Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler.
Number of rules (primarily dangerous function names) in C/C++ ruleset: 223
Examining data/libgav1-0.16.0/examples/file_reader.cc
Examining data/libgav1-0.16.0/examples/file_reader.h
Examining data/libgav1-0.16.0/examples/file_reader_constants.cc
Examining data/libgav1-0.16.0/examples/file_reader_constants.h
Examining data/libgav1-0.16.0/examples/file_reader_factory.cc
Examining data/libgav1-0.16.0/examples/file_reader_factory.h
Examining data/libgav1-0.16.0/examples/file_reader_interface.h
Examining data/libgav1-0.16.0/examples/file_writer.cc
Examining data/libgav1-0.16.0/examples/file_writer.h
Examining data/libgav1-0.16.0/examples/gav1_decode.cc
Examining data/libgav1-0.16.0/examples/gav1_decode_cv_pixel_buffer_pool.cc
Examining data/libgav1-0.16.0/examples/gav1_decode_cv_pixel_buffer_pool.h
Examining data/libgav1-0.16.0/examples/ivf_parser.cc
Examining data/libgav1-0.16.0/examples/ivf_parser.h
Examining data/libgav1-0.16.0/examples/logging.h
Examining data/libgav1-0.16.0/src/buffer_pool.cc
Examining data/libgav1-0.16.0/src/buffer_pool.h
Examining data/libgav1-0.16.0/src/decoder.cc
Examining data/libgav1-0.16.0/src/decoder_impl.cc
Examining data/libgav1-0.16.0/src/decoder_impl.h
Examining data/libgav1-0.16.0/src/decoder_settings.cc
Examining data/libgav1-0.16.0/src/decoder_state.h
Examining data/libgav1-0.16.0/src/dsp/arm/average_blend_neon.cc
Examining data/libgav1-0.16.0/src/dsp/arm/average_blend_neon.h
Examining data/libgav1-0.16.0/src/dsp/arm/cdef_neon.cc
Examining data/libgav1-0.16.0/src/dsp/arm/cdef_neon.h
Examining data/libgav1-0.16.0/src/dsp/arm/common_neon.h
Examining data/libgav1-0.16.0/src/dsp/arm/convolve_neon.cc
Examining data/libgav1-0.16.0/src/dsp/arm/convolve_neon.h
Examining data/libgav1-0.16.0/src/dsp/arm/distance_weighted_blend_neon.cc
Examining data/libgav1-0.16.0/src/dsp/arm/distance_weighted_blend_neon.h
Examining data/libgav1-0.16.0/src/dsp/arm/film_grain_neon.cc
Examining data/libgav1-0.16.0/src/dsp/arm/film_grain_neon.h
Examining data/libgav1-0.16.0/src/dsp/arm/intra_edge_neon.cc
Examining data/libgav1-0.16.0/src/dsp/arm/intra_edge_neon.h
Examining data/libgav1-0.16.0/src/dsp/arm/intrapred_cfl_neon.cc
Examining data/libgav1-0.16.0/src/dsp/arm/intrapred_directional_neon.cc
Examining data/libgav1-0.16.0/src/dsp/arm/intrapred_filter_intra_neon.cc
Examining data/libgav1-0.16.0/src/dsp/arm/intrapred_neon.cc
Examining data/libgav1-0.16.0/src/dsp/arm/intrapred_neon.h
Examining data/libgav1-0.16.0/src/dsp/arm/intrapred_smooth_neon.cc
Examining data/libgav1-0.16.0/src/dsp/arm/inverse_transform_neon.cc
Examining data/libgav1-0.16.0/src/dsp/arm/inverse_transform_neon.h
Examining data/libgav1-0.16.0/src/dsp/arm/loop_filter_neon.cc
Examining data/libgav1-0.16.0/src/dsp/arm/loop_filter_neon.h
Examining data/libgav1-0.16.0/src/dsp/arm/loop_restoration_neon.cc
Examining data/libgav1-0.16.0/src/dsp/arm/loop_restoration_neon.h
Examining data/libgav1-0.16.0/src/dsp/arm/mask_blend_neon.cc
Examining data/libgav1-0.16.0/src/dsp/arm/mask_blend_neon.h
Examining data/libgav1-0.16.0/src/dsp/arm/motion_field_projection_neon.cc
Examining data/libgav1-0.16.0/src/dsp/arm/motion_field_projection_neon.h
Examining data/libgav1-0.16.0/src/dsp/arm/motion_vector_search_neon.cc
Examining data/libgav1-0.16.0/src/dsp/arm/motion_vector_search_neon.h
Examining data/libgav1-0.16.0/src/dsp/arm/obmc_neon.cc
Examining data/libgav1-0.16.0/src/dsp/arm/obmc_neon.h
Examining data/libgav1-0.16.0/src/dsp/arm/super_res_neon.cc
Examining data/libgav1-0.16.0/src/dsp/arm/super_res_neon.h
Examining data/libgav1-0.16.0/src/dsp/arm/warp_neon.cc
Examining data/libgav1-0.16.0/src/dsp/arm/warp_neon.h
Examining data/libgav1-0.16.0/src/dsp/arm/weight_mask_neon.cc
Examining data/libgav1-0.16.0/src/dsp/arm/weight_mask_neon.h
Examining data/libgav1-0.16.0/src/dsp/average_blend.cc
Examining data/libgav1-0.16.0/src/dsp/average_blend.h
Examining data/libgav1-0.16.0/src/dsp/cdef.cc
Examining data/libgav1-0.16.0/src/dsp/cdef.h
Examining data/libgav1-0.16.0/src/dsp/common.h
Examining data/libgav1-0.16.0/src/dsp/constants.cc
Examining data/libgav1-0.16.0/src/dsp/constants.h
Examining data/libgav1-0.16.0/src/dsp/convolve.cc
Examining data/libgav1-0.16.0/src/dsp/convolve.h
Examining data/libgav1-0.16.0/src/dsp/distance_weighted_blend.cc
Examining data/libgav1-0.16.0/src/dsp/distance_weighted_blend.h
Examining data/libgav1-0.16.0/src/dsp/dsp.cc
Examining data/libgav1-0.16.0/src/dsp/dsp.h
Examining data/libgav1-0.16.0/src/dsp/film_grain.cc
Examining data/libgav1-0.16.0/src/dsp/film_grain.h
Examining data/libgav1-0.16.0/src/dsp/film_grain_common.h
Examining data/libgav1-0.16.0/src/dsp/intra_edge.cc
Examining data/libgav1-0.16.0/src/dsp/intra_edge.h
Examining data/libgav1-0.16.0/src/dsp/intrapred.cc
Examining data/libgav1-0.16.0/src/dsp/intrapred.h
Examining data/libgav1-0.16.0/src/dsp/inverse_transform.cc
Examining data/libgav1-0.16.0/src/dsp/inverse_transform.h
Examining data/libgav1-0.16.0/src/dsp/loop_filter.cc
Examining data/libgav1-0.16.0/src/dsp/loop_filter.h
Examining data/libgav1-0.16.0/src/dsp/loop_restoration.cc
Examining data/libgav1-0.16.0/src/dsp/loop_restoration.h
Examining data/libgav1-0.16.0/src/dsp/mask_blend.cc
Examining data/libgav1-0.16.0/src/dsp/mask_blend.h
Examining data/libgav1-0.16.0/src/dsp/motion_field_projection.cc
Examining data/libgav1-0.16.0/src/dsp/motion_field_projection.h
Examining data/libgav1-0.16.0/src/dsp/motion_vector_search.cc
Examining data/libgav1-0.16.0/src/dsp/motion_vector_search.h
Examining data/libgav1-0.16.0/src/dsp/obmc.cc
Examining data/libgav1-0.16.0/src/dsp/obmc.h
Examining data/libgav1-0.16.0/src/dsp/super_res.cc
Examining data/libgav1-0.16.0/src/dsp/super_res.h
Examining data/libgav1-0.16.0/src/dsp/warp.cc
Examining data/libgav1-0.16.0/src/dsp/warp.h
Examining data/libgav1-0.16.0/src/dsp/weight_mask.cc
Examining data/libgav1-0.16.0/src/dsp/weight_mask.h
Examining data/libgav1-0.16.0/src/dsp/x86/average_blend_sse4.cc
Examining data/libgav1-0.16.0/src/dsp/x86/average_blend_sse4.h
Examining data/libgav1-0.16.0/src/dsp/x86/cdef_sse4.cc
Examining data/libgav1-0.16.0/src/dsp/x86/cdef_sse4.h
Examining data/libgav1-0.16.0/src/dsp/x86/common_avx2.h
Examining data/libgav1-0.16.0/src/dsp/x86/common_sse4.h
Examining data/libgav1-0.16.0/src/dsp/x86/convolve_avx2.cc
Examining data/libgav1-0.16.0/src/dsp/x86/convolve_avx2.h
Examining data/libgav1-0.16.0/src/dsp/x86/convolve_sse4.cc
Examining data/libgav1-0.16.0/src/dsp/x86/convolve_sse4.h
Examining data/libgav1-0.16.0/src/dsp/x86/distance_weighted_blend_sse4.cc
Examining data/libgav1-0.16.0/src/dsp/x86/distance_weighted_blend_sse4.h
Examining data/libgav1-0.16.0/src/dsp/x86/intra_edge_sse4.cc
Examining data/libgav1-0.16.0/src/dsp/x86/intra_edge_sse4.h
Examining data/libgav1-0.16.0/src/dsp/x86/intrapred_cfl_sse4.cc
Examining data/libgav1-0.16.0/src/dsp/x86/intrapred_smooth_sse4.cc
Examining data/libgav1-0.16.0/src/dsp/x86/intrapred_sse4.cc
Examining data/libgav1-0.16.0/src/dsp/x86/intrapred_sse4.h
Examining data/libgav1-0.16.0/src/dsp/x86/inverse_transform_sse4.cc
Examining data/libgav1-0.16.0/src/dsp/x86/inverse_transform_sse4.h
Examining data/libgav1-0.16.0/src/dsp/x86/loop_filter_sse4.cc
Examining data/libgav1-0.16.0/src/dsp/x86/loop_filter_sse4.h
Examining data/libgav1-0.16.0/src/dsp/x86/loop_restoration_10bit_avx2.cc
Examining data/libgav1-0.16.0/src/dsp/x86/loop_restoration_10bit_sse4.cc
Examining data/libgav1-0.16.0/src/dsp/x86/loop_restoration_avx2.cc
Examining data/libgav1-0.16.0/src/dsp/x86/loop_restoration_avx2.h
Examining data/libgav1-0.16.0/src/dsp/x86/loop_restoration_sse4.cc
Examining data/libgav1-0.16.0/src/dsp/x86/loop_restoration_sse4.h
Examining data/libgav1-0.16.0/src/dsp/x86/mask_blend_sse4.cc
Examining data/libgav1-0.16.0/src/dsp/x86/mask_blend_sse4.h
Examining data/libgav1-0.16.0/src/dsp/x86/motion_field_projection_sse4.cc
Examining data/libgav1-0.16.0/src/dsp/x86/motion_field_projection_sse4.h
Examining data/libgav1-0.16.0/src/dsp/x86/motion_vector_search_sse4.cc
Examining data/libgav1-0.16.0/src/dsp/x86/motion_vector_search_sse4.h
Examining data/libgav1-0.16.0/src/dsp/x86/obmc_sse4.cc
Examining data/libgav1-0.16.0/src/dsp/x86/obmc_sse4.h
Examining data/libgav1-0.16.0/src/dsp/x86/super_res_sse4.cc
Examining data/libgav1-0.16.0/src/dsp/x86/super_res_sse4.h
Examining data/libgav1-0.16.0/src/dsp/x86/transpose_sse4.h
Examining data/libgav1-0.16.0/src/dsp/x86/warp_sse4.cc
Examining data/libgav1-0.16.0/src/dsp/x86/warp_sse4.h
Examining data/libgav1-0.16.0/src/dsp/x86/weight_mask_sse4.cc
Examining data/libgav1-0.16.0/src/dsp/x86/weight_mask_sse4.h
Examining data/libgav1-0.16.0/src/film_grain.cc
Examining data/libgav1-0.16.0/src/film_grain.h
Examining data/libgav1-0.16.0/src/frame_buffer.cc
Examining data/libgav1-0.16.0/src/frame_buffer_utils.h
Examining data/libgav1-0.16.0/src/frame_scratch_buffer.h
Examining data/libgav1-0.16.0/src/gav1/decoder.h
Examining data/libgav1-0.16.0/src/gav1/decoder_buffer.h
Examining data/libgav1-0.16.0/src/gav1/decoder_settings.h
Examining data/libgav1-0.16.0/src/gav1/frame_buffer.h
Examining data/libgav1-0.16.0/src/gav1/status_code.h
Examining data/libgav1-0.16.0/src/gav1/symbol_visibility.h
Examining data/libgav1-0.16.0/src/gav1/version.h
Examining data/libgav1-0.16.0/src/internal_frame_buffer_list.cc
Examining data/libgav1-0.16.0/src/internal_frame_buffer_list.h
Examining data/libgav1-0.16.0/src/loop_restoration_info.cc
Examining data/libgav1-0.16.0/src/loop_restoration_info.h
Examining data/libgav1-0.16.0/src/motion_vector.cc
Examining data/libgav1-0.16.0/src/motion_vector.h
Examining data/libgav1-0.16.0/src/obu_parser.cc
Examining data/libgav1-0.16.0/src/obu_parser.h
Examining data/libgav1-0.16.0/src/post_filter.h
Examining data/libgav1-0.16.0/src/post_filter/cdef.cc
Examining data/libgav1-0.16.0/src/post_filter/deblock.cc
Examining data/libgav1-0.16.0/src/post_filter/loop_restoration.cc
Examining data/libgav1-0.16.0/src/post_filter/post_filter.cc
Examining data/libgav1-0.16.0/src/post_filter/super_res.cc
Examining data/libgav1-0.16.0/src/prediction_mask.cc
Examining data/libgav1-0.16.0/src/prediction_mask.h
Examining data/libgav1-0.16.0/src/quantizer.cc
Examining data/libgav1-0.16.0/src/quantizer.h
Examining data/libgav1-0.16.0/src/reconstruction.cc
Examining data/libgav1-0.16.0/src/reconstruction.h
Examining data/libgav1-0.16.0/src/residual_buffer_pool.cc
Examining data/libgav1-0.16.0/src/residual_buffer_pool.h
Examining data/libgav1-0.16.0/src/status_code.cc
Examining data/libgav1-0.16.0/src/symbol_decoder_context.cc
Examining data/libgav1-0.16.0/src/symbol_decoder_context.h
Examining data/libgav1-0.16.0/src/threading_strategy.cc
Examining data/libgav1-0.16.0/src/threading_strategy.h
Examining data/libgav1-0.16.0/src/tile.h
Examining data/libgav1-0.16.0/src/tile/bitstream/mode_info.cc
Examining data/libgav1-0.16.0/src/tile/bitstream/palette.cc
Examining data/libgav1-0.16.0/src/tile/bitstream/partition.cc
Examining data/libgav1-0.16.0/src/tile/bitstream/transform_size.cc
Examining data/libgav1-0.16.0/src/tile/prediction.cc
Examining data/libgav1-0.16.0/src/tile/tile.cc
Examining data/libgav1-0.16.0/src/tile_scratch_buffer.cc
Examining data/libgav1-0.16.0/src/tile_scratch_buffer.h
Examining data/libgav1-0.16.0/src/utils/array_2d.h
Examining data/libgav1-0.16.0/src/utils/bit_mask_set.h
Examining data/libgav1-0.16.0/src/utils/bit_reader.cc
Examining data/libgav1-0.16.0/src/utils/bit_reader.h
Examining data/libgav1-0.16.0/src/utils/block_parameters_holder.cc
Examining data/libgav1-0.16.0/src/utils/block_parameters_holder.h
Examining data/libgav1-0.16.0/src/utils/blocking_counter.h
Examining data/libgav1-0.16.0/src/utils/common.h
Examining data/libgav1-0.16.0/src/utils/compiler_attributes.h
Examining data/libgav1-0.16.0/src/utils/constants.cc
Examining data/libgav1-0.16.0/src/utils/constants.h
Examining data/libgav1-0.16.0/src/utils/cpu.cc
Examining data/libgav1-0.16.0/src/utils/cpu.h
Examining data/libgav1-0.16.0/src/utils/dynamic_buffer.h
Examining data/libgav1-0.16.0/src/utils/entropy_decoder.cc
Examining data/libgav1-0.16.0/src/utils/entropy_decoder.h
Examining data/libgav1-0.16.0/src/utils/executor.cc
Examining data/libgav1-0.16.0/src/utils/executor.h
Examining data/libgav1-0.16.0/src/utils/logging.cc
Examining data/libgav1-0.16.0/src/utils/logging.h
Examining data/libgav1-0.16.0/src/utils/memory.h
Examining data/libgav1-0.16.0/src/utils/parameter_tree.cc
Examining data/libgav1-0.16.0/src/utils/parameter_tree.h
Examining data/libgav1-0.16.0/src/utils/queue.h
Examining data/libgav1-0.16.0/src/utils/raw_bit_reader.cc
Examining data/libgav1-0.16.0/src/utils/raw_bit_reader.h
Examining data/libgav1-0.16.0/src/utils/reference_info.h
Examining data/libgav1-0.16.0/src/utils/segmentation.cc
Examining data/libgav1-0.16.0/src/utils/segmentation.h
Examining data/libgav1-0.16.0/src/utils/segmentation_map.cc
Examining data/libgav1-0.16.0/src/utils/segmentation_map.h
Examining data/libgav1-0.16.0/src/utils/stack.h
Examining data/libgav1-0.16.0/src/utils/threadpool.cc
Examining data/libgav1-0.16.0/src/utils/threadpool.h
Examining data/libgav1-0.16.0/src/utils/types.h
Examining data/libgav1-0.16.0/src/utils/unbounded_queue.h
Examining data/libgav1-0.16.0/src/utils/vector.h
Examining data/libgav1-0.16.0/src/version.cc
Examining data/libgav1-0.16.0/src/warp_prediction.cc
Examining data/libgav1-0.16.0/src/warp_prediction.h
Examining data/libgav1-0.16.0/src/yuv_buffer.cc
Examining data/libgav1-0.16.0/src/yuv_buffer.h
Examining data/libgav1-0.16.0/tests/fuzzer/decoder_fuzzer.cc
Examining data/libgav1-0.16.0/tests/fuzzer/decoder_fuzzer_frame_parallel.cc
Examining data/libgav1-0.16.0/tests/fuzzer/fuzzer_temp_file.h
Examining data/libgav1-0.16.0/tests/fuzzer/obu_parser_fuzzer.cc
FINAL RESULTS:
data/libgav1-0.16.0/src/dsp/arm/common_neon.h:90:35: [4] (buffer) StrCat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120).
const std::string name0 = absl::StrCat(name, ".val[0]").c_str();
data/libgav1-0.16.0/src/dsp/arm/common_neon.h:93:35: [4] (buffer) StrCat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120).
const std::string name1 = absl::StrCat(name, ".val[1]").c_str();
data/libgav1-0.16.0/src/utils/logging.cc:55:3: [4] (format) vfprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
vfprintf(stderr, format, ap);
data/libgav1-0.16.0/src/utils/threadpool.cc:209:14: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
int rv = snprintf(name, sizeof(name), "%s/%" PRId64, pool_->name_prefix_,
data/libgav1-0.16.0/src/utils/threadpool.cc:220:14: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
int rv = snprintf(name, sizeof(name), "%s/%" PRId64, pool_->name_prefix_,
data/libgav1-0.16.0/examples/file_reader.cc:65:20: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
raw_file_ptr = fopen(file_name.c_str(), "rb");
data/libgav1-0.16.0/examples/file_reader_constants.cc:19:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char kIvfSignature[4] = {'D', 'K', 'I', 'F'};
data/libgav1-0.16.0/examples/file_reader_constants.cc:20:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char kAv1FourCcUpper[4] = {'A', 'V', '0', '1'};
data/libgav1-0.16.0/examples/file_reader_constants.cc:21:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char kAv1FourCcLower[4] = {'a', 'v', '0', '1'};
data/libgav1-0.16.0/examples/file_reader_constants.h:33:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern const char kIvfSignature[4];
data/libgav1-0.16.0/examples/file_reader_constants.h:34:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern const char kAv1FourCcUpper[4];
data/libgav1-0.16.0/examples/file_reader_constants.h:35:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern const char kAv1FourCcLower[4];
data/libgav1-0.16.0/examples/file_writer.cc:99:20: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
raw_file_ptr = fopen(file_name.c_str(), "wb");
data/libgav1-0.16.0/examples/file_writer.cc:145:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char error_string[256];
data/libgav1-0.16.0/examples/gav1_decode.cc:257:29: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
frame_timing_file.reset(fopen(options.frame_timing_file_name, "wb"));
data/libgav1-0.16.0/src/dsp/arm/common_neon.h:201:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&temp, buf, 2);
data/libgav1-0.16.0/src/dsp/arm/common_neon.h:209:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&temp, buf, 2);
data/libgav1-0.16.0/src/dsp/arm/common_neon.h:220:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&temp, buf, 4);
data/libgav1-0.16.0/src/dsp/arm/common_neon.h:228:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&temp, buf, 4);
data/libgav1-0.16.0/src/dsp/arm/common_neon.h:241:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buf, &val, sizeof(val));
data/libgav1-0.16.0/src/dsp/arm/film_grain_neon.cc:817:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(luma_buffer, &in_y_row[luma_x], valid_range * sizeof(in_y_row[0]));
data/libgav1-0.16.0/src/dsp/arm/film_grain_neon.cc:944:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(luma_buffer, &in_y_row[luma_x], valid_range * sizeof(in_y_row[0]));
data/libgav1-0.16.0/src/dsp/arm/intra_edge_neon.cc:107:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(dst_buffer + i, temp, remainder);
data/libgav1-0.16.0/src/dsp/arm/intra_edge_neon.cc:198:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(dst_buffer + i, temp, remainder);
data/libgav1-0.16.0/src/dsp/arm/intrapred_directional_neon.cc:226:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(dst, top_ptr, width);
data/libgav1-0.16.0/src/dsp/arm/intrapred_directional_neon.cc:227:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(dst + stride, top_ptr + 1, width);
data/libgav1-0.16.0/src/dsp/arm/intrapred_directional_neon.cc:228:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(dst + 2 * stride, top_ptr + 2, width);
data/libgav1-0.16.0/src/dsp/arm/intrapred_directional_neon.cc:229:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(dst + 3 * stride, top_ptr + 3, width);
data/libgav1-0.16.0/src/dsp/arm/intrapred_directional_neon.cc:781:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(top_buffer + 128, static_cast<const uint8_t*>(top_row) - 16, 160);
data/libgav1-0.16.0/src/dsp/arm/intrapred_directional_neon.cc:782:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(left_buffer + 128, static_cast<const uint8_t*>(left_column) - 16, 160);
data/libgav1-0.16.0/src/dsp/arm/inverse_transform_neon.cc:497:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&dst[y * width], dst, width * sizeof(dst[0]));
data/libgav1-0.16.0/src/dsp/arm/loop_restoration_neon.cc:554:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(wiener_buffer_horizontal, wiener_buffer_horizontal - wiener_stride,
data/libgav1-0.16.0/src/dsp/arm/loop_restoration_neon.cc:556:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(restoration_buffer->wiener_buffer,
data/libgav1-0.16.0/src/dsp/convolve.cc:479:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(dest, src, width * sizeof(Pixel));
data/libgav1-0.16.0/src/dsp/film_grain.cc:280:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&noise_stripe[i * plane_width + (x << (1 - subsampling_x))],
data/libgav1-0.16.0/src/dsp/film_grain.cc:333:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&noise_stripe[i * plane_width],
data/libgav1-0.16.0/src/dsp/film_grain.cc:408:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&noise_stripe[i * plane_width + (x << (1 - subsampling_x)) + j],
data/libgav1-0.16.0/src/dsp/intra_edge.cc:37:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(edge, buffer, sizeof(edge[0]) * size);
data/libgav1-0.16.0/src/dsp/intra_edge.cc:56:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(temp + 2, pixel_buffer, sizeof(temp[0]) * size);
data/libgav1-0.16.0/src/dsp/intrapred.cc:174:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(dst, top_row, block_width * sizeof(Pixel));
data/libgav1-0.16.0/src/dsp/intrapred.cc:385:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buffer[0], &top[-1], (width + 1) * sizeof(top[0]));
data/libgav1-0.16.0/src/dsp/intrapred.cc:419:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(dst, &buffer[1][1], width * sizeof(dst[0]));
data/libgav1-0.16.0/src/dsp/intrapred.cc:421:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(dst, &buffer[row2][1], width * sizeof(dst[0]));
data/libgav1-0.16.0/src/dsp/intrapred.cc:520:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(dst, top_ptr, sizeof(*top_ptr) * width);
data/libgav1-0.16.0/src/dsp/loop_restoration.cc:214:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(wiener_buffer, wiener_buffer - width,
data/libgav1-0.16.0/src/dsp/loop_restoration.cc:216:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(wiener_buffer_org, wiener_buffer_org + width,
data/libgav1-0.16.0/src/dsp/warp.cc:204:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(dst_row, first_dst_row, 8 * sizeof(*dst_row));
data/libgav1-0.16.0/src/dsp/x86/common_sse4.h:100:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&temp, buf, 2);
data/libgav1-0.16.0/src/dsp/x86/common_sse4.h:193:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(dst, &val, 2);
data/libgav1-0.16.0/src/dsp/x86/common_sse4.h:198:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(dst, &val, sizeof(val));
data/libgav1-0.16.0/src/dsp/x86/distance_weighted_blend_sse4.cc:87:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(dst, &result_1, sizeof(result_1));
data/libgav1-0.16.0/src/dsp/x86/distance_weighted_blend_sse4.cc:90:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(dst, &result_2, sizeof(result_2));
data/libgav1-0.16.0/src/dsp/x86/distance_weighted_blend_sse4.cc:93:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(dst, &result_3, sizeof(result_3));
data/libgav1-0.16.0/src/dsp/x86/intra_edge_sse4.cc:157:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(edge, buffer, size);
data/libgav1-0.16.0/src/dsp/x86/intra_edge_sse4.cc:213:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(temp + 2, pixel_buffer, sizeof(temp[0]) * size);
data/libgav1-0.16.0/src/dsp/x86/intrapred_cfl_sse4.cc:106:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&src_bytes, src, 4);
data/libgav1-0.16.0/src/dsp/x86/intrapred_sse4.cc:291:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(dst, &row1, 4);
data/libgav1-0.16.0/src/dsp/x86/intrapred_sse4.cc:294:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(dst, &row2, 4);
data/libgav1-0.16.0/src/dsp/x86/intrapred_sse4.cc:297:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(dst, &row3, 4);
data/libgav1-0.16.0/src/dsp/x86/intrapred_sse4.cc:1425:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(dst, top + offset, width);
data/libgav1-0.16.0/src/dsp/x86/intrapred_sse4.cc:1427:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(dst, top + offset + 1, width);
data/libgav1-0.16.0/src/dsp/x86/intrapred_sse4.cc:1429:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(dst, top + offset + 2, width);
data/libgav1-0.16.0/src/dsp/x86/intrapred_sse4.cc:1431:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(dst, top + offset + 3, width);
data/libgav1-0.16.0/src/dsp/x86/intrapred_sse4.cc:1436:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(dst, top + offset, width);
data/libgav1-0.16.0/src/dsp/x86/intrapred_sse4.cc:1438:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(dst, top + offset + 1, width);
data/libgav1-0.16.0/src/dsp/x86/intrapred_sse4.cc:1440:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(dst, top + offset + 2, width);
data/libgav1-0.16.0/src/dsp/x86/intrapred_sse4.cc:1442:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(dst, top + offset + 3, width);
data/libgav1-0.16.0/src/dsp/x86/intrapred_sse4.cc:1444:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(dst, top + offset + 4, width);
data/libgav1-0.16.0/src/dsp/x86/intrapred_sse4.cc:1446:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(dst, top + offset + 5, width);
data/libgav1-0.16.0/src/dsp/x86/intrapred_sse4.cc:1448:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(dst, top + offset + 6, width);
data/libgav1-0.16.0/src/dsp/x86/intrapred_sse4.cc:1450:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(dst, top + offset + 7, width);
data/libgav1-0.16.0/src/dsp/x86/intrapred_sse4.cc:1782:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(dest, &result_row1, sizeof(result_row1));
data/libgav1-0.16.0/src/dsp/x86/intrapred_sse4.cc:1785:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(dest, &result_row2, sizeof(result_row2));
data/libgav1-0.16.0/src/dsp/x86/intrapred_sse4.cc:1788:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(dest, &result_row3, sizeof(result_row3));
data/libgav1-0.16.0/src/dsp/x86/intrapred_sse4.cc:2385:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(top_buffer + 128, static_cast<const uint8_t*>(top_row) - 16, 160);
data/libgav1-0.16.0/src/dsp/x86/intrapred_sse4.cc:2386:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(left_buffer + 128, static_cast<const uint8_t*>(left_column) - 16, 160);
data/libgav1-0.16.0/src/dsp/x86/inverse_transform_sse4.cc:288:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&dst[y * width], dst, width * sizeof(dst[0]));
data/libgav1-0.16.0/src/dsp/x86/loop_restoration_10bit_avx2.cc:549:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(wiener_buffer_horizontal, wiener_buffer_horizontal - wiener_stride,
data/libgav1-0.16.0/src/dsp/x86/loop_restoration_10bit_avx2.cc:551:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(restoration_buffer->wiener_buffer,
data/libgav1-0.16.0/src/dsp/x86/loop_restoration_10bit_sse4.cc:505:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(wiener_buffer_horizontal, wiener_buffer_horizontal - wiener_stride,
data/libgav1-0.16.0/src/dsp/x86/loop_restoration_10bit_sse4.cc:507:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(restoration_buffer->wiener_buffer,
data/libgav1-0.16.0/src/dsp/x86/loop_restoration_avx2.cc:562:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(wiener_buffer_horizontal, wiener_buffer_horizontal - wiener_stride,
data/libgav1-0.16.0/src/dsp/x86/loop_restoration_avx2.cc:564:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(restoration_buffer->wiener_buffer,
data/libgav1-0.16.0/src/dsp/x86/loop_restoration_sse4.cc:569:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(wiener_buffer_horizontal, wiener_buffer_horizontal - wiener_stride,
data/libgav1-0.16.0/src/dsp/x86/loop_restoration_sse4.cc:571:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(restoration_buffer->wiener_buffer,
data/libgav1-0.16.0/src/dsp/x86/obmc_sse4.cc:62:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pred, &second_row_result, sizeof(second_row_result));
data/libgav1-0.16.0/src/dsp/x86/obmc_sse4.cc:100:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pred, &second_row_result, sizeof(second_row_result));
data/libgav1-0.16.0/src/dsp/x86/warp_sse4.cc:241:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(dst_row, first_dst_row, 8 * sizeof(*dst_row));
data/libgav1-0.16.0/src/film_grain.cc:253:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(dest_plane, source_plane, width * sizeof(Pixel));
data/libgav1-0.16.0/src/film_grain.cc:500:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((*noise_image)[y], first_noise_stripe + y * plane_width,
data/libgav1-0.16.0/src/film_grain.cc:510:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((*noise_image)[y + i], noise_stripe + i * plane_width,
data/libgav1-0.16.0/src/film_grain.cc:522:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((*noise_image)[y + i], noise_stripe + i * plane_width,
data/libgav1-0.16.0/src/obu_parser.cc:2472:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(metadata_.itu_t_t35_payload_bytes.get(), data, i);
data/libgav1-0.16.0/src/post_filter.h:298:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(dst, src, width * sizeof(Pixel));
data/libgav1-0.16.0/src/post_filter/cdef.cc:39:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(dst - kCdefBorder, src - kCdefBorder,
data/libgav1-0.16.0/src/post_filter/cdef.cc:42:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(dst - kCdefBorder, left_border, kCdefBorder * sizeof(dst[0]));
data/libgav1-0.16.0/src/post_filter/cdef.cc:44:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(dst, src, block_width * sizeof(dst[0]));
data/libgav1-0.16.0/src/post_filter/cdef.cc:49:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(dst + block_width, src + block_width,
data/libgav1-0.16.0/src/post_filter/cdef.cc:81:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(dst, src, width * pixel_size);
data/libgav1-0.16.0/src/post_filter/cdef.cc:111:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(dst, src, row_width);
data/libgav1-0.16.0/src/post_filter/post_filter.cc:103:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(dst, src, sizeof(Pixel) * stride);
data/libgav1-0.16.0/src/post_filter/post_filter.cc:122:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(dst, src, sizeof(Pixel) * stride);
data/libgav1-0.16.0/src/post_filter/post_filter.cc:329:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(dst, src + row * stride, row_width);
data/libgav1-0.16.0/src/post_filter/post_filter.cc:413:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(dst, src, row_width);
data/libgav1-0.16.0/src/post_filter/post_filter.cc:477:11: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(dst_line, src_line, upscaled_width);
data/libgav1-0.16.0/src/post_filter/super_res.cc:183:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(line_buffer_start, input, plane_width << pixel_size_log2);
data/libgav1-0.16.0/src/prediction_mask.cc:158:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(master_mask[kWedgeVertical][y], kWedgeMasterVertical,
data/libgav1-0.16.0/src/prediction_mask.cc:163:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(master_mask[kWedgeOblique63][y], kWedgeMasterObliqueEven + shift,
data/libgav1-0.16.0/src/prediction_mask.cc:165:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(master_mask[kWedgeOblique63][y + 1], kWedgeMasterObliqueOdd + shift,
data/libgav1-0.16.0/src/prediction_mask.cc:221:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(wedge_masks_row, master_mask_row, width);
data/libgav1-0.16.0/src/quantizer.cc:202:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(quantizer_matrix[kTransformSize##W##x##H].get(), \
data/libgav1-0.16.0/src/symbol_decoder_context.cc:103:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(destination, source, sizeof(source))
data/libgav1-0.16.0/src/tile/bitstream/palette.cc:310:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(
data/libgav1-0.16.0/src/tile/prediction.cc:318:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(top_row, &top_row_src[x], top_limit * sizeof(Pixel));
data/libgav1-0.16.0/src/tile/prediction.cc:1093:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buf_ptr + left_width, &reference_block[ref_y][copy_start_x],
data/libgav1-0.16.0/src/tile/tile.cc:353:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(residual, src, 32 * sizeof(src[0]));
data/libgav1-0.16.0/src/tile/tile.cc:354:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(residual + 64, src + 32, 32 * sizeof(src[0]));
data/libgav1-0.16.0/src/tile/tile.cc:360:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(residual + 64, src + 32, 32 * sizeof(src[0]));
data/libgav1-0.16.0/src/tile/tile.cc:944:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((*intra_prediction_buffer_)[plane].get() + column_start * pixel_size,
data/libgav1-0.16.0/src/utils/segmentation_map.cc:38:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(segment_id_buffer_.get(), from.segment_id_buffer_.get(),
data/libgav1-0.16.0/src/utils/threadpool.cc:93:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(name_prefix_, name_prefix, name_prefix_len);
data/libgav1-0.16.0/src/utils/threadpool.cc:207:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[64];
data/libgav1-0.16.0/src/utils/threadpool.cc:218:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[16];
data/libgav1-0.16.0/src/utils/threadpool.h:160:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name_prefix_[16];
data/libgav1-0.16.0/src/utils/unbounded_queue.h:190:16: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
alignas(T) char buffer[kBlockCapacity * sizeof(T)];
data/libgav1-0.16.0/src/utils/vector.h:105:11: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(static_cast<void*>(new_items),
data/libgav1-0.16.0/examples/file_writer.cc:126:36: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (fwrite(kY4mFrameHeader, 1, strlen(kY4mFrameHeader), file_) !=
data/libgav1-0.16.0/examples/file_writer.cc:127:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(kY4mFrameHeader)) {
data/libgav1-0.16.0/examples/gav1_decode.cc:180:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
} else if (strlen(argv[i]) > 1 && argv[i][0] == '-') {
data/libgav1-0.16.0/src/utils/memory.h:73:10: [1] (free) memalign:
On some systems (though not Linux-based systems) an attempt to free()
results from memalign() may fail. This may, on a few systems, be
exploitable. Also note that memalign() may not check that the boundary
parameter is correct (CWE-676). Use posix_memalign instead (defined in
POSIX's 1003.1d). Don't switch to valloc(); it is marked as obsolete in BSD
4.3, as legacy in SUSv2, and is no longer defined in SUSv3. In some cases,
malloc()'s alignment may be sufficient.
return memalign(alignment, size);
data/libgav1-0.16.0/src/utils/threadpool.cc:92:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
std::min(strlen(name_prefix), sizeof(name_prefix_) - 1);
data/libgav1-0.16.0/tests/fuzzer/fuzzer_temp_file.h:37:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
const size_t suffix_len = strlen(suffix);
data/libgav1-0.16.0/tests/fuzzer/fuzzer_temp_file.h:49:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
const size_t buffer_sz = strlen(leading_temp_path) + suffix_len + 1;
ANALYSIS SUMMARY:
Hits = 133
Lines analyzed = 93625 in approximately 2.20 seconds (42650 lines/second)
Physical Source Lines of Code (SLOC) = 71493
Hits@level = [0] 93 [1] 7 [2] 121 [3] 0 [4] 5 [5] 0
Hits@level+ = [0+] 226 [1+] 133 [2+] 126 [3+] 5 [4+] 5 [5+] 0
Hits/KSLOC@level+ = [0+] 3.16115 [1+] 1.86032 [2+] 1.76241 [3+] 0.0699369 [4+] 0.0699369 [5+] 0
Dot directories skipped = 1 (--followdotdir overrides)
Minimum risk level = 1
Not every hit is necessarily a security vulnerability.
There may be other security vulnerabilities; review your code!
See 'Secure Programming HOWTO'
(https://dwheeler.com/secure-programs) for more information.