Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler. Number of rules (primarily dangerous function names) in C/C++ ruleset: 223 Examining data/soapyosmo-0.2.5/GrOsmoSDRInterface.hpp Examining data/soapyosmo-0.2.5/GrOsmoSDRRegister.in.cpp Examining data/soapyosmo-0.2.5/compat/include/gnuradio/attributes.h Examining data/soapyosmo-0.2.5/compat/include/gnuradio/basic_block.h Examining data/soapyosmo-0.2.5/compat/include/gnuradio/block.h Examining data/soapyosmo-0.2.5/compat/include/gnuradio/gr_complex.h Examining data/soapyosmo-0.2.5/compat/include/gnuradio/hier_block2.h Examining data/soapyosmo-0.2.5/compat/include/gnuradio/io_signature.h Examining data/soapyosmo-0.2.5/compat/include/gnuradio/sptr_magic.h Examining data/soapyosmo-0.2.5/compat/include/gnuradio/sync_block.h Examining data/soapyosmo-0.2.5/compat/include/gnuradio/thread/thread.h Examining data/soapyosmo-0.2.5/compat/include/gnuradio/types.h Examining data/soapyosmo-0.2.5/compat/lib/io_signature.cc Examining data/soapyosmo-0.2.5/compat/lib/sync_block.cc Examining data/soapyosmo-0.2.5/gr-osmosdr/docs/doxygen/doxyxml/example/aadvark.cc Examining data/soapyosmo-0.2.5/gr-osmosdr/docs/doxygen/doxyxml/example/aadvark.h Examining data/soapyosmo-0.2.5/gr-osmosdr/include/osmosdr/api.h Examining data/soapyosmo-0.2.5/gr-osmosdr/include/osmosdr/device.h Examining data/soapyosmo-0.2.5/gr-osmosdr/include/osmosdr/pimpl.h Examining data/soapyosmo-0.2.5/gr-osmosdr/include/osmosdr/ranges.h Examining data/soapyosmo-0.2.5/gr-osmosdr/include/osmosdr/sink.h Examining data/soapyosmo-0.2.5/gr-osmosdr/include/osmosdr/source.h Examining data/soapyosmo-0.2.5/gr-osmosdr/include/osmosdr/time_spec.h Examining data/soapyosmo-0.2.5/gr-osmosdr/lib/airspy/airspy_fir_kernels.h Examining data/soapyosmo-0.2.5/gr-osmosdr/lib/airspy/airspy_source_c.cc Examining data/soapyosmo-0.2.5/gr-osmosdr/lib/airspy/airspy_source_c.h Examining data/soapyosmo-0.2.5/gr-osmosdr/lib/arg_helpers.h Examining data/soapyosmo-0.2.5/gr-osmosdr/lib/bladerf/bladerf_common.cc Examining data/soapyosmo-0.2.5/gr-osmosdr/lib/bladerf/bladerf_common.h Examining data/soapyosmo-0.2.5/gr-osmosdr/lib/bladerf/bladerf_sink_c.cc Examining data/soapyosmo-0.2.5/gr-osmosdr/lib/bladerf/bladerf_sink_c.h Examining data/soapyosmo-0.2.5/gr-osmosdr/lib/bladerf/bladerf_source_c.cc Examining data/soapyosmo-0.2.5/gr-osmosdr/lib/bladerf/bladerf_source_c.h Examining data/soapyosmo-0.2.5/gr-osmosdr/lib/device.cc Examining data/soapyosmo-0.2.5/gr-osmosdr/lib/fcd/fcd_source_c.cc Examining data/soapyosmo-0.2.5/gr-osmosdr/lib/fcd/fcd_source_c.h Examining data/soapyosmo-0.2.5/gr-osmosdr/lib/file/file_sink_c.cc Examining data/soapyosmo-0.2.5/gr-osmosdr/lib/file/file_sink_c.h Examining data/soapyosmo-0.2.5/gr-osmosdr/lib/file/file_source_c.cc Examining data/soapyosmo-0.2.5/gr-osmosdr/lib/file/file_source_c.h Examining data/soapyosmo-0.2.5/gr-osmosdr/lib/freesrp/freesrp_common.cc Examining data/soapyosmo-0.2.5/gr-osmosdr/lib/freesrp/freesrp_common.h Examining data/soapyosmo-0.2.5/gr-osmosdr/lib/freesrp/freesrp_sink_c.cc Examining data/soapyosmo-0.2.5/gr-osmosdr/lib/freesrp/freesrp_sink_c.h Examining data/soapyosmo-0.2.5/gr-osmosdr/lib/freesrp/freesrp_source_c.cc Examining data/soapyosmo-0.2.5/gr-osmosdr/lib/freesrp/freesrp_source_c.h Examining data/soapyosmo-0.2.5/gr-osmosdr/lib/freesrp/readerwriterqueue/atomicops.h Examining data/soapyosmo-0.2.5/gr-osmosdr/lib/freesrp/readerwriterqueue/readerwriterqueue.h Examining data/soapyosmo-0.2.5/gr-osmosdr/lib/hackrf/hackrf_sink_c.cc Examining data/soapyosmo-0.2.5/gr-osmosdr/lib/hackrf/hackrf_sink_c.h Examining data/soapyosmo-0.2.5/gr-osmosdr/lib/hackrf/hackrf_source_c.cc Examining data/soapyosmo-0.2.5/gr-osmosdr/lib/hackrf/hackrf_source_c.h Examining data/soapyosmo-0.2.5/gr-osmosdr/lib/miri/miri_source_c.cc Examining data/soapyosmo-0.2.5/gr-osmosdr/lib/miri/miri_source_c.h Examining data/soapyosmo-0.2.5/gr-osmosdr/lib/osmosdr/osmosdr_src_c.cc Examining data/soapyosmo-0.2.5/gr-osmosdr/lib/osmosdr/osmosdr_src_c.h Examining data/soapyosmo-0.2.5/gr-osmosdr/lib/ranges.cc Examining data/soapyosmo-0.2.5/gr-osmosdr/lib/redpitaya/redpitaya_common.cc Examining data/soapyosmo-0.2.5/gr-osmosdr/lib/redpitaya/redpitaya_common.h Examining data/soapyosmo-0.2.5/gr-osmosdr/lib/redpitaya/redpitaya_sink_c.cc Examining data/soapyosmo-0.2.5/gr-osmosdr/lib/redpitaya/redpitaya_sink_c.h Examining data/soapyosmo-0.2.5/gr-osmosdr/lib/redpitaya/redpitaya_source_c.cc Examining data/soapyosmo-0.2.5/gr-osmosdr/lib/redpitaya/redpitaya_source_c.h Examining data/soapyosmo-0.2.5/gr-osmosdr/lib/rfspace/rfspace_source_c.cc Examining data/soapyosmo-0.2.5/gr-osmosdr/lib/rfspace/rfspace_source_c.h Examining data/soapyosmo-0.2.5/gr-osmosdr/lib/rtl/rtl_source_c.cc Examining data/soapyosmo-0.2.5/gr-osmosdr/lib/rtl/rtl_source_c.h Examining data/soapyosmo-0.2.5/gr-osmosdr/lib/rtl_tcp/rtl_tcp_source_c.cc Examining data/soapyosmo-0.2.5/gr-osmosdr/lib/rtl_tcp/rtl_tcp_source_c.h Examining data/soapyosmo-0.2.5/gr-osmosdr/lib/rtl_tcp/rtl_tcp_source_f.cc Examining data/soapyosmo-0.2.5/gr-osmosdr/lib/rtl_tcp/rtl_tcp_source_f.h Examining data/soapyosmo-0.2.5/gr-osmosdr/lib/sdrplay/sdrplay_source_c.cc Examining data/soapyosmo-0.2.5/gr-osmosdr/lib/sdrplay/sdrplay_source_c.h Examining data/soapyosmo-0.2.5/gr-osmosdr/lib/sink_iface.h Examining data/soapyosmo-0.2.5/gr-osmosdr/lib/sink_impl.cc Examining data/soapyosmo-0.2.5/gr-osmosdr/lib/sink_impl.h Examining data/soapyosmo-0.2.5/gr-osmosdr/lib/soapy/soapy_common.cc Examining data/soapyosmo-0.2.5/gr-osmosdr/lib/soapy/soapy_common.h Examining data/soapyosmo-0.2.5/gr-osmosdr/lib/soapy/soapy_sink_c.cc Examining data/soapyosmo-0.2.5/gr-osmosdr/lib/soapy/soapy_sink_c.h Examining data/soapyosmo-0.2.5/gr-osmosdr/lib/soapy/soapy_source_c.cc Examining data/soapyosmo-0.2.5/gr-osmosdr/lib/soapy/soapy_source_c.h Examining data/soapyosmo-0.2.5/gr-osmosdr/lib/source_iface.h Examining data/soapyosmo-0.2.5/gr-osmosdr/lib/source_impl.cc Examining data/soapyosmo-0.2.5/gr-osmosdr/lib/source_impl.h Examining data/soapyosmo-0.2.5/gr-osmosdr/lib/time_spec.cc Examining data/soapyosmo-0.2.5/gr-osmosdr/lib/uhd/uhd_sink_c.cc Examining data/soapyosmo-0.2.5/gr-osmosdr/lib/uhd/uhd_sink_c.h Examining data/soapyosmo-0.2.5/gr-osmosdr/lib/uhd/uhd_source_c.cc Examining data/soapyosmo-0.2.5/gr-osmosdr/lib/uhd/uhd_source_c.h FINAL RESULTS: data/soapyosmo-0.2.5/gr-osmosdr/lib/rfspace/rfspace_source_c.cc:1210:16: [5] (race) readlink: This accepts filename arguments; if an attacker can move those files or change the link content, a race condition results. Also, it does not terminate with ASCII NUL. (CWE-362, CWE-20). Reconsider approach. if ( readlink( device_driver.c_str(), buffer, sizeof(buffer) ) > 0 ) data/soapyosmo-0.2.5/gr-osmosdr/lib/rfspace/rfspace_source_c.cc:1231:10: [5] (race) readlink: This accepts filename arguments; if an attacker can move those files or change the link content, a race condition results. Also, it does not terminate with ASCII NUL. (CWE-362, CWE-20). Reconsider approach. if ( readlink( ftdi_sio_devices[i].c_str(), buffer, sizeof(buffer) ) > 0 ) data/soapyosmo-0.2.5/gr-osmosdr/lib/rfspace/rfspace_source_c.cc:247:12: [4] (shell) system: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. boost::system::error_code ec; data/soapyosmo-0.2.5/gr-osmosdr/lib/rfspace/rfspace_source_c.cc:981:42: [4] (shell) system: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. static void handle_receive( const boost::system::error_code& ec, data/soapyosmo-0.2.5/gr-osmosdr/lib/rfspace/rfspace_source_c.cc:983:36: [4] (shell) system: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. boost::system::error_code* out_ec, data/soapyosmo-0.2.5/gr-osmosdr/lib/rfspace/rfspace_source_c.cc:990:40: [4] (shell) system: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. static void handle_timer( const boost::system::error_code& ec, data/soapyosmo-0.2.5/gr-osmosdr/lib/rfspace/rfspace_source_c.cc:991:34: [4] (shell) system: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. boost::system::error_code* out_ec ) data/soapyosmo-0.2.5/gr-osmosdr/lib/rfspace/rfspace_source_c.cc:1002:10: [4] (shell) system: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. boost::system::error_code ec; data/soapyosmo-0.2.5/gr-osmosdr/lib/freesrp/freesrp_common.cc:36:51: [3] (buffer) getenv: Environment variables are untrustable input if they can be set by an attacker. They can have any content and length, and the same variable can be set more than once (CWE-807, CWE-20). Check environment variables carefully before using them. string firmware_path = string(getenv("HOME")) + "/.freesrp/fx3.img"; data/soapyosmo-0.2.5/gr-osmosdr/lib/freesrp/freesrp_common.cc:56:48: [3] (buffer) getenv: Environment variables are untrustable input if they can be set by an attacker. They can have any content and length, and the same variable can be set more than once (CWE-807, CWE-20). Check environment variables carefully before using them. string bitstream_path = string(getenv("HOME")) + "/.freesrp/fpga.bin"; data/soapyosmo-0.2.5/GrOsmoSDRRegister.in.cpp:52:24: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). const int devNum = atoi(args.at("@TARGET@").c_str()); data/soapyosmo-0.2.5/GrOsmoSDRRegister.in.cpp:57:23: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). devNum == atoi(results[i].at("@TARGET@").c_str()) //or device match data/soapyosmo-0.2.5/gr-osmosdr/lib/airspy/airspy_source_c.cc:111:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char version[128]; data/soapyosmo-0.2.5/gr-osmosdr/lib/bladerf/bladerf_common.cc:103:30: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). bladerf_sptr bladerf_common::open(const std::string &device_name) data/soapyosmo-0.2.5/gr-osmosdr/lib/bladerf/bladerf_common.cc:258:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char serial[BLADERF_SERIAL_LENGTH]; data/soapyosmo-0.2.5/gr-osmosdr/lib/bladerf/bladerf_common.cc:314:12: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). _dev = open(device_name); data/soapyosmo-0.2.5/gr-osmosdr/lib/bladerf/bladerf_common.h:111:16: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). bladerf_sptr open(const std::string &device_name); data/soapyosmo-0.2.5/gr-osmosdr/lib/freesrp/readerwriterqueue/readerwriterqueue.h:570:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char cachelineFiller0[CACHE_LINE_SIZE - sizeof(weak_atomic<size_t>) - sizeof(size_t)]; data/soapyosmo-0.2.5/gr-osmosdr/lib/freesrp/readerwriterqueue/readerwriterqueue.h:574:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char cachelineFiller1[CACHE_LINE_SIZE - sizeof(weak_atomic<size_t>) - sizeof(size_t)]; // next isn't very contended, but we don't want it on the same cache line as tail (which is) data/soapyosmo-0.2.5/gr-osmosdr/lib/freesrp/readerwriterqueue/readerwriterqueue.h:615:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char cachelineFiller[CACHE_LINE_SIZE - sizeof(weak_atomic<Block*>)]; data/soapyosmo-0.2.5/gr-osmosdr/lib/hackrf/hackrf_sink_c.cc:110:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(cb->head, item, cb->sz); data/soapyosmo-0.2.5/gr-osmosdr/lib/hackrf/hackrf_sink_c.cc:122:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(item, cb->tail, cb->sz); data/soapyosmo-0.2.5/gr-osmosdr/lib/hackrf/hackrf_sink_c.cc:207:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char version[40]; data/soapyosmo-0.2.5/gr-osmosdr/lib/hackrf/hackrf_source_c.cc:183:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char version[40]; data/soapyosmo-0.2.5/gr-osmosdr/lib/hackrf/hackrf_source_c.cc:290:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(_buf[buf_tail], buf, len); data/soapyosmo-0.2.5/gr-osmosdr/lib/miri/miri_source_c.cc:191:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(_buf[buf_tail], buf, len); data/soapyosmo-0.2.5/gr-osmosdr/lib/osmosdr/osmosdr_src_c.cc:185:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(_buf[buf_tail], buf, len); data/soapyosmo-0.2.5/gr-osmosdr/lib/osmosdr/osmosdr_src_c.cc:270:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buffer[256]; data/soapyosmo-0.2.5/gr-osmosdr/lib/rfspace/rfspace_source_c.cc:203:12: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). _usb = open( host.c_str(), O_RDWR | O_NOCTTY ); data/soapyosmo-0.2.5/gr-osmosdr/lib/rfspace/rfspace_source_c.cc:253:8: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). _u.open(udp::v4(), ec); data/soapyosmo-0.2.5/gr-osmosdr/lib/rfspace/rfspace_source_c.cc:311:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy((void *)&peer_sa.sin_addr, hp->h_addr_list[0], hp->h_length); data/soapyosmo-0.2.5/gr-osmosdr/lib/rfspace/rfspace_source_c.cc:577:12: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char data[1024*2]; data/soapyosmo-0.2.5/gr-osmosdr/lib/rfspace/rfspace_source_c.cc:597:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy( data, _resp.data(), rx_bytes ); data/soapyosmo-0.2.5/gr-osmosdr/lib/rfspace/rfspace_source_c.cc:631:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy( response.data(), data, rx_bytes ); data/soapyosmo-0.2.5/gr-osmosdr/lib/rfspace/rfspace_source_c.cc:665:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char data[1024*10]; data/soapyosmo-0.2.5/gr-osmosdr/lib/rfspace/rfspace_source_c.cc:744:7: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy( _resp.data(), data, length + 2 ); data/soapyosmo-0.2.5/gr-osmosdr/lib/rfspace/rfspace_source_c.cc:821:12: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char data[1024*2]; data/soapyosmo-0.2.5/gr-osmosdr/lib/rfspace/rfspace_source_c.cc:952:12: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char length[2]; /* length of total message in bytes (little endian byte order) */ data/soapyosmo-0.2.5/gr-osmosdr/lib/rfspace/rfspace_source_c.cc:953:12: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char key[2]; /* fixed key key[0]==0x5A key[1]==0xA5 */ data/soapyosmo-0.2.5/gr-osmosdr/lib/rfspace/rfspace_source_c.cc:955:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char name[16]; /* Device name string null terminated */ data/soapyosmo-0.2.5/gr-osmosdr/lib/rfspace/rfspace_source_c.cc:956:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char sn[16]; /* Serial number string null terminated */ data/soapyosmo-0.2.5/gr-osmosdr/lib/rfspace/rfspace_source_c.cc:957:12: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char ipaddr[16]; /* device IP address (little endian byte order) */ data/soapyosmo-0.2.5/gr-osmosdr/lib/rfspace/rfspace_source_c.cc:958:12: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char port[2]; /* device Port number (little endian byte order) */ data/soapyosmo-0.2.5/gr-osmosdr/lib/rfspace/rfspace_source_c.cc:1009:10: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). socket.open(udp::v4(), ec); data/soapyosmo-0.2.5/gr-osmosdr/lib/rfspace/rfspace_source_c.cc:1079:14: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char data[1024*2]; data/soapyosmo-0.2.5/gr-osmosdr/lib/rfspace/rfspace_source_c.cc:1188:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buffer[1024]; data/soapyosmo-0.2.5/gr-osmosdr/lib/rtl/rtl_source_c.cc:97:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char manufact[256]; data/soapyosmo-0.2.5/gr-osmosdr/lib/rtl/rtl_source_c.cc:98:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char product[256]; data/soapyosmo-0.2.5/gr-osmosdr/lib/rtl/rtl_source_c.cc:99:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char serial[256]; data/soapyosmo-0.2.5/gr-osmosdr/lib/rtl/rtl_source_c.cc:303:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(_buf[buf_tail], buf, len); data/soapyosmo-0.2.5/gr-osmosdr/lib/rtl/rtl_source_c.cc:380:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char manufact[256]; data/soapyosmo-0.2.5/gr-osmosdr/lib/rtl/rtl_source_c.cc:381:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char product[256]; data/soapyosmo-0.2.5/gr-osmosdr/lib/rtl/rtl_source_c.cc:382:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char serial[256]; data/soapyosmo-0.2.5/gr-osmosdr/lib/rtl_tcp/rtl_tcp_source_f.cc:39:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char magic[4]; data/soapyosmo-0.2.5/gr-osmosdr/lib/rtl_tcp/rtl_tcp_source_f.cc:120:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char port_str[12]; data/soapyosmo-0.2.5/gr-osmosdr/lib/rtl_tcp/rtl_tcp_source_f.cc:121:3: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf( port_str, "%d", port ); data/soapyosmo-0.2.5/GrOsmoSDRInterface.hpp:54:9: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). int read(void * const *buffs, const size_t numElems) data/soapyosmo-0.2.5/GrOsmoSDRInterface.hpp:181:26: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). return streamer->read(buffs, numElems); data/soapyosmo-0.2.5/gr-osmosdr/lib/rfspace/rfspace_source_c.cc:224:13: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). while ( read(_usb, &byte, sizeof(byte)) > 0 ); /* flush serial */ data/soapyosmo-0.2.5/gr-osmosdr/lib/rfspace/rfspace_source_c.cc:611:18: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). int nbytes = read(_tcp, data, 2); /* read header */ data/soapyosmo-0.2.5/gr-osmosdr/lib/rfspace/rfspace_source_c.cc:622:14: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). nbytes = read(_tcp, &data[2], length); /* read payload */ data/soapyosmo-0.2.5/gr-osmosdr/lib/rfspace/rfspace_source_c.cc:649:17: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). int nread = read( fd, &data[nbytes], 1 ); data/soapyosmo-0.2.5/gr-osmosdr/lib/rfspace/rfspace_source_c.cc:1173:8: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). in.read(&contents[0], contents.size()); data/soapyosmo-0.2.5/gr-osmosdr/lib/rtl/rtl_source_c.cc:129:9: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(manufact)) data/soapyosmo-0.2.5/gr-osmosdr/lib/rtl/rtl_source_c.cc:131:9: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(product)) data/soapyosmo-0.2.5/gr-osmosdr/lib/rtl/rtl_source_c.cc:133:9: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(serial)) data/soapyosmo-0.2.5/gr-osmosdr/lib/rtl/rtl_source_c.cc:393:11: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(manufact)) data/soapyosmo-0.2.5/gr-osmosdr/lib/rtl/rtl_source_c.cc:395:11: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(product)) data/soapyosmo-0.2.5/gr-osmosdr/lib/rtl/rtl_source_c.cc:397:11: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(serial)) ANALYSIS SUMMARY: Hits = 69 Lines analyzed = 23572 in approximately 0.53 seconds (44309 lines/second) Physical Source Lines of Code (SLOC) = 15347 Hits@level = [0] 16 [1] 13 [2] 46 [3] 2 [4] 6 [5] 2 Hits@level+ = [0+] 85 [1+] 69 [2+] 56 [3+] 10 [4+] 8 [5+] 2 Hits/KSLOC@level+ = [0+] 5.53854 [1+] 4.49599 [2+] 3.64892 [3+] 0.651593 [4+] 0.521275 [5+] 0.130319 Dot directories skipped = 1 (--followdotdir overrides) Minimum risk level = 1 Not every hit is necessarily a security vulnerability. There may be other security vulnerabilities; review your code! See 'Secure Programming HOWTO' (https://dwheeler.com/secure-programs) for more information.