode_bs_impl.h
Examining data/gr-dab-0.4/lib/mp4_decode_bs_impl.cc
Examining data/gr-dab-0.4/lib/mp4_decode_bs_impl.h
Examining data/gr-dab-0.4/lib/neaacdec.h
Examining data/gr-dab-0.4/lib/ofdm_coarse_frequency_correct_impl.cc
Examining data/gr-dab-0.4/lib/ofdm_coarse_frequency_correct_impl.h
Examining data/gr-dab-0.4/lib/ofdm_ffe_all_in_one_impl.cc
Examining data/gr-dab-0.4/lib/ofdm_ffe_all_in_one_impl.h
Examining data/gr-dab-0.4/lib/ofdm_insert_pilot_vcc_impl.cc
Examining data/gr-dab-0.4/lib/ofdm_insert_pilot_vcc_impl.h
Examining data/gr-dab-0.4/lib/ofdm_move_and_insert_zero_impl.cc
Examining data/gr-dab-0.4/lib/ofdm_move_and_insert_zero_impl.h
Examining data/gr-dab-0.4/lib/ofdm_remove_first_symbol_vcc_impl.cc
Examining data/gr-dab-0.4/lib/ofdm_remove_first_symbol_vcc_impl.h
Examining data/gr-dab-0.4/lib/ofdm_sampler_impl.cc
Examining data/gr-dab-0.4/lib/ofdm_sampler_impl.h
Examining data/gr-dab-0.4/lib/peak_detector_fb_impl.cc
Examining data/gr-dab-0.4/lib/peak_detector_fb_impl.h
Examining data/gr-dab-0.4/lib/prune_impl.cc
Examining data/gr-dab-0.4/lib/prune_impl.h
Examining data/gr-dab-0.4/lib/prune_vectors_impl.cc
Examining data/gr-dab-0.4/lib/prune_vectors_impl.h
Examining data/gr-dab-0.4/lib/puncture_bb_impl.cc
Examining data/gr-dab-0.4/lib/puncture_bb_impl.h
Examining data/gr-dab-0.4/lib/qa_dab.cc
Examining data/gr-dab-0.4/lib/qa_dab.h
Examining data/gr-dab-0.4/lib/qpsk_demapper_vcb_impl.cc
Examining data/gr-dab-0.4/lib/qpsk_demapper_vcb_impl.h
Examining data/gr-dab-0.4/lib/qpsk_mapper_vbc_impl.cc
Examining data/gr-dab-0.4/lib/qpsk_mapper_vbc_impl.h
Examining data/gr-dab-0.4/lib/reed_solomon_decode_bb_impl.cc
Examining data/gr-dab-0.4/lib/reed_solomon_decode_bb_impl.h
Examining data/gr-dab-0.4/lib/repartition_vectors_impl.cc
Examining data/gr-dab-0.4/lib/repartition_vectors_impl.h
Examining data/gr-dab-0.4/lib/select_subch_vfvf_impl.cc
Examining data/gr-dab-0.4/lib/select_subch_vfvf_impl.h
Examining data/gr-dab-0.4/lib/select_vectors_impl.cc
Examining data/gr-dab-0.4/lib/select_vectors_impl.h
Examining data/gr-dab-0.4/lib/sum_phasor_trig_vcc_impl.cc
Examining data/gr-dab-0.4/lib/sum_phasor_trig_vcc_impl.h
Examining data/gr-dab-0.4/lib/test_dab.cc
Examining data/gr-dab-0.4/lib/time_deinterleave_ff_impl.cc
Examining data/gr-dab-0.4/lib/time_deinterleave_ff_impl.h
Examining data/gr-dab-0.4/lib/unpuncture_ff_impl.cc
Examining data/gr-dab-0.4/lib/unpuncture_ff_impl.h
Examining data/gr-dab-0.4/lib/unpuncture_vff_impl.cc
Examining data/gr-dab-0.4/lib/unpuncture_vff_impl.h
Examining data/gr-dab-0.4/lib/valve_ff_impl.cc
Examining data/gr-dab-0.4/lib/valve_ff_impl.h
Examining data/gr-dab-0.4/lib/xrun_monitor_cc_impl.cc
Examining data/gr-dab-0.4/lib/xrun_monitor_cc_impl.h

FINAL RESULTS:

data/gr-dab-0.4/legacy/dab_ofdm_coarse_frequency_correct.cc:108:36:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  const char *frame_start = (const char *) input_items[1];
data/gr-dab-0.4/legacy/dab_ofdm_coarse_frequency_correct.cc:111:28:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char *frame_start_out = (char *) output_items[1];
data/gr-dab-0.4/lib/control_stream_to_tag_cc_impl.cc:63:39:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
      const char *in_control = (const char *) input_items[1];
data/gr-dab-0.4/lib/control_stream_to_tag_cc_impl.cc:71:7:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
      memcpy(out, in, sizeof(gr_complex)*d_vlen*noutput_items);
data/gr-dab-0.4/lib/crc16_bb_impl.cc:63:31:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
      const char *in = (const char *) input_items[0];
data/gr-dab-0.4/lib/crc16_bb_impl.cc:64:20:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
      char *out = (char *) output_items[0];
data/gr-dab-0.4/lib/dab_concatenate_signals.cc:91:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
  memcpy(output_items[0], input_items[d_current_signal], produced*d_itemsize);
data/gr-dab-0.4/lib/dab_measure_ber_b.cc:58:28:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  const char *in0 = (const char *) input_items[0];
data/gr-dab-0.4/lib/dab_measure_ber_b.cc:59:28:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  const char *in1 = (const char *) input_items[1];
data/gr-dab-0.4/lib/dab_ofdm_ffs_sample.cc:63:32:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  const char *trigger = (const char *) input_items[1];
data/gr-dab-0.4/lib/dab_puncture_vbb.cc:73:27:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  const char *in = (const char *) input_items[0];
data/gr-dab-0.4/lib/dab_puncture_vbb.cc:74:16:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char *out = (char *) output_items[0];
data/gr-dab-0.4/lib/estimate_sample_rate_bf_impl.cc:82:27:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  const char *in = (const char *) input_items[0];
data/gr-dab-0.4/lib/fec/decode_rs.h:204:7:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
      memcpy(lambda,t,(NROOTS+1)*sizeof(t[0]));
data/gr-dab-0.4/lib/fec/decode_rs.h:216:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
  memcpy(&reg[1],&lambda[1],NROOTS*sizeof(reg[0]));
data/gr-dab-0.4/lib/fib_sink_vb_impl.cc:170:23:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
                      char protect_string[4][3] = {"A1", "A2", "A3", "A4"};
data/gr-dab-0.4/lib/fib_sink_vb_impl.cc:325:11:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
          char label[17];
data/gr-dab-0.4/lib/fib_sink_vb_impl.cc:331:15:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
              memcpy(label, &data[4], 16);
data/gr-dab-0.4/lib/fib_sink_vb_impl.cc:341:15:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
              memcpy(label, &data[4], 16);
data/gr-dab-0.4/lib/fib_sink_vb_impl.cc:368:15:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
              memcpy(label, &data[5], 16);
data/gr-dab-0.4/lib/fib_sink_vb_impl.cc:372:15:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
              memcpy(label, &data[5], 16);
data/gr-dab-0.4/lib/fib_sink_vb_impl.cc:413:31:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
      const char *in = (const char *) input_items[0];
data/gr-dab-0.4/lib/firecode_check_bb_impl.cc:76:49:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
      const unsigned char *in = (const unsigned char *) input_items[0];
data/gr-dab-0.4/lib/firecode_check_bb_impl.cc:77:38:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
      unsigned char *out = (unsigned char *) output_items[0];
data/gr-dab-0.4/lib/firecode_check_bb_impl.cc:85:11:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
          memcpy(out + d_nproduced * d_frame_size, in + d_nconsumed * d_frame_size, d_frame_size * 5);
data/gr-dab-0.4/lib/fractional_interpolator_triggered_update_cc_impl.cc:79:32:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  const char *trigger = (const char *) input_items[1];
data/gr-dab-0.4/lib/insert_null_symbol_impl.cc:82:32:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  const char *trigger = (const char *) input_items[1];
data/gr-dab-0.4/lib/mp2_decode_bs_impl.cc:158:11:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    const char quant_lut_step2[3][4] = {
data/gr-dab-0.4/lib/mp2_decode_bs_impl.cc:189:11:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    const char quant_lut_step4[6][16] = {
data/gr-dab-0.4/lib/mp2_decode_bs_impl.cc:617:49:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
      const unsigned char *in = (const unsigned char *) input_items[0]; // input are unpacked bytes
data/gr-dab-0.4/lib/mp4_decode_bs_impl.cc:161:7:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
      memcpy(au, v, frame_length);
data/gr-dab-0.4/lib/mp4_decode_bs_impl.cc:167:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(buffer, &au[2], count);
data/gr-dab-0.4/lib/mp4_decode_bs_impl.cc:296:49:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
      const unsigned char *in = (const unsigned char *) input_items[0] + d_superframe_size;
data/gr-dab-0.4/lib/neaacdec.h:197:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char channel_position[64];
data/gr-dab-0.4/lib/ofdm_insert_pilot_vcc_impl.cc:69:36:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  const char *frame_start = (const char *) input_items[1];
data/gr-dab-0.4/lib/ofdm_insert_pilot_vcc_impl.cc:72:26:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char *o_frame_start = (char *) output_items[1];
data/gr-dab-0.4/lib/ofdm_sampler_impl.cc:148:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(&optr[out], &iptr[index], d_fft_length*sizeof(gr_complex));
data/gr-dab-0.4/lib/prune_impl.cc:78:31:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
      const char *in = (const char *) input_items[0];
data/gr-dab-0.4/lib/prune_impl.cc:79:20:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
      char *out = (char *) output_items[0];
data/gr-dab-0.4/lib/prune_impl.cc:86:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(out, in + d_prune_start * d_itemsize, (d_length - d_prune_start - d_prune_end) * d_itemsize);
data/gr-dab-0.4/lib/prune_vectors_impl.cc:62:31:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
      char const *in = (const char *) input_items[0];
data/gr-dab-0.4/lib/prune_vectors_impl.cc:63:20:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
      char *out = (char *) output_items[0];
data/gr-dab-0.4/lib/prune_vectors_impl.cc:66:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(out, in + d_prune_start * d_itemsize, (d_length - d_prune_start - d_prune_end) * d_itemsize);
data/gr-dab-0.4/lib/puncture_bb_impl.cc:82:49:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
      const unsigned char *in = (const unsigned char *) input_items[0];
data/gr-dab-0.4/lib/puncture_bb_impl.cc:83:38:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
      unsigned char *out = (unsigned char *) output_items[0];
data/gr-dab-0.4/lib/qpsk_demapper_vcb_impl.cc:62:16:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char *out = (char *) output_items[0];
data/gr-dab-0.4/lib/qpsk_mapper_vbc_impl.cc:61:27:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char const *in = (const char *) input_items[0];
data/gr-dab-0.4/lib/reed_solomon_decode_bb_impl.cc:129:49:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
      const unsigned char *in = (const unsigned char *) input_items[0];
data/gr-dab-0.4/lib/reed_solomon_decode_bb_impl.cc:130:38:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
      unsigned char *out = (unsigned char *) output_items[0];
data/gr-dab-0.4/lib/reed_solomon_decode_bb_impl.cc:134:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(superframe, &in[n * d_superframe_size], d_superframe_size);
data/gr-dab-0.4/lib/reed_solomon_decode_bb_impl.cc:136:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(&out[n * d_superframe_size_rs], superframe, d_superframe_size_rs);
data/gr-dab-0.4/lib/repartition_vectors_impl.cc:72:29:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  const char *iptr = (const char *) input_items[0];
data/gr-dab-0.4/lib/repartition_vectors_impl.cc:74:17:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char *optr = (char *) output_items[0];
data/gr-dab-0.4/lib/repartition_vectors_impl.cc:145:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(optr, iptr, d_multiply*d_itemsize*d_vlen_in);
data/gr-dab-0.4/lib/select_subch_vfvf_impl.cc:81:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(&out[i * d_vlen_out], &in[d_vlen_in * (i * d_total_size + d_address)],
data/gr-dab-0.4/lib/select_vectors_impl.cc:72:29:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  const char *iptr = (const char *) input_items[0];
data/gr-dab-0.4/lib/select_vectors_impl.cc:74:17:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char *optr = (char *) output_items[0];
data/gr-dab-0.4/lib/select_vectors_impl.cc:122:7:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
      memcpy(optr, iptr, d_length*d_itemsize);
data/gr-dab-0.4/lib/sum_phasor_trig_vcc_impl.cc:64:36:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  const char *frame_start = (const char *) input_items[1];
data/gr-dab-0.4/lib/sum_phasor_trig_vcc_impl.cc:65:26:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char *o_frame_start = (char *) output_items[1];
data/gr-dab-0.4/lib/valve_ff_impl.cc:85:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(out, in, noutput_items * sizeof(float));
data/gr-dab-0.4/lib/xrun_monitor_cc_impl.cc:188:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(out, d_buffer + d_read_index, sizeof(gr_complex) * to_produce_here);
data/gr-dab-0.4/lib/xrun_monitor_cc_impl.cc:201:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(out, d_buffer + d_read_index, sizeof(gr_complex) * to_produce_here);
data/gr-dab-0.4/lib/xrun_monitor_cc_impl.cc:206:13:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
            memcpy(out+to_produce_here, d_buffer, sizeof(gr_complex) * to_produce_here2);
data/gr-dab-0.4/lib/xrun_monitor_cc_impl.cc:226:7:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
      memcpy(out+outpos, in, sizeof(gr_complex) * to_produce);
data/gr-dab-0.4/lib/xrun_monitor_cc_impl.cc:250:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(d_buffer + d_write_index, in + to_produce, sizeof(gr_complex) * tosave);
data/gr-dab-0.4/lib/xrun_monitor_cc_impl.cc:254:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(d_buffer + d_write_index, in + to_produce, sizeof(gr_complex) * (d_length - d_write_index));
data/gr-dab-0.4/lib/xrun_monitor_cc_impl.cc:255:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(d_buffer, in + to_produce + (d_length - d_write_index), sizeof(gr_complex) * (tosave - (d_length - d_write_index)));

ANALYSIS SUMMARY:

Hits = 68
Lines analyzed = 12599 in approximately 0.44 seconds (28859 lines/second)
Physical Source Lines of Code (SLOC) = 6430
Hits@level = [0]  22 [1]   0 [2]  68 [3]   0 [4]   0 [5]   0
Hits@level+ = [0+]  90 [1+]  68 [2+]  68 [3+]   0 [4+]   0 [5+]   0
Hits/KSLOC@level+ = [0+] 13.9969 [1+] 10.5754 [2+] 10.5754 [3+]   0 [4+]   0 [5+]   0
Dot directories skipped = 1 (--followdotdir overrides)
Minimum risk level = 1
Not every hit is necessarily a security vulnerability.
There may be other security vulnerabilities; review your code!
See 'Secure Programming HOWTO'
(https://dwheeler.com/secure-programs) for more information.