Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler.
Number of rules (primarily dangerous function names) in C/C++ ruleset: 223
Examining data/libicns-0.8.1/icnsutils/icontainer2icns.c
Examining data/libicns-0.8.1/icnsutils/icns2png.c
Examining data/libicns-0.8.1/icnsutils/png2icns.c
Examining data/libicns-0.8.1/src/icns_internals.h
Examining data/libicns-0.8.1/src/icns_image.c
Examining data/libicns-0.8.1/src/icns_family.c
Examining data/libicns-0.8.1/src/icns_debug.c
Examining data/libicns-0.8.1/src/icns.h
Examining data/libicns-0.8.1/src/icns_colormaps.h
Examining data/libicns-0.8.1/src/icns_utils.c
Examining data/libicns-0.8.1/src/icns_io.c
Examining data/libicns-0.8.1/src/icns_element.c
Examining data/libicns-0.8.1/src/icns_rle24.c
Examining data/libicns-0.8.1/src/icns_png.c
Examining data/libicns-0.8.1/src/icns_jp2.c

FINAL RESULTS:

data/libicns-0.8.1/icnsutils/icns2png.c:233:3:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
		strcpy(inputFileNames[fileCount], argv[0]);
data/libicns-0.8.1/icnsutils/icns2png.c:598:7:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
						sprintf(&variantPrefix[0],"%s_%s",outfileprefix,typeStr);
data/libicns-0.8.1/icnsutils/icns2png.c:681:27:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
						outfilepathlength = sprintf(&outfilepath[0],"%s_%dx%dx%d.png",outfileprefix,iconInfo.iconWidth,iconInfo.iconHeight,iconInfo.iconBitDepth);
data/libicns-0.8.1/src/icns_utils.c:751:2:  [4] (format) vprintf:
  If format strings can be influenced by an attacker, they can be exploited
  (CWE-134). Use a constant for the format specification.
	vprintf (template, ap);
data/libicns-0.8.1/src/icns_utils.c:758:3:  [4] (format) vfprintf:
  If format strings can be influenced by an attacker, they can be exploited
  (CWE-134). Use a constant for the format specification.
		vfprintf (stderr, template, ap);
data/libicns-0.8.1/icnsutils/icns2png.c:174:16:  [3] (buffer) getopt_long:
  Some older implementations do not protect against internal buffer overflows
  (CWE-120, CWE-20). Check implementation on installation, or limit the size
  of all string inputs.
	while ((opt = getopt_long(argc, argv, short_opts, long_opts, NULL)) != -1)
data/libicns-0.8.1/icnsutils/icns2png.c:52:1:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
char 	*inputFileNames[MAX_INPUTFILES];
data/libicns-0.8.1/icnsutils/icns2png.c:317:2:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
	memcpy(&filename[0],&filepath[filenamestart],filenamelength);
data/libicns-0.8.1/icnsutils/icns2png.c:393:11:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
	inFile = fopen( rsrcfilepath, "r" );
data/libicns-0.8.1/icnsutils/icns2png.c:411:12:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
		inFile = fopen( filepath, "r" );
data/libicns-0.8.1/icnsutils/icns2png.c:426:11:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
	inFile = fopen( filepath, "r" );
data/libicns-0.8.1/icnsutils/icns2png.c:492:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
		char typeStr[5];
data/libicns-0.8.1/icnsutils/icns2png.c:511:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
		char	         typeStr[5];
data/libicns-0.8.1/icnsutils/icns2png.c:513:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
		memcpy(&iconElement,(dataPtr+dataOffset),8);
data/libicns-0.8.1/icnsutils/icns2png.c:539:6:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
					memcpy(&iconBytes[0],(dataPtr+dataOffset+8),4);
data/libicns-0.8.1/icnsutils/icns2png.c:557:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
				memcpy(variantData,(dataPtr+dataOffset),iconElement.elementSize);
data/libicns-0.8.1/icnsutils/icns2png.c:558:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
				memcpy(variantData,"icns",4);
data/libicns-0.8.1/icnsutils/icns2png.c:563:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
				memcpy(&variantData[4], &b[0], sizeof(icns_size_t));
data/libicns-0.8.1/icnsutils/icns2png.c:684:17:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
						outfile = fopen(outfilepath,"w");
data/libicns-0.8.1/icnsutils/icontainer2icns.c:50:4:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
   char buffer[118];
data/libicns-0.8.1/icnsutils/icontainer2icns.c:57:4:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
   char name[256];
data/libicns-0.8.1/icnsutils/icontainer2icns.c:59:22:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
   if( (icontainer = fopen(argv[1], "r")) == NULL ) {
data/libicns-0.8.1/icnsutils/icontainer2icns.c:102:25:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
            if( (icns = fopen(name, "w")) == NULL ) {
data/libicns-0.8.1/icnsutils/png2icns.c:173:2:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	char iconStr[5] = {0,0,0,0,0};
data/libicns-0.8.1/icnsutils/png2icns.c:174:2:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	char maskStr[5] = {0,0,0,0,0};
data/libicns-0.8.1/icnsutils/png2icns.c:181:12:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
	pngfile = fopen(pngname, "rb");
data/libicns-0.8.1/icnsutils/png2icns.c:315:13:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
	icnsfile = fopen (argv[1], "wb+");
data/libicns-0.8.1/src/icns_element.c:73:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
		char typeStr[5];
data/libicns-0.8.1/src/icns_element.c:97:4:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
			char typeStr[5];
data/libicns-0.8.1/src/icns_element.c:124:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
		memcpy( *iconElementOut, iconElement, elementSize);
data/libicns-0.8.1/src/icns_element.c:188:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
		char typeStr[5];
data/libicns-0.8.1/src/icns_element.c:206:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
		char typeStr[5];
data/libicns-0.8.1/src/icns_element.c:263:4:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
			memcpy( ((char *)(newIconFamily))+newDataOffset , (char *)newIconElement, newElementSize);
data/libicns-0.8.1/src/icns_element.c:269:4:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
			memcpy( ((char *)(newIconFamily))+newDataOffset , (char *)newIconElement, newElementSize);
data/libicns-0.8.1/src/icns_element.c:273:4:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
			memcpy( ((char *)(newIconFamily))+newDataOffset , ((char *)(iconFamily))+dataOffset, elementSize);
data/libicns-0.8.1/src/icns_element.c:278:4:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
			memcpy( ((char *)(newIconFamily))+newDataOffset , ((char *)(iconFamily))+dataOffset, elementSize);
data/libicns-0.8.1/src/icns_element.c:287:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
		memcpy( ((char *)(newIconFamily))+newDataOffset , (char *)newIconElement, newElementSize);
data/libicns-0.8.1/src/icns_element.c:404:4:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
			memcpy( ((char *)(newIconFamily))+newDataOffset , ((char *)(iconFamily))+dataOffset, elementSize);
data/libicns-0.8.1/src/icns_element.c:626:6:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
					memcpy(newDataPtr,imageIn->imageData,imageIn->imageDataSize);
data/libicns-0.8.1/src/icns_element.c:628:6:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
					memcpy(newDataPtr,imageIn->imageData + iconInfo.iconRawDataSize,imageIn->imageDataSize);
data/libicns-0.8.1/src/icns_element.c:635:6:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
					memcpy(newDataPtr,imageIn->imageData,imageIn->imageDataSize);
data/libicns-0.8.1/src/icns_element.c:637:6:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
					memcpy(newDataPtr,existingData+existingDataOffset,iconInfo.iconRawDataSize);
data/libicns-0.8.1/src/icns_element.c:638:6:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
					memcpy(newDataPtr,imageIn->imageData + iconInfo.iconRawDataSize,imageIn->imageDataSize);
data/libicns-0.8.1/src/icns_element.c:645:6:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
					memcpy(newDataPtr,imageIn->imageData,imageIn->imageDataSize);
data/libicns-0.8.1/src/icns_element.c:646:6:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
					memcpy(newDataPtr,existingData+existingDataOffset+iconInfo.iconRawDataSize,iconInfo.iconRawDataSize);
data/libicns-0.8.1/src/icns_element.c:648:6:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
					memcpy(newDataPtr,existingData+existingDataOffset,iconInfo.iconRawDataSize);
data/libicns-0.8.1/src/icns_element.c:649:6:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
					memcpy(newDataPtr,imageIn->imageData + iconInfo.iconRawDataSize,imageIn->imageDataSize);
data/libicns-0.8.1/src/icns_element.c:710:4:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
			char typeStr[5];
data/libicns-0.8.1/src/icns_element.c:718:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
		memcpy(newElement->elementData,imageDataPtr,imageDataSize);
data/libicns-0.8.1/src/icns_image.c:68:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
		char typeStr[5];
data/libicns-0.8.1/src/icns_image.c:103:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
		memcpy(imageOut,&iconImage,sizeof(icns_image_t));
data/libicns-0.8.1/src/icns_image.c:115:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
		char typeStr[5];
data/libicns-0.8.1/src/icns_image.c:122:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
		char typeStr[5];
data/libicns-0.8.1/src/icns_image.c:262:4:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
			char typeStr[5];
data/libicns-0.8.1/src/icns_image.c:321:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
		char typeStr[5];
data/libicns-0.8.1/src/icns_image.c:345:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
		memcpy(imageOut,&iconImage,sizeof(icns_image_t));
data/libicns-0.8.1/src/icns_image.c:392:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
		char typeStr[5];
data/libicns-0.8.1/src/icns_image.c:478:6:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
					memcpy(&(((char*)(imageOut->imageData))[dataCount*iconDataRowSize]),&(((char*)(rawDataPtr))[dataCount*iconDataRowSize]),iconDataRowSize);
data/libicns-0.8.1/src/icns_image.c:517:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
				memcpy(&(((char*)(imageOut->imageData))[dataCount*iconDataRowSize]),&(((char*)(rawDataPtr))[dataCount*iconDataRowSize]),iconDataRowSize);
data/libicns-0.8.1/src/icns_image.c:521:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
				char typeStr[5];
data/libicns-0.8.1/src/icns_image.c:564:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
		char typeStr[5];
data/libicns-0.8.1/src/icns_image.c:612:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
				memcpy(&(((char*)(imageOut->imageData))[dataCount*maskDataRowSize]),&(((char*)(rawDataPtr))[dataCount*maskDataRowSize]),maskDataRowSize);
data/libicns-0.8.1/src/icns_image.c:651:6:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
					memcpy(&(((char*)(imageOut->imageData))[dataCount*maskDataRowSize]),&(((char*)(rawDataPtr))[dataCount*maskDataRowSize+maskDataSize]),maskDataRowSize);
data/libicns-0.8.1/src/icns_image.c:660:6:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
					memcpy(&(((char*)(imageOut->imageData))[dataCount*maskDataRowSize]),&(((char*)(rawDataPtr))[dataCount*maskDataRowSize]),maskDataRowSize);
data/libicns-0.8.1/src/icns_image.c:666:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
				char typeStr[5];
data/libicns-0.8.1/src/icns_image.c:698:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
		char typeStr[5];
data/libicns-0.8.1/src/icns_internals.h:153:54:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
 #define ICNS_READ_UNALIGNED(val, addr, size)        memcpy(&(val), (addr), size)
data/libicns-0.8.1/src/icns_internals.h:154:54:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
 #define ICNS_WRITE_UNALIGNED(addr, val, size)       memcpy((addr), &(val), size)
data/libicns-0.8.1/src/icns_io.c:34:9:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
 return memcpy(dst,src,num);
data/libicns-0.8.1/src/icns_io.c:51:2:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
	memcpy(&b, inp, size);
data/libicns-0.8.1/src/icns_io.c:101:2:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
	memcpy(&b, inp, size);
data/libicns-0.8.1/src/icns_io.c:198:2:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
	memcpy(outp, &b, size);
data/libicns-0.8.1/src/icns_io.c:591:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
		char typeStr[5];
data/libicns-0.8.1/src/icns_io.c:607:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
		memcpy( dataPtr, iconFamily, dataSize);
data/libicns-0.8.1/src/icns_io.c:630:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
				char typeStr[5];
data/libicns-0.8.1/src/icns_io.c:699:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
		memcpy( iconFamilyData , dataPtr,dataSize);
data/libicns-0.8.1/src/icns_io.c:747:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
		char typeStr[5];
data/libicns-0.8.1/src/icns_io.c:771:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
		char typeStr[5];
data/libicns-0.8.1/src/icns_io.c:794:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
				char typeStr[5];
data/libicns-0.8.1/src/icns_io.c:943:4:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
			char typeStr[5];
data/libicns-0.8.1/src/icns_io.c:954:4:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
			char		resName[256] = {0};
data/libicns-0.8.1/src/icns_io.c:981:6:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
					memcpy(&resName[0],(resData+resHeadMapOffset+resMapNameOffset+resNameOffset+1),resNameLength);
data/libicns-0.8.1/src/icns_io.c:1017:5:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
				char typeStr[5];
data/libicns-0.8.1/src/icns_io.c:1028:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
				memcpy( resItemData ,(resData+resHeadDataOffset+resItemDataOffset+4),resItemDataSize);
data/libicns-0.8.1/src/icns_io.c:1063:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
		char typeStr[5];		
data/libicns-0.8.1/src/icns_io.c:1209:2:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
	memcpy(resourceDataPtr,(dataPtr+resourceDataStart),resourceDataSize);
data/libicns-0.8.1/src/icns_io.c:1358:2:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
	memcpy(resourceDataPtr,(dataPtr+resourceDataStart),resourceDataSize);
data/libicns-0.8.1/src/icns_jp2.c:566:2:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
	memcpy(buffer, memStream->buffer + memStream->offset, bytesRead);
data/libicns-0.8.1/src/icns_jp2.c:586:3:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
		memcpy(memStream->buffer + memStream->offset, buffer, numBytes);
data/libicns-0.8.1/src/icns_jp2.c:990:2:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
	memcpy(*dataPtrOut,cio->buffer,*dataSizeOut - 34);
data/libicns-0.8.1/src/icns_png.c:39:2:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
	memcpy( data, (char*)_ref->data + _ref->offset, length );
data/libicns-0.8.1/src/icns_rle24.c:291:7:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
						memcpy( dataTemp+dataTempCount , dataRun , runLength - 2 );
data/libicns-0.8.1/src/icns_rle24.c:341:7:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
						memcpy( dataTemp+dataTempCount , dataRun , runLength );
data/libicns-0.8.1/src/icns_rle24.c:375:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
				memcpy( dataTemp+dataTempCount , dataRun , runLength );
data/libicns-0.8.1/src/icns_rle24.c:405:2:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
	memcpy( (*dataPtrOut), dataTemp, dataTempCount);
data/libicns-0.8.1/src/icns_utils.c:433:4:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
			char typeStr[5];
data/libicns-0.8.1/icnsutils/icns2png.c:228:38:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
		inputFileNames[fileCount] = malloc(strlen(argv[0])+1);
data/libicns-0.8.1/icnsutils/icns2png.c:295:19:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	filepathlength = strlen(filepath);
data/libicns-0.8.1/icnsutils/icns2png.c:304:2:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120).
	strncpy(&rsrcfilepath[0],&filepath[0],filepathlength);
data/libicns-0.8.1/icnsutils/icns2png.c:305:2:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120). Risk is low because the source is a
  constant string.
	strncpy(&rsrcfilepath[filepathlength],"/..namedfork/rsrc",17);
data/libicns-0.8.1/icnsutils/icns2png.c:327:22:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
		outputpathlength = strlen(outputPath);
data/libicns-0.8.1/icnsutils/icns2png.c:338:3:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120).
		strncpy(&outfileprefix[0],&outputPath[0],outputpathlength);
data/libicns-0.8.1/icnsutils/icns2png.c:357:3:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120).
		strncpy(&outfileprefix[outfileprefixlength],&filepath[filepathstart],filepathend - filepathstart);
data/libicns-0.8.1/icnsutils/icns2png.c:378:3:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120).
		strncpy(&outfileprefix[0],&filepath[filepathstart],filepathend - filepathstart);
data/libicns-0.8.1/icnsutils/icns2png.c:485:32:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
		outfilepath = (char *)malloc(strlen(outfileprefix)+25);
data/libicns-0.8.1/icnsutils/icns2png.c:595:34:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
					icns_size_t	variantLength = strlen(outfileprefix) + strlen(typeStr) + 2;
data/libicns-0.8.1/icnsutils/icns2png.c:595:58:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
					icns_size_t	variantLength = strlen(outfileprefix) + strlen(typeStr) + 2;
data/libicns-0.8.1/icnsutils/icontainer2icns.c:66:16:  [1] (buffer) getc:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
   while ((c = getc(icontainer)) != EOF) {
data/libicns-0.8.1/icnsutils/icontainer2icns.c:74:19:  [1] (buffer) getc:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
         if ((c = getc(icontainer)) == 'c') {
data/libicns-0.8.1/icnsutils/icontainer2icns.c:75:19:  [1] (buffer) getc:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
         if ((c = getc(icontainer)) == 'n') {
data/libicns-0.8.1/icnsutils/icontainer2icns.c:76:19:  [1] (buffer) getc:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
         if ((c = getc(icontainer)) == 's') { // yupp!
data/libicns-0.8.1/icnsutils/icontainer2icns.c:113:35:  [1] (buffer) getc:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
               buffer[i] = (char)(getc(icontainer) & 0xff);

ANALYSIS SUMMARY:

Hits = 112
Lines analyzed = 7910 in approximately 0.44 seconds (17933 lines/second)
Physical Source Lines of Code (SLOC) = 5956
Hits@level = [0] 220 [1]  16 [2]  90 [3]   1 [4]   5 [5]   0
Hits@level+ = [0+] 332 [1+] 112 [2+]  96 [3+]   6 [4+]   5 [5+]   0
Hits/KSLOC@level+ = [0+] 55.7421 [1+] 18.8046 [2+] 16.1182 [3+] 1.00739 [4+] 0.83949 [5+]   0
Dot directories skipped = 1 (--followdotdir overrides)
Minimum risk level = 1
Not every hit is necessarily a security vulnerability.
There may be other security vulnerabilities; review your code!
See 'Secure Programming HOWTO'
(https://dwheeler.com/secure-programs) for more information.