Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler.
Number of rules (primarily dangerous function names) in C/C++ ruleset: 223
Examining data/libdiscid-0.6.2/test/test_read.c
Examining data/libdiscid-0.6.2/test/test.h
Examining data/libdiscid-0.6.2/test/test_read_full.c
Examining data/libdiscid-0.6.2/test/test.c
Examining data/libdiscid-0.6.2/test/test_core.c
Examining data/libdiscid-0.6.2/test/test_put.c
Examining data/libdiscid-0.6.2/examples/discisrc.c
Examining data/libdiscid-0.6.2/examples/discid.c
Examining data/libdiscid-0.6.2/examples/disc_metadata.c
Examining data/libdiscid-0.6.2/include/discid/discid.h
Examining data/libdiscid-0.6.2/include/discid/discid_private.h
Examining data/libdiscid-0.6.2/src/base64.c
Examining data/libdiscid-0.6.2/src/disc_solaris.c
Examining data/libdiscid-0.6.2/src/unix.c
Examining data/libdiscid-0.6.2/src/toc.c
Examining data/libdiscid-0.6.2/src/unix.h
Examining data/libdiscid-0.6.2/src/base64.h
Examining data/libdiscid-0.6.2/src/disc_generic.c
Examining data/libdiscid-0.6.2/src/disc_linux.c
Examining data/libdiscid-0.6.2/src/disc_darwin.c
Examining data/libdiscid-0.6.2/src/disc_bsd.c
Examining data/libdiscid-0.6.2/src/disc.c
Examining data/libdiscid-0.6.2/src/disc_win32.c
Examining data/libdiscid-0.6.2/src/sha1.c
Examining data/libdiscid-0.6.2/src/sha1.h
Examining data/libdiscid-0.6.2/src/ntddcdrm.h
FINAL RESULTS:
data/libdiscid-0.6.2/examples/discid.c:26:11: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
#define snprintf _snprintf
data/libdiscid-0.6.2/examples/discid.c:26:20: [4] (format) _snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
#define snprintf _snprintf
data/libdiscid-0.6.2/src/disc.c:446:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(toc, "%d%s%d%s%d",
data/libdiscid-0.6.2/src/disc.c:454:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(tmp, "%s%d", sep, d->track_offsets[i]);
data/libdiscid-0.6.2/src/disc.c:455:3: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(toc, tmp);
data/libdiscid-0.6.2/src/disc.c:466:3: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(buf, toc);
data/libdiscid-0.6.2/src/disc.c:481:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(buf, MB_SUBMISSION_URL);
data/libdiscid-0.6.2/src/disc.c:484:2: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(buf, discid_get_id((DiscId *) d));
data/libdiscid-0.6.2/src/disc.c:487:2: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(buf, tmp);
data/libdiscid-0.6.2/src/disc.c:500:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(buf, MB_WEBSERVICE_URL);
data/libdiscid-0.6.2/src/disc.c:503:2: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(buf, discid_get_id((DiscId *) d));
data/libdiscid-0.6.2/src/disc_darwin.c:76:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(device_path, _PATH_DEV);
data/libdiscid-0.6.2/src/disc_win32.c:26:11: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
#define snprintf _snprintf
data/libdiscid-0.6.2/src/disc_win32.c:26:20: [4] (format) _snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
#define snprintf _snprintf
data/libdiscid-0.6.2/src/toc.c:26:11: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
#define snprintf _snprintf
data/libdiscid-0.6.2/src/toc.c:26:20: [4] (format) _snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
#define snprintf _snprintf
data/libdiscid-0.6.2/examples/disc_metadata.c:140:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char error_msg[256];
data/libdiscid-0.6.2/examples/disc_metadata.c:142:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char * param_values[2] = {"", "recordings"};
data/libdiscid-0.6.2/examples/disc_metadata.c:145:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
drive = (char *) argv[1];
data/libdiscid-0.6.2/examples/discid.c:81:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char time_str[14];
data/libdiscid-0.6.2/examples/discisrc.c:30:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *features[DISCID_FEATURE_LENGTH];
data/libdiscid-0.6.2/include/discid/discid.h:468:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *features[DISCID_FEATURE_LENGTH]);
data/libdiscid-0.6.2/include/discid/discid_private.h:82:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char id[MB_DISC_ID_LENGTH+1];
data/libdiscid-0.6.2/include/discid/discid_private.h:83:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char freedb_id[FREEDB_DISC_ID_LENGTH+1];
data/libdiscid-0.6.2/include/discid/discid_private.h:84:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char submission_url[MB_MAX_URL_LENGTH+1];
data/libdiscid-0.6.2/include/discid/discid_private.h:85:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char webservice_url[MB_MAX_URL_LENGTH+1];
data/libdiscid-0.6.2/include/discid/discid_private.h:86:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char toc_string[MB_TOC_STRING_LENGTH+1];
data/libdiscid-0.6.2/include/discid/discid_private.h:87:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char error_msg[MB_ERROR_MSG_LENGTH+1];
data/libdiscid-0.6.2/include/discid/discid_private.h:88:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char isrc[100][ISRC_STR_LENGTH+1];
data/libdiscid-0.6.2/include/discid/discid_private.h:89:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char mcn[MCN_STR_LENGTH+1];
data/libdiscid-0.6.2/src/disc.c:120:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(disc->toc_string, toc, strlen(toc) + 1);
data/libdiscid-0.6.2/src/disc.c:195:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(disc->error_msg, "Illegal track limits");
data/libdiscid-0.6.2/src/disc.c:199:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(disc->error_msg, "No offsets given");
data/libdiscid-0.6.2/src/disc.c:204:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(disc->error_msg, "Disc too long");
data/libdiscid-0.6.2/src/disc.c:209:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(disc->error_msg, "Invalid offset");
data/libdiscid-0.6.2/src/disc.c:213:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(disc->error_msg, "Invalid order");
data/libdiscid-0.6.2/src/disc.c:221:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(disc->track_offsets, offsets, sizeof(int) * (last+1));
data/libdiscid-0.6.2/src/disc.c:323:30: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
void discid_get_feature_list(char *features[DISCID_FEATURE_LENGTH]) {
data/libdiscid-0.6.2/src/disc.c:365:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char digest[20], *base64;
data/libdiscid-0.6.2/src/disc.c:367:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmp[17]; /* for 8 hex digits (16 to avoid trouble) */
data/libdiscid-0.6.2/src/disc.c:375:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(tmp, "%02X", d->first_track_num);
data/libdiscid-0.6.2/src/disc.c:378:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(tmp, "%02X", d->last_track_num);
data/libdiscid-0.6.2/src/disc.c:382:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(tmp, "%08X", d->track_offsets[i]);
data/libdiscid-0.6.2/src/disc.c:390:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buf, base64, size);
data/libdiscid-0.6.2/src/disc.c:416:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, "%08x", ((n % 0xff) << 24 | t << 8 | d->last_track_num));
data/libdiscid-0.6.2/src/disc.c:428:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmp[16];
data/libdiscid-0.6.2/src/disc.c:465:3: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(buf, "&toc=");
data/libdiscid-0.6.2/src/disc.c:476:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmp[16];
data/libdiscid-0.6.2/src/disc.c:483:2: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(buf, "?id=");
data/libdiscid-0.6.2/src/disc.c:486:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(tmp, "&tracks=%d", d->last_track_num);
data/libdiscid-0.6.2/src/disc.c:502:2: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(buf, "?type=xml&discid=");
data/libdiscid-0.6.2/src/disc_bsd.c:169:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char device_name[MAX_DEV_LEN] = "";
data/libdiscid-0.6.2/src/disc_bsd.c:188:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char result[MAX_DEV_LEN + 1];
data/libdiscid-0.6.2/src/disc_darwin.c:227:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char device_name[MAXPATHLEN] = "\0";
data/libdiscid-0.6.2/src/disc_linux.c:60:21: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static THREAD_LOCAL char default_device[MAX_DEV_LEN] = "";
data/libdiscid-0.6.2/src/disc_linux.c:72:14: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
proc_file = fopen("/proc/sys/dev/cdrom/info", "r");
data/libdiscid-0.6.2/src/disc_linux.c:176:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char sense_buffer[SG_MAX_SENSE]; /* for "error situations" */
data/libdiscid-0.6.2/src/disc_linux.c:204:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char cmd[10];
data/libdiscid-0.6.2/src/disc_linux.c:205:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char data[24];
data/libdiscid-0.6.2/src/disc_linux.c:206:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[ISRC_STR_LENGTH+1];
data/libdiscid-0.6.2/src/disc_linux.c:257:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char device_name[MAX_DEV_LEN] = "";
data/libdiscid-0.6.2/src/disc_solaris.c:44:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char *device_candidates[NUM_CANDIDATES] = {"/vol/dev/aliases/cdrom0",
data/libdiscid-0.6.2/src/disc_win32.c:57:21: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static THREAD_LOCAL char default_device[MAX_DEV_LEN] = "\0";
data/libdiscid-0.6.2/src/disc_win32.c:65:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char filename[128];
data/libdiscid-0.6.2/src/disc_win32.c:69:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(filename, "\\\\.\\");
data/libdiscid-0.6.2/src/disc_win32.c:131:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmpDevice[MAX_DEV_LEN];
data/libdiscid-0.6.2/src/disc_win32.c:204:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tmpDevice[MAX_DEV_LEN];
data/libdiscid-0.6.2/src/sha1.c:220:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(((SHA_BYTE *) sha_info->data) + sha_info->local, buffer, i);
data/libdiscid-0.6.2/src/sha1.c:231:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(sha_info->data, buffer, SHA_BLOCKSIZE);
data/libdiscid-0.6.2/src/sha1.c:236:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(sha_info->data, buffer, count);
data/libdiscid-0.6.2/src/sha1.c:242:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
void sha_final(unsigned char digest[20], SHA_INFO *sha_info)
data/libdiscid-0.6.2/src/sha1.c:294:26: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
void sha_stream(unsigned char digest[20], SHA_INFO *sha_info, FILE *fin)
data/libdiscid-0.6.2/src/sha1.c:308:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
void sha_print(unsigned char digest[20])
data/libdiscid-0.6.2/src/unix.c:38:7: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fd = open(device, O_RDONLY | O_NONBLOCK);
data/libdiscid-0.6.2/src/unix.c:67:7: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fd = open(device, O_RDONLY | O_NONBLOCK);
data/libdiscid-0.6.2/test/test.c:28:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char details[DETAIL_LENGTH] = "\0";
data/libdiscid-0.6.2/test/test.h:24:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern char details[DETAIL_LENGTH];
data/libdiscid-0.6.2/test/test_core.c:43:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *features[DISCID_FEATURE_LENGTH];
data/libdiscid-0.6.2/examples/disc_metadata.c:43:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(buffer) > 0)
data/libdiscid-0.6.2/examples/disc_metadata.c:166:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(error_msg) > 0) {
data/libdiscid-0.6.2/src/disc.c:88:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(disc->id) == 0)
data/libdiscid-0.6.2/src/disc.c:103:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(disc->freedb_id) == 0)
data/libdiscid-0.6.2/src/disc.c:117:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( strlen(disc->toc_string) == 0 ) {
data/libdiscid-0.6.2/src/disc.c:120:34: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
memcpy(disc->toc_string, toc, strlen(toc) + 1);
data/libdiscid-0.6.2/src/disc.c:136:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(disc->submission_url) == 0)
data/libdiscid-0.6.2/src/disc.c:150:6: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(disc->webservice_url) == 0)
data/libdiscid-0.6.2/src/disc.c:376:42: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sha_update(&sha, (unsigned char *) tmp, strlen(tmp));
data/libdiscid-0.6.2/src/disc.c:379:42: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sha_update(&sha, (unsigned char *) tmp, strlen(tmp));
data/libdiscid-0.6.2/src/disc.c:383:43: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sha_update(&sha, (unsigned char *) tmp, strlen(tmp));
data/libdiscid-0.6.2/src/disc.c:439:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size *= (6 + strlen(sep));
data/libdiscid-0.6.2/src/disc_bsd.c:124:4: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy( disc->mcn,
data/libdiscid-0.6.2/src/disc_bsd.c:148:4: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy( disc->isrc[track_num],
data/libdiscid-0.6.2/src/disc_darwin.c:79:3: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(device_path, "r");
data/libdiscid-0.6.2/src/disc_darwin.c:80:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
dev_path_len = strlen(device_path);
data/libdiscid-0.6.2/src/disc_darwin.c:127:9: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy( disc->mcn, cd_read_mcn.mcn, MCN_STR_LENGTH );
data/libdiscid-0.6.2/src/disc_darwin.c:141:9: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy( disc->isrc[track], cd_read_isrc.isrc, ISRC_STR_LENGTH );
data/libdiscid-0.6.2/src/disc_linux.c:83:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for (i = 0; i < strlen(lineptr); i++) {
data/libdiscid-0.6.2/src/disc_linux.c:104:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (return_value && device[strlen(device)-1] == '\n') {
data/libdiscid-0.6.2/src/disc_linux.c:105:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
device[strlen(device)-1] = '\0';
data/libdiscid-0.6.2/src/disc_linux.c:167:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy( disc->mcn,
data/libdiscid-0.6.2/src/disc_linux.c:239:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(disc->isrc[track_num], buffer, ISRC_STR_LENGTH);
data/libdiscid-0.6.2/src/disc_win32.c:70:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(device);
data/libdiscid-0.6.2/src/disc_win32.c:75:2: [1] (buffer) strncat:
Easily used incorrectly (e.g., incorrectly computing the correct maximum
size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf,
or automatically resizing strings.
strncat(filename, device, len > 120 ? 120 : len);
data/libdiscid-0.6.2/src/disc_win32.c:104:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(disc->mcn, (char *) data.MediaCatalog.MediaCatalog,
data/libdiscid-0.6.2/src/disc_win32.c:124:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(disc->isrc[track], (char *) data.TrackIsrc.TrackIsrc,
data/libdiscid-0.6.2/src/disc_win32.c:140:6: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(device, tmpDevice, device_length);
data/libdiscid-0.6.2/test/test.c:43:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(details)) {
data/libdiscid-0.6.2/test/test_core.c:49:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
evaluate(strlen(discid_get_version_string()) > 0);
data/libdiscid-0.6.2/test/test_core.c:70:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
evaluate(strlen(discid_get_default_device()) > 0);
data/libdiscid-0.6.2/test/test_core.c:83:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
evaluate(strlen(discid_get_error_msg(d)) == 0);
data/libdiscid-0.6.2/test/test_core.c:85:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
evaluate(strlen(discid_get_error_msg(d)) > 0);
data/libdiscid-0.6.2/test/test_put.c:76:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
&& strlen(discid_get_error_msg(d)) > 0
data/libdiscid-0.6.2/test/test_put.c:78:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
&& strlen(discid_get_error_msg(d)) > 0
data/libdiscid-0.6.2/test/test_put.c:80:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
&& strlen(discid_get_error_msg(d)) > 0);
data/libdiscid-0.6.2/test/test_put.c:85:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
&& strlen(discid_get_error_msg(d)) == 0);
data/libdiscid-0.6.2/test/test_put.c:107:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
evaluate(strlen(discid_get_error_msg(d)) == 0);
data/libdiscid-0.6.2/test/test_read.c:60:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
evaluate(strlen(error_msg) > 0);
data/libdiscid-0.6.2/test/test_read.c:71:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
evaluate(strlen(discid_get_default_device()) > 0);
data/libdiscid-0.6.2/test/test_read.c:74:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
evaluate(equal_int(strlen(discid_get_id(d)), 28));
data/libdiscid-0.6.2/test/test_read.c:77:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
evaluate(equal_int(strlen(discid_get_freedb_id(d)), 8));
data/libdiscid-0.6.2/test/test_read.c:80:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
evaluate(strlen(discid_get_toc_string(d)) > 0);
data/libdiscid-0.6.2/test/test_read.c:83:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
evaluate(strlen(discid_get_submission_url(d)) > 0);
data/libdiscid-0.6.2/test/test_read.c:115:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
evaluate(strlen(discid_get_mcn(d)) == 0);
data/libdiscid-0.6.2/test/test_read.c:120:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(discid_get_track_isrc(d, i)) == 0) {
data/libdiscid-0.6.2/test/test_read.c:143:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
evaluate(strlen(discid_get_error_msg(d)) == 0);
data/libdiscid-0.6.2/test/test_read_full.c:59:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
evaluate(strlen(error_msg) > 0);
data/libdiscid-0.6.2/test/test_read_full.c:70:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
evaluate(equal_int(strlen(discid_get_id(d)), 28));
data/libdiscid-0.6.2/test/test_read_full.c:73:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
evaluate(strlen(discid_get_toc_string(d)) > 0);
data/libdiscid-0.6.2/test/test_read_full.c:76:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
evaluate(strlen(discid_get_submission_url(d)) > 0);
data/libdiscid-0.6.2/test/test_read_full.c:85:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
evaluate(strlen(mcn) == 0 || strlen(mcn) == 13);
data/libdiscid-0.6.2/test/test_read_full.c:85:32: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
evaluate(strlen(mcn) == 0 || strlen(mcn) == 13);
data/libdiscid-0.6.2/test/test_read_full.c:87:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
evaluate(strlen(mcn) == 0);
data/libdiscid-0.6.2/test/test_read_full.c:96:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(isrc) == 12) {
data/libdiscid-0.6.2/test/test_read_full.c:98:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
} else if (strlen(isrc) != 0) {
data/libdiscid-0.6.2/test/test_read_full.c:110:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
evaluate(strlen(discid_get_error_msg(d)) == 0);
ANALYSIS SUMMARY:
Hits = 135
Lines analyzed = 4509 in approximately 0.15 seconds (29703 lines/second)
Physical Source Lines of Code (SLOC) = 2547
Hits@level = [0] 73 [1] 57 [2] 62 [3] 0 [4] 16 [5] 0
Hits@level+ = [0+] 208 [1+] 135 [2+] 78 [3+] 16 [4+] 16 [5+] 0
Hits/KSLOC@level+ = [0+] 81.6647 [1+] 53.0035 [2+] 30.6243 [3+] 6.2819 [4+] 6.2819 [5+] 0
Dot directories skipped = 1 (--followdotdir overrides)
Minimum risk level = 1
Not every hit is necessarily a security vulnerability.
There may be other security vulnerabilities; review your code!
See 'Secure Programming HOWTO'
(https://dwheeler.com/secure-programs) for more information.