Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler.
Number of rules (primarily dangerous function names) in C/C++ ruleset: 223
Examining data/dvdauthor-0.7.2/src/common.h
Examining data/dvdauthor-0.7.2/src/compat.c
Examining data/dvdauthor-0.7.2/src/compat.h
Examining data/dvdauthor-0.7.2/src/conffile.c
Examining data/dvdauthor-0.7.2/src/conffile.h
Examining data/dvdauthor-0.7.2/src/da-internal.h
Examining data/dvdauthor-0.7.2/src/dvdauthor.c
Examining data/dvdauthor-0.7.2/src/dvdauthor.h
Examining data/dvdauthor-0.7.2/src/dvdcompile.c
Examining data/dvdauthor-0.7.2/src/dvdifo.c
Examining data/dvdauthor-0.7.2/src/dvdpgc.c
Examining data/dvdauthor-0.7.2/src/dvdunauthor.c
Examining data/dvdauthor-0.7.2/src/dvduncompile.c
Examining data/dvdauthor-0.7.2/src/dvduncompile.h
Examining data/dvdauthor-0.7.2/src/dvdvm.h
Examining data/dvdauthor-0.7.2/src/dvdvob.c
Examining data/dvdauthor-0.7.2/src/mpeg2desc.c
Examining data/dvdauthor-0.7.2/src/readxml.c
Examining data/dvdauthor-0.7.2/src/readxml.h
Examining data/dvdauthor-0.7.2/src/rgb.h
Examining data/dvdauthor-0.7.2/src/spuunmux.c
Examining data/dvdauthor-0.7.2/src/subfont.c
Examining data/dvdauthor-0.7.2/src/subfont.h
Examining data/dvdauthor-0.7.2/src/subgen-encode.c
Examining data/dvdauthor-0.7.2/src/subgen-image.c
Examining data/dvdauthor-0.7.2/src/subgen-parse-xml.c
Examining data/dvdauthor-0.7.2/src/subgen.c
Examining data/dvdauthor-0.7.2/src/subgen.h
Examining data/dvdauthor-0.7.2/src/subglobals.h
Examining data/dvdauthor-0.7.2/src/subreader.c
Examining data/dvdauthor-0.7.2/src/subreader.h
Examining data/dvdauthor-0.7.2/src/subrender.c
Examining data/dvdauthor-0.7.2/src/subrender.h
Examining data/dvdauthor-0.7.2/src/dvdcli.c
FINAL RESULTS:
data/dvdauthor-0.7.2/src/compat.c:139:19: [4] (format) vsnprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
nrbytes = vsnprintf(result, result_size, format, args) + 1;
data/dvdauthor-0.7.2/src/compat.c:325:16: [4] (shell) popen:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
vf.h = popen(fname + 1, "w");
data/dvdauthor-0.7.2/src/compat.c:331:16: [4] (shell) popen:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
vf.h = popen(fcopy, "r");
data/dvdauthor-0.7.2/src/dvdauthor.c:1070:9: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(fbuf, "%s%s", s, subdir);
data/dvdauthor-0.7.2/src/dvdauthor.c:1915:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(ifonames[i], de->d_name);
data/dvdauthor-0.7.2/src/dvdcli.c:326:9: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf \
data/dvdauthor-0.7.2/src/dvdcli.c:971:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(menulang, lang);
data/dvdauthor-0.7.2/src/dvdunauthor.c:169:23: [4] (format) vsnprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
bytesneeded = vsnprintf(fmtbuf, fmtbufsize, format, ap);
data/dvdauthor-0.7.2/src/dvduncompile.c:147:5: [4] (format) vsnprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
vsnprintf(bigbuf,sizeof(bigbuf),format,ap);
data/dvdauthor-0.7.2/src/dvduncompile.c:160:5: [4] (format) vsnprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
vsnprintf(bigbuf,sizeof(bigbuf),format,ap);
data/dvdauthor-0.7.2/src/readxml.c:253:17: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(parser_body, v);
data/dvdauthor-0.7.2/src/spuunmux.c:801:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf((char *)nbuf, "%s%05d%c.png", base_name, s->subno, type[0]);
data/dvdauthor-0.7.2/src/spuunmux.c:823:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf((char *)nbuf, "%s%05d.png", base_name, curspu->subno);
data/dvdauthor-0.7.2/src/spuunmux.c:1226:9: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(nbuf, "%s.xml", base_name);
data/dvdauthor-0.7.2/src/subfont.c:159:9: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buff, "%s%s", homedir, config_dir);
data/dvdauthor-0.7.2/src/subfont.c:166:9: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buff, "%s%s/%s", homedir, config_dir, filename);
data/dvdauthor-0.7.2/src/subgen-encode.c:149:5: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stderr,\
data/dvdauthor-0.7.2/src/subgen-encode.c:196:17: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stderr,\
data/dvdauthor-0.7.2/src/subgen-encode.c:307:5: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stderr,\
data/dvdauthor-0.7.2/src/subgen-image.c:186:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(ii->filename,s->fname);
data/dvdauthor-0.7.2/src/subgen.c:554:21: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stderr,\
data/dvdauthor-0.7.2/src/subreader.c:140:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(s, s + i);
data/dvdauthor-0.7.2/src/subreader.c:1584:17: [4] (buffer) sscanf:
The scanf() family's %s operation, without a limit specification, permits
buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
different input function.
if (sscanf(p, "%s %[^\n\r]", directive, line1) < 2)
data/dvdauthor-0.7.2/src/subreader.c:1617:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(line2, line1);
data/dvdauthor-0.7.2/src/conffile.c:41:31: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
const char * const home = getenv("HOME");
data/dvdauthor-0.7.2/src/conffile.c:74:14: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
result = getenv("XDG_CONFIG_HOME");
data/dvdauthor-0.7.2/src/conffile.c:97:21: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
char * result = getenv("XDG_CONFIG_DIRS");
data/dvdauthor-0.7.2/src/conffile.c:347:24: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
char * outputdir = getenv("OUTPUTDIR");
data/dvdauthor-0.7.2/src/conffile.c:372:18: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
format = getenv("VIDEO_FORMAT");
data/dvdauthor-0.7.2/src/dvdcli.c:397:27: [3] (buffer) getopt_long:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
#define GETOPTFUNC(x,y,z) getopt_long(x,y,"-" z,longopts,NULL)
data/dvdauthor-0.7.2/src/dvdcli.c:399:27: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
#define GETOPTFUNC(x,y,z) getopt(x,y,z)
data/dvdauthor-0.7.2/src/dvdunauthor.c:1424:23: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while (-1 != (i = getopt(argc, argv, "h")))
data/dvdauthor-0.7.2/src/mpeg2desc.c:908:28: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while (-1 != (oc = getopt(argc,argv,"ha:v:o:msd:u")))
data/dvdauthor-0.7.2/src/spuunmux.c:1101:22: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while ((option = getopt(argc, argv, "o:v:fF:s:p:Vh")) != -1)
data/dvdauthor-0.7.2/src/subfont.c:131:20: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if ((homedir = getenv("WINDIR")) != NULL)
data/dvdauthor-0.7.2/src/subfont.c:135:20: [3] (buffer) getenv:
Environment variables are untrustable input if they can be set by an
attacker. They can have any content and length, and the same variable can
be set more than once (CWE-807, CWE-20). Check environment variables
carefully before using them.
if ((homedir = getenv("HOME")) == NULL)
data/dvdauthor-0.7.2/src/subgen.c:862:27: [3] (buffer) getopt_long:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
#define GETOPTFUNC(x,y,z) getopt_long(x,y,z,longopts,NULL)
data/dvdauthor-0.7.2/src/subgen.c:864:27: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
#define GETOPTFUNC(x,y,z) getopt(x,y,z)
data/dvdauthor-0.7.2/src/compat.c:34:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(dest + destlen, src, srclen);
data/dvdauthor-0.7.2/src/compat.c:114:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(result, s, l);
data/dvdauthor-0.7.2/src/compat.c:190:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char
data/dvdauthor-0.7.2/src/compat.c:320:23: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
vf.h = fdopen(atoi(fname + 1), mode == O_RDONLY ? "rb" : "wb");
data/dvdauthor-0.7.2/src/compat.c:337:16: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
vf.h = fopen(fname, mode == O_RDONLY ? "rb" : "wb");
data/dvdauthor-0.7.2/src/compat.c:1223:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char spacename[maxspacename + 1];
data/dvdauthor-0.7.2/src/compat.c:1231:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(spacename, colorstr, src - colorstr);
data/dvdauthor-0.7.2/src/conffile.c:216:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(thispath, dirpath, dirpath_len);
data/dvdauthor-0.7.2/src/conffile.c:369:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line[40]; /* should be plenty */
data/dvdauthor-0.7.2/src/conffile.c:378:20: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
conffile = fopen(conffilename, "r");
data/dvdauthor-0.7.2/src/da-internal.h:76:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char sectdata[0x26]; // PACK and system header, so we don't have to reread it
data/dvdauthor-0.7.2/src/da-internal.h:96:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char lang[2];
data/dvdauthor-0.7.2/src/da-internal.h:104:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char lang[2];
data/dvdauthor-0.7.2/src/da-internal.h:106:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char idmap[4];
data/dvdauthor-0.7.2/src/da-internal.h:156:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buttoncoli[24]; /* 3 groups of SL_COLI (button colour) info for PCI packets */
data/dvdauthor-0.7.2/src/da-internal.h:185:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char subpmap[32][4];
data/dvdauthor-0.7.2/src/da-internal.h:200:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char lang[3]; /* value of the "lang" attribute */
data/dvdauthor-0.7.2/src/da-internal.h:232:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char vtssummary[0x300]; /* copy of VTS attributes (bytes 0x100 onwards of VTS IFO) */
data/dvdauthor-0.7.2/src/da-internal.h:233:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char vtscat[4]; /* VTS_CAT (copy of bytes 0x22 .. 0x25 of VTS IFO) */
data/dvdauthor-0.7.2/src/dvdauthor.c:49:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const char * const vmpegdesc[4]={"","mpeg1","mpeg2",0};
data/dvdauthor-0.7.2/src/dvdauthor.c:50:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const char * const vresdesc[6]={"","720xfull","704xfull","352xfull","352xhalf",0};
data/dvdauthor-0.7.2/src/dvdauthor.c:51:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const char * const vformatdesc[4]={"","ntsc","pal",0};
data/dvdauthor-0.7.2/src/dvdauthor.c:52:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const char * const vaspectdesc[4]={"","4:3","16:9",0};
data/dvdauthor-0.7.2/src/dvdauthor.c:53:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const char * const vwidescreendesc[5]={"","noletterbox","nopanscan","crop",0};
data/dvdauthor-0.7.2/src/dvdauthor.c:55:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const static char * const vratedesc[16] = /* descriptions of frame-rate codes */
data/dvdauthor-0.7.2/src/dvdauthor.c:75:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const char * const aformatdesc[6]={"","ac3","mp2","pcm","dts",0};
data/dvdauthor-0.7.2/src/dvdauthor.c:77:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const char * const aquantdesc[6]={"","16bps","20bps","24bps","drc",0};
data/dvdauthor-0.7.2/src/dvdauthor.c:78:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const char * const adolbydesc[3]={"","surround",0};
data/dvdauthor-0.7.2/src/dvdauthor.c:79:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const char * const alangdesc[4]={"","nolang","lang",0};
data/dvdauthor-0.7.2/src/dvdauthor.c:80:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const char * const achanneldesc[10]={"","1ch","2ch","3ch","4ch","5ch","6ch","7ch","8ch",0};
data/dvdauthor-0.7.2/src/dvdauthor.c:81:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const char * const asampledesc[4]={"","48khz","96khz",0};
data/dvdauthor-0.7.2/src/dvdauthor.c:83:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const char * const acontentdesc[6] =
data/dvdauthor-0.7.2/src/dvdauthor.c:87:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char * const entries[9]={"","","title","root","subtitle","audio","angle","ptt",0};
data/dvdauthor-0.7.2/src/dvdauthor.c:90:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char * const pstypes[3]={"VTS","VTSM","VMGM"};
data/dvdauthor-0.7.2/src/dvdauthor.c:92:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const char * const smodedesc[6]={"","normal","widescreen","letterbox","panscan",0};
data/dvdauthor-0.7.2/src/dvdauthor.c:94:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const char * const scontentdesc[17] =
data/dvdauthor-0.7.2/src/dvdauthor.c:1099:21: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static unsigned char buf[2048];
data/dvdauthor-0.7.2/src/dvdauthor.c:1102:22: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE * const h = fopen(ifo, "rb");
data/dvdauthor-0.7.2/src/dvdauthor.c:1121:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(vd->vtscat, buf + 0x22, 4); /* VTS category */
data/dvdauthor-0.7.2/src/dvdauthor.c:1122:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(vd->vtssummary, buf + 0x100, 0x300); /* attributes of streams in VTS and VTSM */
data/dvdauthor-0.7.2/src/dvdauthor.c:1167:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char realfbase[1000];
data/dvdauthor-0.7.2/src/dvdauthor.c:1175:13: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
h = fopen(realfbase, "rb");
data/dvdauthor-0.7.2/src/dvdauthor.c:1188:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char dirname[1000], subname[1000];
data/dvdauthor-0.7.2/src/dvdauthor.c:1255:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char realfbase[1000];
data/dvdauthor-0.7.2/src/dvdauthor.c:1288:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ci->color,default_colors,16*sizeof(int));
data/dvdauthor-0.7.2/src/dvdauthor.c:1407:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(v->allpgcs + v->numallpgcs, p->pgcs, p->numpgcs * sizeof(struct pgc *));
data/dvdauthor-0.7.2/src/dvdauthor.c:1716:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char nm[10];
data/dvdauthor-0.7.2/src/dvdauthor.c:1865:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char fbuf[1000];
data/dvdauthor-0.7.2/src/dvdauthor.c:1866:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char ifonames[101][14];
data/dvdauthor-0.7.2/src/dvdauthor.c:1969:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char realfbase[1000];
data/dvdauthor-0.7.2/src/dvdauthor.h:33:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern char provider_str[PROVIDER_SIZE]; /* defined in dvdcli.c */
data/dvdauthor-0.7.2/src/dvdcli.c:38:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char provider_str[PROVIDER_SIZE];
data/dvdauthor-0.7.2/src/dvdcli.c:229:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char groups[24];
data/dvdauthor-0.7.2/src/dvdcli.c:741:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char
data/dvdauthor-0.7.2/src/dvdcli.c:964:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(menulang, "en"); /* default. */
data/dvdauthor-0.7.2/src/dvdcli.c:1062:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ch[4];
data/dvdauthor-0.7.2/src/dvdcompile.c:1371:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(b, b + 8, 8); // move statement
data/dvdauthor-0.7.2/src/dvdifo.c:139:21: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static unsigned char buf[2048];
data/dvdauthor-0.7.2/src/dvdifo.c:280:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buf[8];
data/dvdauthor-0.7.2/src/dvdifo.c:395:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buf[16];
data/dvdauthor-0.7.2/src/dvdifo.c:546:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buf + 6 + i * 8, va->ad[i].lang, 2); /* language code */
data/dvdauthor-0.7.2/src/dvdifo.c:571:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buf + 0x58 + i * 6, va->sp[i].lang, 2); /* language code */
data/dvdauthor-0.7.2/src/dvdifo.c:590:21: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static unsigned char buf[2048];
data/dvdauthor-0.7.2/src/dvdifo.c:597:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buf, "DVDVIDEO-VTS", 12);
data/dvdauthor-0.7.2/src/dvdifo.c:680:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char buf[1000];
data/dvdauthor-0.7.2/src/dvdifo.c:690:17: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
h = fopen(buf, "wb");
data/dvdauthor-0.7.2/src/dvdifo.c:731:21: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static unsigned char buf[2048];
data/dvdauthor-0.7.2/src/dvdifo.c:737:9: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
h = fopen(fname, "wb");
data/dvdauthor-0.7.2/src/dvdifo.c:740:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buf, "DVDVIDEO-VMG", 12);
data/dvdauthor-0.7.2/src/dvdifo.c:882:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buf + 4, ws->titlesets->vts[i].vtscat, 4);
data/dvdauthor-0.7.2/src/dvdifo.c:884:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buf + 8, ws->titlesets->vts[i].vtssummary, 0x300);
data/dvdauthor-0.7.2/src/dvdpgc.c:522:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(plu, lg->lang, 2); /* ISO639 language code */
data/dvdauthor-0.7.2/src/dvdunauthor.c:46:17: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static unsigned char bigblock[BIGBLOCKLEN];
data/dvdauthor-0.7.2/src/dvdunauthor.c:50:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char
data/dvdauthor-0.7.2/src/dvdunauthor.c:310:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const char * const permitted_df[4] = {NULL, "noletterbox", "nopanscan", NULL};
data/dvdauthor-0.7.2/src/dvdunauthor.c:312:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const char * const audio_format[8] = {"ac3", NULL, NULL, "mp2", "pcm ", NULL, "dts", NULL};
data/dvdauthor-0.7.2/src/dvdunauthor.c:313:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const char * const audio_type[5] = {NULL, "normal", "impaired", "comments1", "comments2"};
data/dvdauthor-0.7.2/src/dvdunauthor.c:315:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const char * const subp_type[16] = {
data/dvdauthor-0.7.2/src/dvdunauthor.c:521:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const char * const entries[16] =
data/dvdauthor-0.7.2/src/dvdunauthor.c:531:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const char * const subp_control_modes[4]={
data/dvdauthor-0.7.2/src/dvdunauthor.c:961:21: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static unsigned char sector[2048];
data/dvdauthor-0.7.2/src/dvdunauthor.c:1017:21: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static unsigned char sector[2048];
data/dvdauthor-0.7.2/src/dvdunauthor.c:1021:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(sector, packhdr, 14); // copy pack header
data/dvdauthor-0.7.2/src/dvdunauthor.c:1049:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char nm1[10]; /* should be big enough to avoid overflow! */
data/dvdauthor-0.7.2/src/dvdunauthor.c:1050:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(nm1, "%d", i + 1);
data/dvdauthor-0.7.2/src/dvdunauthor.c:1060:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(nm1, "%d", b->up); wdstr(nm1);
data/dvdauthor-0.7.2/src/dvdunauthor.c:1061:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(nm1, "%d", b->down); wdstr(nm1);
data/dvdauthor-0.7.2/src/dvdunauthor.c:1062:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(nm1, "%d", b->left); wdstr(nm1);
data/dvdauthor-0.7.2/src/dvdunauthor.c:1063:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(nm1, "%d", b->right); wdstr(nm1);
data/dvdauthor-0.7.2/src/dvdunauthor.c:1140:17: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
h = open(filenamebase, O_CREAT | O_APPEND | O_WRONLY | O_BINARY, 0666);
data/dvdauthor-0.7.2/src/dvdunauthor.c:1143:17: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
h = open(filenamebase, O_CREAT | O_TRUNC | O_WRONLY | O_BINARY, 0666);
data/dvdauthor-0.7.2/src/dvduncompile.c:123:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const char * const entries[16] = /* menu entry types */
data/dvdauthor-0.7.2/src/dvduncompile.c:134:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char bigbuf[1024];
data/dvdauthor-0.7.2/src/dvduncompile.c:156:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char bigbuf[1024];
data/dvdauthor-0.7.2/src/dvduncompile.c:214:49: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
if (reg < sizeof(system_reg_table) / sizeof(char *))
data/dvdauthor-0.7.2/src/dvdvob.c:54:17: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static unsigned char bigwritebuf[BIGWRITEBUFLEN];
data/dvdauthor-0.7.2/src/dvdvob.c:84:17: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static unsigned char videoslidebuf[15]={255,255,255,255, 255,255,255, 0,0,0,0, 0,0,0,0};
data/dvdauthor-0.7.2/src/dvdvob.c:500:17: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
writefile = open(newname, O_CREAT | O_WRONLY | O_BINARY, 0666);
data/dvdauthor-0.7.2/src/dvdvob.c:566:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char sizestring[30];
data/dvdauthor-0.7.2/src/dvdvob.c:597:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(sizestring, "%dx%d", hsize, vsize);
data/dvdauthor-0.7.2/src/dvdvob.c:731:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(videoslidebuf + 7, buf + f, l - f);
data/dvdauthor-0.7.2/src/dvdvob.c:734:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buf + f, videoslidebuf + 7, l - f);
data/dvdauthor-0.7.2/src/dvdvob.c:743:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(videoslidebuf + 7, buf + f, 8); // we scan the first header using the slide buffer
data/dvdauthor-0.7.2/src/dvdvob.c:746:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buf + f, videoslidebuf + 7, 8);
data/dvdauthor-0.7.2/src/dvdvob.c:765:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(videoslidebuf, buf + l - 7, 7);
data/dvdauthor-0.7.2/src/dvdvob.c:1045:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char attr[4];
data/dvdauthor-0.7.2/src/dvdvob.c:1092:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(attr,"%dch",nch);
data/dvdauthor-0.7.2/src/dvdvob.c:1105:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char attr[6];
data/dvdauthor-0.7.2/src/dvdvob.c:1113:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(attr,"%dkhz",48*(1+((buf[1]>>4)&1))); /* 48 or 96kHz */
data/dvdauthor-0.7.2/src/dvdvob.c:1115:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(attr,"%dch",(buf[1]&7)+1); /* nr channels */
data/dvdauthor-0.7.2/src/dvdvob.c:1124:21: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static unsigned char deferred_buf[2048];
data/dvdauthor-0.7.2/src/dvdvob.c:1133:18: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buf[6]; /* save partial packet in case it crosses sector boundaries */
data/dvdauthor-0.7.2/src/dvdvob.c:1178:17: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buf, deferred_buf, 2048);
data/dvdauthor-0.7.2/src/dvdvob.c:1257:29: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(thisvob->buttoncoli, buf + i + 2, buf[i + 1] * 8);
data/dvdauthor-0.7.2/src/dvdvob.c:1377:17: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(deferred_buf, buf, 2048); /* save just-read sector for processing on next iteration */
data/dvdauthor-0.7.2/src/dvdvob.c:1499:21: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(thisvob->vobu[thisvob->numvobus].sectdata, buf, 0x26); // save pack and system header; the rest will be reconstructed later
data/dvdauthor-0.7.2/src/dvdvob.c:1657:21: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(mp2hdr[index].buf + 3, buf + dptr, 3);
data/dvdauthor-0.7.2/src/dvdvob.c:1678:21: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(mp2hdr[index].buf, buf + dptr + len - 3, 3);
data/dvdauthor-0.7.2/src/dvdvob.c:2280:29: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static unsigned char buf[2048];
data/dvdauthor-0.7.2/src/dvdvob.c:2299:30: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
outvob = open(fname, O_WRONLY | O_BINARY);
data/dvdauthor-0.7.2/src/dvdvob.c:2316:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buf, thisvobu->sectdata, 0x26);
data/dvdauthor-0.7.2/src/dvdvob.c:2350:17: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char idmap[3];
data/dvdauthor-0.7.2/src/dvdvob.c:2386:17: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buf + 0xa3, thisvob->buttoncoli, 24);
data/dvdauthor-0.7.2/src/dvdvob.c:2396:41: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static unsigned char compilebuf[128 * 8], *rbuf;
data/dvdauthor-0.7.2/src/dvdvob.c:2422:29: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(boffs + 10, compilebuf, 8);
data/dvdauthor-0.7.2/src/mpeg2desc.c:57:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buf[BUFLEN];
data/dvdauthor-0.7.2/src/mpeg2desc.c:115:18: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char quad[4];
data/dvdauthor-0.7.2/src/mpeg2desc.c:189:26: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fd = open(o->fname, O_CREAT | O_WRONLY | O_NONBLOCK, 0666);
data/dvdauthor-0.7.2/src/mpeg2desc.c:343:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(fb->buf + fb->len, buf, thislen);
data/dvdauthor-0.7.2/src/mpeg2desc.c:357:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char hdr[4];
data/dvdauthor-0.7.2/src/mpeg2desc.c:358:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buf[200];
data/dvdauthor-0.7.2/src/mpeg2desc.c:824:29: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ptr, buf + contentoffs, tocopy);
data/dvdauthor-0.7.2/src/spuunmux.c:60:17: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static unsigned char sub[65536];
data/dvdauthor-0.7.2/src/spuunmux.c:609:14: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fp = fopen(file_name, "wb");
data/dvdauthor-0.7.2/src/spuunmux.c:785:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char nbuf[256];
data/dvdauthor-0.7.2/src/spuunmux.c:804:18: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char ebuf[sizeof nbuf * 6];
data/dvdauthor-0.7.2/src/spuunmux.c:818:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char nbuf[256];
data/dvdauthor-0.7.2/src/spuunmux.c:826:18: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char ebuf[sizeof nbuf * 6];
data/dvdauthor-0.7.2/src/spuunmux.c:1067:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char cbuf[CBUFSIZE];
data/dvdauthor-0.7.2/src/spuunmux.c:1068:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char psbuf[PSBUFSIZE];
data/dvdauthor-0.7.2/src/spuunmux.c:1070:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *iname[256]; /* names of input files -- fixme: no range checking */
data/dvdauthor-0.7.2/src/spuunmux.c:1191:15: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fdo = fopen(palet_file, "r");
data/dvdauthor-0.7.2/src/spuunmux.c:1225:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char nbuf[256];
data/dvdauthor-0.7.2/src/spuunmux.c:1227:15: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fdo = fopen(nbuf, "w+");
data/dvdauthor-0.7.2/src/spuunmux.c:1295:21: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char stuff[7];
data/dvdauthor-0.7.2/src/spuunmux.c:1370:29: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy
data/dvdauthor-0.7.2/src/subfont.c:124:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char exedir[260];
data/dvdauthor-0.7.2/src/subgen-encode.c:125:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(s->pal, p, 4 * sizeof(colorspec));
data/dvdauthor-0.7.2/src/subgen-image.c:203:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char pdata[MAXX*4];
data/dvdauthor-0.7.2/src/subgen-image.c:231:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char pnghead[8];
data/dvdauthor-0.7.2/src/subgen-image.c:239:8: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fp=fopen(s->fname,"rb");
data/dvdauthor-0.7.2/src/subgen-image.c:611:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char n[10]; /* should be enough! */
data/dvdauthor-0.7.2/src/subgen-image.c:612:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(n, "%d", i + 1);
data/dvdauthor-0.7.2/src/subgen-parse-xml.c:38:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(b,"%d:%02d:%02d.%03d",
data/dvdauthor-0.7.2/src/subgen-parse-xml.c:184:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char stime[50], etime[50];
data/dvdauthor-0.7.2/src/subgen.c:88:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char header[32];
data/dvdauthor-0.7.2/src/subgen.c:687:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char nm1[10], nm2[10];
data/dvdauthor-0.7.2/src/subgen.c:708:25: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(nm1, "%d", i ? i : (cursti->numbuttons));
data/dvdauthor-0.7.2/src/subgen.c:709:25: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(nm2, "%d", (i + 1 != cursti->numbuttons) ? (i + 2) : 1);
data/dvdauthor-0.7.2/src/subgen.c:854:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char psbuf[psbufs];
data/dvdauthor-0.7.2/src/subglobals.h:7:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *text[SUB_MAX_TEXT]; /* array [lines] of char* */
data/dvdauthor-0.7.2/src/subreader.c:207:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char
data/dvdauthor-0.7.2/src/subreader.c:273:21: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ic_inbuf, ic_inbuf + ic_next_in, ic_end_in);
data/dvdauthor-0.7.2/src/subreader.c:547:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char line[LINE_LEN + 1];
data/dvdauthor-0.7.2/src/subreader.c:551:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char text[LINE_LEN + 1], *p = text;
data/dvdauthor-0.7.2/src/subreader.c:722:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line[LINE_LEN + 1];
data/dvdauthor-0.7.2/src/subreader.c:723:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line2[LINE_LEN + 1];
data/dvdauthor-0.7.2/src/subreader.c:764:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line[LINE_LEN + 1];
data/dvdauthor-0.7.2/src/subreader.c:809:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line[LINE_LEN + 1];
data/dvdauthor-0.7.2/src/subreader.c:885:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line[LINE_LEN + 1];
data/dvdauthor-0.7.2/src/subreader.c:928:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line[LINE_LEN + 1];
data/dvdauthor-0.7.2/src/subreader.c:991:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line[LINE_LEN + 1];
data/dvdauthor-0.7.2/src/subreader.c:1157:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line[LINE_LEN + 1], line3[LINE_LEN + 1];
data/dvdauthor-0.7.2/src/subreader.c:1258:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line[LINE_LEN + 1];
data/dvdauthor-0.7.2/src/subreader.c:1259:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char text[LINE_LEN + 1];
data/dvdauthor-0.7.2/src/subreader.c:1271:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line[LINE_LEN + 1];
data/dvdauthor-0.7.2/src/subreader.c:1328:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line[LINE_LEN + 1];
data/dvdauthor-0.7.2/src/subreader.c:1388:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line[LINE_LEN + 1];
data/dvdauthor-0.7.2/src/subreader.c:1442:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line1[LINE_LEN], line2[LINE_LEN], directive[LINE_LEN];
data/dvdauthor-0.7.2/src/subreader.c:1729:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line[LINE_LEN + 1];
data/dvdauthor-0.7.2/src/compat.c:27:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
const size_t destlen = strlen(dest);
data/dvdauthor-0.7.2/src/compat.c:28:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t srclen = strlen(src);
data/dvdauthor-0.7.2/src/compat.c:108:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t l = strlen(s);
data/dvdauthor-0.7.2/src/compat.c:167:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (pos < strlen(*src))
data/dvdauthor-0.7.2/src/compat.c:202:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(default_charset_buf, nl_langinfo(CODESET), sizeof default_charset_buf - 1);
data/dvdauthor-0.7.2/src/compat.c:233:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
inlen = strlen(localestr);
data/dvdauthor-0.7.2/src/compat.c:277:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
inlen = strlen(pathname);
data/dvdauthor-0.7.2/src/compat.c:327:71: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
else if (mode == O_RDONLY && fname[0] != '\0' && fname[fnamelen = strlen(fname) - 1] == '|')
data/dvdauthor-0.7.2/src/compat.c:1166:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
const char * const srcend = colorstr + strlen(colorstr);
data/dvdauthor-0.7.2/src/conffile.c:52:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
result_len = strlen(home) + 1 + strlen(path) + 1; /* worst case */
data/dvdauthor-0.7.2/src/conffile.c:52:41: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
result_len = strlen(home) + 1 + strlen(path) + 1; /* worst case */
data/dvdauthor-0.7.2/src/conffile.c:56:9: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(result, home, result_len);
data/dvdauthor-0.7.2/src/conffile.c:57:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (result[strlen(result) - 1] != '/')
data/dvdauthor-0.7.2/src/conffile.c:205:54: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
const size_t thispath_maxlen = dirpath_len + 1 + strlen(context->itempath) + 1;
data/dvdauthor-0.7.2/src/conffile.c:260:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(home_path),
data/dvdauthor-0.7.2/src/conffile.c:269:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
/*path_len =*/ strlen(search_path),
data/dvdauthor-0.7.2/src/conffile.c:281:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(home_path),
data/dvdauthor-0.7.2/src/dvdauthor.c:490:37: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (ATTRMATCH(AUDIO_LANG) && 2==strlen(s)) {
data/dvdauthor-0.7.2/src/dvdauthor.c:536:34: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(ATTRMATCH(SPU_LANG) && 2==strlen(s)) {
data/dvdauthor-0.7.2/src/dvdauthor.c:1069:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
fbuf = malloc(strlen(s) + strlen(subdir) + 1);
data/dvdauthor-0.7.2/src/dvdauthor.c:1069:35: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
fbuf = malloc(strlen(s) + strlen(subdir) + 1);
data/dvdauthor-0.7.2/src/dvdauthor.c:1206:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strlen(entry->d_name) == 12
data/dvdauthor-0.7.2/src/dvdauthor.c:1806:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(lang) != 2)
data/dvdauthor-0.7.2/src/dvdauthor.c:1892:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
i = strlen(de->d_name);
data/dvdauthor-0.7.2/src/dvdcli.c:213:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
i=strlen(fname);
data/dvdauthor-0.7.2/src/dvdcli.c:673:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
const int l = strlen(fbase);
data/dvdauthor-0.7.2/src/dvdcli.c:829:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(provider_str, s, PROVIDER_SIZE);
data/dvdauthor-0.7.2/src/dvdcli.c:846:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(provider_str, PACKAGE_STRING, PROVIDER_SIZE);
data/dvdauthor-0.7.2/src/dvdcli.c:1063:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(c) == 1)
data/dvdauthor-0.7.2/src/dvdifo.c:746:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy((char *)(buf + 0x40), provider_str, PROVIDER_SIZE - 1); /* provider ID */
data/dvdauthor-0.7.2/src/dvdvob.c:799:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
i[0] += strlen(s) + 1;
data/dvdauthor-0.7.2/src/readxml.c:252:52: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
parser_body = realloc(parser_body, strlen(parser_body) + strlen(v) + 1);
data/dvdauthor-0.7.2/src/readxml.c:252:74: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
parser_body = realloc(parser_body, strlen(parser_body) + strlen(v) + 1);
data/dvdauthor-0.7.2/src/spuunmux.c:146:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
i[0] += strlen(s) + 1;
data/dvdauthor-0.7.2/src/spuunmux.c:1218:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(base_name) > 246)
data/dvdauthor-0.7.2/src/subfont.c:141:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for (i = 0; i< strlen(exedir); i++)
data/dvdauthor-0.7.2/src/subfont.c:154:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(homedir) + strlen(config_dir) + 1;
data/dvdauthor-0.7.2/src/subfont.c:154:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(homedir) + strlen(config_dir) + 1;
data/dvdauthor-0.7.2/src/subfont.c:163:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len += strlen(filename) + 1;
data/dvdauthor-0.7.2/src/subgen.c:406:17: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
int r = read(h, b, l);
data/dvdauthor-0.7.2/src/subreader.c:141:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
i = strlen(s) - 1;
data/dvdauthor-0.7.2/src/subreader.c:153:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(needle);
data/dvdauthor-0.7.2/src/subreader.c:481:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
orig_len = len = strlen(ip);
data/dvdauthor-0.7.2/src/subreader.c:710:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(*dest, source, len);
data/dvdauthor-0.7.2/src/subreader.c:792:13: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(current->text[current->lines - 1], q, len);
data/dvdauthor-0.7.2/src/subreader.c:912:17: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(current->text[i], line, len);
data/dvdauthor-0.7.2/src/subreader.c:1116:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (next && strlen(next) > 8)
data/dvdauthor-0.7.2/src/subreader.c:1213:9: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(current->text[num], line2, tmp - line2);
data/dvdauthor-0.7.2/src/subreader.c:1304:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(p)) /* nonempty line */
data/dvdauthor-0.7.2/src/subreader.c:1586:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
jLength = strlen(directive);
data/dvdauthor-0.7.2/src/subreader.c:1925:22: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
subtitle_elt * (*read)(subtitle_elt *dest); /* file reader routine */
data/dvdauthor-0.7.2/src/subreader.c:1974:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
l = strlen(filename);
data/dvdauthor-0.7.2/src/subreader.c:1981:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (l > strlen(exts[k]) && !strcasecmp(filename + (l - strlen(exts[k])), exts[k]))
data/dvdauthor-0.7.2/src/subreader.c:1981:72: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (l > strlen(exts[k]) && !strcasecmp(filename + (l - strlen(exts[k])), exts[k]))
data/dvdauthor-0.7.2/src/subreader.c:2034:24: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
new_sub = srp->read(new_sub);
data/dvdauthor-0.7.2/src/subrender.c:268:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
textlen = strlen((const char *)text);
ANALYSIS SUMMARY:
Hits = 274
Lines analyzed = 25447 in approximately 2.74 seconds (9287 lines/second)
Physical Source Lines of Code (SLOC) = 21379
Hits@level = [0] 680 [1] 56 [2] 180 [3] 14 [4] 24 [5] 0
Hits@level+ = [0+] 954 [1+] 274 [2+] 218 [3+] 38 [4+] 24 [5+] 0
Hits/KSLOC@level+ = [0+] 44.6232 [1+] 12.8163 [2+] 10.1969 [3+] 1.77745 [4+] 1.1226 [5+] 0
Dot directories skipped = 1 (--followdotdir overrides)
Minimum risk level = 1
Not every hit is necessarily a security vulnerability.
There may be other security vulnerabilities; review your code!
See 'Secure Programming HOWTO'
(https://dwheeler.com/secure-programs) for more information.