Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler.
Number of rules (primarily dangerous function names) in C/C++ ruleset: 223
Examining data/darnwdl-0.5/src/fasterrender.h
Examining data/darnwdl-0.5/src/wpass1.h
Examining data/darnwdl-0.5/src/wpass2.h
Examining data/darnwdl-0.5/src/callbacks.c
Examining data/darnwdl-0.5/src/graphdec.h
Examining data/darnwdl-0.5/src/jpeginmemorydec.h
Examining data/darnwdl-0.5/src/jpeginmemorydec.c
Examining data/darnwdl-0.5/src/wpass2.c
Examining data/darnwdl-0.5/src/pass2.c
Examining data/darnwdl-0.5/src/graphdec.c
Examining data/darnwdl-0.5/src/pagerender.c
Examining data/darnwdl-0.5/src/support.c
Examining data/darnwdl-0.5/src/myfunc.c
Examining data/darnwdl-0.5/src/myfunc.h
Examining data/darnwdl-0.5/src/wdldec.c
Examining data/darnwdl-0.5/src/wdl2txt.c
Examining data/darnwdl-0.5/src/main.c
Examining data/darnwdl-0.5/src/support.h
Examining data/darnwdl-0.5/src/wpass1.c
Examining data/darnwdl-0.5/src/callbacks.h
Examining data/darnwdl-0.5/src/pagerender.h
Examining data/darnwdl-0.5/src/fasterrender.c
FINAL RESULTS:
data/darnwdl-0.5/src/wpass1.c:135:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(ret->headtag,header);
data/darnwdl-0.5/src/callbacks.c:106:16: [2] (tmpfile) tmpfile:
Function tmpfile() has a security flaw on some systems (e.g., older System
V systems) (CWE-377).
tempfile = tmpfile();
data/darnwdl-0.5/src/graphdec.c:66:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buffer+(cinfo.output_height-cinfo.output_scanline)*row_stride,
data/darnwdl-0.5/src/main.c:82:18: [2] (tmpfile) tmpfile:
Function tmpfile() has a security flaw on some systems (e.g., older System
V systems) (CWE-377).
tempfile = tmpfile();
data/darnwdl-0.5/src/myfunc.c:65:15: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
inputFile = fopen(filename,"r");
data/darnwdl-0.5/src/pagerender.c:110:9: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(SP01->font_face_encoding_guess,"gb2312");
data/darnwdl-0.5/src/pagerender.c:306:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char encoding[512] = {"big5"};
data/darnwdl-0.5/src/pagerender.c:441:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cc[3];
data/darnwdl-0.5/src/pagerender.c:496:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cc[4];
data/darnwdl-0.5/src/pass2.c:32:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tag[3];
data/darnwdl-0.5/src/pass2.c:412:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fontstr[32+1];
data/darnwdl-0.5/src/pass2.c:498:15: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
inputFile = fopen(argv[1],"rb");
data/darnwdl-0.5/src/wdl2txt.c:52:14: [2] (tmpfile) tmpfile:
Function tmpfile() has a security flaw on some systems (e.g., older System
V systems) (CWE-377).
tempfile = tmpfile();
data/darnwdl-0.5/src/wpass1.c:50:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char header[9];
data/darnwdl-0.5/src/wpass1.c:118:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char header[7];
data/darnwdl-0.5/src/wpass1.c:119:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char header_property_tag[5];
data/darnwdl-0.5/src/wpass1.c:124:11: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
file1 = fopen (infilename, "rb");
data/darnwdl-0.5/src/wpass1.c:218:16: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
outputfile = fopen(outfilename,"w");
data/darnwdl-0.5/src/wpass1.h:7:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char headtag[7];
data/darnwdl-0.5/src/wpass2.c:133:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tag[3];
data/darnwdl-0.5/src/wpass2.c:158:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(i_new->tag,tag,3);
data/darnwdl-0.5/src/wpass2.c:1110:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(ret->font_face_encoding_guess,"utf16le");
data/darnwdl-0.5/src/wpass2.c:1115:7: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(ret->font_face_encoding_guess,"gb2312");
data/darnwdl-0.5/src/wpass2.c:1118:7: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(ret->font_face_encoding_guess,"big5"); /* default guess big5 */
data/darnwdl-0.5/src/wpass2.c:1121:11: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(ret->font_face_encoding_guess,"gb2312");
data/darnwdl-0.5/src/wpass2.h:10:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tag[3];
data/darnwdl-0.5/src/wpass2.h:114:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char unknown_bytes_1[4];
data/darnwdl-0.5/src/wpass2.h:117:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char unknown_bytes_2[8];
data/darnwdl-0.5/src/wpass2.h:138:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char unknown_bytes_1[4];
data/darnwdl-0.5/src/wpass2.h:141:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char unknown_bytes_2[10];
data/darnwdl-0.5/src/wpass2.h:161:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char unknown_data[16];
data/darnwdl-0.5/src/wpass2.h:162:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char font_face[32*2+1];
data/darnwdl-0.5/src/wpass2.h:163:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char font_face_encoding_guess[128];
data/darnwdl-0.5/src/wpass2.h:172:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char unknown_data_2[11];
data/darnwdl-0.5/src/wpass2.h:179:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char unknown_data_1[2];
data/darnwdl-0.5/src/wpass2.h:184:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char unknown_data_2[6];
data/darnwdl-0.5/src/pagerender.c:365:11: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120). Risk is low because the source is a
constant string.
strncpy(encoding,"gb2312",sizeof(encoding)-1);
data/darnwdl-0.5/src/pagerender.c:401:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(fontface)>=7 && strcmp(&(fontface[strlen(fontface)-7]),"_GB2312")==0) {
data/darnwdl-0.5/src/pagerender.c:401:54: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(fontface)>=7 && strcmp(&(fontface[strlen(fontface)-7]),"_GB2312")==0) {
data/darnwdl-0.5/src/pagerender.c:402:11: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120). Risk is low because the source is a
constant string.
strncpy(encoding,"gb2312",sizeof(encoding)-1);
data/darnwdl-0.5/src/pass2.c:35:10: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
c1 = fgetc(inputFile);
data/darnwdl-0.5/src/pass2.c:39:10: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
c2 = fgetc(inputFile);
data/darnwdl-0.5/src/pass2.c:56:14: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
tmp1 = fgetc(inputFile);
data/darnwdl-0.5/src/pass2.c:57:14: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
tmp2 = fgetc(inputFile);
data/darnwdl-0.5/src/pass2.c:58:14: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
tmp3 = fgetc(inputFile);
data/darnwdl-0.5/src/pass2.c:59:14: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
tmp4 = fgetc(inputFile);
data/darnwdl-0.5/src/pass2.c:71:14: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
tmp1 = fgetc(inputFile);
data/darnwdl-0.5/src/pass2.c:72:14: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
tmp2 = fgetc(inputFile);
data/darnwdl-0.5/src/pass2.c:73:14: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
tmp3 = fgetc(inputFile);
data/darnwdl-0.5/src/pass2.c:74:14: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
tmp4 = fgetc(inputFile);
data/darnwdl-0.5/src/pass2.c:110:18: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
flag01 = fgetc(inputFile);
data/darnwdl-0.5/src/pass2.c:261:30: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
unknown_data_01[i] = fgetc(inputFile);
data/darnwdl-0.5/src/pass2.c:272:30: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
unknown_data_02[i] = fgetc(inputFile);
data/darnwdl-0.5/src/pass2.c:283:30: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
unknown_data_03[i] = fgetc(inputFile);
data/darnwdl-0.5/src/pass2.c:315:14: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
r= fgetc(inputFile); seeklen --;
data/darnwdl-0.5/src/pass2.c:316:14: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
g= fgetc(inputFile); seeklen --;
data/darnwdl-0.5/src/pass2.c:317:14: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
b= fgetc(inputFile); seeklen --;
data/darnwdl-0.5/src/pass2.c:327:13: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
fgetc(inputFile); seeklen--;
data/darnwdl-0.5/src/pass2.c:364:18: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
flag01 = fgetc(inputFile);
data/darnwdl-0.5/src/pass2.c:418:20: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
unknownint[i] = fgetc(inputFile);
data/darnwdl-0.5/src/pass2.c:425:34: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
wdlpass2_QPoutput(myout,fontstr,strlen(fontstr));
data/darnwdl-0.5/src/pass2.c:439:13: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
r = fgetc(inputFile);
data/darnwdl-0.5/src/pass2.c:440:13: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
g = fgetc(inputFile);
data/darnwdl-0.5/src/pass2.c:441:13: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
b = fgetc(inputFile);
data/darnwdl-0.5/src/pass2.c:445:21: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
unknownint2[i] = fgetc(inputFile);
data/darnwdl-0.5/src/pass2.c:459:21: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
unknownint1[i] = fgetc(inputFile);
data/darnwdl-0.5/src/pass2.c:463:13: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
r = fgetc(inputFile);
data/darnwdl-0.5/src/pass2.c:464:13: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
g = fgetc(inputFile);
data/darnwdl-0.5/src/pass2.c:465:13: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
b = fgetc(inputFile);
data/darnwdl-0.5/src/pass2.c:469:21: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
unknownint2[i] = fgetc(inputFile);
data/darnwdl-0.5/src/wpass2.c:37:8: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
a1 = fgetc (file1);
data/darnwdl-0.5/src/wpass2.c:38:8: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
a2 = fgetc (file1);
data/darnwdl-0.5/src/wpass2.c:39:8: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
a3 = fgetc (file1);
data/darnwdl-0.5/src/wpass2.c:40:8: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
a4 = fgetc (file1);
data/darnwdl-0.5/src/wpass2.c:55:8: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
a1 = fgetc (file1);
data/darnwdl-0.5/src/wpass2.c:56:8: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
a2 = fgetc (file1);
data/darnwdl-0.5/src/wpass2.c:72:8: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
a1 = fgetc (file1);
data/darnwdl-0.5/src/wpass2.c:73:8: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
a2 = fgetc (file1);
data/darnwdl-0.5/src/wpass2.c:138:10: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
c1 = fgetc(inputFile);
data/darnwdl-0.5/src/wpass2.c:142:10: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
c2 = fgetc(inputFile);
data/darnwdl-0.5/src/wpass2.c:333:8: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
c1 = fgetc(inputFile);
data/darnwdl-0.5/src/wpass2.c:334:8: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
c2 = fgetc(inputFile);
data/darnwdl-0.5/src/wpass2.c:355:8: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
c1 = fgetc(inputFile);
data/darnwdl-0.5/src/wpass2.c:356:8: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
c2 = fgetc(inputFile);
data/darnwdl-0.5/src/wpass2.c:377:8: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
c1 = fgetc(inputFile);
data/darnwdl-0.5/src/wpass2.c:378:8: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
c2 = fgetc(inputFile);
data/darnwdl-0.5/src/wpass2.c:399:8: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
c1 = fgetc(inputFile);
data/darnwdl-0.5/src/wpass2.c:400:8: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
c2 = fgetc(inputFile);
data/darnwdl-0.5/src/wpass2.c:422:8: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
c1 = fgetc(inputFile);
data/darnwdl-0.5/src/wpass2.c:423:8: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
c2 = fgetc(inputFile);
data/darnwdl-0.5/src/wpass2.c:444:8: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
c1 = fgetc(inputFile);
data/darnwdl-0.5/src/wpass2.c:445:8: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
c2 = fgetc(inputFile);
data/darnwdl-0.5/src/wpass2.c:446:12: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
ret->r = fgetc(inputFile);
data/darnwdl-0.5/src/wpass2.c:447:12: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
ret->g = fgetc(inputFile);
data/darnwdl-0.5/src/wpass2.c:448:12: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
ret->b = fgetc(inputFile);
data/darnwdl-0.5/src/wpass2.c:449:23: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
ret->unknown_byte = fgetc(inputFile);
data/darnwdl-0.5/src/wpass2.c:469:8: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
c1 = fgetc(inputFile);
data/darnwdl-0.5/src/wpass2.c:470:8: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
c2 = fgetc(inputFile);
data/darnwdl-0.5/src/wpass2.c:471:12: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
ret->r = fgetc(inputFile);
data/darnwdl-0.5/src/wpass2.c:472:12: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
ret->g = fgetc(inputFile);
data/darnwdl-0.5/src/wpass2.c:473:12: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
ret->b = fgetc(inputFile);
data/darnwdl-0.5/src/wpass2.c:474:23: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
ret->unknown_byte = fgetc(inputFile);
data/darnwdl-0.5/src/wpass2.c:494:8: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
c1 = fgetc(inputFile);
data/darnwdl-0.5/src/wpass2.c:495:8: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
c2 = fgetc(inputFile);
data/darnwdl-0.5/src/wpass2.c:516:8: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
c1 = fgetc(inputFile);
data/darnwdl-0.5/src/wpass2.c:517:8: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
c2 = fgetc(inputFile);
data/darnwdl-0.5/src/wpass2.c:586:8: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
c1 = fgetc(inputFile);
data/darnwdl-0.5/src/wpass2.c:587:8: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
c2 = fgetc(inputFile);
data/darnwdl-0.5/src/wpass2.c:656:8: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
c1 = fgetc(inputFile);
data/darnwdl-0.5/src/wpass2.c:657:8: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
c2 = fgetc(inputFile);
data/darnwdl-0.5/src/wpass2.c:716:8: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
c1 = fgetc(inputFile);
data/darnwdl-0.5/src/wpass2.c:717:8: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
c2 = fgetc(inputFile);
data/darnwdl-0.5/src/wpass2.c:727:29: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
ret->unknown_bytes_1[i]=fgetc(inputFile);
data/darnwdl-0.5/src/wpass2.c:733:29: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
ret->unknown_bytes_2[i]=fgetc(inputFile);
data/darnwdl-0.5/src/wpass2.c:760:13: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
b = fgetc(inputFile); seeklen--;
data/darnwdl-0.5/src/wpass2.c:761:13: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
g = fgetc(inputFile); seeklen--;
data/darnwdl-0.5/src/wpass2.c:762:13: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
r = fgetc(inputFile); seeklen--;
data/darnwdl-0.5/src/wpass2.c:769:11: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
fgetc(inputFile); seeklen--;
data/darnwdl-0.5/src/wpass2.c:777:18: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
cindex = fgetc(inputFile); seeklen--;
data/darnwdl-0.5/src/wpass2.c:784:11: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
fgetc(inputFile); seeklen--;
data/darnwdl-0.5/src/wpass2.c:826:8: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
c1 = fgetc(inputFile);
data/darnwdl-0.5/src/wpass2.c:827:8: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
c2 = fgetc(inputFile);
data/darnwdl-0.5/src/wpass2.c:837:29: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
ret->unknown_bytes_1[i]=fgetc(inputFile);
data/darnwdl-0.5/src/wpass2.c:843:29: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
ret->unknown_bytes_2[i]=fgetc(inputFile);
data/darnwdl-0.5/src/wpass2.c:920:8: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
c1 = fgetc(inputFile);
data/darnwdl-0.5/src/wpass2.c:921:8: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
c2 = fgetc(inputFile);
data/darnwdl-0.5/src/wpass2.c:939:19: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
inew->flag1 = fgetc(inputFile);
data/darnwdl-0.5/src/wpass2.c:1011:8: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
c1 = fgetc(inputFile);
data/darnwdl-0.5/src/wpass2.c:1012:8: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
c2 = fgetc(inputFile);
data/darnwdl-0.5/src/wpass2.c:1030:19: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
inew->flag1 = fgetc(inputFile);
data/darnwdl-0.5/src/wpass2.c:1102:8: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
c1 = fgetc(inputFile);
data/darnwdl-0.5/src/wpass2.c:1103:8: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
c2 = fgetc(inputFile);
data/darnwdl-0.5/src/wpass2.c:1113:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ret_font_face_len = strlen(ret->font_face);
data/darnwdl-0.5/src/wpass2.c:1145:8: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
c1 = fgetc(inputFile);
data/darnwdl-0.5/src/wpass2.c:1146:8: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
c2 = fgetc(inputFile);
data/darnwdl-0.5/src/wpass2.c:1150:12: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
ret->r = fgetc(inputFile);
data/darnwdl-0.5/src/wpass2.c:1151:12: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
ret->g = fgetc(inputFile);
data/darnwdl-0.5/src/wpass2.c:1152:12: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
ret->b = fgetc(inputFile);
data/darnwdl-0.5/src/wpass2.c:1168:8: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
c1 = fgetc(inputFile);
data/darnwdl-0.5/src/wpass2.c:1169:8: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
c2 = fgetc(inputFile);
data/darnwdl-0.5/src/wpass2.c:1175:12: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
ret->r = fgetc(inputFile); seeklen -=1;
data/darnwdl-0.5/src/wpass2.c:1176:12: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
ret->g = fgetc(inputFile); seeklen -=1;
data/darnwdl-0.5/src/wpass2.c:1177:12: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
ret->b = fgetc(inputFile); seeklen -=1;
data/darnwdl-0.5/src/wpass2.c:1178:25: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
ret->unknown_char_1 = fgetc(inputFile); seeklen -= 1;
ANALYSIS SUMMARY:
Hits = 144
Lines analyzed = 4494 in approximately 0.20 seconds (22582 lines/second)
Physical Source Lines of Code (SLOC) = 3500
Hits@level = [0] 126 [1] 108 [2] 35 [3] 0 [4] 1 [5] 0
Hits@level+ = [0+] 270 [1+] 144 [2+] 36 [3+] 1 [4+] 1 [5+] 0
Hits/KSLOC@level+ = [0+] 77.1429 [1+] 41.1429 [2+] 10.2857 [3+] 0.285714 [4+] 0.285714 [5+] 0
Dot directories skipped = 1 (--followdotdir overrides)
Minimum risk level = 1
Not every hit is necessarily a security vulnerability.
There may be other security vulnerabilities; review your code!
See 'Secure Programming HOWTO'
(https://dwheeler.com/secure-programs) for more information.