Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler. Number of rules (primarily dangerous function names) in C/C++ ruleset: 223 Examining data/charls-2.1.0+dfsg/include/charls/api_abi.h Examining data/charls-2.1.0+dfsg/include/charls/charls.h Examining data/charls-2.1.0+dfsg/include/charls/charls_legacy.h Examining data/charls-2.1.0+dfsg/include/charls/jpegls_error.h Examining data/charls-2.1.0+dfsg/include/charls/public_types.h Examining data/charls-2.1.0+dfsg/include/charls/version.h Examining data/charls-2.1.0+dfsg/samples/convert.c/main.c Examining data/charls-2.1.0+dfsg/samples/convert.cpp/bmp_image.h Examining data/charls-2.1.0+dfsg/samples/convert.cpp/main.cpp Examining data/charls-2.1.0+dfsg/samples/convert.cpp/pch.cpp Examining data/charls-2.1.0+dfsg/samples/convert.cpp/pch.h Examining data/charls-2.1.0+dfsg/src/charls_jpegls_decoder.cpp Examining data/charls-2.1.0+dfsg/src/charls_jpegls_encoder.cpp Examining data/charls-2.1.0+dfsg/src/color_transform.h Examining data/charls-2.1.0+dfsg/src/constants.h Examining data/charls-2.1.0+dfsg/src/context.h Examining data/charls-2.1.0+dfsg/src/context_run_mode.h Examining data/charls-2.1.0+dfsg/src/decoder_strategy.h Examining data/charls-2.1.0+dfsg/src/default_traits.h Examining data/charls-2.1.0+dfsg/src/encoder_strategy.h Examining data/charls-2.1.0+dfsg/src/interface.cpp Examining data/charls-2.1.0+dfsg/src/jls_codec_factory.h Examining data/charls-2.1.0+dfsg/src/jpeg_marker_code.h Examining data/charls-2.1.0+dfsg/src/jpeg_stream_reader.cpp Examining data/charls-2.1.0+dfsg/src/jpeg_stream_reader.h Examining data/charls-2.1.0+dfsg/src/jpeg_stream_writer.cpp Examining data/charls-2.1.0+dfsg/src/jpeg_stream_writer.h Examining data/charls-2.1.0+dfsg/src/jpegls.cpp Examining data/charls-2.1.0+dfsg/src/jpegls_error.cpp Examining data/charls-2.1.0+dfsg/src/jpegls_preset_coding_parameters.h Examining data/charls-2.1.0+dfsg/src/jpegls_preset_parameters_type.h Examining data/charls-2.1.0+dfsg/src/lookup_table.h Examining data/charls-2.1.0+dfsg/src/lossless_traits.h Examining data/charls-2.1.0+dfsg/src/process_line.h Examining data/charls-2.1.0+dfsg/src/scan.h Examining data/charls-2.1.0+dfsg/src/util.h Examining data/charls-2.1.0+dfsg/src/version.cpp Examining data/charls-2.1.0+dfsg/test/bitstreamdamage.cpp Examining data/charls-2.1.0+dfsg/test/bitstreamdamage.h Examining data/charls-2.1.0+dfsg/test/compliance.cpp Examining data/charls-2.1.0+dfsg/test/compliance.h Examining data/charls-2.1.0+dfsg/test/dicomsamples.cpp Examining data/charls-2.1.0+dfsg/test/dicomsamples.h Examining data/charls-2.1.0+dfsg/test/main.cpp Examining data/charls-2.1.0+dfsg/test/performance.cpp Examining data/charls-2.1.0+dfsg/test/performance.h Examining data/charls-2.1.0+dfsg/test/portable_anymap_file.h Examining data/charls-2.1.0+dfsg/test/util.cpp Examining data/charls-2.1.0+dfsg/test/util.h Examining data/charls-2.1.0+dfsg/unittest/charls_jpegls_decoder_test.cpp Examining data/charls-2.1.0+dfsg/unittest/charls_jpegls_encoder_test.cpp Examining data/charls-2.1.0+dfsg/unittest/color_transform_test.cpp Examining data/charls-2.1.0+dfsg/unittest/compliance_test.cpp Examining data/charls-2.1.0+dfsg/unittest/ctable_test.cpp Examining data/charls-2.1.0+dfsg/unittest/decoder_strategy_test.cpp Examining data/charls-2.1.0+dfsg/unittest/default_traits_test.cpp Examining data/charls-2.1.0+dfsg/unittest/documentation_test.cpp Examining data/charls-2.1.0+dfsg/unittest/encode_test.cpp Examining data/charls-2.1.0+dfsg/unittest/encoder_strategy_test.cpp Examining data/charls-2.1.0+dfsg/unittest/encoder_strategy_tester.h Examining data/charls-2.1.0+dfsg/unittest/interface_test.cpp Examining data/charls-2.1.0+dfsg/unittest/jpeg_error_test.cpp Examining data/charls-2.1.0+dfsg/unittest/jpeg_stream_reader_test.cpp Examining data/charls-2.1.0+dfsg/unittest/jpeg_stream_writer_test.cpp Examining data/charls-2.1.0+dfsg/unittest/jpeg_test_stream_writer.h Examining data/charls-2.1.0+dfsg/unittest/jpegls_decoder_test.cpp Examining data/charls-2.1.0+dfsg/unittest/jpegls_encoder_test.cpp Examining data/charls-2.1.0+dfsg/unittest/jpegls_preset_coding_parameters_test.cpp Examining data/charls-2.1.0+dfsg/unittest/lossless_traits_test.cpp Examining data/charls-2.1.0+dfsg/unittest/pch.cpp Examining data/charls-2.1.0+dfsg/unittest/pch.h Examining data/charls-2.1.0+dfsg/unittest/util.cpp Examining data/charls-2.1.0+dfsg/unittest/util.h Examining data/charls-2.1.0+dfsg/unittest/version_test.cpp FINAL RESULTS: data/charls-2.1.0+dfsg/test/bitstreamdamage.cpp:57:5: [3] (random) srand: This function is not sufficiently random for security-related functions such as key and nonce creation (CWE-327). Use a more secure technique for acquiring random values. srand(102347325); data/charls-2.1.0+dfsg/test/main.cpp:115:5: [3] (random) srand: This function is not sufficiently random for security-related functions such as key and nonce creation (CWE-327). Use a more secure technique for acquiring random values. srand(seed); data/charls-2.1.0+dfsg/test/main.cpp:129:5: [3] (random) srand: This function is not sufficiently random for security-related functions such as key and nonce creation (CWE-327). Use a more secure technique for acquiring random values. srand(seed); data/charls-2.1.0+dfsg/unittest/util.cpp:151:5: [3] (random) srand: This function is not sufficiently random for security-related functions such as key and nonce creation (CWE-327). Use a more secure technique for acquiring random values. srand(seed); data/charls-2.1.0+dfsg/samples/convert.c/main.c:183:20: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). FILE* stream = fopen(filename, "wb"); data/charls-2.1.0+dfsg/samples/convert.c/main.c:213:26: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). FILE* input_stream = fopen(argv[1], "rb"); data/charls-2.1.0+dfsg/samples/convert.cpp/bmp_image.h:50:15: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). input.open(filename, std::ios_base::in | std::ios_base::binary); data/charls-2.1.0+dfsg/src/process_line.h:58:14: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. std::memcpy(destination, rawData_, pixelCount * bytesPerPixel_); data/charls-2.1.0+dfsg/src/process_line.h:64:14: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. std::memcpy(rawData_, source, pixelCount * bytesPerPixel_); data/charls-2.1.0+dfsg/src/process_line.h:281:13: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(tempLine_.data(), source, sizeof(Triplet<size_type>) * pixelCount); data/charls-2.1.0+dfsg/test/compliance.cpp:171:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(vecRaw.data(), buffer.data(), buffer.size()); data/charls-2.1.0+dfsg/test/main.cpp:51:13: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). jlsFile.open(strNameEncoded, mode_input); data/charls-2.1.0+dfsg/test/main.cpp:323:12: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). myFile.open(file, mode_input); data/charls-2.1.0+dfsg/test/portable_anymap_file.h:26:18: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). pnm_file.open(filename, std::ios_base::in | std::ios_base::binary); data/charls-2.1.0+dfsg/test/util.cpp:60:11: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). input.open(filename, input.in | input.binary); data/charls-2.1.0+dfsg/unittest/documentation_test.cpp:58:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char error_message[ErrorMessageSize]; data/charls-2.1.0+dfsg/unittest/documentation_test.cpp:105:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char error_message[ErrorMessageSize]; data/charls-2.1.0+dfsg/unittest/util.cpp:42:11: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). input.open(filename, input.in | input.binary); data/charls-2.1.0+dfsg/samples/convert.cpp/bmp_image.h:68:15: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). input.read(reinterpret_cast<char*>(&result.magic), sizeof result.magic); data/charls-2.1.0+dfsg/samples/convert.cpp/bmp_image.h:69:15: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). input.read(reinterpret_cast<char*>(&result.file_size), sizeof result.file_size); data/charls-2.1.0+dfsg/samples/convert.cpp/bmp_image.h:70:15: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). input.read(reinterpret_cast<char*>(&result.reserved), sizeof result.reserved); data/charls-2.1.0+dfsg/samples/convert.cpp/bmp_image.h:71:15: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). input.read(reinterpret_cast<char*>(&result.offset), sizeof result.offset); data/charls-2.1.0+dfsg/samples/convert.cpp/bmp_image.h:80:15: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). input.read(reinterpret_cast<char*>(&result.header_size), sizeof result.header_size); data/charls-2.1.0+dfsg/samples/convert.cpp/bmp_image.h:81:15: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). input.read(reinterpret_cast<char*>(&result.width), sizeof result.width); data/charls-2.1.0+dfsg/samples/convert.cpp/bmp_image.h:82:15: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). input.read(reinterpret_cast<char*>(&result.height), sizeof result.height); data/charls-2.1.0+dfsg/samples/convert.cpp/bmp_image.h:83:15: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). input.read(reinterpret_cast<char*>(&result.number_planes), sizeof result.number_planes); data/charls-2.1.0+dfsg/samples/convert.cpp/bmp_image.h:84:15: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). input.read(reinterpret_cast<char*>(&result.depth), sizeof result.depth); data/charls-2.1.0+dfsg/samples/convert.cpp/bmp_image.h:85:15: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). input.read(reinterpret_cast<char*>(&result.compress_type), sizeof result.compress_type); data/charls-2.1.0+dfsg/src/process_line.h:272:28: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). bytesToRead -= read; data/charls-2.1.0+dfsg/src/util.h:79:12: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ASSERT(strlen(source) < size_in_bytes && "String will be truncated"); data/charls-2.1.0+dfsg/src/util.h:84:5: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(destination, source, size_in_bytes); data/charls-2.1.0+dfsg/test/main.cpp:430:13: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). pnmFile.read(reinterpret_cast<char*>(inputBuffer.data()), inputBuffer.size()); data/charls-2.1.0+dfsg/test/main.cpp:499:14: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). pnmFile1.read(reinterpret_cast<char*>(&bytes1[0]), byteCount); data/charls-2.1.0+dfsg/test/main.cpp:500:14: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). pnmFile2.read(reinterpret_cast<char*>(&bytes2[0]), byteCount); data/charls-2.1.0+dfsg/test/portable_anymap_file.h:39:18: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). pnm_file.read(reinterpret_cast<char*>(input_buffer_.data()), input_buffer_.size()); data/charls-2.1.0+dfsg/test/util.cpp:77:11: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). input.read(reinterpret_cast<char*>(buffer.data()), buffer.size()); data/charls-2.1.0+dfsg/unittest/interface_test.cpp:59:24: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). Assert::IsTrue(strlen(error_message.data()) > 0); data/charls-2.1.0+dfsg/unittest/interface_test.cpp:111:24: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). Assert::IsTrue(strlen(error_message.data()) > 0); data/charls-2.1.0+dfsg/unittest/interface_test.cpp:138:24: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). Assert::IsTrue(strlen(error_message.data()) > 0); data/charls-2.1.0+dfsg/unittest/interface_test.cpp:192:24: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). Assert::IsTrue(strlen(error_message.data()) > 0); data/charls-2.1.0+dfsg/unittest/jpeg_error_test.cpp:25:24: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). Assert::IsTrue(strlen(result) > 0); data/charls-2.1.0+dfsg/unittest/jpeg_error_test.cpp:33:24: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). Assert::IsTrue(strlen(result) > 0); data/charls-2.1.0+dfsg/unittest/jpeg_error_test.cpp:38:24: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). Assert::IsTrue(strlen(jpegls_category().name()) > 0); data/charls-2.1.0+dfsg/unittest/util.cpp:49:11: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). input.read(reinterpret_cast<char*>(buffer.data()), buffer.size()); data/charls-2.1.0+dfsg/unittest/version_test.cpp:32:34: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (expected.length() != strlen(version)) ANALYSIS SUMMARY: Hits = 45 Lines analyzed = 13951 in approximately 0.36 seconds (39069 lines/second) Physical Source Lines of Code (SLOC) = 9700 Hits@level = [0] 20 [1] 27 [2] 14 [3] 4 [4] 0 [5] 0 Hits@level+ = [0+] 65 [1+] 45 [2+] 18 [3+] 4 [4+] 0 [5+] 0 Hits/KSLOC@level+ = [0+] 6.70103 [1+] 4.63918 [2+] 1.85567 [3+] 0.412371 [4+] 0 [5+] 0 Dot directories skipped = 1 (--followdotdir overrides) Minimum risk level = 1 Not every hit is necessarily a security vulnerability. There may be other security vulnerabilities; review your code! See 'Secure Programming HOWTO' (https://dwheeler.com/secure-programs) for more information.