Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler.
Number of rules (primarily dangerous function names) in C/C++ ruleset: 223
Examining data/libjpeg-0.0~git20200925.f145908/autoconfig.h
Examining data/libjpeg-0.0~git20200925.f145908/boxes/alphabox.cpp
Examining data/libjpeg-0.0~git20200925.f145908/boxes/alphabox.hpp
Examining data/libjpeg-0.0~git20200925.f145908/boxes/box.cpp
Examining data/libjpeg-0.0~git20200925.f145908/boxes/box.hpp
Examining data/libjpeg-0.0~git20200925.f145908/boxes/checksumbox.cpp
Examining data/libjpeg-0.0~git20200925.f145908/boxes/checksumbox.hpp
Examining data/libjpeg-0.0~git20200925.f145908/boxes/colortrafobox.cpp
Examining data/libjpeg-0.0~git20200925.f145908/boxes/colortrafobox.hpp
Examining data/libjpeg-0.0~git20200925.f145908/boxes/databox.cpp
Examining data/libjpeg-0.0~git20200925.f145908/boxes/databox.hpp
Examining data/libjpeg-0.0~git20200925.f145908/boxes/dctbox.cpp
Examining data/libjpeg-0.0~git20200925.f145908/boxes/dctbox.hpp
Examining data/libjpeg-0.0~git20200925.f145908/boxes/filetypebox.cpp
Examining data/libjpeg-0.0~git20200925.f145908/boxes/filetypebox.hpp
Examining data/libjpeg-0.0~git20200925.f145908/boxes/floattonemappingbox.cpp
Examining data/libjpeg-0.0~git20200925.f145908/boxes/floattonemappingbox.hpp
Examining data/libjpeg-0.0~git20200925.f145908/boxes/floattransformationbox.cpp
Examining data/libjpeg-0.0~git20200925.f145908/boxes/floattransformationbox.hpp
Examining data/libjpeg-0.0~git20200925.f145908/boxes/inversetonemappingbox.cpp
Examining data/libjpeg-0.0~git20200925.f145908/boxes/inversetonemappingbox.hpp
Examining data/libjpeg-0.0~git20200925.f145908/boxes/lineartransformationbox.cpp
Examining data/libjpeg-0.0~git20200925.f145908/boxes/lineartransformationbox.hpp
Examining data/libjpeg-0.0~git20200925.f145908/boxes/matrixbox.cpp
Examining data/libjpeg-0.0~git20200925.f145908/boxes/matrixbox.hpp
Examining data/libjpeg-0.0~git20200925.f145908/boxes/mergingspecbox.cpp
Examining data/libjpeg-0.0~git20200925.f145908/boxes/mergingspecbox.hpp
Examining data/libjpeg-0.0~git20200925.f145908/boxes/namespace.cpp
Examining data/libjpeg-0.0~git20200925.f145908/boxes/namespace.hpp
Examining data/libjpeg-0.0~git20200925.f145908/boxes/nonlineartrafobox.cpp
Examining data/libjpeg-0.0~git20200925.f145908/boxes/nonlineartrafobox.hpp
Examining data/libjpeg-0.0~git20200925.f145908/boxes/outputconversionbox.cpp
Examining data/libjpeg-0.0~git20200925.f145908/boxes/outputconversionbox.hpp
Examining data/libjpeg-0.0~git20200925.f145908/boxes/parametrictonemappingbox.cpp
Examining data/libjpeg-0.0~git20200925.f145908/boxes/parametrictonemappingbox.hpp
Examining data/libjpeg-0.0~git20200925.f145908/boxes/refinementspecbox.cpp
Examining data/libjpeg-0.0~git20200925.f145908/boxes/refinementspecbox.hpp
Examining data/libjpeg-0.0~git20200925.f145908/boxes/superbox.cpp
Examining data/libjpeg-0.0~git20200925.f145908/boxes/superbox.hpp
Examining data/libjpeg-0.0~git20200925.f145908/boxes/tonemapperbox.cpp
Examining data/libjpeg-0.0~git20200925.f145908/boxes/tonemapperbox.hpp
Examining data/libjpeg-0.0~git20200925.f145908/cmd/bitmaphook.cpp
Examining data/libjpeg-0.0~git20200925.f145908/cmd/bitmaphook.hpp
Examining data/libjpeg-0.0~git20200925.f145908/cmd/defaulttmoc.cpp
Examining data/libjpeg-0.0~git20200925.f145908/cmd/defaulttmoc.hpp
Examining data/libjpeg-0.0~git20200925.f145908/cmd/encodea.cpp
Examining data/libjpeg-0.0~git20200925.f145908/cmd/encodea.hpp
Examining data/libjpeg-0.0~git20200925.f145908/cmd/encodeb.cpp
Examining data/libjpeg-0.0~git20200925.f145908/cmd/encodeb.hpp
Examining data/libjpeg-0.0~git20200925.f145908/cmd/encodec.cpp
Examining data/libjpeg-0.0~git20200925.f145908/cmd/encodec.hpp
Examining data/libjpeg-0.0~git20200925.f145908/cmd/filehook.cpp
Examining data/libjpeg-0.0~git20200925.f145908/cmd/filehook.hpp
Examining data/libjpeg-0.0~git20200925.f145908/cmd/iohelpers.cpp
Examining data/libjpeg-0.0~git20200925.f145908/cmd/iohelpers.hpp
Examining data/libjpeg-0.0~git20200925.f145908/cmd/main.cpp
Examining data/libjpeg-0.0~git20200925.f145908/cmd/main.hpp
Examining data/libjpeg-0.0~git20200925.f145908/cmd/reconstruct.cpp
Examining data/libjpeg-0.0~git20200925.f145908/cmd/reconstruct.hpp
Examining data/libjpeg-0.0~git20200925.f145908/cmd/tmo.cpp
Examining data/libjpeg-0.0~git20200925.f145908/cmd/tmo.hpp
Examining data/libjpeg-0.0~git20200925.f145908/codestream/aclosslessscan.cpp
Examining data/libjpeg-0.0~git20200925.f145908/codestream/aclosslessscan.hpp
Examining data/libjpeg-0.0~git20200925.f145908/codestream/acrefinementscan.cpp
Examining data/libjpeg-0.0~git20200925.f145908/codestream/acrefinementscan.hpp
Examining data/libjpeg-0.0~git20200925.f145908/codestream/acsequentialscan.cpp
Examining data/libjpeg-0.0~git20200925.f145908/codestream/acsequentialscan.hpp
Examining data/libjpeg-0.0~git20200925.f145908/codestream/decoder.cpp
Examining data/libjpeg-0.0~git20200925.f145908/codestream/decoder.hpp
Examining data/libjpeg-0.0~git20200925.f145908/codestream/encoder.cpp
Examining data/libjpeg-0.0~git20200925.f145908/codestream/encoder.hpp
Examining data/libjpeg-0.0~git20200925.f145908/codestream/entropyparser.cpp
Examining data/libjpeg-0.0~git20200925.f145908/codestream/entropyparser.hpp
Examining data/libjpeg-0.0~git20200925.f145908/codestream/image.cpp
Examining data/libjpeg-0.0~git20200925.f145908/codestream/image.hpp
Examining data/libjpeg-0.0~git20200925.f145908/codestream/jpeglsscan.cpp
Examining data/libjpeg-0.0~git20200925.f145908/codestream/jpeglsscan.hpp
Examining data/libjpeg-0.0~git20200925.f145908/codestream/lineinterleavedlsscan.cpp
Examining data/libjpeg-0.0~git20200925.f145908/codestream/lineinterleavedlsscan.hpp
Examining data/libjpeg-0.0~git20200925.f145908/codestream/losslessscan.cpp
Examining data/libjpeg-0.0~git20200925.f145908/codestream/losslessscan.hpp
Examining data/libjpeg-0.0~git20200925.f145908/codestream/predictivescan.cpp
Examining data/libjpeg-0.0~git20200925.f145908/codestream/predictivescan.hpp
Examining data/libjpeg-0.0~git20200925.f145908/codestream/predictor.cpp
Examining data/libjpeg-0.0~git20200925.f145908/codestream/predictor.hpp
Examining data/libjpeg-0.0~git20200925.f145908/codestream/predictorbase.cpp
Examining data/libjpeg-0.0~git20200925.f145908/codestream/predictorbase.hpp
Examining data/libjpeg-0.0~git20200925.f145908/codestream/rectanglerequest.cpp
Examining data/libjpeg-0.0~git20200925.f145908/codestream/rectanglerequest.hpp
Examining data/libjpeg-0.0~git20200925.f145908/codestream/refinementscan.cpp
Examining data/libjpeg-0.0~git20200925.f145908/codestream/refinementscan.hpp
Examining data/libjpeg-0.0~git20200925.f145908/codestream/sampleinterleavedlsscan.cpp
Examining data/libjpeg-0.0~git20200925.f145908/codestream/sampleinterleavedlsscan.hpp
Examining data/libjpeg-0.0~git20200925.f145908/codestream/sequentialscan.cpp
Examining data/libjpeg-0.0~git20200925.f145908/codestream/sequentialscan.hpp
Examining data/libjpeg-0.0~git20200925.f145908/codestream/singlecomponentlsscan.cpp
Examining data/libjpeg-0.0~git20200925.f145908/codestream/singlecomponentlsscan.hpp
Examining data/libjpeg-0.0~git20200925.f145908/codestream/tables.cpp
Examining data/libjpeg-0.0~git20200925.f145908/codestream/tables.hpp
Examining data/libjpeg-0.0~git20200925.f145908/coding/actemplate.cpp
Examining data/libjpeg-0.0~git20200925.f145908/coding/actemplate.hpp
Examining data/libjpeg-0.0~git20200925.f145908/coding/arithmetictemplate.cpp
Examining data/libjpeg-0.0~git20200925.f145908/coding/arithmetictemplate.hpp
Examining data/libjpeg-0.0~git20200925.f145908/coding/arthdeco.cpp
Examining data/libjpeg-0.0~git20200925.f145908/coding/arthdeco.hpp
Examining data/libjpeg-0.0~git20200925.f145908/coding/blockrow.cpp
Examining data/libjpeg-0.0~git20200925.f145908/coding/blockrow.hpp
Examining data/libjpeg-0.0~git20200925.f145908/coding/decodertemplate.cpp
Examining data/libjpeg-0.0~git20200925.f145908/coding/decodertemplate.hpp
Examining data/libjpeg-0.0~git20200925.f145908/coding/huffmancoder.cpp
Examining data/libjpeg-0.0~git20200925.f145908/coding/huffmancoder.hpp
Examining data/libjpeg-0.0~git20200925.f145908/coding/huffmandecoder.cpp
Examining data/libjpeg-0.0~git20200925.f145908/coding/huffmandecoder.hpp
Examining data/libjpeg-0.0~git20200925.f145908/coding/huffmanstatistics.cpp
Examining data/libjpeg-0.0~git20200925.f145908/coding/huffmanstatistics.hpp
Examining data/libjpeg-0.0~git20200925.f145908/coding/huffmantemplate.cpp
Examining data/libjpeg-0.0~git20200925.f145908/coding/huffmantemplate.hpp
Examining data/libjpeg-0.0~git20200925.f145908/coding/qmcoder.cpp
Examining data/libjpeg-0.0~git20200925.f145908/coding/qmcoder.hpp
Examining data/libjpeg-0.0~git20200925.f145908/coding/quantizedrow.cpp
Examining data/libjpeg-0.0~git20200925.f145908/coding/quantizedrow.hpp
Examining data/libjpeg-0.0~git20200925.f145908/colortrafo/colortrafo.cpp
Examining data/libjpeg-0.0~git20200925.f145908/colortrafo/colortrafo.hpp
Examining data/libjpeg-0.0~git20200925.f145908/colortrafo/colortransformerfactory.cpp
Examining data/libjpeg-0.0~git20200925.f145908/colortrafo/colortransformerfactory.hpp
Examining data/libjpeg-0.0~git20200925.f145908/colortrafo/floattrafo.cpp
Examining data/libjpeg-0.0~git20200925.f145908/colortrafo/floattrafo.hpp
Examining data/libjpeg-0.0~git20200925.f145908/colortrafo/integertrafo.cpp
Examining data/libjpeg-0.0~git20200925.f145908/colortrafo/integertrafo.hpp
Examining data/libjpeg-0.0~git20200925.f145908/colortrafo/lslosslesstrafo.cpp
Examining data/libjpeg-0.0~git20200925.f145908/colortrafo/lslosslesstrafo.hpp
Examining data/libjpeg-0.0~git20200925.f145908/colortrafo/multiplicationtrafo.cpp
Examining data/libjpeg-0.0~git20200925.f145908/colortrafo/multiplicationtrafo.hpp
Examining data/libjpeg-0.0~git20200925.f145908/colortrafo/trivialtrafo.cpp
Examining data/libjpeg-0.0~git20200925.f145908/colortrafo/trivialtrafo.hpp
Examining data/libjpeg-0.0~git20200925.f145908/colortrafo/ycbcrtrafo.cpp
Examining data/libjpeg-0.0~git20200925.f145908/colortrafo/ycbcrtrafo.hpp
Examining data/libjpeg-0.0~git20200925.f145908/config.h
Examining data/libjpeg-0.0~git20200925.f145908/control/bitmapctrl.cpp
Examining data/libjpeg-0.0~git20200925.f145908/control/bitmapctrl.hpp
Examining data/libjpeg-0.0~git20200925.f145908/control/blockbitmaprequester.cpp
Examining data/libjpeg-0.0~git20200925.f145908/control/blockbitmaprequester.hpp
Examining data/libjpeg-0.0~git20200925.f145908/control/blockbuffer.cpp
Examining data/libjpeg-0.0~git20200925.f145908/control/blockbuffer.hpp
Examining data/libjpeg-0.0~git20200925.f145908/control/blockctrl.cpp
Examining data/libjpeg-0.0~git20200925.f145908/control/blockctrl.hpp
Examining data/libjpeg-0.0~git20200925.f145908/control/blocklineadapter.cpp
Examining data/libjpeg-0.0~git20200925.f145908/control/blocklineadapter.hpp
Examining data/libjpeg-0.0~git20200925.f145908/control/bufferctrl.cpp
Examining data/libjpeg-0.0~git20200925.f145908/control/bufferctrl.hpp
Examining data/libjpeg-0.0~git20200925.f145908/control/hierarchicalbitmaprequester.cpp
Examining data/libjpeg-0.0~git20200925.f145908/control/hierarchicalbitmaprequester.hpp
Examining data/libjpeg-0.0~git20200925.f145908/control/lineadapter.cpp
Examining data/libjpeg-0.0~git20200925.f145908/control/lineadapter.hpp
Examining data/libjpeg-0.0~git20200925.f145908/control/linebitmaprequester.cpp
Examining data/libjpeg-0.0~git20200925.f145908/control/linebitmaprequester.hpp
Examining data/libjpeg-0.0~git20200925.f145908/control/linebuffer.cpp
Examining data/libjpeg-0.0~git20200925.f145908/control/linebuffer.hpp
Examining data/libjpeg-0.0~git20200925.f145908/control/linelineadapter.cpp
Examining data/libjpeg-0.0~git20200925.f145908/control/linelineadapter.hpp
Examining data/libjpeg-0.0~git20200925.f145908/control/linemerger.cpp
Examining data/libjpeg-0.0~git20200925.f145908/control/linemerger.hpp
Examining data/libjpeg-0.0~git20200925.f145908/control/residualblockhelper.cpp
Examining data/libjpeg-0.0~git20200925.f145908/control/residualblockhelper.hpp
Examining data/libjpeg-0.0~git20200925.f145908/control/residualbuffer.cpp
Examining data/libjpeg-0.0~git20200925.f145908/control/residualbuffer.hpp
Examining data/libjpeg-0.0~git20200925.f145908/dct/dct.cpp
Examining data/libjpeg-0.0~git20200925.f145908/dct/dct.hpp
Examining data/libjpeg-0.0~git20200925.f145908/dct/deringing.cpp
Examining data/libjpeg-0.0~git20200925.f145908/dct/deringing.hpp
Examining data/libjpeg-0.0~git20200925.f145908/dct/idct.cpp
Examining data/libjpeg-0.0~git20200925.f145908/dct/idct.hpp
Examining data/libjpeg-0.0~git20200925.f145908/dct/liftingdct.cpp
Examining data/libjpeg-0.0~git20200925.f145908/dct/liftingdct.hpp
Examining data/libjpeg-0.0~git20200925.f145908/interface/bitmaphook.cpp
Examining data/libjpeg-0.0~git20200925.f145908/interface/bitmaphook.hpp
Examining data/libjpeg-0.0~git20200925.f145908/interface/hooks.cpp
Examining data/libjpeg-0.0~git20200925.f145908/interface/hooks.hpp
Examining data/libjpeg-0.0~git20200925.f145908/interface/imagebitmap.cpp
Examining data/libjpeg-0.0~git20200925.f145908/interface/imagebitmap.hpp
Examining data/libjpeg-0.0~git20200925.f145908/interface/jpeg.cpp
Examining data/libjpeg-0.0~git20200925.f145908/interface/jpeg.hpp
Examining data/libjpeg-0.0~git20200925.f145908/interface/jpgtypes.cpp
Examining data/libjpeg-0.0~git20200925.f145908/interface/jpgtypes.hpp
Examining data/libjpeg-0.0~git20200925.f145908/interface/parameters.cpp
Examining data/libjpeg-0.0~git20200925.f145908/interface/parameters.hpp
Examining data/libjpeg-0.0~git20200925.f145908/interface/tagitem.cpp
Examining data/libjpeg-0.0~git20200925.f145908/interface/tagitem.hpp
Examining data/libjpeg-0.0~git20200925.f145908/interface/types.cpp
Examining data/libjpeg-0.0~git20200925.f145908/interface/types.hpp
Examining data/libjpeg-0.0~git20200925.f145908/io/bitstream.cpp
Examining data/libjpeg-0.0~git20200925.f145908/io/bitstream.hpp
Examining data/libjpeg-0.0~git20200925.f145908/io/bytestream.cpp
Examining data/libjpeg-0.0~git20200925.f145908/io/bytestream.hpp
Examining data/libjpeg-0.0~git20200925.f145908/io/checksumadapter.cpp
Examining data/libjpeg-0.0~git20200925.f145908/io/checksumadapter.hpp
Examining data/libjpeg-0.0~git20200925.f145908/io/decoderstream.cpp
Examining data/libjpeg-0.0~git20200925.f145908/io/decoderstream.hpp
Examining data/libjpeg-0.0~git20200925.f145908/io/iostream.cpp
Examining data/libjpeg-0.0~git20200925.f145908/io/iostream.hpp
Examining data/libjpeg-0.0~git20200925.f145908/io/memorystream.cpp
Examining data/libjpeg-0.0~git20200925.f145908/io/memorystream.hpp
Examining data/libjpeg-0.0~git20200925.f145908/io/randomaccessstream.cpp
Examining data/libjpeg-0.0~git20200925.f145908/io/randomaccessstream.hpp
Examining data/libjpeg-0.0~git20200925.f145908/io/staticstream.cpp
Examining data/libjpeg-0.0~git20200925.f145908/io/staticstream.hpp
Examining data/libjpeg-0.0~git20200925.f145908/marker/actable.cpp
Examining data/libjpeg-0.0~git20200925.f145908/marker/actable.hpp
Examining data/libjpeg-0.0~git20200925.f145908/marker/adobemarker.cpp
Examining data/libjpeg-0.0~git20200925.f145908/marker/adobemarker.hpp
Examining data/libjpeg-0.0~git20200925.f145908/marker/component.cpp
Examining data/libjpeg-0.0~git20200925.f145908/marker/component.hpp
Examining data/libjpeg-0.0~git20200925.f145908/marker/exifmarker.cpp
Examining data/libjpeg-0.0~git20200925.f145908/marker/exifmarker.hpp
Examining data/libjpeg-0.0~git20200925.f145908/marker/frame.cpp
Examining data/libjpeg-0.0~git20200925.f145908/marker/frame.hpp
Examining data/libjpeg-0.0~git20200925.f145908/marker/huffmantable.cpp
Examining data/libjpeg-0.0~git20200925.f145908/marker/huffmantable.hpp
Examining data/libjpeg-0.0~git20200925.f145908/marker/jfifmarker.cpp
Examining data/libjpeg-0.0~git20200925.f145908/marker/jfifmarker.hpp
Examining data/libjpeg-0.0~git20200925.f145908/marker/lscolortrafo.cpp
Examining data/libjpeg-0.0~git20200925.f145908/marker/lscolortrafo.hpp
Examining data/libjpeg-0.0~git20200925.f145908/marker/quantization.cpp
Examining data/libjpeg-0.0~git20200925.f145908/marker/quantization.hpp
Examining data/libjpeg-0.0~git20200925.f145908/marker/quantizationtable.cpp
Examining data/libjpeg-0.0~git20200925.f145908/marker/quantizationtable.hpp
Examining data/libjpeg-0.0~git20200925.f145908/marker/restartintervalmarker.cpp
Examining data/libjpeg-0.0~git20200925.f145908/marker/restartintervalmarker.hpp
Examining data/libjpeg-0.0~git20200925.f145908/marker/scan.cpp
Examining data/libjpeg-0.0~git20200925.f145908/marker/scan.hpp
Examining data/libjpeg-0.0~git20200925.f145908/marker/scantypes.cpp
Examining data/libjpeg-0.0~git20200925.f145908/marker/scantypes.hpp
Examining data/libjpeg-0.0~git20200925.f145908/marker/thresholds.cpp
Examining data/libjpeg-0.0~git20200925.f145908/marker/thresholds.hpp
Examining data/libjpeg-0.0~git20200925.f145908/std/assert.cpp
Examining data/libjpeg-0.0~git20200925.f145908/std/assert.hpp
Examining data/libjpeg-0.0~git20200925.f145908/std/ctype.cpp
Examining data/libjpeg-0.0~git20200925.f145908/std/ctype.hpp
Examining data/libjpeg-0.0~git20200925.f145908/std/errno.cpp
Examining data/libjpeg-0.0~git20200925.f145908/std/errno.hpp
Examining data/libjpeg-0.0~git20200925.f145908/std/math.cpp
Examining data/libjpeg-0.0~git20200925.f145908/std/math.hpp
Examining data/libjpeg-0.0~git20200925.f145908/std/setjmp.cpp
Examining data/libjpeg-0.0~git20200925.f145908/std/setjmp.hpp
Examining data/libjpeg-0.0~git20200925.f145908/std/stdarg.cpp
Examining data/libjpeg-0.0~git20200925.f145908/std/stdarg.hpp
Examining data/libjpeg-0.0~git20200925.f145908/std/stddef.cpp
Examining data/libjpeg-0.0~git20200925.f145908/std/stddef.hpp
Examining data/libjpeg-0.0~git20200925.f145908/std/stdio.cpp
Examining data/libjpeg-0.0~git20200925.f145908/std/stdio.hpp
Examining data/libjpeg-0.0~git20200925.f145908/std/stdlib.cpp
Examining data/libjpeg-0.0~git20200925.f145908/std/stdlib.hpp
Examining data/libjpeg-0.0~git20200925.f145908/std/string.cpp
Examining data/libjpeg-0.0~git20200925.f145908/std/string.hpp
Examining data/libjpeg-0.0~git20200925.f145908/std/unistd.cpp
Examining data/libjpeg-0.0~git20200925.f145908/std/unistd.hpp
Examining data/libjpeg-0.0~git20200925.f145908/tools/checksum.cpp
Examining data/libjpeg-0.0~git20200925.f145908/tools/checksum.hpp
Examining data/libjpeg-0.0~git20200925.f145908/tools/debug.cpp
Examining data/libjpeg-0.0~git20200925.f145908/tools/debug.hpp
Examining data/libjpeg-0.0~git20200925.f145908/tools/environment.cpp
Examining data/libjpeg-0.0~git20200925.f145908/tools/environment.hpp
Examining data/libjpeg-0.0~git20200925.f145908/tools/line.cpp
Examining data/libjpeg-0.0~git20200925.f145908/tools/line.hpp
Examining data/libjpeg-0.0~git20200925.f145908/tools/numerics.cpp
Examining data/libjpeg-0.0~git20200925.f145908/tools/numerics.hpp
Examining data/libjpeg-0.0~git20200925.f145908/tools/priorityqueue.cpp
Examining data/libjpeg-0.0~git20200925.f145908/tools/priorityqueue.hpp
Examining data/libjpeg-0.0~git20200925.f145908/tools/rectangle.cpp
Examining data/libjpeg-0.0~git20200925.f145908/tools/rectangle.hpp
Examining data/libjpeg-0.0~git20200925.f145908/tools/traits.cpp
Examining data/libjpeg-0.0~git20200925.f145908/tools/traits.hpp
Examining data/libjpeg-0.0~git20200925.f145908/upsampling/cositedupsampler.cpp
Examining data/libjpeg-0.0~git20200925.f145908/upsampling/cositedupsampler.hpp
Examining data/libjpeg-0.0~git20200925.f145908/upsampling/downsampler.cpp
Examining data/libjpeg-0.0~git20200925.f145908/upsampling/downsampler.hpp
Examining data/libjpeg-0.0~git20200925.f145908/upsampling/downsamplerbase.cpp
Examining data/libjpeg-0.0~git20200925.f145908/upsampling/downsamplerbase.hpp
Examining data/libjpeg-0.0~git20200925.f145908/upsampling/interdownsampler.cpp
Examining data/libjpeg-0.0~git20200925.f145908/upsampling/interdownsampler.hpp
Examining data/libjpeg-0.0~git20200925.f145908/upsampling/upsampler.cpp
Examining data/libjpeg-0.0~git20200925.f145908/upsampling/upsampler.hpp
Examining data/libjpeg-0.0~git20200925.f145908/upsampling/upsamplerbase.cpp
Examining data/libjpeg-0.0~git20200925.f145908/upsampling/upsamplerbase.hpp
FINAL RESULTS:
data/libjpeg-0.0~git20200925.f145908/cmd/main.cpp:190:3: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf("Usage: %s [options] source target\n"
data/libjpeg-0.0~git20200925.f145908/cmd/reconstruct.cpp:233:17: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(headername,"%s_%d.h",outfile,i);
data/libjpeg-0.0~git20200925.f145908/cmd/reconstruct.cpp:234:17: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(rawname ,"%s_%d.raw" ,outfile,i);
data/libjpeg-0.0~git20200925.f145908/std/stdio.cpp:45:5: [4] (format) vsnprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
int vsnprintf(char *str, size_t size, const char *format, va_list ap)
data/libjpeg-0.0~git20200925.f145908/std/stdio.cpp:47:10: [4] (format) vsprintf:
Potential format string problem (CWE-134). Make format string constant.
return vsprintf(str,format,ap);
data/libjpeg-0.0~git20200925.f145908/std/stdio.cpp:52:16: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
int TYPE_CDECL snprintf(char *str,size_t size,const char *format,...)
data/libjpeg-0.0~git20200925.f145908/std/stdio.cpp:58:14: [4] (format) vsnprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
result = vsnprintf(str,size,format,args);
data/libjpeg-0.0~git20200925.f145908/std/stdio.hpp:62:12: [4] (format) vsnprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
extern int vsnprintf(char *str, size_t size, const char *format, va_list ap);
data/libjpeg-0.0~git20200925.f145908/std/stdio.hpp:67:23: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
extern int TYPE_CDECL snprintf(char *str,size_t size,const char *format,...);
data/libjpeg-0.0~git20200925.f145908/boxes/filetypebox.cpp:163:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(p,m_pulCompatible,m_ulNumCompats * sizeof(ULONG));
data/libjpeg-0.0~git20200925.f145908/boxes/floattransformationbox.cpp:139:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(m_fInverse,m_fMatrix,sizeof(m_fMatrix));
data/libjpeg-0.0~git20200925.f145908/boxes/lineartransformationbox.cpp:136:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(m_lInverse,m_lMatrix,sizeof(m_lMatrix));
data/libjpeg-0.0~git20200925.f145908/cmd/encodec.cpp:343:19: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE *out = fopen(target,"wb");
data/libjpeg-0.0~git20200925.f145908/cmd/iohelpers.cpp:168:14: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE *in = fopen(file,"rb");
data/libjpeg-0.0~git20200925.f145908/cmd/iohelpers.cpp:188:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[256];
data/libjpeg-0.0~git20200925.f145908/cmd/reconstruct.cpp:71:14: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE *in = fopen(infile,"rb");
data/libjpeg-0.0~git20200925.f145908/cmd/reconstruct.cpp:200:36: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
bmm.bmm_pTarget = fopen(outfile,"wb");
data/libjpeg-0.0~git20200925.f145908/cmd/reconstruct.cpp:201:47: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
bmm.bmm_pAlphaTarget = (doalpha)?(fopen(alpha,"wb")):NULL;
data/libjpeg-0.0~git20200925.f145908/cmd/reconstruct.cpp:231:17: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char headername[256],rawname[256];
data/libjpeg-0.0~git20200925.f145908/cmd/reconstruct.cpp:236:23: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
hdr = fopen(headername,"wb");
data/libjpeg-0.0~git20200925.f145908/cmd/reconstruct.cpp:244:39: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
bmm.bmm_PGXFiles[i] = fopen(rawname,"wb");
data/libjpeg-0.0~git20200925.f145908/cmd/tmo.cpp:183:34: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static void save_histogram(const char *filename,double hist[256])
data/libjpeg-0.0~git20200925.f145908/cmd/tmo.cpp:185:15: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE *out = fopen(filename,"w");
data/libjpeg-0.0~git20200925.f145908/cmd/tmo.cpp:600:23: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
void LoadLTable(const char *ltable,UWORD ldrtohdr[65536],bool flt,int max,int hiddenbits)
data/libjpeg-0.0~git20200925.f145908/cmd/tmo.cpp:602:14: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE *in = fopen(ltable,"r");
data/libjpeg-0.0~git20200925.f145908/cmd/tmo.cpp:605:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[256];
data/libjpeg-0.0~git20200925.f145908/cmd/tmo.hpp:88:30: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern void LoadLTable(const char *ltable,UWORD ldrtohdr[65536],bool flt,
data/libjpeg-0.0~git20200925.f145908/codestream/acrefinementscan.hpp:95:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char string[5] = "s000";
data/libjpeg-0.0~git20200925.f145908/codestream/acsequentialscan.hpp:99:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char string[5] = "Z0S0";
data/libjpeg-0.0~git20200925.f145908/codestream/acsequentialscan.hpp:100:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(string,base,2);
data/libjpeg-0.0~git20200925.f145908/codestream/acsequentialscan.hpp:131:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char string[5] = "X0 ";
data/libjpeg-0.0~git20200925.f145908/codestream/acsequentialscan.hpp:153:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char string[5] = "se00";
data/libjpeg-0.0~git20200925.f145908/codestream/acsequentialscan.hpp:182:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char string[5] = "xl00";
data/libjpeg-0.0~git20200925.f145908/codestream/rectanglerequest.hpp:109:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(this,&req,sizeof(struct RectangleRequest));
data/libjpeg-0.0~git20200925.f145908/codestream/rectanglerequest.hpp:118:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(this,&req,sizeof(struct RectangleRequest));
data/libjpeg-0.0~git20200925.f145908/coding/huffmantemplate.cpp:162:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(m_ucLengths,bits_dc_luminance,sizeof(bits_dc_luminance));
data/libjpeg-0.0~git20200925.f145908/coding/huffmantemplate.cpp:163:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(m_pucValues,val_dc_luminance ,sizeof(val_dc_luminance));
data/libjpeg-0.0~git20200925.f145908/coding/huffmantemplate.cpp:173:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(m_ucLengths,bits_dc_luminance,sizeof(bits_dc_luminance));
data/libjpeg-0.0~git20200925.f145908/coding/huffmantemplate.cpp:174:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(m_pucValues,val_dc_luminance ,sizeof(val_dc_luminance));
data/libjpeg-0.0~git20200925.f145908/coding/huffmantemplate.cpp:185:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(m_ucLengths,bits_dc_luminance,sizeof(bits_dc_luminance));
data/libjpeg-0.0~git20200925.f145908/coding/huffmantemplate.cpp:186:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(m_pucValues,val_dc_luminance ,sizeof(val_dc_luminance));
data/libjpeg-0.0~git20200925.f145908/coding/huffmantemplate.cpp:196:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(m_ucLengths,bits_dc_luminance,sizeof(bits_dc_luminance));
data/libjpeg-0.0~git20200925.f145908/coding/huffmantemplate.cpp:197:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(m_pucValues,val_dc_luminance ,sizeof(val_dc_luminance));
data/libjpeg-0.0~git20200925.f145908/coding/huffmantemplate.cpp:229:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(m_ucLengths,bits_dc_luminance,sizeof(bits_dc_luminance));
data/libjpeg-0.0~git20200925.f145908/coding/huffmantemplate.cpp:230:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(m_pucValues,val_dc_luminance ,sizeof(val_dc_luminance));
data/libjpeg-0.0~git20200925.f145908/coding/huffmantemplate.cpp:276:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(m_ucLengths,bits_dc_chrominance,sizeof(bits_dc_chrominance));
data/libjpeg-0.0~git20200925.f145908/coding/huffmantemplate.cpp:277:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(m_pucValues,val_dc_chrominance ,sizeof(val_dc_chrominance));
data/libjpeg-0.0~git20200925.f145908/coding/huffmantemplate.cpp:289:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(m_ucLengths,bits_dc_chrominance,sizeof(bits_dc_chrominance));
data/libjpeg-0.0~git20200925.f145908/coding/huffmantemplate.cpp:290:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(m_pucValues,val_dc_chrominance ,sizeof(val_dc_chrominance));
data/libjpeg-0.0~git20200925.f145908/coding/huffmantemplate.cpp:301:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(m_ucLengths,bits_dc_luminance,sizeof(bits_dc_luminance));
data/libjpeg-0.0~git20200925.f145908/coding/huffmantemplate.cpp:302:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(m_pucValues,val_dc_luminance ,sizeof(val_dc_luminance));
data/libjpeg-0.0~git20200925.f145908/coding/huffmantemplate.cpp:314:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(m_ucLengths,bits_dc_chrominance,sizeof(bits_dc_chrominance));
data/libjpeg-0.0~git20200925.f145908/coding/huffmantemplate.cpp:315:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(m_pucValues,val_dc_chrominance ,sizeof(val_dc_chrominance));
data/libjpeg-0.0~git20200925.f145908/coding/huffmantemplate.cpp:353:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(m_ucLengths,bits_dc_luminance,sizeof(bits_dc_luminance));
data/libjpeg-0.0~git20200925.f145908/coding/huffmantemplate.cpp:354:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(m_pucValues,val_dc_luminance ,sizeof(val_dc_luminance));
data/libjpeg-0.0~git20200925.f145908/coding/huffmantemplate.cpp:428:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(m_ucLengths,bits_ac_luminance,sizeof(bits_ac_luminance));
data/libjpeg-0.0~git20200925.f145908/coding/huffmantemplate.cpp:429:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(m_pucValues,val_ac_luminance ,sizeof(val_ac_luminance));
data/libjpeg-0.0~git20200925.f145908/coding/huffmantemplate.cpp:475:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(m_ucLengths,bits_ac_luminance,sizeof(bits_ac_luminance));
data/libjpeg-0.0~git20200925.f145908/coding/huffmantemplate.cpp:476:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(m_pucValues,val_ac_luminance ,sizeof(val_ac_luminance));
data/libjpeg-0.0~git20200925.f145908/coding/huffmantemplate.cpp:516:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(m_ucLengths,bits_ac_chrominance,sizeof(bits_ac_chrominance));
data/libjpeg-0.0~git20200925.f145908/coding/huffmantemplate.cpp:517:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(m_pucValues,val_ac_chrominance ,sizeof(val_ac_chrominance));
data/libjpeg-0.0~git20200925.f145908/coding/huffmantemplate.cpp:563:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(m_ucLengths,bits_ac_luminance,sizeof(bits_ac_luminance));
data/libjpeg-0.0~git20200925.f145908/coding/huffmantemplate.cpp:564:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(m_pucValues,val_ac_luminance ,sizeof(val_ac_luminance));
data/libjpeg-0.0~git20200925.f145908/coding/huffmantemplate.cpp:637:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(m_ucLengths,bits_ac_chrominance,sizeof(bits_ac_chrominance));
data/libjpeg-0.0~git20200925.f145908/coding/huffmantemplate.cpp:638:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(m_pucValues,val_ac_chrominance ,sizeof(val_ac_chrominance));
data/libjpeg-0.0~git20200925.f145908/coding/huffmantemplate.cpp:684:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(m_ucLengths,bits_ac_chrominance,sizeof(bits_ac_chrominance));
data/libjpeg-0.0~git20200925.f145908/coding/huffmantemplate.cpp:685:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(m_pucValues,val_ac_chrominance ,sizeof(val_ac_chrominance));
data/libjpeg-0.0~git20200925.f145908/coding/huffmantemplate.cpp:725:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(m_ucLengths,bits_ac_chrominance,sizeof(bits_ac_chrominance));
data/libjpeg-0.0~git20200925.f145908/coding/huffmantemplate.cpp:726:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(m_pucValues,val_ac_chrominance ,sizeof(val_ac_chrominance));
data/libjpeg-0.0~git20200925.f145908/coding/huffmantemplate.cpp:766:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(m_ucLengths,bits_ac_chrominance,sizeof(bits_ac_chrominance));
data/libjpeg-0.0~git20200925.f145908/coding/huffmantemplate.cpp:767:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(m_pucValues,val_ac_chrominance ,sizeof(val_ac_chrominance));
data/libjpeg-0.0~git20200925.f145908/coding/huffmantemplate.cpp:928:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char filename[30];
data/libjpeg-0.0~git20200925.f145908/coding/huffmantemplate.cpp:931:18: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((stats = fopen(filename,"r"))) {
data/libjpeg-0.0~git20200925.f145908/coding/huffmantemplate.cpp:935:18: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((stats = fopen(filename,"w"))) {
data/libjpeg-0.0~git20200925.f145908/coding/huffmantemplate.cpp:977:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char filename[30];
data/libjpeg-0.0~git20200925.f145908/coding/huffmantemplate.cpp:981:19: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((file = fopen(filename,"w"))) {
data/libjpeg-0.0~git20200925.f145908/coding/huffmantemplate.cpp:988:19: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((file = fopen(filename,"w"))) {
data/libjpeg-0.0~git20200925.f145908/coding/qmcoder.hpp:107:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(m_ucID,name,4);
data/libjpeg-0.0~git20200925.f145908/coding/qmcoder.hpp:113:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(m_ucID,name,4);
data/libjpeg-0.0~git20200925.f145908/colortrafo/colortransformerfactory.cpp:146:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(matrix,df,sizeof(LONG) * 9);
data/libjpeg-0.0~git20200925.f145908/colortrafo/colortransformerfactory.cpp:190:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(matrix,df,sizeof(LONG) * 9);
data/libjpeg-0.0~git20200925.f145908/colortrafo/colortransformerfactory.cpp:391:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(matrix,lbox->MatrixOf(),9 * sizeof(LONG));
data/libjpeg-0.0~git20200925.f145908/colortrafo/colortransformerfactory.cpp:393:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(inverse,lbox->InverseMatrixOf(),9 * sizeof(LONG));
data/libjpeg-0.0~git20200925.f145908/colortrafo/colortransformerfactory.cpp:414:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(matrix,lbox->MatrixOf(),9 * sizeof(LONG));
data/libjpeg-0.0~git20200925.f145908/colortrafo/colortransformerfactory.cpp:416:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(inverse,lbox->InverseMatrixOf(),9 * sizeof(LONG));
data/libjpeg-0.0~git20200925.f145908/colortrafo/colortransformerfactory.cpp:579:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(matrix,lbox->MatrixOf(),9 * sizeof(LONG));
data/libjpeg-0.0~git20200925.f145908/colortrafo/colortransformerfactory.cpp:581:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(inverse,lbox->InverseMatrixOf(),9 * sizeof(LONG));
data/libjpeg-0.0~git20200925.f145908/control/blockbitmaprequester.cpp:915:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(m_ppDTemp[i],m_ppCTemp[i],64 * sizeof(LONG));
data/libjpeg-0.0~git20200925.f145908/control/blocklineadapter.cpp:202:11: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(out[l]->m_pData + (x << 3),&dst[l << 3],8 * sizeof(LONG));
data/libjpeg-0.0~git20200925.f145908/control/blocklineadapter.cpp:283:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&src[l << 3],line->m_pData + (x << 3),8 * sizeof(LONG));
data/libjpeg-0.0~git20200925.f145908/control/hierarchicalbitmaprequester.cpp:361:16: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
if (*line) memcpy((*line)->m_pData + x,buffer,8 * sizeof(LONG));
data/libjpeg-0.0~git20200925.f145908/control/hierarchicalbitmaprequester.cpp:378:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buffer,(*line)->m_pData + (x << 3),8 * sizeof(LONG));
data/libjpeg-0.0~git20200925.f145908/control/linebuffer.cpp:295:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(dst,buffer,8 * sizeof(LONG));
data/libjpeg-0.0~git20200925.f145908/control/linebuffer.cpp:307:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(line->m_pData + x,buffer,8 * sizeof(LONG));
data/libjpeg-0.0~git20200925.f145908/control/linebuffer.cpp:322:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buffer,line->m_pData + (x << 3),8 * sizeof(LONG));
data/libjpeg-0.0~git20200925.f145908/control/linemerger.cpp:262:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(xline->m_pData,line->m_pData,m_pulPixelWidth[comp] * sizeof(LONG));
data/libjpeg-0.0~git20200925.f145908/control/linemerger.cpp:507:11: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(out->m_pData,center->m_pData,sizeof(LONG) * m_pulPixelWidth[comp]);
data/libjpeg-0.0~git20200925.f145908/control/linemerger.cpp:547:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(out->m_pData,src->m_pData,m_pulPixelWidth[comp] * sizeof(LONG));
data/libjpeg-0.0~git20200925.f145908/control/residualblockhelper.cpp:125:26: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE *spectrumfile = fopen("spectrum.plot","w");
data/libjpeg-0.0~git20200925.f145908/control/residualblockhelper.cpp:136:21: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE *resfile = fopen("residual.ppm","wb");
data/libjpeg-0.0~git20200925.f145908/io/bytestream.cpp:67:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buffer,m_pucBufPtr,avail); // copy all data over
data/libjpeg-0.0~git20200925.f145908/io/bytestream.cpp:86:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buffer,m_pucBufPtr,size);
data/libjpeg-0.0~git20200925.f145908/io/bytestream.cpp:109:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(m_pucBufPtr,buffer,avail); // copy the data over
data/libjpeg-0.0~git20200925.f145908/io/bytestream.cpp:124:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(m_pucBufPtr,buffer,size);
data/libjpeg-0.0~git20200925.f145908/io/iostream.cpp:583:11: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buf + 1,m_pucBuffer,bytes);
data/libjpeg-0.0~git20200925.f145908/std/stdio.hpp:72:10: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
# define fopen fopen64
data/libjpeg-0.0~git20200925.f145908/std/string.hpp:109:10: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
# undef memcpy
data/libjpeg-0.0~git20200925.f145908/std/string.hpp:110:11: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
# define memcpy __builtin_memcpy
data/libjpeg-0.0~git20200925.f145908/tools/checksum.hpp:83:14: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
tmpout = fopen("/tmp/chksum","w");
data/libjpeg-0.0~git20200925.f145908/upsampling/cositedupsampler.cpp:124:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(target,cur->m_pData + offset,8 * sizeof(LONG));
data/libjpeg-0.0~git20200925.f145908/upsampling/cositedupsampler.cpp:149:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(out,c,8 * sizeof(LONG));
data/libjpeg-0.0~git20200925.f145908/upsampling/cositedupsampler.cpp:187:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(out,c,8 * sizeof(LONG));
data/libjpeg-0.0~git20200925.f145908/upsampling/cositedupsampler.cpp:228:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(out,c,8 * sizeof(LONG));
data/libjpeg-0.0~git20200925.f145908/upsampling/downsamplerbase.cpp:169:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(dst + ofs,data,8 * sizeof(LONG));
data/libjpeg-0.0~git20200925.f145908/upsampling/upsampler.cpp:124:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(target,cur->m_pData + offset,8 * sizeof(LONG));
data/libjpeg-0.0~git20200925.f145908/upsampling/upsampler.cpp:198:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(out,c,8 * sizeof(LONG));
data/libjpeg-0.0~git20200925.f145908/upsampling/upsamplerbase.cpp:319:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(dest + bx,data,8 * sizeof(LONG));
data/libjpeg-0.0~git20200925.f145908/cmd/iohelpers.cpp:107:13: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
r = getc(in);
data/libjpeg-0.0~git20200925.f145908/cmd/iohelpers.cpp:108:13: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
g = getc(in);
data/libjpeg-0.0~git20200925.f145908/cmd/iohelpers.cpp:109:13: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
b = getc(in);
data/libjpeg-0.0~git20200925.f145908/cmd/iohelpers.cpp:111:14: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
r = getc(in) << 8;
data/libjpeg-0.0~git20200925.f145908/cmd/iohelpers.cpp:112:14: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
r |= getc(in);
data/libjpeg-0.0~git20200925.f145908/cmd/iohelpers.cpp:113:14: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
g = getc(in) << 8;
data/libjpeg-0.0~git20200925.f145908/cmd/iohelpers.cpp:114:14: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
g |= getc(in);
data/libjpeg-0.0~git20200925.f145908/cmd/iohelpers.cpp:115:14: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
b = getc(in) << 8;
data/libjpeg-0.0~git20200925.f145908/cmd/iohelpers.cpp:116:14: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
b |= getc(in);
data/libjpeg-0.0~git20200925.f145908/cmd/iohelpers.cpp:149:14: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
g = getc(in);
data/libjpeg-0.0~git20200925.f145908/cmd/iohelpers.cpp:151:14: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
g = getc(in) << 8;
data/libjpeg-0.0~git20200925.f145908/cmd/iohelpers.cpp:152:14: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
g |= getc(in);
data/libjpeg-0.0~git20200925.f145908/cmd/iohelpers.cpp:187:21: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
while((id = getc(in)) == '#') {
data/libjpeg-0.0~git20200925.f145908/cmd/iohelpers.hpp:129:9: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
dt1 = getc(in);
data/libjpeg-0.0~git20200925.f145908/cmd/iohelpers.hpp:130:9: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
dt2 = getc(in);
data/libjpeg-0.0~git20200925.f145908/cmd/iohelpers.hpp:131:9: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
dt3 = getc(in);
data/libjpeg-0.0~git20200925.f145908/cmd/iohelpers.hpp:132:9: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
dt4 = getc(in);
data/libjpeg-0.0~git20200925.f145908/std/string.hpp:97:12: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
return strlen((const char *)data);
data/libjpeg-0.0~git20200925.f145908/std/string.hpp:207:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
const char *t = s + strlen(s);
ANALYSIS SUMMARY:
Hits = 136
Lines analyzed = 70971 in approximately 1.90 seconds (37305 lines/second)
Physical Source Lines of Code (SLOC) = 36489
Hits@level = [0] 105 [1] 19 [2] 108 [3] 0 [4] 9 [5] 0
Hits@level+ = [0+] 241 [1+] 136 [2+] 117 [3+] 9 [4+] 9 [5+] 0
Hits/KSLOC@level+ = [0+] 6.60473 [1+] 3.72715 [2+] 3.20645 [3+] 0.24665 [4+] 0.24665 [5+] 0
Dot directories skipped = 1 (--followdotdir overrides)
Minimum risk level = 1
Not every hit is necessarily a security vulnerability.
There may be other security vulnerabilities; review your code!
See 'Secure Programming HOWTO'
(https://dwheeler.com/secure-programs) for more information.