Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler. Number of rules (primarily dangerous function names) in C/C++ ruleset: 223 Examining data/flake-0.11/libflake/bitio.h Examining data/flake-0.11/libflake/encode.c Examining data/flake-0.11/libflake/rice.h Examining data/flake-0.11/libflake/crc.h Examining data/flake-0.11/libflake/flake.h Examining data/flake-0.11/libflake/crc.c Examining data/flake-0.11/libflake/vbs.h Examining data/flake-0.11/libflake/encode.h Examining data/flake-0.11/libflake/optimize.c Examining data/flake-0.11/libflake/lpc.h Examining data/flake-0.11/libflake/md5.h Examining data/flake-0.11/libflake/md5.c Examining data/flake-0.11/libflake/vbs.c Examining data/flake-0.11/libflake/optimize.h Examining data/flake-0.11/libflake/rice.c Examining data/flake-0.11/libflake/lpc.c Examining data/flake-0.11/util/wavinfo.c Examining data/flake-0.11/bswap.h Examining data/flake-0.11/common.h Examining data/flake-0.11/flake/flake.c Examining data/flake-0.11/flake/wav.c Examining data/flake-0.11/flake/wav.h FINAL RESULTS: data/flake-0.11/flake/flake.c:539:22: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). files->ifp = fopen(files->infile, "rb"); data/flake-0.11/flake/flake.c:551:22: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). files->ofp = fopen(files->outfile, "wb"); data/flake-0.11/flake/wav.c:185:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(dest, src_v, n); data/flake-0.11/flake/wav.c:232:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(dest, src_v, n * sizeof(int16_t)); data/flake-0.11/flake/wav.c:279:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(dest, src_v, n * sizeof(int32_t)); data/flake-0.11/flake/wav.c:326:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(dest, src_v, n * sizeof(int32_t)); data/flake-0.11/flake/wav.c:373:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(dest, src_v, n * sizeof(int32_t)); data/flake-0.11/flake/wav.c:420:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(dest, src_v, n * sizeof(float)); data/flake-0.11/flake/wav.c:465:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(dest, src_v, n * sizeof(double)); data/flake-0.11/libflake/encode.c:130:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&comment[4], vlen_le, 4); data/flake-0.11/libflake/encode.c:132:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&comment[8], vendor_string, vendor_len); data/flake-0.11/libflake/flake.h:167:14: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char md5digest[16]; data/flake-0.11/libflake/md5.c:191:13: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&ctx->buffer[used], data, size); data/flake-0.11/libflake/md5.c:195:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&ctx->buffer[used], data, free); data/flake-0.11/libflake/md5.c:206:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(ctx->buffer, data, size); data/flake-0.11/libflake/md5.c:272:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(sig16, signal, data_bytes); data/flake-0.11/libflake/optimize.c:31:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(res, smp, n*sizeof(int32_t)); data/flake-0.11/libflake/optimize.c:41:13: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(res, smp, n*sizeof(int32_t)); data/flake-0.11/util/wavinfo.c:352:14: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fp = fopen(wi.fname, "rb"); data/flake-0.11/flake/flake.c:238:29: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(opts->filelist[0].outfile, argv[i], olen); data/flake-0.11/flake/flake.c:298:13: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(opts->filelist[i].outfile, opts->filelist[i].infile, ext+1); data/flake-0.11/flake/flake.c:305:13: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). Risk is low because the source is a constant string. strncpy(&opts->filelist[i].outfile[ext], ".flac", 6); data/flake-0.11/flake/wav.c:129:21: [1] (buffer) fgetc: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). fgetc(fp); data/flake-0.11/flake/wav.c:146:25: [1] (buffer) fgetc: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). fgetc(fp); data/flake-0.11/flake/wav.c:621:17: [1] (buffer) fgetc: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). fgetc(wf->fp); data/flake-0.11/flake/wav.c:640:13: [1] (buffer) fgetc: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). fgetc(wf->fp); data/flake-0.11/libflake/encode.c:116:18: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). vendor_len = strlen(vendor_string); ANALYSIS SUMMARY: Hits = 27 Lines analyzed = 4844 in approximately 0.24 seconds (20436 lines/second) Physical Source Lines of Code (SLOC) = 3590 Hits@level = [0] 69 [1] 8 [2] 19 [3] 0 [4] 0 [5] 0 Hits@level+ = [0+] 96 [1+] 27 [2+] 19 [3+] 0 [4+] 0 [5+] 0 Hits/KSLOC@level+ = [0+] 26.7409 [1+] 7.52089 [2+] 5.29248 [3+] 0 [4+] 0 [5+] 0 Dot directories skipped = 1 (--followdotdir overrides) Minimum risk level = 1 Not every hit is necessarily a security vulnerability. There may be other security vulnerabilities; review your code! See 'Secure Programming HOWTO' (https://dwheeler.com/secure-programs) for more information.