Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler.
Number of rules (primarily dangerous function names) in C/C++ ruleset: 223
Examining data/checkit-tiff-0.2.3/src/checkit_check_config.c
Examining data/checkit-tiff-0.2.3/src/checkit_tiff.c
Examining data/checkit-tiff-0.2.3/src/checkit_tiff_risk.c
Examining data/checkit-tiff-0.2.3/src/headers/check.h
Examining data/checkit-tiff-0.2.3/src/headers/check_helper.h
Examining data/checkit-tiff-0.2.3/src/headers/config_parser.h
Examining data/checkit-tiff-0.2.3/src/headers/tiff.h
Examining data/checkit-tiff-0.2.3/src/headers/tiffconf.h
Examining data/checkit-tiff-0.2.3/src/helper/check_helper.c
Examining data/checkit-tiff-0.2.3/src/helper/check_print.c
Examining data/checkit-tiff-0.2.3/src/helper/check_renderer.c
Examining data/checkit-tiff-0.2.3/src/helper/check_tiffparse.c
Examining data/checkit-tiff-0.2.3/src/ifdrules/check_all_IFDs_are_word_aligned.c
Examining data/checkit-tiff-0.2.3/src/ifdrules/check_all_offsets_are_used_once_only.c
Examining data/checkit-tiff-0.2.3/src/ifdrules/check_all_offsets_are_word_aligned.c
Examining data/checkit-tiff-0.2.3/src/ifdrules/check_has_only_one_ifd.c
Examining data/checkit-tiff-0.2.3/src/ifdrules/check_tagorder.c
Examining data/checkit-tiff-0.2.3/src/parser/config_dsl.grammar.c
Examining data/checkit-tiff-0.2.3/src/parser/config_parser.c
Examining data/checkit-tiff-0.2.3/src/risk_analyzer/lst_offset_mappings.c
Examining data/checkit-tiff-0.2.3/src/tagrules/check_datetime.c
Examining data/checkit-tiff-0.2.3/src/tagrules/check_icc.c
Examining data/checkit-tiff-0.2.3/src/tagrules/check_notag.c
Examining data/checkit-tiff-0.2.3/src/tagrules/check_tag.c
Examining data/checkit-tiff-0.2.3/src/tagrules/check_tag_has_some_of_these_values.c
Examining data/checkit-tiff-0.2.3/src/tagrules/check_tag_has_valid_asciivalue.c
Examining data/checkit-tiff-0.2.3/src/tagrules/check_tag_has_valid_type.c
Examining data/checkit-tiff-0.2.3/src/tagrules/check_tag_has_value.c
Examining data/checkit-tiff-0.2.3/src/tagrules/check_tag_has_value_in_range.c
Examining data/checkit-tiff-0.2.3/src/tagrules/check_tag_has_value_matching_regex.c
Examining data/checkit-tiff-0.2.3/src/tagrules/check_tag_has_value_quiet.c
Examining data/checkit-tiff-0.2.3/src/tagrules/check_tag_has_valuelist.c
Examining data/checkit-tiff-0.2.3/src/tagrules/check_tag_quiet.c
Examining data/checkit-tiff-0.2.3/src/validate_icc/check_icc_header.c
Examining data/checkit-tiff-0.2.3/src/validate_icc/validate_icc.h

FINAL RESULTS:

data/checkit-tiff-0.2.3/src/helper/check_helper.c:34:7:  [4] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused).
      strcat( dest, src);
data/checkit-tiff-0.2.3/src/parser/config_dsl.grammar.c:44:25:  [4] (format) fprintf:
  If format strings can be influenced by an attacker, they can be exploited
  (CWE-134). Use a constant for the format specification.
# define yyprintf(args)	fprintf args
data/checkit-tiff-0.2.3/src/validate_icc/check_icc_header.c:13:20:  [4] (format) snprintf:
  If format strings can be influenced by an attacker, they can be exploited,
  and note that sprintf variations do not always \0-terminate (CWE-134). Use
  a constant for the format specification.
#define FAIL(...) {snprintf(errmessage, errsize, __VA_ARGS__); return 1;};
data/checkit-tiff-0.2.3/src/checkit_tiff.c:116:15:  [3] (buffer) getopt:
  Some older implementations do not protect against internal buffer overflows
  (CWE-120, CWE-20). Check implementation on installation, or limit the size
  of all string inputs.
  while ((c = getopt (argc, argv, "chmdx")) != -1) {
data/checkit-tiff-0.2.3/src/checkit_tiff_risk.c:45:15:  [3] (buffer) getopt:
  Some older implementations do not protect against internal buffer overflows
  (CWE-120, CWE-20). Check implementation on installation, or limit the size
  of all string inputs.
  while ((c = getopt (argc, argv, "hms")) != -1) {
data/checkit-tiff-0.2.3/src/checkit_tiff.c:170:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char tiff_dir [ len ];
data/checkit-tiff-0.2.3/src/checkit_tiff.c:191:9:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
        char fqname [ len ];
data/checkit-tiff-0.2.3/src/headers/config_parser.h:59:9:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  const char * regex_stack[INTERNALSTACKDEPTH];
data/checkit-tiff-0.2.3/src/headers/config_parser.h:81:9:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  const char * regex_stack[MAXSTACKDEPTH];
data/checkit-tiff-0.2.3/src/helper/check_helper.c:43:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char array[VALUESTRLEN];
data/checkit-tiff-0.2.3/src/helper/check_helper.c:49:2:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 char array[VALUESTRLEN];
data/checkit-tiff-0.2.3/src/helper/check_helper.c:55:2:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
 char array[VALUESTRLEN];
data/checkit-tiff-0.2.3/src/helper/check_helper.c:61:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char array[VALUESTRLEN];
data/checkit-tiff-0.2.3/src/helper/check_helper.c:67:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char array[VALUESTRLEN];
data/checkit-tiff-0.2.3/src/helper/check_renderer.c:75:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char res[1024] = "";
data/checkit-tiff-0.2.3/src/helper/check_renderer.c:107:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char res[1024] = "";
data/checkit-tiff-0.2.3/src/helper/check_renderer.c:125:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char res[1024] = "";
data/checkit-tiff-0.2.3/src/helper/check_renderer.c:160:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char res[1024] = "<checkit_tiff_result>";
data/checkit-tiff-0.2.3/src/helper/check_tiffparse.c:92:7:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
					 memcpy(buf, ctif->actual_streamp, count);
data/checkit-tiff-0.2.3/src/helper/check_tiffparse.c:599:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char array[EXPECTSTRLEN];
data/checkit-tiff-0.2.3/src/helper/check_tiffparse.c:628:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char array[EXPECTSTRLEN];
data/checkit-tiff-0.2.3/src/helper/check_tiffparse.c:658:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char array[EXPECTSTRLEN];
data/checkit-tiff-0.2.3/src/helper/check_tiffparse.c:1135:13:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
  int tif = open(tiff_file, O_RDONLY | O_BINARY);
data/checkit-tiff-0.2.3/src/helper/check_tiffparse.c:1137:13:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
  int tif = open(tiff_file, O_RDONLY);
data/checkit-tiff-0.2.3/src/helper/check_tiffparse.c:1287:7:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
	    	memcpy((void *) (*long_pp), (void *) &entry.data32, (sizeof(uint32)*entry.count));
data/checkit-tiff-0.2.3/src/helper/check_tiffparse.c:1293:7:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
	    	memcpy((void *) (*long_pp), (void *) offset.datacharp, (sizeof(uint32)*offset.count));
data/checkit-tiff-0.2.3/src/helper/check_tiffparse.c:1314:7:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
	    	memcpy((void *) (*short_pp), (void *) &entry.data16, (sizeof(uint16)*entry.count));
data/checkit-tiff-0.2.3/src/helper/check_tiffparse.c:1321:7:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
	    	memcpy((void *) (*short_pp), (void *)offset.datacharp, (sizeof(uint16)*offset.count));
data/checkit-tiff-0.2.3/src/ifdrules/check_all_IFDs_are_word_aligned.c:23:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char array[VALUESTRLEN];
data/checkit-tiff-0.2.3/src/ifdrules/check_all_offsets_are_used_once_only.c:37:11:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
          char array[TIFFAILSTRLEN];
data/checkit-tiff-0.2.3/src/ifdrules/check_all_offsets_are_word_aligned.c:27:9:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
        char array[TIFFAILSTRLEN];
data/checkit-tiff-0.2.3/src/ifdrules/check_has_only_one_ifd.c:30:7:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
      char array[TIFFAILSTRLEN];
data/checkit-tiff-0.2.3/src/ifdrules/check_tagorder.c:45:9:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
        char array[TIFFAILSTRLEN];
data/checkit-tiff-0.2.3/src/parser/config_dsl.grammar.c:212:7:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
      memcpy(yy->__text, yy->__buf + begin, yyleng);
data/checkit-tiff-0.2.3/src/parser/config_dsl.grammar.c:529:50:  [2] (integer) atol:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
   parser_state.any_reference = only_ref; i_push(atol(yytext) );;
data/checkit-tiff-0.2.3/src/parser/config_dsl.grammar.c:646:11:  [2] (integer) atol:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
   i_push(atol(yytext) );;
data/checkit-tiff-0.2.3/src/parser/config_dsl.grammar.c:659:14:  [2] (integer) atol:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
   i_push(2<<atol(yytext) ); ;
data/checkit-tiff-0.2.3/src/parser/config_parser.c:848:15:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
	FILE * cfg = fopen(include_file, "r");
data/checkit-tiff-0.2.3/src/parser/config_parser.c:909:15:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
 FILE * cfg = fopen(cfg_file, "r");
data/checkit-tiff-0.2.3/src/tagrules/check_datetime.c:90:11:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
          char array[TIFFAILSTRLEN];
data/checkit-tiff-0.2.3/src/tagrules/check_datetime.c:96:9:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
        char array[TIFFAILSTRLEN];
data/checkit-tiff-0.2.3/src/tagrules/check_datetime.c:102:8:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
       char array[TIFFAILSTRLEN];
data/checkit-tiff-0.2.3/src/tagrules/check_icc.c:41:16:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
               char array[VALUESTRLEN];
data/checkit-tiff-0.2.3/src/tagrules/check_tag_has_some_of_these_values.c:19:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char msg[EXPECTSTRLEN];
data/checkit-tiff-0.2.3/src/tagrules/check_tag_has_some_of_these_values.c:20:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char expected[EXPECTSTRLEN]="";
data/checkit-tiff-0.2.3/src/tagrules/check_tag_has_some_of_these_values.c:93:25:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
                        char array[VALUESTRLEN];
data/checkit-tiff-0.2.3/src/tagrules/check_tag_has_valid_asciivalue.c:42:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char array[VALUESTRLEN];
data/checkit-tiff-0.2.3/src/tagrules/check_tag_has_valid_type.c:99:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char array[VALUESTRLEN];
data/checkit-tiff-0.2.3/src/tagrules/check_tag_has_value_in_range.c:23:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char msg[EXPECTSTRLEN];
data/checkit-tiff-0.2.3/src/tagrules/check_tag_has_value_in_range.c:118:29:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
                            char array[VALUESTRLEN];
data/checkit-tiff-0.2.3/src/tagrules/check_tag_has_value_matching_regex.c:14:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char msg[EXPECTSTRLEN];
data/checkit-tiff-0.2.3/src/tagrules/check_tag_has_value_matching_regex.c:62:29:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
                            char array[VALUESTRLEN];
data/checkit-tiff-0.2.3/src/tagrules/check_tag_has_value_matching_regex.c:72:24:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
                       char array[VALUESTRLEN];
data/checkit-tiff-0.2.3/src/tagrules/check_tag_has_value_quiet.c:23:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char array[VALUESTRLEN];
data/checkit-tiff-0.2.3/src/tagrules/check_tag_has_value_quiet.c:50:16:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
               char array[VALUESTRLEN];
data/checkit-tiff-0.2.3/src/tagrules/check_tag_has_valuelist.c:25:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char msg[EXPECTSTRLEN];
data/checkit-tiff-0.2.3/src/tagrules/check_tag_has_valuelist.c:45:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char expected[EXPECTSTRLEN];
data/checkit-tiff-0.2.3/src/tagrules/check_tag_has_valuelist.c:47:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char value[VALUESTRLEN];
data/checkit-tiff-0.2.3/src/tagrules/check_tag_has_valuelist.c:60:29:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
                            char expected[EXPECTSTRLEN];
data/checkit-tiff-0.2.3/src/tagrules/check_tag_has_valuelist.c:62:29:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
                            char value[VALUESTRLEN];
data/checkit-tiff-0.2.3/src/tagrules/check_tag_has_valuelist.c:79:29:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
                            char expected[EXPECTSTRLEN];
data/checkit-tiff-0.2.3/src/tagrules/check_tag_has_valuelist.c:81:29:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
                            char value[VALUESTRLEN];
data/checkit-tiff-0.2.3/src/tagrules/check_tag_has_valuelist.c:98:30:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
                             char expected[EXPECTSTRLEN];
data/checkit-tiff-0.2.3/src/tagrules/check_tag_has_valuelist.c:100:30:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
                             char value[VALUESTRLEN];
data/checkit-tiff-0.2.3/src/tagrules/check_tag_has_valuelist.c:117:30:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
                             char expected[EXPECTSTRLEN];
data/checkit-tiff-0.2.3/src/tagrules/check_tag_has_valuelist.c:119:30:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
                             char value[VALUESTRLEN];
data/checkit-tiff-0.2.3/src/tagrules/check_tag_has_valuelist.c:133:25:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
                        char array[VALUESTRLEN];
data/checkit-tiff-0.2.3/src/validate_icc/check_icc_header.c:32:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char preferredcmmtype[5]="    "; memcpy(preferredcmmtype, &iccdata[4],4);
data/checkit-tiff-0.2.3/src/validate_icc/check_icc_header.c:32:36:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
  char preferredcmmtype[5]="    "; memcpy(preferredcmmtype, &iccdata[4],4);
data/checkit-tiff-0.2.3/src/validate_icc/check_icc_header.c:65:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char profileversion[6]="    "; snprintf(profileversion, 6, "%i.%i.%i", (iccdata[8]) & 0x000f, ((iccdata[9] & 0x00f0) >>4), (iccdata[9] & 0x000f));
data/checkit-tiff-0.2.3/src/validate_icc/check_icc_header.c:69:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char profileclass[5]="    "; memcpy(profileclass, &iccdata[12],4);
data/checkit-tiff-0.2.3/src/validate_icc/check_icc_header.c:69:32:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
  char profileclass[5]="    "; memcpy(profileclass, &iccdata[12],4);
data/checkit-tiff-0.2.3/src/validate_icc/check_icc_header.c:81:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char colorspacedata[5]="    "; memcpy(colorspacedata, &iccdata[16],4);
data/checkit-tiff-0.2.3/src/validate_icc/check_icc_header.c:81:34:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
  char colorspacedata[5]="    "; memcpy(colorspacedata, &iccdata[16],4);
data/checkit-tiff-0.2.3/src/validate_icc/check_icc_header.c:111:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char connectionspacedata[5]="    "; memcpy(connectionspacedata, &iccdata[20],4);
data/checkit-tiff-0.2.3/src/validate_icc/check_icc_header.c:111:39:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
  char connectionspacedata[5]="    "; memcpy(connectionspacedata, &iccdata[20],4);
data/checkit-tiff-0.2.3/src/validate_icc/check_icc_header.c:119:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char datetime[20]; snprintf(datetime, 20, "%.4d:%.2d:%.2d %.2d:%.2d:%.2d", 
data/checkit-tiff-0.2.3/src/validate_icc/check_icc_header.c:131:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char profilefilesignature[5]="    "; memcpy(profilefilesignature, &iccdata[36],4);
data/checkit-tiff-0.2.3/src/validate_icc/check_icc_header.c:131:40:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
  char profilefilesignature[5]="    "; memcpy(profilefilesignature, &iccdata[36],4);
data/checkit-tiff-0.2.3/src/validate_icc/check_icc_header.c:134:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char primaryplattformsignature[5]="    "; memcpy(primaryplattformsignature, &iccdata[40],4);
data/checkit-tiff-0.2.3/src/validate_icc/check_icc_header.c:134:45:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
  char primaryplattformsignature[5]="    "; memcpy(primaryplattformsignature, &iccdata[40],4);
data/checkit-tiff-0.2.3/src/validate_icc/check_icc_header.c:148:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char devicemanufacturer[5]="    "; memcpy(devicemanufacturer, &iccdata[48],4);
data/checkit-tiff-0.2.3/src/validate_icc/check_icc_header.c:148:38:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
  char devicemanufacturer[5]="    "; memcpy(devicemanufacturer, &iccdata[48],4);
data/checkit-tiff-0.2.3/src/validate_icc/check_icc_header.c:151:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char devicemodel[5]="    "; memcpy(devicemodel, &iccdata[52],4);
data/checkit-tiff-0.2.3/src/validate_icc/check_icc_header.c:151:31:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
  char devicemodel[5]="    "; memcpy(devicemodel, &iccdata[52],4);
data/checkit-tiff-0.2.3/src/validate_icc/check_icc_header.c:206:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char profileversion[6]="    "; snprintf(profileversion, 6, "%i.%i.%i", (iccdata[8]) & 0x000f, ((iccdata[9] & 0x00f0) >>4), (iccdata[9] & 0x000f));
data/checkit-tiff-0.2.3/src/checkit_tiff.c:169:18:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    size_t len = strlen( tiff_file_or_dir);
data/checkit-tiff-0.2.3/src/checkit_tiff.c:171:5:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120).
    strncpy(tiff_dir, tiff_file_or_dir, len);
data/checkit-tiff-0.2.3/src/checkit_tiff.c:190:15:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        len = strlen( tiff_dir ) + strlen( ent->d_name ) + 2;
data/checkit-tiff-0.2.3/src/checkit_tiff.c:190:36:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        len = strlen( tiff_dir ) + strlen( ent->d_name ) + 2;
data/checkit-tiff-0.2.3/src/helper/check_helper.c:30:20:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    int destsize = strlen(dest);
data/checkit-tiff-0.2.3/src/helper/check_helper.c:31:18:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    int srclen = strlen(src);
data/checkit-tiff-0.2.3/src/helper/check_helper.c:36:16:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    destsize = strlen(dest);
data/checkit-tiff-0.2.3/src/helper/check_print.c:19:18:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    size_t len = strlen (s);
data/checkit-tiff-0.2.3/src/helper/check_print.c:24:21:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120).
    return (char *) strncpy (result, s, len);
data/checkit-tiff-0.2.3/src/helper/check_tiffparse.c:77:11:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
			return read(ctif->fd, buf, count);
data/checkit-tiff-0.2.3/src/helper/check_tiffparse.c:101:10:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
  return read(ctif->fd, buf, count);
data/checkit-tiff-0.2.3/src/parser/config_dsl.grammar.c:95:14:  [1] (buffer) getchar:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
    int yyc= getchar();					\
data/checkit-tiff-0.2.3/src/parser/config_dsl.grammar.c:110:14:  [1] (buffer) getchar:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
    int yyc= getchar();					\
data/checkit-tiff-0.2.3/src/parser/config_parser.c:34:14:  [1] (buffer) fgetc:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
    int yyc= fgetc(parser_state.stream);		\

ANALYSIS SUMMARY:

Hits = 100
Lines analyzed = 8273 in approximately 0.35 seconds (23923 lines/second)
Physical Source Lines of Code (SLOC) = 6787
Hits@level = [0] 253 [1]  14 [2]  81 [3]   2 [4]   3 [5]   0
Hits@level+ = [0+] 353 [1+] 100 [2+]  86 [3+]   5 [4+]   3 [5+]   0
Hits/KSLOC@level+ = [0+] 52.0112 [1+] 14.7341 [2+] 12.6713 [3+] 0.736703 [4+] 0.442022 [5+]   0
Dot directories skipped = 1 (--followdotdir overrides)
Minimum risk level = 1
Not every hit is necessarily a security vulnerability.
There may be other security vulnerabilities; review your code!
See 'Secure Programming HOWTO'
(https://dwheeler.com/secure-programs) for more information.