Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler. Number of rules (primarily dangerous function names) in C/C++ ruleset: 223 Examining data/libvidstab-1.1.0/src/boxblur.c Examining data/libvidstab-1.1.0/src/boxblur.h Examining data/libvidstab-1.1.0/src/frameinfo.c Examining data/libvidstab-1.1.0/src/frameinfo.h Examining data/libvidstab-1.1.0/src/libvidstab.c Examining data/libvidstab-1.1.0/src/libvidstab.h Examining data/libvidstab-1.1.0/src/localmotion2transform.c Examining data/libvidstab-1.1.0/src/localmotion2transform.h Examining data/libvidstab-1.1.0/src/motiondetect.c Examining data/libvidstab-1.1.0/src/motiondetect.h Examining data/libvidstab-1.1.0/src/motiondetect_internal.h Examining data/libvidstab-1.1.0/src/motiondetect_opt.c Examining data/libvidstab-1.1.0/src/motiondetect_opt.h Examining data/libvidstab-1.1.0/src/orc/motiondetectorc.c Examining data/libvidstab-1.1.0/src/orc/motiondetectorc.h Examining data/libvidstab-1.1.0/src/serialize.c Examining data/libvidstab-1.1.0/src/serialize.h Examining data/libvidstab-1.1.0/src/transform.c Examining data/libvidstab-1.1.0/src/transform.h Examining data/libvidstab-1.1.0/src/transform_internal.h Examining data/libvidstab-1.1.0/src/transformfixedpoint.c Examining data/libvidstab-1.1.0/src/transformfixedpoint.h Examining data/libvidstab-1.1.0/src/transformfloat.c Examining data/libvidstab-1.1.0/src/transformfloat.h Examining data/libvidstab-1.1.0/src/transformtype.c Examining data/libvidstab-1.1.0/src/transformtype.h Examining data/libvidstab-1.1.0/src/transformtype_operations.h Examining data/libvidstab-1.1.0/src/vidstabdefines.h Examining data/libvidstab-1.1.0/src/vsvector.c Examining data/libvidstab-1.1.0/src/vsvector.h Examining data/libvidstab-1.1.0/tests/generate.c Examining data/libvidstab-1.1.0/tests/orc_bug/orc_bug.c Examining data/libvidstab-1.1.0/tests/orc_bug/orc_bug_orc.c Examining data/libvidstab-1.1.0/tests/orc_bug/orc_bug_orc.h Examining data/libvidstab-1.1.0/tests/test_boxblur.c Examining data/libvidstab-1.1.0/tests/test_compareimg.c Examining data/libvidstab-1.1.0/tests/test_contrast.c Examining data/libvidstab-1.1.0/tests/test_gradientoptimizer.c Examining data/libvidstab-1.1.0/tests/test_localmotion2transform.c Examining data/libvidstab-1.1.0/tests/test_motiondetect.c Examining data/libvidstab-1.1.0/tests/test_omp.c Examining data/libvidstab-1.1.0/tests/test_store_restore.c Examining data/libvidstab-1.1.0/tests/test_transform.c Examining data/libvidstab-1.1.0/tests/testframework.h Examining data/libvidstab-1.1.0/tests/tests.c Examining data/libvidstab-1.1.0/tests/testutils.c Examining data/libvidstab-1.1.0/tests/testutils.h Examining data/libvidstab-1.1.0/tests/testframework.c Examining data/libvidstab-1.1.0/transcode/filter_deshake.c Examining data/libvidstab-1.1.0/transcode/filter_stabilize.c Examining data/libvidstab-1.1.0/transcode/filter_transform.c Examining data/libvidstab-1.1.0/transcode/transcode_specifics.h FINAL RESULTS: data/libvidstab-1.1.0/src/libvidstab.c:49:9: [4] (format) vfprintf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. vfprintf (stderr, format, ap); data/libvidstab-1.1.0/transcode/filter_transform.c:217:9: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf(unsharp_param,"luma=%f:%s:chroma=%f:%s", data/libvidstab-1.1.0/src/frameinfo.c:137:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(dest->data[plane], src->data[plane], src->linesize[plane] * h * sizeof(uint8_t)); data/libvidstab-1.1.0/src/frameinfo.c:143:7: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(d,s,sizeof(uint8_t) * w); data/libvidstab-1.1.0/src/localmotion2transform.c:46:9: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). f = fopen("global_motions.trf","w"); data/libvidstab-1.1.0/src/motiondetect.c:410:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buffer[32]; data/libvidstab-1.1.0/src/motiondetect.c:412:7: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). f = fopen(buffer, "w"); data/libvidstab-1.1.0/src/motiondetect.c:658:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(ci_segms, ci, sizeof(contrast_idx) * fs->fieldNum); data/libvidstab-1.1.0/src/motiondetect.c:717:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buffer[32]; data/libvidstab-1.1.0/src/motiondetect.c:719:10: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). file = fopen(buffer, "w"); data/libvidstab-1.1.0/src/motiondetect_opt.c:51:19: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static unsigned char full[16] = {0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF}; data/libvidstab-1.1.0/src/motiondetect_opt.c:230:19: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static unsigned char mask[16] = {0xFF, 0x00, 0xFF, 0x00, 0xFF, 0x00, 0xFF, 0x00, 0xFF, 0x00, 0xFF, 0x00, 0xFF, 0x00, 0xFF, 0x00}; data/libvidstab-1.1.0/src/motiondetect_opt.c:233:12: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char summes[16]; data/libvidstab-1.1.0/src/motiondetect_opt.c:338:19: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static unsigned char mask[16] = {0xFF, 0x00, 0xFF, 0x00, 0xFF, 0x00, 0xFF, 0x00, 0xFF, 0x00, 0xFF, 0x00, 0xFF, 0x00, 0xFF, 0x00}; data/libvidstab-1.1.0/src/serialize.c:145:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char l[1024]; data/libvidstab-1.1.0/src/serialize.c:208:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char l[1024]; data/libvidstab-1.1.0/src/transform.c:256:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(ts2, ts, sizeof(VSTransform) * trans->len); data/libvidstab-1.1.0/src/transform.c:322:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(ts2, ts, sizeof(VSTransform) * trans->len); data/libvidstab-1.1.0/src/transformtype.c:211:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(ts,transforms, sizeof(VSTransform)*len ); data/libvidstab-1.1.0/src/transformtype.c:242:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(ts, transforms, sizeof(VSTransform) * len); data/libvidstab-1.1.0/src/transformtype.c:279:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(ts, transforms, sizeof(VSTransform) * len); data/libvidstab-1.1.0/src/vsvector.c:97:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(d, data, data_size); data/libvidstab-1.1.0/src/vsvector.c:133:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(d, data, data_size); data/libvidstab-1.1.0/src/vsvector.c:168:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(result.data, V1->data, sizeof(void*)* V1->nelems); data/libvidstab-1.1.0/src/vsvector.c:169:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(result.data+V1->nelems, V2->data, sizeof(void*)* V2->nelems); data/libvidstab-1.1.0/src/vsvector.c:186:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(a.dat,vals, sizeof(double)*len); data/libvidstab-1.1.0/src/vsvector.c:206:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(c.dat, a.dat, a.len*sizeof(double)); data/libvidstab-1.1.0/tests/test_store_restore.c:23:13: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). FILE* f = fopen("lmtest","w"); data/libvidstab-1.1.0/tests/test_store_restore.c:26:7: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). f = fopen("lmtest","r"); data/libvidstab-1.1.0/tests/test_store_restore.c:33:7: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). f = fopen("lmstest","w"); data/libvidstab-1.1.0/tests/test_store_restore.c:41:7: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). f = fopen("lmstest","r"); data/libvidstab-1.1.0/tests/test_store_restore.c:56:7: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). f = fopen("lmstest","r"); data/libvidstab-1.1.0/tests/tests.c:61:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char name[128]; data/libvidstab-1.1.0/tests/tests.c:65:7: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(name,"../frames/frame%03i.raw",i+4); data/libvidstab-1.1.0/tests/tests.c:67:14: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). file = fopen(name,"rb"); data/libvidstab-1.1.0/tests/testutils.c:83:13: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). FILE *f = fopen (filename,"rb"); data/libvidstab-1.1.0/tests/testutils.c:132:13: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). FILE *f = fopen (filename,"wb"); data/libvidstab-1.1.0/transcode/filter_deshake.c:71:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char conf_str[TC_BUF_MIN]; data/libvidstab-1.1.0/transcode/filter_deshake.c:273:11: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). sd->f = fopen(sd->result, "w"); data/libvidstab-1.1.0/transcode/filter_stabilize.c:75:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char conf_str[TC_BUF_MIN]; data/libvidstab-1.1.0/transcode/filter_stabilize.c:204:13: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). sd->f = fopen(sd->result, "w"); data/libvidstab-1.1.0/transcode/filter_transform.c:59:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char input[TC_BUF_LINE]; data/libvidstab-1.1.0/transcode/filter_transform.c:60:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char conf_str[TC_BUF_MIN]; data/libvidstab-1.1.0/transcode/filter_transform.c:189:9: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). f = fopen(fd->input, "r"); data/libvidstab-1.1.0/transcode/filter_transform.c:216:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char unsharp_param[256]; data/libvidstab-1.1.0/src/serialize.c:50:12: [1] (buffer) fgetc: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). while((c=fgetc(f)) && c!=')' && c!=EOF); data/libvidstab-1.1.0/src/serialize.c:84:24: [1] (buffer) fgetc: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). if(i>0) while((c=fgetc(f)) && c!=',' && c!=EOF); data/libvidstab-1.1.0/src/serialize.c:93:12: [1] (buffer) fgetc: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). while((c=fgetc(f)) && c!=']' && c!=EOF); data/libvidstab-1.1.0/src/serialize.c:131:12: [1] (buffer) fgetc: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). char c = fgetc(f); data/libvidstab-1.1.0/src/serialize.c:218:9: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(l) == 0) data/libvidstab-1.1.0/tests/testutils.c:44:9: [1] (buffer) fgetc: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). c = fgetc(f); data/libvidstab-1.1.0/tests/testutils.c:60:9: [1] (buffer) fgetc: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). c = fgetc(f); data/libvidstab-1.1.0/tests/testutils.c:67:7: [1] (buffer) fgetc: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). d = fgetc(f); data/libvidstab-1.1.0/tests/testutils.c:90:7: [1] (buffer) fgetc: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). if (fgetc(f) != 'P' || fgetc(f) != '2') data/libvidstab-1.1.0/tests/testutils.c:90:26: [1] (buffer) fgetc: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). if (fgetc(f) != 'P' || fgetc(f) != '2') data/libvidstab-1.1.0/tests/testutils.c:108:11: [1] (buffer) fgetc: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). int c = fgetc(f); data/libvidstab-1.1.0/tests/testutils.c:114:9: [1] (buffer) fgetc: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). c = fgetc(f); data/libvidstab-1.1.0/transcode/filter_deshake.c:195:7: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(filebasename) < TC_BUF_LINE - 4) { data/libvidstab-1.1.0/transcode/filter_stabilize.c:160:9: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(filebasename) < TC_BUF_LINE - 4) { data/libvidstab-1.1.0/transcode/filter_transform.c:126:9: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(filebasename) < TC_BUF_LINE - 4) { ANALYSIS SUMMARY: Hits = 60 Lines analyzed = 9757 in approximately 0.32 seconds (30224 lines/second) Physical Source Lines of Code (SLOC) = 6089 Hits@level = [0] 106 [1] 15 [2] 43 [3] 0 [4] 2 [5] 0 Hits@level+ = [0+] 166 [1+] 60 [2+] 45 [3+] 2 [4+] 2 [5+] 0 Hits/KSLOC@level+ = [0+] 27.2623 [1+] 9.85383 [2+] 7.39038 [3+] 0.328461 [4+] 0.328461 [5+] 0 Dot directories skipped = 1 (--followdotdir overrides) Minimum risk level = 1 Not every hit is necessarily a security vulnerability. There may be other security vulnerabilities; review your code! See 'Secure Programming HOWTO' (https://dwheeler.com/secure-programs) for more information.