Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler. Number of rules (primarily dangerous function names) in C/C++ ruleset: 223 Examining data/fonts-inter-3.15+ds/misc/ttf2woff/comp-zlib.c Examining data/fonts-inter-3.15+ds/misc/ttf2woff/comp-zopfli.c Examining data/fonts-inter-3.15+ds/misc/ttf2woff/compat.c Examining data/fonts-inter-3.15+ds/misc/ttf2woff/genttf.c Examining data/fonts-inter-3.15+ds/misc/ttf2woff/genwoff.c Examining data/fonts-inter-3.15+ds/misc/ttf2woff/optimize.c Examining data/fonts-inter-3.15+ds/misc/ttf2woff/readttc.c Examining data/fonts-inter-3.15+ds/misc/ttf2woff/readttf.c Examining data/fonts-inter-3.15+ds/misc/ttf2woff/readwoff.c Examining data/fonts-inter-3.15+ds/misc/ttf2woff/ttf2woff.c Examining data/fonts-inter-3.15+ds/misc/ttf2woff/ttf2woff.h Examining data/fonts-inter-3.15+ds/misc/ttf2woff/zopfli/blocksplitter.c Examining data/fonts-inter-3.15+ds/misc/ttf2woff/zopfli/blocksplitter.h Examining data/fonts-inter-3.15+ds/misc/ttf2woff/zopfli/cache.c Examining data/fonts-inter-3.15+ds/misc/ttf2woff/zopfli/cache.h Examining data/fonts-inter-3.15+ds/misc/ttf2woff/zopfli/deflate.c Examining data/fonts-inter-3.15+ds/misc/ttf2woff/zopfli/deflate.h Examining data/fonts-inter-3.15+ds/misc/ttf2woff/zopfli/hash.c Examining data/fonts-inter-3.15+ds/misc/ttf2woff/zopfli/hash.h Examining data/fonts-inter-3.15+ds/misc/ttf2woff/zopfli/katajainen.c Examining data/fonts-inter-3.15+ds/misc/ttf2woff/zopfli/katajainen.h Examining data/fonts-inter-3.15+ds/misc/ttf2woff/zopfli/lz77.c Examining data/fonts-inter-3.15+ds/misc/ttf2woff/zopfli/lz77.h Examining data/fonts-inter-3.15+ds/misc/ttf2woff/zopfli/squeeze.c Examining data/fonts-inter-3.15+ds/misc/ttf2woff/zopfli/squeeze.h Examining data/fonts-inter-3.15+ds/misc/ttf2woff/zopfli/symbols.h Examining data/fonts-inter-3.15+ds/misc/ttf2woff/zopfli/tree.c Examining data/fonts-inter-3.15+ds/misc/ttf2woff/zopfli/tree.h Examining data/fonts-inter-3.15+ds/misc/ttf2woff/zopfli/util.c Examining data/fonts-inter-3.15+ds/misc/ttf2woff/zopfli/util.h Examining data/fonts-inter-3.15+ds/misc/ttf2woff/zopfli/zlib_container.c Examining data/fonts-inter-3.15+ds/misc/ttf2woff/zopfli/zlib_container.h Examining data/fonts-inter-3.15+ds/misc/ttf2woff/zopfli/zopfli.h FINAL RESULTS: data/fonts-inter-3.15+ds/misc/ttf2woff/compat.c:10:8: [4] (format) vfprintf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. if(f) vfprintf(stderr, f, *va); data/fonts-inter-3.15+ds/misc/ttf2woff/ttf2woff.c:31:2: [4] (format) vfprintf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. vfprintf(o, f, va); data/fonts-inter-3.15+ds/misc/ttf2woff/ttf2woff.c:318:3: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(xtab.ptr+xtab.len, optarg); data/fonts-inter-3.15+ds/misc/ttf2woff/ttf2woff.c:327:12: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. case 'V': printf(STR(VERSION)"\n"); return 0; data/fonts-inter-3.15+ds/misc/ttf2woff/ttf2woff.c:296:17: [3] (buffer) getopt: Some older implementations do not protect against internal buffer overflows (CWE-120, CWE-20). Check implementation on installation, or limit the size of all string inputs. for(;;) switch(getopt(argc, argv, "vt:u:SOX:lm:p:ihV")) { data/fonts-inter-3.15+ds/misc/ttf2woff/optimize.c:14:43: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. struct table *find_table(struct ttf *ttf, char tag[4]) data/fonts-inter-3.15+ds/misc/ttf2woff/optimize.c:220:4: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(p,a.ptr,a.len); p+=a.len; data/fonts-inter-3.15+ds/misc/ttf2woff/optimize.c:229:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(new.ptr, name->buf.ptr, 6+12*count); data/fonts-inter-3.15+ds/misc/ttf2woff/ttf2woff.c:62:8: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fd = open(path, O_RDONLY|O_BINARY); data/fonts-inter-3.15+ds/misc/ttf2woff/ttf2woff.c:111:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(nm, pt, l); data/fonts-inter-3.15+ds/misc/ttf2woff/ttf2woff.c:114:3: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(p, "%d", i); data/fonts-inter-3.15+ds/misc/ttf2woff/ttf2woff.c:115:8: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fd = open(nm, O_WRONLY|O_TRUNC|O_CREAT|O_BINARY|O_EXCL, 0666); data/fonts-inter-3.15+ds/misc/ttf2woff/ttf2woff.c:307:11: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). fontn = atoi(optarg); data/fonts-inter-3.15+ds/misc/ttf2woff/ttf2woff.c:493:9: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fd = open(oname, O_WRONLY|O_TRUNC|O_CREAT|O_BINARY, 0666); data/fonts-inter-3.15+ds/misc/ttf2woff/ttf2woff.h:42:62: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. static inline u8 *append(u8 *d, u8 *s, size_t n) {u8 *p=d+n; memcpy(d,s,n); return p;} data/fonts-inter-3.15+ds/misc/ttf2woff/ttf2woff.h:56:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char name[8]; data/fonts-inter-3.15+ds/misc/ttf2woff/ttf2woff.h:73:43: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. struct table *find_table(struct ttf *ttf, char tag[4]); data/fonts-inter-3.15+ds/misc/ttf2woff/zopfli/deflate.c:557:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(ll_lengths, ll_lengths2, sizeof(ll_lengths2)); data/fonts-inter-3.15+ds/misc/ttf2woff/zopfli/deflate.c:558:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(d_lengths, d_lengths2, sizeof(d_lengths2)); data/fonts-inter-3.15+ds/misc/ttf2woff/zopfli/squeeze.c:54:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(dest->litlens, source->litlens, data/fonts-inter-3.15+ds/misc/ttf2woff/zopfli/squeeze.c:56:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(dest->dists, source->dists, ZOPFLI_NUM_D * sizeof(dest->dists[0])); data/fonts-inter-3.15+ds/misc/ttf2woff/zopfli/squeeze.c:58:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(dest->ll_symbols, source->ll_symbols, data/fonts-inter-3.15+ds/misc/ttf2woff/zopfli/squeeze.c:60:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(dest->d_symbols, source->d_symbols, data/fonts-inter-3.15+ds/misc/ttf2woff/ttf2woff.c:76:7: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). v = read(fd, file.ptr, file.len); data/fonts-inter-3.15+ds/misc/ttf2woff/ttf2woff.c:91:8: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). v = read(fd, file.ptr+file.len, alen-file.len); data/fonts-inter-3.15+ds/misc/ttf2woff/ttf2woff.c:106:10: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). int l = strlen(pt); data/fonts-inter-3.15+ds/misc/ttf2woff/ttf2woff.c:316:7: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). v = strlen(optarg) + 1; ANALYSIS SUMMARY: Hits = 27 Lines analyzed = 5730 in approximately 0.25 seconds (22932 lines/second) Physical Source Lines of Code (SLOC) = 3776 Hits@level = [0] 14 [1] 4 [2] 18 [3] 1 [4] 4 [5] 0 Hits@level+ = [0+] 41 [1+] 27 [2+] 23 [3+] 5 [4+] 4 [5+] 0 Hits/KSLOC@level+ = [0+] 10.8581 [1+] 7.15042 [2+] 6.0911 [3+] 1.32415 [4+] 1.05932 [5+] 0 Dot directories skipped = 2 (--followdotdir overrides) Minimum risk level = 1 Not every hit is necessarily a security vulnerability. There may be other security vulnerabilities; review your code! See 'Secure Programming HOWTO' (https://dwheeler.com/secure-programs) for more information.