Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler.
Number of rules (primarily dangerous function names) in C/C++ ruleset: 223
Examining data/flake-0.11/libflake/bitio.h
Examining data/flake-0.11/libflake/encode.c
Examining data/flake-0.11/libflake/rice.h
Examining data/flake-0.11/libflake/crc.h
Examining data/flake-0.11/libflake/flake.h
Examining data/flake-0.11/libflake/crc.c
Examining data/flake-0.11/libflake/vbs.h
Examining data/flake-0.11/libflake/encode.h
Examining data/flake-0.11/libflake/optimize.c
Examining data/flake-0.11/libflake/lpc.h
Examining data/flake-0.11/libflake/md5.h
Examining data/flake-0.11/libflake/md5.c
Examining data/flake-0.11/libflake/vbs.c
Examining data/flake-0.11/libflake/optimize.h
Examining data/flake-0.11/libflake/rice.c
Examining data/flake-0.11/libflake/lpc.c
Examining data/flake-0.11/util/wavinfo.c
Examining data/flake-0.11/bswap.h
Examining data/flake-0.11/common.h
Examining data/flake-0.11/flake/flake.c
Examining data/flake-0.11/flake/wav.c
Examining data/flake-0.11/flake/wav.h
FINAL RESULTS:
data/flake-0.11/flake/flake.c:539:22: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
files->ifp = fopen(files->infile, "rb");
data/flake-0.11/flake/flake.c:551:22: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
files->ofp = fopen(files->outfile, "wb");
data/flake-0.11/flake/wav.c:185:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(dest, src_v, n);
data/flake-0.11/flake/wav.c:232:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(dest, src_v, n * sizeof(int16_t));
data/flake-0.11/flake/wav.c:279:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(dest, src_v, n * sizeof(int32_t));
data/flake-0.11/flake/wav.c:326:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(dest, src_v, n * sizeof(int32_t));
data/flake-0.11/flake/wav.c:373:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(dest, src_v, n * sizeof(int32_t));
data/flake-0.11/flake/wav.c:420:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(dest, src_v, n * sizeof(float));
data/flake-0.11/flake/wav.c:465:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(dest, src_v, n * sizeof(double));
data/flake-0.11/libflake/encode.c:130:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&comment[4], vlen_le, 4);
data/flake-0.11/libflake/encode.c:132:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&comment[8], vendor_string, vendor_len);
data/flake-0.11/libflake/flake.h:167:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char md5digest[16];
data/flake-0.11/libflake/md5.c:191:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&ctx->buffer[used], data, size);
data/flake-0.11/libflake/md5.c:195:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&ctx->buffer[used], data, free);
data/flake-0.11/libflake/md5.c:206:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ctx->buffer, data, size);
data/flake-0.11/libflake/md5.c:272:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(sig16, signal, data_bytes);
data/flake-0.11/libflake/optimize.c:31:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(res, smp, n*sizeof(int32_t));
data/flake-0.11/libflake/optimize.c:41:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(res, smp, n*sizeof(int32_t));
data/flake-0.11/util/wavinfo.c:352:14: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fp = fopen(wi.fname, "rb");
data/flake-0.11/flake/flake.c:238:29: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(opts->filelist[0].outfile, argv[i], olen);
data/flake-0.11/flake/flake.c:298:13: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(opts->filelist[i].outfile, opts->filelist[i].infile, ext+1);
data/flake-0.11/flake/flake.c:305:13: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120). Risk is low because the source is a
constant string.
strncpy(&opts->filelist[i].outfile[ext], ".flac", 6);
data/flake-0.11/flake/wav.c:129:21: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
fgetc(fp);
data/flake-0.11/flake/wav.c:146:25: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
fgetc(fp);
data/flake-0.11/flake/wav.c:621:17: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
fgetc(wf->fp);
data/flake-0.11/flake/wav.c:640:13: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
fgetc(wf->fp);
data/flake-0.11/libflake/encode.c:116:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
vendor_len = strlen(vendor_string);
ANALYSIS SUMMARY:
Hits = 27
Lines analyzed = 4844 in approximately 0.24 seconds (20436 lines/second)
Physical Source Lines of Code (SLOC) = 3590
Hits@level = [0] 69 [1] 8 [2] 19 [3] 0 [4] 0 [5] 0
Hits@level+ = [0+] 96 [1+] 27 [2+] 19 [3+] 0 [4+] 0 [5+] 0
Hits/KSLOC@level+ = [0+] 26.7409 [1+] 7.52089 [2+] 5.29248 [3+] 0 [4+] 0 [5+] 0
Dot directories skipped = 1 (--followdotdir overrides)
Minimum risk level = 1
Not every hit is necessarily a security vulnerability.
There may be other security vulnerabilities; review your code!
See 'Secure Programming HOWTO'
(https://dwheeler.com/secure-programs) for more information.