Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler.
Number of rules (primarily dangerous function names) in C/C++ ruleset: 223
Examining data/apngasm-2.91/apngasm.cpp
Examining data/apngasm-2.91/zlib/inffixed.h
Examining data/apngasm-2.91/zlib/deflate1.h
Examining data/apngasm-2.91/zlib/trees.h
Examining data/apngasm-2.91/zlib/zutil.c
Examining data/apngasm-2.91/zlib/infback.c
Examining data/apngasm-2.91/zlib/gzguts.h
Examining data/apngasm-2.91/zlib/gzlib.c
Examining data/apngasm-2.91/zlib/zutil.h
Examining data/apngasm-2.91/zlib/trees.c
Examining data/apngasm-2.91/zlib/gzwrite.c
Examining data/apngasm-2.91/zlib/crc32.c
Examining data/apngasm-2.91/zlib/gzclose.c
Examining data/apngasm-2.91/zlib/deflate1.c
Examining data/apngasm-2.91/zlib/adler32.c
Examining data/apngasm-2.91/zlib/inflate.h
Examining data/apngasm-2.91/zlib/crc32.h
Examining data/apngasm-2.91/zlib/gzread.c
Examining data/apngasm-2.91/zlib/uncompr.c
Examining data/apngasm-2.91/zlib/inftrees.c
Examining data/apngasm-2.91/zlib/compress.c
Examining data/apngasm-2.91/zlib/inflate.c
Examining data/apngasm-2.91/zlib/inffast.h
Examining data/apngasm-2.91/zlib/inftrees.h
Examining data/apngasm-2.91/zlib/zlib.h
Examining data/apngasm-2.91/zlib/inffast.c
Examining data/apngasm-2.91/zlib/zconf.h
Examining data/apngasm-2.91/libpng/pngread.c
Examining data/apngasm-2.91/libpng/pngrio.c
Examining data/apngasm-2.91/libpng/pngdebug.h
Examining data/apngasm-2.91/libpng/png.h
Examining data/apngasm-2.91/libpng/pngrutil.c
Examining data/apngasm-2.91/libpng/pngtrans.c
Examining data/apngasm-2.91/libpng/pngmem.c
Examining data/apngasm-2.91/libpng/pngwtran.c
Examining data/apngasm-2.91/libpng/png.c
Examining data/apngasm-2.91/libpng/pngget.c
Examining data/apngasm-2.91/libpng/pngpriv.h
Examining data/apngasm-2.91/libpng/pngwio.c
Examining data/apngasm-2.91/libpng/pngstruct.h
Examining data/apngasm-2.91/libpng/pngset.c
Examining data/apngasm-2.91/libpng/pngconf.h
Examining data/apngasm-2.91/libpng/pngwrite.c
Examining data/apngasm-2.91/libpng/pngpread.c
Examining data/apngasm-2.91/libpng/pngwutil.c
Examining data/apngasm-2.91/libpng/pngerror.c
Examining data/apngasm-2.91/libpng/pnginfo.h
Examining data/apngasm-2.91/libpng/pngrtran.c
Examining data/apngasm-2.91/libpng/pnglibconf.h
Examining data/apngasm-2.91/7z/LiteralCoder.h
Examining data/apngasm-2.91/7z/LiteralCoder.cc
Examining data/apngasm-2.91/7z/DeflateDecoder.cc
Examining data/apngasm-2.91/7z/BinTree2Main.h
Examining data/apngasm-2.91/7z/BinTreeMF.h
Examining data/apngasm-2.91/7z/LZMADecoder.cc
Examining data/apngasm-2.91/7z/AriConst.h
Examining data/apngasm-2.91/7z/LZMADecoder.h
Examining data/apngasm-2.91/7z/OutByte.cc
Examining data/apngasm-2.91/7z/Portable.h
Examining data/apngasm-2.91/7z/BitTreeCoder.h
Examining data/apngasm-2.91/7z/BinTreeMFMain.h
Examining data/apngasm-2.91/7z/CRC.h
Examining data/apngasm-2.91/7z/WindowOut.cc
Examining data/apngasm-2.91/7z/BinTree4bMain.h
Examining data/apngasm-2.91/7z/RangeCoder.h
Examining data/apngasm-2.91/7z/BinTree4b.h
Examining data/apngasm-2.91/7z/HuffmanDecoder.h
Examining data/apngasm-2.91/7z/WindowIn.cc
Examining data/apngasm-2.91/7z/DeflateEncoder.cc
Examining data/apngasm-2.91/7z/BinTreeMain.h
Examining data/apngasm-2.91/7z/LSBFEncoder.h
Examining data/apngasm-2.91/7z/BinTree3Z.h
Examining data/apngasm-2.91/7z/BinTree3ZMain.h
Examining data/apngasm-2.91/7z/LZMA.cc
Examining data/apngasm-2.91/7z/BinTree3Main.h
Examining data/apngasm-2.91/7z/BinTree2.h
Examining data/apngasm-2.91/7z/7zdeflate.cc
Examining data/apngasm-2.91/7z/LSBFDecoder.h
Examining data/apngasm-2.91/7z/OutByte.h
Examining data/apngasm-2.91/7z/WindowIn.h
Examining data/apngasm-2.91/7z/BinTree3.h
Examining data/apngasm-2.91/7z/AriBitCoder.h
Examining data/apngasm-2.91/7z/LenCoder.h
Examining data/apngasm-2.91/7z/WindowOut.h
Examining data/apngasm-2.91/7z/LZMA.h
Examining data/apngasm-2.91/7z/IInOutStreams.h
Examining data/apngasm-2.91/7z/InByte.h
Examining data/apngasm-2.91/7z/BinTree.h
Examining data/apngasm-2.91/7z/IInOutStreams.cc
Examining data/apngasm-2.91/7z/7z.h
Examining data/apngasm-2.91/7z/LenCoder.cc
Examining data/apngasm-2.91/7z/DeflateEncoder.h
Examining data/apngasm-2.91/7z/LSBFDecoder.cc
Examining data/apngasm-2.91/7z/LSBFEncoder.cc
Examining data/apngasm-2.91/7z/CRC.cc
Examining data/apngasm-2.91/7z/7zlzma.cc
Examining data/apngasm-2.91/7z/DeflateDecoder.h
Examining data/apngasm-2.91/7z/InByte.cc
Examining data/apngasm-2.91/7z/HuffmanEncoder.cc
Examining data/apngasm-2.91/7z/Const.h
Examining data/apngasm-2.91/7z/BinTree4Main.h
Examining data/apngasm-2.91/7z/RCDefs.h
Examining data/apngasm-2.91/7z/HuffmanEncoder.h
Examining data/apngasm-2.91/7z/LZMAEncoder.h
Examining data/apngasm-2.91/7z/AriBitCoder.cc
Examining data/apngasm-2.91/7z/AriPrice.h
Examining data/apngasm-2.91/7z/BinTree4.h
Examining data/apngasm-2.91/7z/LZMAEncoder.cc
Examining data/apngasm-2.91/zopfli/deflate.c
Examining data/apngasm-2.91/zopfli/symbols.h
Examining data/apngasm-2.91/zopfli/blocksplitter.c
Examining data/apngasm-2.91/zopfli/zlib_container.h
Examining data/apngasm-2.91/zopfli/util.c
Examining data/apngasm-2.91/zopfli/lz77.h
Examining data/apngasm-2.91/zopfli/zopfli.h
Examining data/apngasm-2.91/zopfli/tree.c
Examining data/apngasm-2.91/zopfli/hash.c
Examining data/apngasm-2.91/zopfli/hash.h
Examining data/apngasm-2.91/zopfli/cache.c
Examining data/apngasm-2.91/zopfli/squeeze.c
Examining data/apngasm-2.91/zopfli/gzip_container.h
Examining data/apngasm-2.91/zopfli/util.h
Examining data/apngasm-2.91/zopfli/cache.h
Examining data/apngasm-2.91/zopfli/zopfli_lib.c
Examining data/apngasm-2.91/zopfli/lz77.c
Examining data/apngasm-2.91/zopfli/gzip_container.c
Examining data/apngasm-2.91/zopfli/zlib_container.c
Examining data/apngasm-2.91/zopfli/squeeze.h
Examining data/apngasm-2.91/zopfli/blocksplitter.h
Examining data/apngasm-2.91/zopfli/katajainen.h
Examining data/apngasm-2.91/zopfli/katajainen.c
Examining data/apngasm-2.91/zopfli/tree.h
Examining data/apngasm-2.91/zopfli/deflate.h
Examining data/apngasm-2.91/image.cpp
Examining data/apngasm-2.91/image.h

FINAL RESULTS:

data/apngasm-2.91/apngasm.cpp:595:7:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
      strcpy(szFormat, szImage);
data/apngasm-2.91/apngasm.cpp:596:7:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
      sprintf(szFormat+(szExt-1-szImage), "%%0%dd%%s", i);
data/apngasm-2.91/apngasm.cpp:598:7:  [4] (format) sprintf:
  Potential format string problem (CWE-134). Make format string constant.
      sprintf(szNext, szFormat, cur, szExt);
data/apngasm-2.91/apngasm.cpp:601:7:  [4] (format) sprintf:
  Potential format string problem (CWE-134). Make format string constant.
      sprintf(szNext, szFormat, cur, szExt);
data/apngasm-2.91/apngasm.cpp:622:5:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
    strcpy(szFormat, szImage);
data/apngasm-2.91/apngasm.cpp:623:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf(szFormat+(szExt-i-szImage), "%%0%dd%%s", i);
data/apngasm-2.91/apngasm.cpp:624:5:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
    strcpy(szNext, szImage);
data/apngasm-2.91/apngasm.cpp:637:5:  [4] (format) sprintf:
  Potential format string problem (CWE-134). Make format string constant.
    sprintf(szNext, szFormat, cur+frames, szExt);
data/apngasm-2.91/apngasm.cpp:646:5:  [4] (format) sprintf:
  Potential format string problem (CWE-134). Make format string constant.
    sprintf(szNext, szFormat, cur+i, szExt);
data/apngasm-2.91/apngasm.cpp:655:5:  [4] (format) sprintf:
  Potential format string problem (CWE-134). Make format string constant.
    sprintf(szNext, szFormat, cur+i, ".txt");
data/apngasm-2.91/libpng/pngdebug.h:84:8:  [4] (format) fprintf:
  If format strings can be influenced by an attacker, they can be exploited
  (CWE-134). Use a constant for the format specification.
       fprintf(PNG_DEBUG_FILE,"%s" m PNG_STRING_NEWLINE,(num_tabs==1 ? "   " : \
data/apngasm-2.91/libpng/pngdebug.h:92:8:  [4] (format) fprintf:
  If format strings can be influenced by an attacker, they can be exploited
  (CWE-134). Use a constant for the format specification.
       fprintf(PNG_DEBUG_FILE,"%s" m PNG_STRING_NEWLINE,(num_tabs==1 ? "   " : \
data/apngasm-2.91/libpng/pngdebug.h:100:8:  [4] (format) fprintf:
  If format strings can be influenced by an attacker, they can be exploited
  (CWE-134). Use a constant for the format specification.
       fprintf(PNG_DEBUG_FILE,"%s" m PNG_STRING_NEWLINE,(num_tabs==1 ? "   " : \
data/apngasm-2.91/libpng/pngdebug.h:113:8:  [4] (format) fprintf:
  If format strings can be influenced by an attacker, they can be exploited
  (CWE-134). Use a constant for the format specification.
       fprintf(PNG_DEBUG_FILE,format); \
data/apngasm-2.91/libpng/pngdebug.h:124:8:  [4] (format) fprintf:
  If format strings can be influenced by an attacker, they can be exploited
  (CWE-134). Use a constant for the format specification.
       fprintf(PNG_DEBUG_FILE,format,p1); \
data/apngasm-2.91/libpng/pngdebug.h:135:8:  [4] (format) fprintf:
  If format strings can be influenced by an attacker, they can be exploited
  (CWE-134). Use a constant for the format specification.
       fprintf(PNG_DEBUG_FILE,format,p1,p2); \
data/apngasm-2.91/libpng/pngerror.c:734:10:  [4] (format) fprintf:
  If format strings can be influenced by an attacker, they can be exploited
  (CWE-134). Use a constant for the format specification.
         fprintf(stderr, PNG_STRING_NEWLINE);
data/apngasm-2.91/libpng/pngerror.c:741:10:  [4] (format) fprintf:
  If format strings can be influenced by an attacker, they can be exploited
  (CWE-134). Use a constant for the format specification.
         fprintf(stderr, PNG_STRING_NEWLINE);
data/apngasm-2.91/libpng/pngerror.c:749:7:  [4] (format) fprintf:
  If format strings can be influenced by an attacker, they can be exploited
  (CWE-134). Use a constant for the format specification.
      fprintf(stderr, PNG_STRING_NEWLINE);
data/apngasm-2.91/libpng/pngerror.c:805:10:  [4] (format) fprintf:
  If format strings can be influenced by an attacker, they can be exploited
  (CWE-134). Use a constant for the format specification.
         fprintf(stderr, PNG_STRING_NEWLINE);
data/apngasm-2.91/libpng/pngerror.c:812:10:  [4] (format) fprintf:
  If format strings can be influenced by an attacker, they can be exploited
  (CWE-134). Use a constant for the format specification.
         fprintf(stderr, PNG_STRING_NEWLINE);
data/apngasm-2.91/libpng/pngerror.c:820:7:  [4] (format) fprintf:
  If format strings can be influenced by an attacker, they can be exploited
  (CWE-134). Use a constant for the format specification.
      fprintf(stderr, PNG_STRING_NEWLINE);
data/apngasm-2.91/zlib/gzguts.h:78:18:  [4] (format) vsnprintf:
  If format strings can be influenced by an attacker, they can be exploited,
  and note that sprintf variations do not always \0-terminate (CWE-134). Use
  a constant for the format specification.
#    if !defined(vsnprintf) && !defined(NO_vsnprintf)
data/apngasm-2.91/zlib/gzguts.h:80:18:  [4] (format) vsnprintf:
  If format strings can be influenced by an attacker, they can be exploited,
  and note that sprintf variations do not always \0-terminate (CWE-134). Use
  a constant for the format specification.
#         define vsnprintf _vsnprintf
data/apngasm-2.91/zlib/gzguts.h:103:11:  [4] (format) snprintf:
  If format strings can be influenced by an attacker, they can be exploited,
  and note that sprintf variations do not always \0-terminate (CWE-134). Use
  a constant for the format specification.
#  define snprintf _snprintf
data/apngasm-2.91/zlib/gzguts.h:103:20:  [4] (format) _snprintf:
  If format strings can be influenced by an attacker, they can be exploited,
  and note that sprintf variations do not always \0-terminate (CWE-134). Use
  a constant for the format specification.
#  define snprintf _snprintf
data/apngasm-2.91/zlib/gzlib.c:216:9:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
        strcpy(state->path, path);
data/apngasm-2.91/zlib/gzlib.c:610:5:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
    strcpy(state->msg, state->path);
data/apngasm-2.91/zlib/gzlib.c:612:5:  [4] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused).
    strcat(state->msg, msg);
data/apngasm-2.91/zlib/gzwrite.c:346:11:  [4] (format) vsprintf:
  Potential format string problem (CWE-134). Make format string constant.
    (void)vsprintf((char *)(state->in), format, va);
data/apngasm-2.91/zlib/gzwrite.c:350:11:  [4] (format) vsprintf:
  Potential format string problem (CWE-134). Make format string constant.
    len = vsprintf((char *)(state->in), format, va);
data/apngasm-2.91/zlib/gzwrite.c:354:11:  [4] (format) vsnprintf:
  If format strings can be influenced by an attacker, they can be exploited,
  and note that sprintf variations do not always \0-terminate (CWE-134). Use
  a constant for the format specification.
    (void)vsnprintf((char *)(state->in), size, format, va);
data/apngasm-2.91/zlib/gzwrite.c:357:11:  [4] (format) vsnprintf:
  If format strings can be influenced by an attacker, they can be exploited,
  and note that sprintf variations do not always \0-terminate (CWE-134). Use
  a constant for the format specification.
    len = vsnprintf((char *)(state->in), size, format, va);
data/apngasm-2.91/zlib/gzwrite.c:431:5:  [4] (format) sprintf:
  Potential format string problem (CWE-134). Make format string constant.
    sprintf((char *)(state->in), format, a1, a2, a3, a4, a5, a6, a7, a8,
data/apngasm-2.91/zlib/gzwrite.c:436:11:  [4] (format) sprintf:
  Potential format string problem (CWE-134). Make format string constant.
    len = sprintf((char *)(state->in), format, a1, a2, a3, a4, a5, a6, a7, a8,
data/apngasm-2.91/zlib/gzwrite.c:441:5:  [4] (format) snprintf:
  If format strings can be influenced by an attacker, they can be exploited,
  and note that sprintf variations do not always \0-terminate (CWE-134). Use
  a constant for the format specification.
    snprintf((char *)(state->in), size, format, a1, a2, a3, a4, a5, a6, a7, a8,
data/apngasm-2.91/zlib/gzwrite.c:445:11:  [4] (format) snprintf:
  If format strings can be influenced by an attacker, they can be exploited,
  and note that sprintf variations do not always \0-terminate (CWE-134). Use
  a constant for the format specification.
    len = snprintf((char *)(state->in), size, format, a1, a2, a3, a4, a5, a6,
data/apngasm-2.91/zlib/zutil.h:224:39:  [4] (format) fprintf:
  If format strings can be influenced by an attacker, they can be exploited
  (CWE-134). Use a constant for the format specification.
#  define Trace(x) {if (z_verbose>=0) fprintf x ;}
data/apngasm-2.91/zlib/zutil.h:225:39:  [4] (format) fprintf:
  If format strings can be influenced by an attacker, they can be exploited
  (CWE-134). Use a constant for the format specification.
#  define Tracev(x) {if (z_verbose>0) fprintf x ;}
data/apngasm-2.91/zlib/zutil.h:226:40:  [4] (format) fprintf:
  If format strings can be influenced by an attacker, they can be exploited
  (CWE-134). Use a constant for the format specification.
#  define Tracevv(x) {if (z_verbose>1) fprintf x ;}
data/apngasm-2.91/zlib/zutil.h:227:48:  [4] (format) fprintf:
  If format strings can be influenced by an attacker, they can be exploited
  (CWE-134). Use a constant for the format specification.
#  define Tracec(c,x) {if (z_verbose>0 && (c)) fprintf x ;}
data/apngasm-2.91/zlib/zutil.h:228:49:  [4] (format) fprintf:
  If format strings can be influenced by an attacker, they can be exploited
  (CWE-134). Use a constant for the format specification.
#  define Tracecv(c,x) {if (z_verbose>1 && (c)) fprintf x ;}
data/apngasm-2.91/7z/DeflateEncoder.cc:561:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(m_LastLevels, aNewLevels, kMaxTableSize);
data/apngasm-2.91/7z/DeflateEncoder.cc:624:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(m_LastLevels, aNewLevels, kMaxTableSize);
data/apngasm-2.91/7z/IInOutStreams.cc:8:2:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
	memcpy(aData, data, aSize);
data/apngasm-2.91/7z/IInOutStreams.cc:20:2:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
	memcpy(data, aData, aSize);
data/apngasm-2.91/apngasm.cpp:56:10:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
unsigned char   png_sign[8] = {137,  80,  78,  71,  13,  10,  26,  10};
data/apngasm-2.91/apngasm.cpp:57:10:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
unsigned char   png_Software[28] = { 83, 111, 102, 116, 119, 97, 114, 101, '\0',
data/apngasm-2.91/apngasm.cpp:63:12:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  unsigned char buf[4];
data/apngasm-2.91/apngasm.cpp:248:7:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
      memcpy(dp, best_row, rowbytes+1);
data/apngasm-2.91/apngasm.cpp:270:7:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
      memcpy(dp, image->rows[j] + xbytes, rowbytes);
data/apngasm-2.91/apngasm.cpp:288:7:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
      memcpy(zbuf, data, size);
data/apngasm-2.91/apngasm.cpp:449:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(pc, &c2, 3);
data/apngasm-2.91/apngasm.cpp:515:7:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
      memcpy(img[i].rows[y], image->rows[y] + x, rowbytes);
data/apngasm-2.91/apngasm.cpp:530:7:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
      memcpy(img[i].rows[y], image->rows[row++], rowbytes);
data/apngasm-2.91/apngasm.cpp:578:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char szFormat[256];
data/apngasm-2.91/apngasm.cpp:579:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char szNext[256];
data/apngasm-2.91/apngasm.cpp:599:16:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
      if ((f = fopen(szNext, "rb")) != 0) break;
data/apngasm-2.91/apngasm.cpp:602:16:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
      if ((f = fopen(szNext, "rb")) != 0) break;
data/apngasm-2.91/apngasm.cpp:621:11:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
    cur = atoi(szExt-i);
data/apngasm-2.91/apngasm.cpp:627:12:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
  if ((f = fopen(szNext, "rb")) == 0)
data/apngasm-2.91/apngasm.cpp:638:9:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
    f = fopen(szNext, "rb");
data/apngasm-2.91/apngasm.cpp:656:9:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
    f = fopen(szNext, "rt");
data/apngasm-2.91/apngasm.cpp:659:7:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
      char szStr[256];
data/apngasm-2.91/apngasm.cpp:722:12:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
  if ((f = fopen(szOut, "wb")) == 0)
data/apngasm-2.91/apngasm.cpp:728:12:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  unsigned char buf_IHDR[13];
data/apngasm-2.91/apngasm.cpp:729:12:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  unsigned char buf_acTL[8];
data/apngasm-2.91/apngasm.cpp:730:12:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  unsigned char buf_fcTL[26];
data/apngasm-2.91/apngasm.cpp:845:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(temp.rows[j], img[i].rows[j], rowbytes);
data/apngasm-2.91/apngasm.cpp:849:13:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
            memcpy(temp.rows[j+y0] + (k+x0)*3, &tcolor, 3);
data/apngasm-2.91/apngasm.cpp:891:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(rest.rows[j], img[i].rows[j], rowbytes);
data/apngasm-2.91/apngasm.cpp:898:13:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
            memcpy(rest.rows[j+y0] + (k+x0)*3, &tcolor, 3);
data/apngasm-2.91/apngasm.cpp:1018:17:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
        loops = atoi(szOption+2);
data/apngasm-2.91/apngasm.cpp:1045:16:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
        iter = atoi(szOption+2);
data/apngasm-2.91/apngasm.cpp:1051:14:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
        hs = atoi(szOption+3);
data/apngasm-2.91/apngasm.cpp:1057:14:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
        vs = atoi(szOption+3);
data/apngasm-2.91/apngasm.cpp:1063:15:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
      int n = atoi(szOption);
data/apngasm-2.91/image.cpp:41:12:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
  if ((f = fopen(szName, "rb")) == 0)
data/apngasm-2.91/image.cpp:85:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(image->pl, palette, image->ps * 3);
data/apngasm-2.91/image.cpp:108:7:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
      memcpy(image->tr, trans_alpha, image->ts);
data/apngasm-2.91/image.cpp:125:12:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  unsigned char col[4];
data/apngasm-2.91/image.cpp:126:12:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  unsigned char header[18];
data/apngasm-2.91/image.cpp:128:12:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
  if ((f = fopen(szName, "rb")) == 0)
data/apngasm-2.91/image.cpp:270:12:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
  if ((f = fopen(szName, "rb")) != 0)
data/apngasm-2.91/image.cpp:596:12:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  unsigned char cube[4096];
data/apngasm-2.91/image.cpp:597:12:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  unsigned char gray[256];
data/apngasm-2.91/image.cpp:812:12:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  unsigned char gray[256];
data/apngasm-2.91/image.cpp:962:12:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  unsigned char gray[256];
data/apngasm-2.91/image.cpp:1099:12:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  unsigned char gray[256];
data/apngasm-2.91/image.cpp:1299:12:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  unsigned char cube[4096];
data/apngasm-2.91/image.cpp:1338:12:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  unsigned char gray[256];
data/apngasm-2.91/image.h:39:12:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  unsigned char tr[256];
data/apngasm-2.91/image.h:62:32:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    if ((ps = image->ps) != 0) memcpy(&pl[0], &image->pl[0], ps*3);
data/apngasm-2.91/image.h:63:32:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    if ((ts = image->ts) != 0) memcpy(&tr[0], &image->tr[0], ts);
data/apngasm-2.91/libpng/png.c:203:7:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
      char m[128];
data/apngasm-2.91/libpng/png.c:696:31:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
png_convert_to_rfc1123_buffer(char out[29], png_const_timep ptime)
data/apngasm-2.91/libpng/png.c:698:21:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
   static PNG_CONST char short_months[12][4] =
data/apngasm-2.91/libpng/png.c:714:7:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
      char number_buf[5]; /* enough for a four-digit year */
data/apngasm-2.91/libpng/png.c:1792:4:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
   char message[196]; /* see below for calculation */
data/apngasm-2.91/libpng/png.c:1811:10:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
         char number[PNG_NUMBER_BUFFER_SIZE]; /* +24 = 114*/
data/apngasm-2.91/libpng/png.c:2936:13:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
            char exponent[10];
data/apngasm-2.91/libpng/png.c:3194:10:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
         char digits[10];
data/apngasm-2.91/libpng/png.h:1071:54:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
PNG_EXPORT(241, int, png_convert_to_rfc1123_buffer, (char out[29],
data/apngasm-2.91/libpng/png.h:2732:4:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
   char         message[64];
data/apngasm-2.91/libpng/pngdebug.h:109:8:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
       char format[256]; \
data/apngasm-2.91/libpng/pngdebug.h:120:8:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
       char format[256]; \
data/apngasm-2.91/libpng/pngdebug.h:131:8:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
       char format[256]; \
data/apngasm-2.91/libpng/pngerror.c:43:4:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
   char msg[16];
data/apngasm-2.91/libpng/pngerror.c:258:4:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
   char buffer[PNG_NUMBER_BUFFER_SIZE];
data/apngasm-2.91/libpng/pngerror.c:268:4:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
   char buffer[PNG_NUMBER_BUFFER_SIZE];
data/apngasm-2.91/libpng/pngerror.c:293:4:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
   char msg[192];
data/apngasm-2.91/libpng/pngerror.c:428:18:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
static PNG_CONST char png_digit[16] = {
data/apngasm-2.91/libpng/pngerror.c:483:4:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
   char msg[18+PNG_MAX_ERROR_TEXT];
data/apngasm-2.91/libpng/pngerror.c:499:4:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
   char msg[18+PNG_MAX_ERROR_TEXT];
data/apngasm-2.91/libpng/pngerror.c:577:4:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
   char msg[fixed_message_ln+PNG_MAX_ERROR_TEXT];
data/apngasm-2.91/libpng/pngerror.c:578:4:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
   memcpy(msg, fixed_message, fixed_message_ln);
data/apngasm-2.91/libpng/pngerror.c:721:7:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
      char error_number[16];
data/apngasm-2.91/libpng/pngerror.c:792:7:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
      char warning_number[16];
data/apngasm-2.91/libpng/pngmem.c:154:13:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
            memcpy(new_array, old_array, element_size*(unsigned)old_elements);
data/apngasm-2.91/libpng/pngpread.c:438:7:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
      memcpy(ptr, png_ptr->save_buffer_ptr, save_size);
data/apngasm-2.91/libpng/pngpread.c:455:7:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
      memcpy(ptr, png_ptr->current_buffer_ptr, save_size);
data/apngasm-2.91/libpng/pngpread.c:505:10:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
         memcpy(png_ptr->save_buffer, old_buffer, png_ptr->save_buffer_size);
data/apngasm-2.91/libpng/pngpread.c:513:7:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
      memcpy(png_ptr->save_buffer + png_ptr->save_buffer_size,
data/apngasm-2.91/libpng/pngpread.c:764:4:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
   memcpy(png_ptr->prev_row, png_ptr->row_buf, row_info.rowbytes + 1);
data/apngasm-2.91/libpng/pngpriv.h:1658:9:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
typedef char png_warning_parameters[PNG_WARNING_PARAMETER_COUNT][
data/apngasm-2.91/libpng/pngread.c:553:4:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
   memcpy(png_ptr->prev_row, png_ptr->row_buf, row_info.rowbytes + 1);
data/apngasm-2.91/libpng/pngread.c:1491:21:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
         FILE *fp = fopen(file_name, "rb");
data/apngasm-2.91/libpng/pngread.c:1539:16:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
               memcpy(out, memory, need);
data/apngasm-2.91/libpng/pngrutil.c:342:7:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
      char msg[64];
data/apngasm-2.91/libpng/pngrutil.c:684:28:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
                           memcpy(text, png_ptr->read_buffer, prefix_size);
data/apngasm-2.91/libpng/pngrutil.c:1403:7:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
      char keyword[81];
data/apngasm-2.91/libpng/pngrutil.c:1472:28:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
                           memcpy(profile, profile_header,
data/apngasm-2.91/libpng/pngrutil.c:1538:43:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
                                          memcpy(info_ptr->iccp_name, keyword,
data/apngasm-2.91/libpng/pngrutil.c:3512:19:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
                  memcpy(dp, sp, bytes_to_copy);
data/apngasm-2.91/libpng/pngrutil.c:3537:4:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
   memcpy(dp, sp, PNG_ROWBYTES(pixel_depth, row_width));
data/apngasm-2.91/libpng/pngrutil.c:3769:16:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
               memcpy(v, sp, pixel_bytes);
data/apngasm-2.91/libpng/pngrutil.c:3773:19:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
                  memcpy(dp, v, pixel_bytes);
data/apngasm-2.91/libpng/pngset.c:321:4:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
   memcpy(info_ptr->pcal_purpose, purpose, length);
data/apngasm-2.91/libpng/pngset.c:343:4:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
   memcpy(info_ptr->pcal_units, units, length);
data/apngasm-2.91/libpng/pngset.c:373:7:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
      memcpy(info_ptr->pcal_params[i], params[i], length);
data/apngasm-2.91/libpng/pngset.c:423:4:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
   memcpy(info_ptr->scal_s_width, swidth, lengthw);
data/apngasm-2.91/libpng/pngset.c:442:4:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
   memcpy(info_ptr->scal_s_height, sheight, lengthh);
data/apngasm-2.91/libpng/pngset.c:465:7:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
      char swidth[PNG_sCAL_MAX_DIGITS+1];
data/apngasm-2.91/libpng/pngset.c:466:7:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
      char sheight[PNG_sCAL_MAX_DIGITS+1];
data/apngasm-2.91/libpng/pngset.c:495:7:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
      char swidth[PNG_sCAL_MAX_DIGITS+1];
data/apngasm-2.91/libpng/pngset.c:496:7:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
      char sheight[PNG_sCAL_MAX_DIGITS+1];
data/apngasm-2.91/libpng/pngset.c:579:7:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
      memcpy(png_ptr->palette, palette, (unsigned int)num_palette *
data/apngasm-2.91/libpng/pngset.c:688:4:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
   memcpy(new_iccp_name, name, length);
data/apngasm-2.91/libpng/pngset.c:701:4:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
   memcpy(new_iccp_profile, profile, proflen);
data/apngasm-2.91/libpng/pngset.c:871:7:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
      memcpy(textp->key, text_ptr[i].key, key_len);
data/apngasm-2.91/libpng/pngset.c:877:10:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
         memcpy(textp->lang, text_ptr[i].lang, lang_len);
data/apngasm-2.91/libpng/pngset.c:880:10:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
         memcpy(textp->lang_key, text_ptr[i].lang_key, lang_key_len);
data/apngasm-2.91/libpng/pngset.c:893:10:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
         memcpy(textp->text, text_ptr[i].text, text_length);
data/apngasm-2.91/libpng/pngset.c:974:11:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
          memcpy(info_ptr->trans_alpha, trans_alpha, (png_size_t)num_trans);
data/apngasm-2.91/libpng/pngset.c:1076:7:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
      memcpy(np->name, entries->name, length);
data/apngasm-2.91/libpng/pngset.c:1096:7:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
      memcpy(np->entries, entries->entries,
data/apngasm-2.91/libpng/pngset.c:1214:7:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
      memcpy(np->name, unknowns->name, (sizeof np->name));
data/apngasm-2.91/libpng/pngset.c:1237:10:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
         memcpy(np->data, unknowns->data, unknowns->size);
data/apngasm-2.91/libpng/pngset.c:1316:7:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
      memcpy(list, add, 4);
data/apngasm-2.91/libpng/pngset.c:1416:10:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
         memcpy(new_list, png_ptr->chunk_list, 5*old_num_chunks);
data/apngasm-2.91/libpng/pngset.c:1449:16:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
               memcpy(outlist, inlist, 5);
data/apngasm-2.91/libpng/pngstruct.h:362:4:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
   char time_buffer[29]; /* String to hold RFC 1123 time text */
data/apngasm-2.91/libpng/pngwrite.c:831:4:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
   memcpy(png_ptr->row_buf + 1, row, row_info.rowbytes);
data/apngasm-2.91/libpng/pngwrite.c:2168:13:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
            memcpy(display->memory+ob, data, size);
data/apngasm-2.91/libpng/pngwrite.c:2327:21:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
         FILE *fp = fopen(file_name, "wb");
data/apngasm-2.91/libpng/pngwutil.c:299:7:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
      char msg[64];
data/apngasm-2.91/libpng/pngwutil.c:1801:4:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
   memcpy(buf + 1, width, wlen + 1);      /* Append the '\0' here */
data/apngasm-2.91/libpng/pngwutil.c:1802:4:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
   memcpy(buf + wlen + 2, height, hlen);  /* Do NOT append the '\0' here */
data/apngasm-2.91/libpng/pngwutil.c:2221:19:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
                  memcpy(dp, sp, pixel_bytes);
data/apngasm-2.91/zlib/crc32.c:145:15:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
        out = fopen("crc32.h", "w");
data/apngasm-2.91/zlib/gzguts.h:39:11:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
#  define open _open
data/apngasm-2.91/zlib/gzlib.c:36:12:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    static char buf[1024];
data/apngasm-2.91/zlib/gzlib.c:65:9:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
        sprintf(buf, "unknown win32 error (%ld)", error);
data/apngasm-2.91/zlib/gzlib.c:245:9:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
        open((const char *)path, oflag, 0666));
data/apngasm-2.91/zlib/gzlib.c:296:5:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
    sprintf(path, "<fd:%d>", fd);   /* for debugging */
data/apngasm-2.91/zlib/gzlib.c:611:5:  [2] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant string.
    strcat(state->msg, ": ");
data/apngasm-2.91/zlib/gzread.c:158:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(state->x.next, strm->next_in, strm->avail_in);
data/apngasm-2.91/zlib/gzread.c:332:13:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
            memcpy(buf, state->x.next, n);
data/apngasm-2.91/zlib/gzread.c:391:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char buf[1];
data/apngasm-2.91/zlib/gzread.c:531:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(buf, state->x.next, n);
data/apngasm-2.91/zlib/gzwrite.c:218:13:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
            memcpy(state->in + have, buf, copy);
data/apngasm-2.91/zlib/gzwrite.c:250:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char buf[1];
data/apngasm-2.91/zlib/inflate.c:623:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char hbuf[4];      /* buffer for gzip header crc calculation */
data/apngasm-2.91/zlib/inflate.c:1382:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    unsigned char buf[4];       /* to restore bit buffer to byte string */
data/apngasm-2.91/zlib/trees.c:330:20:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
    FILE *header = fopen("trees.h", "w");
data/apngasm-2.91/zlib/zutil.c:17:9:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
z_const char * const z_errmsg[10] = {
data/apngasm-2.91/zlib/zutil.h:47:16:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
extern z_const char * const z_errmsg[10]; /* indexed by 2-zlib_error */
data/apngasm-2.91/zlib/zutil.h:107:6:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
     fopen((name), (mode), "mbc=60", "ctx=stm", "rfm=fix", "mrs=512")
data/apngasm-2.91/zlib/zutil.h:184:30:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
#  define F_OPEN(name, mode) fopen((name), (mode))
data/apngasm-2.91/zlib/zutil.h:208:21:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
#    define zmemcpy memcpy
data/apngasm-2.91/zopfli/deflate.c:555:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(ll_lengths, ll_lengths2, sizeof(ll_lengths2));
data/apngasm-2.91/zopfli/deflate.c:556:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(d_lengths, d_lengths2, sizeof(d_lengths2));
data/apngasm-2.91/zopfli/squeeze.c:54:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
  memcpy(dest->litlens, source->litlens,
data/apngasm-2.91/zopfli/squeeze.c:56:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
  memcpy(dest->dists, source->dists, ZOPFLI_NUM_D * sizeof(dest->dists[0]));
data/apngasm-2.91/zopfli/squeeze.c:58:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
  memcpy(dest->ll_symbols, source->ll_symbols,
data/apngasm-2.91/zopfli/squeeze.c:60:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
  memcpy(dest->d_symbols, source->d_symbols,
data/apngasm-2.91/libpng/pngrutil.c:2497:28:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
   text_info.text_length = strlen(text);
data/apngasm-2.91/libpng/pngset.c:278:13:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
   length = strlen(purpose) + 1;
data/apngasm-2.91/libpng/pngset.c:303:43:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
          !png_check_fp_string(params[i], strlen(params[i])))
data/apngasm-2.91/libpng/pngset.c:329:13:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
   length = strlen(units) + 1;
data/apngasm-2.91/libpng/pngset.c:360:16:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
      length = strlen(params[i]) + 1;
data/apngasm-2.91/libpng/pngset.c:399:37:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
   if (swidth == NULL || (lengthw = strlen(swidth)) == 0 ||
data/apngasm-2.91/libpng/pngset.c:403:38:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
   if (sheight == NULL || (lengthh = strlen(sheight)) == 0 ||
data/apngasm-2.91/libpng/pngset.c:678:13:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
   length = strlen(name)+1;
data/apngasm-2.91/libpng/pngset.c:804:17:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
      key_len = strlen(text_ptr[i].key);
data/apngasm-2.91/libpng/pngset.c:818:24:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
            lang_len = strlen(text_ptr[i].lang);
data/apngasm-2.91/libpng/pngset.c:824:28:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
            lang_key_len = strlen(text_ptr[i].lang_key);
data/apngasm-2.91/libpng/pngset.c:851:24:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
         text_length = strlen(text_ptr[i].text);
data/apngasm-2.91/libpng/pngset.c:1070:16:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
      length = strlen(entries->name) + 1;
data/apngasm-2.91/libpng/pngwutil.c:1520:18:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
      text_len = strlen(text);
data/apngasm-2.91/libpng/pngwutil.c:1575:27:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
       text == NULL ? 0 : strlen(text));
data/apngasm-2.91/libpng/pngwutil.c:1643:15:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
   lang_len = strlen(lang)+1;
data/apngasm-2.91/libpng/pngwutil.c:1645:19:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
   lang_key_len = strlen(lang_key)+1;
data/apngasm-2.91/libpng/pngwutil.c:1659:57:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
   png_text_compress_init(&comp, (png_const_bytep)text, strlen(text));
data/apngasm-2.91/libpng/pngwutil.c:1741:16:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
   units_len = strlen(units) + (nparams == 0 ? 0 : 1);
data/apngasm-2.91/libpng/pngwutil.c:1753:23:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
      params_len[i] = strlen(params[i]) + (i == nparams - 1 ? 0 : 1);
data/apngasm-2.91/libpng/pngwutil.c:1790:11:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
   wlen = strlen(width);
data/apngasm-2.91/libpng/pngwutil.c:1791:11:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
   hlen = strlen(height);
data/apngasm-2.91/zlib/gzguts.h:40:11:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
#  define read _read
data/apngasm-2.91/zlib/gzlib.c:199:15:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        len = strlen((const char *)path);
data/apngasm-2.91/zlib/gzlib.c:601:38:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    if ((state->msg = (char *)malloc(strlen(state->path) + strlen(msg) + 3)) ==
data/apngasm-2.91/zlib/gzlib.c:601:60:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    if ((state->msg = (char *)malloc(strlen(state->path) + strlen(msg) + 3)) ==
data/apngasm-2.91/zlib/gzlib.c:607:26:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    snprintf(state->msg, strlen(state->path) + strlen(msg) + 3,
data/apngasm-2.91/zlib/gzlib.c:607:48:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    snprintf(state->msg, strlen(state->path) + strlen(msg) + 3,
data/apngasm-2.91/zlib/gzread.c:30:15:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
        ret = read(state->fd, buf + *have, len - *have);
data/apngasm-2.91/zlib/gzwrite.c:301:21:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    len = (unsigned)strlen(str);
data/apngasm-2.91/zlib/gzwrite.c:355:11:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    len = strlen((char *)(state->in));
data/apngasm-2.91/zlib/gzwrite.c:443:11:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    len = strlen((char *)(state->in));

ANALYSIS SUMMARY:

Hits = 228
Lines analyzed = 63533 in approximately 1.67 seconds (38001 lines/second)
Physical Source Lines of Code (SLOC) = 42036
Hits@level = [0]  97 [1]  32 [2] 154 [3]   0 [4]  42 [5]   0
Hits@level+ = [0+] 325 [1+] 228 [2+] 196 [3+]  42 [4+]  42 [5+]   0
Hits/KSLOC@level+ = [0+] 7.73147 [1+] 5.42392 [2+] 4.66267 [3+] 0.999144 [4+] 0.999144 [5+]   0
Dot directories skipped = 1 (--followdotdir overrides)
Minimum risk level = 1
Not every hit is necessarily a security vulnerability.
There may be other security vulnerabilities; review your code!
See 'Secure Programming HOWTO'
(https://dwheeler.com/secure-programs) for more information.