Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler.
Number of rules (primarily dangerous function names) in C/C++ ruleset: 223
Examining data/libvidstab-1.1.0/src/boxblur.c
Examining data/libvidstab-1.1.0/src/boxblur.h
Examining data/libvidstab-1.1.0/src/frameinfo.c
Examining data/libvidstab-1.1.0/src/frameinfo.h
Examining data/libvidstab-1.1.0/src/libvidstab.c
Examining data/libvidstab-1.1.0/src/libvidstab.h
Examining data/libvidstab-1.1.0/src/localmotion2transform.c
Examining data/libvidstab-1.1.0/src/localmotion2transform.h
Examining data/libvidstab-1.1.0/src/motiondetect.c
Examining data/libvidstab-1.1.0/src/motiondetect.h
Examining data/libvidstab-1.1.0/src/motiondetect_internal.h
Examining data/libvidstab-1.1.0/src/motiondetect_opt.c
Examining data/libvidstab-1.1.0/src/motiondetect_opt.h
Examining data/libvidstab-1.1.0/src/orc/motiondetectorc.c
Examining data/libvidstab-1.1.0/src/orc/motiondetectorc.h
Examining data/libvidstab-1.1.0/src/serialize.c
Examining data/libvidstab-1.1.0/src/serialize.h
Examining data/libvidstab-1.1.0/src/transform.c
Examining data/libvidstab-1.1.0/src/transform.h
Examining data/libvidstab-1.1.0/src/transform_internal.h
Examining data/libvidstab-1.1.0/src/transformfixedpoint.c
Examining data/libvidstab-1.1.0/src/transformfixedpoint.h
Examining data/libvidstab-1.1.0/src/transformfloat.c
Examining data/libvidstab-1.1.0/src/transformfloat.h
Examining data/libvidstab-1.1.0/src/transformtype.c
Examining data/libvidstab-1.1.0/src/transformtype.h
Examining data/libvidstab-1.1.0/src/transformtype_operations.h
Examining data/libvidstab-1.1.0/src/vidstabdefines.h
Examining data/libvidstab-1.1.0/src/vsvector.c
Examining data/libvidstab-1.1.0/src/vsvector.h
Examining data/libvidstab-1.1.0/tests/generate.c
Examining data/libvidstab-1.1.0/tests/orc_bug/orc_bug.c
Examining data/libvidstab-1.1.0/tests/orc_bug/orc_bug_orc.c
Examining data/libvidstab-1.1.0/tests/orc_bug/orc_bug_orc.h
Examining data/libvidstab-1.1.0/tests/test_boxblur.c
Examining data/libvidstab-1.1.0/tests/test_compareimg.c
Examining data/libvidstab-1.1.0/tests/test_contrast.c
Examining data/libvidstab-1.1.0/tests/test_gradientoptimizer.c
Examining data/libvidstab-1.1.0/tests/test_localmotion2transform.c
Examining data/libvidstab-1.1.0/tests/test_motiondetect.c
Examining data/libvidstab-1.1.0/tests/test_omp.c
Examining data/libvidstab-1.1.0/tests/test_store_restore.c
Examining data/libvidstab-1.1.0/tests/test_transform.c
Examining data/libvidstab-1.1.0/tests/testframework.h
Examining data/libvidstab-1.1.0/tests/tests.c
Examining data/libvidstab-1.1.0/tests/testutils.c
Examining data/libvidstab-1.1.0/tests/testutils.h
Examining data/libvidstab-1.1.0/tests/testframework.c
Examining data/libvidstab-1.1.0/transcode/filter_deshake.c
Examining data/libvidstab-1.1.0/transcode/filter_stabilize.c
Examining data/libvidstab-1.1.0/transcode/filter_transform.c
Examining data/libvidstab-1.1.0/transcode/transcode_specifics.h
FINAL RESULTS:
data/libvidstab-1.1.0/src/libvidstab.c:49:9: [4] (format) vfprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
vfprintf (stderr, format, ap);
data/libvidstab-1.1.0/transcode/filter_transform.c:217:9: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(unsharp_param,"luma=%f:%s:chroma=%f:%s",
data/libvidstab-1.1.0/src/frameinfo.c:137:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(dest->data[plane], src->data[plane], src->linesize[plane] * h * sizeof(uint8_t));
data/libvidstab-1.1.0/src/frameinfo.c:143:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(d,s,sizeof(uint8_t) * w);
data/libvidstab-1.1.0/src/localmotion2transform.c:46:9: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
f = fopen("global_motions.trf","w");
data/libvidstab-1.1.0/src/motiondetect.c:410:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[32];
data/libvidstab-1.1.0/src/motiondetect.c:412:7: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
f = fopen(buffer, "w");
data/libvidstab-1.1.0/src/motiondetect.c:658:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ci_segms, ci, sizeof(contrast_idx) * fs->fieldNum);
data/libvidstab-1.1.0/src/motiondetect.c:717:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[32];
data/libvidstab-1.1.0/src/motiondetect.c:719:10: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
file = fopen(buffer, "w");
data/libvidstab-1.1.0/src/motiondetect_opt.c:51:19: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static unsigned char full[16] = {0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF};
data/libvidstab-1.1.0/src/motiondetect_opt.c:230:19: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static unsigned char mask[16] = {0xFF, 0x00, 0xFF, 0x00, 0xFF, 0x00, 0xFF, 0x00, 0xFF, 0x00, 0xFF, 0x00, 0xFF, 0x00, 0xFF, 0x00};
data/libvidstab-1.1.0/src/motiondetect_opt.c:233:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char summes[16];
data/libvidstab-1.1.0/src/motiondetect_opt.c:338:19: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static unsigned char mask[16] = {0xFF, 0x00, 0xFF, 0x00, 0xFF, 0x00, 0xFF, 0x00, 0xFF, 0x00, 0xFF, 0x00, 0xFF, 0x00, 0xFF, 0x00};
data/libvidstab-1.1.0/src/serialize.c:145:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char l[1024];
data/libvidstab-1.1.0/src/serialize.c:208:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char l[1024];
data/libvidstab-1.1.0/src/transform.c:256:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ts2, ts, sizeof(VSTransform) * trans->len);
data/libvidstab-1.1.0/src/transform.c:322:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ts2, ts, sizeof(VSTransform) * trans->len);
data/libvidstab-1.1.0/src/transformtype.c:211:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ts,transforms, sizeof(VSTransform)*len );
data/libvidstab-1.1.0/src/transformtype.c:242:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ts, transforms, sizeof(VSTransform) * len);
data/libvidstab-1.1.0/src/transformtype.c:279:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ts, transforms, sizeof(VSTransform) * len);
data/libvidstab-1.1.0/src/vsvector.c:97:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(d, data, data_size);
data/libvidstab-1.1.0/src/vsvector.c:133:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(d, data, data_size);
data/libvidstab-1.1.0/src/vsvector.c:168:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(result.data, V1->data, sizeof(void*)* V1->nelems);
data/libvidstab-1.1.0/src/vsvector.c:169:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(result.data+V1->nelems, V2->data, sizeof(void*)* V2->nelems);
data/libvidstab-1.1.0/src/vsvector.c:186:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(a.dat,vals, sizeof(double)*len);
data/libvidstab-1.1.0/src/vsvector.c:206:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(c.dat, a.dat, a.len*sizeof(double));
data/libvidstab-1.1.0/tests/test_store_restore.c:23:13: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE* f = fopen("lmtest","w");
data/libvidstab-1.1.0/tests/test_store_restore.c:26:7: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
f = fopen("lmtest","r");
data/libvidstab-1.1.0/tests/test_store_restore.c:33:7: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
f = fopen("lmstest","w");
data/libvidstab-1.1.0/tests/test_store_restore.c:41:7: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
f = fopen("lmstest","r");
data/libvidstab-1.1.0/tests/test_store_restore.c:56:7: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
f = fopen("lmstest","r");
data/libvidstab-1.1.0/tests/tests.c:61:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[128];
data/libvidstab-1.1.0/tests/tests.c:65:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(name,"../frames/frame%03i.raw",i+4);
data/libvidstab-1.1.0/tests/tests.c:67:14: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
file = fopen(name,"rb");
data/libvidstab-1.1.0/tests/testutils.c:83:13: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE *f = fopen (filename,"rb");
data/libvidstab-1.1.0/tests/testutils.c:132:13: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE *f = fopen (filename,"wb");
data/libvidstab-1.1.0/transcode/filter_deshake.c:71:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char conf_str[TC_BUF_MIN];
data/libvidstab-1.1.0/transcode/filter_deshake.c:273:11: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
sd->f = fopen(sd->result, "w");
data/libvidstab-1.1.0/transcode/filter_stabilize.c:75:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char conf_str[TC_BUF_MIN];
data/libvidstab-1.1.0/transcode/filter_stabilize.c:204:13: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
sd->f = fopen(sd->result, "w");
data/libvidstab-1.1.0/transcode/filter_transform.c:59:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char input[TC_BUF_LINE];
data/libvidstab-1.1.0/transcode/filter_transform.c:60:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char conf_str[TC_BUF_MIN];
data/libvidstab-1.1.0/transcode/filter_transform.c:189:9: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
f = fopen(fd->input, "r");
data/libvidstab-1.1.0/transcode/filter_transform.c:216:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char unsharp_param[256];
data/libvidstab-1.1.0/src/serialize.c:50:12: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
while((c=fgetc(f)) && c!=')' && c!=EOF);
data/libvidstab-1.1.0/src/serialize.c:84:24: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if(i>0) while((c=fgetc(f)) && c!=',' && c!=EOF);
data/libvidstab-1.1.0/src/serialize.c:93:12: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
while((c=fgetc(f)) && c!=']' && c!=EOF);
data/libvidstab-1.1.0/src/serialize.c:131:12: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
char c = fgetc(f);
data/libvidstab-1.1.0/src/serialize.c:218:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(l) == 0)
data/libvidstab-1.1.0/tests/testutils.c:44:9: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
c = fgetc(f);
data/libvidstab-1.1.0/tests/testutils.c:60:9: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
c = fgetc(f);
data/libvidstab-1.1.0/tests/testutils.c:67:7: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
d = fgetc(f);
data/libvidstab-1.1.0/tests/testutils.c:90:7: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (fgetc(f) != 'P' || fgetc(f) != '2')
data/libvidstab-1.1.0/tests/testutils.c:90:26: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (fgetc(f) != 'P' || fgetc(f) != '2')
data/libvidstab-1.1.0/tests/testutils.c:108:11: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
int c = fgetc(f);
data/libvidstab-1.1.0/tests/testutils.c:114:9: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
c = fgetc(f);
data/libvidstab-1.1.0/transcode/filter_deshake.c:195:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(filebasename) < TC_BUF_LINE - 4) {
data/libvidstab-1.1.0/transcode/filter_stabilize.c:160:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(filebasename) < TC_BUF_LINE - 4) {
data/libvidstab-1.1.0/transcode/filter_transform.c:126:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(filebasename) < TC_BUF_LINE - 4) {
ANALYSIS SUMMARY:
Hits = 60
Lines analyzed = 9757 in approximately 0.32 seconds (30224 lines/second)
Physical Source Lines of Code (SLOC) = 6089
Hits@level = [0] 106 [1] 15 [2] 43 [3] 0 [4] 2 [5] 0
Hits@level+ = [0+] 166 [1+] 60 [2+] 45 [3+] 2 [4+] 2 [5+] 0
Hits/KSLOC@level+ = [0+] 27.2623 [1+] 9.85383 [2+] 7.39038 [3+] 0.328461 [4+] 0.328461 [5+] 0
Dot directories skipped = 1 (--followdotdir overrides)
Minimum risk level = 1
Not every hit is necessarily a security vulnerability.
There may be other security vulnerabilities; review your code!
See 'Secure Programming HOWTO'
(https://dwheeler.com/secure-programs) for more information.