Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler.
Number of rules (primarily dangerous function names) in C/C++ ruleset: 223
Examining data/libgeotiff-1.6.0/geotiff_proj4.c
Examining data/libgeotiff-1.6.0/geo_tiffp.c
Examining data/libgeotiff-1.6.0/geo_set.c
Examining data/libgeotiff-1.6.0/libxtiff/xtiff.c
Examining data/libgeotiff-1.6.0/libxtiff/xtiffio.h
Examining data/libgeotiff-1.6.0/geotiff.h
Examining data/libgeotiff-1.6.0/geo_free.c
Examining data/libgeotiff-1.6.0/geotiffio.h
Examining data/libgeotiff-1.6.0/bin/makegeo.c
Examining data/libgeotiff-1.6.0/bin/listgeo.c
Examining data/libgeotiff-1.6.0/bin/applygeo.c
Examining data/libgeotiff-1.6.0/bin/getopt.c
Examining data/libgeotiff-1.6.0/bin/geotifcp.c
Examining data/libgeotiff-1.6.0/cpl_serv.c
Examining data/libgeotiff-1.6.0/geo_strtod.c
Examining data/libgeotiff-1.6.0/geo_trans.c
Examining data/libgeotiff-1.6.0/geokeys.h
Examining data/libgeotiff-1.6.0/geonames.h
Examining data/libgeotiff-1.6.0/geo_print.c
Examining data/libgeotiff-1.6.0/geovalues.h
Examining data/libgeotiff-1.6.0/geo_extra.c
Examining data/libgeotiff-1.6.0/geo_write.c
Examining data/libgeotiff-1.6.0/geo_normalize.c
Examining data/libgeotiff-1.6.0/geo_simpletags.h
Examining data/libgeotiff-1.6.0/geo_new.c
Examining data/libgeotiff-1.6.0/geo_normalize.h
Examining data/libgeotiff-1.6.0/geo_get.c
Examining data/libgeotiff-1.6.0/geo_simpletags.c
Examining data/libgeotiff-1.6.0/geo_names.c
Examining data/libgeotiff-1.6.0/geo_keyp.h
Examining data/libgeotiff-1.6.0/geo_tiffp.h
Examining data/libgeotiff-1.6.0/cpl_serv.h

FINAL RESULTS:

data/libgeotiff-1.6.0/bin/applygeo.c:86:9:  [4] (format) fprintf:
  If format strings can be influenced by an attacker, they can be exploited
  (CWE-134). Use a constant for the format specification.
        fprintf(stderr, usage, "applygeo");
data/libgeotiff-1.6.0/bin/applygeo.c:96:9:  [4] (format) fprintf:
  If format strings can be influenced by an attacker, they can be exploited
  (CWE-134). Use a constant for the format specification.
        fprintf(stderr, usage, prog);
data/libgeotiff-1.6.0/cpl_serv.c:122:5:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
    strcpy( pszReturn, pszString );
data/libgeotiff-1.6.0/cpl_serv.c:482:5:  [4] (format) vsprintf:
  Potential format string problem (CWE-134). Make format string constant.
    vsprintf(gszCPLLastErrMsg, fmt, args);
data/libgeotiff-1.6.0/cpl_serv.h:120:20:  [4] (format) fprintf:
  If format strings can be influenced by an attacker, they can be exploited
  (CWE-134). Use a constant for the format specification.
#define VSIFPrintf	fprintf
data/libgeotiff-1.6.0/geo_names.c:271:17:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
                sprintf(gtif->szTmpBufferForGTIFValueNameEx,
data/libgeotiff-1.6.0/geo_new.c:39:5:  [4] (format) vfprintf:
  If format strings can be influenced by an attacker, they can be exploited
  (CWE-134). Use a constant for the format specification.
    vfprintf(stderr, msg, list);
data/libgeotiff-1.6.0/geo_normalize.c:159:17:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
                sprintf(szEPSGName, "%s / UTM zone %d%c",
data/libgeotiff-1.6.0/geo_normalize.c:2741:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf( szFormat, "%%3dd%%2d\'%%%d.%df\"%s",
data/libgeotiff-1.6.0/geo_normalize.c:2743:5:  [4] (format) sprintf:
  Potential format string problem (CWE-134). Make format string constant.
    sprintf( szBuffer, szFormat, nDegrees, nMinutes, dfSeconds );
data/libgeotiff-1.6.0/geo_print.c:68:5:  [4] (format) sprintf:
  Potential format string problem (CWE-134). Make format string constant.
    sprintf(message,FMT_GEOTIFF "\n");
data/libgeotiff-1.6.0/geo_print.c:70:5:  [4] (format) sprintf:
  Potential format string problem (CWE-134). Make format string constant.
    sprintf(message, FMT_VERSION,gtif->gt_version);
data/libgeotiff-1.6.0/geo_print.c:72:5:  [4] (format) sprintf:
  Potential format string problem (CWE-134). Make format string constant.
    sprintf(message, FMT_REV,gtif->gt_rev_major,
data/libgeotiff-1.6.0/geo_print.c:76:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf(message,"   %s\n",FMT_TAGS); print(message,aux);
data/libgeotiff-1.6.0/geo_print.c:78:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf(message,"      %s\n",FMT_TAGEND); print(message,aux);
data/libgeotiff-1.6.0/geo_print.c:80:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf(message,"   %s\n",FMT_KEYS); print(message,aux);
data/libgeotiff-1.6.0/geo_print.c:86:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf(message,"      %s\n",FMT_KEYEND); print(message,aux);
data/libgeotiff-1.6.0/geo_print.c:88:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf(message,"   %s\n",FMT_GEOEND); print(message,aux);
data/libgeotiff-1.6.0/geo_print.c:124:4:  [4] (format) sprintf:
  Potential format string problem (CWE-134). Make format string constant.
			sprintf(message,FMT_DOUBLE,*data++);
data/libgeotiff-1.6.0/geo_print.c:149:5:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
    sprintf(message," (%s,%d): ",GTIFTypeName(key->gk_type),count);
data/libgeotiff-1.6.0/geo_print.c:206:17:  [4] (format) sprintf:
  Potential format string problem (CWE-134). Make format string constant.
                sprintf(message,FMT_DOUBLE ,*dptr);
data/libgeotiff-1.6.0/geo_print.c:229:21:  [4] (format) sprintf:
  Potential format string problem (CWE-134). Make format string constant.
                    sprintf(message,FMT_SHORT,*sptr);
data/libgeotiff-1.6.0/geo_print.c:277:10:  [4] (buffer) sscanf:
  The scanf() family's %s operation, without a limit specification, permits
  buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
  different input function. If the scanf format is influenceable by an
  attacker, it's exploitable.
    if (!sscanf(message,FMT_VERSION,(short unsigned*)&gtif->gt_version)) return 0;
data/libgeotiff-1.6.0/geo_print.c:279:9:  [4] (buffer) sscanf:
  The scanf() family's %s operation, without a limit specification, permits
  buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
  different input function. If the scanf format is influenceable by an
  attacker, it's exploitable.
    if (sscanf(message,FMT_REV,(short unsigned*)&gtif->gt_rev_major,
data/libgeotiff-1.6.0/geotiff_proj4.c:1364:5:  [4] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused).
    strcat( szProjection, szUnits );
data/libgeotiff-1.6.0/bin/geotifcp.c:39:5:  [3] (buffer) getopt:
  Some older implementations do not protect against internal buffer overflows
  (CWE-120, CWE-20). Check implementation on installation, or limit the size
  of all string inputs.
int getopt();
data/libgeotiff-1.6.0/bin/geotifcp.c:116:14:  [3] (buffer) getopt:
  Some older implementations do not protect against internal buffer overflows
  (CWE-120, CWE-20). Check implementation on installation, or limit the size
  of all string inputs.
	while ((c = getopt(argc, argv, "c:f:l:o:p:r:w:e:g:4:v:aistd8BLMC")) != -1)
data/libgeotiff-1.6.0/bin/getopt.c:53:1:  [3] (buffer) getopt:
  Some older implementations do not protect against internal buffer overflows
  (CWE-120, CWE-20). Check implementation on installation, or limit the size
  of all string inputs.
getopt(int nargc, char** nargv, char* ostr)
data/libgeotiff-1.6.0/bin/applygeo.c:49:10:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
    fp = fopen(geofile, "r");
data/libgeotiff-1.6.0/bin/geotifcp.c:108:2:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	char mode[10];
data/libgeotiff-1.6.0/bin/geotifcp.c:150:20:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
			deftilelength = atoi(optarg);
data/libgeotiff-1.6.0/bin/geotifcp.c:164:22:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
			defrowsperstrip = atoi(optarg);
data/libgeotiff-1.6.0/bin/geotifcp.c:174:19:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
			deftilewidth = atoi(optarg);
data/libgeotiff-1.6.0/bin/geotifcp.c:245:11:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
    tfw = fopen( worldfilename, "rt" );
data/libgeotiff-1.6.0/bin/geotifcp.c:317:14:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
        fd = fopen(geofile,"r");
data/libgeotiff-1.6.0/bin/geotifcp.c:405:23:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
            quality = atoi(cp+1);
data/libgeotiff-1.6.0/bin/geotifcp.c:417:28:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
            defpredictor = atoi(cp+1);
data/libgeotiff-1.6.0/bin/geotifcp.c:422:28:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
            defpredictor = atoi(cp+1);
data/libgeotiff-1.6.0/bin/geotifcp.c:481:2:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	char buf[BUFSIZ];
data/libgeotiff-1.6.0/bin/listgeo.c:263:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char	tfw_filename[1024];
data/libgeotiff-1.6.0/bin/listgeo.c:276:13:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
            strcpy( tfw_filename + i, ".tfw" );
data/libgeotiff-1.6.0/bin/listgeo.c:282:9:  [2] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant string.
        strcat( tfw_filename, ".tfw" );
data/libgeotiff-1.6.0/bin/listgeo.c:315:10:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
    fp = fopen( tfw_filename, "wt" );
data/libgeotiff-1.6.0/bin/makegeo.c:92:2:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	char buffer[WIDTH];
data/libgeotiff-1.6.0/cpl_serv.c:462:8:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
static char gszCPLLastErrMsg[2000] = "";
data/libgeotiff-1.6.0/cpl_serv.h:117:18:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
#define VSIFOpen	fopen
data/libgeotiff-1.6.0/geo_get.c:173:14:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
           ((char *)val)[count-1] = '\0'; /* replace last char with NULL */
data/libgeotiff-1.6.0/geo_keyp.h:116:4:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
   char        szTmpBufferForGTIFValueNameEx[160];
data/libgeotiff-1.6.0/geo_names.c:49:11:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
   static char errmsg[80];
data/libgeotiff-1.6.0/geo_names.c:55:5:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
	   sprintf(errmsg,"Unknown-%d", key );
data/libgeotiff-1.6.0/geo_names.c:82:9:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
        sprintf(gtif->szTmpBufferForGTIFValueNameEx,"Unknown-%d", key );
data/libgeotiff-1.6.0/geo_names.c:153:13:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
            memcpy(pszOut, pszName, nToCopy);
data/libgeotiff-1.6.0/geo_names.c:197:9:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
        sprintf(gtif->szTmpBufferForGTIFValueNameEx,"Unknown-%d", value );
data/libgeotiff-1.6.0/geo_names.c:209:13:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
            char szCode[12];
data/libgeotiff-1.6.0/geo_names.c:210:13:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
            char szName[120];
data/libgeotiff-1.6.0/geo_names.c:213:13:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
            sprintf(szCode, "%d", value);
data/libgeotiff-1.6.0/geo_new.c:129:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy( &gt->gt_methods, methods, sizeof(TIFFMethod) );
data/libgeotiff-1.6.0/geo_new.c:270:13:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
            memcpy(&keyptr->gk_data, &(entptr->ent_val_offset), sizeof(pinfo_t));
data/libgeotiff-1.6.0/geo_normalize.c:118:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(pnVal, &sVal, 2);
data/libgeotiff-1.6.0/geo_normalize.c:158:17:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
                char szEPSGName[64];
data/libgeotiff-1.6.0/geo_normalize.c:181:9:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
        char szCode[12];
data/libgeotiff-1.6.0/geo_normalize.c:184:9:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
        sprintf(szCode, "%d", nPCSCode);
data/libgeotiff-1.6.0/geo_normalize.c:224:37:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
                *pnProjOp = (short) atoi(pszConvCode);
data/libgeotiff-1.6.0/geo_normalize.c:256:44:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
                *pnUOMLengthCode = (short) atoi(pszUnitCode);
data/libgeotiff-1.6.0/geo_normalize.c:274:37:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
                *pnGeogCS = (short) atoi(pszGeodCode);
data/libgeotiff-1.6.0/geo_normalize.c:312:13:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
            char	szAngleString[32];
data/libgeotiff-1.6.0/geo_normalize.c:314:13:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
            sprintf( szAngleString, "%12.7f", dfAngle );
data/libgeotiff-1.6.0/geo_normalize.c:344:23:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
        dfAngle = ABS(atoi(pszAngle));
data/libgeotiff-1.6.0/geo_normalize.c:348:13:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
            char	szMinutes[3];
data/libgeotiff-1.6.0/geo_normalize.c:349:13:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
            char	szSeconds[64];
data/libgeotiff-1.6.0/geo_normalize.c:358:24:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
            dfAngle += atoi(szMinutes) / 60.0;
data/libgeotiff-1.6.0/geo_normalize.c:478:9:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
        char szCode[12];
data/libgeotiff-1.6.0/geo_normalize.c:481:9:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
        sprintf(szCode, "%d", nGCSCode);
data/libgeotiff-1.6.0/geo_normalize.c:525:36:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
                *pnDatum = (short) atoi(pszDatumCode);
data/libgeotiff-1.6.0/geo_normalize.c:543:33:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
                *pnPM = (short) atoi(pszPMCode);
data/libgeotiff-1.6.0/geo_normalize.c:575:39:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
                *pnUOMAngle = (short) atoi(pszUnitCode);
data/libgeotiff-1.6.0/geo_normalize.c:668:9:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
        char szCode[12];
data/libgeotiff-1.6.0/geo_normalize.c:671:9:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
        sprintf(szCode, "%d", nEllipseCode);
data/libgeotiff-1.6.0/geo_normalize.c:744:9:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
        char szCode[12];
data/libgeotiff-1.6.0/geo_normalize.c:747:9:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
        sprintf(szCode, "%d", nPMCode);
data/libgeotiff-1.6.0/geo_normalize.c:846:9:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
        char szCode[12];
data/libgeotiff-1.6.0/geo_normalize.c:849:9:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
        sprintf(szCode, "%d", nDatumCode);
data/libgeotiff-1.6.0/geo_normalize.c:888:40:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
                *pnEllipsoid = (short) atoi(pszEllipsoidCode);
data/libgeotiff-1.6.0/geo_normalize.c:965:9:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
        char szCode[12];
data/libgeotiff-1.6.0/geo_normalize.c:968:9:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
        sprintf(szCode, "%d", nUOMLengthCode);
data/libgeotiff-1.6.0/geo_normalize.c:1071:9:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
        char szCode[12];
data/libgeotiff-1.6.0/geo_normalize.c:1075:9:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
        sprintf(szCode, "%d", nUOMAngleCode);
data/libgeotiff-1.6.0/geo_normalize.c:1445:13:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
            char szProjTRFName[64];
data/libgeotiff-1.6.0/geo_normalize.c:1446:13:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
            sprintf(szProjTRFName, "UTM zone %d%c",
data/libgeotiff-1.6.0/geo_normalize.c:1474:9:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
        char    szCode[12];
data/libgeotiff-1.6.0/geo_normalize.c:1479:9:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
        sprintf(szCode, "%d", nProjTRFCode);
data/libgeotiff-1.6.0/geo_normalize.c:1499:23:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
        nProjMethod = atoi(pszMethodCode);
data/libgeotiff-1.6.0/geo_normalize.c:1554:21:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
                if( atoi(pszParamCode) == nEPSGCode )
data/libgeotiff-1.6.0/geo_normalize.c:1595:25:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
                    if( atoi(pszParamCode) == nEPSGCode )
data/libgeotiff-1.6.0/geo_normalize.c:2710:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char	szFormat[30];
data/libgeotiff-1.6.0/geo_normalize.c:2711:12:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    static char szBuffer[50];
data/libgeotiff-1.6.0/geo_print.c:63:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char message[1024];
data/libgeotiff-1.6.0/geo_print.c:113:9:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
        char message[1024];
data/libgeotiff-1.6.0/geo_print.c:117:2:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
	sprintf(message," (%d,%d):\n",nrows,ncols);
data/libgeotiff-1.6.0/geo_print.c:144:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char message[40];
data/libgeotiff-1.6.0/geo_print.c:169:27:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
              char ch = ((char *) data)[in_char++];
data/libgeotiff-1.6.0/geo_print.c:238:9:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
        sprintf(message, "Unknown Type (%d)\n",key->gk_type);
data/libgeotiff-1.6.0/geo_print.c:269:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char message[1024];
data/libgeotiff-1.6.0/geo_print.c:309:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char tagname[100];
data/libgeotiff-1.6.0/geo_print.c:312:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char message[1024];
data/libgeotiff-1.6.0/geo_print.c:360:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char name[1000];
data/libgeotiff-1.6.0/geo_print.c:361:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char type[20];
data/libgeotiff-1.6.0/geo_print.c:365:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char message[2048];
data/libgeotiff-1.6.0/geo_simpletags.c:215:13:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
            memcpy( st->key_list[i].data, data, count * item_size );
data/libgeotiff-1.6.0/geo_simpletags.c:231:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy( st->key_list[st->key_count-1].data, data, item_size * count );
data/libgeotiff-1.6.0/geo_strtod.c:48:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
    memcpy(&fNan, &nNan, 4);
data/libgeotiff-1.6.0/geo_strtod.c:66:9:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
        char szBuf[16];
data/libgeotiff-1.6.0/geo_strtod.c:67:9:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
        sprintf(szBuf, "%.1f", 1.0);
data/libgeotiff-1.6.0/geo_write.c:144:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
        memcpy(&(entptr->ent_val_offset), &keyptr->gk_data, sizeof(pinfo_t));
data/libgeotiff-1.6.0/geotiff_proj4.c:49:9:  [2] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant string.
        strcat( pszProjection, "+ellps=WGS84 " );
data/libgeotiff-1.6.0/geotiff_proj4.c:51:9:  [2] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant string.
        strcat( pszProjection, "+ellps=clrk66 " );
data/libgeotiff-1.6.0/geotiff_proj4.c:53:9:  [2] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant string.
        strcat( pszProjection, "+ellps=clrk80 " );
data/libgeotiff-1.6.0/geotiff_proj4.c:55:9:  [2] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant string.
        strcat( pszProjection, "+ellps=GRS80 " );
data/libgeotiff-1.6.0/geotiff_proj4.c:60:13:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
            sprintf( pszProjection+strlen(pszProjection),
data/libgeotiff-1.6.0/geotiff_proj4.c:108:25:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
                        char szAsBoolean[100];
data/libgeotiff-1.6.0/geotiff_proj4.c:111:25:  [2] (buffer) strcat:
  Does not check for buffer overflows when concatenating to destination
  [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
  snprintf (warning: strncat is easily misused). Risk is low because the
  source is a constant string.
                        strcat( szAsBoolean,"=yes" );
data/libgeotiff-1.6.0/geotiff_proj4.c:876:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char	szProjection[512];
data/libgeotiff-1.6.0/geotiff_proj4.c:877:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char	szUnits[64];
data/libgeotiff-1.6.0/geotiff_proj4.c:894:9:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
        strcpy( szUnits, "+units=m " );
data/libgeotiff-1.6.0/geotiff_proj4.c:898:9:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
        strcpy( szUnits, "+units=ft " );
data/libgeotiff-1.6.0/geotiff_proj4.c:902:9:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
        strcpy( szUnits, "+units=us-ft " );
data/libgeotiff-1.6.0/geotiff_proj4.c:906:9:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
        strcpy( szUnits, "+units=ind-ft " );
data/libgeotiff-1.6.0/geotiff_proj4.c:910:9:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
        strcpy( szUnits, "+units=link " );
data/libgeotiff-1.6.0/geotiff_proj4.c:914:9:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
        strcpy( szUnits, "+units=ind-yd " );
data/libgeotiff-1.6.0/geotiff_proj4.c:918:9:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
        strcpy( szUnits, "+units=fath " );
data/libgeotiff-1.6.0/geotiff_proj4.c:922:9:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
        strcpy( szUnits, "+units=kmi " );
data/libgeotiff-1.6.0/geotiff_proj4.c:926:9:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
        sprintf( szUnits, "+to_meter=%.10f", psDefn->UOMLengthInMeters );
data/libgeotiff-1.6.0/geotiff_proj4.c:945:9:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
        sprintf(szProjection+strlen(szProjection),"+proj=latlong ");
data/libgeotiff-1.6.0/geotiff_proj4.c:954:9:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
        sprintf( szProjection+strlen(szProjection),
data/libgeotiff-1.6.0/geotiff_proj4.c:964:9:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
        sprintf( szProjection+strlen(szProjection),
data/libgeotiff-1.6.0/geotiff_proj4.c:978:9:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
        sprintf( szProjection+strlen(szProjection),
data/libgeotiff-1.6.0/geotiff_proj4.c:994:13:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
            sprintf( szProjection+strlen(szProjection),
data/libgeotiff-1.6.0/geotiff_proj4.c:1001:13:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
            sprintf( szProjection+strlen(szProjection),
data/libgeotiff-1.6.0/geotiff_proj4.c:1015:9:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
        sprintf( szProjection+strlen(szProjection),
data/libgeotiff-1.6.0/geotiff_proj4.c:1029:9:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
        sprintf( szProjection+strlen(szProjection),
data/libgeotiff-1.6.0/geotiff_proj4.c:1043:9:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
        sprintf( szProjection+strlen(szProjection),
data/libgeotiff-1.6.0/geotiff_proj4.c:1057:13:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
            sprintf( szProjection+strlen(szProjection),
data/libgeotiff-1.6.0/geotiff_proj4.c:1066:13:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
            sprintf( szProjection+strlen(szProjection),
data/libgeotiff-1.6.0/geotiff_proj4.c:1081:9:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
        sprintf( szProjection+strlen(szProjection),
data/libgeotiff-1.6.0/geotiff_proj4.c:1095:9:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
        sprintf( szProjection+strlen(szProjection),
data/libgeotiff-1.6.0/geotiff_proj4.c:1108:9:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
        sprintf( szProjection+strlen(szProjection),
data/libgeotiff-1.6.0/geotiff_proj4.c:1121:9:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
        sprintf( szProjection+strlen(szProjection),
data/libgeotiff-1.6.0/geotiff_proj4.c:1134:9:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
        sprintf( szProjection+strlen(szProjection),
data/libgeotiff-1.6.0/geotiff_proj4.c:1147:9:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
        sprintf( szProjection+strlen(szProjection),
data/libgeotiff-1.6.0/geotiff_proj4.c:1160:9:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
        sprintf( szProjection+strlen(szProjection),
data/libgeotiff-1.6.0/geotiff_proj4.c:1173:9:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
        sprintf( szProjection+strlen(szProjection),
data/libgeotiff-1.6.0/geotiff_proj4.c:1189:9:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
        sprintf( szProjection+strlen(szProjection),
data/libgeotiff-1.6.0/geotiff_proj4.c:1205:9:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
        sprintf( szProjection+strlen(szProjection),
data/libgeotiff-1.6.0/geotiff_proj4.c:1217:9:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
        sprintf( szProjection+strlen(szProjection),
data/libgeotiff-1.6.0/geotiff_proj4.c:1229:9:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
        sprintf( szProjection+strlen(szProjection),
data/libgeotiff-1.6.0/geotiff_proj4.c:1241:9:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
        sprintf( szProjection+strlen(szProjection),
data/libgeotiff-1.6.0/geotiff_proj4.c:1257:9:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
        sprintf( szProjection+strlen(szProjection),
data/libgeotiff-1.6.0/geotiff_proj4.c:1273:9:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
        sprintf( szProjection+strlen(szProjection),
data/libgeotiff-1.6.0/geotiff_proj4.c:1287:9:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
        sprintf( szProjection+strlen(szProjection),
data/libgeotiff-1.6.0/geotiff_proj4.c:1313:9:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
        sprintf( szProjection+strlen(szProjection),
data/libgeotiff-1.6.0/geotiff_proj4.c:1330:13:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
            sprintf( szProjection+strlen(szProjection),
data/libgeotiff-1.6.0/geotiff_proj4.c:1341:13:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
            sprintf( szProjection+strlen(szProjection),
data/libgeotiff-1.6.0/geotiff_proj4.c:1383:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char        szLongLat[256];
data/libgeotiff-1.6.0/geotiff_proj4.c:1399:5:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
    strcpy(szLongLat, "+proj=longlat ");
data/libgeotiff-1.6.0/geotiff_proj4.c:1445:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
    char        szLongLat[256];
data/libgeotiff-1.6.0/geotiff_proj4.c:1461:5:  [2] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused). Risk is low because the source is a constant string.
    strcpy(szLongLat, "+proj=longlat ");
data/libgeotiff-1.6.0/bin/geotifcp.c:74:9:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    if( strlen(str) != 5 || str[1] != ':' || str[3] != ':' )
data/libgeotiff-1.6.0/bin/listgeo.c:271:5:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120).
    strncpy( tfw_filename, tif_filename, sizeof(tfw_filename)-4 );
data/libgeotiff-1.6.0/bin/listgeo.c:272:14:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    for( i = strlen(tfw_filename)-1; i > 0; i-- )
data/libgeotiff-1.6.0/bin/listgeo.c:364:27:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    ST_SetKey( st, 34737, strlen(ascii_data)+1, STT_ASCII, ascii_data );
data/libgeotiff-1.6.0/cpl_serv.c:112:28:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    pszReturn = VSIMalloc( strlen(pszString)+1 );
data/libgeotiff-1.6.0/cpl_serv.c:118:19:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
                  strlen(pszString) );
data/libgeotiff-1.6.0/cpl_serv.c:192:22:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        nReadSoFar = strlen(pszRLBuffer);
data/libgeotiff-1.6.0/cpl_serv.c:201:15:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    nLength = strlen(pszRLBuffer);
data/libgeotiff-1.6.0/geo_names.c:152:34:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
            size_t nToCopy = MIN(strlen(pszName), nOutSize - 1);
data/libgeotiff-1.6.0/geo_names.c:228:25:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120).
                        strncpy(szName, pszName, sizeof(szName));
data/libgeotiff-1.6.0/geo_normalize.c:346:35:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        if( pszDecimal != NULL && strlen(pszDecimal) > 1 )
data/libgeotiff-1.6.0/geo_normalize.c:360:17:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
            if( strlen(pszDecimal) > 3 )
data/libgeotiff-1.6.0/geo_normalize.c:367:21:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120).
                    strncpy( szSeconds+3, pszDecimal + 5, sizeof(szSeconds) - 3 );
data/libgeotiff-1.6.0/geo_set.c:127:22:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        count = (int)strlen(val) + 1; /* force = string length */
data/libgeotiff-1.6.0/geo_simpletags.c:200:22:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        count = (int)strlen((char*)data)+1;
data/libgeotiff-1.6.0/geo_strtod.c:88:13:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
         && strlen(poLconv->decimal_point) > 0 )
data/libgeotiff-1.6.0/geo_tiffp.c:84:30:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
		scount = (unsigned short) (strlen(tmp)+1);
data/libgeotiff-1.6.0/geotiff_proj4.c:60:36:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
            sprintf( pszProjection+strlen(pszProjection),
data/libgeotiff-1.6.0/geotiff_proj4.c:109:25:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120).
                        strncpy( szAsBoolean,pszStart, sizeof(szAsBoolean)-1-4);
data/libgeotiff-1.6.0/geotiff_proj4.c:130:29:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    if( pszStart != NULL && strlen(pszStart) > 0 )
data/libgeotiff-1.6.0/geotiff_proj4.c:149:24:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
    size_t field_len = strlen(pszField);
data/libgeotiff-1.6.0/geotiff_proj4.c:162:17:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
            if( strlen(papszNV[i]) == field_len )
data/libgeotiff-1.6.0/geotiff_proj4.c:945:30:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        sprintf(szProjection+strlen(szProjection),"+proj=latlong ");
data/libgeotiff-1.6.0/geotiff_proj4.c:954:31:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        sprintf( szProjection+strlen(szProjection),
data/libgeotiff-1.6.0/geotiff_proj4.c:964:31:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        sprintf( szProjection+strlen(szProjection),
data/libgeotiff-1.6.0/geotiff_proj4.c:978:31:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        sprintf( szProjection+strlen(szProjection),
data/libgeotiff-1.6.0/geotiff_proj4.c:994:35:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
            sprintf( szProjection+strlen(szProjection),
data/libgeotiff-1.6.0/geotiff_proj4.c:1001:35:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
            sprintf( szProjection+strlen(szProjection),
data/libgeotiff-1.6.0/geotiff_proj4.c:1015:31:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        sprintf( szProjection+strlen(szProjection),
data/libgeotiff-1.6.0/geotiff_proj4.c:1029:31:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        sprintf( szProjection+strlen(szProjection),
data/libgeotiff-1.6.0/geotiff_proj4.c:1043:31:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        sprintf( szProjection+strlen(szProjection),
data/libgeotiff-1.6.0/geotiff_proj4.c:1057:35:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
            sprintf( szProjection+strlen(szProjection),
data/libgeotiff-1.6.0/geotiff_proj4.c:1066:35:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
            sprintf( szProjection+strlen(szProjection),
data/libgeotiff-1.6.0/geotiff_proj4.c:1081:31:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        sprintf( szProjection+strlen(szProjection),
data/libgeotiff-1.6.0/geotiff_proj4.c:1095:31:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        sprintf( szProjection+strlen(szProjection),
data/libgeotiff-1.6.0/geotiff_proj4.c:1108:31:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        sprintf( szProjection+strlen(szProjection),
data/libgeotiff-1.6.0/geotiff_proj4.c:1121:31:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        sprintf( szProjection+strlen(szProjection),
data/libgeotiff-1.6.0/geotiff_proj4.c:1134:31:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        sprintf( szProjection+strlen(szProjection),
data/libgeotiff-1.6.0/geotiff_proj4.c:1147:31:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        sprintf( szProjection+strlen(szProjection),
data/libgeotiff-1.6.0/geotiff_proj4.c:1160:31:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        sprintf( szProjection+strlen(szProjection),
data/libgeotiff-1.6.0/geotiff_proj4.c:1173:31:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        sprintf( szProjection+strlen(szProjection),
data/libgeotiff-1.6.0/geotiff_proj4.c:1189:31:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        sprintf( szProjection+strlen(szProjection),
data/libgeotiff-1.6.0/geotiff_proj4.c:1205:31:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        sprintf( szProjection+strlen(szProjection),
data/libgeotiff-1.6.0/geotiff_proj4.c:1217:31:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        sprintf( szProjection+strlen(szProjection),
data/libgeotiff-1.6.0/geotiff_proj4.c:1229:31:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        sprintf( szProjection+strlen(szProjection),
data/libgeotiff-1.6.0/geotiff_proj4.c:1241:31:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        sprintf( szProjection+strlen(szProjection),
data/libgeotiff-1.6.0/geotiff_proj4.c:1257:31:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        sprintf( szProjection+strlen(szProjection),
data/libgeotiff-1.6.0/geotiff_proj4.c:1273:31:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        sprintf( szProjection+strlen(szProjection),
data/libgeotiff-1.6.0/geotiff_proj4.c:1287:31:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        sprintf( szProjection+strlen(szProjection),
data/libgeotiff-1.6.0/geotiff_proj4.c:1313:31:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
        sprintf( szProjection+strlen(szProjection),
data/libgeotiff-1.6.0/geotiff_proj4.c:1330:35:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
            sprintf( szProjection+strlen(szProjection),
data/libgeotiff-1.6.0/geotiff_proj4.c:1341:35:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
            sprintf( szProjection+strlen(szProjection),

ANALYSIS SUMMARY:

Hits = 218
Lines analyzed = 12504 in approximately 0.40 seconds (30904 lines/second)
Physical Source Lines of Code (SLOC) = 8261
Hits@level = [0]  83 [1]  52 [2] 138 [3]   3 [4]  25 [5]   0
Hits@level+ = [0+] 301 [1+] 218 [2+] 166 [3+]  28 [4+]  25 [5+]   0
Hits/KSLOC@level+ = [0+] 36.4363 [1+] 26.3891 [2+] 20.0944 [3+] 3.38942 [4+] 3.02627 [5+]   0
Dot directories skipped = 1 (--followdotdir overrides)
Minimum risk level = 1
Not every hit is necessarily a security vulnerability.
There may be other security vulnerabilities; review your code!
See 'Secure Programming HOWTO'
(https://dwheeler.com/secure-programs) for more information.