Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler. Number of rules (primarily dangerous function names) in C/C++ ruleset: 223 Examining data/rakarrack-0.6.1/extra/rakverb.C Examining data/rakarrack-0.6.1/extra/rakverb2.C Examining data/rakarrack-0.6.1/extra/rakconvert.C Examining data/rakarrack-0.6.1/extra/rakgit2new.C Examining data/rakarrack-0.6.1/src/jack.h Examining data/rakarrack-0.6.1/src/Echo.C Examining data/rakarrack-0.6.1/src/RyanWah.C Examining data/rakarrack-0.6.1/src/MusicDelay.C Examining data/rakarrack-0.6.1/src/Opticaltrem.C Examining data/rakarrack-0.6.1/src/Tuner.C Examining data/rakarrack-0.6.1/src/EQ.h Examining data/rakarrack-0.6.1/src/HarmonicEnhancer.h Examining data/rakarrack-0.6.1/src/FPreset.h Examining data/rakarrack-0.6.1/src/FilterParams.C Examining data/rakarrack-0.6.1/src/CompBand.C Examining data/rakarrack-0.6.1/src/EffectLFO.C Examining data/rakarrack-0.6.1/src/Shuffle.C Examining data/rakarrack-0.6.1/src/Vocoder.h Examining data/rakarrack-0.6.1/src/Arpie.C Examining data/rakarrack-0.6.1/src/config.h Examining data/rakarrack-0.6.1/src/Dual_Flange.C Examining data/rakarrack-0.6.1/src/Chorus.C Examining data/rakarrack-0.6.1/src/Resample.C Examining data/rakarrack-0.6.1/src/StompBox.h Examining data/rakarrack-0.6.1/src/Reverb.h Examining data/rakarrack-0.6.1/src/Alienwah.h Examining data/rakarrack-0.6.1/src/metronome.C Examining data/rakarrack-0.6.1/src/global.h Examining data/rakarrack-0.6.1/src/MBVvol.C Examining data/rakarrack-0.6.1/src/APhaser.C Examining data/rakarrack-0.6.1/src/Effect.h Examining data/rakarrack-0.6.1/src/MBDist.h Examining data/rakarrack-0.6.1/src/FormantFilter.C Examining data/rakarrack-0.6.1/src/Valve.C Examining data/rakarrack-0.6.1/src/Distorsion.h Examining data/rakarrack-0.6.1/src/Vocoder.C Examining data/rakarrack-0.6.1/src/Tuner.h Examining data/rakarrack-0.6.1/src/CoilCrafter.h Examining data/rakarrack-0.6.1/src/AnalogFilter.h Examining data/rakarrack-0.6.1/src/Sequence.C Examining data/rakarrack-0.6.1/src/StompBox.C Examining data/rakarrack-0.6.1/src/SVFilter.h Examining data/rakarrack-0.6.1/src/StereoHarm.h Examining data/rakarrack-0.6.1/src/FPreset.C Examining data/rakarrack-0.6.1/src/Harmonizer.C Examining data/rakarrack-0.6.1/src/RBFilter.C Examining data/rakarrack-0.6.1/src/Gate.C Examining data/rakarrack-0.6.1/src/Sustainer.C Examining data/rakarrack-0.6.1/src/Echotron.h Examining data/rakarrack-0.6.1/src/Shifter.h Examining data/rakarrack-0.6.1/src/RecChord.C Examining data/rakarrack-0.6.1/src/Exciter.h Examining data/rakarrack-0.6.1/src/Waveshaper.h Examining data/rakarrack-0.6.1/src/Synthfilter.h Examining data/rakarrack-0.6.1/src/Looper.h Examining data/rakarrack-0.6.1/src/NewDist.C Examining data/rakarrack-0.6.1/src/Pan.C Examining data/rakarrack-0.6.1/src/Ring.h Examining data/rakarrack-0.6.1/src/MBDist.C Examining data/rakarrack-0.6.1/src/Expander.C Examining data/rakarrack-0.6.1/src/Harmonizer.h Examining data/rakarrack-0.6.1/src/APhaser.h Examining data/rakarrack-0.6.1/src/MIDIConverter.C Examining data/rakarrack-0.6.1/src/Vibe.C Examining data/rakarrack-0.6.1/src/main.C Examining data/rakarrack-0.6.1/src/CoilCrafter.C Examining data/rakarrack-0.6.1/src/NewDist.h Examining data/rakarrack-0.6.1/src/rkrMIDI.C Examining data/rakarrack-0.6.1/src/Gate.h Examining data/rakarrack-0.6.1/src/CompBand.h Examining data/rakarrack-0.6.1/src/Sequence.h Examining data/rakarrack-0.6.1/src/Alienwah.C Examining data/rakarrack-0.6.1/src/Phaser.h Examining data/rakarrack-0.6.1/src/EffectLFO.h Examining data/rakarrack-0.6.1/src/Convolotron.C Examining data/rakarrack-0.6.1/src/Waveshaper.C Examining data/rakarrack-0.6.1/src/FilterParams.h Examining data/rakarrack-0.6.1/src/EQ.C Examining data/rakarrack-0.6.1/src/RBEcho.C Examining data/rakarrack-0.6.1/src/Filter_.h Examining data/rakarrack-0.6.1/src/Phaser.C Examining data/rakarrack-0.6.1/src/ShelfBoost.C Examining data/rakarrack-0.6.1/src/RyanWah.h Examining data/rakarrack-0.6.1/src/jack.C Examining data/rakarrack-0.6.1/src/Dual_Flange.h Examining data/rakarrack-0.6.1/src/metronome.h Examining data/rakarrack-0.6.1/src/AnalogFilter.C Examining data/rakarrack-0.6.1/src/Shuffle.h Examining data/rakarrack-0.6.1/src/Compressor.C Examining data/rakarrack-0.6.1/src/Filter.C Examining data/rakarrack-0.6.1/src/Expander.h Examining data/rakarrack-0.6.1/src/Pan.h Examining data/rakarrack-0.6.1/src/Filter.h Examining data/rakarrack-0.6.1/src/ShelfBoost.h Examining data/rakarrack-0.6.1/src/Compressor.h Examining data/rakarrack-0.6.1/src/RBFilter.h Examining data/rakarrack-0.6.1/src/MBVvol.h Examining data/rakarrack-0.6.1/src/Opticaltrem.h Examining data/rakarrack-0.6.1/src/Resample.h Examining data/rakarrack-0.6.1/src/Sustainer.h Examining data/rakarrack-0.6.1/src/rakarrack.h Examining data/rakarrack-0.6.1/src/RecognizeNote.h Examining data/rakarrack-0.6.1/src/Echotron.C Examining data/rakarrack-0.6.1/src/process.C Examining data/rakarrack-0.6.1/src/Valve.h Examining data/rakarrack-0.6.1/src/Reverbtron.h Examining data/rakarrack-0.6.1/src/RBEcho.h Examining data/rakarrack-0.6.1/src/Chorus.h Examining data/rakarrack-0.6.1/src/RecognizeNote.C Examining data/rakarrack-0.6.1/src/DynamicFilter.h Examining data/rakarrack-0.6.1/src/DynamicFilter.C Examining data/rakarrack-0.6.1/src/Reverbtron.C Examining data/rakarrack-0.6.1/src/Reverb.C Examining data/rakarrack-0.6.1/src/MusicDelay.h Examining data/rakarrack-0.6.1/src/Arpie.h Examining data/rakarrack-0.6.1/src/Synthfilter.C Examining data/rakarrack-0.6.1/src/RecChord.h Examining data/rakarrack-0.6.1/src/SVFilter.C Examining data/rakarrack-0.6.1/src/Ring.C Examining data/rakarrack-0.6.1/src/Echo.h Examining data/rakarrack-0.6.1/src/HarmonicEnhancer.C Examining data/rakarrack-0.6.1/src/StereoHarm.C Examining data/rakarrack-0.6.1/src/FormantFilter.h Examining data/rakarrack-0.6.1/src/Convolotron.h Examining data/rakarrack-0.6.1/src/Vibe.h Examining data/rakarrack-0.6.1/src/Distorsion.C Examining data/rakarrack-0.6.1/src/smbPitchShift.h Examining data/rakarrack-0.6.1/src/Shifter.C Examining data/rakarrack-0.6.1/src/smbPitchShift.C Examining data/rakarrack-0.6.1/src/Exciter.C Examining data/rakarrack-0.6.1/src/MIDIConverter.h Examining data/rakarrack-0.6.1/src/rakarrack.cxx Examining data/rakarrack-0.6.1/src/fileio.C Examining data/rakarrack-0.6.1/src/varios.C Examining data/rakarrack-0.6.1/src/Looper.C FINAL RESULTS: data/rakarrack-0.6.1/extra/rakconvert.C:330:5: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(nfilename, "%s.ml",filename); data/rakarrack-0.6.1/extra/rakconvert.C:529:1: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(NewFile1, "%s01_050.rkrb",NewFile1); data/rakarrack-0.6.1/extra/rakconvert.C:530:1: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(NewFile2, "%s02_050.rkrb",NewFile2); data/rakarrack-0.6.1/extra/rakconvert.C:543:6: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(NewBank[i].Preset_Name, "%s",Bank[i].Preset_Name); data/rakarrack-0.6.1/extra/rakconvert.C:544:6: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(NewBank[i].Author, "%s",Bank[i].Author); data/rakarrack-0.6.1/extra/rakconvert.C:545:6: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(NewBank[i].cInput_Gain, "%s",Bank[i].Reserva); data/rakarrack-0.6.1/extra/rakconvert.C:546:6: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(NewBank[i].cMaster_Volume, "%s",Bank[i].Reserva1); data/rakarrack-0.6.1/extra/rakconvert.C:547:6: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(NewBank[i].cBalance, "%s","1.000000"); data/rakarrack-0.6.1/extra/rakconvert.C:623:6: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(NewBank[i-60].Preset_Name, "%s",Bank[i].Preset_Name); data/rakarrack-0.6.1/extra/rakconvert.C:624:6: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(NewBank[i-60].Author, "%s",Bank[i].Author); data/rakarrack-0.6.1/extra/rakconvert.C:625:6: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(NewBank[i-60].cInput_Gain, "%s",Bank[i].Reserva); data/rakarrack-0.6.1/extra/rakconvert.C:626:6: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(NewBank[i-60].cMaster_Volume, "%s",Bank[i].Reserva1); data/rakarrack-0.6.1/extra/rakconvert.C:627:6: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(NewBank[i-60].cBalance, "%s","1.000000"); data/rakarrack-0.6.1/extra/rakgit2new.C:307:1: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(NewFile1, "%s_new.rkrb",NewFile1); data/rakarrack-0.6.1/extra/rakgit2new.C:320:6: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(NewBank[i].Preset_Name, "%s",Bank[i].Preset_Name); data/rakarrack-0.6.1/extra/rakgit2new.C:321:6: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(NewBank[i].Author, "%s",Bank[i].Author); data/rakarrack-0.6.1/extra/rakgit2new.C:322:6: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(NewBank[i].ConvoFiname, "%s",Bank[i].ConvoFiname); data/rakarrack-0.6.1/extra/rakgit2new.C:323:6: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(NewBank[i].RevFiname, "%s",Bank[i].RevFiname); data/rakarrack-0.6.1/extra/rakgit2new.C:325:6: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(NewBank[i].cInput_Gain, "%s",Bank[i].cInput_Gain); data/rakarrack-0.6.1/extra/rakgit2new.C:326:6: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(NewBank[i].cMaster_Volume, "%s",Bank[i].cMaster_Volume); data/rakarrack-0.6.1/extra/rakgit2new.C:327:6: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(NewBank[i].cBalance, "%s",Bank[i].cBalance); data/rakarrack-0.6.1/extra/rakverb.C:87:6: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(Inputfile,optarguments); data/rakarrack-0.6.1/extra/rakverb.C:96:13: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(Outputfile,optarguments); data/rakarrack-0.6.1/extra/rakverb.C:124:2: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(Outputfile, "%s.rvb",tempfile); data/rakarrack-0.6.1/extra/rakverb.C:131:3: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(wbuf,"%s\n",Inputfile); data/rakarrack-0.6.1/extra/rakverb2.C:101:6: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(Inputfile,optarguments); data/rakarrack-0.6.1/extra/rakverb2.C:110:13: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(Outputfile,optarguments); data/rakarrack-0.6.1/extra/rakverb2.C:138:2: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(Outputfile, "%s.rvb",tempfile); data/rakarrack-0.6.1/extra/rakverb2.C:145:3: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(wbuf,"%s\n",Inputfile); data/rakarrack-0.6.1/src/Convolotron.C:261:1: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(Filename, "%s/%d.wav",DATADIR,Filenum+1); data/rakarrack-0.6.1/src/Echotron.C:243:1: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(Filename, "%s/%d.dly",DATADIR,Filenum+1); data/rakarrack-0.6.1/src/FPreset.C:46:1: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf (tempfile, "%s%s", getenv ("HOME"), "/.rkrintpreset"); data/rakarrack-0.6.1/src/RecChord.C:240:2: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy (ChN[i].Nom, stnom[i]); data/rakarrack-0.6.1/src/RecChord.C:258:7: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy (NC[i].Nom, stnom[i]); data/rakarrack-0.6.1/src/RecChord.C:260:7: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy (NCE[i].Nom, stnom[i]); data/rakarrack-0.6.1/src/RecChord.C:348:4: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy (Chord3[NumChord3].Nom, ChN[i].Nom); data/rakarrack-0.6.1/src/RecChord.C:356:4: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy (Chord3[NumChord3].Nom, ChN[i].Nom); data/rakarrack-0.6.1/src/RecChord.C:362:4: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy (Chord3[NumChord3].Nom, ChN[i].Nom); data/rakarrack-0.6.1/src/RecChord.C:370:4: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy (Chord4[NumChord4].Nom, ChN[i].Nom); data/rakarrack-0.6.1/src/RecChord.C:379:4: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy (Chord4[NumChord4].Nom, ChN[i].Nom); data/rakarrack-0.6.1/src/RecChord.C:386:4: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy (Chord4[NumChord4].Nom, ChN[i].Nom); data/rakarrack-0.6.1/src/RecChord.C:393:4: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy (Chord4[NumChord4].Nom, ChN[i].Nom); data/rakarrack-0.6.1/src/RecChord.C:400:4: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy (Chord4[NumChord4].Nom, ChN[i].Nom); data/rakarrack-0.6.1/src/RecChord.C:410:4: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy (Chord5[NumChord5].Nom, ChN[i].Nom); data/rakarrack-0.6.1/src/RecChord.C:420:4: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy (Chord5[NumChord5].Nom, ChN[i].Nom); data/rakarrack-0.6.1/src/RecChord.C:429:4: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy (Chord5[NumChord5].Nom, ChN[i].Nom); data/rakarrack-0.6.1/src/RecChord.C:437:4: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy (Chord5[NumChord5].Nom, ChN[i].Nom); data/rakarrack-0.6.1/src/RecChord.C:445:4: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy (Chord5[NumChord5].Nom, ChN[i].Nom); data/rakarrack-0.6.1/src/RecChord.C:453:4: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy (Chord5[NumChord5].Nom, ChN[i].Nom); data/rakarrack-0.6.1/src/RecChord.C:545:8: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf (AName, "%s%s", NC[fundi].Nom, Chord3[j].Nom); data/rakarrack-0.6.1/src/RecChord.C:551:5: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf (AName, "%s%s/%s", NC[fundi].Nom, Chord3[j].Nom, data/rakarrack-0.6.1/src/RecChord.C:557:5: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy (NombreAcorde, AName); data/rakarrack-0.6.1/src/RecChord.C:584:8: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf (AName, "%s%s", NC[fundi].Nom, Chord4[j].Nom); data/rakarrack-0.6.1/src/RecChord.C:588:5: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf (AName, "%s%s/%s", NC[fundi].Nom, Chord4[j].Nom, data/rakarrack-0.6.1/src/RecChord.C:594:5: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy (NombreAcorde, AName); data/rakarrack-0.6.1/src/RecChord.C:625:8: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf (AName, "%s%s", NC[fundi].Nom, Chord5[j].Nom); data/rakarrack-0.6.1/src/RecChord.C:629:5: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf (AName, "%s%s/%s", NC[fundi].Nom, Chord5[j].Nom, data/rakarrack-0.6.1/src/RecChord.C:635:5: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy (NombreAcorde, AName); data/rakarrack-0.6.1/src/Reverbtron.C:269:1: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(Filename, "%s/%d.rvb",DATADIR,Filenum+1); data/rakarrack-0.6.1/src/fileio.C:266:4: [4] (buffer) sscanf: The scanf() family's %s operation, without a limit specification, permits buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a different input function. sscanf (buf, "%d,%d,%d,%d,%d,%d,%d,%d,%d,%d,%d,%d,%s\n", data/rakarrack-0.6.1/src/fileio.C:270:11: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(efx_Convol->Filename,cfilename); data/rakarrack-0.6.1/src/fileio.C:351:4: [4] (buffer) sscanf: The scanf() family's %s operation, without a limit specification, permits buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a different input function. sscanf (buf, "%d,%d,%d,%d,%d,%d,%d,%d,%d,%d,%d,%d,%d,%d,%d,%d,%d,%s\n", data/rakarrack-0.6.1/src/fileio.C:357:11: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(efx_Reverbtron->Filename,cfilename); data/rakarrack-0.6.1/src/fileio.C:364:4: [4] (buffer) sscanf: The scanf() family's %s operation, without a limit specification, permits buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a different input function. sscanf (buf, "%d,%d,%d,%d,%d,%d,%d,%d,%d,%d,%d,%d,%d,%d,%d,%d,%d,%s\n", data/rakarrack-0.6.1/src/fileio.C:370:11: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(efx_Echotron->Filename,cfilename); data/rakarrack-0.6.1/src/fileio.C:748:4: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf (buf, "%d,%d,%d,%d,%d,%d,%d,%d,%d,%d,%d,%d,%s\n", data/rakarrack-0.6.1/src/fileio.C:865:4: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf (buf, "%d,%d,%d,%d,%d,%d,%d,%d,%d,%d,%d,%d,%d,%d,%d,%d,%d,%s\n", data/rakarrack-0.6.1/src/fileio.C:879:4: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf (buf, "%d,%d,%d,%d,%d,%d,%d,%d,%d,%d,%d,%d,%d,%d,%d,%d,%d,%s\n", data/rakarrack-0.6.1/src/fileio.C:957:3: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf (buf, "%s\n", VERSION); data/rakarrack-0.6.1/src/fileio.C:965:5: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf (buf, "%s\n", Author); data/rakarrack-0.6.1/src/fileio.C:969:2: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf (buf, "%s\n", UserRealName); data/rakarrack-0.6.1/src/fileio.C:971:2: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf (buf, "%s\n", getenv ("USER")); data/rakarrack-0.6.1/src/fileio.C:1629:5: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf (temp, "%s/Default.rkrb", DATADIR); data/rakarrack-0.6.1/src/fileio.C:1634:5: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf (temp, "%s/Extra.rkrb", DATADIR); data/rakarrack-0.6.1/src/fileio.C:1639:5: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf (temp, "%s/Extra1.rkrb", DATADIR); data/rakarrack-0.6.1/src/fileio.C:1644:5: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf (temp, "%s", BankFilename); data/rakarrack-0.6.1/src/fileio.C:1657:30: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). for(j=1;j<=60;j++) strcpy(B_Names[k][j].Preset_Name,Bank[j].Preset_Name); data/rakarrack-0.6.1/src/fileio.C:1677:3: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(meslabel, "%s %s",jackcliname,VERSION); data/rakarrack-0.6.1/src/fileio.C:1860:3: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(Author,UserRealName); data/rakarrack-0.6.1/src/fileio.C:2066:7: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(Bank[i].Author,UserRealName); data/rakarrack-0.6.1/src/fileio.C:2105:3: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy (Preset_Name, Bank[i].Preset_Name); data/rakarrack-0.6.1/src/fileio.C:2107:3: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy (Author, Bank[i].Author); data/rakarrack-0.6.1/src/fileio.C:2109:3: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy (efx_Convol->Filename,Bank[i].ConvoFiname); data/rakarrack-0.6.1/src/fileio.C:2111:3: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy (efx_Reverbtron->Filename,Bank[i].RevFiname); data/rakarrack-0.6.1/src/fileio.C:2113:3: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy (efx_Echotron->Filename,Bank[i].EchoFiname); data/rakarrack-0.6.1/src/fileio.C:2205:3: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy (Bank[i].Preset_Name, Preset_Name); data/rakarrack-0.6.1/src/fileio.C:2207:3: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy (Bank[i].Author, Author); data/rakarrack-0.6.1/src/fileio.C:2209:3: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(Bank[i].ConvoFiname, efx_Convol->Filename); data/rakarrack-0.6.1/src/fileio.C:2211:3: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(Bank[i].RevFiname, efx_Reverbtron->Filename); data/rakarrack-0.6.1/src/fileio.C:2213:3: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(Bank[i].EchoFiname, efx_Echotron->Filename); data/rakarrack-0.6.1/src/fileio.C:2526:8: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf (buf, "%s", BackgroundImage); data/rakarrack-0.6.1/src/fileio.C:2623:1: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(buff,"rakconvert -c '%s'",filename); data/rakarrack-0.6.1/src/fileio.C:2624:1: [4] (shell) system: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. system(buff); data/rakarrack-0.6.1/src/fileio.C:2633:1: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(buff,"rakverb -i '%s'",filename); data/rakarrack-0.6.1/src/fileio.C:2635:1: [4] (shell) system: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. system(buff); data/rakarrack-0.6.1/src/fileio.C:2647:1: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf (tempfile, "%s%s", getenv ("HOME"), "/.rkrintpreset"); data/rakarrack-0.6.1/src/fileio.C:2654:1: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(sbuf,"%d,%s,%s",num,name,buf); data/rakarrack-0.6.1/src/fileio.C:2683:1: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf (tempfile, "%s%s", getenv ("HOME"), "/.rkrintpreset"); data/rakarrack-0.6.1/src/fileio.C:2686:1: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf (tempfile2, "%s%s", getenv ("HOME"), "/.rkrtemp"); data/rakarrack-0.6.1/src/fileio.C:2694:5: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(rbuf,"%s",buf); data/rakarrack-0.6.1/src/fileio.C:2710:1: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(orden,"mv %s %s\n",tempfile2,tempfile); data/rakarrack-0.6.1/src/fileio.C:2711:1: [4] (shell) system: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. system(orden); data/rakarrack-0.6.1/src/fileio.C:2728:1: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf (tempfile, "%s%s", getenv ("HOME"), "/.rkrintpreset"); data/rakarrack-0.6.1/src/fileio.C:2729:1: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf (tempfile2, "%s%s", getenv ("HOME"), "/.rkrtemp"); data/rakarrack-0.6.1/src/fileio.C:2732:1: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(orden,"cat %s %s > %s\n",tempfile,filename,tempfile2); data/rakarrack-0.6.1/src/fileio.C:2733:1: [4] (shell) system: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. system(orden); data/rakarrack-0.6.1/src/fileio.C:2737:1: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(orden,"mv %s %s\n",tempfile2,tempfile); data/rakarrack-0.6.1/src/fileio.C:2738:1: [4] (shell) system: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. system(orden); data/rakarrack-0.6.1/src/process.C:106:3: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy (jackcliname, jack_get_client_name (jackclient)); data/rakarrack-0.6.1/src/process.C:190:3: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy (j_names, jack_names[i]); data/rakarrack-0.6.1/src/process.C:207:3: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy (j_names, jack_inames[i]); data/rakarrack-0.6.1/src/process.C:379:7: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy (efx_names[i/3].Nom, los_names[i]); data/rakarrack-0.6.1/src/process.C:766:11: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy (efx_params[i].Nom, los_params[i*3]); data/rakarrack-0.6.1/src/process.C:871:3: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf (temp, "%s/Default.rkrb", DATADIR); data/rakarrack-0.6.1/src/rakarrack.cxx:899:1: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(name,"%s %s",rkr->jackcliname, VERSION); data/rakarrack-0.6.1/src/rakarrack.cxx:1062:1: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(notas,"%-2s",rkr->efx_Tuner->notes[rkr->efx_Tuner->note_actual]); data/rakarrack-0.6.1/src/rakarrack.cxx:6384:1: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(rkr->efx_Convol->Filename,filename); data/rakarrack-0.6.1/src/rakarrack.cxx:8176:1: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(rkr->efx_Reverbtron->Filename,filename); data/rakarrack-0.6.1/src/rakarrack.cxx:8404:1: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(rkr->efx_Echotron->Filename,filename); data/rakarrack-0.6.1/src/rakarrack.cxx:9317:1: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(rkr->Bank_Saved,filename); data/rakarrack-0.6.1/src/rakarrack.cxx:9422:3: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf (temp, "%s/Default.rkrb", DATADIR); data/rakarrack-0.6.1/src/rakarrack.cxx:9440:3: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf (temp, "%s/Extra.rkrb", DATADIR); data/rakarrack-0.6.1/src/rakarrack.cxx:9458:3: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf (temp, "%s/Extra1.rkrb", DATADIR); data/rakarrack-0.6.1/src/rakarrack.cxx:9557:3: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(rkr->Preset_Name,o->value()); data/rakarrack-0.6.1/src/rakarrack.cxx:9794:1: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(name,"%s %s",rkr->jackcliname, VERSION); data/rakarrack-0.6.1/src/rakarrack.cxx:9903:3: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf (temp, "%s%s%s", rkr->UDirFilename,chname,".rkrb"); data/rakarrack-0.6.1/src/rakarrack.cxx:10228:1: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(rkr->BackgroundImage,filename); data/rakarrack-0.6.1/src/rakarrack.cxx:10746:1: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(rkr->MID,o->text(valor)); data/rakarrack-0.6.1/src/rakarrack.cxx:10854:1: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(rkr->BankFilename,filename); data/rakarrack-0.6.1/src/rakarrack.cxx:10865:1: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(rkr->UDirFilename,dir); data/rakarrack-0.6.1/src/rakarrack.cxx:21838:1: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(tmp,"Version %s",VERSION); data/rakarrack-0.6.1/src/rakarrack.cxx:21881:1: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(tmp,"%s v%s",rkr->jackcliname,VERSION); data/rakarrack-0.6.1/src/rakarrack.cxx:21885:1: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(tmp,"%s v%s - Effects Order",rkr->jackcliname,VERSION); data/rakarrack-0.6.1/src/rakarrack.cxx:21888:1: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(tmp,"%s v%s - Settings",rkr->jackcliname,VERSION); data/rakarrack-0.6.1/src/rakarrack.cxx:21890:1: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(tmp,"%s v%s - MIDI Learn",rkr->jackcliname,VERSION); data/rakarrack-0.6.1/src/rakarrack.cxx:21892:1: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(tmp,"%s v%s - ACI",rkr->jackcliname,VERSION); data/rakarrack-0.6.1/src/rakarrack.cxx:22054:1: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf (tmp, "%s/bg.png", DATADIR); data/rakarrack-0.6.1/src/rakarrack.cxx:22891:3: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(temp2,"Overwrite? \"%s\"",w->label()); data/rakarrack-0.6.1/src/rakarrack.cxx:23737:1: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(temp,"%s/html/help.html",HELPDIR); data/rakarrack-0.6.1/src/rakarrack.cxx:23773:1: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(temp,"%s/html/license.html",HELPDIR); data/rakarrack-0.6.1/src/rakarrack.cxx:23804:14: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(temp1,temp); data/rakarrack-0.6.1/src/rakarrack.cxx:24111:7: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(p,name); data/rakarrack-0.6.1/src/rakarrack.cxx:24115:5: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(buffer, "@F%d@.%s", i, name); data/rakarrack-0.6.1/src/rakarrack.cxx:24130:1: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(tmp,"%s v%s - Bank Manager - %s",rkr->jackcliname,VERSION,fl_filename_name(filename)); data/rakarrack-0.6.1/src/rakarrack.cxx:24201:1: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(rkr->RC->NombreAcorde,"%s%s", rkr->RC->NCE[undi].Nom,rkr->RC->ChN[tipo].Nom); data/rakarrack-0.6.1/src/rakarrack.cxx:26311:1: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(tmp,"%s v%s - MIDI Learn - Preset : %s",rkr->jackcliname,VERSION,rkr->Bank[rkr->Selected_Preset].Preset_Name); data/rakarrack-0.6.1/src/rakarrack.cxx:27005:5: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(nombank,"%s/%s",rkr->UDirFilename,fs->d_name); data/rakarrack-0.6.1/src/rakarrack.cxx:27159:1: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(NewName,"*%s",name); data/rakarrack-0.6.1/src/rakarrack.cxx:27215:1: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf (tempfile, "%s%s", getenv ("HOME"), "/.rkrintpreset"); data/rakarrack-0.6.1/src/rakarrack.cxx:27245:1: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(temp2,"Delete? \"%s\"",s->text()); data/rakarrack-0.6.1/src/rakarrack.cxx:27249:1: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(Rname,"%s",s->text()); data/rakarrack-0.6.1/src/rkrMIDI.C:659:8: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy (temp1, temp); data/rakarrack-0.6.1/src/rkrMIDI.C:668:8: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy (temp2, temp); data/rakarrack-0.6.1/src/rkrMIDI.C:703:7: [4] (shell) system: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. system (tempi); data/rakarrack-0.6.1/src/rkrMIDI.C:719:7: [4] (shell) system: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. system (tempi); data/rakarrack-0.6.1/src/varios.C:56:3: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(meslabel, "%s %s",jackcliname,VERSION); data/rakarrack-0.6.1/src/varios.C:64:6: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(error_msg,"%s","Convolotron is unable to open the audio .wav file"); data/rakarrack-0.6.1/src/varios.C:67:6: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(error_msg,"%s","Reverbtron is unable to open the IR .rvb file"); data/rakarrack-0.6.1/src/varios.C:70:6: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(error_msg,"%s","Error writing the file probably you dont have permission to write in this directory"); data/rakarrack-0.6.1/src/varios.C:73:6: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(error_msg,"%s","Echotron is unable to open the .dly file"); data/rakarrack-0.6.1/src/varios.C:76:6: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(error_msg,"%s","Some Pan parameter is bad in the .dly file"); data/rakarrack-0.6.1/src/varios.C:79:6: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(error_msg,"%s","Some Time parameter is bad in the .dly file"); data/rakarrack-0.6.1/src/varios.C:82:6: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(error_msg,"%s","Some Level parameter is bad in the .dly file"); data/rakarrack-0.6.1/src/varios.C:85:6: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(error_msg,"%s","Some LP parameter is bad in the .dly file"); data/rakarrack-0.6.1/src/varios.C:88:6: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(error_msg,"%s","Some BP parameter is bad in the .dly file"); data/rakarrack-0.6.1/src/varios.C:91:6: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(error_msg,"%s","Some HP parameter is bad in the .dly file"); data/rakarrack-0.6.1/src/varios.C:94:6: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(error_msg,"%s","Some Freq parameter is bad in the .dly file"); data/rakarrack-0.6.1/src/varios.C:97:6: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(error_msg,"%s","Some Q parameter bad in the .dly file"); data/rakarrack-0.6.1/src/varios.C:100:6: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(error_msg,"%s","Some Stages parameter bad in the .dly file"); data/rakarrack-0.6.1/src/varios.C:115:3: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf (tmpprefname, "%s %s", jackcliname, dato); data/rakarrack-0.6.1/extra/rakconvert.C:485:13: [3] (buffer) getopt_long: Some older implementations do not protect against internal buffer overflows (CWE-120, CWE-20). Check implementation on installation, or limit the size of all string inputs. opt = getopt_long (argc, argv, "c:h", opts, &option_index); data/rakarrack-0.6.1/extra/rakgit2new.C:265:13: [3] (buffer) getopt_long: Some older implementations do not protect against internal buffer overflows (CWE-120, CWE-20). Check implementation on installation, or limit the size of all string inputs. opt = getopt_long (argc, argv, "c:h", opts, &option_index); data/rakarrack-0.6.1/extra/rakverb.C:74:13: [3] (buffer) getopt_long: Some older implementations do not protect against internal buffer overflows (CWE-120, CWE-20). Check implementation on installation, or limit the size of all string inputs. opt = getopt_long (argc, argv, "i:o:h", opts, &option_index); data/rakarrack-0.6.1/extra/rakverb2.C:82:13: [3] (buffer) getopt_long: Some older implementations do not protect against internal buffer overflows (CWE-120, CWE-20). Check implementation on installation, or limit the size of all string inputs. opt = getopt_long (argc, argv, "l:t:i:o:h", opts, &option_index); data/rakarrack-0.6.1/src/FPreset.C:46:28: [3] (buffer) getenv: Environment variables are untrustable input if they can be set by an attacker. They can have any content and length, and the same variable can be set more than once (CWE-807, CWE-20). Check environment variables carefully before using them. sprintf (tempfile, "%s%s", getenv ("HOME"), "/.rkrintpreset"); data/rakarrack-0.6.1/src/Sequence.C:113:4: [3] (random) srand: This function is not sufficiently random for security-related functions such as key and nonce creation (CWE-327). Use a more secure technique for acquiring random values. srand(time(NULL)); data/rakarrack-0.6.1/src/fileio.C:971:24: [3] (buffer) getenv: Environment variables are untrustable input if they can be set by an attacker. They can have any content and length, and the same variable can be set more than once (CWE-807, CWE-20). Check environment variables carefully before using them. sprintf (buf, "%s\n", getenv ("USER")); data/rakarrack-0.6.1/src/fileio.C:2647:28: [3] (buffer) getenv: Environment variables are untrustable input if they can be set by an attacker. They can have any content and length, and the same variable can be set more than once (CWE-807, CWE-20). Check environment variables carefully before using them. sprintf (tempfile, "%s%s", getenv ("HOME"), "/.rkrintpreset"); data/rakarrack-0.6.1/src/fileio.C:2683:28: [3] (buffer) getenv: Environment variables are untrustable input if they can be set by an attacker. They can have any content and length, and the same variable can be set more than once (CWE-807, CWE-20). Check environment variables carefully before using them. sprintf (tempfile, "%s%s", getenv ("HOME"), "/.rkrintpreset"); data/rakarrack-0.6.1/src/fileio.C:2686:29: [3] (buffer) getenv: Environment variables are untrustable input if they can be set by an attacker. They can have any content and length, and the same variable can be set more than once (CWE-807, CWE-20). Check environment variables carefully before using them. sprintf (tempfile2, "%s%s", getenv ("HOME"), "/.rkrtemp"); data/rakarrack-0.6.1/src/fileio.C:2728:28: [3] (buffer) getenv: Environment variables are untrustable input if they can be set by an attacker. They can have any content and length, and the same variable can be set more than once (CWE-807, CWE-20). Check environment variables carefully before using them. sprintf (tempfile, "%s%s", getenv ("HOME"), "/.rkrintpreset"); data/rakarrack-0.6.1/src/fileio.C:2729:29: [3] (buffer) getenv: Environment variables are untrustable input if they can be set by an attacker. They can have any content and length, and the same variable can be set more than once (CWE-807, CWE-20). Check environment variables carefully before using them. sprintf (tempfile2, "%s%s", getenv ("HOME"), "/.rkrtemp"); data/rakarrack-0.6.1/src/main.C:112:13: [3] (buffer) getopt_long: Some older implementations do not protect against internal buffer overflows (CWE-120, CWE-20). Check implementation on installation, or limit the size of all string inputs. opt = getopt_long (argc, argv, "l:b:p:nxh", opts, &option_index); data/rakarrack-0.6.1/src/rakarrack.cxx:27215:28: [3] (buffer) getenv: Environment variables are untrustable input if they can be set by an attacker. They can have any content and length, and the same variable can be set more than once (CWE-807, CWE-20). Check environment variables carefully before using them. sprintf (tempfile, "%s%s", getenv ("HOME"), "/.rkrintpreset"); data/rakarrack-0.6.1/extra/rakconvert.C:18:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char Preset_Name[64]; data/rakarrack-0.6.1/extra/rakconvert.C:19:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char Author[64]; data/rakarrack-0.6.1/extra/rakconvert.C:20:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char Classe[36]; data/rakarrack-0.6.1/extra/rakconvert.C:21:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char Type[4]; data/rakarrack-0.6.1/extra/rakconvert.C:22:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char Reserva[64]; data/rakarrack-0.6.1/extra/rakconvert.C:23:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char Reserva1[64]; data/rakarrack-0.6.1/extra/rakconvert.C:36:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char Preset_Name[64]; data/rakarrack-0.6.1/extra/rakconvert.C:37:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char Author[64]; data/rakarrack-0.6.1/extra/rakconvert.C:38:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char Classe[36]; data/rakarrack-0.6.1/extra/rakconvert.C:39:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char Type[4]; data/rakarrack-0.6.1/extra/rakconvert.C:40:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char ConvoFiname[128]; data/rakarrack-0.6.1/extra/rakconvert.C:41:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char cInput_Gain[64]; data/rakarrack-0.6.1/extra/rakconvert.C:42:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char cMaster_Volume[64]; data/rakarrack-0.6.1/extra/rakconvert.C:43:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char cBalance[64]; data/rakarrack-0.6.1/extra/rakconvert.C:48:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char RevFiname[128]; data/rakarrack-0.6.1/extra/rakconvert.C:49:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char ReservedFiname[128]; data/rakarrack-0.6.1/extra/rakconvert.C:77:3: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(NewBank[i].cInput_Gain, "%f", NewBank[i].Input_Gain); data/rakarrack-0.6.1/extra/rakconvert.C:79:3: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(NewBank[i].cMaster_Volume, "%f", NewBank[i].Master_Volume); data/rakarrack-0.6.1/extra/rakconvert.C:81:3: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(NewBank[i].cBalance, "%f", NewBank[i].Balance); data/rakarrack-0.6.1/extra/rakconvert.C:317:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[256]; data/rakarrack-0.6.1/extra/rakconvert.C:318:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char nfilename[256]; data/rakarrack-0.6.1/extra/rakconvert.C:320:13: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if ((fn = fopen (filename, "rb")) != NULL) data/rakarrack-0.6.1/extra/rakconvert.C:331:15: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if ((fn = fopen (nfilename, "r")) == NULL) data/rakarrack-0.6.1/extra/rakconvert.C:379:13: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if ((fn = fopen (filename, "wb")) != NULL) data/rakarrack-0.6.1/extra/rakconvert.C:468:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char NewFile1[256]; data/rakarrack-0.6.1/extra/rakconvert.C:469:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char NewFile2[256]; data/rakarrack-0.6.1/extra/rakgit2new.C:12:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char Preset_Name[64]; data/rakarrack-0.6.1/extra/rakgit2new.C:13:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char Author[64]; data/rakarrack-0.6.1/extra/rakgit2new.C:14:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char Classe[36]; data/rakarrack-0.6.1/extra/rakgit2new.C:15:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char Type[4]; data/rakarrack-0.6.1/extra/rakgit2new.C:16:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char ConvoFiname[128]; data/rakarrack-0.6.1/extra/rakgit2new.C:17:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char cInput_Gain[64]; data/rakarrack-0.6.1/extra/rakgit2new.C:18:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char cMaster_Volume[64]; data/rakarrack-0.6.1/extra/rakgit2new.C:19:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char cBalance[64]; data/rakarrack-0.6.1/extra/rakgit2new.C:24:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char RevFiname[128]; data/rakarrack-0.6.1/extra/rakgit2new.C:25:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char ReservedFiname[128]; data/rakarrack-0.6.1/extra/rakgit2new.C:34:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char Preset_Name[64]; data/rakarrack-0.6.1/extra/rakgit2new.C:35:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char Author[64]; data/rakarrack-0.6.1/extra/rakgit2new.C:36:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char Classe[36]; data/rakarrack-0.6.1/extra/rakgit2new.C:37:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char Type[4]; data/rakarrack-0.6.1/extra/rakgit2new.C:38:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char ConvoFiname[128]; data/rakarrack-0.6.1/extra/rakgit2new.C:39:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char cInput_Gain[64]; data/rakarrack-0.6.1/extra/rakgit2new.C:40:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char cMaster_Volume[64]; data/rakarrack-0.6.1/extra/rakgit2new.C:41:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char cBalance[64]; data/rakarrack-0.6.1/extra/rakgit2new.C:46:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char RevFiname[128]; data/rakarrack-0.6.1/extra/rakgit2new.C:47:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char ReservedFiname[128]; data/rakarrack-0.6.1/extra/rakgit2new.C:195:13: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if ((fn = fopen (filename, "rb")) != NULL) data/rakarrack-0.6.1/extra/rakgit2new.C:217:13: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if ((fn = fopen (filename, "wb")) != NULL) data/rakarrack-0.6.1/extra/rakgit2new.C:249:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char NewFile1[256]; data/rakarrack-0.6.1/extra/rakverb.C:41:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char wbuf[2048]; data/rakarrack-0.6.1/extra/rakverb.C:49:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char Outputfile[128]; data/rakarrack-0.6.1/extra/rakverb.C:50:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char Inputfile[128]; data/rakarrack-0.6.1/extra/rakverb.C:51:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char tempfile[128]; data/rakarrack-0.6.1/extra/rakverb.C:129:13: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if ((fn = fopen (Outputfile, "w")) == NULL) return(0); data/rakarrack-0.6.1/extra/rakverb.C:187:1: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(wbuf,"%f,%f\n", compress, quality); data/rakarrack-0.6.1/extra/rakverb.C:195:1: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(wbuf,"%d\n", indexx); data/rakarrack-0.6.1/extra/rakverb.C:214:3: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(wbuf, "%f,%f\n",index[i+j],data[i+j]); data/rakarrack-0.6.1/extra/rakverb2.C:45:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char wbuf[2048]; data/rakarrack-0.6.1/extra/rakverb2.C:54:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char Outputfile[128]; data/rakarrack-0.6.1/extra/rakverb2.C:55:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char Inputfile[128]; data/rakarrack-0.6.1/extra/rakverb2.C:56:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char tempfile[128]; data/rakarrack-0.6.1/extra/rakverb2.C:96:45: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). if (optarguments != NULL) des_len=atoi(optarguments); else des_len=1500; data/rakarrack-0.6.1/extra/rakverb2.C:143:13: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if ((fn = fopen (Outputfile, "w")) == NULL) return(0); data/rakarrack-0.6.1/extra/rakverb2.C:225:1: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(wbuf,"%f,%f\n", compress, incr); data/rakarrack-0.6.1/extra/rakverb2.C:229:1: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(wbuf,"%d\n", x); data/rakarrack-0.6.1/extra/rakverb2.C:235:3: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(wbuf, "%f,%f\n",index[i],data[i]); data/rakarrack-0.6.1/src/CompBand.C:126:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(lowl,smpsl,sizeof(float) * PERIOD); data/rakarrack-0.6.1/src/CompBand.C:127:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(midll,smpsl,sizeof(float) * PERIOD); data/rakarrack-0.6.1/src/CompBand.C:128:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(midhl,smpsl,sizeof(float) * PERIOD); data/rakarrack-0.6.1/src/CompBand.C:129:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(highl,smpsl,sizeof(float) * PERIOD); data/rakarrack-0.6.1/src/CompBand.C:138:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(lowr,smpsr,sizeof(float) * PERIOD); data/rakarrack-0.6.1/src/CompBand.C:139:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(midlr,smpsr,sizeof(float) * PERIOD); data/rakarrack-0.6.1/src/CompBand.C:140:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(midhr,smpsr,sizeof(float) * PERIOD); data/rakarrack-0.6.1/src/CompBand.C:141:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(highr,smpsr,sizeof(float) * PERIOD); data/rakarrack-0.6.1/src/Convolotron.C:171:6: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(templ, smpsl,sizeof(float)*PERIOD); data/rakarrack-0.6.1/src/Convolotron.C:172:6: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(tempr, smpsr,sizeof(float)*PERIOD); data/rakarrack-0.6.1/src/Convolotron.C:211:6: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(efxoutl, templ,sizeof(float)*PERIOD); data/rakarrack-0.6.1/src/Convolotron.C:212:6: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(efxoutr, tempr,sizeof(float)*PERIOD); data/rakarrack-0.6.1/src/Convolotron.C:289:6: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. else memcpy(rbuf,buf,real_len*sizeof(float)); data/rakarrack-0.6.1/src/Convolotron.C:334:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(buf,rbuf,real_len*sizeof(float)); data/rakarrack-0.6.1/src/Convolotron.h:51:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char Filename[128]; data/rakarrack-0.6.1/src/Distorsion.C:161:21: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. if (Pstereo == 0) memcpy (efxoutr , efxoutl, PERIOD * sizeof(float)); data/rakarrack-0.6.1/src/Echotron.C:237:1: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char wbuf[128]; data/rakarrack-0.6.1/src/Echotron.C:246:11: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if ((fs = fopen (Filename, "r")) == NULL) data/rakarrack-0.6.1/src/Echotron.h:54:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char Filename[128]; data/rakarrack-0.6.1/src/FPreset.C:38:1: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char tempfile[256]; data/rakarrack-0.6.1/src/FPreset.C:39:1: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[256]; data/rakarrack-0.6.1/src/FPreset.C:47:12: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if (( fn = fopen (tempfile, "r")) != NULL) data/rakarrack-0.6.1/src/HarmonicEnhancer.C:202:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(inputl,smpsl, sizeof(float)*PERIOD); data/rakarrack-0.6.1/src/HarmonicEnhancer.C:203:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(inputr,smpsr, sizeof(float)*PERIOD); data/rakarrack-0.6.1/src/Harmonizer.C:101:6: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(templ, smpsl,sizeof(float)*PERIOD); data/rakarrack-0.6.1/src/Harmonizer.C:102:6: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(tempr, smpsr,sizeof(float)*PERIOD); data/rakarrack-0.6.1/src/Harmonizer.C:130:6: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(templ, outo,sizeof(float)*PERIOD); data/rakarrack-0.6.1/src/MBDist.C:143:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(lowl,efxoutl,sizeof(float) * PERIOD); data/rakarrack-0.6.1/src/MBDist.C:144:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(midl,efxoutl,sizeof(float) * PERIOD); data/rakarrack-0.6.1/src/MBDist.C:145:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(highl,efxoutl,sizeof(float) * PERIOD); data/rakarrack-0.6.1/src/MBDist.C:159:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(lowr,efxoutr,sizeof(float) * PERIOD); data/rakarrack-0.6.1/src/MBDist.C:160:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(midr,efxoutr,sizeof(float) * PERIOD); data/rakarrack-0.6.1/src/MBDist.C:161:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(highr,efxoutr,sizeof(float) * PERIOD); data/rakarrack-0.6.1/src/MBDist.C:181:17: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. if (!Pstereo) memcpy(efxoutr, efxoutl, sizeof(float)* PERIOD); data/rakarrack-0.6.1/src/MBVvol.C:107:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(lowl,smpsl,sizeof(float) * PERIOD); data/rakarrack-0.6.1/src/MBVvol.C:108:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(midll,smpsl,sizeof(float) * PERIOD); data/rakarrack-0.6.1/src/MBVvol.C:109:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(midhl,smpsl,sizeof(float) * PERIOD); data/rakarrack-0.6.1/src/MBVvol.C:110:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(highl,smpsl,sizeof(float) * PERIOD); data/rakarrack-0.6.1/src/MBVvol.C:119:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(lowr,smpsr,sizeof(float) * PERIOD); data/rakarrack-0.6.1/src/MBVvol.C:120:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(midlr,smpsr,sizeof(float) * PERIOD); data/rakarrack-0.6.1/src/MBVvol.C:121:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(midhr,smpsr,sizeof(float) * PERIOD); data/rakarrack-0.6.1/src/MBVvol.C:122:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(highr,smpsr,sizeof(float) * PERIOD); data/rakarrack-0.6.1/src/MIDIConverter.C:33:16: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static const char *englishNotes[12] = data/rakarrack-0.6.1/src/MIDIConverter.C:56:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char portname[50]; data/rakarrack-0.6.1/src/MIDIConverter.C:60:3: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf (portname, "rakarrack MC OUT"); data/rakarrack-0.6.1/src/NewDist.C:172:8: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(efxoutl,smpsl,PERIOD * sizeof(float)); data/rakarrack-0.6.1/src/NewDist.C:173:8: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(efxoutr,smpsl,PERIOD * sizeof(float)); data/rakarrack-0.6.1/src/RecChord.C:484:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char AName[20]; data/rakarrack-0.6.1/src/RecChord.h:45:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char NombreAcorde[20]; data/rakarrack-0.6.1/src/RecChord.h:51:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char Nom[16]; data/rakarrack-0.6.1/src/RecChord.h:56:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char Nom[3]; data/rakarrack-0.6.1/src/RecChord.h:61:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char Nom[3]; data/rakarrack-0.6.1/src/RecChord.h:85:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char Nom[10]; data/rakarrack-0.6.1/src/RecChord.h:95:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char Nom[10]; data/rakarrack-0.6.1/src/RecChord.h:106:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char Nom[16]; data/rakarrack-0.6.1/src/RecognizeNote.C:45:16: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static const char *englishNotes[12] = data/rakarrack-0.6.1/src/Reverbtron.C:121:6: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(templ, smpsl,sizeof(float)*PERIOD); data/rakarrack-0.6.1/src/Reverbtron.C:122:6: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(tempr, smpsr,sizeof(float)*PERIOD); data/rakarrack-0.6.1/src/Reverbtron.C:216:6: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(efxoutl, templ,sizeof(float)*PERIOD); data/rakarrack-0.6.1/src/Reverbtron.C:217:6: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(efxoutr, tempr,sizeof(float)*PERIOD); data/rakarrack-0.6.1/src/Reverbtron.C:261:1: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char wbuf[128]; data/rakarrack-0.6.1/src/Reverbtron.C:272:11: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if ((fs = fopen (Filename, "r")) == NULL) { data/rakarrack-0.6.1/src/Reverbtron.h:50:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char Filename[128]; data/rakarrack-0.6.1/src/Ring.C:152:21: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. if (Pstereo == 0) memcpy (efxoutr , efxoutl, PERIOD * sizeof(float)); data/rakarrack-0.6.1/src/Sequence.C:285:6: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(templ, smpsl,sizeof(float)*PERIOD); data/rakarrack-0.6.1/src/Sequence.C:286:6: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(tempr, smpsr,sizeof(float)*PERIOD); data/rakarrack-0.6.1/src/Sequence.C:325:4: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(templ, outo, sizeof(float)*nPERIOD); data/rakarrack-0.6.1/src/Sequence.C:326:4: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(tempr, outo, sizeof(float)*nPERIOD); data/rakarrack-0.6.1/src/Sequence.C:334:6: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(efxoutl, templ,sizeof(float)*PERIOD); data/rakarrack-0.6.1/src/Sequence.C:335:6: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(efxoutr, tempr,sizeof(float)*PERIOD); data/rakarrack-0.6.1/src/Sequence.C:412:6: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(templ, smpsl,sizeof(float)*PERIOD); data/rakarrack-0.6.1/src/Sequence.C:413:6: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(tempr, smpsr,sizeof(float)*PERIOD); data/rakarrack-0.6.1/src/Sequence.C:447:4: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(templ, outo, sizeof(float)*nPERIOD); data/rakarrack-0.6.1/src/Sequence.C:448:4: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(tempr, outo, sizeof(float)*nPERIOD); data/rakarrack-0.6.1/src/Sequence.C:456:6: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(efxoutl, templ,sizeof(float)*nPERIOD); data/rakarrack-0.6.1/src/Sequence.C:457:6: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(efxoutr, tempr,sizeof(float)*nPERIOD); data/rakarrack-0.6.1/src/Sequence.C:472:6: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(templ, smpsl,sizeof(float)*PERIOD); data/rakarrack-0.6.1/src/Sequence.C:473:6: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(tempr, smpsr,sizeof(float)*PERIOD); data/rakarrack-0.6.1/src/Sequence.C:529:4: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(templ, outo, sizeof(float)*nPERIOD); data/rakarrack-0.6.1/src/Sequence.C:530:4: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(tempr, outo, sizeof(float)*nPERIOD); data/rakarrack-0.6.1/src/Sequence.C:539:6: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(efxoutl, templ,sizeof(float)*nPERIOD); data/rakarrack-0.6.1/src/Sequence.C:540:6: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(efxoutr, tempr,sizeof(float)*nPERIOD); data/rakarrack-0.6.1/src/ShelfBoost.C:84:14: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. if(!Pstereo) memcpy(smpsr,smpsl,sizeof(float)*PERIOD); data/rakarrack-0.6.1/src/Shifter.C:179:6: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(templ, smpsl,sizeof(float)*PERIOD); data/rakarrack-0.6.1/src/Shifter.C:180:6: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(tempr, smpsr,sizeof(float)*PERIOD); data/rakarrack-0.6.1/src/Shifter.C:255:6: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(efxoutl, templ,sizeof(float)*PERIOD); data/rakarrack-0.6.1/src/Shifter.C:256:6: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(efxoutr, tempr,sizeof(float)*PERIOD); data/rakarrack-0.6.1/src/StereoHarm.C:109:6: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(templ, smpsl,sizeof(float)*PERIOD); data/rakarrack-0.6.1/src/StereoHarm.C:110:6: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(tempr, smpsr,sizeof(float)*PERIOD); data/rakarrack-0.6.1/src/StereoHarm.C:144:6: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(outol,outil,sizeof(float)*nPERIOD); data/rakarrack-0.6.1/src/StereoHarm.C:152:6: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(outor,outir,sizeof(float)*nPERIOD); data/rakarrack-0.6.1/src/StereoHarm.C:161:6: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(templ, outol,sizeof(float)*PERIOD); data/rakarrack-0.6.1/src/StereoHarm.C:162:6: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(tempr, outor,sizeof(float)*PERIOD); data/rakarrack-0.6.1/src/Tuner.C:22:16: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static const char *englishNotes[12] = data/rakarrack-0.6.1/src/Valve.C:241:21: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. if (Pstereo == 0) memcpy (efxoutr , efxoutl, PERIOD * sizeof(float)); data/rakarrack-0.6.1/src/Vocoder.C:233:4: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(tmpaux,auxresampled,sizeof(float)*nPERIOD); data/rakarrack-0.6.1/src/Vocoder.C:278:4: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(tsmpsl,smpsl,sizeof(float)*nPERIOD); data/rakarrack-0.6.1/src/Vocoder.C:279:4: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(tsmpsr,smpsr,sizeof(float)*nPERIOD); data/rakarrack-0.6.1/src/Vocoder.C:331:6: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(efxoutl,tmpl,sizeof(float)*nPERIOD); data/rakarrack-0.6.1/src/Vocoder.C:332:6: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(efxoutr,tmpr,sizeof(float)*nPERIOD); data/rakarrack-0.6.1/src/Waveshaper.C:125:8: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. else memcpy(temps,smps,sizeof(float)*n); data/rakarrack-0.6.1/src/Waveshaper.C:618:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(smps,temps,sizeof(float)*n); data/rakarrack-0.6.1/src/fileio.C:422:4: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf (buf, "%d,%d,%d,%d,%d,%d,%d,%d,%d,%d,%d,%d,%d\n", data/rakarrack-0.6.1/src/fileio.C:433:4: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf (buf, "%d,%d,%d,%d,%d,%d,%d,%d,%d,%d\n", data/rakarrack-0.6.1/src/fileio.C:443:4: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf (buf, "%d,%d,%d,%d,%d,%d,%d,%d,%d,%d,%d,%d,%d\n", data/rakarrack-0.6.1/src/fileio.C:455:4: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf (buf, "%d,%d,%d,%d,%d,%d,%d,%d,%d,%d,%d,%d,%d\n", data/rakarrack-0.6.1/src/fileio.C:467:4: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf (buf, "%d,%d,%d,%d,%d,%d,%d,%d,%d,%d,%d,%d,%d\n", data/rakarrack-0.6.1/src/fileio.C:479:4: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf (buf, "%d,%d,%d,%d,%d,%d,%d,%d,%d,%d,%d,%d,%d,%d\n", data/rakarrack-0.6.1/src/fileio.C:491:4: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf (buf, "%d,%d,%d,%d,%d,%d,%d,%d,%d,%d,%d,%d,%d,%d\n", data/rakarrack-0.6.1/src/fileio.C:503:4: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf (buf, "%d,%d,%d,%d,%d,%d,%d,%d,%d,%d,%d,%d,%d\n", data/rakarrack-0.6.1/src/fileio.C:514:4: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf (buf, "%d,%d,%d,%d,%d,%d,%d,%d,%d,%d,%d\n", data/rakarrack-0.6.1/src/fileio.C:525:4: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf (buf, "%d,%d,%d,%d,%d,%d,%d,%d,%d,%d\n", data/rakarrack-0.6.1/src/fileio.C:536:4: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf (buf, "%d,%d,%d,%d,%d,%d,%d,%d,%d,%d,%d,%d\n", data/rakarrack-0.6.1/src/fileio.C:547:4: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf (buf, "%d,%d,%d,%d,%d,%d,%d,%d,%d,%d,%d,%d\n", data/rakarrack-0.6.1/src/fileio.C:558:4: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf (buf, "%d,%d,%d\n", data/rakarrack-0.6.1/src/fileio.C:564:4: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf (buf, "%d,%d,%d,%d,%d,%d,%d,%d,%d,%d\n", data/rakarrack-0.6.1/src/fileio.C:574:4: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf (buf, "%d,%d,%d,%d,%d,%d,%d,%d,%d,%d,%d,%d\n", data/rakarrack-0.6.1/src/fileio.C:585:4: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf (buf, "%d,%d,%d,%d,%d,%d,%d,%d,%d,%d,%d,%d,%d,%d\n", data/rakarrack-0.6.1/src/fileio.C:597:4: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf (buf, "%d,%d,%d,%d,%d,%d,%d,%d\n", data/rakarrack-0.6.1/src/fileio.C:606:4: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf (buf, "%d,%d,%d,%d,%d,%d,%d,%d,%d,%d,%d,%d,%d,%d\n", data/rakarrack-0.6.1/src/fileio.C:618:4: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf (buf, "%d,%d,%d,%d,%d,%d,%d,%d,%d,%d,%d,%d,%d\n", data/rakarrack-0.6.1/src/fileio.C:630:4: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf (buf, "%d,%d,%d,%d,%d,%d,%d,%d,%d,%d,%d,%d,%d,%d\n", data/rakarrack-0.6.1/src/fileio.C:642:4: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf (buf, "%d,%d,%d,%d,%d,%d,%d,%d,%d,%d,%d,%d,%d,%d,%d\n", data/rakarrack-0.6.1/src/fileio.C:655:4: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf (buf, "%d,%d,%d,%d,%d,%d,%d,%d,%d,%d,%d,%d,%d,%d\n", data/rakarrack-0.6.1/src/fileio.C:667:4: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf (buf, "%d,%d,%d,%d,%d,%d,%d,%d,%d,%d,%d,%d,%d,%d\n", data/rakarrack-0.6.1/src/fileio.C:679:4: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf (buf, "%d,%d,%d,%d,%d,%d,%d,%d,%d,%d,%d,%d,%d,%d,%d,%d\n", data/rakarrack-0.6.1/src/fileio.C:692:4: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf (buf, "%d,%d,%d,%d,%d,%d,%d,%d,%d,%d,%d,%d\n", data/rakarrack-0.6.1/src/fileio.C:703:4: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf (buf, "%d,%d,%d,%d,%d,%d,%d,%d\n", data/rakarrack-0.6.1/src/fileio.C:712:4: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf (buf, "%d,%d,%d,%d,%d,%d,%d,%d,%d,%d,%d,%d\n", data/rakarrack-0.6.1/src/fileio.C:723:4: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf (buf, "%d,%d,%d,%d,%d,%d,%d,%d,%d,%d,%d,%d,%d,%d,%d,%d,%d\n", data/rakarrack-0.6.1/src/fileio.C:737:4: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf (buf, "%d,%d,%d,%d,%d,%d,%d,%d,%d,%d,%d,%d\n", data/rakarrack-0.6.1/src/fileio.C:759:4: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf (buf, "%d,%d,%d,%d,%d,%d,%d,%d,%d,%d,%d,%d,%d,%d,%d\n", data/rakarrack-0.6.1/src/fileio.C:771:4: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf (buf, "%d,%d,%d,%d,%d,%d,%d,%d,%d,%d,%d,%d,%d,%d,%d,%d,%d,%d,%d,%d\n", data/rakarrack-0.6.1/src/fileio.C:786:4: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf (buf, "%d,%d,%d,%d,%d,%d,%d,%d,%d,%d,%d\n", data/rakarrack-0.6.1/src/fileio.C:798:4: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf (buf, "%d,%d,%d,%d,%d,%d,%d,%d,%d,%d\n", data/rakarrack-0.6.1/src/fileio.C:808:4: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf (buf, "%d,%d,%d,%d,%d,%d\n", data/rakarrack-0.6.1/src/fileio.C:816:4: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf (buf, "%d,%d,%d,%d,%d,%d,%d,%d\n", data/rakarrack-0.6.1/src/fileio.C:825:4: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf (buf, "%d,%d,%d\n", data/rakarrack-0.6.1/src/fileio.C:832:4: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf (buf, "%d,%d,%d,%d,%d,%d,%d,%d,%d,%d,%d,%d,%d,%d,%d,%d\n", data/rakarrack-0.6.1/src/fileio.C:845:4: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf (buf, "%d,%d,%d,%d,%d,%d,%d,%d,%d,%d,%d\n", data/rakarrack-0.6.1/src/fileio.C:856:4: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf (buf, "%d,%d,%d,%d,%d,%d,%d\n", data/rakarrack-0.6.1/src/fileio.C:892:4: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf (buf, "%d,%d,%d,%d,%d,%d,%d,%d,%d,%d,%d,%d,%d\n", data/rakarrack-0.6.1/src/fileio.C:904:4: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf (buf, "%d,%d,%d,%d,%d,%d,%d,%d,%d,%d,%d,%d,%d,%d\n", data/rakarrack-0.6.1/src/fileio.C:916:4: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf (buf, "%d,%d,%d,%d,%d,%d,%d\n", data/rakarrack-0.6.1/src/fileio.C:926:4: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf (buf, "%d,%d,%d,%d,%d,%d,%d,%d,%d,%d,%d\n", data/rakarrack-0.6.1/src/fileio.C:947:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[256]; data/rakarrack-0.6.1/src/fileio.C:948:8: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fn = fopen (filename, "w"); data/rakarrack-0.6.1/src/fileio.C:984:3: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf (buf, "%f,%f,%f,%d\n", Input_Gain, Master_Volume, Fraction_Bypass, Bypass_B); data/rakarrack-0.6.1/src/fileio.C:1001:3: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf (buf, "%d,%d,%d,%d,%d,%d,%d,%d,%d,%d\n", data/rakarrack-0.6.1/src/fileio.C:1012:10: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(buf,"%d,%d,%d,%d,%d,%d,%d,%d,%d,%d,%d,%d,%d,%d,%d,%d,%d,%d,%d,%d\n", data/rakarrack-0.6.1/src/fileio.C:1043:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[256]; data/rakarrack-0.6.1/src/fileio.C:1045:13: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if ((fn = fopen (filename, "r")) == NULL) data/rakarrack-0.6.1/src/fileio.C:1069:13: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if ((fn = fopen (filename, "r")) == NULL) data/rakarrack-0.6.1/src/fileio.C:1616:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char temp[128]; data/rakarrack-0.6.1/src/fileio.C:1651:13: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if ((fn = fopen (temp, "rb")) != NULL) data/rakarrack-0.6.1/src/fileio.C:1672:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char meslabel[64]; data/rakarrack-0.6.1/src/fileio.C:1702:13: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if ((fn = fopen (filename, "rb")) != NULL) data/rakarrack-0.6.1/src/fileio.C:1726:13: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if ((fn = fopen (filename, "wb")) != NULL) data/rakarrack-0.6.1/src/fileio.C:2389:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(Bank[i].XUserMIDI,XUserMIDI,sizeof(XUserMIDI)); data/rakarrack-0.6.1/src/fileio.C:2412:3: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(Bank[i].cInput_Gain, "%f", Bank[i].Input_Gain); data/rakarrack-0.6.1/src/fileio.C:2414:3: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(Bank[i].cMaster_Volume, "%f", Bank[i].Master_Volume); data/rakarrack-0.6.1/src/fileio.C:2416:3: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(Bank[i].cBalance, "%f", Bank[i].Balance); data/rakarrack-0.6.1/src/fileio.C:2506:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[256]; data/rakarrack-0.6.1/src/fileio.C:2507:13: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fn = fopen (filename, "w"); data/rakarrack-0.6.1/src/fileio.C:2517:8: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf (buf, "%d,%d\n", resolution,sh); data/rakarrack-0.6.1/src/fileio.C:2521:8: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf (buf, "%d,%d,%d,%d\n", sback_color,sfore_color,slabel_color,sleds_color); data/rakarrack-0.6.1/src/fileio.C:2531:8: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf (buf, "%d,%d\n", relfontsize,font); data/rakarrack-0.6.1/src/fileio.C:2535:8: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf (buf, "%d\n", sschema); data/rakarrack-0.6.1/src/fileio.C:2548:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[256]; data/rakarrack-0.6.1/src/fileio.C:2551:13: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if ((fn = fopen (filename, "r")) == NULL) data/rakarrack-0.6.1/src/fileio.C:2603:11: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if ((fs = fopen (filename, "r")) != NULL) data/rakarrack-0.6.1/src/fileio.C:2621:1: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buff[255]; data/rakarrack-0.6.1/src/fileio.C:2631:1: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buff[255]; data/rakarrack-0.6.1/src/fileio.C:2643:1: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char tempfile[256]; data/rakarrack-0.6.1/src/fileio.C:2644:1: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[256]; data/rakarrack-0.6.1/src/fileio.C:2645:1: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char sbuf[256]; data/rakarrack-0.6.1/src/fileio.C:2649:12: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if (( fn = fopen (tempfile, "a")) != NULL) data/rakarrack-0.6.1/src/fileio.C:2671:1: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char orden[1024]; data/rakarrack-0.6.1/src/fileio.C:2672:1: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char tempfile[256]; data/rakarrack-0.6.1/src/fileio.C:2673:1: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char tempfile2[256]; data/rakarrack-0.6.1/src/fileio.C:2674:1: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[256]; data/rakarrack-0.6.1/src/fileio.C:2675:1: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char rbuf[256]; data/rakarrack-0.6.1/src/fileio.C:2684:12: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if (( fs = fopen (tempfile, "r")) == NULL) return; data/rakarrack-0.6.1/src/fileio.C:2687:12: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if (( fn = fopen (tempfile2, "w")) != NULL) data/rakarrack-0.6.1/src/fileio.C:2719:1: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char orden[1024]; data/rakarrack-0.6.1/src/fileio.C:2720:1: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char tempfile[256]; data/rakarrack-0.6.1/src/fileio.C:2721:1: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char tempfile2[256]; data/rakarrack-0.6.1/src/fileio.C:2749:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[256]; data/rakarrack-0.6.1/src/fileio.C:2750:8: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fn = fopen (filename, "w"); data/rakarrack-0.6.1/src/fileio.C:2761:3: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf (buf, "%d,%d\n", M_table[i].bank,M_table[i].preset); data/rakarrack-0.6.1/src/fileio.C:2773:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[256]; data/rakarrack-0.6.1/src/fileio.C:2776:13: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if ((fn = fopen (filename, "r")) == NULL) data/rakarrack-0.6.1/src/global.h:322:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char jackcliname[64]; data/rakarrack-0.6.1/src/global.h:621:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char tmpprefname[128]; data/rakarrack-0.6.1/src/global.h:630:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char MID[128]; data/rakarrack-0.6.1/src/global.h:631:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char BankFilename[128]; data/rakarrack-0.6.1/src/global.h:632:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char UDirFilename[128]; data/rakarrack-0.6.1/src/global.h:633:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char BackgroundImage[256]; data/rakarrack-0.6.1/src/global.h:640:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char Nom[24]; data/rakarrack-0.6.1/src/global.h:648:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char Nom[32]; data/rakarrack-0.6.1/src/global.h:656:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char Preset_Name[64]; data/rakarrack-0.6.1/src/global.h:657:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char Author[64]; data/rakarrack-0.6.1/src/global.h:658:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char Classe[36]; data/rakarrack-0.6.1/src/global.h:659:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char Type[4]; data/rakarrack-0.6.1/src/global.h:660:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char ConvoFiname[128]; data/rakarrack-0.6.1/src/global.h:661:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char cInput_Gain[64]; data/rakarrack-0.6.1/src/global.h:662:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char cMaster_Volume[64]; data/rakarrack-0.6.1/src/global.h:663:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char cBalance[64]; data/rakarrack-0.6.1/src/global.h:668:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char RevFiname[128]; data/rakarrack-0.6.1/src/global.h:669:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char EchoFiname[128]; data/rakarrack-0.6.1/src/global.h:685:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char Preset_Name[64]; data/rakarrack-0.6.1/src/global.h:696:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char name[128]; data/rakarrack-0.6.1/src/jack.C:256:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy (JackOUT->efxoutl, inl, data/rakarrack-0.6.1/src/jack.C:258:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy (JackOUT->efxoutr, inr, data/rakarrack-0.6.1/src/jack.C:260:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy (JackOUT->auxdata, aux, data/rakarrack-0.6.1/src/jack.C:269:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy (outl, JackOUT->efxoutl, data/rakarrack-0.6.1/src/jack.C:271:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy (outr, JackOUT->efxoutr, data/rakarrack-0.6.1/src/main.C:142:22: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). preset=atoi(optarguments); data/rakarrack-0.6.1/src/process.C:67:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char temp[128]; data/rakarrack-0.6.1/src/process.C:92:3: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf (temp, "rakarrack"); data/rakarrack-0.6.1/src/process.C:180:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char j_names[128]; data/rakarrack-0.6.1/src/process.C:188:7: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf (temp, "Jack Port %d", i + 1); data/rakarrack-0.6.1/src/process.C:205:7: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf (temp, "Jack Port In %d", i + 1); data/rakarrack-0.6.1/src/process.C:869:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char temp[128]; data/rakarrack-0.6.1/src/process.C:1132:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(smpl,efxoutl, PERIOD * sizeof(float)); data/rakarrack-0.6.1/src/process.C:1133:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(smpr,efxoutr, PERIOD * sizeof(float)); data/rakarrack-0.6.1/src/process.C:1237:39: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. if((checkforaux()) || (ACI_Bypass)) memcpy(auxresampled,auxdata,sizeof(float)*J_PERIOD); data/rakarrack-0.6.1/src/process.C:1258:7: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(smpl,efxoutl,sizeof(float)*PERIOD); data/rakarrack-0.6.1/src/process.C:1259:7: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(smpr,efxoutr,sizeof(float)*PERIOD); data/rakarrack-0.6.1/src/process.C:1306:4: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(anall, efxoutl, sizeof(float)* PERIOD); data/rakarrack-0.6.1/src/process.C:1307:4: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(analr, efxoutr, sizeof(float)* PERIOD); data/rakarrack-0.6.1/src/rakarrack.cxx:46:1: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[4]; data/rakarrack-0.6.1/src/rakarrack.cxx:779:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[128]; data/rakarrack-0.6.1/src/rakarrack.cxx:897:1: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char name[64]; data/rakarrack-0.6.1/src/rakarrack.cxx:1061:1: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char notas[3]; data/rakarrack-0.6.1/src/rakarrack.cxx:1069:1: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char refreq[60]; data/rakarrack-0.6.1/src/rakarrack.cxx:1070:1: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(refreq,"%8.3f",rkr->efx_Tuner->nfreq); data/rakarrack-0.6.1/src/rakarrack.cxx:1078:1: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char nofreq[60]; data/rakarrack-0.6.1/src/rakarrack.cxx:1079:1: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(nofreq,"%8.3f",rkr->efx_Tuner->afreq); data/rakarrack-0.6.1/src/rakarrack.cxx:1210:1: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char tmp[8]; data/rakarrack-0.6.1/src/rakarrack.cxx:1212:1: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(tmp,"%5.2f%%",rkr->cpuload); data/rakarrack-0.6.1/src/rakarrack.cxx:1350:12: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char tmp[16]; data/rakarrack-0.6.1/src/rakarrack.cxx:1352:12: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(tmp,"%d/%d",rkr->efx_Looper->looper_bar,rkr->efx_Looper->looper_qua); data/rakarrack-0.6.1/src/rakarrack.cxx:9420:1: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char temp[128]; data/rakarrack-0.6.1/src/rakarrack.cxx:9438:1: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char temp[128]; data/rakarrack-0.6.1/src/rakarrack.cxx:9456:1: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char temp[128]; data/rakarrack-0.6.1/src/rakarrack.cxx:9792:1: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char name[64]; data/rakarrack-0.6.1/src/rakarrack.cxx:9901:1: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char temp[128]; data/rakarrack-0.6.1/src/rakarrack.cxx:10907:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(rkr->Bank[TPresets->value()].XUserMIDI,rkr->XUserMIDI, sizeof(rkr->XUserMIDI)); data/rakarrack-0.6.1/src/rakarrack.cxx:11032:19: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. for(i=1;i<61;i++) memcpy(rkr->Bank[i].XUserMIDI,rkr->XUserMIDI, sizeof(rkr->XUserMIDI)); data/rakarrack-0.6.1/src/rakarrack.cxx:21837:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char tmp[64]; data/rakarrack-0.6.1/src/rakarrack.cxx:21869:1: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char tmp[256]; data/rakarrack-0.6.1/src/rakarrack.cxx:22053:1: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char tmp[256]; data/rakarrack-0.6.1/src/rakarrack.cxx:22263:1: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char temp[64]; data/rakarrack-0.6.1/src/rakarrack.cxx:22272:1: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(temp, "Midi Table Program %d",i); data/rakarrack-0.6.1/src/rakarrack.cxx:22508:1: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char temp1[128]; data/rakarrack-0.6.1/src/rakarrack.cxx:22514:7: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(temp1, "Midi Table Program %d",i); data/rakarrack-0.6.1/src/rakarrack.cxx:22526:7: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(temp1,"Jack Port %d",k); data/rakarrack-0.6.1/src/rakarrack.cxx:22542:7: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(temp1,"Jack Port In %d",k); data/rakarrack-0.6.1/src/rakarrack.cxx:22852:1: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char temp2[128]; data/rakarrack-0.6.1/src/rakarrack.cxx:23717:1: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char temp[128]; data/rakarrack-0.6.1/src/rakarrack.cxx:23740:20: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if (FILE * file = fopen(temp, "r")) data/rakarrack-0.6.1/src/rakarrack.cxx:23751:1: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char temp[128]; data/rakarrack-0.6.1/src/rakarrack.cxx:23784:1: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char temp[128]; data/rakarrack-0.6.1/src/rakarrack.cxx:23785:1: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char temp1[128]; data/rakarrack-0.6.1/src/rakarrack.cxx:23793:11: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if ((fp = fopen ("/proc/asound/seq/clients", "r")) != NULL) data/rakarrack-0.6.1/src/rakarrack.cxx:24105:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buffer[128]; data/rakarrack-0.6.1/src/rakarrack.cxx:24126:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char tmp[256]; data/rakarrack-0.6.1/src/rakarrack.cxx:26307:1: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char tmp[256]; data/rakarrack-0.6.1/src/rakarrack.cxx:26370:1: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char tmp[8]; data/rakarrack-0.6.1/src/rakarrack.cxx:26391:12: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(tmp, "%d", i); data/rakarrack-0.6.1/src/rakarrack.cxx:26988:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char nombank[256]; data/rakarrack-0.6.1/src/rakarrack.cxx:26989:1: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char nombre[64]; data/rakarrack-0.6.1/src/rakarrack.cxx:27157:1: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char NewName[64]; data/rakarrack-0.6.1/src/rakarrack.cxx:27208:1: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char tempfile[256]; data/rakarrack-0.6.1/src/rakarrack.cxx:27209:1: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[256]; data/rakarrack-0.6.1/src/rakarrack.cxx:27217:12: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if (( fn = fopen (tempfile, "r")) != NULL) data/rakarrack-0.6.1/src/rakarrack.cxx:27236:1: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char temp2[128]; data/rakarrack-0.6.1/src/rakarrack.cxx:27237:1: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char Rname[128]; data/rakarrack-0.6.1/src/rakarrack.cxx:27273:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[20]; sprintf(buf,"%d",y); data/rakarrack-0.6.1/src/rakarrack.cxx:27273:19: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. char buf[20]; sprintf(buf,"%d",y); data/rakarrack-0.6.1/src/rkrMIDI.C:44:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char portname[50]; data/rakarrack-0.6.1/src/rkrMIDI.C:48:3: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf (portname, "rakarrack IN"); data/rakarrack-0.6.1/src/rkrMIDI.C:639:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char temp[128]; data/rakarrack-0.6.1/src/rkrMIDI.C:640:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char temp1[128]; data/rakarrack-0.6.1/src/rkrMIDI.C:641:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char temp2[128]; data/rakarrack-0.6.1/src/rkrMIDI.C:648:13: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if ((fp = fopen ("/proc/asound/seq/clients", "r")) != NULL) data/rakarrack-0.6.1/src/rkrMIDI.C:697:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char tempi[128]; data/rakarrack-0.6.1/src/rkrMIDI.C:702:7: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf (tempi, "aconnect %d:%d %d:%d", Ccin, Pcin, Cyoin, Pyoin); data/rakarrack-0.6.1/src/rkrMIDI.C:713:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char tempi[128]; data/rakarrack-0.6.1/src/rkrMIDI.C:718:7: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf (tempi, "aconnect -d %d:%d %d:%d", Ccin, Pcin, Cyoin, Pyoin); data/rakarrack-0.6.1/src/varios.C:53:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char meslabel[64]; data/rakarrack-0.6.1/src/varios.C:54:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char error_msg[256]; data/rakarrack-0.6.1/src/varios.C:126:1: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char temp[256]; data/rakarrack-0.6.1/src/varios.C:130:13: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if ((fp = fopen ("/proc/cpuinfo", "r")) != NULL) data/rakarrack-0.6.1/extra/rakconvert.C:527:1: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(NewFile1, OldBankFile, strlen(OldBankFile)-5); data/rakarrack-0.6.1/extra/rakconvert.C:527:32: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). strncpy(NewFile1, OldBankFile, strlen(OldBankFile)-5); data/rakarrack-0.6.1/extra/rakconvert.C:528:1: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(NewFile2, OldBankFile, strlen(OldBankFile)-5); data/rakarrack-0.6.1/extra/rakconvert.C:528:32: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). strncpy(NewFile2, OldBankFile, strlen(OldBankFile)-5); data/rakarrack-0.6.1/extra/rakgit2new.C:306:1: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(NewFile1, OldBankFile, strlen(OldBankFile)-5); data/rakarrack-0.6.1/extra/rakgit2new.C:306:32: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). strncpy(NewFile1, OldBankFile, strlen(OldBankFile)-5); data/rakarrack-0.6.1/extra/rakverb.C:123:2: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(tempfile, Inputfile, strlen(Inputfile)-4); data/rakarrack-0.6.1/extra/rakverb.C:123:31: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). strncpy(tempfile, Inputfile, strlen(Inputfile)-4); data/rakarrack-0.6.1/extra/rakverb2.C:137:2: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(tempfile, Inputfile, strlen(Inputfile)-4); data/rakarrack-0.6.1/extra/rakverb2.C:137:31: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). strncpy(tempfile, Inputfile, strlen(Inputfile)-4); data/rakarrack-0.6.1/src/fileio.C:964:7: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen (Author) != 0) data/rakarrack-0.6.1/src/jack.C:288:3: [1] (obsolete) usleep: This C routine is considered obsolete (as opposed to the shell command by the same name). The interaction of this function with SIGALRM and other timer functions such as sleep(), alarm(), setitimer(), and nanosleep() is unspecified (CWE-676). Use nanosleep(2) or setitimer(2) instead. usleep (100000); data/rakarrack-0.6.1/src/main.C:196:4: [1] (obsolete) usleep: This C routine is considered obsolete (as opposed to the shell command by the same name). The interaction of this function with SIGALRM and other timer functions such as sleep(), alarm(), setitimer(), and nanosleep() is unspecified (CWE-676). Use nanosleep(2) or setitimer(2) instead. usleep (1500); data/rakarrack-0.6.1/src/process.C:192:2: [1] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant character. strcpy (j_names, ""); data/rakarrack-0.6.1/src/process.C:209:2: [1] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant character. strcpy (j_names, ""); data/rakarrack-0.6.1/src/rakarrack.cxx:22887:5: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(rkr->Bank[num].Preset_Name) >0) data/rakarrack-0.6.1/src/rakarrack.cxx:27009:6: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(nombre,fs->d_name,strlen(fs->d_name)-5); data/rakarrack-0.6.1/src/rakarrack.cxx:27009:32: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). strncpy(nombre,fs->d_name,strlen(fs->d_name)-5); ANALYSIS SUMMARY: Hits = 563 Lines analyzed = 71091 in approximately 1.60 seconds (44500 lines/second) Physical Source Lines of Code (SLOC) = 57381 Hits@level = [0] 161 [1] 18 [2] 361 [3] 14 [4] 170 [5] 0 Hits@level+ = [0+] 724 [1+] 563 [2+] 545 [3+] 184 [4+] 170 [5+] 0 Hits/KSLOC@level+ = [0+] 12.6174 [1+] 9.81161 [2+] 9.49792 [3+] 3.20664 [4+] 2.96265 [5+] 0 Dot directories skipped = 1 (--followdotdir overrides) Minimum risk level = 1 Not every hit is necessarily a security vulnerability. There may be other security vulnerabilities; review your code! See 'Secure Programming HOWTO' (https://dwheeler.com/secure-programs) for more information.