Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler.
Number of rules (primarily dangerous function names) in C/C++ ruleset: 223
Examining data/libfprint-1.90.3/demo/gtk-libfprint-test.c
Examining data/libfprint-1.90.3/examples/cpp-test.cpp
Examining data/libfprint-1.90.3/examples/enroll.c
Examining data/libfprint-1.90.3/examples/img-capture.c
Examining data/libfprint-1.90.3/examples/manage-prints.c
Examining data/libfprint-1.90.3/examples/storage.c
Examining data/libfprint-1.90.3/examples/storage.h
Examining data/libfprint-1.90.3/examples/utilities.c
Examining data/libfprint-1.90.3/examples/utilities.h
Examining data/libfprint-1.90.3/examples/verify.c
Examining data/libfprint-1.90.3/libfprint/drivers/aes1610.c
Examining data/libfprint-1.90.3/libfprint/drivers/aes1660.c
Examining data/libfprint-1.90.3/libfprint/drivers/aes1660.h
Examining data/libfprint-1.90.3/libfprint/drivers/aes2501.c
Examining data/libfprint-1.90.3/libfprint/drivers/aes2501.h
Examining data/libfprint-1.90.3/libfprint/drivers/aes2550.c
Examining data/libfprint-1.90.3/libfprint/drivers/aes2550.h
Examining data/libfprint-1.90.3/libfprint/drivers/aes2660.c
Examining data/libfprint-1.90.3/libfprint/drivers/aes2660.h
Examining data/libfprint-1.90.3/libfprint/drivers/aes3500.c
Examining data/libfprint-1.90.3/libfprint/drivers/aes3k.c
Examining data/libfprint-1.90.3/libfprint/drivers/aes3k.h
Examining data/libfprint-1.90.3/libfprint/drivers/aes4000.c
Examining data/libfprint-1.90.3/libfprint/drivers/aeslib.c
Examining data/libfprint-1.90.3/libfprint/drivers/aeslib.h
Examining data/libfprint-1.90.3/libfprint/drivers/aesx660.c
Examining data/libfprint-1.90.3/libfprint/drivers/aesx660.h
Examining data/libfprint-1.90.3/libfprint/drivers/elan.c
Examining data/libfprint-1.90.3/libfprint/drivers/elan.h
Examining data/libfprint-1.90.3/libfprint/drivers/etes603.c
Examining data/libfprint-1.90.3/libfprint/drivers/goodixmoc/goodix.c
Examining data/libfprint-1.90.3/libfprint/drivers/goodixmoc/goodix.h
Examining data/libfprint-1.90.3/libfprint/drivers/goodixmoc/goodix_proto.c
Examining data/libfprint-1.90.3/libfprint/drivers/goodixmoc/goodix_proto.h
Examining data/libfprint-1.90.3/libfprint/drivers/synaptics/bmkt.h
Examining data/libfprint-1.90.3/libfprint/drivers/synaptics/bmkt_message.c
Examining data/libfprint-1.90.3/libfprint/drivers/synaptics/bmkt_message.h
Examining data/libfprint-1.90.3/libfprint/drivers/synaptics/bmkt_response.h
Examining data/libfprint-1.90.3/libfprint/drivers/synaptics/sensor.h
Examining data/libfprint-1.90.3/libfprint/drivers/synaptics/synaptics.c
Examining data/libfprint-1.90.3/libfprint/drivers/synaptics/synaptics.h
Examining data/libfprint-1.90.3/libfprint/drivers/upek_proto.c
Examining data/libfprint-1.90.3/libfprint/drivers/upek_proto.h
Examining data/libfprint-1.90.3/libfprint/drivers/upeksonly.c
Examining data/libfprint-1.90.3/libfprint/drivers/upeksonly.h
Examining data/libfprint-1.90.3/libfprint/drivers/upektc.c
Examining data/libfprint-1.90.3/libfprint/drivers/upektc.h
Examining data/libfprint-1.90.3/libfprint/drivers/upektc_img.c
Examining data/libfprint-1.90.3/libfprint/drivers/upektc_img.h
Examining data/libfprint-1.90.3/libfprint/drivers/upekts.c
Examining data/libfprint-1.90.3/libfprint/drivers/uru4000.c
Examining data/libfprint-1.90.3/libfprint/drivers/vcom5s.c
Examining data/libfprint-1.90.3/libfprint/drivers/vfs0050.c
Examining data/libfprint-1.90.3/libfprint/drivers/vfs0050.h
Examining data/libfprint-1.90.3/libfprint/drivers/vfs101.c
Examining data/libfprint-1.90.3/libfprint/drivers/vfs301.c
Examining data/libfprint-1.90.3/libfprint/drivers/vfs301.h
Examining data/libfprint-1.90.3/libfprint/drivers/vfs301_proto.c
Examining data/libfprint-1.90.3/libfprint/drivers/vfs301_proto_fragments.h
Examining data/libfprint-1.90.3/libfprint/drivers/vfs5011.c
Examining data/libfprint-1.90.3/libfprint/drivers/vfs5011_proto.h
Examining data/libfprint-1.90.3/libfprint/drivers/virtual-image.c
Examining data/libfprint-1.90.3/libfprint/drivers_api.h
Examining data/libfprint-1.90.3/libfprint/fp-context.c
Examining data/libfprint-1.90.3/libfprint/fp-context.h
Examining data/libfprint-1.90.3/libfprint/fp-device-private.h
Examining data/libfprint-1.90.3/libfprint/fp-device.c
Examining data/libfprint-1.90.3/libfprint/fp-device.h
Examining data/libfprint-1.90.3/libfprint/fp-image-device-private.h
Examining data/libfprint-1.90.3/libfprint/fp-image-device.c
Examining data/libfprint-1.90.3/libfprint/fp-image-device.h
Examining data/libfprint-1.90.3/libfprint/fp-image.c
Examining data/libfprint-1.90.3/libfprint/fp-image.h
Examining data/libfprint-1.90.3/libfprint/fp-print-private.h
Examining data/libfprint-1.90.3/libfprint/fp-print.c
Examining data/libfprint-1.90.3/libfprint/fp-print.h
Examining data/libfprint-1.90.3/libfprint/fpi-assembling.c
Examining data/libfprint-1.90.3/libfprint/fpi-assembling.h
Examining data/libfprint-1.90.3/libfprint/fpi-byte-reader.c
Examining data/libfprint-1.90.3/libfprint/fpi-byte-reader.h
Examining data/libfprint-1.90.3/libfprint/fpi-byte-utils.h
Examining data/libfprint-1.90.3/libfprint/fpi-byte-writer.c
Examining data/libfprint-1.90.3/libfprint/fpi-byte-writer.h
Examining data/libfprint-1.90.3/libfprint/fpi-compat.h
Examining data/libfprint-1.90.3/libfprint/fpi-context.h
Examining data/libfprint-1.90.3/libfprint/fpi-device.c
Examining data/libfprint-1.90.3/libfprint/fpi-device.h
Examining data/libfprint-1.90.3/libfprint/fpi-image-device.c
Examining data/libfprint-1.90.3/libfprint/fpi-image-device.h
Examining data/libfprint-1.90.3/libfprint/fpi-image.c
Examining data/libfprint-1.90.3/libfprint/fpi-image.h
Examining data/libfprint-1.90.3/libfprint/fpi-log.h
Examining data/libfprint-1.90.3/libfprint/fpi-minutiae.h
Examining data/libfprint-1.90.3/libfprint/fpi-print.c
Examining data/libfprint-1.90.3/libfprint/fpi-print.h
Examining data/libfprint-1.90.3/libfprint/fpi-ssm.c
Examining data/libfprint-1.90.3/libfprint/fpi-ssm.h
Examining data/libfprint-1.90.3/libfprint/fpi-usb-transfer.c
Examining data/libfprint-1.90.3/libfprint/fpi-usb-transfer.h
Examining data/libfprint-1.90.3/libfprint/fprint-list-supported-devices.c
Examining data/libfprint-1.90.3/libfprint/fprint.h
Examining data/libfprint-1.90.3/libfprint/nbis/bozorth3/bozorth3.c
Examining data/libfprint-1.90.3/libfprint/nbis/bozorth3/bz_alloc.c
Examining data/libfprint-1.90.3/libfprint/nbis/bozorth3/bz_drvrs.c
Examining data/libfprint-1.90.3/libfprint/nbis/bozorth3/bz_gbls.c
Examining data/libfprint-1.90.3/libfprint/nbis/bozorth3/bz_io.c
Examining data/libfprint-1.90.3/libfprint/nbis/bozorth3/bz_sort.c
Examining data/libfprint-1.90.3/libfprint/nbis/include/bozorth.h
Examining data/libfprint-1.90.3/libfprint/nbis/include/bz_array.h
Examining data/libfprint-1.90.3/libfprint/nbis/include/defs.h
Examining data/libfprint-1.90.3/libfprint/nbis/include/lfs.h
Examining data/libfprint-1.90.3/libfprint/nbis/include/log.h
Examining data/libfprint-1.90.3/libfprint/nbis/include/morph.h
Examining data/libfprint-1.90.3/libfprint/nbis/include/mytime.h
Examining data/libfprint-1.90.3/libfprint/nbis/include/sunrast.h
Examining data/libfprint-1.90.3/libfprint/nbis/libfprint-include/nbis-helpers.h
Examining data/libfprint-1.90.3/libfprint/nbis/libfprint-include/nbis.h
Examining data/libfprint-1.90.3/libfprint/nbis/mindtct/binar.c
Examining data/libfprint-1.90.3/libfprint/nbis/mindtct/block.c
Examining data/libfprint-1.90.3/libfprint/nbis/mindtct/chaincod.c
Examining data/libfprint-1.90.3/libfprint/nbis/mindtct/contour.c
Examining data/libfprint-1.90.3/libfprint/nbis/mindtct/detect.c
Examining data/libfprint-1.90.3/libfprint/nbis/mindtct/dft.c
Examining data/libfprint-1.90.3/libfprint/nbis/mindtct/free.c
Examining data/libfprint-1.90.3/libfprint/nbis/mindtct/getmin.c
Examining data/libfprint-1.90.3/libfprint/nbis/mindtct/globals.c
Examining data/libfprint-1.90.3/libfprint/nbis/mindtct/imgutil.c
Examining data/libfprint-1.90.3/libfprint/nbis/mindtct/init.c
Examining data/libfprint-1.90.3/libfprint/nbis/mindtct/line.c
Examining data/libfprint-1.90.3/libfprint/nbis/mindtct/link.c
Examining data/libfprint-1.90.3/libfprint/nbis/mindtct/log.c
Examining data/libfprint-1.90.3/libfprint/nbis/mindtct/loop.c
Examining data/libfprint-1.90.3/libfprint/nbis/mindtct/maps.c
Examining data/libfprint-1.90.3/libfprint/nbis/mindtct/matchpat.c
Examining data/libfprint-1.90.3/libfprint/nbis/mindtct/minutia.c
Examining data/libfprint-1.90.3/libfprint/nbis/mindtct/morph.c
Examining data/libfprint-1.90.3/libfprint/nbis/mindtct/quality.c
Examining data/libfprint-1.90.3/libfprint/nbis/mindtct/remove.c
Examining data/libfprint-1.90.3/libfprint/nbis/mindtct/ridges.c
Examining data/libfprint-1.90.3/libfprint/nbis/mindtct/shape.c
Examining data/libfprint-1.90.3/libfprint/nbis/mindtct/sort.c
Examining data/libfprint-1.90.3/libfprint/nbis/mindtct/util.c
Examining data/libfprint-1.90.3/libfprint/nbis/mindtct/xytreps.c
Examining data/libfprint-1.90.3/libfprint/fprint-list-udev-rules.c
Examining data/libfprint-1.90.3/tests/test-device-fake.c
Examining data/libfprint-1.90.3/tests/test-device-fake.h
Examining data/libfprint-1.90.3/tests/test-fp-context.c
Examining data/libfprint-1.90.3/tests/test-fp-device.c
Examining data/libfprint-1.90.3/tests/test-fpi-assembling.c
Examining data/libfprint-1.90.3/tests/test-fpi-device.c
Examining data/libfprint-1.90.3/tests/test-fpi-ssm.c
Examining data/libfprint-1.90.3/tests/test-utils.c
Examining data/libfprint-1.90.3/tests/test-utils.h
FINAL RESULTS:
data/libfprint-1.90.3/libfprint/nbis/include/mytime.h:79:5: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(_fp_, _fmt_, _var_);
data/libfprint-1.90.3/libfprint/fpi-print.c:298:15: [3] (random) g_random_int:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
rand_id = g_random_int ();
data/libfprint-1.90.3/tests/test-fpi-device.c:208:25: [3] (random) g_random_int_range:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
int expected_stages = g_random_int_range (G_MININT32, G_MAXINT32);
data/libfprint-1.90.3/tests/test-fpi-device.c:222:25: [3] (random) g_random_int_range:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
int expected_stages = g_random_int_range (G_MININT32, G_MAXINT32);
data/libfprint-1.90.3/tests/test-fpi-device.c:278:17: [3] (random) g_random_int:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
driver_data = g_random_int ();
data/libfprint-1.90.3/tests/test-fpi-device.c:598:5: [3] (random) g_random_int_range:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
g_random_int_range (fp_device_get_nr_enroll_stages (device), G_MAXINT32);
data/libfprint-1.90.3/tests/test-fpi-device.c:612:5: [3] (random) g_random_int_range:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
g_random_int_range (fp_device_get_nr_enroll_stages (device), G_MAXINT32);
data/libfprint-1.90.3/tests/test-fpi-device.c:622:5: [3] (random) g_random_int_range:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
g_random_int_range (fp_device_get_nr_enroll_stages (device), G_MAXINT32);
data/libfprint-1.90.3/tests/test-fpi-device.c:636:5: [3] (random) g_random_int_range:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
g_random_int_range (fp_device_get_nr_enroll_stages (device), G_MAXINT32);
data/libfprint-1.90.3/tests/test-fpi-device.c:660:33: [3] (random) g_random_int_range:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
dev_class->nr_enroll_stages = g_random_int_range (10, G_MAXINT32);
data/libfprint-1.90.3/tests/test-fpi-device.c:1100:49: [3] (random) g_random_int_range:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
expected_matched = g_ptr_array_index (prints, g_random_int_range (0, 499));
data/libfprint-1.90.3/tests/test-fpi-device.c:1176:49: [3] (random) g_random_int_range:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
expected_matched = g_ptr_array_index (prints, g_random_int_range (0, 499));
data/libfprint-1.90.3/tests/test-fpi-device.c:1214:49: [3] (random) g_random_int_range:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
expected_matched = g_ptr_array_index (prints, g_random_int_range (0, 499));
data/libfprint-1.90.3/examples/manage-prints.c:151:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[128];
data/libfprint-1.90.3/examples/storage.c:186:14: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE *fd = fopen (path, "w");
data/libfprint-1.90.3/examples/verify.c:88:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[20];
data/libfprint-1.90.3/examples/verify.c:133:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char date_str[128];
data/libfprint-1.90.3/libfprint/drivers/aes1610.c:387:17: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static unsigned char list_BE_values[10] = {
data/libfprint-1.90.3/libfprint/drivers/aes1610.c:393:17: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static unsigned char list_BD_values[10] = {
data/libfprint-1.90.3/libfprint/drivers/aes1610.c:585:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (stripdata, data + 1, FRAME_WIDTH * (FRAME_HEIGHT / 2));
data/libfprint-1.90.3/libfprint/drivers/aes2501.c:483:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (stripdata, data + 1, 192 * 8);
data/libfprint-1.90.3/libfprint/drivers/aes2550.c:210:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (stripdata, data + 33, FRAME_WIDTH * FRAME_HEIGHT / 2);
data/libfprint-1.90.3/libfprint/drivers/aesx660.c:308:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (stripdata, data + AESX660_IMAGE_OFFSET, cls->assembling_ctx->frame_width * FRAME_HEIGHT / 2);
data/libfprint-1.90.3/libfprint/drivers/elan.c:285:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (sorted, raw_frame, frame_size * sizeof (short));
data/libfprint-1.90.3/libfprint/drivers/elan.h:75:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char cmd[ELAN_CMD_LEN];
data/libfprint-1.90.3/libfprint/drivers/etes603.c:850:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (self->fp + self->fp_height * FE_WIDTH / 2, self->ans,
data/libfprint-1.90.3/libfprint/drivers/goodixmoc/goodix.c:519:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (&buffer[offset], tid, MIN (tid_len, TEMPLATE_ID_SIZE));
data/libfprint-1.90.3/libfprint/drivers/goodixmoc/goodix.c:523:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (&buffer[offset], uid, uid_len);
data/libfprint-1.90.3/libfprint/drivers/goodixmoc/goodix.c:599:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (self->template_id, resp->enroll_init.tid, TEMPLATE_ID_SIZE);
data/libfprint-1.90.3/libfprint/drivers/goodixmoc/goodix_proto.c:145:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (md, &ctx->crc, 4);
data/libfprint-1.90.3/libfprint/drivers/goodixmoc/goodix_proto.c:210:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (ppackage, &header, PACKAGE_HEADER_SIZE);
data/libfprint-1.90.3/libfprint/drivers/goodixmoc/goodix_proto.c:211:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (ppackage + PACKAGE_HEADER_SIZE, payload, payload_size);
data/libfprint-1.90.3/libfprint/drivers/goodixmoc/goodix_proto.c:230:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (pheader, buffer, sizeof (pack_header));
data/libfprint-1.90.3/libfprint/drivers/goodixmoc/goodix_proto.c:264:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (template->accountid, &buffer[Offset], 32);
data/libfprint-1.90.3/libfprint/drivers/goodixmoc/goodix_proto.c:267:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (template->tid, &buffer[Offset], 32);
data/libfprint-1.90.3/libfprint/drivers/goodixmoc/goodix_proto.c:272:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (template->payload.data, &buffer[Offset], template->payload.size);
data/libfprint-1.90.3/libfprint/drivers/goodixmoc/goodix_proto.c:302:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (&presp->version_info, buffer + 1, sizeof (gxfp_version_info_t));
data/libfprint-1.90.3/libfprint/drivers/goodixmoc/goodix_proto.c:315:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (&presp->enroll_init.tid, &buffer[1], TEMPLATE_ID_SIZE);
data/libfprint-1.90.3/libfprint/drivers/goodixmoc/goodix_proto.c:329:11: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (&presp->check_duplicate_resp.template, buffer + 3, tid_size);
data/libfprint-1.90.3/libfprint/drivers/goodixmoc/goodix_proto.c:414:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (&pconfig->config, sensor_config, 26);
data/libfprint-1.90.3/libfprint/drivers/goodixmoc/goodix_proto.c:419:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (pconfig->crc_value, &crc32_calc, PACKAGE_CRC_SIZE);
data/libfprint-1.90.3/libfprint/drivers/synaptics/bmkt_message.c:105:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (enroll_resp->user_id, &msg_resp->payload[1], msg_resp->payload_len - 1);
data/libfprint-1.90.3/libfprint/drivers/synaptics/bmkt_message.c:120:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (id_resp->user_id, &msg_resp->payload[3], msg_resp->payload_len - 3);
data/libfprint-1.90.3/libfprint/drivers/synaptics/bmkt_message.c:236:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (get_version_resp->part, msg_resp->payload, BMKT_PART_NUM_LEN);
data/libfprint-1.90.3/libfprint/drivers/synaptics/bmkt_message.c:241:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (get_version_resp->supplier_id, msg_resp->payload + offset, BMKT_SUPPLIER_ID_LEN);
data/libfprint-1.90.3/libfprint/drivers/synaptics/bmkt_message.c:259:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (&cmd[BMKT_MESSAGE_PAYLOAD_FIELD], payload, payload_size);
data/libfprint-1.90.3/libfprint/drivers/synaptics/synaptics.c:811:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (payload + 2, user_id, user_id_len);
data/libfprint-1.90.3/libfprint/drivers/synaptics/synaptics.c:883:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (payload + 1, user_id, user_id_len);
data/libfprint-1.90.3/libfprint/drivers/upeksonly.c:344:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (self->rowbuf + self->rowbuf_offset, data, size);
data/libfprint-1.90.3/libfprint/drivers/upeksonly.c:357:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (self->rowbuf, data, size);
data/libfprint-1.90.3/libfprint/drivers/upeksonly.c:386:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char dummy_data[62];
data/libfprint-1.90.3/libfprint/drivers/upeksonly.c:415:23: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (dummy_data,
data/libfprint-1.90.3/libfprint/drivers/upeksonly.c:421:23: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (dummy_data,
data/libfprint-1.90.3/libfprint/drivers/upeksonly.c:424:23: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (dummy_data + row_left, last_row, 62 - row_left);
data/libfprint-1.90.3/libfprint/drivers/upektc.c:274:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (img->data, transfer->buffer, IMAGE_SIZE);
data/libfprint-1.90.3/libfprint/drivers/upektc.h:33:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char cmd[0x40];
data/libfprint-1.90.3/libfprint/drivers/upektc.h:1928:23: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char scan_cmd[0x40] = {
data/libfprint-1.90.3/libfprint/drivers/upektc_img.c:46:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char cmd[MAX_CMD_SIZE];
data/libfprint-1.90.3/libfprint/drivers/upektc_img.c:47:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char response[MAX_RESPONSE_SIZE];
data/libfprint-1.90.3/libfprint/drivers/upektc_img.c:94:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (self->cmd, buf, buf_size);
data/libfprint-1.90.3/libfprint/drivers/upektc_img.c:172:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (image_buf, cmd_res + offset, len);
data/libfprint-1.90.3/libfprint/drivers/upektc_img.c:314:11: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (img->data, self->image_bits,
data/libfprint-1.90.3/libfprint/drivers/upekts.c:117:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (transfer->buffer, ciao, strlen (ciao));
data/libfprint-1.90.3/libfprint/drivers/upekts.c:124:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (transfer->buffer + 7, data, len);
data/libfprint-1.90.3/libfprint/drivers/upekts.c:154:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (buf + 6, data, innerlen);
data/libfprint-1.90.3/libfprint/drivers/upekts.c:1303:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (msg, verify_hdr, sizeof (verify_hdr));
data/libfprint-1.90.3/libfprint/drivers/upekts.c:1304:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (msg + sizeof (verify_hdr), data, data_len);
data/libfprint-1.90.3/libfprint/drivers/uru4000.c:126:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char last_reg_rd[16];
data/libfprint-1.90.3/libfprint/drivers/uru4000.c:182:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (transfer->buffer, values, num_regs);
data/libfprint-1.90.3/libfprint/drivers/uru4000.c:253:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char respdata[CR_LENGTH];
data/libfprint-1.90.3/libfprint/drivers/uru4000.c:484:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (self->last_reg_rd, transfer->buffer, transfer->actual_length);
data/libfprint-1.90.3/libfprint/drivers/uru4000.c:659:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buf[5];
data/libfprint-1.90.3/libfprint/drivers/uru4000.c:764:11: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (&fpimg->data[to], &img->data[r][0],
data/libfprint-1.90.3/libfprint/drivers/vfs0050.h:72:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char data[VFS_IMAGE_WIDTH];
data/libfprint-1.90.3/libfprint/drivers/vfs0050.h:75:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char next_line_part[VFS_NEXT_LINE_WIDTH];
data/libfprint-1.90.3/libfprint/drivers/vfs0050.h:78:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char scan_data[8];
data/libfprint-1.90.3/libfprint/drivers/vfs0050.h:108:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char interrupt[8];
data/libfprint-1.90.3/libfprint/drivers/vfs101.c:408:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (self->buffer, data, length);
data/libfprint-1.90.3/libfprint/drivers/vfs101.c:424:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char data[2][0x0e] = {
data/libfprint-1.90.3/libfprint/drivers/vfs101.c:448:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char data[0x0a] = { 0x00, 0x00, 0x00, 0x00, 0x05, 0x00, 0x00, 0x00, 0x00, 0x00 };
data/libfprint-1.90.3/libfprint/drivers/vfs101.c:467:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char data[0x06] = { 0x00, 0x00, 0x00, 0x00, 0x0E, 0x00 };
data/libfprint-1.90.3/libfprint/drivers/vfs101.c:483:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char data[0x0f] = { 0x00, 0x00, 0x00, 0x00, 0x13, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 };
data/libfprint-1.90.3/libfprint/drivers/vfs101.c:507:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char data[0x06] = { 0x00, 0x00, 0x00, 0x00, 0x16, 0x00 };
data/libfprint-1.90.3/libfprint/drivers/vfs101.c:627:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (img_buffer, vdev_buffer, VFS_IMG_WIDTH);
data/libfprint-1.90.3/libfprint/drivers/vfs301.h:97:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char flags[3];
data/libfprint-1.90.3/libfprint/drivers/vfs301.h:101:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char scan[VFS301_FP_WIDTH];
data/libfprint-1.90.3/libfprint/drivers/vfs301.h:112:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char sync_0x08[2]; /* XXX: always? 0x08 0x08 */
data/libfprint-1.90.3/libfprint/drivers/vfs301.h:117:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char scan[VFS301_FP_WIDTH];
data/libfprint-1.90.3/libfprint/drivers/vfs301.h:122:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char mirror[64];
data/libfprint-1.90.3/libfprint/drivers/vfs301.h:125:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char sum1[2];
data/libfprint-1.90.3/libfprint/drivers/vfs301.h:126:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char sum2[11];
data/libfprint-1.90.3/libfprint/drivers/vfs301.h:127:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char sum3[3];
data/libfprint-1.90.3/libfprint/drivers/vfs301_proto.c:356:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (output, scanlines, VFS301_FP_OUTPUT_WIDTH);
data/libfprint-1.90.3/libfprint/drivers/vfs301_proto.c:369:11: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (
data/libfprint-1.90.3/libfprint/drivers/vfs301_proto.c:413:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (cur_line, lines[i].scan, VFS301_FP_OUTPUT_WIDTH);
data/libfprint-1.90.3/libfprint/drivers/vfs301_proto.c:415:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (cur_line, &lines[i], VFS301_FP_OUTPUT_WIDTH);
data/libfprint-1.90.3/libfprint/fp-device.c:607:33: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FP_DEVICE_GET_CLASS (device)->open (device);
data/libfprint-1.90.3/libfprint/fp-image.c:221:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char rowbuf[width];
data/libfprint-1.90.3/libfprint/fp-image.c:230:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (rowbuf, data + offset, width);
data/libfprint-1.90.3/libfprint/fp-image.c:233:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (data + offset, data + swap_offset, width);
data/libfprint-1.90.3/libfprint/fp-image.c:236:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (data + swap_offset, rowbuf, width);
data/libfprint-1.90.3/libfprint/fp-image.c:243:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char rowbuf[width];
data/libfprint-1.90.3/libfprint/fp-image.c:250:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (rowbuf, data + offset, width);
data/libfprint-1.90.3/libfprint/fp-image.c:452:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (data->image, self->data, self->width * self->height);
data/libfprint-1.90.3/libfprint/fp-print.c:783:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (aligned_data, data + 3, length - 3);
data/libfprint-1.90.3/libfprint/fp-print.c:853:11: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (xyt->xcol, xcol, sizeof (xcol[0]) * xlen);
data/libfprint-1.90.3/libfprint/fp-print.c:854:11: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (xyt->ycol, ycol, sizeof (xcol[0]) * xlen);
data/libfprint-1.90.3/libfprint/fp-print.c:855:11: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (xyt->thetacol, thetacol, sizeof (xcol[0]) * xlen);
data/libfprint-1.90.3/libfprint/fpi-assembling.h:38:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char data[0];
data/libfprint-1.90.3/libfprint/fpi-byte-writer.h:311:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy ((guint8 *) & writer->parent.data[writer->parent.byte], data, size);
data/libfprint-1.90.3/libfprint/fpi-device.h:122:10: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
void (*open) (FpDevice *device);
data/libfprint-1.90.3/libfprint/fpi-image.c:142:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (newimg->data, pixman_image_get_data (resized), new_width * new_height);
data/libfprint-1.90.3/libfprint/nbis/bozorth3/bz_io.c:103:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char program_buffer[ 1024 ];
data/libfprint-1.90.3/libfprint/nbis/mindtct/detect.c:211:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pdata, idata, iw*ih);
data/libfprint-1.90.3/libfprint/nbis/mindtct/imgutil.c:203:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pptr, iptr, iw);
data/libfprint-1.90.3/libfprint/nbis/mindtct/maps.c:628:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(direction_map, omap, mw*mh*sizeof(int));
data/libfprint-1.90.3/libfprint/nbis/mindtct/morph.c:94:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(out, inp, iw*ih);
data/libfprint-1.90.3/libfprint/nbis/mindtct/morph.c:134:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(out, inp, iw*ih);
data/libfprint-1.90.3/tests/test-fpi-device.c:397:58: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
g_assert (fake_dev->last_called_function == dev_class->open);
data/libfprint-1.90.3/tests/test-fpi-device.c:415:58: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
g_assert (fake_dev->last_called_function == dev_class->open);
data/libfprint-1.90.3/tests/test-fpi-device.c:1921:63: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
g_assert_true (fake_dev->last_called_function == dev_class->open);
data/libfprint-1.90.3/tests/test-fpi-device.c:1996:63: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
g_assert_true (fake_dev->last_called_function == dev_class->open);
data/libfprint-1.90.3/examples/enroll.c:174:3: [1] (buffer) getchar:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
getchar ();
data/libfprint-1.90.3/libfprint/drivers/goodixmoc/goodix.c:860:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
user_id_len = strlen (user_id);
data/libfprint-1.90.3/libfprint/drivers/synaptics/synaptics.c:785:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
user_id_len = strlen (user_id);
data/libfprint-1.90.3/libfprint/drivers/upekts.c:117:35: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
memcpy (transfer->buffer, ciao, strlen (ciao));
data/libfprint-1.90.3/libfprint/drivers/vfs301_proto.c:175:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
tmp = strlen (src);
data/libfprint-1.90.3/libfprint/fpi-print.c:326:45: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (g_str_has_prefix (user_id, "FP1-") && strlen (user_id) >= 24 &&
data/libfprint-1.90.3/libfprint/fpi-print.c:355:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen (username) > 0 && g_strcmp0 (username, "nobody") != 0)
ANALYSIS SUMMARY:
Hits = 129
Lines analyzed = 79479 in approximately 2.86 seconds (27782 lines/second)
Physical Source Lines of Code (SLOC) = 52866
Hits@level = [0] 117 [1] 7 [2] 109 [3] 12 [4] 1 [5] 0
Hits@level+ = [0+] 246 [1+] 129 [2+] 122 [3+] 13 [4+] 1 [5+] 0
Hits/KSLOC@level+ = [0+] 4.65327 [1+] 2.44013 [2+] 2.30772 [3+] 0.245905 [4+] 0.0189157 [5+] 0
Dot directories skipped = 3 (--followdotdir overrides)
Minimum risk level = 1
Not every hit is necessarily a security vulnerability.
There may be other security vulnerabilities; review your code!
See 'Secure Programming HOWTO'
(https://dwheeler.com/secure-programs) for more information.