Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler.
Number of rules (primarily dangerous function names) in C/C++ ruleset: 223
Examining data/darktable-3.2.1/tools/noise/noiseprofile.c
Examining data/darktable-3.2.1/tools/basecurve/exif-wrapper.cpp
Examining data/darktable-3.2.1/tools/basecurve/darktable-curve-tool.c
Examining data/darktable-3.2.1/src/version_gen.c
Examining data/darktable-3.2.1/src/win/win.h
Examining data/darktable-3.2.1/src/win/strptime.h
Examining data/darktable-3.2.1/src/win/strptime.c
Examining data/darktable-3.2.1/src/win/statvfs.h
Examining data/darktable-3.2.1/src/win/statvfs.c
Examining data/darktable-3.2.1/src/win/rlimit.h
Examining data/darktable-3.2.1/src/win/rlimit.c
Examining data/darktable-3.2.1/src/win/main_wrapper.h
Examining data/darktable-3.2.1/src/win/getrusage.h
Examining data/darktable-3.2.1/src/win/getrusage.c
Examining data/darktable-3.2.1/src/win/getdelim.h
Examining data/darktable-3.2.1/src/win/getdelim.c
Examining data/darktable-3.2.1/src/win/filepath.h
Examining data/darktable-3.2.1/src/win/filepath.c
Examining data/darktable-3.2.1/src/win/dtwin.h
Examining data/darktable-3.2.1/src/win/dtwin.c
Examining data/darktable-3.2.1/src/views/view_api.h
Examining data/darktable-3.2.1/src/views/view.h
Examining data/darktable-3.2.1/src/views/view.c
Examining data/darktable-3.2.1/src/views/tethering.c
Examining data/darktable-3.2.1/src/views/slideshow.c
Examining data/darktable-3.2.1/src/views/print.c
Examining data/darktable-3.2.1/src/views/map.c
Examining data/darktable-3.2.1/src/views/lighttable_undo.h
Examining data/darktable-3.2.1/src/views/lighttable.c
Examining data/darktable-3.2.1/src/views/knight_font.h
Examining data/darktable-3.2.1/src/views/knight.c
Examining data/darktable-3.2.1/src/views/darkroom.c
Examining data/darktable-3.2.1/src/tests/variables.c
Examining data/darktable-3.2.1/src/tests/unittests/util/tracing.h
Examining data/darktable-3.2.1/src/tests/unittests/util/testimg.h
Examining data/darktable-3.2.1/src/tests/unittests/util/testimg.c
Examining data/darktable-3.2.1/src/tests/unittests/util/assert.h
Examining data/darktable-3.2.1/src/tests/unittests/test_sample.c
Examining data/darktable-3.2.1/src/tests/unittests/iop/test_filmicrgb.c
Examining data/darktable-3.2.1/src/tests/cache.c
Examining data/darktable-3.2.1/src/ppc64le/altivec.h
Examining data/darktable-3.2.1/src/osx/osx.h
Examining data/darktable-3.2.1/src/main.c
Examining data/darktable-3.2.1/src/lua/widget/widget.h
Examining data/darktable-3.2.1/src/lua/widget/widget.c
Examining data/darktable-3.2.1/src/lua/widget/text_view.c
Examining data/darktable-3.2.1/src/lua/widget/stack.c
Examining data/darktable-3.2.1/src/lua/widget/slider.c
Examining data/darktable-3.2.1/src/lua/widget/separator.c
Examining data/darktable-3.2.1/src/lua/widget/section_label.c
Examining data/darktable-3.2.1/src/lua/widget/label.c
Examining data/darktable-3.2.1/src/lua/widget/file_chooser.c
Examining data/darktable-3.2.1/src/lua/widget/entry.c
Examining data/darktable-3.2.1/src/lua/widget/container.c
Examining data/darktable-3.2.1/src/lua/widget/common.h
Examining data/darktable-3.2.1/src/lua/widget/combobox.c
Examining data/darktable-3.2.1/src/lua/widget/check_button.c
Examining data/darktable-3.2.1/src/lua/widget/button.c
Examining data/darktable-3.2.1/src/lua/widget/box.c
Examining data/darktable-3.2.1/src/lua/view.h
Examining data/darktable-3.2.1/src/lua/view.c
Examining data/darktable-3.2.1/src/lua/types.h
Examining data/darktable-3.2.1/src/lua/types.c
Examining data/darktable-3.2.1/src/lua/tags.h
Examining data/darktable-3.2.1/src/lua/tags.c
Examining data/darktable-3.2.1/src/lua/styles.h
Examining data/darktable-3.2.1/src/lua/styles.c
Examining data/darktable-3.2.1/src/lua/storage.h
Examining data/darktable-3.2.1/src/lua/storage.c
Examining data/darktable-3.2.1/src/lua/print.h
Examining data/darktable-3.2.1/src/lua/print.c
Examining data/darktable-3.2.1/src/lua/preferences.h
Examining data/darktable-3.2.1/src/lua/preferences.c
Examining data/darktable-3.2.1/src/lua/modules.h
Examining data/darktable-3.2.1/src/lua/modules.c
Examining data/darktable-3.2.1/src/lua/luastorage.h
Examining data/darktable-3.2.1/src/lua/luastorage.c
Examining data/darktable-3.2.1/src/lua/lualib.h
Examining data/darktable-3.2.1/src/lua/lualib.c
Examining data/darktable-3.2.1/src/lua/lua.h
Examining data/darktable-3.2.1/src/lua/lua.c
Examining data/darktable-3.2.1/src/lua/lib.h
Examining data/darktable-3.2.1/src/lua/lib.c
Examining data/darktable-3.2.1/src/lua/init.h
Examining data/darktable-3.2.1/src/lua/init.c
Examining data/darktable-3.2.1/src/lua/image.h
Examining data/darktable-3.2.1/src/lua/image.c
Examining data/darktable-3.2.1/src/lua/guides.h
Examining data/darktable-3.2.1/src/lua/guides.c
Examining data/darktable-3.2.1/src/lua/gui.h
Examining data/darktable-3.2.1/src/lua/gui.c
Examining data/darktable-3.2.1/src/lua/glist.h
Examining data/darktable-3.2.1/src/lua/glist.c
Examining data/darktable-3.2.1/src/lua/gettext.h
Examining data/darktable-3.2.1/src/lua/gettext.c
Examining data/darktable-3.2.1/src/lua/format.h
Examining data/darktable-3.2.1/src/lua/format.c
Examining data/darktable-3.2.1/src/lua/film.h
Examining data/darktable-3.2.1/src/lua/film.c
Examining data/darktable-3.2.1/src/lua/events.h
Examining data/darktable-3.2.1/src/lua/events.c
Examining data/darktable-3.2.1/src/lua/database.h
Examining data/darktable-3.2.1/src/lua/database.c
Examining data/darktable-3.2.1/src/lua/configuration.h
Examining data/darktable-3.2.1/src/lua/configuration.c
Examining data/darktable-3.2.1/src/lua/call.h
Examining data/darktable-3.2.1/src/lua/call.c
Examining data/darktable-3.2.1/src/lua/cairo.h
Examining data/darktable-3.2.1/src/lua/cairo.c
Examining data/darktable-3.2.1/src/libs/tools/viewswitcher.c
Examining data/darktable-3.2.1/src/libs/tools/view_toolbox.c
Examining data/darktable-3.2.1/src/libs/tools/timeline.c
Examining data/darktable-3.2.1/src/libs/tools/ratings.c
Examining data/darktable-3.2.1/src/libs/tools/module_toolbox.c
Examining data/darktable-3.2.1/src/libs/tools/lighttable.c
Examining data/darktable-3.2.1/src/libs/tools/image_infos.c
Examining data/darktable-3.2.1/src/libs/tools/hinter.c
Examining data/darktable-3.2.1/src/libs/tools/global_toolbox.c
Examining data/darktable-3.2.1/src/libs/tools/filter.c
Examining data/darktable-3.2.1/src/libs/tools/filmstrip.c
Examining data/darktable-3.2.1/src/libs/tools/darktable.c
Examining data/darktable-3.2.1/src/libs/tools/colorlabels.c
Examining data/darktable-3.2.1/src/libs/tools/battery_indicator.c
Examining data/darktable-3.2.1/src/libs/tagging.c
Examining data/darktable-3.2.1/src/libs/styles.c
Examining data/darktable-3.2.1/src/libs/snapshots.c
Examining data/darktable-3.2.1/src/libs/session.c
Examining data/darktable-3.2.1/src/libs/select.c
Examining data/darktable-3.2.1/src/libs/recentcollect.c
Examining data/darktable-3.2.1/src/libs/print_settings.c
Examining data/darktable-3.2.1/src/libs/navigation.c
Examining data/darktable-3.2.1/src/libs/modulelist.c
Examining data/darktable-3.2.1/src/libs/modulegroups.h
Examining data/darktable-3.2.1/src/libs/modulegroups.c
Examining data/darktable-3.2.1/src/libs/metadata_view.c
Examining data/darktable-3.2.1/src/libs/metadata.c
Examining data/darktable-3.2.1/src/libs/masks.c
Examining data/darktable-3.2.1/src/libs/map_settings.c
Examining data/darktable-3.2.1/src/libs/location.c
Examining data/darktable-3.2.1/src/libs/live_view.c
Examining data/darktable-3.2.1/src/libs/lib_api.h
Examining data/darktable-3.2.1/src/libs/lib.h
Examining data/darktable-3.2.1/src/libs/lib.c
Examining data/darktable-3.2.1/src/libs/ioporder.c
Examining data/darktable-3.2.1/src/libs/import.c
Examining data/darktable-3.2.1/src/libs/image.c
Examining data/darktable-3.2.1/src/libs/history.c
Examining data/darktable-3.2.1/src/libs/histogram.c
Examining data/darktable-3.2.1/src/libs/geotagging.c
Examining data/darktable-3.2.1/src/libs/export_metadata.c
Examining data/darktable-3.2.1/src/libs/export.c
Examining data/darktable-3.2.1/src/libs/duplicate.c
Examining data/darktable-3.2.1/src/libs/copy_history.c
Examining data/darktable-3.2.1/src/libs/colorpicker.h
Examining data/darktable-3.2.1/src/libs/colorpicker.c
Examining data/darktable-3.2.1/src/libs/collect.h
Examining data/darktable-3.2.1/src/libs/collect.c
Examining data/darktable-3.2.1/src/libs/camera.c
Examining data/darktable-3.2.1/src/libs/backgroundjobs.c
Examining data/darktable-3.2.1/src/is_supported_platform.h
Examining data/darktable-3.2.1/src/iop/zonesystem.c
Examining data/darktable-3.2.1/src/iop/watermark.c
Examining data/darktable-3.2.1/src/iop/vignette.c
Examining data/darktable-3.2.1/src/iop/vibrance.c
Examining data/darktable-3.2.1/src/iop/velvia.c
Examining data/darktable-3.2.1/src/iop/useless.c
Examining data/darktable-3.2.1/src/iop/tonemap.cc
Examining data/darktable-3.2.1/src/iop/toneequal.c
Examining data/darktable-3.2.1/src/iop/tonecurve.c
Examining data/darktable-3.2.1/src/iop/temperature.c
Examining data/darktable-3.2.1/src/iop/svd.h
Examining data/darktable-3.2.1/src/iop/spots.c
Examining data/darktable-3.2.1/src/iop/splittoning.c
Examining data/darktable-3.2.1/src/iop/soften.c
Examining data/darktable-3.2.1/src/iop/sharpen.c
Examining data/darktable-3.2.1/src/iop/shadhi.c
Examining data/darktable-3.2.1/src/iop/scalepixels.c
Examining data/darktable-3.2.1/src/iop/rotatepixels.c
Examining data/darktable-3.2.1/src/iop/rgblevels.c
Examining data/darktable-3.2.1/src/iop/rgbcurve.c
Examining data/darktable-3.2.1/src/iop/retouch.c
Examining data/darktable-3.2.1/src/iop/relight.c
Examining data/darktable-3.2.1/src/iop/rawprepare.c
Examining data/darktable-3.2.1/src/iop/rawoverexposed.c
Examining data/darktable-3.2.1/src/iop/rawdenoise.c
Examining data/darktable-3.2.1/src/iop/profile_gamma.c
Examining data/darktable-3.2.1/src/iop/overexposed.c
Examining data/darktable-3.2.1/src/iop/nlmeans.c
Examining data/darktable-3.2.1/src/iop/negadoctor.c
Examining data/darktable-3.2.1/src/iop/monochrome.c
Examining data/darktable-3.2.1/src/iop/mask_manager.c
Examining data/darktable-3.2.1/src/iop/lut3dgmic.cpp
Examining data/darktable-3.2.1/src/iop/lut3d.c
Examining data/darktable-3.2.1/src/iop/lowpass.c
Examining data/darktable-3.2.1/src/iop/lowlight.c
Examining data/darktable-3.2.1/src/iop/liquify.c
Examining data/darktable-3.2.1/src/iop/levels.c
Examining data/darktable-3.2.1/src/iop/lens.cc
Examining data/darktable-3.2.1/src/iop/iop_api.h
Examining data/darktable-3.2.1/src/iop/invert.c
Examining data/darktable-3.2.1/src/iop/hotpixels.c
Examining data/darktable-3.2.1/src/iop/highpass.c
Examining data/darktable-3.2.1/src/iop/highlights.c
Examining data/darktable-3.2.1/src/iop/hazeremoval.c
Examining data/darktable-3.2.1/src/iop/grain.c
Examining data/darktable-3.2.1/src/iop/graduatednd.c
Examining data/darktable-3.2.1/src/iop/globaltonemap.c
Examining data/darktable-3.2.1/src/iop/gaussian_elimination.h
Examining data/darktable-3.2.1/src/iop/gamma.c
Examining data/darktable-3.2.1/src/iop/flip.c
Examining data/darktable-3.2.1/src/iop/finalscale.c
Examining data/darktable-3.2.1/src/iop/filmicrgb.c
Examining data/darktable-3.2.1/src/iop/filmic.c
Examining data/darktable-3.2.1/src/iop/exposure.c
Examining data/darktable-3.2.1/src/iop/equalizer_eaw.h
Examining data/darktable-3.2.1/src/iop/equalizer.c
Examining data/darktable-3.2.1/src/iop/dither.c
Examining data/darktable-3.2.1/src/iop/denoiseprofile.c
Examining data/darktable-3.2.1/src/iop/demosaic.c
Examining data/darktable-3.2.1/src/iop/defringe.c
Examining data/darktable-3.2.1/src/iop/colorzones.c
Examining data/darktable-3.2.1/src/iop/colortransfer.c
Examining data/darktable-3.2.1/src/iop/colorreconstruction.c
Examining data/darktable-3.2.1/src/iop/colorout.c
Examining data/darktable-3.2.1/src/iop/colormapping.c
Examining data/darktable-3.2.1/src/iop/colorize.c
Examining data/darktable-3.2.1/src/iop/colorin.c
Examining data/darktable-3.2.1/src/iop/colorcorrection.c
Examining data/darktable-3.2.1/src/iop/colorcontrast.c
Examining data/darktable-3.2.1/src/iop/colorchecker.c
Examining data/darktable-3.2.1/src/iop/colorbalance.c
Examining data/darktable-3.2.1/src/iop/colisa.c
Examining data/darktable-3.2.1/src/iop/clipping.c
Examining data/darktable-3.2.1/src/iop/clahe.c
Examining data/darktable-3.2.1/src/iop/choleski.h
Examining data/darktable-3.2.1/src/iop/channelmixer.c
Examining data/darktable-3.2.1/src/iop/cacorrect.c
Examining data/darktable-3.2.1/src/iop/borders.c
Examining data/darktable-3.2.1/src/iop/bloom.c
Examining data/darktable-3.2.1/src/iop/bilateral.cc
Examining data/darktable-3.2.1/src/iop/bilat.c
Examining data/darktable-3.2.1/src/iop/basicadj.c
Examining data/darktable-3.2.1/src/iop/basecurve.c
Examining data/darktable-3.2.1/src/iop/atrous.c
Examining data/darktable-3.2.1/src/iop/ashift_nmsimplex.c
Examining data/darktable-3.2.1/src/iop/ashift_lsd.c
Examining data/darktable-3.2.1/src/iop/ashift.c
Examining data/darktable-3.2.1/src/iop/amaze_demosaic_RT.cc
Examining data/darktable-3.2.1/src/iop/Permutohedral.h
Examining data/darktable-3.2.1/src/imageio/storage/piwigo.c
Examining data/darktable-3.2.1/src/imageio/storage/latex.c
Examining data/darktable-3.2.1/src/imageio/storage/imageio_storage_api.h
Examining data/darktable-3.2.1/src/imageio/storage/gallery.c
Examining data/darktable-3.2.1/src/imageio/storage/email.c
Examining data/darktable-3.2.1/src/imageio/storage/disk.c
Examining data/darktable-3.2.1/src/imageio/format/xcf.c
Examining data/darktable-3.2.1/src/imageio/format/webp.c
Examining data/darktable-3.2.1/src/imageio/format/tiff.c
Examining data/darktable-3.2.1/src/imageio/format/ppm.c
Examining data/darktable-3.2.1/src/imageio/format/png.c
Examining data/darktable-3.2.1/src/imageio/format/pfm.c
Examining data/darktable-3.2.1/src/imageio/format/pdf.c
Examining data/darktable-3.2.1/src/imageio/format/jpeg.c
Examining data/darktable-3.2.1/src/imageio/format/j2k.c
Examining data/darktable-3.2.1/src/imageio/format/imageio_format_api.h
Examining data/darktable-3.2.1/src/imageio/format/exr.cc
Examining data/darktable-3.2.1/src/imageio/format/copy.c
Examining data/darktable-3.2.1/src/imageio/format/avif.c
Examining data/darktable-3.2.1/src/gui/styles_dialog.c
Examining data/darktable-3.2.1/src/gui/styles.h
Examining data/darktable-3.2.1/src/gui/presets.h
Examining data/darktable-3.2.1/src/gui/presets.c
Examining data/darktable-3.2.1/src/gui/preferences.h
Examining data/darktable-3.2.1/src/gui/preferences.c
Examining data/darktable-3.2.1/src/gui/legacy_presets.h
Examining data/darktable-3.2.1/src/gui/import_metadata.h
Examining data/darktable-3.2.1/src/gui/import_metadata.c
Examining data/darktable-3.2.1/src/gui/hist_dialog.h
Examining data/darktable-3.2.1/src/gui/hist_dialog.c
Examining data/darktable-3.2.1/src/gui/guides.h
Examining data/darktable-3.2.1/src/gui/guides.c
Examining data/darktable-3.2.1/src/gui/gtkentry.h
Examining data/darktable-3.2.1/src/gui/gtkentry.c
Examining data/darktable-3.2.1/src/gui/gtk.h
Examining data/darktable-3.2.1/src/gui/gtk.c
Examining data/darktable-3.2.1/src/gui/draw.h
Examining data/darktable-3.2.1/src/gui/drag_and_drop.h
Examining data/darktable-3.2.1/src/gui/color_picker_proxy.h
Examining data/darktable-3.2.1/src/gui/color_picker_proxy.c
Examining data/darktable-3.2.1/src/gui/camera_import_dialog.h
Examining data/darktable-3.2.1/src/gui/camera_import_dialog.c
Examining data/darktable-3.2.1/src/gui/accelerators.h
Examining data/darktable-3.2.1/src/gui/accelerators.c
Examining data/darktable-3.2.1/src/generate-cache/main.c
Examining data/darktable-3.2.1/src/external/wb_presets.c
Examining data/darktable-3.2.1/src/external/rawspeed/test/librawspeed/test/RawSpeed.cpp
Examining data/darktable-3.2.1/src/external/rawspeed/test/librawspeed/test/ExceptionsTest.cpp
Examining data/darktable-3.2.1/src/external/rawspeed/test/librawspeed/metadata/ColorFilterArrayTest.cpp
Examining data/darktable-3.2.1/src/external/rawspeed/test/librawspeed/metadata/CameraTest.cpp
Examining data/darktable-3.2.1/src/external/rawspeed/test/librawspeed/metadata/CameraSensorInfoTest.cpp
Examining data/darktable-3.2.1/src/external/rawspeed/test/librawspeed/metadata/CameraMetaDataTest.cpp
Examining data/darktable-3.2.1/src/external/rawspeed/test/librawspeed/metadata/BlackAreaTest.cpp
Examining data/darktable-3.2.1/src/external/rawspeed/test/librawspeed/io/EndiannessTest.h
Examining data/darktable-3.2.1/src/external/rawspeed/test/librawspeed/io/EndiannessTest.cpp
Examining data/darktable-3.2.1/src/external/rawspeed/test/librawspeed/io/BitPumpTest.h
Examining data/darktable-3.2.1/src/external/rawspeed/test/librawspeed/io/BitPumpMSBTest.cpp
Examining data/darktable-3.2.1/src/external/rawspeed/test/librawspeed/io/BitPumpMSB32Test.cpp
Examining data/darktable-3.2.1/src/external/rawspeed/test/librawspeed/io/BitPumpMSB16Test.cpp
Examining data/darktable-3.2.1/src/external/rawspeed/test/librawspeed/io/BitPumpLSBTest.cpp
Examining data/darktable-3.2.1/src/external/rawspeed/test/librawspeed/io/BitPumpJPEGTest.cpp
Examining data/darktable-3.2.1/src/external/rawspeed/test/librawspeed/decompressors/HuffmanTableTest.cpp
Examining data/darktable-3.2.1/src/external/rawspeed/test/librawspeed/decompressors/BinaryHuffmanTreeTest.cpp
Examining data/darktable-3.2.1/src/external/rawspeed/test/librawspeed/decompressors/AbstractHuffmanTableTest.cpp
Examining data/darktable-3.2.1/src/external/rawspeed/test/librawspeed/common/SplineTest.cpp
Examining data/darktable-3.2.1/src/external/rawspeed/test/librawspeed/common/RangeTest.h
Examining data/darktable-3.2.1/src/external/rawspeed/test/librawspeed/common/RangeTest.cpp
Examining data/darktable-3.2.1/src/external/rawspeed/test/librawspeed/common/PointTest.cpp
Examining data/darktable-3.2.1/src/external/rawspeed/test/librawspeed/common/NORangesSetTest.cpp
Examining data/darktable-3.2.1/src/external/rawspeed/test/librawspeed/common/MemoryTest.cpp
Examining data/darktable-3.2.1/src/external/rawspeed/test/librawspeed/common/CpuidTest.cpp
Examining data/darktable-3.2.1/src/external/rawspeed/test/librawspeed/common/CommonTest.cpp
Examining data/darktable-3.2.1/src/external/rawspeed/test/librawspeed/common/ChecksumFileTest.cpp
Examining data/darktable-3.2.1/src/external/rawspeed/src/utilities/rstest/rstest.cpp
Examining data/darktable-3.2.1/src/external/rawspeed/src/utilities/rstest/md5.h
Examining data/darktable-3.2.1/src/external/rawspeed/src/utilities/rstest/md5.cpp
Examining data/darktable-3.2.1/src/external/rawspeed/src/utilities/rstest/MD5Test.cpp
Examining data/darktable-3.2.1/src/external/rawspeed/src/utilities/rstest/MD5Benchmark.cpp
Examining data/darktable-3.2.1/src/external/rawspeed/src/utilities/rsbench/main.cpp
Examining data/darktable-3.2.1/src/external/rawspeed/src/utilities/identify/rawspeed-identify.cpp
Examining data/darktable-3.2.1/src/external/rawspeed/src/librawspeed/tiff/TiffTag.h
Examining data/darktable-3.2.1/src/external/rawspeed/src/librawspeed/tiff/TiffIFD.h
Examining data/darktable-3.2.1/src/external/rawspeed/src/librawspeed/tiff/TiffIFD.cpp
Examining data/darktable-3.2.1/src/external/rawspeed/src/librawspeed/tiff/TiffEntry.h
Examining data/darktable-3.2.1/src/external/rawspeed/src/librawspeed/tiff/TiffEntry.cpp
Examining data/darktable-3.2.1/src/external/rawspeed/src/librawspeed/tiff/CiffTag.h
Examining data/darktable-3.2.1/src/external/rawspeed/src/librawspeed/tiff/CiffIFD.h
Examining data/darktable-3.2.1/src/external/rawspeed/src/librawspeed/tiff/CiffIFD.cpp
Examining data/darktable-3.2.1/src/external/rawspeed/src/librawspeed/tiff/CiffEntry.h
Examining data/darktable-3.2.1/src/external/rawspeed/src/librawspeed/tiff/CiffEntry.cpp
Examining data/darktable-3.2.1/src/external/rawspeed/src/librawspeed/parsers/TiffParserException.h
Examining data/darktable-3.2.1/src/external/rawspeed/src/librawspeed/parsers/TiffParser.h
Examining data/darktable-3.2.1/src/external/rawspeed/src/librawspeed/parsers/TiffParser.cpp
Examining data/darktable-3.2.1/src/external/rawspeed/src/librawspeed/parsers/RawParserException.h
Examining data/darktable-3.2.1/src/external/rawspeed/src/librawspeed/parsers/RawParser.h
Examining data/darktable-3.2.1/src/external/rawspeed/src/librawspeed/parsers/RawParser.cpp
Examining data/darktable-3.2.1/src/external/rawspeed/src/librawspeed/parsers/FiffParserException.h
Examining data/darktable-3.2.1/src/external/rawspeed/src/librawspeed/parsers/FiffParser.h
Examining data/darktable-3.2.1/src/external/rawspeed/src/librawspeed/parsers/FiffParser.cpp
Examining data/darktable-3.2.1/src/external/rawspeed/src/librawspeed/parsers/CiffParserException.h
Examining data/darktable-3.2.1/src/external/rawspeed/src/librawspeed/parsers/CiffParser.h
Examining data/darktable-3.2.1/src/external/rawspeed/src/librawspeed/parsers/CiffParser.cpp
Examining data/darktable-3.2.1/src/external/rawspeed/src/librawspeed/metadata/ColorFilterArray.h
Examining data/darktable-3.2.1/src/external/rawspeed/src/librawspeed/metadata/ColorFilterArray.cpp
Examining data/darktable-3.2.1/src/external/rawspeed/src/librawspeed/metadata/CameraSensorInfo.h
Examining data/darktable-3.2.1/src/external/rawspeed/src/librawspeed/metadata/CameraSensorInfo.cpp
Examining data/darktable-3.2.1/src/external/rawspeed/src/librawspeed/metadata/CameraMetadataException.h
Examining data/darktable-3.2.1/src/external/rawspeed/src/librawspeed/metadata/CameraMetaData.h
Examining data/darktable-3.2.1/src/external/rawspeed/src/librawspeed/metadata/CameraMetaData.cpp
Examining data/darktable-3.2.1/src/external/rawspeed/src/librawspeed/metadata/Camera.h
Examining data/darktable-3.2.1/src/external/rawspeed/src/librawspeed/metadata/Camera.cpp
Examining data/darktable-3.2.1/src/external/rawspeed/src/librawspeed/metadata/BlackArea.h
Examining data/darktable-3.2.1/src/external/rawspeed/src/librawspeed/io/IOException.h
Examining data/darktable-3.2.1/src/external/rawspeed/src/librawspeed/io/FileWriter.h
Examining data/darktable-3.2.1/src/external/rawspeed/src/librawspeed/io/FileWriter.cpp
Examining data/darktable-3.2.1/src/external/rawspeed/src/librawspeed/io/FileReader.h
Examining data/darktable-3.2.1/src/external/rawspeed/src/librawspeed/io/FileReader.cpp
Examining data/darktable-3.2.1/src/external/rawspeed/src/librawspeed/io/FileIOException.h
Examining data/darktable-3.2.1/src/external/rawspeed/src/librawspeed/io/FileIO.h
Examining data/darktable-3.2.1/src/external/rawspeed/src/librawspeed/io/Endianness.h
Examining data/darktable-3.2.1/src/external/rawspeed/src/librawspeed/io/ByteStream.h
Examining data/darktable-3.2.1/src/external/rawspeed/src/librawspeed/io/Buffer.h
Examining data/darktable-3.2.1/src/external/rawspeed/src/librawspeed/io/BitStream.h
Examining data/darktable-3.2.1/src/external/rawspeed/src/librawspeed/io/BitStream.cpp
Examining data/darktable-3.2.1/src/external/rawspeed/src/librawspeed/io/BitPumpMSB32.h
Examining data/darktable-3.2.1/src/external/rawspeed/src/librawspeed/io/BitPumpMSB16.h
Examining data/darktable-3.2.1/src/external/rawspeed/src/librawspeed/io/BitPumpMSB.h
Examining data/darktable-3.2.1/src/external/rawspeed/src/librawspeed/io/BitPumpLSB.h
Examining data/darktable-3.2.1/src/external/rawspeed/src/librawspeed/io/BitPumpJPEG.h
Examining data/darktable-3.2.1/src/external/rawspeed/src/librawspeed/interpolators/Cr2sRawInterpolator.h
Examining data/darktable-3.2.1/src/external/rawspeed/src/librawspeed/interpolators/Cr2sRawInterpolator.cpp
Examining data/darktable-3.2.1/src/external/rawspeed/src/librawspeed/decompressors/VC5Decompressor.h
Examining data/darktable-3.2.1/src/external/rawspeed/src/librawspeed/decompressors/VC5Decompressor.cpp
Examining data/darktable-3.2.1/src/external/rawspeed/src/librawspeed/decompressors/UncompressedDecompressor.h
Examining data/darktable-3.2.1/src/external/rawspeed/src/librawspeed/decompressors/UncompressedDecompressor.cpp
Examining data/darktable-3.2.1/src/external/rawspeed/src/librawspeed/decompressors/SonyArw2Decompressor.h
Examining data/darktable-3.2.1/src/external/rawspeed/src/librawspeed/decompressors/SonyArw2Decompressor.cpp
Examining data/darktable-3.2.1/src/external/rawspeed/src/librawspeed/decompressors/SonyArw1Decompressor.h
Examining data/darktable-3.2.1/src/external/rawspeed/src/librawspeed/decompressors/SonyArw1Decompressor.cpp
Examining data/darktable-3.2.1/src/external/rawspeed/src/librawspeed/decompressors/SamsungV2Decompressor.h
Examining data/darktable-3.2.1/src/external/rawspeed/src/librawspeed/decompressors/SamsungV2Decompressor.cpp
Examining data/darktable-3.2.1/src/external/rawspeed/src/librawspeed/decompressors/SamsungV1Decompressor.h
Examining data/darktable-3.2.1/src/external/rawspeed/src/librawspeed/decompressors/SamsungV1Decompressor.cpp
Examining data/darktable-3.2.1/src/external/rawspeed/src/librawspeed/decompressors/SamsungV0Decompressor.h
Examining data/darktable-3.2.1/src/external/rawspeed/src/librawspeed/decompressors/SamsungV0Decompressor.cpp
Examining data/darktable-3.2.1/src/external/rawspeed/src/librawspeed/decompressors/PhaseOneDecompressor.h
Examining data/darktable-3.2.1/src/external/rawspeed/src/librawspeed/decompressors/PhaseOneDecompressor.cpp
Examining data/darktable-3.2.1/src/external/rawspeed/src/librawspeed/decompressors/PentaxDecompressor.h
Examining data/darktable-3.2.1/src/external/rawspeed/src/librawspeed/decompressors/PentaxDecompressor.cpp
Examining data/darktable-3.2.1/src/external/rawspeed/src/librawspeed/decompressors/PanasonicDecompressorV6.h
Examining data/darktable-3.2.1/src/external/rawspeed/src/librawspeed/decompressors/PanasonicDecompressorV6.cpp
Examining data/darktable-3.2.1/src/external/rawspeed/src/librawspeed/decompressors/PanasonicDecompressorV5.h
Examining data/darktable-3.2.1/src/external/rawspeed/src/librawspeed/decompressors/PanasonicDecompressorV5.cpp
Examining data/darktable-3.2.1/src/external/rawspeed/src/librawspeed/decompressors/PanasonicDecompressorV4.h
Examining data/darktable-3.2.1/src/external/rawspeed/src/librawspeed/decompressors/PanasonicDecompressorV4.cpp
Examining data/darktable-3.2.1/src/external/rawspeed/src/librawspeed/decompressors/OlympusDecompressor.h
Examining data/darktable-3.2.1/src/external/rawspeed/src/librawspeed/decompressors/OlympusDecompressor.cpp
Examining data/darktable-3.2.1/src/external/rawspeed/src/librawspeed/decompressors/NikonDecompressor.h
Examining data/darktable-3.2.1/src/external/rawspeed/src/librawspeed/decompressors/NikonDecompressor.cpp
Examining data/darktable-3.2.1/src/external/rawspeed/src/librawspeed/decompressors/LJpegDecompressor.h
Examining data/darktable-3.2.1/src/external/rawspeed/src/librawspeed/decompressors/LJpegDecompressor.cpp
Examining data/darktable-3.2.1/src/external/rawspeed/src/librawspeed/decompressors/KodakDecompressor.h
Examining data/darktable-3.2.1/src/external/rawspeed/src/librawspeed/decompressors/KodakDecompressor.cpp
Examining data/darktable-3.2.1/src/external/rawspeed/src/librawspeed/decompressors/JpegDecompressor.h
Examining data/darktable-3.2.1/src/external/rawspeed/src/librawspeed/decompressors/JpegDecompressor.cpp
Examining data/darktable-3.2.1/src/external/rawspeed/src/librawspeed/decompressors/HuffmanTableVector.h
Examining data/darktable-3.2.1/src/external/rawspeed/src/librawspeed/decompressors/HuffmanTableTree.h
Examining data/darktable-3.2.1/src/external/rawspeed/src/librawspeed/decompressors/HuffmanTableLookup.h
Examining data/darktable-3.2.1/src/external/rawspeed/src/librawspeed/decompressors/HuffmanTableLUT.h
Examining data/darktable-3.2.1/src/external/rawspeed/src/librawspeed/decompressors/HuffmanTable.h
Examining data/darktable-3.2.1/src/external/rawspeed/src/librawspeed/decompressors/HasselbladDecompressor.h
Examining data/darktable-3.2.1/src/external/rawspeed/src/librawspeed/decompressors/HasselbladDecompressor.cpp
Examining data/darktable-3.2.1/src/external/rawspeed/src/librawspeed/decompressors/FujiDecompressor.h
Examining data/darktable-3.2.1/src/external/rawspeed/src/librawspeed/decompressors/FujiDecompressor.cpp
Examining data/darktable-3.2.1/src/external/rawspeed/src/librawspeed/decompressors/DeflateDecompressor.h
Examining data/darktable-3.2.1/src/external/rawspeed/src/librawspeed/decompressors/DeflateDecompressor.cpp
Examining data/darktable-3.2.1/src/external/rawspeed/src/librawspeed/decompressors/CrwDecompressor.h
Examining data/darktable-3.2.1/src/external/rawspeed/src/librawspeed/decompressors/CrwDecompressor.cpp
Examining data/darktable-3.2.1/src/external/rawspeed/src/librawspeed/decompressors/Cr2Decompressor.h
Examining data/darktable-3.2.1/src/external/rawspeed/src/librawspeed/decompressors/Cr2Decompressor.cpp
Examining data/darktable-3.2.1/src/external/rawspeed/src/librawspeed/decompressors/BinaryHuffmanTree.h
Examining data/darktable-3.2.1/src/external/rawspeed/src/librawspeed/decompressors/AbstractSamsungDecompressor.h
Examining data/darktable-3.2.1/src/external/rawspeed/src/librawspeed/decompressors/AbstractLJpegDecompressor.h
Examining data/darktable-3.2.1/src/external/rawspeed/src/librawspeed/decompressors/AbstractLJpegDecompressor.cpp
Examining data/darktable-3.2.1/src/external/rawspeed/src/librawspeed/decompressors/AbstractHuffmanTable.h
Examining data/darktable-3.2.1/src/external/rawspeed/src/librawspeed/decompressors/AbstractDngDecompressor.h
Examining data/darktable-3.2.1/src/external/rawspeed/src/librawspeed/decompressors/AbstractDngDecompressor.cpp
Examining data/darktable-3.2.1/src/external/rawspeed/src/librawspeed/decompressors/AbstractDecompressor.h
Examining data/darktable-3.2.1/src/external/rawspeed/src/librawspeed/decoders/ThreefrDecoder.h
Examining data/darktable-3.2.1/src/external/rawspeed/src/librawspeed/decoders/ThreefrDecoder.cpp
Examining data/darktable-3.2.1/src/external/rawspeed/src/librawspeed/decoders/SrwDecoder.h
Examining data/darktable-3.2.1/src/external/rawspeed/src/librawspeed/decoders/SrwDecoder.cpp
Examining data/darktable-3.2.1/src/external/rawspeed/src/librawspeed/decoders/SimpleTiffDecoder.h
Examining data/darktable-3.2.1/src/external/rawspeed/src/librawspeed/decoders/SimpleTiffDecoder.cpp
Examining data/darktable-3.2.1/src/external/rawspeed/src/librawspeed/decoders/Rw2Decoder.h
Examining data/darktable-3.2.1/src/external/rawspeed/src/librawspeed/decoders/Rw2Decoder.cpp
Examining data/darktable-3.2.1/src/external/rawspeed/src/librawspeed/decoders/RawDecoderException.h
Examining data/darktable-3.2.1/src/external/rawspeed/src/librawspeed/decoders/RawDecoder.h
Examining data/darktable-3.2.1/src/external/rawspeed/src/librawspeed/decoders/RawDecoder.cpp
Examining data/darktable-3.2.1/src/external/rawspeed/src/librawspeed/decoders/RafDecoder.h
Examining data/darktable-3.2.1/src/external/rawspeed/src/librawspeed/decoders/RafDecoder.cpp
Examining data/darktable-3.2.1/src/external/rawspeed/src/librawspeed/decoders/PefDecoder.h
Examining data/darktable-3.2.1/src/external/rawspeed/src/librawspeed/decoders/PefDecoder.cpp
Examining data/darktable-3.2.1/src/external/rawspeed/src/librawspeed/decoders/OrfDecoder.h
Examining data/darktable-3.2.1/src/external/rawspeed/src/librawspeed/decoders/OrfDecoder.cpp
Examining data/darktable-3.2.1/src/external/rawspeed/src/librawspeed/decoders/NefDecoder.h
Examining data/darktable-3.2.1/src/external/rawspeed/src/librawspeed/decoders/NefDecoder.cpp
Examining data/darktable-3.2.1/src/external/rawspeed/src/librawspeed/decoders/NakedDecoder.h
Examining data/darktable-3.2.1/src/external/rawspeed/src/librawspeed/decoders/NakedDecoder.cpp
Examining data/darktable-3.2.1/src/external/rawspeed/src/librawspeed/decoders/MrwDecoder.h
Examining data/darktable-3.2.1/src/external/rawspeed/src/librawspeed/decoders/MrwDecoder.cpp
Examining data/darktable-3.2.1/src/external/rawspeed/src/librawspeed/decoders/MosDecoder.h
Examining data/darktable-3.2.1/src/external/rawspeed/src/librawspeed/decoders/MosDecoder.cpp
Examining data/darktable-3.2.1/src/external/rawspeed/src/librawspeed/decoders/MefDecoder.h
Examining data/darktable-3.2.1/src/external/rawspeed/src/librawspeed/decoders/MefDecoder.cpp
Examining data/darktable-3.2.1/src/external/rawspeed/src/librawspeed/decoders/KdcDecoder.h
Examining data/darktable-3.2.1/src/external/rawspeed/src/librawspeed/decoders/KdcDecoder.cpp
Examining data/darktable-3.2.1/src/external/rawspeed/src/librawspeed/decoders/IiqDecoder.h
Examining data/darktable-3.2.1/src/external/rawspeed/src/librawspeed/decoders/IiqDecoder.cpp
Examining data/darktable-3.2.1/src/external/rawspeed/src/librawspeed/decoders/ErfDecoder.h
Examining data/darktable-3.2.1/src/external/rawspeed/src/librawspeed/decoders/ErfDecoder.cpp
Examining data/darktable-3.2.1/src/external/rawspeed/src/librawspeed/decoders/DngDecoder.h
Examining data/darktable-3.2.1/src/external/rawspeed/src/librawspeed/decoders/DngDecoder.cpp
Examining data/darktable-3.2.1/src/external/rawspeed/src/librawspeed/decoders/DcsDecoder.h
Examining data/darktable-3.2.1/src/external/rawspeed/src/librawspeed/decoders/DcsDecoder.cpp
Examining data/darktable-3.2.1/src/external/rawspeed/src/librawspeed/decoders/DcrDecoder.h
Examining data/darktable-3.2.1/src/external/rawspeed/src/librawspeed/decoders/DcrDecoder.cpp
Examining data/darktable-3.2.1/src/external/rawspeed/src/librawspeed/decoders/CrwDecoder.h
Examining data/darktable-3.2.1/src/external/rawspeed/src/librawspeed/decoders/CrwDecoder.cpp
Examining data/darktable-3.2.1/src/external/rawspeed/src/librawspeed/decoders/Cr2Decoder.h
Examining data/darktable-3.2.1/src/external/rawspeed/src/librawspeed/decoders/Cr2Decoder.cpp
Examining data/darktable-3.2.1/src/external/rawspeed/src/librawspeed/decoders/ArwDecoder.h
Examining data/darktable-3.2.1/src/external/rawspeed/src/librawspeed/decoders/ArwDecoder.cpp
Examining data/darktable-3.2.1/src/external/rawspeed/src/librawspeed/decoders/AbstractTiffDecoder.h
Examining data/darktable-3.2.1/src/external/rawspeed/src/librawspeed/decoders/AbstractTiffDecoder.cpp
Examining data/darktable-3.2.1/src/external/rawspeed/src/librawspeed/common/TableLookUp.h
Examining data/darktable-3.2.1/src/external/rawspeed/src/librawspeed/common/TableLookUp.cpp
Examining data/darktable-3.2.1/src/external/rawspeed/src/librawspeed/common/Spline.h
Examining data/darktable-3.2.1/src/external/rawspeed/src/librawspeed/common/SimpleLUT.h
Examining data/darktable-3.2.1/src/external/rawspeed/src/librawspeed/common/RawspeedException.h
Examining data/darktable-3.2.1/src/external/rawspeed/src/librawspeed/common/RawImageDataU16.cpp
Examining data/darktable-3.2.1/src/external/rawspeed/src/librawspeed/common/RawImageDataFloat.cpp
Examining data/darktable-3.2.1/src/external/rawspeed/src/librawspeed/common/RawImage.h
Examining data/darktable-3.2.1/src/external/rawspeed/src/librawspeed/common/RawImage.cpp
Examining data/darktable-3.2.1/src/external/rawspeed/src/librawspeed/common/Range.h
Examining data/darktable-3.2.1/src/external/rawspeed/src/librawspeed/common/Point.h
Examining data/darktable-3.2.1/src/external/rawspeed/src/librawspeed/common/Optional.h
Examining data/darktable-3.2.1/src/external/rawspeed/src/librawspeed/common/NORangesSet.h
Examining data/darktable-3.2.1/src/external/rawspeed/src/librawspeed/common/Mutex.h
Examining data/darktable-3.2.1/src/external/rawspeed/src/librawspeed/common/Memory.h
Examining data/darktable-3.2.1/src/external/rawspeed/src/librawspeed/common/Memory.cpp
Examining data/darktable-3.2.1/src/external/rawspeed/src/librawspeed/common/GetNumberOfProcessorCores.cpp
Examining data/darktable-3.2.1/src/external/rawspeed/src/librawspeed/common/ErrorLog.h
Examining data/darktable-3.2.1/src/external/rawspeed/src/librawspeed/common/ErrorLog.cpp
Examining data/darktable-3.2.1/src/external/rawspeed/src/librawspeed/common/DngOpcodes.h
Examining data/darktable-3.2.1/src/external/rawspeed/src/librawspeed/common/DngOpcodes.cpp
Examining data/darktable-3.2.1/src/external/rawspeed/src/librawspeed/common/DefaultInitAllocatorAdaptor.h
Examining data/darktable-3.2.1/src/external/rawspeed/src/librawspeed/common/Cpuid.h
Examining data/darktable-3.2.1/src/external/rawspeed/src/librawspeed/common/Cpuid.cpp
Examining data/darktable-3.2.1/src/external/rawspeed/src/librawspeed/common/Common.h
Examining data/darktable-3.2.1/src/external/rawspeed/src/librawspeed/common/Common.cpp
Examining data/darktable-3.2.1/src/external/rawspeed/src/librawspeed/common/ChecksumFile.h
Examining data/darktable-3.2.1/src/external/rawspeed/src/librawspeed/common/ChecksumFile.cpp
Examining data/darktable-3.2.1/src/external/rawspeed/src/librawspeed/common/Array2DRef.h
Examining data/darktable-3.2.1/src/external/rawspeed/src/librawspeed/RawSpeed-API.h
Examining data/darktable-3.2.1/src/external/rawspeed/src/external/ThreadSafetyAnalysis.h
Examining data/darktable-3.2.1/src/external/rawspeed/src/external/MemorySanitizer.h
Examining data/darktable-3.2.1/src/external/rawspeed/src/external/AddressSanitizer.h
Examining data/darktable-3.2.1/src/external/rawspeed/lnt/RawSpeed.cpp
Examining data/darktable-3.2.1/src/external/rawspeed/fuzz/rawspeed/main.cpp
Examining data/darktable-3.2.1/src/external/rawspeed/fuzz/librawspeed/parsers/main.cpp
Examining data/darktable-3.2.1/src/external/rawspeed/fuzz/librawspeed/fuzz/RawSpeed.cpp
Examining data/darktable-3.2.1/src/external/rawspeed/fuzz/librawspeed/fuzz/Common.h
Examining data/darktable-3.2.1/src/external/rawspeed/fuzz/librawspeed/fuzz/Common.cpp
Examining data/darktable-3.2.1/src/external/rawspeed/fuzz/librawspeed/decompressors/VC5Decompressor.cpp
Examining data/darktable-3.2.1/src/external/rawspeed/fuzz/librawspeed/decompressors/SonyArw2Decompressor.cpp
Examining data/darktable-3.2.1/src/external/rawspeed/fuzz/librawspeed/decompressors/SonyArw1Decompressor.cpp
Examining data/darktable-3.2.1/src/external/rawspeed/fuzz/librawspeed/decompressors/SamsungV2Decompressor.cpp
Examining data/darktable-3.2.1/src/external/rawspeed/fuzz/librawspeed/decompressors/SamsungV1Decompressor.cpp
Examining data/darktable-3.2.1/src/external/rawspeed/fuzz/librawspeed/decompressors/SamsungV0Decompressor.cpp
Examining data/darktable-3.2.1/src/external/rawspeed/fuzz/librawspeed/decompressors/PhaseOneDecompressor.cpp
Examining data/darktable-3.2.1/src/external/rawspeed/fuzz/librawspeed/decompressors/PentaxDecompressor.cpp
Examining data/darktable-3.2.1/src/external/rawspeed/fuzz/librawspeed/decompressors/PanasonicDecompressorV6.cpp
Examining data/darktable-3.2.1/src/external/rawspeed/fuzz/librawspeed/decompressors/PanasonicDecompressorV5.cpp
Examining data/darktable-3.2.1/src/external/rawspeed/fuzz/librawspeed/decompressors/PanasonicDecompressorV4.cpp
Examining data/darktable-3.2.1/src/external/rawspeed/fuzz/librawspeed/decompressors/OlympusDecompressor.cpp
Examining data/darktable-3.2.1/src/external/rawspeed/fuzz/librawspeed/decompressors/NikonDecompressor.cpp
Examining data/darktable-3.2.1/src/external/rawspeed/fuzz/librawspeed/decompressors/LJpegDecompressor.cpp
Examining data/darktable-3.2.1/src/external/rawspeed/fuzz/librawspeed/decompressors/KodakDecompressor.cpp
Examining data/darktable-3.2.1/src/external/rawspeed/fuzz/librawspeed/decompressors/HuffmanTable/Solo.cpp
Examining data/darktable-3.2.1/src/external/rawspeed/fuzz/librawspeed/decompressors/HuffmanTable/Dual.cpp
Examining data/darktable-3.2.1/src/external/rawspeed/fuzz/librawspeed/decompressors/HuffmanTable/Common.h
Examining data/darktable-3.2.1/src/external/rawspeed/fuzz/librawspeed/decompressors/HasselbladDecompressor.cpp
Examining data/darktable-3.2.1/src/external/rawspeed/fuzz/librawspeed/decompressors/FujiDecompressor.cpp
Examining data/darktable-3.2.1/src/external/rawspeed/fuzz/librawspeed/decompressors/DummyLJpegDecompressor.cpp
Examining data/darktable-3.2.1/src/external/rawspeed/fuzz/librawspeed/decompressors/CrwDecompressor.cpp
Examining data/darktable-3.2.1/src/external/rawspeed/fuzz/librawspeed/decompressors/Cr2Decompressor.cpp
Examining data/darktable-3.2.1/src/external/rawspeed/fuzz/librawspeed/decoders/TiffDecoders/main.cpp
Examining data/darktable-3.2.1/src/external/rawspeed/fuzz/libFuzzer_dummy_main.cpp
Examining data/darktable-3.2.1/src/external/rawspeed/bench/librawspeed/metadata/CameraMetaDataBenchmark.cpp
Examining data/darktable-3.2.1/src/external/rawspeed/bench/librawspeed/io/BitStreamBenchmark.cpp
Examining data/darktable-3.2.1/src/external/rawspeed/bench/librawspeed/interpolators/Cr2sRawInterpolatorBenchmark.cpp
Examining data/darktable-3.2.1/src/external/rawspeed/bench/librawspeed/decompressors/DeflateDecompressorBenchmark.cpp
Examining data/darktable-3.2.1/src/external/rawspeed/bench/librawspeed/common/DefaultInitAllocatorAdaptorBenchmark.cpp
Examining data/darktable-3.2.1/src/external/rawspeed/bench/librawspeed/bench/Common.h
Examining data/darktable-3.2.1/src/external/rawspeed/bench/librawspeed/bench/Common.cpp
Examining data/darktable-3.2.1/src/external/lua/src/lzio.h
Examining data/darktable-3.2.1/src/external/lua/src/lzio.c
Examining data/darktable-3.2.1/src/external/lua/src/lvm.h
Examining data/darktable-3.2.1/src/external/lua/src/lvm.c
Examining data/darktable-3.2.1/src/external/lua/src/lutf8lib.c
Examining data/darktable-3.2.1/src/external/lua/src/lundump.h
Examining data/darktable-3.2.1/src/external/lua/src/lundump.c
Examining data/darktable-3.2.1/src/external/lua/src/lualib.h
Examining data/darktable-3.2.1/src/external/lua/src/luaconf.h
Examining data/darktable-3.2.1/src/external/lua/src/luac.c
Examining data/darktable-3.2.1/src/external/lua/src/lua.hpp
Examining data/darktable-3.2.1/src/external/lua/src/lua.h
Examining data/darktable-3.2.1/src/external/lua/src/lua.c
Examining data/darktable-3.2.1/src/external/lua/src/ltm.h
Examining data/darktable-3.2.1/src/external/lua/src/ltm.c
Examining data/darktable-3.2.1/src/external/lua/src/ltablib.c
Examining data/darktable-3.2.1/src/external/lua/src/ltable.h
Examining data/darktable-3.2.1/src/external/lua/src/ltable.c
Examining data/darktable-3.2.1/src/external/lua/src/lstrlib.c
Examining data/darktable-3.2.1/src/external/lua/src/lstring.h
Examining data/darktable-3.2.1/src/external/lua/src/lstring.c
Examining data/darktable-3.2.1/src/external/lua/src/lstate.h
Examining data/darktable-3.2.1/src/external/lua/src/lstate.c
Examining data/darktable-3.2.1/src/external/lua/src/lprefix.h
Examining data/darktable-3.2.1/src/external/lua/src/lparser.h
Examining data/darktable-3.2.1/src/external/lua/src/lparser.c
Examining data/darktable-3.2.1/src/external/lua/src/loslib.c
Examining data/darktable-3.2.1/src/external/lua/src/lopcodes.h
Examining data/darktable-3.2.1/src/external/lua/src/lopcodes.c
Examining data/darktable-3.2.1/src/external/lua/src/lobject.h
Examining data/darktable-3.2.1/src/external/lua/src/lobject.c
Examining data/darktable-3.2.1/src/external/lua/src/loadlib.c
Examining data/darktable-3.2.1/src/external/lua/src/lmem.h
Examining data/darktable-3.2.1/src/external/lua/src/lmem.c
Examining data/darktable-3.2.1/src/external/lua/src/lmathlib.c
Examining data/darktable-3.2.1/src/external/lua/src/llimits.h
Examining data/darktable-3.2.1/src/external/lua/src/llex.h
Examining data/darktable-3.2.1/src/external/lua/src/llex.c
Examining data/darktable-3.2.1/src/external/lua/src/liolib.c
Examining data/darktable-3.2.1/src/external/lua/src/linit.c
Examining data/darktable-3.2.1/src/external/lua/src/lgc.h
Examining data/darktable-3.2.1/src/external/lua/src/lgc.c
Examining data/darktable-3.2.1/src/external/lua/src/lfunc.h
Examining data/darktable-3.2.1/src/external/lua/src/lfunc.c
Examining data/darktable-3.2.1/src/external/lua/src/ldump.c
Examining data/darktable-3.2.1/src/external/lua/src/ldo.h
Examining data/darktable-3.2.1/src/external/lua/src/ldo.c
Examining data/darktable-3.2.1/src/external/lua/src/ldebug.h
Examining data/darktable-3.2.1/src/external/lua/src/ldebug.c
Examining data/darktable-3.2.1/src/external/lua/src/ldblib.c
Examining data/darktable-3.2.1/src/external/lua/src/lctype.h
Examining data/darktable-3.2.1/src/external/lua/src/lctype.c
Examining data/darktable-3.2.1/src/external/lua/src/lcorolib.c
Examining data/darktable-3.2.1/src/external/lua/src/lcode.h
Examining data/darktable-3.2.1/src/external/lua/src/lcode.c
Examining data/darktable-3.2.1/src/external/lua/src/lbitlib.c
Examining data/darktable-3.2.1/src/external/lua/src/lbaselib.c
Examining data/darktable-3.2.1/src/external/lua/src/lauxlib.h
Examining data/darktable-3.2.1/src/external/lua/src/lauxlib.c
Examining data/darktable-3.2.1/src/external/lua/src/lapi.h
Examining data/darktable-3.2.1/src/external/lua/src/lapi.c
Examining data/darktable-3.2.1/src/external/libxcf/xcf_names.h
Examining data/darktable-3.2.1/src/external/libxcf/xcf_names.c
Examining data/darktable-3.2.1/src/external/libxcf/xcf.h
Examining data/darktable-3.2.1/src/external/libxcf/xcf.c
Examining data/darktable-3.2.1/src/external/cie_colorimetric_tables.c
Examining data/darktable-3.2.1/src/external/adobe_coeff.c
Examining data/darktable-3.2.1/src/external/ThreadSafetyAnalysis.h
Examining data/darktable-3.2.1/src/external/OpenCL/CL/opencl.h
Examining data/darktable-3.2.1/src/external/OpenCL/CL/cl_version.h
Examining data/darktable-3.2.1/src/external/OpenCL/CL/cl_va_api_media_sharing_intel.h
Examining data/darktable-3.2.1/src/external/OpenCL/CL/cl_platform.h
Examining data/darktable-3.2.1/src/external/OpenCL/CL/cl_gl_ext.h
Examining data/darktable-3.2.1/src/external/OpenCL/CL/cl_gl.h
Examining data/darktable-3.2.1/src/external/OpenCL/CL/cl_ext_intel.h
Examining data/darktable-3.2.1/src/external/OpenCL/CL/cl_ext.h
Examining data/darktable-3.2.1/src/external/OpenCL/CL/cl_egl.h
Examining data/darktable-3.2.1/src/external/OpenCL/CL/cl_dx9_media_sharing_intel.h
Examining data/darktable-3.2.1/src/external/OpenCL/CL/cl_dx9_media_sharing.h
Examining data/darktable-3.2.1/src/external/OpenCL/CL/cl_d3d11.h
Examining data/darktable-3.2.1/src/external/OpenCL/CL/cl_d3d10.h
Examining data/darktable-3.2.1/src/external/OpenCL/CL/cl.h
Examining data/darktable-3.2.1/src/external/LuaAutoC/lautocall.h
Examining data/darktable-3.2.1/src/external/LuaAutoC/lautoc.h
Examining data/darktable-3.2.1/src/external/LuaAutoC/lautoc.c
Examining data/darktable-3.2.1/src/external/LuaAutoC/examples/example_unnested.c
Examining data/darktable-3.2.1/src/external/LuaAutoC/examples/example_struct.c
Examining data/darktable-3.2.1/src/external/LuaAutoC/examples/example_mod.c
Examining data/darktable-3.2.1/src/external/LuaAutoC/examples/example_func.c
Examining data/darktable-3.2.1/src/external/LuaAutoC/examples/example_enum.c
Examining data/darktable-3.2.1/src/external/LuaAutoC/examples/example_embed.c
Examining data/darktable-3.2.1/src/external/LuaAutoC/examples/example_convert.c
Examining data/darktable-3.2.1/src/external/LuaAutoC/examples/example_basic.c
Examining data/darktable-3.2.1/src/dtgtk/togglebutton.h
Examining data/darktable-3.2.1/src/dtgtk/togglebutton.c
Examining data/darktable-3.2.1/src/dtgtk/thumbtable.h
Examining data/darktable-3.2.1/src/dtgtk/thumbtable.c
Examining data/darktable-3.2.1/src/dtgtk/thumbnail_btn.h
Examining data/darktable-3.2.1/src/dtgtk/thumbnail_btn.c
Examining data/darktable-3.2.1/src/dtgtk/thumbnail.h
Examining data/darktable-3.2.1/src/dtgtk/thumbnail.c
Examining data/darktable-3.2.1/src/dtgtk/sidepanel.h
Examining data/darktable-3.2.1/src/dtgtk/sidepanel.c
Examining data/darktable-3.2.1/src/dtgtk/resetlabel.h
Examining data/darktable-3.2.1/src/dtgtk/resetlabel.c
Examining data/darktable-3.2.1/src/dtgtk/paint.h
Examining data/darktable-3.2.1/src/dtgtk/paint.c
Examining data/darktable-3.2.1/src/dtgtk/icon.h
Examining data/darktable-3.2.1/src/dtgtk/icon.c
Examining data/darktable-3.2.1/src/dtgtk/gradientslider.h
Examining data/darktable-3.2.1/src/dtgtk/gradientslider.c
Examining data/darktable-3.2.1/src/dtgtk/expander.h
Examining data/darktable-3.2.1/src/dtgtk/expander.c
Examining data/darktable-3.2.1/src/dtgtk/drawingarea.h
Examining data/darktable-3.2.1/src/dtgtk/drawingarea.c
Examining data/darktable-3.2.1/src/dtgtk/culling.h
Examining data/darktable-3.2.1/src/dtgtk/culling.c
Examining data/darktable-3.2.1/src/dtgtk/button.h
Examining data/darktable-3.2.1/src/dtgtk/button.c
Examining data/darktable-3.2.1/src/develop/tiling.h
Examining data/darktable-3.2.1/src/develop/tiling.c
Examining data/darktable-3.2.1/src/develop/pixelpipe_hb.h
Examining data/darktable-3.2.1/src/develop/pixelpipe_hb.c
Examining data/darktable-3.2.1/src/develop/pixelpipe_cache.h
Examining data/darktable-3.2.1/src/develop/pixelpipe_cache.c
Examining data/darktable-3.2.1/src/develop/pixelpipe.h
Examining data/darktable-3.2.1/src/develop/pixelpipe.c
Examining data/darktable-3.2.1/src/develop/masks/path.c
Examining data/darktable-3.2.1/src/develop/masks/masks.c
Examining data/darktable-3.2.1/src/develop/masks/group.c
Examining data/darktable-3.2.1/src/develop/masks/gradient.c
Examining data/darktable-3.2.1/src/develop/masks/ellipse.c
Examining data/darktable-3.2.1/src/develop/masks/circle.c
Examining data/darktable-3.2.1/src/develop/masks/brush.c
Examining data/darktable-3.2.1/src/develop/masks.h
Examining data/darktable-3.2.1/src/develop/lightroom.h
Examining data/darktable-3.2.1/src/develop/lightroom.c
Examining data/darktable-3.2.1/src/develop/imageop_math.h
Examining data/darktable-3.2.1/src/develop/imageop_math.c
Examining data/darktable-3.2.1/src/develop/imageop_gui.h
Examining data/darktable-3.2.1/src/develop/imageop_gui.c
Examining data/darktable-3.2.1/src/develop/imageop.h
Examining data/darktable-3.2.1/src/develop/imageop.c
Examining data/darktable-3.2.1/src/develop/format.h
Examining data/darktable-3.2.1/src/develop/format.c
Examining data/darktable-3.2.1/src/develop/develop.h
Examining data/darktable-3.2.1/src/develop/develop.c
Examining data/darktable-3.2.1/src/develop/blend_gui.c
Examining data/darktable-3.2.1/src/develop/blend.h
Examining data/darktable-3.2.1/src/develop/blend.c
Examining data/darktable-3.2.1/src/control/signal.h
Examining data/darktable-3.2.1/src/control/signal.c
Examining data/darktable-3.2.1/src/control/settings.h
Examining data/darktable-3.2.1/src/control/progress.h
Examining data/darktable-3.2.1/src/control/progress.c
Examining data/darktable-3.2.1/src/control/jobs/image_jobs.h
Examining data/darktable-3.2.1/src/control/jobs/image_jobs.c
Examining data/darktable-3.2.1/src/control/jobs/film_jobs.h
Examining data/darktable-3.2.1/src/control/jobs/film_jobs.c
Examining data/darktable-3.2.1/src/control/jobs/develop_jobs.h
Examining data/darktable-3.2.1/src/control/jobs/develop_jobs.c
Examining data/darktable-3.2.1/src/control/jobs/control_jobs.h
Examining data/darktable-3.2.1/src/control/jobs/control_jobs.c
Examining data/darktable-3.2.1/src/control/jobs/camera_jobs.h
Examining data/darktable-3.2.1/src/control/jobs/camera_jobs.c
Examining data/darktable-3.2.1/src/control/jobs.h
Examining data/darktable-3.2.1/src/control/jobs.c
Examining data/darktable-3.2.1/src/control/crawler.h
Examining data/darktable-3.2.1/src/control/crawler.c
Examining data/darktable-3.2.1/src/control/control.h
Examining data/darktable-3.2.1/src/control/control.c
Examining data/darktable-3.2.1/src/control/conf.h
Examining data/darktable-3.2.1/src/control/conf.c
Examining data/darktable-3.2.1/src/config.cmake.h
Examining data/darktable-3.2.1/src/common/variables.h
Examining data/darktable-3.2.1/src/common/variables.c
Examining data/darktable-3.2.1/src/common/utility.h
Examining data/darktable-3.2.1/src/common/utility.c
Examining data/darktable-3.2.1/src/common/usermanual_url.h
Examining data/darktable-3.2.1/src/common/usermanual_url.c
Examining data/darktable-3.2.1/src/common/undo.h
Examining data/darktable-3.2.1/src/common/undo.c
Examining data/darktable-3.2.1/src/common/tags.h
Examining data/darktable-3.2.1/src/common/tags.c
Examining data/darktable-3.2.1/src/common/system_signal_handling.h
Examining data/darktable-3.2.1/src/common/system_signal_handling.c
Examining data/darktable-3.2.1/src/common/styles.h
Examining data/darktable-3.2.1/src/common/styles.c
Examining data/darktable-3.2.1/src/common/sse.h
Examining data/darktable-3.2.1/src/common/srgb_tone_curve_values.h
Examining data/darktable-3.2.1/src/common/splines.h
Examining data/darktable-3.2.1/src/common/splines.cpp
Examining data/darktable-3.2.1/src/common/selection.h
Examining data/darktable-3.2.1/src/common/selection.c
Examining data/darktable-3.2.1/src/common/rgb_norms.h
Examining data/darktable-3.2.1/src/common/resource_limits.h
Examining data/darktable-3.2.1/src/common/resource_limits.c
Examining data/darktable-3.2.1/src/common/ratings.h
Examining data/darktable-3.2.1/src/common/ratings.c
Examining data/darktable-3.2.1/src/common/pwstorage/pwstorage.h
Examining data/darktable-3.2.1/src/common/pwstorage/pwstorage.c
Examining data/darktable-3.2.1/src/common/pwstorage/backend_libsecret.h
Examining data/darktable-3.2.1/src/common/pwstorage/backend_libsecret.c
Examining data/darktable-3.2.1/src/common/pwstorage/backend_kwallet.h
Examining data/darktable-3.2.1/src/common/pwstorage/backend_kwallet.c
Examining data/darktable-3.2.1/src/common/profiling.h
Examining data/darktable-3.2.1/src/common/profiling.c
Examining data/darktable-3.2.1/src/common/printprof.h
Examining data/darktable-3.2.1/src/common/printprof.c
Examining data/darktable-3.2.1/src/common/presets.h
Examining data/darktable-3.2.1/src/common/presets.c
Examining data/darktable-3.2.1/src/common/poison.h
Examining data/darktable-3.2.1/src/common/points.h
Examining data/darktable-3.2.1/src/common/pdf.h
Examining data/darktable-3.2.1/src/common/pdf.c
Examining data/darktable-3.2.1/src/common/opencl_drivers_blacklist.h
Examining data/darktable-3.2.1/src/common/opencl.h
Examining data/darktable-3.2.1/src/common/opencl.c
Examining data/darktable-3.2.1/src/common/nvidia_gpus.h
Examining data/darktable-3.2.1/src/common/noiseprofiles.h
Examining data/darktable-3.2.1/src/common/noiseprofiles.c
Examining data/darktable-3.2.1/src/common/module_api.h
Examining data/darktable-3.2.1/src/common/module.h
Examining data/darktable-3.2.1/src/common/module.c
Examining data/darktable-3.2.1/src/common/mipmap_cache.h
Examining data/darktable-3.2.1/src/common/mipmap_cache.c
Examining data/darktable-3.2.1/src/common/metadata_export.h
Examining data/darktable-3.2.1/src/common/metadata_export.c
Examining data/darktable-3.2.1/src/common/metadata.h
Examining data/darktable-3.2.1/src/common/metadata.c
Examining data/darktable-3.2.1/src/common/matrices.c
Examining data/darktable-3.2.1/src/common/math.h
Examining data/darktable-3.2.1/src/common/luminance_mask.h
Examining data/darktable-3.2.1/src/common/locallaplaciancl.h
Examining data/darktable-3.2.1/src/common/locallaplaciancl.c
Examining data/darktable-3.2.1/src/common/locallaplacian.h
Examining data/darktable-3.2.1/src/common/locallaplacian.c
Examining data/darktable-3.2.1/src/common/l10n.h
Examining data/darktable-3.2.1/src/common/l10n.c
Examining data/darktable-3.2.1/src/common/iop_profile.h
Examining data/darktable-3.2.1/src/common/iop_profile.c
Examining data/darktable-3.2.1/src/common/iop_order.h
Examining data/darktable-3.2.1/src/common/iop_order.c
Examining data/darktable-3.2.1/src/common/iop_group.h
Examining data/darktable-3.2.1/src/common/iop_group.c
Examining data/darktable-3.2.1/src/common/introspection.h
Examining data/darktable-3.2.1/src/common/interpolation.h
Examining data/darktable-3.2.1/src/common/interpolation.c
Examining data/darktable-3.2.1/src/common/import_session.h
Examining data/darktable-3.2.1/src/common/import_session.c
Examining data/darktable-3.2.1/src/common/imageio_tiff.h
Examining data/darktable-3.2.1/src/common/imageio_tiff.c
Examining data/darktable-3.2.1/src/common/imageio_rgbe.h
Examining data/darktable-3.2.1/src/common/imageio_rgbe.c
Examining data/darktable-3.2.1/src/common/imageio_rawspeed.h
Examining data/darktable-3.2.1/src/common/imageio_rawspeed.cc
Examining data/darktable-3.2.1/src/common/imageio_pnm.h
Examining data/darktable-3.2.1/src/common/imageio_pnm.c
Examining data/darktable-3.2.1/src/common/imageio_png.h
Examining data/darktable-3.2.1/src/common/imageio_png.c
Examining data/darktable-3.2.1/src/common/imageio_pfm.h
Examining data/darktable-3.2.1/src/common/imageio_pfm.c
Examining data/darktable-3.2.1/src/common/imageio_module.h
Examining data/darktable-3.2.1/src/common/imageio_module.c
Examining data/darktable-3.2.1/src/common/imageio_jpeg.h
Examining data/darktable-3.2.1/src/common/imageio_jpeg.c
Examining data/darktable-3.2.1/src/common/imageio_j2k.h
Examining data/darktable-3.2.1/src/common/imageio_j2k.c
Examining data/darktable-3.2.1/src/common/imageio_im.h
Examining data/darktable-3.2.1/src/common/imageio_im.c
Examining data/darktable-3.2.1/src/common/imageio_gm.h
Examining data/darktable-3.2.1/src/common/imageio_gm.c
Examining data/darktable-3.2.1/src/common/imageio_exr.h
Examining data/darktable-3.2.1/src/common/imageio_exr.cc
Examining data/darktable-3.2.1/src/common/imageio_dng.h
Examining data/darktable-3.2.1/src/common/imageio_avif.h
Examining data/darktable-3.2.1/src/common/imageio_avif.c
Examining data/darktable-3.2.1/src/common/imageio.h
Examining data/darktable-3.2.1/src/common/imageio.c
Examining data/darktable-3.2.1/src/common/image_compression.h
Examining data/darktable-3.2.1/src/common/image_compression.c
Examining data/darktable-3.2.1/src/common/image_cache.h
Examining data/darktable-3.2.1/src/common/image_cache.c
Examining data/darktable-3.2.1/src/common/image.h
Examining data/darktable-3.2.1/src/common/image.c
Examining data/darktable-3.2.1/src/common/illuminants.h
Examining data/darktable-3.2.1/src/common/http_server.h
Examining data/darktable-3.2.1/src/common/http_server.c
Examining data/darktable-3.2.1/src/common/history_snapshot.h
Examining data/darktable-3.2.1/src/common/history_snapshot.c
Examining data/darktable-3.2.1/src/common/history.h
Examining data/darktable-3.2.1/src/common/history.c
Examining data/darktable-3.2.1/src/common/histogram.h
Examining data/darktable-3.2.1/src/common/histogram.c
Examining data/darktable-3.2.1/src/common/heap.h
Examining data/darktable-3.2.1/src/common/heal.h
Examining data/darktable-3.2.1/src/common/heal.c
Examining data/darktable-3.2.1/src/common/guided_filter.h
Examining data/darktable-3.2.1/src/common/guided_filter.c
Examining data/darktable-3.2.1/src/common/grouping.h
Examining data/darktable-3.2.1/src/common/grouping.c
Examining data/darktable-3.2.1/src/common/grealpath.h
Examining data/darktable-3.2.1/src/common/gpx.h
Examining data/darktable-3.2.1/src/common/gpx.c
Examining data/darktable-3.2.1/src/common/geo.h
Examining data/darktable-3.2.1/src/common/gaussian.h
Examining data/darktable-3.2.1/src/common/gaussian.c
Examining data/darktable-3.2.1/src/common/focus_peaking.h
Examining data/darktable-3.2.1/src/common/focus.h
Examining data/darktable-3.2.1/src/common/film.h
Examining data/darktable-3.2.1/src/common/film.c
Examining data/darktable-3.2.1/src/common/file_location.h
Examining data/darktable-3.2.1/src/common/file_location.c
Examining data/darktable-3.2.1/src/common/fast_guided_filter.h
Examining data/darktable-3.2.1/src/common/exif.h
Examining data/darktable-3.2.1/src/common/exif.cc
Examining data/darktable-3.2.1/src/common/dynload.h
Examining data/darktable-3.2.1/src/common/dynload.c
Examining data/darktable-3.2.1/src/common/dwt.h
Examining data/darktable-3.2.1/src/common/dwt.c
Examining data/darktable-3.2.1/src/common/dtpthread.h
Examining data/darktable-3.2.1/src/common/dtpthread.c
Examining data/darktable-3.2.1/src/common/dlopencl.h
Examining data/darktable-3.2.1/src/common/dlopencl.c
Examining data/darktable-3.2.1/src/common/debug.h
Examining data/darktable-3.2.1/src/common/dbus.h
Examining data/darktable-3.2.1/src/common/dbus.c
Examining data/darktable-3.2.1/src/common/database.h
Examining data/darktable-3.2.1/src/common/database.c
Examining data/darktable-3.2.1/src/common/darktable.h
Examining data/darktable-3.2.1/src/common/darktable.c
Examining data/darktable-3.2.1/src/common/curve_tools.h
Examining data/darktable-3.2.1/src/common/curve_tools.c
Examining data/darktable-3.2.1/src/common/curl_tools.h
Examining data/darktable-3.2.1/src/common/curl_tools.c
Examining data/darktable-3.2.1/src/common/cups_print.h
Examining data/darktable-3.2.1/src/common/cups_print.c
Examining data/darktable-3.2.1/src/common/cpuid.h
Examining data/darktable-3.2.1/src/common/cpuid.c
Examining data/darktable-3.2.1/src/common/colorspaces_inline_conversions.h
Examining data/darktable-3.2.1/src/common/colorspaces.h
Examining data/darktable-3.2.1/src/common/colorspaces.c
Examining data/darktable-3.2.1/src/common/colormatrices.c
Examining data/darktable-3.2.1/src/common/colorlabels.h
Examining data/darktable-3.2.1/src/common/colorlabels.c
Examining data/darktable-3.2.1/src/common/color_picker.h
Examining data/darktable-3.2.1/src/common/color_picker.c
Examining data/darktable-3.2.1/src/common/collection.h
Examining data/darktable-3.2.1/src/common/collection.c
Examining data/darktable-3.2.1/src/common/camera_control.h
Examining data/darktable-3.2.1/src/common/camera_control.c
Examining data/darktable-3.2.1/src/common/calculator.h
Examining data/darktable-3.2.1/src/common/calculator.c
Examining data/darktable-3.2.1/src/common/cache.h
Examining data/darktable-3.2.1/src/common/cache.c
Examining data/darktable-3.2.1/src/common/bilateralcl.h
Examining data/darktable-3.2.1/src/common/bilateralcl.c
Examining data/darktable-3.2.1/src/common/bilateral.h
Examining data/darktable-3.2.1/src/common/bilateral.c
Examining data/darktable-3.2.1/src/cmstest/main.c
Examining data/darktable-3.2.1/src/cltest/main.c
Examining data/darktable-3.2.1/src/cli/main.c
Examining data/darktable-3.2.1/src/chart/tonecurve.h
Examining data/darktable-3.2.1/src/chart/tonecurve.c
Examining data/darktable-3.2.1/src/chart/thinplate.h
Examining data/darktable-3.2.1/src/chart/thinplate.c
Examining data/darktable-3.2.1/src/chart/pfm.h
Examining data/darktable-3.2.1/src/chart/pfm.c
Examining data/darktable-3.2.1/src/chart/main.c
Examining data/darktable-3.2.1/src/chart/dtcairo.h
Examining data/darktable-3.2.1/src/chart/dtcairo.c
Examining data/darktable-3.2.1/src/chart/deltaE.h
Examining data/darktable-3.2.1/src/chart/deltaE.c
Examining data/darktable-3.2.1/src/chart/common.h
Examining data/darktable-3.2.1/src/chart/common.c
Examining data/darktable-3.2.1/src/chart/colorchart.h
Examining data/darktable-3.2.1/src/chart/colorchart.c
Examining data/darktable-3.2.1/src/bauhaus/bauhaus.h
Examining data/darktable-3.2.1/src/bauhaus/bauhaus.c
Examining data/darktable-3.2.1/data/kernels/rgb_norms.h
Examining data/darktable-3.2.1/data/kernels/common.h
Examining data/darktable-3.2.1/cmake/modules/sse_test.c

FINAL RESULTS:

data/darktable-3.2.1/src/common/opencl.c:1647:22:  [5] (race) readlink:
  This accepts filename arguments; if an attacker can move those files or
  change the link content, a race condition results. Also, it does not
  terminate with ASCII NUL. (CWE-362, CWE-20). Reconsider approach.
    linkedfile_len = readlink(binname, linkedfile, sizeof(linkedfile) - 1);
data/darktable-3.2.1/src/common/camera_control.c:141:3:  [4] (format) vsnprintf:
  If format strings can be influenced by an attacker, they can be exploited,
  and note that sprintf variations do not always \0-terminate (CWE-134). Use
  a constant for the format specification.
  vsnprintf(log, sizeof(log), format, args);
data/darktable-3.2.1/src/common/camera_control.c:198:3:  [4] (format) vsnprintf:
  If format strings can be influenced by an attacker, they can be exploited,
  and note that sprintf variations do not always \0-terminate (CWE-134). Use
  a constant for the format specification.
  vsnprintf(buffer, sizeof(buffer), format, args);
data/darktable-3.2.1/src/common/camera_control.c:206:3:  [4] (format) vsnprintf:
  If format strings can be influenced by an attacker, they can be exploited,
  and note that sprintf variations do not always \0-terminate (CWE-134). Use
  a constant for the format specification.
  vsnprintf(buffer, sizeof(buffer), format, args);
data/darktable-3.2.1/src/common/camera_control.c:214:3:  [4] (format) vsnprintf:
  If format strings can be influenced by an attacker, they can be exploited,
  and note that sprintf variations do not always \0-terminate (CWE-134). Use
  a constant for the format specification.
  vsnprintf(buffer, sizeof(buffer), format, args);
data/darktable-3.2.1/src/common/darktable.c:505:9:  [4] (format) printf:
  If format strings can be influenced by an attacker, they can be exploited
  (CWE-134). Use a constant for the format specification.
        printf("this is %s\ncopyright (c) 2009-%s johannes hanika\n" PACKAGE_BUGREPORT "\n\ncompile options:\n"
data/darktable-3.2.1/src/common/darktable.c:1216:5:  [4] (format) vprintf:
  If format strings can be influenced by an attacker, they can be exploited
  (CWE-134). Use a constant for the format specification.
    vprintf(msg, ap);
data/darktable-3.2.1/src/common/darktable.c:1296:7:  [4] (format) vsnprintf:
  If format strings can be influenced by an attacker, they can be exploited,
  and note that sprintf variations do not always \0-terminate (CWE-134). Use
  a constant for the format specification.
      vsnprintf(buf + n, sizeof(buf) - n, suffix, ap);
data/darktable-3.2.1/src/common/darktable.h:297:85:  [4] (format) printf:
  If format strings can be influenced by an attacker, they can be exploited
  (CWE-134). Use a constant for the format specification.
void dt_print(dt_debug_thread_t thread, const char *msg, ...) __attribute__((format(printf, 2, 3)));
data/darktable-3.2.1/src/common/darktable.h:383:114:  [4] (format) printf:
  If format strings can be influenced by an attacker, they can be exploited
  (CWE-134). Use a constant for the format specification.
void dt_show_times_f(const dt_times_t *start, const char *prefix, const char *suffix, ...) __attribute__((format(printf, 3, 4)));
data/darktable-3.2.1/src/common/database.c:388:7:  [4] (format) fprintf:
  If format strings can be influenced by an attacker, they can be exploited
  (CWE-134). Use a constant for the format specification.
      fprintf(stderr, _message);                                                 \
data/darktable-3.2.1/src/common/database.c:401:7:  [4] (format) fprintf:
  If format strings can be influenced by an attacker, they can be exploited
  (CWE-134). Use a constant for the format specification.
      fprintf(stderr, _message);                                                 \
data/darktable-3.2.1/src/common/database.c:414:7:  [4] (format) fprintf:
  If format strings can be influenced by an attacker, they can be exploited
  (CWE-134). Use a constant for the format specification.
      fprintf(stderr, _message);                                                 \
data/darktable-3.2.1/src/common/database.c:2123:7:  [4] (format) fprintf:
  If format strings can be influenced by an attacker, they can be exploited
  (CWE-134). Use a constant for the format specification.
      fprintf(stderr, _message);                                                   \
data/darktable-3.2.1/src/common/database.c:2136:7:  [4] (format) fprintf:
  If format strings can be influenced by an attacker, they can be exploited
  (CWE-134). Use a constant for the format specification.
      fprintf(stderr, _message);                                                   \
data/darktable-3.2.1/src/common/database.c:2149:7:  [4] (format) fprintf:
  If format strings can be influenced by an attacker, they can be exploited
  (CWE-134). Use a constant for the format specification.
      fprintf(stderr, _message);                                                   \
data/darktable-3.2.1/src/common/database.c:2862:6:  [4] (race) access:
  This usually indicates a security flaw. If an attacker can change anything
  along the path between the call to access() and the file's actual use
  (e.g., by moving files), the attacker can exploit the race condition
  (CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
  and try to open the file directly.
  if(access(mipmapfilename, F_OK) != -1)
data/darktable-3.2.1/src/common/database.c:2869:8:  [4] (race) access:
  This usually indicates a security flaw. If an attacker can change anything
  along the path between the call to access() and the file's actual use
  (e.g., by moving files), the attacker can exploit the race condition
  (CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
  and try to open the file directly.
    if(access(mipmapfilename, F_OK) != -1) g_unlink(mipmapfilename);
data/darktable-3.2.1/src/common/imageio_tiff.c:238:3:  [4] (format) vfprintf:
  If format strings can be influenced by an attacker, they can be exploited
  (CWE-134). Use a constant for the format specification.
  vfprintf(stderr, fmt, ap);
data/darktable-3.2.1/src/common/interpolation.c:75:5:  [4] (format) fprintf:
  If format strings can be influenced by an attacker, they can be exploited
  (CWE-134). Use a constant for the format specification.
    fprintf(stderr, __VA_ARGS__);                                                                            \
data/darktable-3.2.1/src/common/interpolation.c:85:5:  [4] (format) fprintf:
  If format strings can be influenced by an attacker, they can be exploited
  (CWE-134). Use a constant for the format specification.
    fprintf(stderr, __VA_ARGS__);                                                                            \
data/darktable-3.2.1/src/common/opencl.c:435:16:  [4] (buffer) fscanf:
  The scanf() family's %s operation, without a limit specification, permits
  buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
  different input function. If the scanf format is influenceable by an
  attacker, it's exploitable.
      int rd = fscanf(f, confline_pattern, confentry);
data/darktable-3.2.1/src/common/pdf.c:593:24:  [4] (format) fprintf:
  If format strings can be influenced by an attacker, they can be exploited
  (CWE-134). Use a constant for the format specification.
        stream_size += fprintf(pdf->fd,
data/darktable-3.2.1/src/common/poison.h:16:20:  [4] (buffer) vsprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
#pragma GCC poison vsprintf // use vsnprintf
data/darktable-3.2.1/src/common/poison.h:17:20:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
#pragma GCC poison strcpy   // use g_strlcpy
data/darktable-3.2.1/src/common/poison.h:19:20:  [4] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused).
#pragma GCC poison strcat  // use g_strncat
data/darktable-3.2.1/src/common/styles.c:410:5:  [4] (format) snprintf:
  If format strings can be influenced by an attacker, they can be exploited,
  and note that sprintf variations do not always \0-terminate (CWE-134). Use
  a constant for the format specification.
    snprintf(tmp_accel, sizeof(tmp_accel), C_("accel", "styles/apply %s"), name);
data/darktable-3.2.1/src/common/styles.c:414:5:  [4] (format) snprintf:
  If format strings can be influenced by an attacker, they can be exploited,
  and note that sprintf variations do not always \0-terminate (CWE-134). Use
  a constant for the format specification.
    snprintf(tmp_accel, sizeof(tmp_accel), C_("accel", "styles/apply %s"), newname);
data/darktable-3.2.1/src/common/styles.c:501:5:  [4] (format) snprintf:
  If format strings can be influenced by an attacker, they can be exploited,
  and note that sprintf variations do not always \0-terminate (CWE-134). Use
  a constant for the format specification.
    snprintf(tmp_accel, sizeof(tmp_accel), C_("accel", "styles/apply %s"), newname);
data/darktable-3.2.1/src/common/styles.c:585:5:  [4] (format) snprintf:
  If format strings can be influenced by an attacker, they can be exploited,
  and note that sprintf variations do not always \0-terminate (CWE-134). Use
  a constant for the format specification.
    snprintf(tmp_accel, sizeof(tmp_accel), C_("accel", "styles/apply %s"), name);
data/darktable-3.2.1/src/common/styles.c:963:5:  [4] (format) snprintf:
  If format strings can be influenced by an attacker, they can be exploited,
  and note that sprintf variations do not always \0-terminate (CWE-134). Use
  a constant for the format specification.
    snprintf(tmp_accel, sizeof(tmp_accel), C_("accel", "styles/apply %s"), name);
data/darktable-3.2.1/src/common/styles.c:1535:7:  [4] (format) snprintf:
  If format strings can be influenced by an attacker, they can be exploited,
  and note that sprintf variations do not always \0-terminate (CWE-134). Use
  a constant for the format specification.
      snprintf(tmp_accel, sizeof(tmp_accel), C_("accel", "styles/apply %s"), style->name);
data/darktable-3.2.1/src/common/styles.c:1554:7:  [4] (format) snprintf:
  If format strings can be influenced by an attacker, they can be exploited,
  and note that sprintf variations do not always \0-terminate (CWE-134). Use
  a constant for the format specification.
      snprintf(tmp_accel, sizeof(tmp_accel), C_("accel", "styles/apply %s"), style->name);
data/darktable-3.2.1/src/common/system_signal_handling.c:73:72:  [4] (format) printf:
  If format strings can be influenced by an attacker, they can be exploited
  (CWE-134). Use a constant for the format specification.
static int dprintf(int fd, const char *fmt, ...) __attribute__((format(printf, 2, 3)))
data/darktable-3.2.1/src/common/system_signal_handling.c:78:12:  [4] (format) vfprintf:
  If format strings can be influenced by an attacker, they can be exploited
  (CWE-134). Use a constant for the format specification.
  int rc = vfprintf(f, fmt, ap);
data/darktable-3.2.1/src/common/system_signal_handling.c:119:10:  [4] (shell) execlp:
  This causes a new program to execute and is difficult to use safely
  (CWE-78). try using a library call that implements the same functionality
  if available.
      if(execlp("gdb", "gdb", darktable.progname, pid_arg, "-batch", "-ex", log_arg, "-x", comm_arg, NULL))
data/darktable-3.2.1/src/common/utility.h:25:84:  [4] (format) printf:
  If format strings can be influenced by an attacker, they can be exploited
  (CWE-134). Use a constant for the format specification.
gchar *dt_util_dstrcat(gchar *str, const gchar *format, ...) __attribute__((format(printf, 2, 3)));
data/darktable-3.2.1/src/control/control.c:463:3:  [4] (format) vsnprintf:
  If format strings can be influenced by an attacker, they can be exploited,
  and note that sprintf variations do not always \0-terminate (CWE-134). Use
  a constant for the format specification.
  vsnprintf(darktable.control->log_message[darktable.control->log_pos], DT_CTL_LOG_MSG_SIZE, msg, ap);
data/darktable-3.2.1/src/control/control.c:480:3:  [4] (format) vsnprintf:
  If format strings can be influenced by an attacker, they can be exploited,
  and note that sprintf variations do not always \0-terminate (CWE-134). Use
  a constant for the format specification.
  vsnprintf(darktable.control->toast_message[darktable.control->toast_pos], DT_CTL_TOAST_MSG_SIZE, msg, ap);
data/darktable-3.2.1/src/control/control.h:59:65:  [4] (format) printf:
  If format strings can be influenced by an attacker, they can be exploited
  (CWE-134). Use a constant for the format specification.
void dt_control_log(const char *msg, ...) __attribute__((format(printf, 1, 2)));
data/darktable-3.2.1/src/control/control.h:60:63:  [4] (format) printf:
  If format strings can be influenced by an attacker, they can be exploited
  (CWE-134). Use a constant for the format specification.
void dt_toast_log(const char *msg, ...) __attribute__((format(printf, 1, 2)));
data/darktable-3.2.1/src/control/jobs.c:127:3:  [4] (format) vsnprintf:
  If format strings can be influenced by an attacker, they can be exploited,
  and note that sprintf variations do not always \0-terminate (CWE-134). Use
  a constant for the format specification.
  vsnprintf(job->description, DT_CONTROL_DESCRIPTION_LEN, msg, ap);
data/darktable-3.2.1/src/control/jobs.h:60:110:  [4] (format) printf:
  If format strings can be influenced by an attacker, they can be exploited
  (CWE-134). Use a constant for the format specification.
dt_job_t *dt_control_job_create(dt_job_execute_callback execute, const char *msg, ...) __attribute__((format(printf, 2, 3)));
data/darktable-3.2.1/src/control/jobs/camera_jobs.c:86:3:  [4] (format) snprintf:
  If format strings can be influenced by an attacker, they can be exploited,
  and note that sprintf variations do not always \0-terminate (CWE-134). Use
  a constant for the format specification.
  snprintf(message, sizeof(message), ngettext("capturing %d image", "capturing %d images", total), total);
data/darktable-3.2.1/src/control/jobs/camera_jobs.c:341:3:  [4] (format) snprintf:
  If format strings can be influenced by an attacker, they can be exploited,
  and note that sprintf variations do not always \0-terminate (CWE-134). Use
  a constant for the format specification.
  snprintf(message, sizeof(message),
data/darktable-3.2.1/src/control/jobs/control_jobs.c:447:3:  [4] (format) snprintf:
  If format strings can be influenced by an attacker, they can be exploited,
  and note that sprintf variations do not always \0-terminate (CWE-134). Use
  a constant for the format specification.
  snprintf(message, sizeof(message), ngettext("merging %d image", "merging %d images", total), total);
data/darktable-3.2.1/src/control/jobs/control_jobs.c:535:3:  [4] (format) snprintf:
  If format strings can be influenced by an attacker, they can be exploited,
  and note that sprintf variations do not always \0-terminate (CWE-134). Use
  a constant for the format specification.
  snprintf(message, sizeof(message), ngettext("duplicating %d image", "duplicating %d images", total), total);
data/darktable-3.2.1/src/control/jobs/control_jobs.c:565:3:  [4] (format) snprintf:
  If format strings can be influenced by an attacker, they can be exploited,
  and note that sprintf variations do not always \0-terminate (CWE-134). Use
  a constant for the format specification.
  snprintf(message, sizeof(message), ngettext("flipping %d image", "flipping %d images", total), total);
data/darktable-3.2.1/src/control/jobs/control_jobs.c:640:3:  [4] (format) snprintf:
  If format strings can be influenced by an attacker, they can be exploited,
  and note that sprintf variations do not always \0-terminate (CWE-134). Use
  a constant for the format specification.
  snprintf(message, sizeof(message), ngettext("removing %d image", "removing %d images", total), total);
data/darktable-3.2.1/src/control/jobs/control_jobs.c:905:5:  [4] (format) snprintf:
  If format strings can be influenced by an attacker, they can be exploited,
  and note that sprintf variations do not always \0-terminate (CWE-134). Use
  a constant for the format specification.
    snprintf(message, sizeof(message), ngettext("trashing %d image", "trashing %d images", total), total);
data/darktable-3.2.1/src/control/jobs/control_jobs.c:907:5:  [4] (format) snprintf:
  If format strings can be influenced by an attacker, they can be exploited,
  and note that sprintf variations do not always \0-terminate (CWE-134). Use
  a constant for the format specification.
    snprintf(message, sizeof(message), ngettext("deleting %d image", "deleting %d images", total), total);
data/darktable-3.2.1/src/control/jobs/control_jobs.c:1135:5:  [4] (format) snprintf:
  If format strings can be influenced by an attacker, they can be exploited,
  and note that sprintf variations do not always \0-terminate (CWE-134). Use
  a constant for the format specification.
    snprintf(message, sizeof(message),
data/darktable-3.2.1/src/control/jobs/control_jobs.c:1138:5:  [4] (format) snprintf:
  If format strings can be influenced by an attacker, they can be exploited,
  and note that sprintf variations do not always \0-terminate (CWE-134). Use
  a constant for the format specification.
    snprintf(message, sizeof(message),
data/darktable-3.2.1/src/control/jobs/control_jobs.c:1183:3:  [4] (format) snprintf:
  If format strings can be influenced by an attacker, they can be exploited,
  and note that sprintf variations do not always \0-terminate (CWE-134). Use
  a constant for the format specification.
  snprintf(message, sizeof(message), ngettext("refreshing info for %d image", "refreshing info for %d images", total), total);
data/darktable-3.2.1/src/control/jobs/control_jobs.c:1785:3:  [4] (format) snprintf:
  If format strings can be influenced by an attacker, they can be exploited,
  and note that sprintf variations do not always \0-terminate (CWE-134). Use
  a constant for the format specification.
  snprintf(message, sizeof(message),
data/darktable-3.2.1/src/develop/blend_gui.c:1786:5:  [4] (format) snprintf:
  If format strings can be influenced by an attacker, they can be exploited,
  and note that sprintf variations do not always \0-terminate (CWE-134). Use
  a constant for the format specification.
    snprintf(txt, sizeof(txt), ngettext("%d shape used", "%d shapes used", n), n);
data/darktable-3.2.1/src/develop/imageop.c:1179:3:  [4] (format) snprintf:
  If format strings can be influenced by an attacker, they can be exploited,
  and note that sprintf variations do not always \0-terminate (CWE-134). Use
  a constant for the format specification.
  snprintf(tooltip, sizeof(tooltip), module->enabled ? _("%s is switched on") : _("%s is switched off"),
data/darktable-3.2.1/src/develop/imageop.c:2135:3:  [4] (format) snprintf:
  If format strings can be influenced by an attacker, they can be exploited,
  and note that sprintf variations do not always \0-terminate (CWE-134). Use
  a constant for the format specification.
  snprintf(tooltip, sizeof(tooltip), module->enabled ? _("%s is switched on") : _("%s is switched off"),
data/darktable-3.2.1/src/external/lua/src/lauxlib.h:226:10:  [4] (format) fprintf:
  If format strings can be influenced by an attacker, they can be exploited
  (CWE-134). Use a constant for the format specification.
        (fprintf(stderr, (s), (p)), fflush(stderr))
data/darktable-3.2.1/src/external/lua/src/liolib.c:58:40:  [4] (shell) popen:
  This causes a new program to execute and is difficult to use safely
  (CWE-78). try using a library call that implements the same functionality
  if available.
#define l_popen(L,c,m)		(fflush(NULL), popen(c,m))
data/darktable-3.2.1/src/external/lua/src/liolib.c:621:19:  [4] (format) fprintf:
  If format strings can be influenced by an attacker, they can be exploited
  (CWE-134). Use a constant for the format specification.
                ? fprintf(f, LUA_INTEGER_FMT, lua_tointeger(L, arg))
data/darktable-3.2.1/src/external/lua/src/liolib.c:622:19:  [4] (format) fprintf:
  If format strings can be influenced by an attacker, they can be exploited
  (CWE-134). Use a constant for the format specification.
                : fprintf(f, LUA_NUMBER_FMT, lua_tonumber(L, arg));
data/darktable-3.2.1/src/external/lua/src/lobject.c:286:5:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
    strcpy(buff, s);  /* copy string to buffer */
data/darktable-3.2.1/src/external/lua/src/loslib.c:122:9:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
        strcpy(b, LUA_TMPNAMTEMPLATE); \
data/darktable-3.2.1/src/external/lua/src/loslib.c:143:14:  [4] (shell) system:
  This causes a new program to execute and is difficult to use safely
  (CWE-78). try using a library call that implements the same functionality
  if available.
  int stat = system(cmd);
data/darktable-3.2.1/src/external/lua/src/lstrlib.c:1009:3:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
  strcpy(form + l - 1, lenmod);
data/darktable-3.2.1/src/external/lua/src/luac.c:263:2:  [4] (format) printf:
  If format strings can be influenced by an attacker, they can be exploited
  (CWE-134). Use a constant for the format specification.
	printf(bvalue(o) ? "true" : "false");
data/darktable-3.2.1/src/external/lua/src/luac.c:268:2:  [4] (format) sprintf:
  Potential format string problem (CWE-134). Make format string constant.
	sprintf(buff,LUA_NUMBER_FMT,fltvalue(o));
data/darktable-3.2.1/src/external/lua/src/luac.c:274:2:  [4] (format) printf:
  If format strings can be influenced by an attacker, they can be exploited
  (CWE-134). Use a constant for the format specification.
	printf(LUA_INTEGER_FMT,ivalue(o));
data/darktable-3.2.1/src/external/lua/src/luaconf.h:591:29:  [4] (format) snprintf:
  If format strings can be influenced by an attacker, they can be exploited,
  and note that sprintf variations do not always \0-terminate (CWE-134). Use
  a constant for the format specification.
#define l_sprintf(s,sz,f,i)	snprintf(s,sz,f,i)
data/darktable-3.2.1/src/external/lua/src/luaconf.h:593:42:  [4] (format) sprintf:
  Potential format string problem (CWE-134). Make format string constant.
#define l_sprintf(s,sz,f,i)	((void)(sz), sprintf(s,f,i))
data/darktable-3.2.1/src/external/rawspeed/src/librawspeed/common/Common.cpp:50:5:  [4] (format) vfprintf:
  If format strings can be influenced by an attacker, they can be exploited
  (CWE-134). Use a constant for the format specification.
    vfprintf(stdout, format, args);
data/darktable-3.2.1/src/external/rawspeed/src/librawspeed/common/Common.h:45:27:  [4] (format) printf:
  If format strings can be influenced by an attacker, they can be exploited
  (CWE-134). Use a constant for the format specification.
    __attribute__((format(printf, 2, 3)));
data/darktable-3.2.1/src/external/rawspeed/src/librawspeed/common/RawspeedException.h:36:37:  [4] (format) printf:
  If format strings can be influenced by an attacker, they can be exploited
  (CWE-134). Use a constant for the format specification.
    __attribute__((noreturn, format(printf, 1, 2)))
data/darktable-3.2.1/src/external/rawspeed/src/librawspeed/common/RawspeedException.h:51:3:  [4] (format) vsnprintf:
  If format strings can be influenced by an attacker, they can be exploited,
  and note that sprintf variations do not always \0-terminate (CWE-134). Use
  a constant for the format specification.
  vsnprintf(buf.data(), sizeof(buf), fmt, val);
data/darktable-3.2.1/src/external/rawspeed/src/utilities/rstest/rstest.cpp:147:35:  [4] (format) printf:
  If format strings can be influenced by an attacker, they can be exploited
  (CWE-134). Use a constant for the format specification.
static void __attribute__((format(printf, 2, 3)))
data/darktable-3.2.1/src/external/rawspeed/src/utilities/rstest/rstest.cpp:153:3:  [4] (format) vsnprintf:
  If format strings can be influenced by an attacker, they can be exploited,
  and note that sprintf variations do not always \0-terminate (CWE-134). Use
  a constant for the format specification.
  vsnprintf(line.data(), sizeof(line), format, args);
data/darktable-3.2.1/src/external/rawspeed/src/utilities/rstest/rstest.cpp:444:9:  [4] (shell) system:
  This causes a new program to execute and is difficult to use safely
  (CWE-78). try using a library call that implements the same functionality
  if available.
    if (system(cmd.c_str())) {
data/darktable-3.2.1/src/generate-cache/main.c:107:11:  [4] (race) access:
  This usually indicates a security flaw. If an attacker can change anything
  along the path between the call to access() and the file's actual use
  (e.g., by moving files), the attacker can exploit the race condition
  (CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
  and try to open the file directly.
      if(!access(filename, R_OK)) continue;
data/darktable-3.2.1/src/imageio/storage/gallery.c:288:3:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
  sprintf(c, ".%s", ext);
data/darktable-3.2.1/src/imageio/storage/gallery.c:323:3:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
  sprintf(c, "-thumb.%s", ext);
data/darktable-3.2.1/src/imageio/storage/gallery.c:387:3:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
  sprintf(c, "-thumb.%s", ext);
data/darktable-3.2.1/src/imageio/storage/latex.c:287:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf(c, ".%s", ext);
data/darktable-3.2.1/src/imageio/storage/piwigo.c:650:5:  [4] (format) snprintf:
  If format strings can be influenced by an attacker, they can be exploited,
  and note that sprintf variations do not always \0-terminate (CWE-134). Use
  a constant for the format specification.
    snprintf(pid, sizeof(pid), "%"PRId64, p->parent_album_id);
data/darktable-3.2.1/src/imageio/storage/piwigo.c:680:3:  [4] (format) snprintf:
  If format strings can be influenced by an attacker, they can be exploited,
  and note that sprintf variations do not always \0-terminate (CWE-134). Use
  a constant for the format specification.
  snprintf(cat, sizeof(cat), "%"PRId64, p->album_id);
data/darktable-3.2.1/src/iop/lut3d.c:1573:35:  [4] (race) access:
  This usually indicates a security flaw. If an attacker can change anything
  along the path between the call to access() and the file's actual use
  (e.g., by moving files), the attacker can exploit the race condition
  (CWE-362/CWE-367!). Set up the correct permissions (e.g., using setuid())
  and try to open the file directly.
  if (strlen(p->filepath) == 0 || access(composed, F_OK) == -1)
data/darktable-3.2.1/src/lua/call.c:600:14:  [4] (shell) system:
  This causes a new program to execute and is difficult to use safely
  (CWE-78). try using a library call that implements the same functionality
  if available.
  int stat = system(cmd);
data/darktable-3.2.1/src/common/colorspaces.c:1295:16:  [3] (buffer) getenv:
  Environment variables are untrustable input if they can be set by an
  attacker. They can have any content and length, and the same variable can
  be set more than once (CWE-807, CWE-20). Check environment variables
  carefully before using them.
  char *lang = getenv("LANG");
data/darktable-3.2.1/src/common/database.c:2833:27:  [3] (buffer) getenv:
  Environment variables are untrustable input if they can be set by an
  attacker. They can have any content and length, and the same variable can
  be set more than once (CWE-807, CWE-20). Check environment variables
  carefully before using them.
    const char *homedir = getenv("HOME");
data/darktable-3.2.1/src/common/file_location.c:45:53:  [3] (buffer) g_get_home_dir:
  This function is synonymous with 'getenv("HOME")';it returns untrustable
  input if the environment can beset by an attacker. It can have any content
  and length, and the same variable can be set more than once (CWE-807,
  CWE-20). Check environment variables carefully before using them.
    return g_strdup((home_dir != NULL) ? home_dir : g_get_home_dir());
data/darktable-3.2.1/src/common/file_location.c:140:50:  [3] (buffer) g_get_tmp_dir:
  This function is synonymous with 'getenv("TMP")';it returns untrustable
  input if the environment can beset by an attacker. It can have any content
  and length, and the same variable can be set more than once (CWE-807,
  CWE-20). Check environment variables carefully before using them.
  darktable.tmpdir = dt_loc_init_generic(tmpdir, g_get_tmp_dir());
data/darktable-3.2.1/src/common/grealpath.h:23:6:  [3] (buffer) realpath:
  This function does not protect against buffer overflows, and some
  implementations can overflow internally (CWE-120/CWE-785!). Ensure that the
  destination buffer is at least of size MAXPATHLEN, andto protect against
  implementation problems, the input argument should also be checked to
  ensure it is no larger than MAXPATHLEN.
  if(realpath(path, buffer))
data/darktable-3.2.1/src/common/pwstorage/pwstorage.c:58:28:  [3] (buffer) getenv:
  Environment variables are untrustable input if they can be set by an
  attacker. They can have any content and length, and the same variable can
  be set more than once (CWE-807, CWE-20). Check environment variables
  carefully before using them.
    const gchar *desktop = getenv("XDG_CURRENT_DESKTOP");
data/darktable-3.2.1/src/external/lua/src/lmathlib.c:28:18:  [3] (random) random:
  This function is not sufficiently random for security-related functions
  such as key and nonce creation (CWE-327). Use a more secure technique for
  acquiring random values.
#define l_rand()	random()
data/darktable-3.2.1/src/external/lua/src/lmathlib.c:29:20:  [3] (random) srandom:
  This function is not sufficiently random for security-related functions
  such as key and nonce creation (CWE-327). Use a more secure technique for
  acquiring random values.
#define l_srand(x)	srandom(x)
data/darktable-3.2.1/src/external/lua/src/lmathlib.c:33:20:  [3] (random) srand:
  This function is not sufficiently random for security-related functions
  such as key and nonce creation (CWE-327). Use a more secure technique for
  acquiring random values.
#define l_srand(x)	srand(x)
data/darktable-3.2.1/src/external/lua/src/loadlib.c:687:22:  [3] (buffer) getenv:
  Environment variables are untrustable input if they can be set by an
  attacker. They can have any content and length, and the same variable can
  be set more than once (CWE-807, CWE-20). Check environment variables
  carefully before using them.
  const char *path = getenv(envname1);
data/darktable-3.2.1/src/external/lua/src/loadlib.c:689:12:  [3] (buffer) getenv:
  Environment variables are untrustable input if they can be set by an
  attacker. They can have any content and length, and the same variable can
  be set more than once (CWE-807, CWE-20). Check environment variables
  carefully before using them.
    path = getenv(envname2);  /* try alternative name */
data/darktable-3.2.1/src/external/lua/src/loslib.c:131:33:  [3] (tmpfile) tmpnam:
  Temporary file race condition (CWE-377).
#define lua_tmpnam(b,e)		{ e = (tmpnam(b) == NULL); }
data/darktable-3.2.1/src/external/lua/src/loslib.c:178:21:  [3] (buffer) getenv:
  Environment variables are untrustable input if they can be set by an
  attacker. They can have any content and length, and the same variable can
  be set more than once (CWE-807, CWE-20). Check environment variables
  carefully before using them.
  lua_pushstring(L, getenv(luaL_checkstring(L, 1)));  /* if NULL push nil */
data/darktable-3.2.1/src/external/lua/src/lua.c:534:22:  [3] (buffer) getenv:
  Environment variables are untrustable input if they can be set by an
  attacker. They can have any content and length, and the same variable can
  be set more than once (CWE-807, CWE-20). Check environment variables
  carefully before using them.
  const char *init = getenv(name + 1);
data/darktable-3.2.1/src/external/lua/src/lua.c:537:12:  [3] (buffer) getenv:
  Environment variables are untrustable input if they can be set by an
  attacker. They can have any content and length, and the same variable can
  be set more than once (CWE-807, CWE-20). Check environment variables
  carefully before using them.
    init = getenv(name + 1);  /* try alternative name */
data/darktable-3.2.1/src/external/rawspeed/src/librawspeed/common/RawImage.h:127:40:  [3] (random) random:
  This function is not sufficiently random for security-related functions
  such as key and nonce creation (CWE-327). Use a more secure technique for
  acquiring random values.
                             uint32_t* random) = 0;
data/darktable-3.2.1/src/external/rawspeed/src/librawspeed/common/RawImage.h:190:62:  [3] (random) random:
  This function is not sufficiently random for security-related functions
  such as key and nonce creation (CWE-327). Use a more secure technique for
  acquiring random values.
  void setWithLookUp(uint16_t value, uint8_t* dst, uint32_t* random) override;
data/darktable-3.2.1/src/external/rawspeed/src/librawspeed/common/RawImage.h:210:62:  [3] (random) random:
  This function is not sufficiently random for security-related functions
  such as key and nonce creation (CWE-327). Use a more secure technique for
  acquiring random values.
  void setWithLookUp(uint16_t value, uint8_t* dst, uint32_t* random) override;
data/darktable-3.2.1/src/external/rawspeed/src/librawspeed/common/RawImage.h:281:54:  [3] (random) random:
  This function is not sufficiently random for security-related functions
  such as key and nonce creation (CWE-327). Use a more secure technique for
  acquiring random values.
                                           uint32_t* random) {
data/darktable-3.2.1/src/external/rawspeed/src/librawspeed/common/RawImage.h:292:19:  [3] (random) random:
  This function is not sufficiently random for security-related functions
  such as key and nonce creation (CWE-327). Use a more secure technique for
  acquiring random values.
    uint32_t r = *random;
data/darktable-3.2.1/src/external/rawspeed/src/librawspeed/common/RawImageDataFloat.cpp:383:49:  [3] (random) random:
  This function is not sufficiently random for security-related functions
  such as key and nonce creation (CWE-327). Use a more secure technique for
  acquiring random values.
                                      uint32_t* random) {
data/darktable-3.2.1/src/external/rawspeed/src/librawspeed/decoders/NefDecoder.cpp:695:35:  [3] (random) random:
  This function is not sufficiently random for security-related functions
  such as key and nonce creation (CWE-327). Use a more secure technique for
  acquiring random values.
                          tmpch, &random);
data/darktable-3.2.1/src/external/rawspeed/src/librawspeed/decoders/NefDecoder.cpp:700:60:  [3] (random) random:
  This function is not sufficiently random for security-related functions
  such as key and nonce creation (CWE-327). Use a more secure technique for
  acquiring random values.
          reinterpret_cast<uint8_t*>(&out(row, col + 1)), &random);
data/darktable-3.2.1/src/external/rawspeed/src/librawspeed/decoders/NefDecoder.cpp:703:35:  [3] (random) random:
  This function is not sufficiently random for security-related functions
  such as key and nonce creation (CWE-327). Use a more secure technique for
  acquiring random values.
                          tmpch, &random);
data/darktable-3.2.1/src/external/rawspeed/src/librawspeed/decoders/NefDecoder.cpp:707:35:  [3] (random) random:
  This function is not sufficiently random for security-related functions
  such as key and nonce creation (CWE-327). Use a more secure technique for
  acquiring random values.
                          tmpch, &random);
data/darktable-3.2.1/src/external/rawspeed/src/librawspeed/decoders/NefDecoder.cpp:712:60:  [3] (random) random:
  This function is not sufficiently random for security-related functions
  such as key and nonce creation (CWE-327). Use a more secure technique for
  acquiring random values.
          reinterpret_cast<uint8_t*>(&out(row, col + 4)), &random);
data/darktable-3.2.1/src/external/rawspeed/src/librawspeed/decoders/NefDecoder.cpp:715:35:  [3] (random) random:
  This function is not sufficiently random for security-related functions
  such as key and nonce creation (CWE-327). Use a more secure technique for
  acquiring random values.
                          tmpch, &random);
data/darktable-3.2.1/src/external/rawspeed/src/librawspeed/decompressors/KodakDecompressor.cpp:138:32:  [3] (random) random:
  This function is not sufficiently random for security-related functions
  such as key and nonce creation (CWE-327). Use a more secure technique for
  acquiring random values.
                              &random);
data/darktable-3.2.1/src/external/rawspeed/src/librawspeed/decompressors/NikonDecompressor.cpp:502:31:  [3] (random) random:
  This function is not sufficiently random for security-related functions
  such as key and nonce creation (CWE-327). Use a more secure technique for
  acquiring random values.
                             &random);
data/darktable-3.2.1/src/external/rawspeed/src/librawspeed/decompressors/NikonDecompressor.h:47:12:  [3] (random) random:
  This function is not sufficiently random for security-related functions
  such as key and nonce creation (CWE-327). Use a more secure technique for
  acquiring random values.
  uint32_t random;
data/darktable-3.2.1/src/external/rawspeed/src/librawspeed/decompressors/SonyArw2Decompressor.cpp:105:72:  [3] (random) random:
  This function is not sufficiently random for security-related functions
  such as key and nonce creation (CWE-327). Use a more secure technique for
  acquiring random values.
          p << 1, reinterpret_cast<uint8_t*>(&out(row, col + i * 2)), &random);
data/darktable-3.2.1/src/external/rawspeed/src/librawspeed/decompressors/UncompressedDecompressor.cpp:229:73:  [3] (random) random:
  This function is not sufficiently random for security-related functions
  such as key and nonce creation (CWE-327). Use a more secure technique for
  acquiring random values.
        mRaw->setWithLookUp(*in, reinterpret_cast<uint8_t*>(&dest[x]), &random);
data/darktable-3.2.1/src/external/rawspeed/test/librawspeed/metadata/CameraSensorInfoTest.cpp:317:8:  [3] (random) srand:
  This function is not sufficiently random for security-related functions
  such as key and nonce creation (CWE-327). Use a more secure technique for
  acquiring random values.
  std::srand(2016122923);
data/darktable-3.2.1/src/iop/dither.c:77:5:  [3] (random) random:
  This function is not sufficiently random for security-related functions
  such as key and nonce creation (CWE-327). Use a more secure technique for
  acquiring random values.
  } random;
data/darktable-3.2.1/src/iop/dither.c:83:14:  [3] (random) random:
  This function is not sufficiently random for security-related functions
  such as key and nonce creation (CWE-327). Use a more secure technique for
  acquiring random values.
  GtkWidget *random;
data/darktable-3.2.1/src/iop/dither.c:98:5:  [3] (random) random:
  This function is not sufficiently random for security-related functions
  such as key and nonce creation (CWE-327). Use a more secure technique for
  acquiring random values.
  } random;
data/darktable-3.2.1/src/iop/dither.c:621:41:  [3] (random) random:
  This function is not sufficiently random for security-related functions
  such as key and nonce creation (CWE-327). Use a more secure technique for
  acquiring random values.
  const float dither = powf(2.0f, data->random.damping / 10.0f);
data/darktable-3.2.1/src/iop/dither.c:685:31:  [3] (random) random:
  This function is not sufficiently random for security-related functions
  such as key and nonce creation (CWE-327). Use a more secure technique for
  acquiring random values.
    gtk_widget_set_visible(g->random, p->dither_type == DITHER_RANDOM);
data/darktable-3.2.1/src/iop/dither.c:696:6:  [3] (random) random:
  This function is not sufficiently random for security-related functions
  such as key and nonce creation (CWE-327). Use a more secure technique for
  acquiring random values.
  p->random.radius = dt_bauhaus_slider_get(slider);
data/darktable-3.2.1/src/iop/dither.c:708:6:  [3] (random) random:
  This function is not sufficiently random for security-related functions
  such as key and nonce creation (CWE-327). Use a more secure technique for
  acquiring random values.
  p->random.range[0] = dtgtk_gradient_slider_multivalue_get_value(DTGTK_GRADIENT_SLIDER(slider), 0);
data/darktable-3.2.1/src/iop/dither.c:709:6:  [3] (random) random:
  This function is not sufficiently random for security-related functions
  such as key and nonce creation (CWE-327). Use a more secure technique for
  acquiring random values.
  p->random.range[1] = dtgtk_gradient_slider_multivalue_get_value(DTGTK_GRADIENT_SLIDER(slider), 1);
data/darktable-3.2.1/src/iop/dither.c:710:6:  [3] (random) random:
  This function is not sufficiently random for security-related functions
  such as key and nonce creation (CWE-327). Use a more secure technique for
  acquiring random values.
  p->random.range[2] = dtgtk_gradient_slider_multivalue_get_value(DTGTK_GRADIENT_SLIDER(slider), 2);
data/darktable-3.2.1/src/iop/dither.c:711:6:  [3] (random) random:
  This function is not sufficiently random for security-related functions
  such as key and nonce creation (CWE-327). Use a more secure technique for
  acquiring random values.
  p->random.range[3] = dtgtk_gradient_slider_multivalue_get_value(DTGTK_GRADIENT_SLIDER(slider), 3);
data/darktable-3.2.1/src/iop/dither.c:723:15:  [3] (random) random:
  This function is not sufficiently random for security-related functions
  such as key and nonce creation (CWE-327). Use a more secure technique for
  acquiring random values.
  memcpy(&(d->random.range), &(p->random.range), sizeof(p->random.range));
data/darktable-3.2.1/src/iop/dither.c:723:35:  [3] (random) random:
  This function is not sufficiently random for security-related functions
  such as key and nonce creation (CWE-327). Use a more secure technique for
  acquiring random values.
  memcpy(&(d->random.range), &(p->random.range), sizeof(p->random.range));
data/darktable-3.2.1/src/iop/dither.c:723:60:  [3] (random) random:
  This function is not sufficiently random for security-related functions
  such as key and nonce creation (CWE-327). Use a more secure technique for
  acquiring random values.
  memcpy(&(d->random.range), &(p->random.range), sizeof(p->random.range));
data/darktable-3.2.1/src/iop/dither.c:724:6:  [3] (random) random:
  This function is not sufficiently random for security-related functions
  such as key and nonce creation (CWE-327). Use a more secure technique for
  acquiring random values.
  d->random.radius = p->random.radius;
data/darktable-3.2.1/src/iop/dither.c:724:25:  [3] (random) random:
  This function is not sufficiently random for security-related functions
  such as key and nonce creation (CWE-327). Use a more secure technique for
  acquiring random values.
  d->random.radius = p->random.radius;
data/darktable-3.2.1/src/iop/dither.c:725:6:  [3] (random) random:
  This function is not sufficiently random for security-related functions
  such as key and nonce creation (CWE-327). Use a more secure technique for
  acquiring random values.
  d->random.damping = p->random.damping;
data/darktable-3.2.1/src/iop/dither.c:725:26:  [3] (random) random:
  This function is not sufficiently random for security-related functions
  such as key and nonce creation (CWE-327). Use a more secure technique for
  acquiring random values.
  d->random.damping = p->random.damping;
data/darktable-3.2.1/src/iop/dither.c:748:39:  [3] (random) random:
  This function is not sufficiently random for security-related functions
  such as key and nonce creation (CWE-327). Use a more secure technique for
  acquiring random values.
  dt_bauhaus_slider_set(g->radius, p->random.radius);
data/darktable-3.2.1/src/iop/dither.c:750:82:  [3] (random) random:
  This function is not sufficiently random for security-related functions
  such as key and nonce creation (CWE-327). Use a more secure technique for
  acquiring random values.
  dtgtk_gradient_slider_multivalue_set_value(DTGTK_GRADIENT_SLIDER(g->range), p->random.range[0], 0);
data/darktable-3.2.1/src/iop/dither.c:751:82:  [3] (random) random:
  This function is not sufficiently random for security-related functions
  such as key and nonce creation (CWE-327). Use a more secure technique for
  acquiring random values.
  dtgtk_gradient_slider_multivalue_set_value(DTGTK_GRADIENT_SLIDER(g->range), p->random.range[1], 1);
data/darktable-3.2.1/src/iop/dither.c:752:82:  [3] (random) random:
  This function is not sufficiently random for security-related functions
  such as key and nonce creation (CWE-327). Use a more secure technique for
  acquiring random values.
  dtgtk_gradient_slider_multivalue_set_value(DTGTK_GRADIENT_SLIDER(g->range), p->random.range[2], 2);
data/darktable-3.2.1/src/iop/dither.c:753:82:  [3] (random) random:
  This function is not sufficiently random for security-related functions
  such as key and nonce creation (CWE-327). Use a more secure technique for
  acquiring random values.
  dtgtk_gradient_slider_multivalue_set_value(DTGTK_GRADIENT_SLIDER(g->range), p->random.range[3], 3);
data/darktable-3.2.1/src/iop/dither.c:756:40:  [3] (random) random:
  This function is not sufficiently random for security-related functions
  such as key and nonce creation (CWE-327). Use a more secure technique for
  acquiring random values.
  dt_bauhaus_slider_set(g->damping, p->random.damping);
data/darktable-3.2.1/src/iop/dither.c:758:29:  [3] (random) random:
  This function is not sufficiently random for security-related functions
  such as key and nonce creation (CWE-327). Use a more secure technique for
  acquiring random values.
  gtk_widget_set_visible(g->random, p->dither_type == DITHER_RANDOM);
data/darktable-3.2.1/src/iop/dither.c:769:74:  [3] (random) random:
  This function is not sufficiently random for security-related functions
  such as key and nonce creation (CWE-327). Use a more secure technique for
  acquiring random values.
  g->radius = dt_bauhaus_slider_new_with_range(self, 0.0, 200.0, 0.1, p->random.radius, 2);
data/darktable-3.2.1/src/iop/dither.c:778:82:  [3] (random) random:
  This function is not sufficiently random for security-related functions
  such as key and nonce creation (CWE-327). Use a more secure technique for
  acquiring random values.
  dtgtk_gradient_slider_multivalue_set_value(DTGTK_GRADIENT_SLIDER(g->range), p->random.range[0], 0);
data/darktable-3.2.1/src/iop/dither.c:779:82:  [3] (random) random:
  This function is not sufficiently random for security-related functions
  such as key and nonce creation (CWE-327). Use a more secure technique for
  acquiring random values.
  dtgtk_gradient_slider_multivalue_set_value(DTGTK_GRADIENT_SLIDER(g->range), p->random.range[1], 1);
data/darktable-3.2.1/src/iop/dither.c:780:82:  [3] (random) random:
  This function is not sufficiently random for security-related functions
  such as key and nonce creation (CWE-327). Use a more secure technique for
  acquiring random values.
  dtgtk_gradient_slider_multivalue_set_value(DTGTK_GRADIENT_SLIDER(g->range), p->random.range[2], 2);
data/darktable-3.2.1/src/iop/dither.c:781:82:  [3] (random) random:
  This function is not sufficiently random for security-related functions
  such as key and nonce creation (CWE-327). Use a more secure technique for
  acquiring random values.
  dtgtk_gradient_slider_multivalue_set_value(DTGTK_GRADIENT_SLIDER(g->range), p->random.range[3], 3);
data/darktable-3.2.1/src/iop/dither.c:796:33:  [3] (random) random:
  This function is not sufficiently random for security-related functions
  such as key and nonce creation (CWE-327). Use a more secure technique for
  acquiring random values.
  gtk_box_pack_start(GTK_BOX(g->random), g->radius, TRUE, TRUE, 0);
data/darktable-3.2.1/src/iop/dither.c:797:33:  [3] (random) random:
  This function is not sufficiently random for security-related functions
  such as key and nonce creation (CWE-327). Use a more secure technique for
  acquiring random values.
  gtk_box_pack_start(GTK_BOX(g->random), rlabel, TRUE, TRUE, 0);
data/darktable-3.2.1/src/iop/dither.c:798:33:  [3] (random) random:
  This function is not sufficiently random for security-related functions
  such as key and nonce creation (CWE-327). Use a more secure technique for
  acquiring random values.
  gtk_box_pack_start(GTK_BOX(g->random), g->range, TRUE, TRUE, 0);
data/darktable-3.2.1/src/iop/dither.c:805:48:  [3] (random) random:
  This function is not sufficiently random for security-related functions
  such as key and nonce creation (CWE-327). Use a more secure technique for
  acquiring random values.
  gtk_box_pack_start(GTK_BOX(self->widget), g->random, TRUE, TRUE, 0);
data/darktable-3.2.1/src/libs/styles.c:372:70:  [3] (buffer) g_get_home_dir:
  This function is synonymous with 'getenv("HOME")';it returns untrustable
  input if the environment can beset by an attacker. It can have any content
  and length, and the same variable can be set more than once (CWE-807,
  CWE-20). Check environment variables carefully before using them.
  gtk_file_chooser_set_current_folder(GTK_FILE_CHOOSER(filechooser), g_get_home_dir());
data/darktable-3.2.1/src/libs/styles.c:399:70:  [3] (buffer) g_get_home_dir:
  This function is synonymous with 'getenv("HOME")';it returns untrustable
  input if the environment can beset by an attacker. It can have any content
  and length, and the same variable can be set more than once (CWE-807,
  CWE-20). Check environment variables carefully before using them.
  gtk_file_chooser_set_current_folder(GTK_FILE_CHOOSER(filechooser), g_get_home_dir());
data/darktable-3.2.1/src/libs/tagging.c:2220:29:  [3] (buffer) g_get_home_dir:
  This function is synonymous with 'getenv("HOME")';it returns untrustable
  input if the environment can beset by an attacker. It can have any content
  and length, and the same variable can be set more than once (CWE-807,
  CWE-20). Check environment variables carefully before using them.
    last_dirname = g_strdup(g_get_home_dir());
data/darktable-3.2.1/src/libs/tagging.c:2261:29:  [3] (buffer) g_get_home_dir:
  This function is synonymous with 'getenv("HOME")';it returns untrustable
  input if the environment can beset by an attacker. It can have any content
  and length, and the same variable can be set more than once (CWE-807,
  CWE-20). Check environment variables carefully before using them.
    last_dirname = g_strdup(g_get_home_dir());
data/darktable-3.2.1/tools/basecurve/darktable-curve-tool.c:240:27:  [3] (random) drand48:
  This function is not sufficiently random for security-related functions
  such as key and nonce creation (CWE-327). Use a more secure technique for
  acquiring random values.
    const float x = min + drand48()*(max-min);
data/darktable-3.2.1/tools/basecurve/darktable-curve-tool.c:469:18:  [3] (random) drand48:
  This function is not sufficiently random for security-related functions
  such as key and nonce creation (CWE-327). Use a more secure technique for
  acquiring random values.
    if(i == 0 || drand48() < p_large)
data/darktable-3.2.1/tools/basecurve/darktable-curve-tool.c:496:8:  [3] (random) drand48:
  This function is not sufficiently random for security-related functions
  such as key and nonce creation (CWE-327). Use a more secure technique for
  acquiring random values.
    if(drand48() < a || i == 0)
data/darktable-3.2.1/tools/basecurve/darktable-curve-tool.c:591:15:  [3] (buffer) getopt:
  Some older implementations do not protect against internal buffer overflows
  (CWE-120, CWE-20). Check implementation on installation, or limit the size
  of all string inputs.
  while ((c = getopt(argc, argv, "hn:b:c:t:u:s:ze:a")) >= 0)
data/darktable-3.2.1/data/kernels/common.h:41:62:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
FCxtrans(const int row, const int col, global const unsigned char (*const xtrans)[6])
data/darktable-3.2.1/src/bauhaus/bauhaus.c:2594:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char module[64], label[64], value[256], *key;
data/darktable-3.2.1/src/bauhaus/bauhaus.h:82:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char format[24]; // numeric value is printed with this string
data/darktable-3.2.1/src/bauhaus/bauhaus.h:114:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char text[180];     // roughly as much as a slider
data/darktable-3.2.1/src/bauhaus/bauhaus.h:143:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char label[256];
data/darktable-3.2.1/src/bauhaus/bauhaus.h:190:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char keys[64];
data/darktable-3.2.1/src/bauhaus/bauhaus.h:201:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char key_history[64][256];
data/darktable-3.2.1/src/bauhaus/bauhaus.h:215:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char label_font[256];                  // font to draw the label with
data/darktable-3.2.1/src/bauhaus/bauhaus.h:216:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char value_font[256];                  // font to draw the value with
data/darktable-3.2.1/src/chart/colorchart.c:157:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char line[MAX_LINE_LENGTH] = { 0 };
data/darktable-3.2.1/src/chart/colorchart.c:308:11:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
          memcpy(y_label, lys, lys_len + 1);
data/darktable-3.2.1/src/chart/colorchart.c:312:13:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
            memcpy(x_label, lxs, lxs_len + 1);
data/darktable-3.2.1/src/chart/colorchart.c:567:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char *columns[3] = { 0 };
data/darktable-3.2.1/src/chart/main.c:602:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char s[64];
data/darktable-3.2.1/src/chart/main.c:833:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(*target_L, extra_target_L, n_extra_patches * sizeof(double));
data/darktable-3.2.1/src/chart/main.c:834:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(*target_a, extra_target_a, n_extra_patches * sizeof(double));
data/darktable-3.2.1/src/chart/main.c:835:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(*target_b, extra_target_b, n_extra_patches * sizeof(double));
data/darktable-3.2.1/src/chart/main.c:836:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(*colorchecker_Lab, extra_colorchecker_Lab, 3 * n_extra_patches * sizeof(double));
data/darktable-3.2.1/src/chart/main.c:1759:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char key[16] = {0}, value[256] = {0};
data/darktable-3.2.1/src/chart/main.c:1802:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char line[512];
data/darktable-3.2.1/src/chart/main.c:1847:27:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
  const int num_patches = atoi(argv[3]);
data/darktable-3.2.1/src/chart/pfm.c:36:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char magic[2];
data/darktable-3.2.1/src/chart/pfm.c:37:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char scale_factor_string[64] = { 0 };
data/darktable-3.2.1/src/chart/pfm.c:116:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(line, image + width * j * 3, 3 * sizeof(float) * width);
data/darktable-3.2.1/src/chart/pfm.c:117:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(image + width * j * 3, image + width * (height - 1 - j) * 3, 3 * sizeof(float) * width);
data/darktable-3.2.1/src/chart/pfm.c:118:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(image + width * (height - 1 - j) * 3, line, 3 * sizeof(float) * width);
data/darktable-3.2.1/src/chart/pfm.c:144:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(out, in, 3 * sizeof(float));
data/darktable-3.2.1/src/chart/thinplate.c:197:32:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
  for(int k = 0; k < dim; k++) memcpy(r[k], b[k], wd * sizeof(double));
data/darktable-3.2.1/src/cli/main.c:118:21:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
        width = MAX(atoi(arg[k]), 0);
data/darktable-3.2.1/src/cli/main.c:123:22:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
        height = MAX(atoi(arg[k]), 0);
data/darktable-3.2.1/src/cli/main.c:128:19:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
        bpp = MAX(atoi(arg[k]), 0);
data/darktable-3.2.1/src/cmstest/main.c:159:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char disp_name[100];
data/darktable-3.2.1/src/common/camera_control.c:140:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char log[4096] = { 0 };
data/darktable-3.2.1/src/common/camera_control.c:197:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char buffer[4096];
data/darktable-3.2.1/src/common/camera_control.c:205:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char buffer[4096];
data/darktable-3.2.1/src/common/camera_control.c:213:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char buffer[4096];
data/darktable-3.2.1/src/common/camera_control.c:932:7:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
      char folder[PATH_MAX] = { 0 };
data/darktable-3.2.1/src/common/camera_control.c:933:7:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
      char filename[PATH_MAX] = { 0 };
data/darktable-3.2.1/src/common/camera_control.c:1064:13:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
            char fullpath[PATH_MAX] = { 0 };
data/darktable-3.2.1/src/common/camera_control.c:1130:7:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
      char buffer[PATH_MAX] = { 0 };
data/darktable-3.2.1/src/common/collection.c:76:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(&collection->params, &clone->params, sizeof(dt_collection_params_t));
data/darktable-3.2.1/src/common/collection.c:77:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(&collection->store, &clone->store, sizeof(dt_collection_params_t));
data/darktable-3.2.1/src/common/collection.c:184:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char tag[16] = { 0 };
data/darktable-3.2.1/src/common/collection.c:400:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char tag[16] = { 0 };
data/darktable-3.2.1/src/common/collection.c:418:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char tag[16] = { 0 };
data/darktable-3.2.1/src/common/collection.c:541:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char confname[200];
data/darktable-3.2.1/src/common/collection.c:1423:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char maker[64];
data/darktable-3.2.1/src/common/collection.c:1424:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char model[64];
data/darktable-3.2.1/src/common/collection.c:1425:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char alias[64];
data/darktable-3.2.1/src/common/collection.c:1808:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char confname[200];
data/darktable-3.2.1/src/common/collection.c:1856:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char str[400], confname[200];
data/darktable-3.2.1/src/common/collection.c:1932:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char confname[200];
data/darktable-3.2.1/src/common/colorspaces.c:231:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(tmp, matrix, sizeof(float) * 9);
data/darktable-3.2.1/src/common/colorspaces.c:583:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char name[512];
data/darktable-3.2.1/src/common/colorspaces.c:633:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char name[512];
data/darktable-3.2.1/src/common/colorspaces.c:683:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char name[512];
data/darktable-3.2.1/src/common/colorspaces.c:1291:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char datadir[PATH_MAX] = { 0 };
data/darktable-3.2.1/src/common/colorspaces.c:1292:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char confdir[PATH_MAX] = { 0 };
data/darktable-3.2.1/src/common/colorspaces.c:1898:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char name[512] = { 0 };
data/darktable-3.2.1/src/common/colorspaces.c:2009:50:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
int dt_colorspaces_conversion_matrices_xyz(const char *name, float in_XYZ_to_CAM[9], double XYZ_to_CAM[4][3], double CAM_to_XYZ[3][4])
data/darktable-3.2.1/src/common/colorspaces.c:2043:50:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
int dt_colorspaces_conversion_matrices_rgb(const char *name, double out_RGB_to_CAM[4][3], double out_CAM_to_RGB[3][4], double mul[4])
data/darktable-3.2.1/src/common/colorspaces.h:123:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char display_filename[512];
data/darktable-3.2.1/src/common/colorspaces.h:124:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char display2_filename[512];
data/darktable-3.2.1/src/common/colorspaces.h:125:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char softproof_filename[512];
data/darktable-3.2.1/src/common/colorspaces.h:126:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char histogram_filename[512];
data/darktable-3.2.1/src/common/colorspaces.h:142:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char filename[512];                       // icc file name
data/darktable-3.2.1/src/common/colorspaces.h:143:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char name[512];                           // product name, displayed in GUI
data/darktable-3.2.1/src/common/colorspaces.h:229:50:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
int dt_colorspaces_conversion_matrices_xyz(const char *name, float in_XYZ_to_CAM[9], double XYZ_to_CAM[4][3], double CAM_to_XYZ[3][4]);
data/darktable-3.2.1/src/common/colorspaces.h:232:50:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
int dt_colorspaces_conversion_matrices_rgb(const char *name, double RGB_to_CAM[4][3], double CAM_to_RGB[3][4], double mul[4]);
data/darktable-3.2.1/src/common/cups_print.c:277:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char resource[1024];
data/darktable-3.2.1/src/common/cups_print.c:295:15:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
              char common_name[MAX_NAME] = { 0 };
data/darktable-3.2.1/src/common/cups_print.c:434:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char tmpfile[PATH_MAX] = { 0 };
data/darktable-3.2.1/src/common/cups_print.c:434:10:  [2] (tmpfile) tmpfile:
  Function tmpfile() has a security flaw on some systems (e.g., older System
  V systems) (CWE-377).
    char tmpfile[PATH_MAX] = { 0 };
data/darktable-3.2.1/src/common/cups_print.c:436:24:  [2] (tmpfile) tmpfile:
  Function tmpfile() has a security flaw on some systems (e.g., older System
  V systems) (CWE-377).
    dt_loc_get_tmp_dir(tmpfile, sizeof(tmpfile));
data/darktable-3.2.1/src/common/cups_print.c:436:40:  [2] (tmpfile) tmpfile:
  Function tmpfile() has a security flaw on some systems (e.g., older System
  V systems) (CWE-377).
    dt_loc_get_tmp_dir(tmpfile, sizeof(tmpfile));
data/darktable-3.2.1/src/common/cups_print.c:437:15:  [2] (tmpfile) tmpfile:
  Function tmpfile() has a security flaw on some systems (e.g., older System
  V systems) (CWE-377).
    g_strlcat(tmpfile, "/dt_cups_opts_XXXXXX", sizeof(tmpfile));
data/darktable-3.2.1/src/common/cups_print.c:437:55:  [2] (tmpfile) tmpfile:
  Function tmpfile() has a security flaw on some systems (e.g., older System
  V systems) (CWE-377).
    g_strlcat(tmpfile, "/dt_cups_opts_XXXXXX", sizeof(tmpfile));
data/darktable-3.2.1/src/common/cups_print.c:439:25:  [2] (tmpfile) tmpfile:
  Function tmpfile() has a security flaw on some systems (e.g., older System
  V systems) (CWE-377).
    gint fd = g_mkstemp(tmpfile);
data/darktable-3.2.1/src/common/cups_print.c:457:46:  [2] (tmpfile) tmpfile:
  Function tmpfile() has a security flaw on some systems (e.g., older System
  V systems) (CWE-377).
    argv[3] = g_strdup_printf("--output=%s", tmpfile);
data/darktable-3.2.1/src/common/cups_print.c:483:30:  [2] (tmpfile) tmpfile:
  Function tmpfile() has a security flaw on some systems (e.g., older System
  V systems) (CWE-377).
      FILE *stream = g_fopen(tmpfile, "rb");
data/darktable-3.2.1/src/common/cups_print.c:487:9:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
        char optname[100];
data/darktable-3.2.1/src/common/cups_print.c:488:9:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
        char optvalue[100];
data/darktable-3.2.1/src/common/cups_print.c:506:16:  [2] (tmpfile) tmpfile:
  Function tmpfile() has a security flaw on some systems (e.g., older System
  V systems) (CWE-377).
      g_unlink(tmpfile);
data/darktable-3.2.1/src/common/cups_print.h:39:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char name[MAX_NAME], common_name[MAX_NAME];
data/darktable-3.2.1/src/common/cups_print.h:45:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char name[MAX_NAME], common_name[MAX_NAME];
data/darktable-3.2.1/src/common/cups_print.h:57:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char name[MAX_NAME];
data/darktable-3.2.1/src/common/cups_print.h:61:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char profile[256];
data/darktable-3.2.1/src/common/curl_tools.c:31:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char datadir[PATH_MAX] = { 0 };
data/darktable-3.2.1/src/common/darktable.c:175:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char pathtmp[PATH_MAX] = { 0 };
data/darktable-3.2.1/src/common/darktable.c:666:46:  [2] (integer) atol:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
        darktable.num_openmp_threads = CLAMP(atol(argv[k + 1]), 1, 100);
data/darktable-3.2.1/src/common/darktable.c:784:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char datadir[PATH_MAX] = { 0 };
data/darktable-3.2.1/src/common/darktable.c:786:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char darktablerc[PATH_MAX] = { 0 };
data/darktable-3.2.1/src/common/darktable.c:1018:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char keyfile[PATH_MAX] = { 0 };
data/darktable-3.2.1/src/common/darktable.c:1275:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char buf[140]; /* Arbitrary size, should be lots big enough for everything used in DT */
data/darktable-3.2.1/src/common/darktable.c:1289:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char buf[160]; /* Arbitrary size, should be lots big enough for everything used in DT */
data/darktable-3.2.1/src/common/darktable.h:438:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char vmsize[64];
data/darktable-3.2.1/src/common/darktable.h:439:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char vmpeak[64];
data/darktable-3.2.1/src/common/darktable.h:440:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char vmrss[64];
data/darktable-3.2.1/src/common/darktable.h:441:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char vmhwm[64];
data/darktable-3.2.1/src/common/darktable.h:444:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char pidstatus[128];
data/darktable-3.2.1/src/common/darktable.h:523:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char line[256];
data/darktable-3.2.1/src/common/darktable.h:604:43:  [2] (integer) atol:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
  if(getline(&line, &len, f) != -1) mem = atol(line + 10);
data/darktable-3.2.1/src/common/database.c:1217:7:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
      char operation[20] = { 0 };
data/darktable-3.2.1/src/common/database.c:2172:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char lck_pathname[1024];
data/darktable-3.2.1/src/common/database.c:2232:5:  [2] (buffer) wchar_t:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    wchar_t wfilename[MAX_PATH];
data/darktable-3.2.1/src/common/database.c:2297:7:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
      char buf[64];
data/darktable-3.2.1/src/common/database.c:2305:33:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
          db->error_other_pid = atoi(buf);
data/darktable-3.2.1/src/common/database.c:2481:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char dbfilename_data[PATH_MAX] = { 0 };
data/darktable-3.2.1/src/common/database.c:2837:7:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
      char destdbname[PATH_MAX] = { 0 };
data/darktable-3.2.1/src/common/database.c:2857:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char cachedir[PATH_MAX] = { 0 }, mipmapfilename[PATH_MAX] = { 0 };
data/darktable-3.2.1/src/common/dtpthread.h:47:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char name[256];
data/darktable-3.2.1/src/common/dtpthread.h:51:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char top_locked_name[TOPN][256];
data/darktable-3.2.1/src/common/dtpthread.h:53:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char top_wait_name[TOPN][256];
data/darktable-3.2.1/src/common/dtpthread.h:62:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char name[256];
data/darktable-3.2.1/src/common/dwt.c:232:25:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
  if(p->image != layer) memcpy(p->image, layer, p->width * p->height * p->ch * sizeof(float));
data/darktable-3.2.1/src/common/dwt.c:346:7:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
      memcpy(&(buffer[lpass][row * p->width * p->ch]), temp, p->width * p->ch * sizeof(float));
data/darktable-3.2.1/src/common/exif.cc:664:62:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
    std::unique_ptr<Exiv2::Image> image(Exiv2::ImageFactory::open(WIDEN(filename)));
data/darktable-3.2.1/src/common/exif.cc:850:9:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
        char tagname[64];
data/darktable-3.2.1/src/common/exif.cc:1359:62:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
    std::unique_ptr<Exiv2::Image> image(Exiv2::ImageFactory::open(WIDEN(path)));
data/darktable-3.2.1/src/common/exif.cc:1391:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(*buffer, tmp, _size);
data/darktable-3.2.1/src/common/exif.cc:1420:62:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
    std::unique_ptr<Exiv2::Image> image(Exiv2::ImageFactory::open(WIDEN(path)));
data/darktable-3.2.1/src/common/exif.cc:1464:62:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
    std::unique_ptr<Exiv2::Image> image(Exiv2::ImageFactory::open(WIDEN(path)));
data/darktable-3.2.1/src/common/exif.cc:1540:62:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
    std::unique_ptr<Exiv2::Image> image(Exiv2::ImageFactory::open(WIDEN(path)));
data/darktable-3.2.1/src/common/exif.cc:1833:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(*buf, "Exif\000\000", 6);
data/darktable-3.2.1/src/common/exif.cc:1834:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(*buf + 6, &(blob[0]), length);
data/darktable-3.2.1/src/common/exif.cc:1919:11:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    const char hex[16] = { '0', '1', '2', '3', '4', '5', '6', '7', '8', '9', 'a', 'b', 'c', 'd', 'e', 'f' };
data/darktable-3.2.1/src/common/exif.cc:2039:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char tagbuf[1024];
data/darktable-3.2.1/src/common/exif.cc:2243:33:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
    current_entry->modversion = atoi(modversion_iter->child_value());
data/darktable-3.2.1/src/common/exif.cc:2256:39:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
      current_entry->multi_priority = atoi(multi_priority_iter->child_value());
data/darktable-3.2.1/src/common/exif.cc:2262:40:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
      current_entry->blendop_version = atoi(blendop_version_iter->child_value());
data/darktable-3.2.1/src/common/exif.cc:2673:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char query[1024] = { 0 };
data/darktable-3.2.1/src/common/exif.cc:2702:62:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
    std::unique_ptr<Exiv2::Image> image(Exiv2::ImageFactory::open(WIDEN(filename)));
data/darktable-3.2.1/src/common/exif.cc:3145:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char key[1024];
data/darktable-3.2.1/src/common/exif.cc:3314:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char xmpkey[1024] = { 0 };
data/darktable-3.2.1/src/common/exif.cc:3315:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char query[1024] = { 0 };
data/darktable-3.2.1/src/common/exif.cc:3316:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char values[1024] = { 0 };
data/darktable-3.2.1/src/common/exif.cc:3317:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char tmp[64];
data/darktable-3.2.1/src/common/exif.cc:3432:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char val[2048];
data/darktable-3.2.1/src/common/exif.cc:3694:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char input_filename[PATH_MAX] = { 0 };
data/darktable-3.2.1/src/common/exif.cc:3781:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char input_filename[PATH_MAX] = { 0 };
data/darktable-3.2.1/src/common/exif.cc:3785:60:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
    std::unique_ptr<Exiv2::Image> img(Exiv2::ImageFactory::open(WIDEN(filename)));
data/darktable-3.2.1/src/common/exif.cc:3794:70:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
      std::unique_ptr<Exiv2::Image> input_image(Exiv2::ImageFactory::open(WIDEN(input_filename)));
data/darktable-3.2.1/src/common/exif.cc:3941:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char imgfname[PATH_MAX] = { 0 };
data/darktable-3.2.1/src/common/exif.cc:4078:62:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
    std::unique_ptr<Exiv2::Image> image(Exiv2::ImageFactory::open(data, size));
data/darktable-3.2.1/src/common/exif.cc:4082:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char exif_datetime_taken[20];
data/darktable-3.2.1/src/common/file_location.c:118:3:  [2] (buffer) wchar_t:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  wchar_t fn[PATH_MAX];
data/darktable-3.2.1/src/common/film.h:35:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char dirname[512];
data/darktable-3.2.1/src/common/grealpath.h:22:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char buffer[PATH_MAX] = { 0 };
data/darktable-3.2.1/src/common/guided_filter.c:161:7:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
      memcpy(img2_bak.data, img2.data + (size_t)i1 * img2.width, sizeof(float) * img2.width);
data/darktable-3.2.1/src/common/history.c:376:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(module->params, mod_src->params, module->params_size);
data/darktable-3.2.1/src/common/history.c:379:7:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
      memcpy(module->blend_params, mod_src->blend_params, sizeof(dt_develop_blend_params_t));
data/darktable-3.2.1/src/common/history.c:818:7:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
      char name[512] = { 0 };
data/darktable-3.2.1/src/common/history.c:856:9:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  const char *onoff[2] = { _("off"), _("on") };
data/darktable-3.2.1/src/common/history.c:885:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char tagname[64];
data/darktable-3.2.1/src/common/history.c:1177:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(new, old, sizeof(dt_dev_history_item_t));
data/darktable-3.2.1/src/common/history.c:1201:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(new->params, old->params, params_size);
data/darktable-3.2.1/src/common/history.c:1202:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(new->blend_params, old->blend_params, sizeof(dt_develop_blend_params_t));
data/darktable-3.2.1/src/common/history.c:1417:7:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
      memcpy(hash->basic, buf, hash->basic_len);
data/darktable-3.2.1/src/common/history.c:1424:7:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
      memcpy(hash->auto_apply, buf, hash->auto_apply_len);
data/darktable-3.2.1/src/common/history.c:1431:7:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
      memcpy(hash->current, buf, hash->current_len);
data/darktable-3.2.1/src/common/image.c:202:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char pathname[PATH_MAX] = { 0 };
data/darktable-3.2.1/src/common/image.c:235:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char lc_pathname[PATH_MAX] = { 0 };
data/darktable-3.2.1/src/common/image.c:257:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char filename[PATH_MAX] = { 0 };
data/darktable-3.2.1/src/common/image.c:258:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char cachedir[PATH_MAX] = { 0 };
data/darktable-3.2.1/src/common/image.c:379:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
  memcpy(&image->geoloc, geoloc, sizeof(dt_image_geoloc_t));
data/darktable-3.2.1/src/common/image.c:424:7:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
      memcpy(&undogeotag->after, geoloc, sizeof(dt_image_geoloc_t));
data/darktable-3.2.1/src/common/image.c:499:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char filename[PATH_MAX] = { 0 };
data/darktable-3.2.1/src/common/image.c:1135:17:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
      version = atoi(idfield);
data/darktable-3.2.1/src/common/image.c:1400:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char dtfilename[PATH_MAX] = { 0 };
data/darktable-3.2.1/src/common/image.c:1418:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char tagname[512];
data/darktable-3.2.1/src/common/image.c:2168:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char filename[PATH_MAX] = { 0 };
data/darktable-3.2.1/src/common/image.c:2275:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char filename[PATH_MAX] = { 0 };
data/darktable-3.2.1/src/common/image.c:2376:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char image_path[PATH_MAX] = { 0 };
data/darktable-3.2.1/src/common/image.c:2408:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char image_path[PATH_MAX] = { 0 };
data/darktable-3.2.1/src/common/image.h:166:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char exif_maker[64];
data/darktable-3.2.1/src/common/image.h:167:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char exif_model[64];
data/darktable-3.2.1/src/common/image.h:168:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char exif_lens[128];
data/darktable-3.2.1/src/common/image.h:169:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char exif_datetime_taken[20];
data/darktable-3.2.1/src/common/image.h:171:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char camera_maker[64];
data/darktable-3.2.1/src/common/image.h:172:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char camera_model[64];
data/darktable-3.2.1/src/common/image.h:173:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char camera_alias[64];
data/darktable-3.2.1/src/common/image.h:174:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char camera_makermodel[128];
data/darktable-3.2.1/src/common/image.h:175:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char camera_legacy_makermodel[128];
data/darktable-3.2.1/src/common/image.h:177:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char filename[DT_MAX_FILENAME_LEN];
data/darktable-3.2.1/src/common/image_cache.c:81:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(&img->legacy_flip, &tmp, sizeof(dt_image_raw_parameters_t));
data/darktable-3.2.1/src/common/imageio.c:239:33:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    for(int j = 0; j < ht; j++) memcpy(out + (size_t)j * bpp * wd, in + (size_t)j * stride, bpp * wd);
data/darktable-3.2.1/src/common/imageio.c:271:7:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
      memcpy(out2, in2, bpp);
data/darktable-3.2.1/src/common/imageio.c:977:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char pathname[PATH_MAX] = { 0 };
data/darktable-3.2.1/src/common/imageio.c:1084:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char tagname[64];
data/darktable-3.2.1/src/common/imageio.c:1094:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char tagname[64];
data/darktable-3.2.1/src/common/imageio_avif.c:348:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(data, icc.data, icc.size);
data/darktable-3.2.1/src/common/imageio_avif.c:716:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(data, icc.data, icc.size);
data/darktable-3.2.1/src/common/imageio_dng.h:165:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
  memcpy(buf+400, xtrans, sizeof(uint8_t)*36);
data/darktable-3.2.1/src/common/imageio_dng.h:180:11:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    const char *filename, const float *const pixel, const int wd,
data/darktable-3.2.1/src/common/imageio_j2k.c:96:12:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  unsigned char src_header[12] = { 0 };
data/darktable-3.2.1/src/common/imageio_j2k.c:316:12:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  unsigned char src_header[12] = { 0 };
data/darktable-3.2.1/src/common/imageio_jpeg.c:414:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char marker_present[MAX_SEQ_NO + 1];      /* 1 if marker found */
data/darktable-3.2.1/src/common/imageio_module.c:123:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char pseudo_type_name[1024];
data/darktable-3.2.1/src/common/imageio_module.c:152:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char plugindir[PATH_MAX] = { 0 }, plugin_name[256];
data/darktable-3.2.1/src/common/imageio_module.c:262:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char pseudo_type_name[1024];
data/darktable-3.2.1/src/common/imageio_module.c:289:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char plugindir[PATH_MAX] = { 0 }, plugin_name[256];
data/darktable-3.2.1/src/common/imageio_module.h:62:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char style[128];
data/darktable-3.2.1/src/common/imageio_module.h:74:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char plugin_name[128];
data/darktable-3.2.1/src/common/imageio_module.h:143:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char plugin_name[128];
data/darktable-3.2.1/src/common/imageio_pfm.c:44:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char head[2] = { 'X', 'X' };
data/darktable-3.2.1/src/common/imageio_pfm.c:89:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(line, buf + img->width * j * 4, 4 * sizeof(float) * img->width);
data/darktable-3.2.1/src/common/imageio_pfm.c:90:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(buf + img->width * j * 4, buf + img->width * (img->height - 1 - j) * 4,
data/darktable-3.2.1/src/common/imageio_pfm.c:92:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(buf + img->width * (img->height - 1 - j) * 4, line, 4 * sizeof(float) * img->width);
data/darktable-3.2.1/src/common/imageio_png.c:236:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(*out, profile, proflen);
data/darktable-3.2.1/src/common/imageio_pnm.c:204:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char head[2] = { 'X', 'X' };
data/darktable-3.2.1/src/common/imageio_rawspeed.cc:62:7:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
      char datadir[PATH_MAX] = { 0 }, camfile[PATH_MAX] = { 0 };
data/darktable-3.2.1/src/common/imageio_rawspeed.cc:118:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char filen[PATH_MAX] = { 0 };
data/darktable-3.2.1/src/common/imageio_rawspeed.cc:341:7:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
      memcpy(buf, r->getDataUncropped(0, 0), bufSize_mipmap);
data/darktable-3.2.1/src/common/imageio_rgbe.c:39:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char programtype[16]; /* listed at beginning of file to identify it
data/darktable-3.2.1/src/common/imageio_rgbe.c:99:21:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
float2rgbe(unsigned char rgbe[4], float red, float green, float blue)
data/darktable-3.2.1/src/common/imageio_rgbe.c:125:72:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
static void rgbe2float(float *red, float *green, float *blue, unsigned char rgbe[4])
data/darktable-3.2.1/src/common/imageio_rgbe.c:170:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char buf[128];
data/darktable-3.2.1/src/common/imageio_rgbe.c:263:12:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  unsigned char rgbe[4];
data/darktable-3.2.1/src/common/imageio_rgbe.c:280:12:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  unsigned char rgbe[4];
data/darktable-3.2.1/src/common/imageio_rgbe.c:301:12:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  unsigned char buf[2];
data/darktable-3.2.1/src/common/imageio_rgbe.c:357:12:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  unsigned char rgbe[4];
data/darktable-3.2.1/src/common/imageio_rgbe.c:408:12:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  unsigned char rgbe[4], *scanline_buffer, *ptr_end;
data/darktable-3.2.1/src/common/imageio_rgbe.c:410:12:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  unsigned char buf[2];
data/darktable-3.2.1/src/common/imageio_tiff.c:405:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(*out, profile, profile_len);
data/darktable-3.2.1/src/common/interpolation.c:1485:7:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
      memcpy((char *)out + (size_t)out_stride * y,
data/darktable-3.2.1/src/common/interpolation.c:1644:7:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
      memcpy(o, i, out_stride);
data/darktable-3.2.1/src/common/interpolation.c:2094:7:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
      memcpy(o, i, out_stride);
data/darktable-3.2.1/src/common/iop_order.c:882:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char operation[20];
data/darktable-3.2.1/src/common/iop_order.c:883:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(operation, entry->operation, sizeof(entry->operation));
data/darktable-3.2.1/src/common/iop_order.c:1311:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
  memcpy(new_entry, scr_entry, sizeof(dt_iop_order_entry_t));
data/darktable-3.2.1/src/common/iop_order.c:1968:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(params+pos, &len, sizeof(int32_t));
data/darktable-3.2.1/src/common/iop_order.c:1972:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(params+pos, entry->operation, len);
data/darktable-3.2.1/src/common/iop_order.c:1976:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(params+pos, &(entry->instance), sizeof(int32_t));
data/darktable-3.2.1/src/common/iop_order.c:2097:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(entry->operation, buf, len);
data/darktable-3.2.1/src/common/iop_order.h:146:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char operation[20];
data/darktable-3.2.1/src/common/iop_order.h:148:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char name[25];
data/darktable-3.2.1/src/common/iop_order.h:153:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char op_prev[20];
data/darktable-3.2.1/src/common/iop_order.h:154:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char op_next[20];
data/darktable-3.2.1/src/common/iop_profile.c:1134:7:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
      memcpy(image_out, image_in, width * height * 4 * sizeof(float));
data/darktable-3.2.1/src/common/iop_profile.h:42:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char filename[DT_IOPPR_COLOR_ICC_LEN];
data/darktable-3.2.1/src/common/l10n.c:79:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char datadir[PATH_MAX] = { 0 };
data/darktable-3.2.1/src/common/l10n.c:100:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char localedir[PATH_MAX] = { 0 };
data/darktable-3.2.1/src/common/l10n.c:107:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char localedir[PATH_MAX] = { 0 };
data/darktable-3.2.1/src/common/l10n.c:282:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char localedir[PATH_MAX] = { 0 };
data/darktable-3.2.1/src/common/locallaplacian.c:115:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
  memcpy(input,    input+wd, sizeof(float)*wd);
data/darktable-3.2.1/src/common/locallaplacian.c:116:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
  memcpy(input+wd*(ht-1), input+wd*(ht-2), sizeof(float)*wd);
data/darktable-3.2.1/src/common/locallaplacian.c:128:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
  memcpy(input, input+wd, sizeof(float)*wd);
data/darktable-3.2.1/src/common/locallaplacian.c:129:17:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
  if(!(ht & 1)) memcpy(input+wd*(ht-2), input+wd*(ht-3), sizeof(float)*wd);
data/darktable-3.2.1/src/common/locallaplacian.c:130:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
  memcpy(input+wd*(ht-1), input+wd*(ht-2), sizeof(float)*wd);
data/darktable-3.2.1/src/common/locallaplacian.c:146:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(buf + w*j, buf+padding*w, sizeof(float)*w);
data/darktable-3.2.1/src/common/locallaplacian.c:147:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(buf + w*(h-padding+j), buf+w*(h-padding-1), sizeof(float)*w);
data/darktable-3.2.1/src/common/metadata.c:206:61:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
      metadata_list = dt_util_dstrcat(metadata_list, "%d,", atoi(b->data));
data/darktable-3.2.1/src/common/metadata.c:235:93:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
      metadata_list = dt_util_dstrcat(metadata_list, "(%d,%d,'%s'),", GPOINTER_TO_INT(img), atoi(a->data), escaped_text);
data/darktable-3.2.1/src/common/mipmap_cache.c:96:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char redzone[16];
data/darktable-3.2.1/src/common/mipmap_cache.c:127:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
  memcpy(buf->buf, image, sizeof(uint32_t) * 64);
data/darktable-3.2.1/src/common/mipmap_cache.c:154:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(buf->buf, image, sizeof(float) * 4 * 64);
data/darktable-3.2.1/src/common/mipmap_cache.c:165:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(buf->buf, image, sizeof(__m128) * 64);
data/darktable-3.2.1/src/common/mipmap_cache.c:207:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char cachedir[PATH_MAX] = { 0 };
data/darktable-3.2.1/src/common/mipmap_cache.c:376:7:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
      char filename[PATH_MAX] = {0};
data/darktable-3.2.1/src/common/mipmap_cache.c:443:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char filename[PATH_MAX] = { 0 };
data/darktable-3.2.1/src/common/mipmap_cache.c:467:9:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
        char filename[PATH_MAX] = {0};
data/darktable-3.2.1/src/common/mipmap_cache.c:738:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char filename[PATH_MAX] = {0};
data/darktable-3.2.1/src/common/mipmap_cache.c:774:9:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
        char filename[PATH_MAX] = { 0 };
data/darktable-3.2.1/src/common/mipmap_cache.c:923:7:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
      char filename[PATH_MAX] = {0};
data/darktable-3.2.1/src/common/mipmap_cache.c:1029:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char filename[PATH_MAX] = { 0 };
data/darktable-3.2.1/src/common/mipmap_cache.c:1142:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
  memcpy(d->buf, in, data->width * data->height * sizeof(uint32_t));
data/darktable-3.2.1/src/common/mipmap_cache.c:1152:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char filename[PATH_MAX] = { 0 };
data/darktable-3.2.1/src/common/mipmap_cache.c:1310:7:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
      char srcpath[PATH_MAX] = {0};
data/darktable-3.2.1/src/common/mipmap_cache.c:1311:7:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
      char dstpath[PATH_MAX] = {0};
data/darktable-3.2.1/src/common/mipmap_cache.h:101:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char cachedir[PATH_MAX]; // cached sha1sum filename for faster access
data/darktable-3.2.1/src/common/module.c:33:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char plugindir[PATH_MAX] = { 0 };
data/darktable-3.2.1/src/common/noiseprofiles.c:33:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char filename[PATH_MAX] = { 0 };
data/darktable-3.2.1/src/common/noiseprofiles.c:38:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char datadir[PATH_MAX] = { 0 };
data/darktable-3.2.1/src/common/opencl.c:397:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char kerneldir[PATH_MAX] = { 0 };
data/darktable-3.2.1/src/common/opencl.c:420:9:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  const char *clincludes[DT_OPENCL_MAX_INCLUDES] = { "color_conversion.cl", "colorspaces.cl", "colorspace.cl", "common.h", NULL };
data/darktable-3.2.1/src/common/opencl.c:421:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char *includemd5[DT_OPENCL_MAX_INCLUDES] = { NULL };
data/darktable-3.2.1/src/common/opencl.c:476:7:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
      char md5sum[33];
data/darktable-3.2.1/src/common/opencl.c:764:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char checksum[64];
data/darktable-3.2.1/src/common/opencl.c:1159:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char tmp[2048] = { 0 };
data/darktable-3.2.1/src/common/opencl.c:1339:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char tmp[2048];
data/darktable-3.2.1/src/common/opencl.c:1405:7:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
      memcpy(priority, cl->dev_priority_image, prio_size);
data/darktable-3.2.1/src/common/opencl.c:1409:7:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
      memcpy(priority, cl->dev_priority_preview, prio_size);
data/darktable-3.2.1/src/common/opencl.c:1413:7:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
      memcpy(priority, cl->dev_priority_export, prio_size);
data/darktable-3.2.1/src/common/opencl.c:1417:7:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
      memcpy(priority, cl->dev_priority_thumbnail, prio_size);
data/darktable-3.2.1/src/common/opencl.c:1421:7:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
      memcpy(priority, cl->dev_priority_preview2, prio_size);
data/darktable-3.2.1/src/common/opencl.c:1507:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char dtpath[PATH_MAX] = { 0 };
data/darktable-3.2.1/src/common/opencl.c:1508:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char filename[PATH_MAX] = { 0 };
data/darktable-3.2.1/src/common/opencl.c:1629:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char linkedfile[PATH_MAX] = { 0 };
data/darktable-3.2.1/src/common/opencl.c:1635:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char dup[PATH_MAX] = { 0 };
data/darktable-3.2.1/src/common/opencl.c:1695:7:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
      char link_dest[PATH_MAX] = { 0 };
data/darktable-3.2.1/src/common/opencl.c:1812:63:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
      for(int i = 0; i < numdev; i++) binaries[i] = (unsigned char *)malloc(binary_sizes[i]);
data/darktable-3.2.1/src/common/opencl.c:1825:11:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
          char link_dest[PATH_MAX] = { 0 };
data/darktable-3.2.1/src/common/opencl.c:1834:11:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
          char cwd[PATH_MAX] = { 0 };
data/darktable-3.2.1/src/common/opencl.c:1837:11:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
          char dup[PATH_MAX] = { 0 };
data/darktable-3.2.1/src/common/opencl.c:1843:11:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
          char finalfilename[PATH_MAX] = { 0 };
data/darktable-3.2.1/src/common/opencl.c:1983:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char buf[256];
data/darktable-3.2.1/src/common/opencl.c:2707:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(neweventlist, *eventlist, *maxevents * sizeof(cl_event));
data/darktable-3.2.1/src/common/opencl.c:2708:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(neweventtags, *eventtags, *maxevents * sizeof(dt_opencl_eventtag_t));
data/darktable-3.2.1/src/common/opencl.c:2718:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
  memcpy((*eventlist) + *numevents - 1, zeroevent, sizeof(cl_event));
data/darktable-3.2.1/src/common/opencl.h:79:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char tag[DT_OPENCL_EVENTNAMELENGTH];
data/darktable-3.2.1/src/common/pdf.c:256:9:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  const char hex[16] = { '0', '1', '2', '3', '4', '5', '6', '7', '8', '9', 'a', 'b', 'c', 'd', 'e', 'f' };
data/darktable-3.2.1/src/common/pdf.c:258:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char buf[512]; // keep this a multiple of 2!
data/darktable-3.2.1/src/common/pdf.c:563:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char translate_x_str[G_ASCII_DTOSTR_BUF_SIZE];
data/darktable-3.2.1/src/common/pdf.c:564:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char translate_y_str[G_ASCII_DTOSTR_BUF_SIZE];
data/darktable-3.2.1/src/common/pdf.c:565:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char scale_x_str[G_ASCII_DTOSTR_BUF_SIZE];
data/darktable-3.2.1/src/common/pdf.c:566:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char scale_y_str[G_ASCII_DTOSTR_BUF_SIZE];
data/darktable-3.2.1/src/common/pdf.c:607:7:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
      char bb_x_str[G_ASCII_DTOSTR_BUF_SIZE];
data/darktable-3.2.1/src/common/pdf.c:608:7:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
      char bb_y_str[G_ASCII_DTOSTR_BUF_SIZE];
data/darktable-3.2.1/src/common/pdf.c:609:7:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
      char bb_w_str[G_ASCII_DTOSTR_BUF_SIZE];
data/darktable-3.2.1/src/common/pdf.c:610:7:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
      char bb_h_str[G_ASCII_DTOSTR_BUF_SIZE];
data/darktable-3.2.1/src/common/pdf.c:674:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char time_str[30];
data/darktable-3.2.1/src/common/pdf.c:793:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char magic[3];
data/darktable-3.2.1/src/common/poison.h:22:20:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
#pragma GCC poison fopen // use g_fopen
data/darktable-3.2.1/src/common/presets.c:47:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char presetname[520];
data/darktable-3.2.1/src/common/presets.c:147:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char xpath[128] = { 0 };
data/darktable-3.2.1/src/common/presets.c:179:30:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
  const int result = value ? atoi(value) : 0;
data/darktable-3.2.1/src/common/pwstorage/backend_kwallet.c:105:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
  memcpy(result, &BE_bytes, sizeof(guint));
data/darktable-3.2.1/src/common/pwstorage/backend_kwallet.c:106:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
  memcpy(result + sizeof(guint), out, bytes);
data/darktable-3.2.1/src/common/pwstorage/backend_kwallet.c:436:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
  memcpy(length, pos, sizeof(gint));
data/darktable-3.2.1/src/common/pwstorage/backend_kwallet.c:442:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
  memcpy(tmp_string, pos, *length);
data/darktable-3.2.1/src/common/styles.c:127:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char last_operation[128] = { 0 };
data/darktable-3.2.1/src/common/styles.c:260:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char query[4096] = { 0 };
data/darktable-3.2.1/src/common/styles.c:261:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char tmp[500];
data/darktable-3.2.1/src/common/styles.c:371:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char tmp[64];
data/darktable-3.2.1/src/common/styles.c:372:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char include[2048] = { 0 };
data/darktable-3.2.1/src/common/styles.c:382:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char query[4096] = { 0 };
data/darktable-3.2.1/src/common/styles.c:397:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char stylesdir[PATH_MAX] = { 0 };
data/darktable-3.2.1/src/common/styles.c:409:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char tmp_accel[1024];
data/darktable-3.2.1/src/common/styles.c:445:7:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
      char tmp[64];
data/darktable-3.2.1/src/common/styles.c:446:7:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
      char include[2048] = { 0 };
data/darktable-3.2.1/src/common/styles.c:455:7:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
      char query[4096] = { 0 };
data/darktable-3.2.1/src/common/styles.c:492:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char stylesdir[PATH_MAX] = { 0 };
data/darktable-3.2.1/src/common/styles.c:499:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char tmp_accel[1024];
data/darktable-3.2.1/src/common/styles.c:535:7:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
      char tmp[64];
data/darktable-3.2.1/src/common/styles.c:536:7:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
      char include[2048] = { 0 };
data/darktable-3.2.1/src/common/styles.c:546:7:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
      char query[4096] = { 0 };
data/darktable-3.2.1/src/common/styles.c:576:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char stylesdir[PATH_MAX] = { 0 };
data/darktable-3.2.1/src/common/styles.c:583:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char tmp_accel[1024];
data/darktable-3.2.1/src/common/styles.c:724:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(module->blend_params, style_item->blendop_params, sizeof(dt_develop_blend_params_t));
data/darktable-3.2.1/src/common/styles.c:734:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(module->blend_params, module->default_blendop_params, sizeof(dt_develop_blend_params_t));
data/darktable-3.2.1/src/common/styles.c:771:11:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
          memcpy(module->params, module->default_params, module->params_size);
data/darktable-3.2.1/src/common/styles.c:777:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(module->params, style_item->params, module->params_size);
data/darktable-3.2.1/src/common/styles.c:862:7:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
      memcpy(style_item->params, (void *)sqlite3_column_blob(stmt, 3), style_item->params_size);
data/darktable-3.2.1/src/common/styles.c:865:7:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
      memcpy(style_item->blendop_params, (void *)sqlite3_column_blob(stmt, 5), style_item->blendop_params_size);
data/darktable-3.2.1/src/common/styles.c:962:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char tmp_accel[1024];
data/darktable-3.2.1/src/common/styles.c:1028:7:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
      char iname[512] = { 0 };
data/darktable-3.2.1/src/common/styles.c:1062:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(item->params, op_blob, op_len);
data/darktable-3.2.1/src/common/styles.c:1067:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(item->blendop_params, bop_blob, bop_len);
data/darktable-3.2.1/src/common/styles.c:1124:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char filterstring[512] = { 0 };
data/darktable-3.2.1/src/common/styles.c:1156:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char stylename[520];
data/darktable-3.2.1/src/common/styles.c:1339:31:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
      plug->blendop_version = atoi(text);
data/darktable-3.2.1/src/common/styles.c:1343:30:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
      plug->multi_priority = atoi(text);
data/darktable-3.2.1/src/common/styles.c:1351:19:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
      plug->num = atoi(text);
data/darktable-3.2.1/src/common/styles.c:1355:22:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
      plug->module = atoi(text);
data/darktable-3.2.1/src/common/styles.c:1359:23:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
      plug->enabled = atoi(text);
data/darktable-3.2.1/src/common/styles.c:1534:7:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
      char tmp_accel[1024];
data/darktable-3.2.1/src/common/styles.c:1553:7:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
      char tmp_accel[1024];
data/darktable-3.2.1/src/common/system_signal_handling.c:92:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char datadir[PATH_MAX] = { 0 };
data/darktable-3.2.1/src/common/tags.c:849:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char query[256] = { 0 };
data/darktable-3.2.1/src/common/utility.c:111:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(np, p, s - p);
data/darktable-3.2.1/src/common/utility.c:113:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(np, substitute, strlen(substitute));
data/darktable-3.2.1/src/common/utility.c:118:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(np, p, pend - p);
data/darktable-3.2.1/src/common/utility.c:384:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char datadir[PATH_MAX] = { 0 };
data/darktable-3.2.1/src/common/utility.c:650:3:  [2] (buffer) wchar_t:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  wchar_t LongPath[MAX_PATH] = {0};
data/darktable-3.2.1/src/common/variables.c:906:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(result_iter, replacement, replacement_length);
data/darktable-3.2.1/src/control/conf.c:181:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char line[LINE_SIZE + 1];
data/darktable-3.2.1/src/control/conf.c:201:7:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
      char buf[PATH_MAX] = { 0 }, defaultrc[PATH_MAX] = { 0 };
data/darktable-3.2.1/src/control/conf.h:33:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char filename[PATH_MAX];
data/darktable-3.2.1/src/control/control.c:605:10:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  static char vimkey_input[256];
data/darktable-3.2.1/src/control/control.h:163:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char vimkey[256];
data/darktable-3.2.1/src/control/control.h:184:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char log_message[DT_CTL_LOG_SIZE][DT_CTL_LOG_MSG_SIZE];
data/darktable-3.2.1/src/control/control.h:191:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char toast_message[DT_CTL_TOAST_SIZE][DT_CTL_TOAST_MSG_SIZE];
data/darktable-3.2.1/src/control/crawler.c:335:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char timestamp_db[64], timestamp_xmp[64];
data/darktable-3.2.1/src/control/jobs.c:54:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char description[DT_CONTROL_DESCRIPTION_LEN];
data/darktable-3.2.1/src/control/jobs.c:511:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char name[16] = {0};
data/darktable-3.2.1/src/control/jobs.c:556:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char name[16] = {0};
data/darktable-3.2.1/src/control/jobs/camera_jobs.c:82:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char message[512] = { 0 };
data/darktable-3.2.1/src/control/jobs/camera_jobs.c:265:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
  memcpy(params->listener, listener, sizeof(dt_camctl_listener_t));
data/darktable-3.2.1/src/control/jobs/camera_jobs.c:340:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char message[512] = { 0 };
data/darktable-3.2.1/src/control/jobs/control_jobs.c:69:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char style[128];
data/darktable-3.2.1/src/control/jobs/control_jobs.c:109:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char message[512] = { 0 };
data/darktable-3.2.1/src/control/jobs/control_jobs.c:138:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char collect[1024];
data/darktable-3.2.1/src/control/jobs/control_jobs.c:228:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char dtfilename[PATH_MAX] = { 0 };
data/darktable-3.2.1/src/control/jobs/control_jobs.c:445:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char message[512] = { 0 };
data/darktable-3.2.1/src/control/jobs/control_jobs.c:493:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char pathname[PATH_MAX] = { 0 };
data/darktable-3.2.1/src/control/jobs/control_jobs.c:534:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char message[512] = { 0 };
data/darktable-3.2.1/src/control/jobs/control_jobs.c:561:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char message[512] = { 0 };
data/darktable-3.2.1/src/control/jobs/control_jobs.c:587:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char num[8];
data/darktable-3.2.1/src/control/jobs/control_jobs.c:639:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char message[512] = { 0 };
data/darktable-3.2.1/src/control/jobs/control_jobs.c:900:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char imgidstr[25] = { 0 };
data/darktable-3.2.1/src/control/jobs/control_jobs.c:902:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char message[512] = { 0 };
data/darktable-3.2.1/src/control/jobs/control_jobs.c:927:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char filename[PATH_MAX] = { 0 };
data/darktable-3.2.1/src/control/jobs/control_jobs.c:1132:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char message[512] = { 0 };
data/darktable-3.2.1/src/control/jobs/control_jobs.c:1182:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char message[512] = { 0 };
data/darktable-3.2.1/src/control/jobs/control_jobs.c:1189:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char sourcefile[PATH_MAX];
data/darktable-3.2.1/src/control/jobs/control_jobs.c:1281:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char message[512] = { 0 };
data/darktable-3.2.1/src/control/jobs/control_jobs.c:1298:7:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
      char imgfilename[PATH_MAX] = { 0 };
data/darktable-3.2.1/src/control/jobs/control_jobs.c:1775:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char message[512] = { 0 };
data/darktable-3.2.1/src/control/jobs/image_jobs.c:73:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char message[512] = { 0 };
data/darktable-3.2.1/src/control/settings.h:35:9:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
typedef char dt_dev_operation_t[20];
data/darktable-3.2.1/src/develop/blend.c:2781:7:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
      memcpy(mask_bak, mask, sizeof(*mask_bak) * buffsize);
data/darktable-3.2.1/src/develop/blend.c:2794:11:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
          memcpy(guide_tmp + oindex, (float *)ivoid + iindex, sizeof(*guide_tmp) * owidth * ch);
data/darktable-3.2.1/src/develop/blend.c:3493:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(n->blendif_parameters, o->blendif_parameters, 4 * DEVELOP_BLENDIF_SIZE * sizeof(float));
data/darktable-3.2.1/src/develop/blend.c:3516:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(n->blendif_parameters, o->blendif_parameters, 4 * DEVELOP_BLENDIF_SIZE * sizeof(float));
data/darktable-3.2.1/src/develop/blend.c:3542:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(n->blendif_parameters, o->blendif_parameters, 4 * DEVELOP_BLENDIF_SIZE * sizeof(float));
data/darktable-3.2.1/src/develop/blend.c:3563:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(n->blendif_parameters, o->blendif_parameters, 4 * DEVELOP_BLENDIF_SIZE * sizeof(float));
data/darktable-3.2.1/src/develop/blend.c:3583:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(n->blendif_parameters, o->blendif_parameters, 4 * DEVELOP_BLENDIF_SIZE * sizeof(float));
data/darktable-3.2.1/src/develop/blend.c:3607:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(n->blendif_parameters, o->blendif_parameters, 4 * DEVELOP_BLENDIF_SIZE * sizeof(float));
data/darktable-3.2.1/src/develop/blend.h:361:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char name[128];
data/darktable-3.2.1/src/develop/blend_gui.c:489:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char text[256];
data/darktable-3.2.1/src/develop/blend_gui.c:592:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char text[32];
data/darktable-3.2.1/src/develop/blend_gui.c:696:7:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
      char text[256];
data/darktable-3.2.1/src/develop/blend_gui.c:743:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char text[256];
data/darktable-3.2.1/src/develop/blend_gui.c:965:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
  memcpy(module->blend_params->blendif_parameters, module->default_blendop_params->blendif_parameters,
data/darktable-3.2.1/src/develop/blend_gui.c:1211:7:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
      char text[256];
data/darktable-3.2.1/src/develop/blend_gui.c:1784:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char txt[512];
data/darktable-3.2.1/src/develop/develop.c:908:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(hist->params, module->params, module->params_size);
data/darktable-3.2.1/src/develop/develop.c:909:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(hist->blend_params, module->blend_params, sizeof(dt_develop_blend_params_t));
data/darktable-3.2.1/src/develop/develop.c:928:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(hist->params, module->params, module->params_size);
data/darktable-3.2.1/src/develop/develop.c:931:7:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
      memcpy(hist->blend_params, module->blend_params, sizeof(dt_develop_blend_params_t));
data/darktable-3.2.1/src/develop/develop.c:949:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(hist->multi_name, module->multi_name, sizeof(module->multi_name));
data/darktable-3.2.1/src/develop/develop.c:1186:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(module->params, module->default_params, module->params_size);
data/darktable-3.2.1/src/develop/develop.c:1205:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(hist->module->params, hist->params, hist->module->params_size);
data/darktable-3.2.1/src/develop/develop.c:1444:9:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  const char *preset_table[2] = { "data.presets", "main.legacy_presets" };
data/darktable-3.2.1/src/develop/develop.c:1446:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char query[1024];
data/darktable-3.2.1/src/develop/develop.c:1814:7:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
      memcpy(hist->blend_params, blendop_params, sizeof(dt_develop_blend_params_t));
data/darktable-3.2.1/src/develop/develop.c:1824:7:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
      memcpy(hist->blend_params, hist->module->default_blendop_params, sizeof(dt_develop_blend_params_t));
data/darktable-3.2.1/src/develop/develop.c:1849:11:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
          memcpy(hist->blend_params, hist->module->blend_params, sizeof(dt_develop_blend_params_t));
data/darktable-3.2.1/src/develop/develop.c:1863:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(hist->params, hist->module->default_params, hist->module->params_size);
data/darktable-3.2.1/src/develop/develop.c:1869:7:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
      memcpy(hist->params, sqlite3_column_blob(stmt, 4), hist->module->params_size);
data/darktable-3.2.1/src/develop/develop.c:2130:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
  memcpy(exposure->params, exposure->default_params, exposure->params_size);
data/darktable-3.2.1/src/develop/develop.c:2289:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char mname[128];
data/darktable-3.2.1/src/develop/develop.h:40:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char op_name[20];
data/darktable-3.2.1/src/develop/develop.h:43:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char multi_name[128];
data/darktable-3.2.1/src/develop/imageop.c:91:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
  memcpy(module->default_blendop_params, &_default_blendop_params, sizeof(dt_develop_blend_params_t));
data/darktable-3.2.1/src/develop/imageop.c:134:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
  memcpy(piece->data, params, self->params_size);
data/darktable-3.2.1/src/develop/imageop.c:273:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
  memcpy(module->params, module->default_params, param_size);
data/darktable-3.2.1/src/develop/imageop.c:559:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char option[1024];
data/darktable-3.2.1/src/develop/imageop.c:579:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
  memcpy(module->default_blendop_params, &_default_blendop_params, sizeof(dt_develop_blend_params_t));
data/darktable-3.2.1/src/develop/imageop.c:904:7:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
      memcpy(module->params, base->params, module->params_size);
data/darktable-3.2.1/src/develop/imageop.c:1177:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char tooltip[512];
data/darktable-3.2.1/src/develop/imageop.c:1468:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(new_blend_params, module->default_blendop_params, sizeof(dt_develop_blend_params_t));
data/darktable-3.2.1/src/develop/imageop.c:1506:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char path[1024];
data/darktable-3.2.1/src/develop/imageop.c:1651:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
  memcpy(module->blend_params, blendop_params, sizeof(dt_develop_blend_params_t));
data/darktable-3.2.1/src/develop/imageop.c:1691:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(str, module->params, module->params_size);
data/darktable-3.2.1/src/develop/imageop.c:1696:7:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
      memcpy(str + module->params_size, blendop_params, sizeof(dt_develop_blend_params_t));
data/darktable-3.2.1/src/develop/imageop.c:1699:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(piece->blendop_data, blendop_params, sizeof(dt_develop_blend_params_t));
data/darktable-3.2.1/src/develop/imageop.c:1762:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
  memcpy(module->params, module->default_params, module->params_size);
data/darktable-3.2.1/src/develop/imageop.c:1922:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char var[1024];
data/darktable-3.2.1/src/develop/imageop.c:2051:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char tooltip[512];
data/darktable-3.2.1/src/develop/imageop.c:2079:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char w_name[256] = { 0 };
data/darktable-3.2.1/src/develop/imageop.c:2417:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char option[1024];
data/darktable-3.2.1/src/develop/imageop.h:392:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char multi_name[128]; // user may change this name
data/darktable-3.2.1/src/develop/lightroom.c:200:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char iccprofile[DT_IOP_COLOR_ICC_LEN];
data/darktable-3.2.1/src/develop/lightroom.c:242:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char pathname[DT_MAX_FILENAME_LEN];
data/darktable-3.2.1/src/develop/lightroom.c:498:22:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
      data->iwidth = atoi((char *)value);
data/darktable-3.2.1/src/develop/lightroom.c:500:23:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
      data->iheight = atoi((char *)value);
data/darktable-3.2.1/src/develop/lightroom.c:503:27:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
      data->orientation = atoi((char *)value);
data/darktable-3.2.1/src/develop/lightroom.c:515:15:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
      int v = atoi((char *)value);
data/darktable-3.2.1/src/develop/lightroom.c:533:15:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
      int v = atoi((char *)value);
data/darktable-3.2.1/src/develop/lightroom.c:542:15:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
      int v = atoi((char *)value);
data/darktable-3.2.1/src/develop/lightroom.c:547:15:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
      int v = atoi((char *)value);
data/darktable-3.2.1/src/develop/lightroom.c:555:15:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
      int v = atoi((char *)value);
data/darktable-3.2.1/src/develop/lightroom.c:560:15:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
      int v = atoi((char *)value);
data/darktable-3.2.1/src/develop/lightroom.c:565:15:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
      int v = atoi((char *)value);
data/darktable-3.2.1/src/develop/lightroom.c:574:15:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
      int v = atoi((char *)value);
data/darktable-3.2.1/src/develop/lightroom.c:579:28:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
      data->ptc_value[0] = atoi((char *)value);
data/darktable-3.2.1/src/develop/lightroom.c:583:28:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
      data->ptc_value[1] = atoi((char *)value);
data/darktable-3.2.1/src/develop/lightroom.c:587:28:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
      data->ptc_value[2] = atoi((char *)value);
data/darktable-3.2.1/src/develop/lightroom.c:591:28:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
      data->ptc_value[3] = atoi((char *)value);
data/darktable-3.2.1/src/develop/lightroom.c:618:15:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
      int v = atoi((char *)value);
data/darktable-3.2.1/src/develop/lightroom.c:624:15:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
      int v = atoi((char *)value);
data/darktable-3.2.1/src/develop/lightroom.c:630:15:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
      int v = atoi((char *)value);
data/darktable-3.2.1/src/develop/lightroom.c:636:15:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
      int v = atoi((char *)value);
data/darktable-3.2.1/src/develop/lightroom.c:642:15:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
      int v = atoi((char *)value);
data/darktable-3.2.1/src/develop/lightroom.c:648:15:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
      int v = atoi((char *)value);
data/darktable-3.2.1/src/develop/lightroom.c:654:15:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
      int v = atoi((char *)value);
data/darktable-3.2.1/src/develop/lightroom.c:660:15:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
      int v = atoi((char *)value);
data/darktable-3.2.1/src/develop/lightroom.c:666:15:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
      int v = atoi((char *)value);
data/darktable-3.2.1/src/develop/lightroom.c:672:15:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
      int v = atoi((char *)value);
data/darktable-3.2.1/src/develop/lightroom.c:678:15:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
      int v = atoi((char *)value);
data/darktable-3.2.1/src/develop/lightroom.c:684:15:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
      int v = atoi((char *)value);
data/darktable-3.2.1/src/develop/lightroom.c:690:15:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
      int v = atoi((char *)value);
data/darktable-3.2.1/src/develop/lightroom.c:696:15:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
      int v = atoi((char *)value);
data/darktable-3.2.1/src/develop/lightroom.c:702:15:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
      int v = atoi((char *)value);
data/darktable-3.2.1/src/develop/lightroom.c:708:15:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
      int v = atoi((char *)value);
data/darktable-3.2.1/src/develop/lightroom.c:714:15:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
      int v = atoi((char *)value);
data/darktable-3.2.1/src/develop/lightroom.c:720:15:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
      int v = atoi((char *)value);
data/darktable-3.2.1/src/develop/lightroom.c:726:15:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
      int v = atoi((char *)value);
data/darktable-3.2.1/src/develop/lightroom.c:732:15:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
      int v = atoi((char *)value);
data/darktable-3.2.1/src/develop/lightroom.c:738:15:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
      int v = atoi((char *)value);
data/darktable-3.2.1/src/develop/lightroom.c:744:15:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
      int v = atoi((char *)value);
data/darktable-3.2.1/src/develop/lightroom.c:750:15:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
      int v = atoi((char *)value);
data/darktable-3.2.1/src/develop/lightroom.c:756:15:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
      int v = atoi((char *)value);
data/darktable-3.2.1/src/develop/lightroom.c:762:15:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
      int v = atoi((char *)value);
data/darktable-3.2.1/src/develop/lightroom.c:768:15:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
      int v = atoi((char *)value);
data/darktable-3.2.1/src/develop/lightroom.c:774:15:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
      int v = atoi((char *)value);
data/darktable-3.2.1/src/develop/lightroom.c:780:15:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
      int v = atoi((char *)value);
data/darktable-3.2.1/src/develop/lightroom.c:791:15:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
      int v = atoi((char *)value);
data/darktable-3.2.1/src/develop/lightroom.c:800:15:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
      int v = atoi((char *)value);
data/darktable-3.2.1/src/develop/lightroom.c:1069:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char imported[256] = { 0 };
data/darktable-3.2.1/src/develop/lightroom.c:1234:7:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
      char expr[50];
data/darktable-3.2.1/src/develop/masks.h:168:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char name[128];
data/darktable-3.2.1/src/develop/masks.h:190:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char tag[128];
data/darktable-3.2.1/src/develop/masks.h:419:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(a->buffer, oldbuffer, oldsize * sizeof(float));
data/darktable-3.2.1/src/develop/masks.h:448:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(a->buffer, oldbuffer, oldsize * sizeof(float));
data/darktable-3.2.1/src/develop/masks.h:453:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
  memcpy(a->buffer + a->pos, values, n * sizeof(float));
data/darktable-3.2.1/src/develop/masks/brush.c:665:7:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
      memcpy(p1, pa, 7 * sizeof(float));
data/darktable-3.2.1/src/develop/masks/brush.c:666:7:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
      memcpy(p2, pb, 7 * sizeof(float));
data/darktable-3.2.1/src/develop/masks/brush.c:667:7:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
      memcpy(p3, pc, 7 * sizeof(float));
data/darktable-3.2.1/src/develop/masks/brush.c:668:7:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
      memcpy(p4, pd, 7 * sizeof(float));
data/darktable-3.2.1/src/develop/masks/brush.c:684:7:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
      memcpy(p1, pa, 7 * sizeof(float));
data/darktable-3.2.1/src/develop/masks/brush.c:685:7:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
      memcpy(p2, pb, 7 * sizeof(float));
data/darktable-3.2.1/src/develop/masks/brush.c:686:7:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
      memcpy(p3, pc, 7 * sizeof(float));
data/darktable-3.2.1/src/develop/masks/brush.c:687:7:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
      memcpy(p4, pd, 7 * sizeof(float));
data/darktable-3.2.1/src/develop/masks/masks.c:44:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
  memcpy(new_form, form, sizeof(struct dt_masks_form_t));
data/darktable-3.2.1/src/develop/masks/masks.c:73:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(item, pt->data, size_item);
data/darktable-3.2.1/src/develop/masks/masks.c:320:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char msg[256] = "";
data/darktable-3.2.1/src/develop/masks/masks.c:652:7:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
      memcpy(npt, pt, sizeof(dt_masks_point_circle_t));
data/darktable-3.2.1/src/develop/masks/masks.c:664:7:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
      memcpy(npt, pt, sizeof(dt_masks_point_path_t));
data/darktable-3.2.1/src/develop/masks/masks.c:676:7:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
      memcpy(npt, pt, sizeof(dt_masks_point_gradient_t));
data/darktable-3.2.1/src/develop/masks/masks.c:688:7:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
      memcpy(npt, pt, sizeof(dt_masks_point_ellipse_t));
data/darktable-3.2.1/src/develop/masks/masks.c:700:7:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
      memcpy(npt, pt, sizeof(dt_masks_point_brush_t));
data/darktable-3.2.1/src/develop/masks/masks.c:1336:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(form->source, sqlite3_column_blob(stmt, 7), 2 * sizeof(float));
data/darktable-3.2.1/src/develop/masks/masks.c:1342:7:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
      memcpy(circle, sqlite3_column_blob(stmt, 5), sizeof(dt_masks_point_circle_t));
data/darktable-3.2.1/src/develop/masks/masks.c:1351:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(point, ptbuf + i, sizeof(dt_masks_point_path_t));
data/darktable-3.2.1/src/develop/masks/masks.c:1361:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(point, ptbuf + i, sizeof(dt_masks_point_group_t));
data/darktable-3.2.1/src/develop/masks/masks.c:1369:7:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
      memcpy(gradient, sqlite3_column_blob(stmt, 5), sizeof(dt_masks_point_gradient_t));
data/darktable-3.2.1/src/develop/masks/masks.c:1376:7:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
      memcpy(ellipse, sqlite3_column_blob(stmt, 5), sizeof(dt_masks_point_ellipse_t));
data/darktable-3.2.1/src/develop/masks/masks.c:1385:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(point, ptbuf + i, sizeof(dt_masks_point_brush_t));
data/darktable-3.2.1/src/develop/masks/masks.c:2589:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
  memcpy(str + pos, &form->type, sizeof(dt_masks_type_t));
data/darktable-3.2.1/src/develop/masks/masks.c:2591:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
  memcpy(str + pos, &form->formid, sizeof(int));
data/darktable-3.2.1/src/develop/masks/masks.c:2593:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
  memcpy(str + pos, &form->version, sizeof(int));
data/darktable-3.2.1/src/develop/masks/masks.c:2595:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
  memcpy(str + pos, &form->source, 2 * sizeof(float));
data/darktable-3.2.1/src/develop/masks/masks.c:2608:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(str + pos, &grpt->state, sizeof(int));
data/darktable-3.2.1/src/develop/masks/masks.c:2610:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(str + pos, &grpt->opacity, sizeof(float));
data/darktable-3.2.1/src/develop/masks/masks.c:2618:7:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
      memcpy(str + pos, forms->data, sizeof(dt_masks_point_circle_t));
data/darktable-3.2.1/src/develop/masks/masks.c:2623:7:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
      memcpy(str + pos, forms->data, sizeof(dt_masks_point_path_t));
data/darktable-3.2.1/src/develop/masks/masks.c:2628:7:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
      memcpy(str + pos, forms->data, sizeof(dt_masks_point_gradient_t));
data/darktable-3.2.1/src/develop/masks/masks.c:2633:7:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
      memcpy(str + pos, forms->data, sizeof(dt_masks_point_ellipse_t));
data/darktable-3.2.1/src/develop/masks/masks.c:2638:7:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
      memcpy(str + pos, forms->data, sizeof(dt_masks_point_brush_t));
data/darktable-3.2.1/src/develop/masks/path.c:2757:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(cpoints, points, 2 * points_count * sizeof(float));
data/darktable-3.2.1/src/develop/pixelpipe_hb.c:1144:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char module_name[256] = { 0 };
data/darktable-3.2.1/src/develop/pixelpipe_hb.c:1254:13:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
            memcpy(((char *)*output) + (size_t)bpp * j * roi_out->width,
data/darktable-3.2.1/src/develop/pixelpipe_hb.c:1367:13:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
            memcpy(((char *)*output) + (size_t)out_bpp * j * roi_out->width,
data/darktable-3.2.1/src/develop/pixelpipe_hb.c:1379:13:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
            memcpy(((char *)*output) + (size_t)out_bpp * j * roi_out->width,
data/darktable-3.2.1/src/develop/pixelpipe_hb.c:1540:15:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
              memcpy(module->histogram, piece->histogram, buf_size);
data/darktable-3.2.1/src/develop/pixelpipe_hb.c:1542:15:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
              memcpy(module->histogram_max, piece->histogram_max, sizeof(piece->histogram_max));
data/darktable-3.2.1/src/develop/pixelpipe_hb.c:1709:15:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
              memcpy(module->histogram, piece->histogram, buf_size);
data/darktable-3.2.1/src/develop/pixelpipe_hb.c:1711:15:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
              memcpy(module->histogram_max, piece->histogram_max, sizeof(piece->histogram_max));
data/darktable-3.2.1/src/develop/pixelpipe_hb.c:1947:15:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
              memcpy(module->histogram, piece->histogram, buf_size);
data/darktable-3.2.1/src/develop/pixelpipe_hb.c:1949:15:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
              memcpy(module->histogram_max, piece->histogram_max, sizeof(piece->histogram_max));
data/darktable-3.2.1/src/develop/pixelpipe_hb.c:2102:13:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
            memcpy(module->histogram, piece->histogram, buf_size);
data/darktable-3.2.1/src/develop/pixelpipe_hb.c:2104:13:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
            memcpy(module->histogram_max, piece->histogram_max, sizeof(piece->histogram_max));
data/darktable-3.2.1/src/develop/pixelpipe_hb.c:2220:11:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
          memcpy(module->histogram, piece->histogram, buf_size);
data/darktable-3.2.1/src/develop/pixelpipe_hb.c:2222:11:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
          memcpy(module->histogram_max, piece->histogram_max, sizeof(piece->histogram_max));
data/darktable-3.2.1/src/develop/pixelpipe_hb.c:2326:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(module->histogram, piece->histogram, buf_size);
data/darktable-3.2.1/src/develop/pixelpipe_hb.c:2328:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(module->histogram_max, piece->histogram_max, sizeof(piece->histogram_max));
data/darktable-3.2.1/src/develop/pixelpipe_hb.c:2412:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char histogram_log[32] = "";
data/darktable-3.2.1/src/develop/pixelpipe_hb.c:2841:7:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
      memcpy(pipe->output_backbuf, pipe->backbuf, (size_t)pipe->output_backbuf_width * pipe->output_backbuf_height * 4 * sizeof(uint8_t));
data/darktable-3.2.1/src/develop/tiling.c:762:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy((char *)input + j * wd * in_bpp, (char *)ivoid + ioffs + j * ipitch, (size_t)wd * in_bpp);
data/darktable-3.2.1/src/develop/tiling.c:806:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy((char *)ovoid + ooffs + j * opitch,
data/darktable-3.2.1/src/develop/tiling.c:1111:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy((char *)input + j * iroi_full.width * in_bpp, (char *)ivoid + ioffs + j * ipitch,
data/darktable-3.2.1/src/develop/tiling.c:1143:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy((char *)ovoid + ooffs + j * opitch,
data/darktable-3.2.1/src/develop/tiling.c:1429:11:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
          memcpy((char *)input_buffer + j * wd * in_bpp, (char *)ivoid + ioffs + j * ipitch,
data/darktable-3.2.1/src/develop/tiling.c:1495:11:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
          memcpy((char *)ovoid + ooffs + j * opitch,
data/darktable-3.2.1/src/develop/tiling.c:1886:11:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
          memcpy((char *)input_buffer + j * iroi_full.width * in_bpp, (char *)ivoid + ioffs + j * ipitch,
data/darktable-3.2.1/src/develop/tiling.c:1936:11:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
          memcpy((char *)ovoid + ooffs + j * opitch,
data/darktable-3.2.1/src/dtgtk/gradientslider.c:714:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
  memcpy(&gc->color, &start, sizeof(GdkRGBA));
data/darktable-3.2.1/src/dtgtk/gradientslider.c:720:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
  memcpy(&gc->color, &end, sizeof(GdkRGBA));
data/darktable-3.2.1/src/dtgtk/gradientslider.c:745:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(&((_gradient_slider_stop_t *)current->data)->color, &color, sizeof(GdkRGBA));
data/darktable-3.2.1/src/dtgtk/gradientslider.c:752:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(&gc->color, &color, sizeof(GdkRGBA));
data/darktable-3.2.1/src/dtgtk/resetlabel.c:37:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(((char *)label->module->params) + label->offset,
data/darktable-3.2.1/src/dtgtk/thumbnail.c:56:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char input_dir[1024] = { 0 };
data/darktable-3.2.1/src/dtgtk/thumbnail.c:356:7:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
      memcpy(rgbbuf, dev->preview_pipe->output_backbuf, (size_t)buf_width * buf_height * 4 * sizeof(unsigned char));
data/darktable-3.2.1/src/dtgtk/thumbnail.c:426:9:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
        char path[PATH_MAX] = { 0 };
data/darktable-3.2.1/src/dtgtk/thumbnail.c:561:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char input_dir[1024] = { 0 };
data/darktable-3.2.1/src/external/LuaAutoC/lautoc.c:868:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(&lvalue, value, size);
data/darktable-3.2.1/src/external/LuaAutoC/lautoc.c:917:7:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
      memcpy(c_out, &value, size);
data/darktable-3.2.1/src/external/LuaAutoC/lautoc.c:948:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(&lvalue, value, size);
data/darktable-3.2.1/src/external/LuaAutoC/lautoc.c:1031:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(&lvalue, value, size);
data/darktable-3.2.1/src/external/adobe_coeff.c:14:40:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
static void dt_dcraw_adobe_coeff(const char *name, float cam_xyz[1][12])
data/darktable-3.2.1/src/external/libxcf/xcf.c:302:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
  memcpy(parasite->data, data, length);
data/darktable-3.2.1/src/external/libxcf/xcf.c:348:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char version[9 + 4 + 1] = "gimp xcf ";
data/darktable-3.2.1/src/external/libxcf/xcf.c:606:11:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
          memcpy(data_fixed + y * width * bpp + x * bpp, ((uint8_t *)data) + y * width * data_bpp + x * data_bpp, bpp);
data/darktable-3.2.1/src/external/libxcf/xcf.c:625:11:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
          memcpy(data_fixed + y * width * bpp + x * bpp,
data/darktable-3.2.1/src/external/libxcf/xcf.c:630:13:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
            memcpy(data_fixed + y * width * bpp + x * bpp + (n_channels - 1) * channel_size, alpha_data, channel_size);
data/darktable-3.2.1/src/external/libxcf/xcf.c:796:18:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
  if(!(xcf->fd = fopen(filename, "wb")))
data/darktable-3.2.1/src/external/lua/src/lapi.c:1294:33:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
  if (upisopen(*up1)) (*up1)->u.open.touched = 1;
data/darktable-3.2.1/src/external/lua/src/lauxlib.c:520:7:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
      memcpy(newbuff, B->b, B->n * sizeof(char));  /* copy original content */
data/darktable-3.2.1/src/external/lua/src/lauxlib.c:532:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(b, s, l * sizeof(char));
data/darktable-3.2.1/src/external/lua/src/lauxlib.c:639:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char buff[BUFSIZ];  /* area for reading file */
data/darktable-3.2.1/src/external/lua/src/lauxlib.c:716:12:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
    lf.f = fopen(filename, "r");
data/darktable-3.2.1/src/external/lua/src/lauxlib.h:145:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char initb[LUAL_BUFFERSIZE];  /* initial buffer */
data/darktable-3.2.1/src/external/lua/src/ldblib.c:382:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char buff[5];
data/darktable-3.2.1/src/external/lua/src/ldblib.c:404:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char buffer[250];
data/darktable-3.2.1/src/external/lua/src/ldebug.c:611:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char buff[LUA_IDSIZE];
data/darktable-3.2.1/src/external/lua/src/ldo.c:162:50:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
  for (up = L->openupval; up != NULL; up = up->u.open.next)
data/darktable-3.2.1/src/external/lua/src/lfunc.c:66:16:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
    pp = &p->u.open.next;
data/darktable-3.2.1/src/external/lua/src/lfunc.c:71:9:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
  uv->u.open.next = *pp;  /* link it to list of open upvalues */
data/darktable-3.2.1/src/external/lua/src/lfunc.c:72:9:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
  uv->u.open.touched = 1;
data/darktable-3.2.1/src/external/lua/src/lfunc.c:87:26:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
    L->openupval = uv->u.open.next;  /* remove from 'open' list */
data/darktable-3.2.1/src/external/lua/src/lfunc.h:42:7:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
    } open;
data/darktable-3.2.1/src/external/lua/src/lgc.c:323:59:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
      for (uv = thread->openupval; uv != NULL; uv = uv->u.open.next) {
data/darktable-3.2.1/src/external/lua/src/lgc.c:324:19:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
        if (uv->u.open.touched) {
data/darktable-3.2.1/src/external/lua/src/lgc.c:326:17:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
          uv->u.open.touched = 0;
data/darktable-3.2.1/src/external/lua/src/lgc.c:521:15:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
        uv->u.open.touched = 1;  /* can be marked in 'remarkupvals' */
data/darktable-3.2.1/src/external/lua/src/liolib.c:244:10:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
  p->f = fopen(fname, mode);
data/darktable-3.2.1/src/external/lua/src/liolib.c:256:10:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
  p->f = fopen(filename, mode);
data/darktable-3.2.1/src/external/lua/src/liolib.c:282:10:  [2] (tmpfile) tmpfile:
  Function tmpfile() has a security flaw on some systems (e.g., older System
  V systems) (CWE-377).
  p->f = tmpfile();
data/darktable-3.2.1/src/external/lua/src/liolib.c:388:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char buff[L_MAXLENNUM + 1];  /* +1 for ending '\0' */
data/darktable-3.2.1/src/external/lua/src/liolib.c:438:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char decp[2];
data/darktable-3.2.1/src/external/lua/src/llex.c:346:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char buff[UTF8BUFFSZ];
data/darktable-3.2.1/src/external/lua/src/loadlib.c:193:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char buff[MAX_PATH + 1];
data/darktable-3.2.1/src/external/lua/src/loadlib.c:209:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char buffer[128];
data/darktable-3.2.1/src/external/lua/src/loadlib.c:378:13:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
  FILE *f = fopen(filename, "r");  /* try to open file */
data/darktable-3.2.1/src/external/lua/src/lobject.c:282:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char buff[L_MAXLENNUM + 1];
data/darktable-3.2.1/src/external/lua/src/lobject.c:372:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char buff[MAXNUMBER2STR];
data/darktable-3.2.1/src/external/lua/src/lobject.c:437:9:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
        char buff[4*sizeof(void *) + 8]; /* should be enough space for a '%p' */
data/darktable-3.2.1/src/external/lua/src/lobject.c:443:9:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
        char buff[UTF8BUFFSZ];
data/darktable-3.2.1/src/external/lua/src/lobject.c:484:25:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
#define addstr(a,b,l)	( memcpy(a,b,(l) * sizeof(char)), a += (l) )
data/darktable-3.2.1/src/external/lua/src/lobject.c:490:7:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
      memcpy(out, source + 1, l * sizeof(char));
data/darktable-3.2.1/src/external/lua/src/lobject.c:498:7:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
      memcpy(out, source + 1, l * sizeof(char));
data/darktable-3.2.1/src/external/lua/src/lobject.c:502:7:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
      memcpy(out, source + 1 + l - bufflen, bufflen * sizeof(char));
data/darktable-3.2.1/src/external/lua/src/lobject.c:518:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(out, POS, (LL(POS) + 1) * sizeof(char));
data/darktable-3.2.1/src/external/lua/src/lopcodes.c:20:17:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
LUAI_DDEF const char *const luaP_opnames[NUM_OPCODES+1] = {
data/darktable-3.2.1/src/external/lua/src/lopcodes.h:288:17:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
LUAI_DDEC const char *const luaP_opnames[NUM_OPCODES+1];  /* opcode names */
data/darktable-3.2.1/src/external/lua/src/loslib.c:123:13:  [2] (tmpfile) mkstemp:
  Potential for temporary file vulnerability in some circumstances. Some
  older Unix-like systems create temp files with permission to write by all
  by default, so be sure to set the umask to override this. Also, some older
  Unix systems might fail to use O_EXCL when opening the file, so make sure
  that O_EXCL is used by the library (CWE-377).
        e = mkstemp(b); \
data/darktable-3.2.1/src/external/lua/src/loslib.c:167:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char buff[LUA_TMPNAMBUFSIZE];
data/darktable-3.2.1/src/external/lua/src/loslib.c:267:7:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
      memcpy(buff, conv, oplen);  /* copy valid option to buffer */
data/darktable-3.2.1/src/external/lua/src/loslib.c:299:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char cc[4];  /* buffer for individual conversion specifiers */
data/darktable-3.2.1/src/external/lua/src/lstate.c:79:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(b + p, &t, sizeof(t)); p += sizeof(t); }
data/darktable-3.2.1/src/external/lua/src/lstate.c:82:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char buff[4 * sizeof(size_t)];
data/darktable-3.2.1/src/external/lua/src/lstate.c:276:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
  memcpy(lua_getextraspace(L1), lua_getextraspace(g->mainthread),
data/darktable-3.2.1/src/external/lua/src/lstring.c:187:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
  memcpy(getstr(ts), str, l * sizeof(char));
data/darktable-3.2.1/src/external/lua/src/lstring.c:207:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(getstr(ts), str, l * sizeof(char));
data/darktable-3.2.1/src/external/lua/src/lstrlib.c:135:7:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
      memcpy(p, s, l * sizeof(char)); p += l;
data/darktable-3.2.1/src/external/lua/src/lstrlib.c:137:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(p, sep, lsep * sizeof(char));
data/darktable-3.2.1/src/external/lua/src/lstrlib.c:141:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(p, s, l * sizeof(char));  /* last copy (not followed by separator) */
data/darktable-3.2.1/src/external/lua/src/lstrlib.c:915:7:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
      char buff[10];
data/darktable-3.2.1/src/external/lua/src/lstrlib.c:995:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
  memcpy(form, strfrmt, ((p - strfrmt) + 1) * sizeof(char));
data/darktable-3.2.1/src/external/lua/src/lstrlib.c:1029:7:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
      char form[MAX_FORMAT];  /* to store the format ('%...') */
data/darktable-3.2.1/src/external/lua/src/lstrlib.c:1144:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char buff[5 * sizeof(lua_Number)];  /* enough for any float type */
data/darktable-3.2.1/src/external/lua/src/ltablib.c:263:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
  memcpy(buff, &c, sof(c) * sizeof(unsigned int));
data/darktable-3.2.1/src/external/lua/src/ltablib.c:264:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
  memcpy(buff + sof(c), &t, sof(t) * sizeof(unsigned int));
data/darktable-3.2.1/src/external/lua/src/ltm.c:29:17:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
LUAI_DDEF const char *const luaT_typenames_[LUA_TOTALTAGS] = {
data/darktable-3.2.1/src/external/lua/src/ltm.h:55:17:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
LUAI_DDEC const char *const luaT_typenames_[LUA_TOTALTAGS];
data/darktable-3.2.1/src/external/lua/src/lua.c:306:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char buffer[LUA_MAXINPUT];
data/darktable-3.2.1/src/external/lua/src/lua.h:454:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char short_src[LUA_IDSIZE]; /* (S) */
data/darktable-3.2.1/src/external/lua/src/luac.c:181:38:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
  FILE* D= (output==NULL) ? stdout : fopen(output,"wb");
data/darktable-3.2.1/src/external/lua/src/luac.c:267:2:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	char buff[100];
data/darktable-3.2.1/src/external/lua/src/lundump.c:95:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char buff[LUAI_MAXSHORTLEN];
data/darktable-3.2.1/src/external/lua/src/lundump.c:220:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char buff[sizeof(LUA_SIGNATURE) + sizeof(LUAC_DATA)]; /* larger than both */
data/darktable-3.2.1/src/external/lua/src/lvm.c:464:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(buff + tl, svalue(top - n), l * sizeof(char));
data/darktable-3.2.1/src/external/lua/src/lvm.c:498:9:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
        char buff[LUAI_MAXSHORTLEN];
data/darktable-3.2.1/src/external/lua/src/lzio.c:60:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(b, z->p, m);
data/darktable-3.2.1/src/external/rawspeed/src/librawspeed/common/Common.h:50:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(dest, src, static_cast<size_t>(rowSize) * height);
data/darktable-3.2.1/src/external/rawspeed/src/librawspeed/common/Common.h:53:7:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
      memcpy(dest, src, rowSize);
data/darktable-3.2.1/src/external/rawspeed/src/librawspeed/common/RawImage.cpp:492:7:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
      memcpy(dst_pos, src_pos, static_cast<size_t>(dim.x) * bpp);
data/darktable-3.2.1/src/external/rawspeed/src/librawspeed/common/RawImage.cpp:499:7:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
      memcpy(dst_pos, src_pos, static_cast<size_t>(dim.x) * bpp);
data/darktable-3.2.1/src/external/rawspeed/src/librawspeed/common/RawspeedException.h:42:19:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  static __thread char buf[bufSize];
data/darktable-3.2.1/src/external/rawspeed/src/librawspeed/common/RawspeedException.h:46:10:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  static char buf[bufSize];
data/darktable-3.2.1/src/external/rawspeed/src/librawspeed/decoders/ArwDecoder.cpp:391:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(&pv, &(pad[p & 127]), sizeof(uint32_t));
data/darktable-3.2.1/src/external/rawspeed/src/librawspeed/decoders/ArwDecoder.cpp:394:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(&bv, ibuf, sizeof(uint32_t));
data/darktable-3.2.1/src/external/rawspeed/src/librawspeed/decoders/ArwDecoder.cpp:398:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(obuf, &bv, sizeof(uint32_t));
data/darktable-3.2.1/src/external/rawspeed/src/librawspeed/decompressors/FujiDecompressor.cpp:726:7:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
      memcpy(info_block->linebuf[i.a], info_block->linebuf[i.b], line_size);
data/darktable-3.2.1/src/external/rawspeed/src/librawspeed/io/BitStream.h:150:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(tmp.data(), data + pos, bytesRemaining);
data/darktable-3.2.1/src/external/rawspeed/src/librawspeed/io/ByteStream.h:194:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(new_data, data_, size_);
data/darktable-3.2.1/src/external/rawspeed/src/librawspeed/io/Endianness.h:91:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
  memcpy(&f, &i, sizeof(i));
data/darktable-3.2.1/src/external/rawspeed/src/librawspeed/io/Endianness.h:98:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
  memcpy(&d, &i, sizeof(i));
data/darktable-3.2.1/src/external/rawspeed/src/librawspeed/io/Endianness.h:107:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
  memcpy(&ret, data, sizeof(T));
data/darktable-3.2.1/src/external/rawspeed/src/librawspeed/io/FileIO.h:40:22:  [2] (buffer) MultiByteToWideChar:
  Requires maximum length in CHARACTERS, not bytes (CWE-120).
  auto f = std::bind(MultiByteToWideChar, CP_UTF8, 0, fileName, -1,
data/darktable-3.2.1/src/external/rawspeed/src/librawspeed/io/FileReader.cpp:49:17:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
  file_ptr file(fopen(fileName, "rb"), &fclose);
data/darktable-3.2.1/src/external/rawspeed/src/librawspeed/io/FileWriter.cpp:48:10:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
  file = fopen(mFilename, "wb");
data/darktable-3.2.1/src/external/rawspeed/src/utilities/identify/rawspeed-identify.cpp:157:16:  [2] (buffer) MultiByteToWideChar:
  Requires maximum length in CHARACTERS, not bytes (CWE-120).
    int size = MultiByteToWideChar(CP_ACP, 0, argv[1], -1, nullptr, 0);
data/darktable-3.2.1/src/external/rawspeed/src/utilities/identify/rawspeed-identify.cpp:160:5:  [2] (buffer) MultiByteToWideChar:
  Requires maximum length in CHARACTERS, not bytes (CWE-120).
    MultiByteToWideChar(CP_ACP, 0, argv[1], -1, &wImageFileName[0], size);
data/darktable-3.2.1/src/external/rawspeed/src/utilities/rstest/md5.cpp:172:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
  memcpy(block.data(), &message[i], rem);
data/darktable-3.2.1/src/external/rawspeed/src/utilities/rstest/rstest.cpp:235:14:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
  file_ptr f(fopen((fn + ".ppm").c_str(), "wb"), &fclose);
data/darktable-3.2.1/src/external/rawspeed/src/utilities/rstest/rstest.cpp:259:14:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
  file_ptr f(fopen((fn + ".pfm").c_str(), "wb"), &fclose);
data/darktable-3.2.1/src/external/rawspeed/test/librawspeed/io/EndiannessTest.cpp:114:7:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
      memcpy(&in, &(v.first), sizeof(T2));
data/darktable-3.2.1/src/external/rawspeed/test/librawspeed/io/EndiannessTest.cpp:115:7:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
      memcpy(&expected, &(v.second), sizeof(T2));
data/darktable-3.2.1/src/external/rawspeed/test/librawspeed/io/EndiannessTest.cpp:117:7:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
      memcpy(&in, &(v.second), sizeof(T2));
data/darktable-3.2.1/src/external/rawspeed/test/librawspeed/io/EndiannessTest.cpp:118:7:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
      memcpy(&expected, &(v.first), sizeof(T2));
data/darktable-3.2.1/src/generate-cache/main.c:52:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char dirname[PATH_MAX] = { 0 };
data/darktable-3.2.1/src/generate-cache/main.c:103:7:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
      char filename[PATH_MAX] = { 0 };
data/darktable-3.2.1/src/generate-cache/main.c:176:43:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
      max_mip = (dt_mipmap_size_t)MIN(MAX(atoi(arg[k]), DT_MIPMAP_0), DT_MIPMAP_8);
data/darktable-3.2.1/src/generate-cache/main.c:181:43:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
      min_mip = (dt_mipmap_size_t)MIN(MAX(atoi(arg[k]), DT_MIPMAP_0), DT_MIPMAP_8);
data/darktable-3.2.1/src/generate-cache/main.c:186:36:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
      min_imgid = (int32_t)MIN(MAX(atoi(arg[k]), 0), INT32_MAX);
data/darktable-3.2.1/src/generate-cache/main.c:191:36:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
      max_imgid = (int32_t)MIN(MAX(atoi(arg[k]), 0), INT32_MAX);
data/darktable-3.2.1/src/gui/accelerators.c:1011:7:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
      memcpy(module->params, op_params, op_length);
data/darktable-3.2.1/src/gui/accelerators.c:1017:7:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
      memcpy(module->blend_params, blendop_params, sizeof(dt_develop_blend_params_t));
data/darktable-3.2.1/src/gui/accelerators.c:1027:7:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
      memcpy(module->blend_params, module->default_blendop_params, sizeof(dt_develop_blend_params_t));
data/darktable-3.2.1/src/gui/accelerators.c:1039:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char build_path[1024];
data/darktable-3.2.1/src/gui/accelerators.c:1123:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char build_path[1024];
data/darktable-3.2.1/src/gui/accelerators.c:1139:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char build_path[1024];
data/darktable-3.2.1/src/gui/accelerators.c:1206:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char build_path[1024];
data/darktable-3.2.1/src/gui/accelerators.c:1242:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char build_path[1024];
data/darktable-3.2.1/src/gui/accelerators.c:1264:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char build_path[1024];
data/darktable-3.2.1/src/gui/accelerators.c:1287:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char build_path[1024];
data/darktable-3.2.1/src/gui/accelerators.c:1328:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char build_path[1024];
data/darktable-3.2.1/src/gui/accelerators.c:1354:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char build_path[1024];
data/darktable-3.2.1/src/gui/accelerators.c:1379:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char build_path[1024];
data/darktable-3.2.1/src/gui/accelerators.c:1405:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char build_path[1024];
data/darktable-3.2.1/src/gui/gtk.c:139:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char path[256];
data/darktable-3.2.1/src/gui/gtk.c:326:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char lay[32] = "";
data/darktable-3.2.1/src/gui/gtk.c:1159:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char path[PATH_MAX] = { 0 }, datadir[PATH_MAX] = { 0 }, configdir[PATH_MAX] = { 0 };
data/darktable-3.2.1/src/gui/gtk.c:2766:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char path[PATH_MAX] = { 0 }, datadir[PATH_MAX] = { 0 }, configdir[PATH_MAX] = { 0 }, usercsspath[PATH_MAX] = { 0 };
data/darktable-3.2.1/src/gui/gtk.h:119:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char gtkrc[PATH_MAX];
data/darktable-3.2.1/src/gui/guides.h:31:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char name[64];
data/darktable-3.2.1/src/gui/import_metadata.c:135:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char *metadata_param[DT_METADATA_NUMBER];
data/darktable-3.2.1/src/gui/preferences.c:88:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
static const char *dt_gui_presets_format_value_str[3] = { N_("normal images"),
data/darktable-3.2.1/src/gui/preferences.c:239:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char usercsspath[PATH_MAX] = { 0 }, configdir[PATH_MAX] = { 0 };
data/darktable-3.2.1/src/gui/preferences.c:468:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char usercsspath[PATH_MAX] = { 0 }, configdir[PATH_MAX] = { 0 };
data/darktable-3.2.1/src/gui/preferences.c:1715:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char title[1024];
data/darktable-3.2.1/src/gui/presets.c:56:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
static const char *dt_gui_presets_format_value_str[3] = { N_("normal images"),
data/darktable-3.2.1/src/gui/presets.c:197:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char tmp_path[1024];
data/darktable-3.2.1/src/gui/presets.c:309:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char path[1024];
data/darktable-3.2.1/src/gui/presets.c:390:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char title[1024];
data/darktable-3.2.1/src/gui/presets.c:669:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char path[1024];
data/darktable-3.2.1/src/gui/presets.c:700:7:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
      memcpy(module->params, op_params, op_length);
data/darktable-3.2.1/src/gui/presets.c:1024:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char tmp[1024];
data/darktable-3.2.1/src/gui/styles_dialog.c:333:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char title[512];
data/darktable-3.2.1/src/imageio/format/copy.c:38:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char sourcefile[PATH_MAX];
data/darktable-3.2.1/src/imageio/format/exr.cc:114:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char comment[1024];
data/darktable-3.2.1/src/imageio/format/exr.cc:237:7:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
      char style[128];
data/darktable-3.2.1/src/imageio/format/exr.cc:267:7:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
      char style[128];
data/darktable-3.2.1/src/imageio/format/exr.cc:292:7:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
      char style[128];
data/darktable-3.2.1/src/imageio/format/j2k.c:532:7:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
      char style[128];
data/darktable-3.2.1/src/imageio/format/jpeg.c:222:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char marker_present[MAX_SEQ_NO+1];    /* 1 if marker found */
data/darktable-3.2.1/src/imageio/format/jpeg.c:480:7:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
      char style[128];
data/darktable-3.2.1/src/imageio/format/pdf.c:94:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char                      title[128];
data/darktable-3.2.1/src/imageio/format/pdf.c:95:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char                      size[64];
data/darktable-3.2.1/src/imageio/format/pdf.c:97:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char                      border[64];
data/darktable-3.2.1/src/imageio/format/pdf.c:321:11:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
          memcpy(out_ptr, in_ptr, 3);
data/darktable-3.2.1/src/imageio/format/pfm.c:41:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char header[1024];
data/darktable-3.2.1/src/imageio/format/pfm.c:58:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(out, in, 3 * sizeof(float));
data/darktable-3.2.1/src/imageio/format/png.c:178:7:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
      char name[512] = { 0 };
data/darktable-3.2.1/src/imageio/format/png.c:363:7:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
      char style[128];
data/darktable-3.2.1/src/imageio/format/png.c:393:7:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
      char style[128];
data/darktable-3.2.1/src/imageio/format/tiff.c:272:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(out, in, layers * sizeof(float));
data/darktable-3.2.1/src/imageio/format/tiff.c:291:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(out, in, layers * sizeof(uint16_t));
data/darktable-3.2.1/src/imageio/format/tiff.c:310:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(out, in, layers * sizeof(uint8_t));
data/darktable-3.2.1/src/imageio/format/tiff.c:592:7:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
      char style[128];
data/darktable-3.2.1/src/imageio/format/tiff.c:620:7:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
      char style[128];
data/darktable-3.2.1/src/imageio/format/webp.c:213:7:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
      char style[128];
data/darktable-3.2.1/src/imageio/storage/disk.c:62:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char filename[DT_MAX_PATH_FOR_PARAMS];
data/darktable-3.2.1/src/imageio/storage/disk.c:81:7:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
      char filename[1024];
data/darktable-3.2.1/src/imageio/storage/disk.c:99:7:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
      char filename[DT_MAX_PATH_FOR_PARAMS];
data/darktable-3.2.1/src/imageio/storage/disk.c:235:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char filename[PATH_MAX] = { 0 };
data/darktable-3.2.1/src/imageio/storage/disk.c:236:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char input_dir[PATH_MAX] = { 0 };
data/darktable-3.2.1/src/imageio/storage/disk.c:237:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char pattern[DT_MAX_PATH_FOR_PARAMS];
data/darktable-3.2.1/src/imageio/storage/email.c:45:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char filename[DT_MAX_PATH_FOR_PARAMS];
data/darktable-3.2.1/src/imageio/storage/email.c:63:7:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
      char filename[1024];
data/darktable-3.2.1/src/imageio/storage/email.c:111:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char tmpdir[PATH_MAX] = { 0 };
data/darktable-3.2.1/src/imageio/storage/email.c:114:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char dirname[PATH_MAX] = { 0 };
data/darktable-3.2.1/src/imageio/storage/gallery.c:54:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char filename[DT_MAX_PATH_FOR_PARAMS];
data/darktable-3.2.1/src/imageio/storage/gallery.c:55:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char title[1024];
data/darktable-3.2.1/src/imageio/storage/gallery.c:56:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char cached_dirname[DT_MAX_PATH_FOR_PARAMS]; // expanded during first img store, not stored in param struct.
data/darktable-3.2.1/src/imageio/storage/gallery.c:64:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char line[4096];
data/darktable-3.2.1/src/imageio/storage/gallery.c:65:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char item[4096];
data/darktable-3.2.1/src/imageio/storage/gallery.c:83:7:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
      char filename[1024];
data/darktable-3.2.1/src/imageio/storage/gallery.c:84:7:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
      char title[1024];
data/darktable-3.2.1/src/imageio/storage/gallery.c:85:7:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
      char cached_dirname[1024]; // expanded during first img store, not stored in param struct.
data/darktable-3.2.1/src/imageio/storage/gallery.c:230:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char filename[PATH_MAX] = { 0 };
data/darktable-3.2.1/src/imageio/storage/gallery.c:231:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char dirname[PATH_MAX] = { 0 };
data/darktable-3.2.1/src/imageio/storage/gallery.c:235:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char tmp_dir[PATH_MAX] = { 0 };
data/darktable-3.2.1/src/imageio/storage/gallery.c:311:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char relfilename[PATH_MAX] = { 0 }, relthumbfilename[PATH_MAX] = { 0 };
data/darktable-3.2.1/src/imageio/storage/gallery.c:325:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char subfilename[PATH_MAX] = { 0 }, relsubfilename[PATH_MAX] = { 0 };
data/darktable-3.2.1/src/imageio/storage/gallery.c:328:3:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
  sprintf(sc, "/img_%d.html", num);
data/darktable-3.2.1/src/imageio/storage/gallery.c:407:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char share[PATH_MAX] = { 0 };
data/darktable-3.2.1/src/imageio/storage/gallery.c:436:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char filename[PATH_MAX] = { 0 };
data/darktable-3.2.1/src/imageio/storage/gallery.c:441:3:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
  sprintf(c, "/style");
data/darktable-3.2.1/src/imageio/storage/gallery.c:443:3:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
  sprintf(c, "/style/style.css");
data/darktable-3.2.1/src/imageio/storage/gallery.c:445:3:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
  sprintf(c, "/style/favicon.ico");
data/darktable-3.2.1/src/imageio/storage/gallery.c:449:3:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
  sprintf(c, "/pswp/default-skin/");
data/darktable-3.2.1/src/imageio/storage/gallery.c:451:3:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
  sprintf(c, "/pswp/photoswipe.js");
data/darktable-3.2.1/src/imageio/storage/gallery.c:453:3:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
  sprintf(c, "/pswp/photoswipe.min.js");
data/darktable-3.2.1/src/imageio/storage/gallery.c:455:3:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
  sprintf(c, "/pswp/photoswipe-ui-default.js");
data/darktable-3.2.1/src/imageio/storage/gallery.c:457:3:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
  sprintf(c, "/pswp/photoswipe.css");
data/darktable-3.2.1/src/imageio/storage/gallery.c:459:3:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
  sprintf(c, "/pswp/photoswipe-ui-default.min.js");
data/darktable-3.2.1/src/imageio/storage/gallery.c:461:3:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
  sprintf(c, "/pswp/default-skin/default-skin.css");
data/darktable-3.2.1/src/imageio/storage/gallery.c:463:3:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
  sprintf(c, "/pswp/default-skin/default-skin.png");
data/darktable-3.2.1/src/imageio/storage/gallery.c:465:3:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
  sprintf(c, "/pswp/default-skin/default-skin.svg");
data/darktable-3.2.1/src/imageio/storage/gallery.c:467:3:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
  sprintf(c, "/pswp/default-skin/preloader.gif");
data/darktable-3.2.1/src/imageio/storage/gallery.c:470:3:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
  sprintf(c, "/index.html");
data/darktable-3.2.1/src/imageio/storage/latex.c:54:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char filename[DT_MAX_PATH_FOR_PARAMS];
data/darktable-3.2.1/src/imageio/storage/latex.c:55:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char title[1024];
data/darktable-3.2.1/src/imageio/storage/latex.c:56:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char cached_dirname[DT_MAX_PATH_FOR_PARAMS]; // expanded during first img store, not stored in param struct.
data/darktable-3.2.1/src/imageio/storage/latex.c:64:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char line[4096];
data/darktable-3.2.1/src/imageio/storage/latex.c:82:7:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
      char filename[1024];
data/darktable-3.2.1/src/imageio/storage/latex.c:83:7:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
      char title[1024];
data/darktable-3.2.1/src/imageio/storage/latex.c:84:7:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
      char cached_dirname[1024]; // expanded during first img store, not stored in param struct.
data/darktable-3.2.1/src/imageio/storage/latex.c:233:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char filename[PATH_MAX] = { 0 };
data/darktable-3.2.1/src/imageio/storage/latex.c:234:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char dirname[PATH_MAX] = { 0 };
data/darktable-3.2.1/src/imageio/storage/latex.c:330:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char relfilename[PATH_MAX] = { 0 };
data/darktable-3.2.1/src/imageio/storage/latex.c:371:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char share[PATH_MAX] = { 0 };
data/darktable-3.2.1/src/imageio/storage/latex.c:400:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char filename[PATH_MAX] = { 0 };
data/darktable-3.2.1/src/imageio/storage/latex.c:404:3:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
  sprintf(c, "/photobook.cls");
data/darktable-3.2.1/src/imageio/storage/latex.c:407:3:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
  sprintf(c, "/main.tex");
data/darktable-3.2.1/src/imageio/storage/piwigo.c:67:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char name[MAX_ALBUM_NAME_SIZE];
data/darktable-3.2.1/src/imageio/storage/piwigo.c:68:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char label[MAX_ALBUM_NAME_SIZE];
data/darktable-3.2.1/src/imageio/storage/piwigo.c:98:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char name[100];
data/darktable-3.2.1/src/imageio/storage/piwigo.c:99:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char value[512];
data/darktable-3.2.1/src/imageio/storage/piwigo.c:292:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char cookie_fmt[PATH_MAX] = { 0 };
data/darktable-3.2.1/src/imageio/storage/piwigo.c:599:7:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
      char data[MAX_ALBUM_NAME_SIZE] = { 0 };
data/darktable-3.2.1/src/imageio/storage/piwigo.c:649:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char pid[100];
data/darktable-3.2.1/src/imageio/storage/piwigo.c:677:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char cat[10];
data/darktable-3.2.1/src/imageio/storage/piwigo.c:678:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char privacy[10];
data/darktable-3.2.1/src/imageio/storage/piwigo.c:917:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char fname[PATH_MAX] = { 0 };
data/darktable-3.2.1/src/iop/ashift.c:895:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(homograph, moutput, 9 * sizeof(float));
data/darktable-3.2.1/src/iop/ashift.c:907:7:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
      memcpy(homograph, mwork, 9 * sizeof(float));
data/darktable-3.2.1/src/iop/ashift.c:1013:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(out, in, (size_t)roi_out->width * roi_out->height * sizeof(float));
data/darktable-3.2.1/src/iop/ashift.c:1629:7:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
      memcpy(buffer, g->buf, (size_t)width * height * 4 * sizeof(float));
data/darktable-3.2.1/src/iop/ashift.c:1743:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
  memcpy(best_set, index_set, set_size);
data/darktable-3.2.1/src/iop/ashift.c:1879:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(best_set, index_set, set_size);
data/darktable-3.2.1/src/iop/ashift.c:1880:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(best_inout, inout, set_size);
data/darktable-3.2.1/src/iop/ashift.c:1896:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
  memcpy(index_set, best_set, set_size);
data/darktable-3.2.1/src/iop/ashift.c:1897:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
  memcpy(inout_set, best_inout, set_size);
data/darktable-3.2.1/src/iop/ashift.c:2956:7:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
      memcpy(g->buf, ivoid, (size_t)width * height * ch * sizeof(float));
data/darktable-3.2.1/src/iop/ashift.c:2972:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(ovoid, ivoid, (size_t)roi_out->width * roi_out->height * ch * sizeof(float));
data/darktable-3.2.1/src/iop/ashift.c:4546:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
  memcpy(module->params, module->default_params, sizeof(dt_iop_ashift_params_t));
data/darktable-3.2.1/src/iop/ashift.c:4553:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char string_v[256];
data/darktable-3.2.1/src/iop/ashift.c:4554:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char string_h[256];
data/darktable-3.2.1/src/iop/ashift.c:4659:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char string_v[256];
data/darktable-3.2.1/src/iop/ashift.c:4660:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char string_h[256];
data/darktable-3.2.1/src/iop/atrous.c:736:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(o, i, width * height * 4 * sizeof(float));
data/darktable-3.2.1/src/iop/atrous.c:985:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
  memcpy(module->params, module->default_params, sizeof(dt_iop_atrous_params_t));
data/darktable-3.2.1/src/iop/basecurve.c:146:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(n, o, sizeof(dt_iop_basecurve_params2_t));
data/darktable-3.2.1/src/iop/basecurve.c:157:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(n, o, sizeof(dt_iop_basecurve_params3_t));
data/darktable-3.2.1/src/iop/basecurve.c:167:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(n, o, sizeof(dt_iop_basecurve_params4_t));
data/darktable-3.2.1/src/iop/basecurve.c:176:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(n, o, sizeof(dt_iop_basecurve_params5_t));
data/darktable-3.2.1/src/iop/basecurve.c:1471:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
  memcpy(module->params, module->default_params, sizeof(dt_iop_basecurve_params_t));
data/darktable-3.2.1/src/iop/basecurve.c:1621:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char text[30];
data/darktable-3.2.1/src/iop/basicadj.c:290:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(p, &g->params, sizeof(dt_iop_basicadj_params_t));
data/darktable-3.2.1/src/iop/basicadj.c:541:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
  memcpy(&d->params, params, sizeof(dt_iop_basicadj_params_t));
data/darktable-3.2.1/src/iop/basicadj.c:1357:7:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
      memcpy(&g->params, p, sizeof(dt_iop_basicadj_params_t));
data/darktable-3.2.1/src/iop/basicadj.c:1499:7:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
      memcpy(&g->params, p, sizeof(dt_iop_basicadj_params_t));
data/darktable-3.2.1/src/iop/bilateral.cc:121:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(ovoid, ivoid, (size_t)sizeof(float) * ch * roi_out->width * roi_out->height);
data/darktable-3.2.1/src/iop/bilateral.cc:130:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(ovoid, ivoid, (size_t)sizeof(float) * ch * roi_out->width * roi_out->height);
data/darktable-3.2.1/src/iop/bilateral.cc:194:7:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
      memcpy(((float *)ovoid) + (size_t)ch * j * roi_out->width,
data/darktable-3.2.1/src/iop/bilateral.cc:197:7:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
      memcpy(((float *)ovoid) + (size_t)ch * j * roi_out->width,
data/darktable-3.2.1/src/iop/bloom.c:131:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
  memcpy(out, in, (size_t)roi_out->width * roi_out->height * ch * sizeof(float));
data/darktable-3.2.1/src/iop/borders.c:65:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char aspect_text[20];     /* aspect ratio of the outer frame w/h (user string version)
data/darktable-3.2.1/src/iop/borders.c:73:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char pos_h_text[20];      /* picture horizontal position ratio into the final image (user string version)
data/darktable-3.2.1/src/iop/borders.c:77:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char pos_v_text[20];      /* picture vertical position ratio into the final image (user string version)
data/darktable-3.2.1/src/iop/borders.c:127:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(n->color, o->color, sizeof(o->color));
data/darktable-3.2.1/src/iop/borders.c:143:7:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
      char aspect_text[20]; // aspect ratio of the outer frame w/h (user string version)
data/darktable-3.2.1/src/iop/borders.c:147:7:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
      char pos_h_text[20];  // picture horizontal position ratio into the final image (user string version)
data/darktable-3.2.1/src/iop/borders.c:149:7:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
      char pos_v_text[20];  // picture vertical position ratio into the final image (user string version)
data/darktable-3.2.1/src/iop/borders.c:158:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(n, o, sizeof(struct dt_iop_borders_params_v2_t));
data/darktable-3.2.1/src/iop/borders.c:283:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(outb, inb, roi_in->width * sizeof(float));
data/darktable-3.2.1/src/iop/borders.c:395:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(buf, col, sizeof(float) * 4);
data/darktable-3.2.1/src/iop/borders.c:431:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(buf, col_frame, sizeof(float) * 4);
data/darktable-3.2.1/src/iop/borders.c:436:69:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
      for(int c = frame_tl_in_x; c <= frame_br_in_x; c++, buf += 4) memcpy(buf, col, sizeof(float) * 4);
data/darktable-3.2.1/src/iop/borders.c:445:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(out, in, cp_stride);
data/darktable-3.2.1/src/iop/borders.c:579:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
  memcpy(d, p, sizeof(dt_iop_borders_params_t));
data/darktable-3.2.1/src/iop/borders.c:1016:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
  memcpy(self->params, self->default_params, sizeof(dt_iop_borders_params_t));
data/darktable-3.2.1/src/iop/cacorrect.c:307:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
  memcpy(out, in2, width * height * sizeof(float));
data/darktable-3.2.1/src/iop/channelmixer.c:429:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
  memcpy(module->params, module->default_params, sizeof(dt_iop_channelmixer_params_t));
data/darktable-3.2.1/src/iop/clahe.c:185:7:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
      memcpy(clippedhist, hist, (BINS + 1) * sizeof(int));
data/darktable-3.2.1/src/iop/clahe.c:312:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
  memcpy(module->params, &tmp, sizeof(dt_iop_rlce_params_t));
data/darktable-3.2.1/src/iop/clahe.c:313:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
  memcpy(module->default_params, &tmp, sizeof(dt_iop_rlce_params_t));
data/darktable-3.2.1/src/iop/clipping.c:579:7:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
      memcpy(_out, _in, sizeof(float) * roi_out->width);
data/darktable-3.2.1/src/iop/clipping.c:1617:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
  memcpy(self->params, self->default_params, sizeof(dt_iop_clipping_params_t));
data/darktable-3.2.1/src/iop/clipping.c:1622:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char tnum[100];
data/darktable-3.2.1/src/iop/clipping.c:1648:8:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
  *n = atoi(tnum);
data/darktable-3.2.1/src/iop/clipping.c:1669:18:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
        int dd = atoi(text);
data/darktable-3.2.1/src/iop/clipping.c:1670:18:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
        int nn = atoi(c);
data/darktable-3.2.1/src/iop/clipping.c:1779:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char str[128];
data/darktable-3.2.1/src/iop/clipping.c:1975:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char str[128];
data/darktable-3.2.1/src/iop/clipping.c:2211:15:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
      int d = atoi(nv->value);
data/darktable-3.2.1/src/iop/clipping.c:2212:15:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
      int n = atoi(c);
data/darktable-3.2.1/src/iop/clipping.c:2300:7:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
      char name[5];
data/darktable-3.2.1/src/iop/clipping.c:2497:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char dimensions[16];
data/darktable-3.2.1/src/iop/clipping.c:2603:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char view_angle[16];
data/darktable-3.2.1/src/iop/colorchecker.c:862:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char cboxentry[1024];
data/darktable-3.2.1/src/iop/colorchecker.c:919:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
  memcpy(module->params, module->default_params, sizeof(dt_iop_colorchecker_params_t));
data/darktable-3.2.1/src/iop/colorchecker.c:1236:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char tooltip[1024];
data/darktable-3.2.1/src/iop/colorchecker.c:1364:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char cboxentry[1024];
data/darktable-3.2.1/src/iop/colorcorrection.c:430:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(p, d, sizeof(*p));
data/darktable-3.2.1/src/iop/colorin.c:80:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char filename[DT_IOP_COLOR_ICC_LEN];
data/darktable-3.2.1/src/iop/colorin.c:86:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char filename_work[DT_IOP_COLOR_ICC_LEN];
data/darktable-3.2.1/src/iop/colorin.c:119:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char filename_work[DT_IOP_COLOR_ICC_LEN];
data/darktable-3.2.1/src/iop/colorin.c:186:7:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
      char iccprofile[DT_IOP_COLOR_ICC_LEN_V5];
data/darktable-3.2.1/src/iop/colorin.c:237:7:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
      char iccprofile[DT_IOP_COLOR_ICC_LEN_V5];
data/darktable-3.2.1/src/iop/colorin.c:289:7:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
      char iccprofile[DT_IOP_COLOR_ICC_LEN_V5];
data/darktable-3.2.1/src/iop/colorin.c:344:7:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
      char filename[DT_IOP_COLOR_ICC_LEN_V5];
data/darktable-3.2.1/src/iop/colorin.c:369:7:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
      char filename[DT_IOP_COLOR_ICC_LEN_V5];
data/darktable-3.2.1/src/iop/colorin.c:375:7:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
      char filename_work[DT_IOP_COLOR_ICC_LEN_V5];
data/darktable-3.2.1/src/iop/colorin.c:469:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char filename_work[DT_IOP_COLOR_ICC_LEN];
data/darktable-3.2.1/src/iop/colorin.c:1036:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(ovoid, ivoid, sizeof(float) * 4 * roi_out->width * roi_out->height);
data/darktable-3.2.1/src/iop/colorin.c:1434:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(ovoid, ivoid, sizeof(float) * 4 * roi_out->width * roi_out->height);
data/darktable-3.2.1/src/iop/colorin.c:1524:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char datadir[PATH_MAX] = { 0 };
data/darktable-3.2.1/src/iop/colorin.c:1863:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char filename[PATH_MAX] = { 0 };
data/darktable-3.2.1/src/iop/colorin.c:1940:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
  memcpy(module->params, module->default_params, sizeof(dt_iop_colorin_params_t));
data/darktable-3.2.1/src/iop/colorin.c:2076:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char datadir[PATH_MAX] = { 0 };
data/darktable-3.2.1/src/iop/colorin.c:2077:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char confdir[PATH_MAX] = { 0 };
data/darktable-3.2.1/src/iop/colorize.c:352:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
  memcpy(module->params, module->default_params, sizeof(dt_iop_colorize_params_t));
data/darktable-3.2.1/src/iop/colormapping.c:477:19:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    if(g->buffer) memcpy(g->buffer, in, (size_t)width * height * ch * sizeof(float));
data/darktable-3.2.1/src/iop/colormapping.c:585:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(out, in, (size_t)sizeof(float) * ch * width * height);
data/darktable-3.2.1/src/iop/colormapping.c:791:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
  memcpy(d, p, sizeof(dt_iop_colormapping_params_t));
data/darktable-3.2.1/src/iop/colormapping.c:889:7:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
      memcpy(d->source_ihist, g->flowback.hist, sizeof(float) * HISTN);
data/darktable-3.2.1/src/iop/colormapping.c:890:7:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
      memcpy(d->source_mean, g->flowback.mean, sizeof(float) * MAXN * 2);
data/darktable-3.2.1/src/iop/colormapping.c:891:7:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
      memcpy(d->source_var, g->flowback.var, sizeof(float) * MAXN * 2);
data/darktable-3.2.1/src/iop/colormapping.c:892:7:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
      memcpy(d->source_weight, g->flowback.weight, sizeof(float) * MAXN);
data/darktable-3.2.1/src/iop/colormapping.c:898:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
  memcpy(module->params, module->default_params, sizeof(dt_iop_colormapping_params_t));
data/darktable-3.2.1/src/iop/colormapping.c:989:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
  memcpy(buffer, g->buffer, width * height * ch * sizeof(float));
data/darktable-3.2.1/src/iop/colormapping.c:1027:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(g->flowback.hist, p->source_ihist, sizeof(float) * HISTN);
data/darktable-3.2.1/src/iop/colormapping.c:1028:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(g->flowback.mean, p->source_mean, sizeof(float) * MAXN * 2);
data/darktable-3.2.1/src/iop/colormapping.c:1029:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(g->flowback.var, p->source_var, sizeof(float) * MAXN * 2);
data/darktable-3.2.1/src/iop/colormapping.c:1030:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(g->flowback.weight, p->source_weight, sizeof(float) * MAXN);
data/darktable-3.2.1/src/iop/colorout.c:68:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char filename[DT_IOP_COLOR_ICC_LEN];
data/darktable-3.2.1/src/iop/colorout.c:149:7:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
      char iccprofile[DT_IOP_COLOR_ICC_LEN_V4];
data/darktable-3.2.1/src/iop/colorout.c:150:7:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
      char displayprofile[DT_IOP_COLOR_ICC_LEN_V4];
data/darktable-3.2.1/src/iop/colorout.c:154:7:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
      char softproofprofile[DT_IOP_COLOR_ICC_LEN_V4];
data/darktable-3.2.1/src/iop/colorout.c:188:7:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
      char filename[DT_IOP_COLOR_ICC_LEN_V4];
data/darktable-3.2.1/src/iop/colorout.c:408:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(ovoid, ivoid, sizeof(float)*4*roi_out->width*roi_out->height);
data/darktable-3.2.1/src/iop/colorout.c:485:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(ovoid, ivoid, sizeof(float)*4*roi_out->width*roi_out->height);
data/darktable-3.2.1/src/iop/colorout.c:833:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
  memcpy(module->params, &tmp, sizeof(dt_iop_colorout_params_t));
data/darktable-3.2.1/src/iop/colorout.c:834:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
  memcpy(module->default_params, &tmp, sizeof(dt_iop_colorout_params_t));
data/darktable-3.2.1/src/iop/colorout.c:870:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char datadir[PATH_MAX] = { 0 };
data/darktable-3.2.1/src/iop/colorout.c:871:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char confdir[PATH_MAX] = { 0 };
data/darktable-3.2.1/src/iop/colorreconstruction.c:320:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(bf->buf, b->buf, b->size_x * b->size_y * b->size_z * sizeof(dt_iop_colorreconstruct_Lab_t));
data/darktable-3.2.1/src/iop/colorreconstruction.c:356:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(b->buf, bf->buf, b->size_x * b->size_y * b->size_z * sizeof(dt_iop_colorreconstruct_Lab_t));
data/darktable-3.2.1/src/iop/colorreconstruction.c:681:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
  memcpy(ovoid, ivoid, (size_t)sizeof(float) * piece->colors * roi_out->width * roi_out->height);
data/darktable-3.2.1/src/iop/colortransfer.c:358:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(out, in, sizeof(float) * ch * roi_out->width * roi_out->height);
data/darktable-3.2.1/src/iop/colortransfer.c:436:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(out, in, sizeof(float) * ch * roi_out->width * roi_out->height);
data/darktable-3.2.1/src/iop/colortransfer.c:476:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
  memcpy(p, &(g->flowback), self->params_size);
data/darktable-3.2.1/src/iop/colortransfer.c:518:7:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
      memcpy (&g->flowback, d, self->params_size);
data/darktable-3.2.1/src/iop/colortransfer.c:532:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(d, p, self->params_size);
data/darktable-3.2.1/src/iop/colortransfer.c:583:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
  memcpy(module->params, &tmp, sizeof(dt_iop_colortransfer_params_t));
data/darktable-3.2.1/src/iop/colortransfer.c:584:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
  memcpy(module->default_params, &tmp, sizeof(dt_iop_colortransfer_params_t));
data/darktable-3.2.1/src/iop/colortransfer.c:618:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(self->params, &g->flowback, self->params_size);
data/darktable-3.2.1/src/iop/colorzones.c:446:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(ovoid, ivoid, roi_out->width * roi_out->height * ch * sizeof(float));
data/darktable-3.2.1/src/iop/colorzones.c:1224:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char text[256];
data/darktable-3.2.1/src/iop/colorzones.c:2666:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
  memcpy(module->params, module->default_params, sizeof(dt_iop_colorzones_params_t));
data/darktable-3.2.1/src/iop/defringe.c:405:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
  memcpy(o, i, (size_t)sizeof(float) * ch * roi_out->width * roi_out->height);
data/darktable-3.2.1/src/iop/demosaic.c:279:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
  memcpy(out, in, (size_t)roi->width * roi->height * sizeof(float));
data/darktable-3.2.1/src/iop/demosaic.c:459:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
  memcpy(out, in, height * width * sizeof(float));
data/darktable-3.2.1/src/iop/demosaic.c:509:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
  memcpy(out, in, (size_t)height * width * sizeof(float));
data/darktable-3.2.1/src/iop/demosaic.c:711:35:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
      for(int c = 1; c <= 3; c++) memcpy(rgb[c], rgb[0], sizeof(*rgb));
data/darktable-3.2.1/src/iop/demosaic.c:804:11:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
          memcpy(rgb + 4, rgb, (size_t)4 * sizeof(*rgb));
data/darktable-3.2.1/src/iop/demosaic.c:1750:35:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
      for(int c = 1; c <= 3; c++) memcpy(rgb[c], rgb[0], sizeof(*rgb));
data/darktable-3.2.1/src/iop/demosaic.c:2123:13:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
            memcpy(&temp[0], fdc_chroma + chrm * TS * TS + (row - 1) * TS + (col), 1 * sizeof(float));
data/darktable-3.2.1/src/iop/demosaic.c:2124:13:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
            memcpy(&temp[1], fdc_chroma + chrm * TS * TS + (row)*TS + (col - 1), 3 * sizeof(float));
data/darktable-3.2.1/src/iop/demosaic.c:2125:13:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
            memcpy(&temp[4], fdc_chroma + chrm * TS * TS + (row + 1) * TS + (col), 1 * sizeof(float));
data/darktable-3.2.1/src/iop/demosaic.c:2411:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(brow[2][col], pix, (size_t)4 * sizeof(*out));
data/darktable-3.2.1/src/iop/demosaic.c:2438:7:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
      memcpy(out + 4 * ((row - 2) * width + 2), brow[0] + 2, (size_t)(width - 4) * 4 * sizeof(*out));
data/darktable-3.2.1/src/iop/demosaic.c:2443:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
  memcpy(out + (4 * ((height - 4) * width + 2)), brow[0] + 2, (size_t)(width - 4) * 4 * sizeof(*out));
data/darktable-3.2.1/src/iop/demosaic.c:2444:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
  memcpy(out + (4 * ((height - 3) * width + 2)), brow[1] + 2, (size_t)(width - 4) * 4 * sizeof(*out));
data/darktable-3.2.1/src/iop/demosaic.c:2612:7:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
      memcpy(buf, color, 4 * sizeof(float));
data/darktable-3.2.1/src/iop/demosaic.c:2704:7:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
      memcpy(buf, color, 4 * sizeof(float));
data/darktable-3.2.1/src/iop/demosaic.c:3944:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char allhex[3][3][8][2];
data/darktable-3.2.1/src/iop/demosaic.c:3947:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char sgreen[2] = { 0 };
data/darktable-3.2.1/src/iop/demosaic.c:4141:15:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
        const char dir[2] = { i, i ^ 1 };
data/darktable-3.2.1/src/iop/demosaic.c:4998:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
  memcpy(module->params, module->default_params, sizeof(dt_iop_demosaic_params_t));
data/darktable-3.2.1/src/iop/denoiseprofile.c:323:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(n->a, o->a, sizeof(float) * 3);
data/darktable-3.2.1/src/iop/denoiseprofile.c:324:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(n->b, o->b, sizeof(float) * 3);
data/darktable-3.2.1/src/iop/denoiseprofile.c:1553:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(ovoid, ivoid, npixels * 4 * sizeof(float));
data/darktable-3.2.1/src/iop/denoiseprofile.c:1655:7:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
      char filename[512];
data/darktable-3.2.1/src/iop/denoiseprofile.c:2387:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
  memcpy(ovoid, ivoid, npixels * 4 * sizeof(float));
data/darktable-3.2.1/src/iop/denoiseprofile.c:2450:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
  memcpy(ovoid, ivoid, npixels * 4 * sizeof(float));
data/darktable-3.2.1/src/iop/denoiseprofile.c:3336:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char name[512];
data/darktable-3.2.1/src/iop/denoiseprofile.c:3395:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(module->params, module->default_params, sizeof(dt_iop_denoiseprofile_params_t));
data/darktable-3.2.1/src/iop/dither.c:723:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
  memcpy(&(d->random.range), &(p->random.range), sizeof(p->random.range));
data/darktable-3.2.1/src/iop/equalizer.c:115:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
  memcpy(ovoid, ivoid, (size_t)chs * sizeof(float) * width * height);
data/darktable-3.2.1/src/iop/equalizer.c:284:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
  memcpy(module->params, &tmp, sizeof(dt_iop_equalizer_params_t));
data/darktable-3.2.1/src/iop/equalizer.c:285:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
  memcpy(module->default_params, &tmp, sizeof(dt_iop_equalizer_params_t));
data/darktable-3.2.1/src/iop/filmic.c:1455:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
  memcpy(module->params, &tmp, sizeof(dt_iop_filmic_params_t));
data/darktable-3.2.1/src/iop/filmic.c:1456:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
  memcpy(module->default_params, &tmp, sizeof(dt_iop_filmic_params_t));
data/darktable-3.2.1/src/iop/filmicrgb.c:2117:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
  memcpy(module->params, module->default_params, sizeof(dt_iop_filmicrgb_params_t));
data/darktable-3.2.1/src/iop/flip.c:446:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
  memcpy(self->params, &tmp, sizeof(dt_iop_flip_params_t));
data/darktable-3.2.1/src/iop/flip.c:447:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
  memcpy(self->default_params, &tmp, sizeof(dt_iop_flip_params_t));
data/darktable-3.2.1/src/iop/globaltonemap.c:148:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(n, o, sizeof(dt_iop_global_tonemap_params_t) - sizeof(float));
data/darktable-3.2.1/src/iop/hazeremoval.c:272:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
  memcpy(img2.data, img1.data, sizeof(float) * img1.width * img1.height);
data/darktable-3.2.1/src/iop/hazeremoval.c:337:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(img2_bak.data, img2.data + (size_t)i1 * img2.width, sizeof(float) * img2.width);
data/darktable-3.2.1/src/iop/hazeremoval.c:416:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(img2_bak.data, img2.data + (size_t)i1 * img2.width, sizeof(float) * img2.width);
data/darktable-3.2.1/src/iop/highlights.c:118:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(new_params, old_params, sizeof(dt_iop_highlights_params_t) - sizeof(float));
data/darktable-3.2.1/src/iop/highlights.c:980:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
  memcpy(d, p, sizeof(*p));
data/darktable-3.2.1/src/iop/hotpixels.c:289:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
  memcpy(ovoid, ivoid, (size_t)roi_out->width * roi_out->height * sizeof(float));
data/darktable-3.2.1/src/iop/lens.cc:77:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char name[80];
data/darktable-3.2.1/src/iop/lens.cc:92:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char camera[128];
data/darktable-3.2.1/src/iop/lens.cc:93:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char lens[128];
data/darktable-3.2.1/src/iop/lens.cc:223:7:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
      char camera[52];
data/darktable-3.2.1/src/iop/lens.cc:224:7:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
      char lens[52];
data/darktable-3.2.1/src/iop/lens.cc:266:7:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
      char camera[128];
data/darktable-3.2.1/src/iop/lens.cc:267:7:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
      char lens[128];
data/darktable-3.2.1/src/iop/lens.cc:278:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(n, o, sizeof(dt_iop_lensfun_params_t) - sizeof(int));
data/darktable-3.2.1/src/iop/lens.cc:302:7:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
      char camera[128];
data/darktable-3.2.1/src/iop/lens.cc:303:7:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
      char lens[128];
data/darktable-3.2.1/src/iop/lens.cc:315:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(n, o, sizeof(dt_iop_lensfun_params_t));
data/darktable-3.2.1/src/iop/lens.cc:404:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(ovoid, ivoid, (size_t)ch * sizeof(float) * roi_out->width * roi_out->height);
data/darktable-3.2.1/src/iop/lens.cc:480:7:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
      memcpy(ovoid, ivoid, (size_t)ch * sizeof(float) * roi_out->width * roi_out->height);
data/darktable-3.2.1/src/iop/lens.cc:506:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(buf, ivoid, bufsize);
data/darktable-3.2.1/src/iop/lens.cc:583:7:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
      memcpy(ovoid, buf, bufsize);
data/darktable-3.2.1/src/iop/lens.cc:952:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(out, in, sizeof(float) * roi_out->width * roi_out->height);
data/darktable-3.2.1/src/iop/lens.cc:965:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(out, in, sizeof(float) * roi_out->width * roi_out->height);
data/darktable-3.2.1/src/iop/lens.cc:1259:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char datadir[PATH_MAX] = { 0 };
data/darktable-3.2.1/src/iop/lens.cc:1334:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char model[100]; // truncate often complex descriptions.
data/darktable-3.2.1/src/iop/lens.cc:1422:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
  memcpy(module->params, module->default_params, sizeof(dt_iop_lensfun_params_t));
data/darktable-3.2.1/src/iop/lens.cc:1553:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char _variant[100];
data/darktable-3.2.1/src/iop/lens.cc:1670:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
  memcpy(model, txt, len);
data/darktable-3.2.1/src/iop/lens.cc:1703:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char make[200], model[200];
data/darktable-3.2.1/src/iop/lens.cc:1838:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char focal[100], aperture[100], mounts[200];
data/darktable-3.2.1/src/iop/lens.cc:1908:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char txt[30];
data/darktable-3.2.1/src/iop/lens.cc:2069:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char model[200];
data/darktable-3.2.1/src/iop/lens.cc:2346:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char make [200], model [200];
data/darktable-3.2.1/src/iop/lens.cc:2443:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(self->params, self->default_params, sizeof(dt_iop_lensfun_params_t));
data/darktable-3.2.1/src/iop/lens.cc:2490:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char model[200];
data/darktable-3.2.1/src/iop/levels.c:601:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
  memcpy(self->params, self->default_params, sizeof(dt_iop_levels_params_t));
data/darktable-3.2.1/src/iop/levels.c:969:7:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
      memcpy(self->params, self->default_params, self->params_size);
data/darktable-3.2.1/src/iop/liquify.c:1255:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
  memcpy(&copy_params, (dt_iop_liquify_params_t *)piece->data, sizeof(dt_iop_liquify_params_t));
data/darktable-3.2.1/src/iop/liquify.c:1294:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
  memcpy(&copy_params, (dt_iop_liquify_params_t*)piece->data, sizeof(dt_iop_liquify_params_t));
data/darktable-3.2.1/src/iop/liquify.c:1361:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(&copy_params, (dt_iop_liquify_params_t *)piece->data, sizeof(dt_iop_liquify_params_t));
data/darktable-3.2.1/src/iop/liquify.c:1432:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(destrow, srcrow, sizeof(float) * roi_out->width);
data/darktable-3.2.1/src/iop/liquify.c:1478:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(destrow, srcrow, sizeof(float) * ch * width);
data/darktable-3.2.1/src/iop/liquify.c:1723:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
  memcpy(piece->data, params, module->params_size);
data/darktable-3.2.1/src/iop/liquify.c:1807:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char str[10];
data/darktable-3.2.1/src/iop/liquify.c:2698:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
  memcpy(&copy_params, &g->params, sizeof(dt_iop_liquify_params_t));
data/darktable-3.2.1/src/iop/liquify.c:2742:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(module->params, &g->params, sizeof(dt_iop_liquify_params_t));
data/darktable-3.2.1/src/iop/liquify.c:3518:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
  memcpy(&g->params, module->params, sizeof(dt_iop_liquify_params_t));
data/darktable-3.2.1/src/iop/lowlight.c:310:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
  memcpy(module->params, module->default_params, sizeof(dt_iop_lowlight_params_t));
data/darktable-3.2.1/src/iop/lut3d.c:71:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char filepath[DT_IOP_LUT3D_MAX_PATHNAME];
data/darktable-3.2.1/src/iop/lut3d.c:75:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char c_clut[DT_IOP_LUT3D_MAX_KEYPOINTS*2*3];
data/darktable-3.2.1/src/iop/lut3d.c:76:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char lutname[DT_IOP_LUT3D_MAX_LUTNAME];
data/darktable-3.2.1/src/iop/lut3d.c:171:7:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
      char filepath[DT_IOP_LUT3D_MAX_PATHNAME];
data/darktable-3.2.1/src/iop/lut3d.c:190:7:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
      char filepath[DT_IOP_LUT3D_MAX_PATHNAME];
data/darktable-3.2.1/src/iop/lut3d.c:194:7:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
      char c_clut[DT_IOP_LUT3D_MAX_KEYPOINTS*2*3];
data/darktable-3.2.1/src/iop/lut3d.c:195:7:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
      char lutname[DT_IOP_LUT3D_MAX_LUTNAME];
data/darktable-3.2.1/src/iop/lut3d.c:201:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(n, o, sizeof(dt_iop_lut3d_params_t));
data/darktable-3.2.1/src/iop/lut3d.c:461:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char cache_filename[DT_IOP_LUT3D_MAX_PATHNAME];
data/darktable-3.2.1/src/iop/lut3d.c:673:25:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
uint8_t parse_cube_line(char *line, char (*token)[50])
data/darktable-3.2.1/src/iop/lut3d.c:673:37:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
uint8_t parse_cube_line(char *line, char (*token)[50])
data/darktable-3.2.1/src/iop/lut3d.c:734:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char token[3][50];
data/darktable-3.2.1/src/iop/lut3d.c:862:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char token[3][50];
data/darktable-3.2.1/src/iop/lut3d.c:1110:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(obuf, ibuf, width * height * ch * sizeof(float));
data/darktable-3.2.1/src/iop/lut3d.c:1370:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
  memcpy(&d->params, p, sizeof(dt_iop_lut3d_params_t));
data/darktable-3.2.1/src/iop/lut3d.c:1377:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
  memcpy(&d->params, self->default_params, sizeof(dt_iop_lut3d_params_t));
data/darktable-3.2.1/src/iop/lut3d.c:1399:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char filepath[DT_IOP_LUT3D_MAX_PATHNAME];
data/darktable-3.2.1/src/iop/lut3d.c:1626:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
  memcpy(self->params, self->default_params, sizeof(dt_iop_lut3d_params_t));
data/darktable-3.2.1/src/iop/lut3dgmic.cpp:49:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char gmic_cmd[512];
data/darktable-3.2.1/src/iop/lut3dgmic.cpp:94:8:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
  std::memcpy( output_clut_data, image_list[0]._data, img_size*sizeof(float));
data/darktable-3.2.1/src/iop/lut3dgmic.cpp:103:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char gmic_cmd[512];
data/darktable-3.2.1/src/iop/lut3dgmic.cpp:151:8:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
  std::memcpy(output_clut_data, image_list[0]._data, img_size*sizeof(float));
data/darktable-3.2.1/src/iop/lut3dgmic.cpp:161:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char gmic_cmd[512];
data/darktable-3.2.1/src/iop/mask_manager.c:81:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
  memcpy(o, i, (size_t)ch * roi_out->width * roi_out->height * sizeof(float));
data/darktable-3.2.1/src/iop/mask_manager.c:109:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
  memcpy(piece->data, params, sizeof(dt_iop_mask_manager_params_t));
data/darktable-3.2.1/src/iop/monochrome.c:114:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(p2, p1, sizeof(dt_iop_monochrome_params_t) - sizeof(float));
data/darktable-3.2.1/src/iop/negadoctor.c:403:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
  memcpy(module->params, &tmp, sizeof(dt_iop_negadoctor_params_t));
data/darktable-3.2.1/src/iop/negadoctor.c:404:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
  memcpy(module->default_params, &tmp, sizeof(dt_iop_negadoctor_params_t));
data/darktable-3.2.1/src/iop/nlmeans.c:740:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
  memcpy(d, p, sizeof(*d));
data/darktable-3.2.1/src/iop/rawdenoise.c:514:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(ovoid, ivoid, (size_t)sizeof(float)*width*height);
data/darktable-3.2.1/src/iop/rawdenoise.c:549:2:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
 memcpy(module->params, module->default_params, sizeof(dt_iop_rawdenoise_params_t));
data/darktable-3.2.1/src/iop/rawoverexposed.c:166:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
  memcpy(ovoid, ivoid, (size_t)ch * roi_out->width * roi_out->height * sizeof(float));
data/darktable-3.2.1/src/iop/rawoverexposed.c:246:11:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
          memcpy(out + pout, dt_iop_rawoverexposed_colors[c], 4 * sizeof(float));
data/darktable-3.2.1/src/iop/rawoverexposed.c:249:11:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
          memcpy(out + pout, color, 4 * sizeof(float));
data/darktable-3.2.1/src/iop/rawprepare.c:749:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
  memcpy(self->params, &tmp, sizeof(dt_iop_rawprepare_params_t));
data/darktable-3.2.1/src/iop/rawprepare.c:750:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
  memcpy(self->default_params, &tmp, sizeof(dt_iop_rawprepare_params_t));
data/darktable-3.2.1/src/iop/retouch.c:1162:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char text[256];
data/darktable-3.2.1/src/iop/retouch.c:2154:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
  memcpy(module->params, &tmp, sizeof(dt_iop_retouch_params_t));
data/darktable-3.2.1/src/iop/retouch.c:2155:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
  memcpy(module->default_params, &tmp, sizeof(dt_iop_retouch_params_t));
data/darktable-3.2.1/src/iop/retouch.c:2257:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
  memcpy(piece->data, params, sizeof(dt_iop_retouch_params_t));
data/darktable-3.2.1/src/iop/retouch.c:3609:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(out1, in1, rowsize);
data/darktable-3.2.1/src/iop/retouch.c:4178:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
  memcpy(in_retouch, ivoid, roi_rt->width * roi_rt->height * ch * sizeof(float));
data/darktable-3.2.1/src/iop/rgbcurve.c:109:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char filename_work[DT_IOP_COLOR_ICC_LEN];
data/darktable-3.2.1/src/iop/rgbcurve.c:777:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char text[256];
data/darktable-3.2.1/src/iop/rgbcurve.c:1522:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
  memcpy(&d->params, default_params, sizeof(dt_iop_rgbcurve_params_t));
data/darktable-3.2.1/src/iop/rgbcurve.c:1562:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
  memcpy(module->params, module->default_params, sizeof(dt_iop_rgbcurve_params_t));
data/darktable-3.2.1/src/iop/rgbcurve.c:1614:7:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
      memcpy(curve_nodes[ch], d->params.curve_nodes[ch], DT_IOP_RGBCURVE_MAXNODES * sizeof(dt_iop_rgbcurve_node_t));
data/darktable-3.2.1/src/iop/rgbcurve.c:1665:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
  memcpy(&d->params, p, sizeof(dt_iop_rgbcurve_params_t));
data/darktable-3.2.1/src/iop/rgblevels.c:163:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(p, &g->params, sizeof(dt_iop_rgblevels_params_t));
data/darktable-3.2.1/src/iop/rgblevels.c:840:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
  memcpy(&(d->params), p, sizeof(dt_iop_rgblevels_params_t));
data/darktable-3.2.1/src/iop/rgblevels.c:912:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
  memcpy(self->params, self->default_params, sizeof(dt_iop_rgblevels_params_t));
data/darktable-3.2.1/src/iop/rgblevels.c:1209:7:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
      memcpy(&g->params, p, sizeof(dt_iop_rgblevels_params_t));
data/darktable-3.2.1/src/iop/rgblevels.c:1367:7:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
      memcpy(&g->params, p, sizeof(dt_iop_rgblevels_params_t));
data/darktable-3.2.1/src/iop/rotatepixels.c:348:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
  memcpy(self->params, &tmp, sizeof(dt_iop_rotatepixels_params_t));
data/darktable-3.2.1/src/iop/rotatepixels.c:349:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
  memcpy(self->default_params, &tmp, sizeof(dt_iop_rotatepixels_params_t));
data/darktable-3.2.1/src/iop/scalepixels.c:265:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
  memcpy(self->params, &tmp, sizeof(dt_iop_scalepixels_params_t));
data/darktable-3.2.1/src/iop/scalepixels.c:266:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
  memcpy(self->default_params, &tmp, sizeof(dt_iop_scalepixels_params_t));
data/darktable-3.2.1/src/iop/sharpen.c:293:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(ovoid, ivoid, (size_t)sizeof(float) * ch * roi_out->width * roi_out->height);
data/darktable-3.2.1/src/iop/sharpen.c:301:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(ovoid, ivoid, (size_t)sizeof(float) * ch * roi_out->width * roi_out->height);
data/darktable-3.2.1/src/iop/sharpen.c:426:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(((float *)ovoid) + (size_t)ch * j * roi_out->width,
data/darktable-3.2.1/src/iop/sharpen.c:429:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(((float *)ovoid) + (size_t)ch * j * roi_out->width,
data/darktable-3.2.1/src/iop/sharpen.c:487:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(ovoid, ivoid, (size_t)sizeof(float) * ch * roi_out->width * roi_out->height);
data/darktable-3.2.1/src/iop/sharpen.c:495:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(ovoid, ivoid, (size_t)sizeof(float) * ch * roi_out->width * roi_out->height);
data/darktable-3.2.1/src/iop/sharpen.c:624:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(((float *)ovoid) + (size_t)ch * j * roi_out->width,
data/darktable-3.2.1/src/iop/sharpen.c:627:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(((float *)ovoid) + (size_t)ch * j * roi_out->width,
data/darktable-3.2.1/src/iop/spots.c:493:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(outb, inb, sizeof(float) * roi_out->width * ch);
data/darktable-3.2.1/src/iop/spots.c:673:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
  memcpy(module->params, &tmp, sizeof(dt_iop_spots_params_t));
data/darktable-3.2.1/src/iop/spots.c:674:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
  memcpy(module->default_params, &tmp, sizeof(dt_iop_spots_params_t));
data/darktable-3.2.1/src/iop/spots.c:732:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
  memcpy(piece->data, params, sizeof(dt_iop_spots_params_t));
data/darktable-3.2.1/src/iop/temperature.c:1112:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
  memcpy(module->params, &tmp, sizeof(dt_iop_temperature_params_t));
data/darktable-3.2.1/src/iop/temperature.c:1113:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
  memcpy(module->default_params, &tmp, sizeof(dt_iop_temperature_params_t));
data/darktable-3.2.1/src/iop/tonecurve.c:284:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(n->tonecurve, o->tonecurve, sizeof(dt_iop_tonecurve_params4_t));
data/darktable-3.2.1/src/iop/tonecurve.c:881:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
  memcpy(module->params, &tmp, sizeof(dt_iop_tonecurve_params_t));
data/darktable-3.2.1/src/iop/tonecurve.c:882:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
  memcpy(module->default_params, &tmp, sizeof(dt_iop_tonecurve_params_t));
data/darktable-3.2.1/src/iop/tonecurve.c:1432:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char text[256];
data/darktable-3.2.1/src/iop/toneequal.c:2239:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char text[256];
data/darktable-3.2.1/src/iop/toneequal.c:2310:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char text[256];
data/darktable-3.2.1/src/iop/useless.c:115:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
  memcpy(piece->data, p1, self->params_size);
data/darktable-3.2.1/src/iop/useless.c:211:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
  memcpy(module->params, &tmp, sizeof(dt_iop_useless_params_t));
data/darktable-3.2.1/src/iop/useless.c:212:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
  memcpy(module->default_params, &tmp, sizeof(dt_iop_useless_params_t));
data/darktable-3.2.1/src/iop/velvia.c:142:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(ovoid, ivoid, (size_t)sizeof(float) * ch * roi_out->width * roi_out->height);
data/darktable-3.2.1/src/iop/velvia.c:190:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(out, in, (size_t)sizeof(float) * ch * roi_out->width * roi_out->height);
data/darktable-3.2.1/src/iop/watermark.c:77:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char filename[64];
data/darktable-3.2.1/src/iop/watermark.c:79:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char text[512];
data/darktable-3.2.1/src/iop/watermark.c:83:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char font[64];
data/darktable-3.2.1/src/iop/watermark.c:95:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char filename[64];
data/darktable-3.2.1/src/iop/watermark.c:96:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char text[512];
data/darktable-3.2.1/src/iop/watermark.c:98:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char font[64];
data/darktable-3.2.1/src/iop/watermark.c:133:7:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
      char filename[64];
data/darktable-3.2.1/src/iop/watermark.c:170:7:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
      char filename[64];
data/darktable-3.2.1/src/iop/watermark.c:209:7:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
      char filename[64];
data/darktable-3.2.1/src/iop/watermark.c:248:7:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
      char filename[64];
data/darktable-3.2.1/src/iop/watermark.c:250:7:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
      char text[64];
data/darktable-3.2.1/src/iop/watermark.c:254:7:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
      char font[64];
data/darktable-3.2.1/src/iop/watermark.c:396:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char datetime[200];
data/darktable-3.2.1/src/iop/watermark.c:898:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(ovoid, ivoid, (size_t)sizeof(float) * ch * roi_out->width * roi_out->height);
data/darktable-3.2.1/src/iop/watermark.c:913:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(ovoid, ivoid, (size_t)sizeof(float) * ch * roi_out->width * roi_out->height);
data/darktable-3.2.1/src/iop/watermark.c:928:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(ovoid, ivoid, (size_t)sizeof(float) * ch * roi_out->width * roi_out->height);
data/darktable-3.2.1/src/iop/watermark.c:1043:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(ovoid, ivoid, (size_t)sizeof(float) * ch * roi_out->width * roi_out->height);
data/darktable-3.2.1/src/iop/watermark.c:1383:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
  memcpy(module->params, module->default_params, sizeof(dt_iop_watermark_params_t));
data/darktable-3.2.1/src/libs/camera.c:348:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char model[4096] = { 0 };
data/darktable-3.2.1/src/libs/camera.c:357:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char battery[4096] = { 0 };
data/darktable-3.2.1/src/libs/collect.c:78:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char string[PARAM_STRING_SIZE];
data/darktable-3.2.1/src/libs/collect.c:168:7:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
      memcpy(n->rule[r].string, o->rule[r].string, PARAM_STRING_SIZE);
data/darktable-3.2.1/src/libs/collect.c:220:7:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
      memcpy(new->rule[r].string, old->rule[r].string, PARAM_STRING_SIZE);
data/darktable-3.2.1/src/libs/collect.c:246:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char confname[200] = { 0 };
data/darktable-3.2.1/src/libs/collect.c:279:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
  memcpy(p, ((dt_lib_collect_t *)self->data)->params, *size);
data/darktable-3.2.1/src/libs/collect.c:287:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char confname[200] = { 0 };
data/darktable-3.2.1/src/libs/collect.c:953:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char confname[200] = { 0 };
data/darktable-3.2.1/src/libs/collect.c:1110:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
  memcpy(result + 1, tag, len + 1);
data/darktable-3.2.1/src/libs/collect.c:1495:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char query[1024] = { 0 };
data/darktable-3.2.1/src/libs/collect.c:1898:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char confname[200] = { 0 };
data/darktable-3.2.1/src/libs/collect.c:2246:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char confname[200] = { 0 };
data/darktable-3.2.1/src/libs/collect.c:2266:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char confname[200] = { 0 };
data/darktable-3.2.1/src/libs/collect.c:2437:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char confname[200] = { 0 };
data/darktable-3.2.1/src/libs/colorpicker.c:138:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char text[128] = { 0 };
data/darktable-3.2.1/src/libs/colorpicker.c:139:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char tooltip[128] = { 0 };
data/darktable-3.2.1/src/libs/colorpicker.c:242:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char text[128] = { 0 };
data/darktable-3.2.1/src/libs/colorpicker.c:243:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char tooltip[128] = { 0 };
data/darktable-3.2.1/src/libs/export.c:148:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char style[128] = { 0 };
data/darktable-3.2.1/src/libs/export.c:714:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char datadir[PATH_MAX] = { 0 };
data/darktable-3.2.1/src/libs/export.c:715:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char confdir[PATH_MAX] = { 0 };
data/darktable-3.2.1/src/libs/export.c:968:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(new_params, op_params, copy_over_part);
data/darktable-3.2.1/src/libs/export.c:971:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(new_params + pos, &new_fversion, sizeof(int32_t));
data/darktable-3.2.1/src/libs/export.c:973:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(new_params + pos, &new_sversion, sizeof(int32_t));
data/darktable-3.2.1/src/libs/export.c:975:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(new_params + pos, &new_fsize, sizeof(int32_t));
data/darktable-3.2.1/src/libs/export.c:977:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(new_params + pos, &new_ssize, sizeof(int32_t));
data/darktable-3.2.1/src/libs/export.c:980:11:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
          memcpy(new_params + pos, new_fdata, new_fsize);
data/darktable-3.2.1/src/libs/export.c:982:11:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
          memcpy(new_params + pos, fdata, fsize);
data/darktable-3.2.1/src/libs/export.c:985:11:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
          memcpy(new_params + pos, new_sdata, new_ssize);
data/darktable-3.2.1/src/libs/export.c:987:11:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
          memcpy(new_params + pos, sdata, ssize);
data/darktable-3.2.1/src/libs/export.c:1060:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(new_params, old_params, first_half);
data/darktable-3.2.1/src/libs/export.c:1065:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(new_params + first_half, &fversion, sizeof(int32_t));
data/darktable-3.2.1/src/libs/export.c:1066:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(new_params + first_half + sizeof(int32_t), &sversion, sizeof(int32_t));
data/darktable-3.2.1/src/libs/export.c:1068:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(new_params + first_half + 2 * sizeof(int32_t), buf, old_params_size - first_half);
data/darktable-3.2.1/src/libs/export.c:1080:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(new_params, old_params, 2 * sizeof(int32_t));
data/darktable-3.2.1/src/libs/export.c:1081:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(new_params + 3 * sizeof(int32_t), old_params + 2 * sizeof(int32_t), old_params_size - 2 * sizeof(int32_t));
data/darktable-3.2.1/src/libs/export.c:1127:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(new_params, old_params, 4 * sizeof(int32_t));
data/darktable-3.2.1/src/libs/export.c:1129:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(new_params + pos, &icctype, sizeof(int32_t));
data/darktable-3.2.1/src/libs/export.c:1131:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(new_params + pos, iccfilename, strlen(iccfilename) + 1);
data/darktable-3.2.1/src/libs/export.c:1134:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(new_params + pos, old_params + old_pos, old_params_size - old_pos);
data/darktable-3.2.1/src/libs/export.c:1157:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(new_params, old_params, 3 * sizeof(int32_t));
data/darktable-3.2.1/src/libs/export.c:1159:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(new_params + pos, old_params + pos - sizeof(int32_t), old_params_size - 3 * sizeof(int32_t));
data/darktable-3.2.1/src/libs/export.c:1185:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(new_params, old_params, 6 * sizeof(int32_t));
data/darktable-3.2.1/src/libs/export.c:1187:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(new_params + pos, flags, flags_size);
data/darktable-3.2.1/src/libs/export.c:1189:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(new_params + pos, old_params + pos - flags_size, old_params_size - 6 * sizeof(int32_t));
data/darktable-3.2.1/src/libs/export.c:1211:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(new_params, old_params, 4 * sizeof(int32_t));
data/darktable-3.2.1/src/libs/export.c:1213:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(new_params + pos, old_params + pos - sizeof(int32_t), old_params_size - 4 * sizeof(int32_t));
data/darktable-3.2.1/src/libs/export.c:1287:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
  memcpy(params + pos, &max_width, sizeof(int32_t));
data/darktable-3.2.1/src/libs/export.c:1289:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
  memcpy(params + pos, &max_height, sizeof(int32_t));
data/darktable-3.2.1/src/libs/export.c:1291:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
  memcpy(params + pos, &upscale, sizeof(int32_t));
data/darktable-3.2.1/src/libs/export.c:1293:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
  memcpy(params + pos, &high_quality, sizeof(int32_t));
data/darktable-3.2.1/src/libs/export.c:1295:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
  memcpy(params + pos, &export_masks, sizeof(int32_t));
data/darktable-3.2.1/src/libs/export.c:1297:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
  memcpy(params + pos, &iccintent, sizeof(int32_t));
data/darktable-3.2.1/src/libs/export.c:1299:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
  memcpy(params + pos, &icctype, sizeof(int32_t));
data/darktable-3.2.1/src/libs/export.c:1301:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
  memcpy(params + pos, metadata_export, strlen(metadata_export) + 1);
data/darktable-3.2.1/src/libs/export.c:1303:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
  memcpy(params + pos, iccfilename, strlen(iccfilename) + 1);
data/darktable-3.2.1/src/libs/export.c:1305:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
  memcpy(params + pos, fname, fname_len + 1);
data/darktable-3.2.1/src/libs/export.c:1307:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
  memcpy(params + pos, sname, sname_len + 1);
data/darktable-3.2.1/src/libs/export.c:1309:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
  memcpy(params + pos, &fversion, sizeof(int32_t));
data/darktable-3.2.1/src/libs/export.c:1311:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
  memcpy(params + pos, &sversion, sizeof(int32_t));
data/darktable-3.2.1/src/libs/export.c:1313:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
  memcpy(params + pos, &fsize, sizeof(int32_t));
data/darktable-3.2.1/src/libs/export.c:1315:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
  memcpy(params + pos, &ssize, sizeof(int32_t));
data/darktable-3.2.1/src/libs/export.c:1319:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(params + pos, fdata, fsize);
data/darktable-3.2.1/src/libs/export.c:1324:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(params + pos, sdata, ssize);
data/darktable-3.2.1/src/libs/geotagging.c:606:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char line[MAX_LINE_LENGTH];
data/darktable-3.2.1/src/libs/geotagging.c:621:9:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
        char datadir[PATH_MAX] = { 0 };
data/darktable-3.2.1/src/libs/histogram.c:281:12:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
  if(hist) memcpy(hist, dev->histogram, histsize);
data/darktable-3.2.1/src/libs/histogram.c:353:11:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
  if(wav) memcpy(wav, dev->histogram_waveform, histsize);
data/darktable-3.2.1/src/libs/import.c:194:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char buffer[512] = { 0 };
data/darktable-3.2.1/src/libs/lib.c:46:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char plugin_name[128];
data/darktable-3.2.1/src/libs/lib.c:182:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char path[1024];
data/darktable-3.2.1/src/libs/lib.c:223:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char title[1024];
data/darktable-3.2.1/src/libs/lib.c:337:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char path[1024];
data/darktable-3.2.1/src/libs/lib.c:374:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char tmp_path[1024];
data/darktable-3.2.1/src/libs/lib.c:669:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
  memcpy(params, old_params, old_params_size);
data/darktable-3.2.1/src/libs/lib.c:891:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char var[1024];
data/darktable-3.2.1/src/libs/lib.c:903:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char var[1024];
data/darktable-3.2.1/src/libs/lib.c:1161:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char lay[32] = "";
data/darktable-3.2.1/src/libs/lib.c:1230:7:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
      char path[1024];
data/darktable-3.2.1/src/libs/lib.h:81:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char plugin_name[128];
data/darktable-3.2.1/src/libs/live_view.c:358:7:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
      char name[5];
data/darktable-3.2.1/src/libs/location.c:224:29:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
  if(lib->response != NULL) memcpy(newdata, lib->response, lib->response_size);
data/darktable-3.2.1/src/libs/location.c:225:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
  memcpy(newdata + lib->response_size, buffer, nmemb);
data/darktable-3.2.1/src/libs/location.c:652:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
  memcpy(params + size_fixed, location->name, size_name);
data/darktable-3.2.1/src/libs/masks.c:295:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char str[256] = "";
data/darktable-3.2.1/src/libs/masks.c:300:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char str2[256] = "";
data/darktable-3.2.1/src/libs/masks.c:1068:11:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
          char str[10000] = "";
data/darktable-3.2.1/src/libs/masks.c:1305:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char str[256] = "";
data/darktable-3.2.1/src/libs/masks.c:1320:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char str2[1000] = "";
data/darktable-3.2.1/src/libs/metadata.c:803:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
  memcpy(params + 4, string, params_size - metadata_nb);
data/darktable-3.2.1/src/libs/metadata.c:834:11:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    const char *metadata[DT_METADATA_NUMBER];
data/darktable-3.2.1/src/libs/metadata.c:850:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(new_params + pos, metadata[3], metadata_len[3]);
data/darktable-3.2.1/src/libs/metadata.c:852:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(new_params + pos, metadata[4], metadata_len[4]);
data/darktable-3.2.1/src/libs/metadata.c:854:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(new_params + pos, metadata[0], metadata_len[0]);
data/darktable-3.2.1/src/libs/metadata.c:856:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(new_params + pos, metadata[1], metadata_len[1]);
data/darktable-3.2.1/src/libs/metadata.c:858:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(new_params + pos, metadata[2], metadata_len[2]);
data/darktable-3.2.1/src/libs/metadata.c:870:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(new_params, old_params, old_params_size);
data/darktable-3.2.1/src/libs/metadata.c:884:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char *metadata[DT_METADATA_NUMBER];
data/darktable-3.2.1/src/libs/metadata.c:905:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(params + pos, metadata[i], metadata_len[i]);
data/darktable-3.2.1/src/libs/metadata.c:921:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char *metadata[DT_METADATA_NUMBER];
data/darktable-3.2.1/src/libs/metadata_view.c:254:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char value[512];
data/darktable-3.2.1/src/libs/metadata_view.c:255:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char pathname[PATH_MAX] = { 0 };
data/darktable-3.2.1/src/libs/metadata_view.c:270:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char tooltip[512];
data/darktable-3.2.1/src/libs/metadata_view.c:294:7:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
      char datetime[200];
data/darktable-3.2.1/src/libs/metadata_view.c:304:7:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
      char datetime[200];
data/darktable-3.2.1/src/libs/metadata_view.c:313:7:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
      char datetime[200];
data/darktable-3.2.1/src/libs/metadata_view.c:322:7:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
      char datetime[200];
data/darktable-3.2.1/src/libs/metadata_view.c:351:7:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
      char *tooltip_parts[14] = { 0 };
data/darktable-3.2.1/src/libs/metadata_view.c:524:7:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
      char datetime[200];
data/darktable-3.2.1/src/libs/metadata_view.c:746:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char path[512];
data/darktable-3.2.1/src/libs/metadata_view.c:750:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char collect[1024];
data/darktable-3.2.1/src/libs/modulelist.c:255:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char datadir[PATH_MAX] = { 0 };
data/darktable-3.2.1/src/libs/modulelist.c:264:7:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
      char filename[PATH_MAX] = { 0 };
data/darktable-3.2.1/src/libs/modulelist.c:370:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(params + len, module->op, op_len);
data/darktable-3.2.1/src/libs/modulelist.c:545:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(params + len, module->op, op_len);
data/darktable-3.2.1/src/libs/navigation.c:251:7:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
      char zoomline[5];
data/darktable-3.2.1/src/libs/print_settings.c:94:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char pdf_filename[PATH_MAX];
data/darktable-3.2.1/src/libs/print_settings.c:100:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char filename[512];                       // icc file name
data/darktable-3.2.1/src/libs/print_settings.c:101:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char name[512];                           // product name
data/darktable-3.2.1/src/libs/print_settings.c:164:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(out_ptr, in_ptr, 3);
data/darktable-3.2.1/src/libs/print_settings.c:174:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(out_ptr, in_ptr, 6);
data/darktable-3.2.1/src/libs/print_settings.c:359:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char tag[256] = { 0 };
data/darktable-3.2.1/src/libs/print_settings.c:419:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
  memcpy(&params->prt, &ps->prt, sizeof(dt_print_info_t));
data/darktable-3.2.1/src/libs/print_settings.c:538:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(&ps->prt.paper, paper, sizeof(dt_paper_info_t));
data/darktable-3.2.1/src/libs/print_settings.c:581:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(&ps->prt.medium, medium, sizeof(dt_medium_info_t));
data/darktable-3.2.1/src/libs/print_settings.c:609:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(&ps->prt.paper, paper, sizeof(dt_paper_info_t));
data/darktable-3.2.1/src/libs/print_settings.c:631:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(&ps->prt.medium, medium, sizeof(dt_medium_info_t));
data/darktable-3.2.1/src/libs/print_settings.c:1122:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char datadir[PATH_MAX] = { 0 };
data/darktable-3.2.1/src/libs/print_settings.c:1123:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char confdir[PATH_MAX] = { 0 };
data/darktable-3.2.1/src/libs/print_settings.c:1668:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(new_params + pos, printer, printer_len);
data/darktable-3.2.1/src/libs/print_settings.c:1671:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(new_params + pos, paper, paper_len);
data/darktable-3.2.1/src/libs/print_settings.c:1674:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(new_params + pos, &landscape, sizeof(int32_t));
data/darktable-3.2.1/src/libs/print_settings.c:1677:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(new_params + pos, &profile_type, sizeof(int32_t));
data/darktable-3.2.1/src/libs/print_settings.c:1680:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(new_params + pos, profile_filename, new_profile_len);
data/darktable-3.2.1/src/libs/print_settings.c:1683:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(new_params + pos, &intent, sizeof(int32_t));
data/darktable-3.2.1/src/libs/print_settings.c:1686:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(new_params + pos, &pprofile_type, sizeof(int32_t));
data/darktable-3.2.1/src/libs/print_settings.c:1689:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(new_params + pos, pprofile_filename, new_pprofile_len);
data/darktable-3.2.1/src/libs/print_settings.c:1692:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(new_params + pos, buf, old_params_size - ((char *)buf - (char *)old_params));
data/darktable-3.2.1/src/libs/print_settings.c:1704:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(new_params, old_params, old_params_size);
data/darktable-3.2.1/src/libs/print_settings.c:1706:7:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    ((char *)new_params)[old_params_size] = '\0';
data/darktable-3.2.1/src/libs/print_settings.c:1910:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
  memcpy(params+pos, printer, printer_len);
data/darktable-3.2.1/src/libs/print_settings.c:1912:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
  memcpy(params+pos, paper, paper_len);
data/darktable-3.2.1/src/libs/print_settings.c:1914:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
  memcpy(params+pos, &landscape, sizeof(int32_t));
data/darktable-3.2.1/src/libs/print_settings.c:1916:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
  memcpy(params+pos, &profile_type, sizeof(int32_t));
data/darktable-3.2.1/src/libs/print_settings.c:1918:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
  memcpy(params+pos, profile, profile_len);
data/darktable-3.2.1/src/libs/print_settings.c:1920:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
  memcpy(params+pos, &intent, sizeof(int32_t));
data/darktable-3.2.1/src/libs/print_settings.c:1922:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
  memcpy(params+pos, &pprofile_type, sizeof(int32_t));
data/darktable-3.2.1/src/libs/print_settings.c:1924:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
  memcpy(params+pos, pprofile, pprofile_len);
data/darktable-3.2.1/src/libs/print_settings.c:1926:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
  memcpy(params+pos, &pintent, sizeof(int32_t));
data/darktable-3.2.1/src/libs/print_settings.c:1928:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
  memcpy(params+pos, &bpc, sizeof(int32_t));
data/darktable-3.2.1/src/libs/print_settings.c:1930:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
  memcpy(params+pos, style, style_len);
data/darktable-3.2.1/src/libs/print_settings.c:1932:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
  memcpy(params+pos, &style_mode, sizeof(int32_t));
data/darktable-3.2.1/src/libs/print_settings.c:1934:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
  memcpy(params+pos, &b_top, sizeof(double));
data/darktable-3.2.1/src/libs/print_settings.c:1936:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
  memcpy(params+pos, &b_bottom, sizeof(double));
data/darktable-3.2.1/src/libs/print_settings.c:1938:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
  memcpy(params+pos, &b_left, sizeof(double));
data/darktable-3.2.1/src/libs/print_settings.c:1940:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
  memcpy(params+pos, &b_right, sizeof(double));
data/darktable-3.2.1/src/libs/print_settings.c:1942:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
  memcpy(params+pos, &alignment, sizeof(int32_t));
data/darktable-3.2.1/src/libs/print_settings.c:1944:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
  memcpy(params+pos, media, media_len);
data/darktable-3.2.1/src/libs/recentcollect.c:103:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char str[400] = { 0 };
data/darktable-3.2.1/src/libs/recentcollect.c:164:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char confname[200];
data/darktable-3.2.1/src/libs/recentcollect.c:184:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char confname[200];
data/darktable-3.2.1/src/libs/recentcollect.c:186:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char buf[4096];
data/darktable-3.2.1/src/libs/recentcollect.c:261:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char str[2048] = { 0 };
data/darktable-3.2.1/src/libs/recentcollect.c:292:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char confname[200];
data/darktable-3.2.1/src/libs/snapshots.c:44:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char filename[512];
data/darktable-3.2.1/src/libs/snapshots.c:393:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char wdname[32] = { 0 };
data/darktable-3.2.1/src/libs/snapshots.c:394:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char localtmpdir[PATH_MAX] = { 0 };
data/darktable-3.2.1/src/libs/snapshots.c:455:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char label[64];
data/darktable-3.2.1/src/libs/tagging.c:47:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char keyword[1024];
data/darktable-3.2.1/src/libs/tools/battery_indicator.c:159:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char text[100];
data/darktable-3.2.1/src/libs/tools/colorlabels.c:32:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char *tooltips[6];
data/darktable-3.2.1/src/libs/tools/darktable.c:109:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char datadir[PATH_MAX] = { 0 };
data/darktable-3.2.1/src/libs/tools/image_infos.c:94:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char input_dir[512] = { 0 };
data/darktable-3.2.1/src/libs/tools/lighttable.c:285:15:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
      int i = atoi(value);
data/darktable-3.2.1/src/libs/tools/timeline.c:905:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char confname[200] = { 0 };
data/darktable-3.2.1/src/libs/tools/timeline.c:947:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char confname[200] = { 0 };
data/darktable-3.2.1/src/libs/tools/timeline.c:1178:7:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
      char confname[200] = { 0 };
data/darktable-3.2.1/src/lua/configuration.c:93:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char tmp_path[PATH_MAX] = { 0 };
data/darktable-3.2.1/src/lua/database.c:191:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char query[1024];
data/darktable-3.2.1/src/lua/film.c:127:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char query[1024];
data/darktable-3.2.1/src/lua/film.c:170:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char query[1024];
data/darktable-3.2.1/src/lua/image.c:103:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char pathname[PATH_MAX] = { 0 };
data/darktable-3.2.1/src/lua/image.c:114:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char filename[PATH_MAX] = { 0 };
data/darktable-3.2.1/src/lua/image.c:315:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char image_name[PATH_MAX] = { 0 };
data/darktable-3.2.1/src/lua/init.c:110:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char basedir[PATH_MAX] = { 0 };
data/darktable-3.2.1/src/lua/init.c:144:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char tmp_path[PATH_MAX] = { 0 };
data/darktable-3.2.1/src/lua/lualib.c:205:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
  memcpy(lib, &ref_lib, sizeof(dt_lib_module_t));
data/darktable-3.2.1/src/lua/luastorage.c:86:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char tmpdir[PATH_MAX] = { 0 };
data/darktable-3.2.1/src/lua/luastorage.c:90:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char dirname[PATH_MAX] = { 0 };
data/darktable-3.2.1/src/lua/luastorage.c:382:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
  memcpy(storage, &ref_storage, sizeof(dt_imageio_module_storage_t));
data/darktable-3.2.1/src/lua/luastorage.c:451:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char tmp[1024];
data/darktable-3.2.1/src/lua/modules.c:49:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char tmp_string[1024];
data/darktable-3.2.1/src/lua/modules.c:116:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char tmp_string[1024];
data/darktable-3.2.1/src/lua/preferences.c:163:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char pref_name[1024];
data/darktable-3.2.1/src/lua/preferences.c:222:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char pref_name[1024];
data/darktable-3.2.1/src/lua/preferences.c:261:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char pref_name[1024];
data/darktable-3.2.1/src/lua/preferences.c:274:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char pref_name[1024];
data/darktable-3.2.1/src/lua/preferences.c:287:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char pref_name[1024];
data/darktable-3.2.1/src/lua/preferences.c:298:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char pref_name[1024];
data/darktable-3.2.1/src/lua/preferences.c:309:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char pref_name[1024];
data/darktable-3.2.1/src/lua/preferences.c:320:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char pref_name[1024];
data/darktable-3.2.1/src/lua/preferences.c:331:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char pref_name[1024];
data/darktable-3.2.1/src/lua/preferences.c:437:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char pref_name[1024];
data/darktable-3.2.1/src/lua/preferences.c:458:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char pref_name[1024];
data/darktable-3.2.1/src/lua/preferences.c:489:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char pref_name[1024];
data/darktable-3.2.1/src/lua/preferences.c:501:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char pref_name[1024];
data/darktable-3.2.1/src/lua/preferences.c:513:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char pref_name[1024];
data/darktable-3.2.1/src/lua/preferences.c:525:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char pref_name[1024];
data/darktable-3.2.1/src/lua/preferences.c:535:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char pref_name[1024];
data/darktable-3.2.1/src/lua/preferences.c:545:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char pref_name[1024];
data/darktable-3.2.1/src/lua/preferences.c:592:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char pref_name[1024];
data/darktable-3.2.1/src/lua/preferences.c:805:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char pref_name[1024];
data/darktable-3.2.1/src/lua/styles.c:194:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char query[1024];
data/darktable-3.2.1/src/lua/tags.c:79:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char query[1024];
data/darktable-3.2.1/src/lua/tags.c:120:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char query[1024];
data/darktable-3.2.1/src/lua/types.c:305:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char tmp[256];
data/darktable-3.2.1/src/lua/types.c:325:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(udata, cin, type_size);
data/darktable-3.2.1/src/lua/types.c:345:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char error_msg[256];
data/darktable-3.2.1/src/lua/types.c:350:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
  memcpy(cout, udata, luaA_typesize(L, type_id));
data/darktable-3.2.1/src/lua/types.c:385:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char error_msg[256];
data/darktable-3.2.1/src/lua/types.c:390:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
  memcpy(cout, udata, sizeof(int));
data/darktable-3.2.1/src/lua/types.c:428:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char error_msg[256];
data/darktable-3.2.1/src/lua/types.c:433:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
  memcpy(cout, udata, sizeof(gpointer));
data/darktable-3.2.1/src/lua/types.c:676:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char tmp_name[1024];
data/darktable-3.2.1/src/lua/widget/combobox.c:86:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char tmp[256];
data/darktable-3.2.1/src/lua/widget/slider.c:49:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char tmp[256];
data/darktable-3.2.1/src/main.c:38:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char datetime[20];
data/darktable-3.2.1/src/views/darkroom.c:702:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char imgfilename[PATH_MAX] = { 0 };
data/darktable-3.2.1/src/views/darkroom.c:2250:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char datadir[PATH_MAX] = { 0 };
data/darktable-3.2.1/src/views/darkroom.c:2251:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char confdir[PATH_MAX] = { 0 };
data/darktable-3.2.1/src/views/darkroom.c:2740:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char option[1024];
data/darktable-3.2.1/src/views/darkroom.c:4523:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char path_on[256];
data/darktable-3.2.1/src/views/darkroom.c:4524:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char path_off[256];
data/darktable-3.2.1/src/views/knight.c:353:35:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
  for(int y = 0; y < height; y++) memcpy(&buf[y * stride], &(data[y * width]), width * sizeof(uint8_t));
data/darktable-3.2.1/src/views/knight.c:1049:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char text[64];
data/darktable-3.2.1/src/views/knight.c:1056:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char text[64];
data/darktable-3.2.1/src/views/knight.c:1064:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char text[64];
data/darktable-3.2.1/src/views/knight.c:1071:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char text[64];
data/darktable-3.2.1/src/views/knight.c:1079:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char text[64];
data/darktable-3.2.1/src/views/lighttable.c:1384:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char datadir[PATH_MAX] = { 0 };
data/darktable-3.2.1/src/views/lighttable.c:1385:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char confdir[PATH_MAX] = { 0 };
data/darktable-3.2.1/src/views/map.c:321:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
  memcpy(buf, data, size);
data/darktable-3.2.1/src/views/map.c:369:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
  memcpy(buf, data, size);
data/darktable-3.2.1/src/views/print.c:308:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char imgfilename[PATH_MAX] = { 0 };
data/darktable-3.2.1/src/views/slideshow.c:115:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
  memcpy(data->buf.buf, in, sizeof(uint32_t) * datai->width * datai->height);
data/darktable-3.2.1/src/views/slideshow.c:225:7:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
      memcpy(d->buf[slot].buf, dat.buf.buf, sizeof(uint32_t) * dat.buf.width * dat.buf.height);
data/darktable-3.2.1/src/views/view.c:426:7:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
      char var[1024];
data/darktable-3.2.1/src/views/view.h:126:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char module_name[64];
data/darktable-3.2.1/src/win/statvfs.c:58:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char szDrive[4];
data/darktable-3.2.1/src/win/strptime.c:90:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
static const char *const nast[5] = { "EST", "CST", "MST", "PST", "\0\0\0" };
data/darktable-3.2.1/src/win/strptime.c:91:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
static const char *const nadt[5] = { "EDT", "CDT", "MDT", "PDT", "\0\0\0" };
data/darktable-3.2.1/src/win/strptime.c:92:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
static const char *const am_pm[2] = { "am", "pm" };
data/darktable-3.2.1/src/win/strptime.c:93:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
static const char *const day[7] = { "sunday", "monday", "tuesday", "wednesday", "thursday", "friday", "saturday" };
data/darktable-3.2.1/src/win/strptime.c:94:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
static const char *const abday[7] = { "sun", "mon", "tue", "wed", "thu", "fri", "sat" };
data/darktable-3.2.1/src/win/strptime.c:95:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
static const char *const mon[12] = { "january", "february", "march",     "april",   "may",      "june",
data/darktable-3.2.1/src/win/strptime.c:97:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
static const char *const abmon[12]
data/darktable-3.2.1/tools/basecurve/darktable-curve-tool.c:118:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char buf[2];
data/darktable-3.2.1/tools/basecurve/darktable-curve-tool.c:153:7:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
  f = fopen(filename, "rb");
data/darktable-3.2.1/tools/basecurve/darktable-curve-tool.c:187:7:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
  f = fopen(filename, "rb");
data/darktable-3.2.1/tools/basecurve/darktable-curve-tool.c:596:25:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
      opts->num_nodes = atoi(optarg);
data/darktable-3.2.1/tools/basecurve/darktable-curve-tool.c:786:7:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
  f = fopen(opt.filename_state, "rb");
data/darktable-3.2.1/tools/basecurve/darktable-curve-tool.c:890:7:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
  f = fopen(opt.filename_basecurve, "wb");
data/darktable-3.2.1/tools/basecurve/darktable-curve-tool.c:926:7:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
  f = fopen(opt.filename_tonecurve, "wb");
data/darktable-3.2.1/tools/basecurve/darktable-curve-tool.c:964:7:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
  f = fopen(opt.filename_state, "r+");
data/darktable-3.2.1/tools/basecurve/darktable-curve-tool.c:967:9:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
    f = fopen(opt.filename_state, "w+");
data/darktable-3.2.1/tools/basecurve/darktable-curve-tool.c:993:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char maker[32];
data/darktable-3.2.1/tools/basecurve/darktable-curve-tool.c:994:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
  char model[32];
data/darktable-3.2.1/tools/basecurve/darktable-curve-tool.c:1010:7:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
  f = fopen(opt.filename_basecurve_fit, "w+b");
data/darktable-3.2.1/tools/basecurve/darktable-curve-tool.c:1081:7:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
  f = fopen(opt.filename_tonecurve_fit, "w+b");
data/darktable-3.2.1/tools/basecurve/exif-wrapper.cpp:39:56:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
    Exiv2::Image::AutoPtr image = Exiv2::ImageFactory::open(filename);
data/darktable-3.2.1/tools/noise/noiseprofile.c:59:13:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
  FILE *f = fopen(filename, "rb");
data/darktable-3.2.1/tools/noise/noiseprofile.c:75:13:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
  FILE *f = fopen(filename, "rb");
data/darktable-3.2.1/tools/noise/noiseprofile.c:126:13:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
  FILE *f = fopen(filename, "wb");
data/darktable-3.2.1/src/bauhaus/bauhaus.c:854:38:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
      gchar *val = g_strstr_len(mod, strlen(mod), ".");
data/darktable-3.2.1/src/bauhaus/bauhaus.c:2597:3:  [1] (buffer) sscanf:
  It's unclear if the %s limit in the format string is small enough
  (CWE-120). Check that the limit is sufficiently small, or use a different
  input function.
  sscanf(input, ":set %63[^.].%63[^=]=%255s", module, label, value);
data/darktable-3.2.1/src/bauhaus/bauhaus.c:2629:16:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  int prefix = strlen(input);
data/darktable-3.2.1/src/chart/colorchart.c:70:22:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  size_t label_len = strlen(label);
data/darktable-3.2.1/src/chart/colorchart.c:181:19:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    ssize_t len = strlen(line);
data/darktable-3.2.1/src/chart/colorchart.c:196:23:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        ssize_t len = strlen(line);
data/darktable-3.2.1/src/chart/colorchart.c:294:28:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
          size_t lxs_len = strlen(lxs), lxe_len = strlen(lxe), lys_len = strlen(lys), lye_len = strlen(lye);
data/darktable-3.2.1/src/chart/colorchart.c:294:51:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
          size_t lxs_len = strlen(lxs), lxe_len = strlen(lxe), lys_len = strlen(lys), lye_len = strlen(lye);
data/darktable-3.2.1/src/chart/colorchart.c:294:74:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
          size_t lxs_len = strlen(lxs), lxe_len = strlen(lxe), lys_len = strlen(lys), lye_len = strlen(lye);
data/darktable-3.2.1/src/chart/colorchart.c:294:97:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
          size_t lxs_len = strlen(lxs), lxe_len = strlen(lxe), lys_len = strlen(lys), lye_len = strlen(lye);
data/darktable-3.2.1/src/chart/colorchart.c:477:23:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        ssize_t len = strlen(line);
data/darktable-3.2.1/src/chart/pfm.c:40:12:  [1] (buffer) fscanf:
  It's unclear if the %s limit in the format string is small enough
  (CWE-120). Check that the limit is sufficiently small, or use a different
  input function.
  unused = fscanf(f, "%c%c %d %d %63s%*[^\n]", &magic[0], &magic[1], &width, &height, scale_factor_string);
data/darktable-3.2.1/src/chart/pfm.c:41:40:  [1] (buffer) fgetc:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
  if(magic[0] != 'P' || unused != 5 || fgetc(f) != '\n')
data/darktable-3.2.1/src/cli/main.c:348:33:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  char *ext = output_filename + strlen(output_filename);
data/darktable-3.2.1/src/common/camera_control.c:935:20:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
      eos = file + strlen(file);
data/darktable-3.2.1/src/common/collection.c:994:35:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  gchar *fq = g_strstr_len(query, strlen(query), "FROM");
data/darktable-3.2.1/src/common/collection.c:1177:13:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  int len = strlen(input);
data/darktable-3.2.1/src/common/colorspaces.c:1310:35:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
      const char *cc = filename + strlen(filename);
data/darktable-3.2.1/src/common/colorspaces.c:1928:29:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  const char* f = profile + strlen(profile);
data/darktable-3.2.1/src/common/cups_print.c:255:18:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  const int l1 = strlen(n1->common_name);
data/darktable-3.2.1/src/common/cups_print.c:256:18:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  const int l2 = strlen(n2->common_name);
data/darktable-3.2.1/src/common/cups_print.c:489:26:  [1] (buffer) fscanf:
  It's unclear if the %s limit in the format string is small enough
  (CWE-120). Check that the limit is sufficiently small, or use a different
  input function.
        const int ropt = fscanf(stream, "%*s %99[^= ]=%99s", optname, optvalue);
data/darktable-3.2.1/src/common/cups_print.c:498:17:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
          if (v[strlen(v)-1] == '\'') v[strlen(v)-1] = '\0';
data/darktable-3.2.1/src/common/cups_print.c:498:41:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
          if (v[strlen(v)-1] == '\'') v[strlen(v)-1] = '\0';
data/darktable-3.2.1/src/common/darktable.c:165:38:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    if(!g_ascii_strncasecmp(ext, *i, strlen(*i)))
data/darktable-3.2.1/src/common/darktable.c:194:51:  [1] (buffer) fgetc:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
    while(c != '\n' && c != '\r' && c != EOF) c = fgetc(fin);
data/darktable-3.2.1/src/common/darktable.c:195:39:  [1] (buffer) fgetc:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
    while(c == '\n' || c == '\r') c = fgetc(fin);
data/darktable-3.2.1/src/common/darktable.c:205:11:  [1] (buffer) fgetc:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
      c = fgetc(fin);
data/darktable-3.2.1/src/common/darktable.c:211:11:  [1] (buffer) fgetc:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
      c = fgetc(fin);
data/darktable-3.2.1/src/common/darktable.c:677:31:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        gchar *end = keyval + strlen(keyval);
data/darktable-3.2.1/src/common/database.c:2286:16:  [1] (access) umask:
  Ensure that umask is given most restrictive possible setting (e.g., 066 or
  077) (CWE-732).
    old_mode = umask(0);
data/darktable-3.2.1/src/common/database.c:2288:5:  [1] (access) umask:
  Ensure that umask is given most restrictive possible setting (e.g., 066 or
  077) (CWE-732).
    umask(old_mode);
data/darktable-3.2.1/src/common/database.c:2292:25:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
      if(write(fd, pid, strlen(pid) + 1) > -1) lock_acquired = TRUE;
data/darktable-3.2.1/src/common/database.c:2303:19:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
        if((foo = read(fd, buf, sizeof(buf) - 1)) > 0)
data/darktable-3.2.1/src/common/exif.cc:263:42:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    if(g_str_has_prefix(t, tagname) && t[strlen(tagname)] == ',')
data/darktable-3.2.1/src/common/exif.cc:266:12:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
      t += strlen(tagname) + 1;
data/darktable-3.2.1/src/common/exif.cc:1900:18:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    int outlen = strlen(buffer2) + 5; // leading "gz" + compression factor + base64 string + trailing '\0'
data/darktable-3.2.1/src/common/exif.cc:2002:45:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    if(strspn(input, "0123456789abcdef") != strlen(input)) return NULL;
data/darktable-3.2.1/src/common/exif.cc:2245:76:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    current_entry->params = dt_exif_xmp_decode(params_iter->child_value(), strlen(params_iter->child_value()),
data/darktable-3.2.1/src/common/exif.cc:2269:58:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
                                                         strlen(blendop_params_iter->child_value()),
data/darktable-3.2.1/src/common/exif.cc:2299:19:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
      key_iter += strlen("Xmp.darktable.history[");
data/darktable-3.2.1/src/common/exif.cc:2468:35:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        const size_t mask_c_len = strlen(mask_c);
data/darktable-3.2.1/src/common/exif.cc:2475:39:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        const size_t mask_src_c_len = strlen(mask_src_c);
data/darktable-3.2.1/src/common/exif.cc:2501:19:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
      key_iter += strlen("Xmp.darktable.masks_history[");
data/darktable-3.2.1/src/common/exif.cc:2697:30:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  const char *c = filename + strlen(filename) - 4;
data/darktable-3.2.1/src/common/exif.cc:3094:66:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        hash.basic = dt_exif_xmp_decode(pos->toString().c_str(), strlen(pos->toString().c_str()),
data/darktable-3.2.1/src/common/exif.cc:3099:71:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        hash.auto_apply = dt_exif_xmp_decode(pos->toString().c_str(), strlen(pos->toString().c_str()),
data/darktable-3.2.1/src/common/exif.cc:3104:68:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        hash.current = dt_exif_xmp_decode(pos->toString().c_str(), strlen(pos->toString().c_str()),
data/darktable-3.2.1/src/common/exif.cc:3335:12:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    values[strlen(values) - 1] = '\0'; /* remove last comma */
data/darktable-3.2.1/src/common/exif.cc:3442:8:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
    v->read(val);
data/darktable-3.2.1/src/common/exif.cc:3517:9:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
    v1->read((char *)tags->data);
data/darktable-3.2.1/src/common/exif.cc:3526:9:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
    v2->read((char *)hierarchical->data);
data/darktable-3.2.1/src/common/exif.cc:3643:11:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
      v1->read((char *)tags->data);
data/darktable-3.2.1/src/common/exif.cc:3656:11:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
      v2->read((char *)hierarchical->data);
data/darktable-3.2.1/src/common/film.c:179:31:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  char *last = &film->dirname[strlen(film->dirname) - 1];
data/darktable-3.2.1/src/common/history.c:1327:23:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    if(fields) fields[strlen(fields) - 1] = '\0';
data/darktable-3.2.1/src/common/history.c:1328:23:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    if(values) values[strlen(values) - 1] = '\0';
data/darktable-3.2.1/src/common/history.c:1329:27:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    if(conflict) conflict[strlen(conflict) - 1] = '\0';
data/darktable-3.2.1/src/common/http_server.c:107:24:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  size_t resp_length = strlen(resp_body);
data/darktable-3.2.1/src/common/image.c:96:35:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  const char *c = img->filename + strlen(img->filename);
data/darktable-3.2.1/src/common/image.c:107:35:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  const char *c = img->filename + strlen(img->filename);
data/darktable-3.2.1/src/common/image.c:143:31:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  const char *folder = path + strlen(path);
data/darktable-3.2.1/src/common/image.c:260:82:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    char *md5_filename = g_compute_checksum_for_string(G_CHECKSUM_MD5, filename, strlen(filename));
data/darktable-3.2.1/src/common/image.c:264:26:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    char *c = filename + strlen(filename);
data/darktable-3.2.1/src/common/image.c:291:26:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    char *c = pathname + strlen(pathname);
data/darktable-3.2.1/src/common/image.c:294:20:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    c = pathname + strlen(pathname);
data/darktable-3.2.1/src/common/image.c:295:27:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    char *c2 = filename + strlen(filename);
data/darktable-3.2.1/src/common/image.c:1074:27:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    gchar *c1 = pattern + strlen(pattern);
data/darktable-3.2.1/src/common/image.c:1077:34:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    const gchar *c2 = filename + strlen(filename);
data/darktable-3.2.1/src/common/image.c:1079:19:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    snprintf(c1 + strlen(*glob_pattern), pattern + sizeof(pattern) - c1 - strlen(*glob_pattern), "%s.xmp", c2);
data/darktable-3.2.1/src/common/image.c:1079:75:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    snprintf(c1 + strlen(*glob_pattern), pattern + sizeof(pattern) - c1 - strlen(*glob_pattern), "%s.xmp", c2);
data/darktable-3.2.1/src/common/image.c:1125:33:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
      gchar *c3 = xmpfilename + strlen(xmpfilename)
data/darktable-3.2.1/src/common/image.c:1197:42:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  const char *cc = normalized_filename + strlen(normalized_filename);
data/darktable-3.2.1/src/common/image.c:1303:27:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  gchar *cc2 = basename + strlen(basename);
data/darktable-3.2.1/src/common/image.c:1327:37:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
      gchar *cc3 = other_basename + strlen(other_img->filename);
data/darktable-3.2.1/src/common/image.c:1545:13:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  int len = strlen(img->camera_maker);
data/darktable-3.2.1/src/common/image.c:2352:16:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  size_t len = strlen(image_path);
data/darktable-3.2.1/src/common/image.c:2384:16:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  size_t len = strlen(image_path);
data/darktable-3.2.1/src/common/imageio.c:492:30:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  const char *c = filename + strlen(filename);
data/darktable-3.2.1/src/common/imageio_gm.c:48:38:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    if(!g_ascii_strncasecmp(ext, *i, strlen(*i)))
data/darktable-3.2.1/src/common/imageio_im.c:50:38:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    if(!g_ascii_strncasecmp(ext, *i, strlen(*i)))
data/darktable-3.2.1/src/common/imageio_jpeg.c:727:32:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  const char *ext = filename + strlen(filename);
data/darktable-3.2.1/src/common/imageio_module.c:158:27:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  const int name_offset = strlen(SHARED_MODULE_PREFIX),
data/darktable-3.2.1/src/common/imageio_module.c:159:24:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
            name_end = strlen(SHARED_MODULE_PREFIX) + strlen(SHARED_MODULE_SUFFIX);
data/darktable-3.2.1/src/common/imageio_module.c:159:55:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
            name_end = strlen(SHARED_MODULE_PREFIX) + strlen(SHARED_MODULE_SUFFIX);
data/darktable-3.2.1/src/common/imageio_module.c:165:50:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    g_strlcpy(plugin_name, d_name + name_offset, strlen(d_name) - name_end + 1);
data/darktable-3.2.1/src/common/imageio_module.c:295:27:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  const int name_offset = strlen(SHARED_MODULE_PREFIX),
data/darktable-3.2.1/src/common/imageio_module.c:296:24:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
            name_end = strlen(SHARED_MODULE_PREFIX) + strlen(SHARED_MODULE_SUFFIX);
data/darktable-3.2.1/src/common/imageio_module.c:296:55:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
            name_end = strlen(SHARED_MODULE_PREFIX) + strlen(SHARED_MODULE_SUFFIX);
data/darktable-3.2.1/src/common/imageio_module.c:302:50:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    g_strlcpy(plugin_name, d_name + name_offset, strlen(d_name) - name_end + 1);
data/darktable-3.2.1/src/common/imageio_pfm.c:36:32:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  const char *ext = filename + strlen(filename);
data/darktable-3.2.1/src/common/imageio_png.c:151:32:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  const char *ext = filename + strlen(filename);
data/darktable-3.2.1/src/common/imageio_pnm.c:196:32:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  const char *ext = filename + strlen(filename);
data/darktable-3.2.1/src/common/imageio_rgbe.c:209:32:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        char *startptr = buf + strlen("GAMMA="), *endptr;
data/darktable-3.2.1/src/common/imageio_rgbe.c:219:32:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        char *startptr = buf + strlen("EXPOSURE="), *endptr;
data/darktable-3.2.1/src/common/imageio_rgbe.c:231:32:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        char *startptr = buf + strlen("PRIMARIES="), *endptr;
data/darktable-3.2.1/src/common/imageio_rgbe.c:593:32:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  const char *ext = filename + strlen(filename);
data/darktable-3.2.1/src/common/imageio_tiff.c:259:32:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  const char *ext = filename + strlen(filename);
data/darktable-3.2.1/src/common/iop_order.c:1952:14:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    *size += strlen(entry->operation) + sizeof(int32_t) * 2;
data/darktable-3.2.1/src/common/iop_order.c:1967:25:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    const int32_t len = strlen(entry->operation);
data/darktable-3.2.1/src/common/metadata.c:107:45:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    if(strncmp(key, dt_metadata_def[i].key, strlen(dt_metadata_def[i].key)) == 0)
data/darktable-3.2.1/src/common/metadata.c:211:35:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  if(metadata_list) metadata_list[strlen(metadata_list) - 1] = '\0';
data/darktable-3.2.1/src/common/metadata.c:241:35:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  if(metadata_list) metadata_list[strlen(metadata_list) - 1] = '\0';
data/darktable-3.2.1/src/common/metadata.c:346:13:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    c = v + strlen(v) - 1;
data/darktable-3.2.1/src/common/metadata_export.c:54:51:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        char *formula = g_strstr_len(nameformula, strlen(nameformula), ";");
data/darktable-3.2.1/src/common/mipmap_cache.c:223:45:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  g_checksum_update(chk, (guchar *)abspath, strlen(abspath));
data/darktable-3.2.1/src/common/mipmap_cache.c:1183:32:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    const char *c = filename + strlen(filename);
data/darktable-3.2.1/src/common/module.c:39:27:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  const int name_offset = strlen(SHARED_MODULE_PREFIX),
data/darktable-3.2.1/src/common/module.c:40:24:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
            name_end = strlen(SHARED_MODULE_PREFIX) + strlen(SHARED_MODULE_SUFFIX);
data/darktable-3.2.1/src/common/module.c:40:55:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
            name_end = strlen(SHARED_MODULE_PREFIX) + strlen(SHARED_MODULE_SUFFIX);
data/darktable-3.2.1/src/common/module.c:46:59:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    char *plugin_name = g_strndup(dir_name + name_offset, strlen(dir_name) - name_end);
data/darktable-3.2.1/src/common/opencl.c:315:60:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  cl->crc = crc32(cl->crc, (const unsigned char *)infostr, strlen(infostr));
data/darktable-3.2.1/src/common/opencl.c:375:17:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  int len = MIN(strlen(infostr),1024 * sizeof(char));;
data/darktable-3.2.1/src/common/opencl.c:381:13:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  len = MIN(strlen(driverversion), 1024 * sizeof(char));
data/darktable-3.2.1/src/common/opencl.c:439:20:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
      size_t end = strlen(confentry);
data/darktable-3.2.1/src/common/opencl.c:1181:14:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    maxlen = strlen(in) + 1;
data/darktable-3.2.1/src/common/opencl.c:1639:20:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  linkedfile_len = strlen(md5sum);
data/darktable-3.2.1/src/common/pdf.c:149:15:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
      nptr += strlen(dt_pdf_units[i].name);
data/darktable-3.2.1/src/common/poison.h:20:20:  [1] (buffer) strncat:
  Easily used incorrectly (e.g., incorrectly computing the correct maximum
  size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf,
  or automatically resizing strings.
#pragma GCC poison strncat // use g_strncat
data/darktable-3.2.1/src/common/presets.c:224:22:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    (blendop_params, strlen(blendop_params), &blendop_params_len);
data/darktable-3.2.1/src/common/presets.c:228:17:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    (op_params, strlen(op_params), &op_params_len);
data/darktable-3.2.1/src/common/presets.c:243:45:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  DT_DEBUG_SQLITE3_BIND_TEXT(stmt, 1, name, strlen(name), SQLITE_TRANSIENT);
data/darktable-3.2.1/src/common/presets.c:244:52:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  DT_DEBUG_SQLITE3_BIND_TEXT(stmt, 2, description, strlen(description), SQLITE_TRANSIENT);
data/darktable-3.2.1/src/common/presets.c:245:50:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  DT_DEBUG_SQLITE3_BIND_TEXT(stmt, 3, operation, strlen(operation), SQLITE_TRANSIENT);
data/darktable-3.2.1/src/common/presets.c:247:46:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  DT_DEBUG_SQLITE3_BIND_TEXT(stmt, 5, model, strlen(model), SQLITE_TRANSIENT);
data/darktable-3.2.1/src/common/presets.c:248:46:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  DT_DEBUG_SQLITE3_BIND_TEXT(stmt, 6, maker, strlen(maker), SQLITE_TRANSIENT);
data/darktable-3.2.1/src/common/presets.c:249:45:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  DT_DEBUG_SQLITE3_BIND_TEXT(stmt, 7, lens, strlen(lens), SQLITE_TRANSIENT);
data/darktable-3.2.1/src/common/presets.c:264:52:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  DT_DEBUG_SQLITE3_BIND_TEXT(stmt, 22, multi_name, strlen(multi_name), SQLITE_TRANSIENT);
data/darktable-3.2.1/src/common/pwstorage/backend_kwallet.c:83:9:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
  glong read, written;
data/darktable-3.2.1/src/common/pwstorage/backend_kwallet.c:85:45:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
  gunichar2 *out = g_utf8_to_utf16(in, -1, &read, &written, &error);
data/darktable-3.2.1/src/common/pwstorage/backend_kwallet.c:449:9:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
  glong read, written;
data/darktable-3.2.1/src/common/pwstorage/backend_kwallet.c:451:74:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
  gchar *out = g_utf16_to_utf8(tmp_string, *length / sizeof(gunichar2), &read, &written, &error);
data/darktable-3.2.1/src/common/styles.c:1392:27:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  const int param_c_len = strlen(param_c);
data/darktable-3.2.1/src/common/styles.c:1402:36:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
      plugin->blendop_params->str, strlen(plugin->blendop_params->str), &blendop_params_len);
data/darktable-3.2.1/src/common/tags.c:53:25:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  if(tag_list) tag_list[strlen(tag_list) - 1] = '\0';
data/darktable-3.2.1/src/common/tags.c:76:25:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  if(tag_list) tag_list[strlen(tag_list) - 1] = '\0';
data/darktable-3.2.1/src/common/tags.c:272:16:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
      flatlist[strlen(flatlist)-1] = '\0';
data/darktable-3.2.1/src/common/tags.c:282:14:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    flatlist[strlen(flatlist)-1] = '\0';
data/darktable-3.2.1/src/common/tags.c:642:23:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    if(images) images[strlen(images) - 1] = '\0';
data/darktable-3.2.1/src/common/tags.c:1015:12:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    images[strlen(images) - 1] = '\0';
data/darktable-3.2.1/src/common/tags.c:1302:26:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
      char *e = *entry + strlen(*entry) - 1;
data/darktable-3.2.1/src/common/tags.c:1317:16:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
      synonyms[strlen(synonyms) - 2] = '\0';
data/darktable-3.2.1/src/common/tags.c:1459:24:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    char *end = line + strlen(line) - 1;
data/darktable-3.2.1/src/common/tags.c:1670:17:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  if(tags) tags[strlen(tags) - 1] = '\0'; // remove the last comma
data/darktable-3.2.1/src/common/utility.c:61:29:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  const size_t clen = str ? strlen(str) : 0;
data/darktable-3.2.1/src/common/utility.c:86:29:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    if((p = g_strstr_len(p, strlen(p), needle)) != NULL)
data/darktable-3.2.1/src/common/utility.c:91:42:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
      } while((p = g_strstr_len((p + 1), strlen(p + 1), needle)) != NULL);
data/darktable-3.2.1/src/common/utility.c:103:26:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    nstring = g_malloc_n(strlen(string) + (occurences * strlen(substitute)) + 1, sizeof(gchar));
data/darktable-3.2.1/src/common/utility.c:103:57:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    nstring = g_malloc_n(strlen(string) + (occurences * strlen(substitute)) + 1, sizeof(gchar));
data/darktable-3.2.1/src/common/utility.c:104:34:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    const gchar *pend = string + strlen(string);
data/darktable-3.2.1/src/common/utility.c:107:29:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    if((s = g_strstr_len(s, strlen(s), pattern)) != NULL)
data/darktable-3.2.1/src/common/utility.c:113:32:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        memcpy(np, substitute, strlen(substitute));
data/darktable-3.2.1/src/common/utility.c:114:15:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        np += strlen(substitute);
data/darktable-3.2.1/src/common/utility.c:115:17:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        p = s + strlen(pattern);
data/darktable-3.2.1/src/common/utility.c:116:42:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
      } while((s = g_strstr_len((s + 1), strlen(s + 1), pattern)) != NULL);
data/darktable-3.2.1/src/common/utility.c:195:18:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    size_t len = strlen(path);
data/darktable-3.2.1/src/common/utility.c:262:5:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120).
    strncpy(dest, src, s - src);
data/darktable-3.2.1/src/common/utility.c:273:5:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120).
    strncpy(dest, src, s - src);
data/darktable-3.2.1/src/common/utility.c:516:29:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  gchar dir = toupper(input[strlen(input) - 1]);
data/darktable-3.2.1/src/common/utility.c:609:16:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
      input += strlen("file://");
data/darktable-3.2.1/src/common/utility.c:700:13:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  int len = strlen(prev);
data/darktable-3.2.1/src/common/utility.c:710:21:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
      prev = next + strlen(separator);
data/darktable-3.2.1/src/common/utility.c:711:13:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
      len = strlen(prev);
data/darktable-3.2.1/src/common/variables.c:91:90:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    if(params->data->file_ext == (gchar *)1) params->data->file_ext = params->filename + strlen(params->filename);
data/darktable-3.2.1/src/common/variables.c:161:19:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  if(res) *str += strlen(prefix);
data/darktable-3.2.1/src/common/variables.c:541:26:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
          (*variable) += strlen(category) + 1;
data/darktable-3.2.1/src/common/variables.c:604:36:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  const size_t base_value_length = strlen(base_value);
data/darktable-3.2.1/src/common/variables.c:692:39:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        const size_t pattern_length = strlen(pattern);
data/darktable-3.2.1/src/common/variables.c:709:39:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        const size_t pattern_length = strlen(pattern);
data/darktable-3.2.1/src/common/variables.c:738:39:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        const size_t pattern_length = strlen(pattern);
data/darktable-3.2.1/src/common/variables.c:741:43:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        const size_t replacement_length = strlen(replacement);
data/darktable-3.2.1/src/common/variables.c:876:32:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  const size_t source_length = strlen(*source);
data/darktable-3.2.1/src/common/variables.c:904:43:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        const size_t replacement_length = strlen(replacement);
data/darktable-3.2.1/src/control/conf.c:210:10:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
      if(read > 0)
data/darktable-3.2.1/src/control/conf.c:213:28:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        char *end = line + strlen(line);
data/darktable-3.2.1/src/control/conf.c:291:29:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  if(strncmp(key, d->match, strlen(d->match)) == 0)
data/darktable-3.2.1/src/control/conf.c:294:30:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    nv->key = g_strdup(key + strlen(d->match) + 1);
data/darktable-3.2.1/src/control/control.c:671:41:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        darktable.control->vimkey_cnt = strlen(darktable.control->vimkey);
data/darktable-3.2.1/src/control/crawler.c:95:20:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
      size_t len = strlen(xmp_path);
data/darktable-3.2.1/src/control/crawler.c:131:18:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    size_t len = strlen(image_path);
data/darktable-3.2.1/src/control/jobs/control_jobs.c:499:24:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  char *c = pathname + strlen(pathname);
data/darktable-3.2.1/src/control/jobs/film_jobs.c:223:24:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
          size_t len = strlen(dfn);
data/darktable-3.2.1/src/control/jobs/film_jobs.c:282:20:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
      size_t len = strlen(dfn);
data/darktable-3.2.1/src/develop/develop.c:1836:59:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        const char *fname = dev->image_storage.filename + strlen(dev->image_storage.filename);
data/darktable-3.2.1/src/develop/imageop.c:2377:17:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    module_list[strlen(module_list) - 1] = '\0';
data/darktable-3.2.1/src/develop/lightroom.c:255:3:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120). Risk is low because the source is a
  constant string.
  strncpy(pos + 1, "xmp", 4);
data/darktable-3.2.1/src/develop/lightroom.c:259:3:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120). Risk is low because the source is a
  constant string.
  strncpy(pos + 1, "XMP", 4);
data/darktable-3.2.1/src/develop/lightroom.c:448:11:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  iter += strlen(key);
data/darktable-3.2.1/src/develop/lightroom.c:463:11:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  iter += strlen(key);
data/darktable-3.2.1/src/develop/masks/masks.c:1394:59:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        const char *fname = dev->image_storage.filename + strlen(dev->image_storage.filename);
data/darktable-3.2.1/src/dtgtk/thumbnail.c:244:39:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  const char *ext = thumb->filename + strlen(thumb->filename);
data/darktable-3.2.1/src/dtgtk/thumbtable.c:1393:54:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
                               _BYTE, (guchar *)uri, strlen(uri));
data/darktable-3.2.1/src/dtgtk/thumbtable.c:1412:52:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
                               (guchar *)uri_list, strlen(uri_list));
data/darktable-3.2.1/src/external/libxcf/xcf.c:177:29:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  return sizeof(uint32_t) + strlen(value) + 1;
data/darktable-3.2.1/src/external/libxcf/xcf.c:228:24:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    const size_t len = strlen(value);
data/darktable-3.2.1/src/external/libxcf/xcf.c:351:5:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120). Risk is low because the source is a
  constant string.
    strncpy(version + 9, "file", 5);
data/darktable-3.2.1/src/external/lua/src/lauxlib.c:402:21:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
      *len = (def ? strlen(def) : 0);
data/darktable-3.2.1/src/external/lua/src/lauxlib.c:539:25:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  luaL_addlstring(B, s, strlen(s));
data/darktable-3.2.1/src/external/lua/src/lauxlib.c:675:9:  [1] (buffer) getc:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
    c = getc(lf->f);
data/darktable-3.2.1/src/external/lua/src/lauxlib.c:680:10:  [1] (buffer) getc:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
  return getc(lf->f);  /* return next character */
data/darktable-3.2.1/src/external/lua/src/lauxlib.c:695:11:  [1] (buffer) getc:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
      c = getc(lf->f);
data/darktable-3.2.1/src/external/lua/src/lauxlib.c:697:11:  [1] (buffer) getc:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
    *cp = getc(lf->f);  /* skip end-of-line, if present */
data/darktable-3.2.1/src/external/lua/src/lauxlib.c:766:32:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  return luaL_loadbuffer(L, s, strlen(s), s);
data/darktable-3.2.1/src/external/lua/src/lauxlib.c:853:32:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    if (e == NULL) e = fname + strlen(fname);
data/darktable-3.2.1/src/external/lua/src/lauxlib.c:986:14:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  size_t l = strlen(p);
data/darktable-3.2.1/src/external/lua/src/ldblib.c:409:36:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    if (luaL_loadbuffer(L, buffer, strlen(buffer), "=(debug command)") ||
data/darktable-3.2.1/src/external/lua/src/liolib.c:43:30:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	(strspn(mode, L_MODEEXT) == strlen(mode)))
data/darktable-3.2.1/src/external/lua/src/liolib.c:89:20:  [1] (buffer) getc:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
#define l_getc(f)		getc(f)
data/darktable-3.2.1/src/external/lua/src/liolib.c:469:11:  [1] (buffer) getc:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
  int c = getc(f);
data/darktable-3.2.1/src/external/lua/src/loadlib.c:390:29:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  if (l == NULL) l = path + strlen(path);
data/darktable-3.2.1/src/external/lua/src/lobject.c:284:9:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    if (strlen(s) > L_MAXLENNUM || pdot == NULL)
data/darktable-3.2.1/src/external/lua/src/lobject.c:410:23:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        pushstr(L, s, strlen(s));
data/darktable-3.2.1/src/external/lua/src/lobject.c:461:19:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  pushstr(L, fmt, strlen(fmt));
data/darktable-3.2.1/src/external/lua/src/lobject.c:487:14:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  size_t l = strlen(source);
data/darktable-3.2.1/src/external/lua/src/lstring.c:231:31:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  p[0] = luaS_newlstr(L, str, strlen(str));
data/darktable-3.2.1/src/external/lua/src/lstrlib.c:585:13:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    upto += strlen(p + upto) + 1;  /* may have more after \0 */
data/darktable-3.2.1/src/external/lua/src/lstrlib.c:1006:14:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  size_t l = strlen(form);
data/darktable-3.2.1/src/external/lua/src/lstrlib.c:1007:15:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  size_t lm = strlen(lenmod);
data/darktable-3.2.1/src/external/lua/src/lstrlib.c:1068:35:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
            luaL_argcheck(L, l == strlen(s), arg, "string contains zeros");
data/darktable-3.2.1/src/external/lua/src/lstrlib.c:1398:26:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        luaL_argcheck(L, strlen(s) == len, arg, "string contains zeros");
data/darktable-3.2.1/src/external/lua/src/lstrlib.c:1522:27:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        size_t len = (int)strlen(data + pos);
data/darktable-3.2.1/src/external/lua/src/lua.c:211:34:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  lua_writestring(LUA_COPYRIGHT, strlen(LUA_COPYRIGHT));
data/darktable-3.2.1/src/external/lua/src/lua.c:249:43:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  return dochunk(L, luaL_loadbuffer(L, s, strlen(s), name));
data/darktable-3.2.1/src/external/lua/src/lua.c:314:7:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  l = strlen(b);
data/darktable-3.2.1/src/external/lua/src/lua.c:333:44:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  int status = luaL_loadbuffer(L, retline, strlen(retline), "=stdin");
data/darktable-3.2.1/src/external/lua/src/lundump.c:221:16:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  size_t len = strlen(s);
data/darktable-3.2.1/src/external/lua/src/lvm.c:258:20:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
      size_t len = strlen(l);  /* index of first '\0' in both strings */
data/darktable-3.2.1/src/external/rawspeed/src/utilities/rstest/MD5Test.cpp:78:38:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    rawspeed::md5::md5_hash(message, strlen((const char*)message), &hash);
data/darktable-3.2.1/src/external/rawspeed/test/librawspeed/common/CommonTest.cpp:351:20:  [1] (buffer) equal:
  Function does not check the second iterator for over-read conditions
  (CWE-126). This function is often discouraged by most C++ coding standards
  in favor of its safer alternatives provided since C++14. Consider using a
  form of this function that checks the second iterator before potentially
  overflowing it.
  ASSERT_TRUE(std::equal(split.begin(), split.end(), out.begin()));
data/darktable-3.2.1/src/gui/gtkentry.c:68:21:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  size_t text_len = strlen(varname) + 2;
data/darktable-3.2.1/src/gui/gtkentry.c:134:66:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        if(!g_ascii_strncasecmp(varname, case_normalized_string, strlen(varname))) ret = TRUE;
data/darktable-3.2.1/src/gui/import_metadata.c:141:25:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
      metadata_len[i] = strlen(metadata_param[i]) + 1;
data/darktable-3.2.1/src/gui/preferences.c:945:42:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  if(!strncmp(accel_path, "<Darktable>", strlen("<Darktable>")))
data/darktable-3.2.1/src/gui/preferences.c:947:19:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    accel_path += strlen("<Darktable>") + 1;
data/darktable-3.2.1/src/gui/preferences.c:948:24:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    translated_path += strlen("<Darktable>") + 1;
data/darktable-3.2.1/src/gui/preferences.c:981:49:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    const gchar *end = g_strstr_len(accel_path, strlen(accel_path), "/");
data/darktable-3.2.1/src/gui/preferences.c:982:60:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    const gchar *trans_end = g_strstr_len(translated_path, strlen(translated_path), "/");
data/darktable-3.2.1/src/gui/preferences.c:1020:48:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    tree_insert_rec(model, &iter, accel_path + strlen(node) + 1, translated_path + strlen(trans_node) + 1,
data/darktable-3.2.1/src/gui/preferences.c:1020:84:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    tree_insert_rec(model, &iter, accel_path + strlen(node) + 1, translated_path + strlen(trans_node) + 1,
data/darktable-3.2.1/src/gui/preferences.c:1064:16:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  end = path + strlen(path);
data/darktable-3.2.1/src/gui/preferences.c:1158:25:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    gchar *end = path + strlen(path);
data/darktable-3.2.1/src/gui/styles_dialog.c:328:49:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  return strncmp(((dt_iop_module_t *)a)->op, b, strlen(((dt_iop_module_t *)a)->op));
data/darktable-3.2.1/src/imageio/format/pfm.c:43:18:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    size_t len = strlen(header);
data/darktable-3.2.1/src/imageio/format/png.c:76:24:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  description_length = strlen(profile_type);
data/darktable-3.2.1/src/imageio/format/png.c:96:37:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  g_snprintf(dp, allocated_length - strlen(text[0].text), "%8lu ", (unsigned long int)length);
data/darktable-3.2.1/src/imageio/format/xcf.c:134:87:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  xcf_set(xcf, XCF_PROP, XCF_PROP_PARASITES, "gimp-comment", XCF_PARASITE_PERSISTENT, strlen(comment) + 1, comment);
data/darktable-3.2.1/src/imageio/storage/disk.c:251:26:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
      snprintf(pattern + strlen(pattern), sizeof(pattern) - strlen(pattern), "_$(SEQUENCE)");
data/darktable-3.2.1/src/imageio/storage/disk.c:251:61:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
      snprintf(pattern + strlen(pattern), sizeof(pattern) - strlen(pattern), "_$(SEQUENCE)");
data/darktable-3.2.1/src/imageio/storage/disk.c:269:35:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    char last_char = *(filename + strlen(filename) - 1);
data/darktable-3.2.1/src/imageio/storage/disk.c:296:26:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    char *c = filename + strlen(filename);
data/darktable-3.2.1/src/imageio/storage/gallery.c:248:25:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
     || ((d->filename + strlen(d->filename) - 1)[0] == '/'
data/darktable-3.2.1/src/imageio/storage/gallery.c:249:28:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
         || (d->filename + strlen(d->filename) - 1)[0] == '\\'))
data/darktable-3.2.1/src/imageio/storage/gallery.c:250:28:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    snprintf(d->filename + strlen(d->filename), sizeof(d->filename) - strlen(d->filename), "/$(FILE_NAME)");
data/darktable-3.2.1/src/imageio/storage/gallery.c:250:71:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    snprintf(d->filename + strlen(d->filename), sizeof(d->filename) - strlen(d->filename), "/$(FILE_NAME)");
data/darktable-3.2.1/src/imageio/storage/gallery.c:255:28:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    snprintf(d->filename + strlen(d->filename), sizeof(d->filename) - strlen(d->filename), "_$(SEQUENCE)");
data/darktable-3.2.1/src/imageio/storage/gallery.c:255:71:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    snprintf(d->filename + strlen(d->filename), sizeof(d->filename) - strlen(d->filename), "_$(SEQUENCE)");
data/darktable-3.2.1/src/imageio/storage/gallery.c:269:23:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  char *c = dirname + strlen(dirname);
data/darktable-3.2.1/src/imageio/storage/gallery.c:283:18:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  c = filename + strlen(filename);
data/darktable-3.2.1/src/imageio/storage/gallery.c:286:49:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  if(c <= filename || *c == '/') c = filename + strlen(filename);
data/darktable-3.2.1/src/imageio/storage/gallery.c:312:18:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  c = filename + strlen(filename);
data/darktable-3.2.1/src/imageio/storage/gallery.c:319:26:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  c = relthumbfilename + strlen(relthumbfilename);
data/darktable-3.2.1/src/imageio/storage/gallery.c:322:52:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  if(c <= relthumbfilename) c = relthumbfilename + strlen(relthumbfilename);
data/darktable-3.2.1/src/imageio/storage/gallery.c:327:28:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  char *sc = subfilename + strlen(subfilename);
data/darktable-3.2.1/src/imageio/storage/gallery.c:382:18:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  c = filename + strlen(filename);
data/darktable-3.2.1/src/imageio/storage/gallery.c:385:49:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  if(c <= filename || *c == '/') c = filename + strlen(filename);
data/darktable-3.2.1/src/imageio/storage/gallery.c:438:24:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  char *c = filename + strlen(filename);
data/darktable-3.2.1/src/imageio/storage/latex.c:243:27:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
       || ((d->filename + strlen(d->filename))[0] == '/' || (d->filename + strlen(d->filename))[0] == '\\'))
data/darktable-3.2.1/src/imageio/storage/latex.c:243:76:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
       || ((d->filename + strlen(d->filename))[0] == '/' || (d->filename + strlen(d->filename))[0] == '\\'))
data/darktable-3.2.1/src/imageio/storage/latex.c:244:30:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
      snprintf(d->filename + strlen(d->filename), sizeof(d->filename) - strlen(d->filename), "$(FILE_NAME)");
data/darktable-3.2.1/src/imageio/storage/latex.c:244:73:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
      snprintf(d->filename + strlen(d->filename), sizeof(d->filename) - strlen(d->filename), "$(FILE_NAME)");
data/darktable-3.2.1/src/imageio/storage/latex.c:249:30:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
      snprintf(d->filename + strlen(d->filename), sizeof(d->filename) - strlen(d->filename), "_$(SEQUENCE)");
data/darktable-3.2.1/src/imageio/storage/latex.c:249:73:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
      snprintf(d->filename + strlen(d->filename), sizeof(d->filename) - strlen(d->filename), "_$(SEQUENCE)");
data/darktable-3.2.1/src/imageio/storage/latex.c:268:25:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    char *c = dirname + strlen(dirname);
data/darktable-3.2.1/src/imageio/storage/latex.c:283:20:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    c = filename + strlen(filename);
data/darktable-3.2.1/src/imageio/storage/latex.c:331:20:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    c = filename + strlen(filename);
data/darktable-3.2.1/src/imageio/storage/latex.c:402:24:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  char *c = filename + strlen(filename);
data/darktable-3.2.1/src/imageio/storage/piwigo.c:193:48:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
      json_parser_load_from_data(parser, data, strlen(data), NULL);
data/darktable-3.2.1/src/imageio/storage/piwigo.c:205:31:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        if(account->server && strlen(account->server)>0)
data/darktable-3.2.1/src/imageio/storage/piwigo.c:688:17:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  if(caption && strlen(caption)>0)
data/darktable-3.2.1/src/imageio/storage/piwigo.c:691:16:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  if(author && strlen(author)>0)
data/darktable-3.2.1/src/imageio/storage/piwigo.c:694:21:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  if(description && strlen(description)>0)
data/darktable-3.2.1/src/imageio/storage/piwigo.c:697:17:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  if(p->tags && strlen(p->tags)>0)
data/darktable-3.2.1/src/iop/clipping.c:1663:32:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
      const char *end = text + strlen(text);
data/darktable-3.2.1/src/iop/clipping.c:2206:35:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    const char *end = nv->value + strlen(nv->value);
data/darktable-3.2.1/src/iop/colorbalance.c:236:40:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  uint8_t *p  = dt_exif_xmp_decode(pi, strlen(pi), &len);
data/darktable-3.2.1/src/iop/colorbalance.c:237:41:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  uint8_t *bp = dt_exif_xmp_decode(bpi, strlen(bpi), &blen);
data/darktable-3.2.1/src/iop/colorchecker.c:301:24:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
      hk_params_input, strlen(hk_params_input), &params_len);
data/darktable-3.2.1/src/iop/colorchecker.c:315:27:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
      astia_params_input, strlen(astia_params_input), &params_len);
data/darktable-3.2.1/src/iop/colorchecker.c:327:28:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
      chrome_params_input, strlen(chrome_params_input), &params_len);
data/darktable-3.2.1/src/iop/colorchecker.c:339:29:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
      mchrome_params_input, strlen(mchrome_params_input), &params_len);
data/darktable-3.2.1/src/iop/colorchecker.c:351:28:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
      provia_params_input, strlen(provia_params_input), &params_len);
data/darktable-3.2.1/src/iop/colorchecker.c:363:28:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
      velvia_params_input, strlen(velvia_params_input), &params_len);
data/darktable-3.2.1/src/iop/colorin.c:1866:34:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    const gchar *cc = filename + strlen(filename);
data/darktable-3.2.1/src/iop/lens.cc:342:7:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120).
      strncpy(new_lens, orig_lens, pos);
data/darktable-3.2.1/src/iop/lens.cc:1389:16:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
            if(strlen(lens[i]->Model) < min_model_len)
data/darktable-3.2.1/src/iop/lens.cc:1391:31:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
              min_model_len = strlen(lens[i]->Model);
data/darktable-3.2.1/src/iop/lens.cc:1668:16:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  size_t len = strlen(txt);
data/darktable-3.2.1/src/iop/lut3d.c:450:29:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  g_strlcpy(&cache_filename[strlen(cache_filename)], ".cimgz", DT_IOP_LUT3D_MAX_PATHNAME-strlen(cache_file));
data/darktable-3.2.1/src/iop/lut3d.c:450:90:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  g_strlcpy(&cache_filename[strlen(cache_filename)], ".cimgz", DT_IOP_LUT3D_MAX_PATHNAME-strlen(cache_file));
data/darktable-3.2.1/src/iop/lut3d.c:733:11:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
  ssize_t read;
data/darktable-3.2.1/src/iop/lut3d.c:861:11:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
  ssize_t read;
data/darktable-3.2.1/src/iop/lut3d.c:1116:19:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  const int len = strlen(filepath);
data/darktable-3.2.1/src/iop/lut3d.c:1480:17:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  const int j = strlen(lutfolder) + 1;
data/darktable-3.2.1/src/iop/lut3d.c:1559:7:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  if (strlen(lutfolder) == 0)
data/darktable-3.2.1/src/iop/lut3d.c:1573:7:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  if (strlen(p->filepath) == 0 || access(composed, F_OK) == -1)
data/darktable-3.2.1/src/iop/watermark.c:922:71:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  RsvgHandle *svg = rsvg_handle_new_from_data((const guint8 *)svgdoc, strlen(svgdoc), &error);
data/darktable-3.2.1/src/iop/watermark.c:1203:26:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    char *c = filename + strlen(filename);
data/darktable-3.2.1/src/libs/camera.c:295:31:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
      const char *end = key + strlen(key);
data/darktable-3.2.1/src/libs/camera.c:349:44:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  g_strlcpy(model, lib->data.camera_model, strlen(model));
data/darktable-3.2.1/src/libs/camera.c:612:38:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
      const char *end = entry->key + strlen(entry->key);
data/darktable-3.2.1/src/libs/collect.c:403:37:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
          g_strlcpy(trailing, old + strlen(tree_path) + 1, sizeof(trailing));
data/darktable-3.2.1/src/libs/collect.c:716:44:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  if(g_str_has_suffix(needle, "%")) needle[strlen(needle) - 1] = '\0';
data/darktable-3.2.1/src/libs/collect.c:717:48:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  if(g_str_has_suffix(haystack, "%")) haystack[strlen(haystack) - 1] = '\0';
data/darktable-3.2.1/src/libs/collect.c:720:46:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    if(g_str_has_suffix(needle, "|")) needle[strlen(needle) - 1] = '\0';
data/darktable-3.2.1/src/libs/collect.c:721:50:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    if(g_str_has_suffix(haystack, "|")) haystack[strlen(haystack) - 1] = '\0';
data/darktable-3.2.1/src/libs/collect.c:725:46:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    if(g_str_has_suffix(needle, "/")) needle[strlen(needle) - 1] = '\0';
data/darktable-3.2.1/src/libs/collect.c:726:50:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    if(g_str_has_suffix(haystack, "/")) haystack[strlen(haystack) - 1] = '\0';
data/darktable-3.2.1/src/libs/collect.c:733:48:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
      if(g_str_has_suffix(needle, ":")) needle[strlen(needle) - 1] = '\0';
data/darktable-3.2.1/src/libs/collect.c:734:52:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
      if(g_str_has_suffix(haystack, ":")) haystack[strlen(haystack) - 1] = '\0';
data/darktable-3.2.1/src/libs/collect.c:742:6:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  if(strlen(needle)==0)
data/darktable-3.2.1/src/libs/collect.c:780:44:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  if(g_str_has_suffix(needle, "%")) needle[strlen(needle) - 1] = '\0';
data/darktable-3.2.1/src/libs/collect.c:1045:52:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  if(! (g_ascii_isalpha(tokens[0][0]) && tokens[0][strlen(tokens[0]) - 1] == ':') )
data/darktable-3.2.1/src/libs/collect.c:1104:22:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  const size_t len = strlen(tag);
data/darktable-3.2.1/src/libs/collect.c:1363:18:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
            pth2[strlen(pth2) - 1] = '\0';
data/darktable-3.2.1/src/libs/collect.c:1761:8:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    if(strlen(query) > 0)
data/darktable-3.2.1/src/libs/collect.c:2061:14:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  if(text && strlen(text) > 0)
data/darktable-3.2.1/src/libs/export.c:912:14:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
      buf += strlen(buf) + 1;
data/darktable-3.2.1/src/libs/export.c:914:14:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
      buf += strlen(buf) + 1;
data/darktable-3.2.1/src/libs/export.c:918:14:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
      buf += strlen(fname) + 1;
data/darktable-3.2.1/src/libs/export.c:920:14:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
      buf += strlen(sname) + 1;
data/darktable-3.2.1/src/libs/export.c:1039:12:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    buf += strlen(buf) + 1;
data/darktable-3.2.1/src/libs/export.c:1043:12:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    buf += strlen(fname) + 1;
data/darktable-3.2.1/src/libs/export.c:1045:12:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    buf += strlen(sname) + 1;
data/darktable-3.2.1/src/libs/export.c:1104:48:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    size_t new_params_size = old_params_size - strlen(iccprofile) + sizeof(int32_t);
data/darktable-3.2.1/src/libs/export.c:1122:26:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
      new_params_size += strlen(iccfilename);
data/darktable-3.2.1/src/libs/export.c:1131:43:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    memcpy(new_params + pos, iccfilename, strlen(iccfilename) + 1);
data/darktable-3.2.1/src/libs/export.c:1132:12:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    pos += strlen(iccfilename) + 1;
data/darktable-3.2.1/src/libs/export.c:1133:44:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    size_t old_pos = 4 * sizeof(int32_t) + strlen(iccprofile) + 1;
data/darktable-3.2.1/src/libs/export.c:1181:28:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    const int flags_size = strlen(flags) + 1;
data/darktable-3.2.1/src/libs/export.c:1281:23:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  int32_t fname_len = strlen(fname), sname_len = strlen(sname);
data/darktable-3.2.1/src/libs/export.c:1281:50:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  int32_t fname_len = strlen(fname), sname_len = strlen(sname);
data/darktable-3.2.1/src/libs/export.c:1283:13:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
          + strlen(iccfilename) + 1 + strlen(metadata_export) + 1;
data/darktable-3.2.1/src/libs/export.c:1283:39:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
          + strlen(iccfilename) + 1 + strlen(metadata_export) + 1;
data/darktable-3.2.1/src/libs/export.c:1301:41:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  memcpy(params + pos, metadata_export, strlen(metadata_export) + 1);
data/darktable-3.2.1/src/libs/export.c:1302:10:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  pos += strlen(metadata_export) + 1;
data/darktable-3.2.1/src/libs/export.c:1303:37:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  memcpy(params + pos, iccfilename, strlen(iccfilename) + 1);
data/darktable-3.2.1/src/libs/export.c:1304:10:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  pos += strlen(iccfilename) + 1;
data/darktable-3.2.1/src/libs/export.c:1358:10:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  buf += strlen(metadata_export) + 1;
data/darktable-3.2.1/src/libs/export.c:1363:10:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  buf += strlen(iccfilename) + 1;
data/darktable-3.2.1/src/libs/export.c:1385:10:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  buf += strlen(fname) + 1;
data/darktable-3.2.1/src/libs/export.c:1387:10:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  buf += strlen(sname) + 1;
data/darktable-3.2.1/src/libs/export.c:1405:9:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
     != strlen(fname) + strlen(sname) + 2 + 4 * sizeof(int32_t) + fsize + ssize + 7 * sizeof(int32_t)
data/darktable-3.2.1/src/libs/export.c:1405:25:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
     != strlen(fname) + strlen(sname) + 2 + 4 * sizeof(int32_t) + fsize + ssize + 7 * sizeof(int32_t)
data/darktable-3.2.1/src/libs/export.c:1406:11:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        + strlen(iccfilename) + 1 + strlen(metadata_export) + 1)
data/darktable-3.2.1/src/libs/export.c:1406:37:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        + strlen(iccfilename) + 1 + strlen(metadata_export) + 1)
data/darktable-3.2.1/src/libs/geotagging.c:97:16:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  size_t len = strlen(str);
data/darktable-3.2.1/src/libs/geotagging.c:459:31:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  const char *cc = filename + strlen(filename);
data/darktable-3.2.1/src/libs/geotagging.c:574:36:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    char *iter_a = tz_a->display + strlen("(UTC-");
data/darktable-3.2.1/src/libs/geotagging.c:575:36:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    char *iter_b = tz_b->display + strlen("(UTC-");
data/darktable-3.2.1/src/libs/geotagging.c:660:24:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    size_t last_char = strlen(name) - 1;
data/darktable-3.2.1/src/libs/import.c:442:26:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    char *c = filename + strlen(filename);
data/darktable-3.2.1/src/libs/location.c:520:48:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
          float lon = g_ascii_strtod(*avalue + strlen("POINT("), &endptr);
data/darktable-3.2.1/src/libs/location.c:577:61:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
          fprintf(stderr, "unsupported outline: %s%s\n", s, strlen(s) == strlen(*avalue) ? "" : " ...");
data/darktable-3.2.1/src/libs/location.c:577:74:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
          fprintf(stderr, "unsupported outline: %s%s\n", s, strlen(s) == strlen(*avalue) ? "" : " ...");
data/darktable-3.2.1/src/libs/location.c:636:28:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  const size_t size_name = strlen(location->name) + 1;
data/darktable-3.2.1/src/libs/location.c:676:28:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  const size_t size_name = strlen(name) + 1;
data/darktable-3.2.1/src/libs/masks.c:846:17:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  gchar *text = strlen(new_text) == 0 ? " " : new_text;
data/darktable-3.2.1/src/libs/metadata.c:145:12:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    images[strlen(images) - 1] = '\0';
data/darktable-3.2.1/src/libs/metadata.c:800:36:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  const unsigned int params_size = strlen(string) + metadata_nb;
data/darktable-3.2.1/src/libs/metadata.c:844:25:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
      metadata_len[i] = strlen(metadata[i]) + 1;
data/darktable-3.2.1/src/libs/metadata.c:895:27:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    metadata_len[keyid] = strlen(metadata[keyid]) + 1;
data/darktable-3.2.1/src/libs/metadata.c:928:23:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    metadata_len[i] = strlen(metadata[i]) + 1;
data/darktable-3.2.1/src/libs/metadata_view.c:670:29:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
          length = length + strlen(tagname) + 2;
data/darktable-3.2.1/src/libs/metadata_view.c:676:22:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
            length = strlen(tagname) + 2;
data/darktable-3.2.1/src/libs/metadata_view.c:698:31:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
      if(tagstring) tagstring[strlen(tagstring)-2] = '\0';
data/darktable-3.2.1/src/libs/modulelist.c:356:18:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    int op_len = strlen(module->op) + 1;
data/darktable-3.2.1/src/libs/modulelist.c:531:18:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    int op_len = strlen(module->op) + 1;
data/darktable-3.2.1/src/libs/modulelist.c:561:18:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    int op_len = strlen(op);
data/darktable-3.2.1/src/libs/print_settings.c:401:7:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  if (strlen(ps->prt.printer.name) == 0 || ps->prt.printer.resolution == 0)
data/darktable-3.2.1/src/libs/print_settings.c:1587:33:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    const int32_t printer_len = strlen(printer) + 1;
data/darktable-3.2.1/src/libs/print_settings.c:1592:31:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    const int32_t paper_len = strlen(paper) + 1;
data/darktable-3.2.1/src/libs/print_settings.c:1601:33:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    const int32_t profile_len = strlen(profile) + 1;
data/darktable-3.2.1/src/libs/print_settings.c:1610:34:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    const int32_t pprofile_len = strlen(pprofile) + 1;
data/darktable-3.2.1/src/libs/print_settings.c:1657:31:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    int32_t new_profile_len = strlen(profile_filename) + 1;
data/darktable-3.2.1/src/libs/print_settings.c:1658:32:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    int32_t new_pprofile_len = strlen(pprofile_filename) + 1;
data/darktable-3.2.1/src/libs/print_settings.c:1728:31:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  const int32_t printer_len = strlen(printer) + 1;
data/darktable-3.2.1/src/libs/print_settings.c:1733:29:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  const int32_t paper_len = strlen(paper) + 1;
data/darktable-3.2.1/src/libs/print_settings.c:1744:31:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  const int32_t profile_len = strlen(f_profile) + 1;
data/darktable-3.2.1/src/libs/print_settings.c:1755:32:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  const int32_t pprofile_len = strlen(f_pprofile) + 1;
data/darktable-3.2.1/src/libs/print_settings.c:1766:29:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  const int32_t style_len = strlen(style) + 1;
data/darktable-3.2.1/src/libs/print_settings.c:1789:29:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  const int32_t media_len = strlen(media) + 1;
data/darktable-3.2.1/src/libs/print_settings.c:1895:31:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  const int32_t printer_len = strlen (printer) + 1;
data/darktable-3.2.1/src/libs/print_settings.c:1896:29:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  const int32_t paper_len = strlen (paper) + 1;
data/darktable-3.2.1/src/libs/print_settings.c:1897:29:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  const int32_t media_len = strlen (media) + 1;
data/darktable-3.2.1/src/libs/print_settings.c:1898:31:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  const int32_t profile_len = strlen (profile) + 1;
data/darktable-3.2.1/src/libs/print_settings.c:1899:32:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  const int32_t pprofile_len = strlen (pprofile) + 1;
data/darktable-3.2.1/src/libs/print_settings.c:1900:29:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  const int32_t style_len = strlen (style) + 1;
data/darktable-3.2.1/src/libs/tagging.c:381:18:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
            pth2[strlen(pth2) - 1] = '\0';
data/darktable-3.2.1/src/libs/tagging.c:807:21:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    guint pathlen = strlen(path);
data/darktable-3.2.1/src/libs/tagging.c:815:11:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
      if (strlen(path2) >= pathlen)
data/darktable-3.2.1/src/libs/tagging.c:869:9:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    if (strlen(tagname) == strlen(oldtagname))
data/darktable-3.2.1/src/libs/tagging.c:869:28:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    if (strlen(tagname) == strlen(oldtagname))
data/darktable-3.2.1/src/libs/tagging.c:885:14:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    else if (strlen(tagname) > strlen(oldtagname) && tagname[strlen(oldtagname)] == '|')
data/darktable-3.2.1/src/libs/tagging.c:885:32:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    else if (strlen(tagname) > strlen(oldtagname) && tagname[strlen(oldtagname)] == '|')
data/darktable-3.2.1/src/libs/tagging.c:885:62:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    else if (strlen(tagname) > strlen(oldtagname) && tagname[strlen(oldtagname)] == '|')
data/darktable-3.2.1/src/libs/tagging.c:888:56:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
      char *newpath = g_strconcat(newtagname, &tagname[strlen(oldtagname)] , NULL);
data/darktable-3.2.1/src/libs/tagging.c:925:13:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    *size = strlen(params);
data/darktable-3.2.1/src/libs/tagging.c:1704:31:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
      const int tagname_len = strlen(tagname);
data/darktable-3.2.1/src/libs/tagging.c:1708:32:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        const int subtag_len = strlen(subtag);
data/darktable-3.2.1/src/libs/tagging.c:1873:77:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    if (strchr(newtag, '|') == &newtag[0] || strchr(newtag, '|') == &newtag[strlen(newtag)-1] || strstr(newtag, "||"))
data/darktable-3.2.1/src/libs/tagging.c:1890:29:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    const int tagname_len = strlen(tagname);
data/darktable-3.2.1/src/libs/tools/timeline.c:666:6:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  if(strlen(tx) > 3) tt.year = CLAMP(strtol(tx, NULL, 10), 0, 4000);
data/darktable-3.2.1/src/libs/tools/timeline.c:667:6:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  if(strlen(tx) > 6) tt.month = CLAMP(strtol(tx + 5, NULL, 10), 1, 12);
data/darktable-3.2.1/src/libs/tools/timeline.c:668:6:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  if(strlen(tx) > 9) tt.day = CLAMP(strtol(tx + 8, NULL, 10), 1, _time_days_in_month(tt.year, tt.month));
data/darktable-3.2.1/src/libs/tools/timeline.c:669:6:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  if(strlen(tx) > 12) tt.hour = CLAMP(strtol(tx + 11, NULL, 10), 0, 23);
data/darktable-3.2.1/src/libs/tools/timeline.c:670:6:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  if(strlen(tx) > 15) tt.minute = CLAMP(strtol(tx + 14, NULL, 10), 0, 59);
data/darktable-3.2.1/src/libs/tools/timeline.c:675:8:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    if(strlen(tx) < 16)
data/darktable-3.2.1/src/libs/tools/timeline.c:678:10:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
      if(strlen(tx) < 13)
data/darktable-3.2.1/src/libs/tools/timeline.c:681:12:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        if(strlen(tx) < 7)
data/darktable-3.2.1/src/libs/tools/timeline.c:685:12:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        if(strlen(tx) < 10)
data/darktable-3.2.1/src/libs/tools/timeline.c:913:70:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    if((prop == DT_COLLECTION_PROP_TIME && rmode == 0) || !string || strlen(string) == 0
data/darktable-3.2.1/src/lua/configuration.c:60:11:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  else if(strlen(LUA_API_VERSION_SUFFIX) == 0)
data/darktable-3.2.1/src/lua/types.c:39:3:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120).
  strncpy(c_out, value, size);
data/darktable-3.2.1/src/views/knight.c:1014:17:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  const int l = strlen(text);
data/darktable-3.2.1/src/views/map.c:1284:47:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
                               (guchar *)uri, strlen(uri));
data/darktable-3.2.1/src/views/view.c:1561:41:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
            txt = da->translated_path + strlen(elems[0]) + strlen(elems[1]) + strlen(elems[2]) + 3;
data/darktable-3.2.1/src/views/view.c:1561:60:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
            txt = da->translated_path + strlen(elems[0]) + strlen(elems[1]) + strlen(elems[2]) + 3;
data/darktable-3.2.1/src/views/view.c:1561:79:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
            txt = da->translated_path + strlen(elems[0]) + strlen(elems[1]) + strlen(elems[2]) + 3;
data/darktable-3.2.1/src/views/view.c:1563:41:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
            txt = da->translated_path + strlen(elems[0]) + strlen(elems[1]) + 2;
data/darktable-3.2.1/src/views/view.c:1563:60:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
            txt = da->translated_path + strlen(elems[0]) + strlen(elems[1]) + 2;
data/darktable-3.2.1/src/win/filepath.c:28:32:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
  const gchar *c3 = filename + strlen(filename);
data/darktable-3.2.1/src/win/filepath.c:36:27:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    gchar *c1 = pattern + strlen(pattern);
data/darktable-3.2.1/src/win/filepath.c:39:34:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    const gchar *c2 = filename + strlen(filename);
data/darktable-3.2.1/src/win/filepath.c:41:19:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    snprintf(c1 + strlen(*glob_pattern), pattern + sizeof(pattern) - c1 - strlen(*glob_pattern), "%s.xmp", c2);
data/darktable-3.2.1/src/win/filepath.c:41:75:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    snprintf(c1 + strlen(*glob_pattern), pattern + sizeof(pattern) - c1 - strlen(*glob_pattern), "%s.xmp", c2);
data/darktable-3.2.1/src/win/filepath.c:52:50:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        gchar *short_file_name = g_strndup(file, strlen(file) - 4 + c2 - filename - strlen(filename));  
data/darktable-3.2.1/src/win/filepath.c:52:85:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        gchar *short_file_name = g_strndup(file, strlen(file) - 4 + c2 - filename - strlen(filename));  
data/darktable-3.2.1/src/win/filepath.c:54:32:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        if(!(valid_xmp_name = (strlen(short_file_name) == strlen(imgfile_without_path)))) 
data/darktable-3.2.1/src/win/filepath.c:54:59:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        if(!(valid_xmp_name = (strlen(short_file_name) == strlen(imgfile_without_path)))) 
data/darktable-3.2.1/src/win/filepath.c:57:41:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
          gchar *c4 = short_file_name + strlen(short_file_name);   
data/darktable-3.2.1/src/win/filepath.c:65:43:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
          valid_xmp_name = (*c4 == '_' && strlen(short_file_name) == strlen(imgfile_without_path) + i);
data/darktable-3.2.1/src/win/filepath.c:65:70:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
          valid_xmp_name = (*c4 == '_' && strlen(short_file_name) == strlen(imgfile_without_path) + i);
data/darktable-3.2.1/src/win/getdelim.c:59:33:  [1] (buffer) getc:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
#define getc_maybe_unlocked(fp) getc(fp)
data/darktable-3.2.1/src/win/getdelim.c:65:33:  [1] (buffer) getc:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
#define getc_maybe_unlocked(fp) getc(fp)
data/darktable-3.2.1/src/win/strptime.c:591:13:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
      len = strlen(*n1);
data/darktable-3.2.1/tools/basecurve/darktable-curve-tool.c:138:3:  [1] (buffer) fgetc:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
  fgetc(f);
data/darktable-3.2.1/tools/noise/noiseprofile.c:62:3:  [1] (buffer) fgetc:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
  fgetc(f); // eat only one newline

ANALYSIS SUMMARY:

Hits = 2004
Lines analyzed = 415343 in approximately 12.28 seconds (33814 lines/second)
Physical Source Lines of Code (SLOC) = 310971
Hits@level = [0] 1706 [1] 447 [2] 1396 [3]  74 [4]  86 [5]   1
Hits@level+ = [0+] 3710 [1+] 2004 [2+] 1557 [3+] 161 [4+]  87 [5+]   1
Hits/KSLOC@level+ = [0+] 11.9304 [1+] 6.44433 [2+] 5.0069 [3+] 0.517733 [4+] 0.279769 [5+] 0.00321573
Dot directories skipped = 6 (--followdotdir overrides)
Minimum risk level = 1
Not every hit is necessarily a security vulnerability.
There may be other security vulnerabilities; review your code!
See 'Secure Programming HOWTO'
(https://dwheeler.com/secure-programs) for more information.