Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler. Number of rules (primarily dangerous function names) in C/C++ ruleset: 223 Examining data/luminance-hdr-2.6.0+dfsg/src/Alignment/Align.cpp Examining data/luminance-hdr-2.6.0+dfsg/src/Alignment/Align.h Examining data/luminance-hdr-2.6.0+dfsg/src/BatchHDR/BatchHDRDialog.cpp Examining data/luminance-hdr-2.6.0+dfsg/src/BatchHDR/BatchHDRDialog.h Examining data/luminance-hdr-2.6.0+dfsg/src/BatchTM/BatchTMDialog.cpp Examining data/luminance-hdr-2.6.0+dfsg/src/BatchTM/BatchTMDialog.h Examining data/luminance-hdr-2.6.0+dfsg/src/BatchTM/BatchTMJob.cpp Examining data/luminance-hdr-2.6.0+dfsg/src/BatchTM/BatchTMJob.h Examining data/luminance-hdr-2.6.0+dfsg/src/Common/CommonFunctions.cpp Examining data/luminance-hdr-2.6.0+dfsg/src/Common/CommonFunctions.h Examining data/luminance-hdr-2.6.0+dfsg/src/Common/GitSHA1.h Examining data/luminance-hdr-2.6.0+dfsg/src/Common/LuminanceOptions.cpp Examining data/luminance-hdr-2.6.0+dfsg/src/Common/LuminanceOptions.h Examining data/luminance-hdr-2.6.0+dfsg/src/Common/ProgressHelper.cpp Examining data/luminance-hdr-2.6.0+dfsg/src/Common/ProgressHelper.h Examining data/luminance-hdr-2.6.0+dfsg/src/Common/TranslatorManager.cpp Examining data/luminance-hdr-2.6.0+dfsg/src/Common/TranslatorManager.h Examining data/luminance-hdr-2.6.0+dfsg/src/Common/global.cpp Examining data/luminance-hdr-2.6.0+dfsg/src/Common/global.h Examining data/luminance-hdr-2.6.0+dfsg/src/Common/init_fftw.cpp Examining data/luminance-hdr-2.6.0+dfsg/src/Common/init_fftw.h Examining data/luminance-hdr-2.6.0+dfsg/src/Core/IOWorker.cpp Examining data/luminance-hdr-2.6.0+dfsg/src/Core/IOWorker.h Examining data/luminance-hdr-2.6.0+dfsg/src/Core/TMWorker.cpp Examining data/luminance-hdr-2.6.0+dfsg/src/Core/TMWorker.h Examining data/luminance-hdr-2.6.0+dfsg/src/Core/TonemappingOptions.cpp Examining data/luminance-hdr-2.6.0+dfsg/src/Core/TonemappingOptions.h Examining data/luminance-hdr-2.6.0+dfsg/src/Exif/ExifOperations.cpp Examining data/luminance-hdr-2.6.0+dfsg/src/Exif/ExifOperations.h Examining data/luminance-hdr-2.6.0+dfsg/src/Fileformat/pfsoutldrimage.cpp Examining data/luminance-hdr-2.6.0+dfsg/src/Fileformat/pfsoutldrimage.h Examining data/luminance-hdr-2.6.0+dfsg/src/HdrCreation/createhdr.h Examining data/luminance-hdr-2.6.0+dfsg/src/HdrCreation/debevec.cpp Examining data/luminance-hdr-2.6.0+dfsg/src/HdrCreation/debevec.h Examining data/luminance-hdr-2.6.0+dfsg/src/HdrCreation/fusionoperator.cpp Examining data/luminance-hdr-2.6.0+dfsg/src/HdrCreation/fusionoperator.h Examining data/luminance-hdr-2.6.0+dfsg/src/HdrCreation/mtb_alignment.cpp Examining data/luminance-hdr-2.6.0+dfsg/src/HdrCreation/mtb_alignment.h Examining data/luminance-hdr-2.6.0+dfsg/src/HdrCreation/responses.cpp Examining data/luminance-hdr-2.6.0+dfsg/src/HdrCreation/responses.h Examining data/luminance-hdr-2.6.0+dfsg/src/HdrCreation/robertson02.cpp Examining data/luminance-hdr-2.6.0+dfsg/src/HdrCreation/robertson02.h Examining data/luminance-hdr-2.6.0+dfsg/src/HdrCreation/weights.cpp Examining data/luminance-hdr-2.6.0+dfsg/src/HdrCreation/weights.h Examining data/luminance-hdr-2.6.0+dfsg/src/HdrHTML/hdrhtml.h Examining data/luminance-hdr-2.6.0+dfsg/src/HdrHTML/pfsouthdrhtml.cpp Examining data/luminance-hdr-2.6.0+dfsg/src/HdrHTML/pfsouthdrhtml.h Examining data/luminance-hdr-2.6.0+dfsg/src/HdrHTML/hdrhtml.cpp Examining data/luminance-hdr-2.6.0+dfsg/src/HdrWizard/AutoAntighosting.cpp Examining data/luminance-hdr-2.6.0+dfsg/src/HdrWizard/AutoAntighosting.h Examining data/luminance-hdr-2.6.0+dfsg/src/HdrWizard/EditingTools.cpp Examining data/luminance-hdr-2.6.0+dfsg/src/HdrWizard/EditingTools.h Examining data/luminance-hdr-2.6.0+dfsg/src/HdrWizard/HdrCreationItem.cpp Examining data/luminance-hdr-2.6.0+dfsg/src/HdrWizard/HdrCreationItem.h Examining data/luminance-hdr-2.6.0+dfsg/src/HdrWizard/HdrCreationManager.cpp Examining data/luminance-hdr-2.6.0+dfsg/src/HdrWizard/HdrCreationManager.h Examining data/luminance-hdr-2.6.0+dfsg/src/HdrWizard/HdrPreview.cpp Examining data/luminance-hdr-2.6.0+dfsg/src/HdrWizard/HdrPreview.h Examining data/luminance-hdr-2.6.0+dfsg/src/HdrWizard/HdrWizard.cpp Examining data/luminance-hdr-2.6.0+dfsg/src/HdrWizard/HdrWizard.h Examining data/luminance-hdr-2.6.0+dfsg/src/HdrWizard/PreviewWidget.cpp Examining data/luminance-hdr-2.6.0+dfsg/src/HdrWizard/PreviewWidget.h Examining data/luminance-hdr-2.6.0+dfsg/src/HdrWizard/WhiteBalance.cpp Examining data/luminance-hdr-2.6.0+dfsg/src/HdrWizard/WhiteBalance.h Examining data/luminance-hdr-2.6.0+dfsg/src/HelpBrowser/HelpSideBar.cpp Examining data/luminance-hdr-2.6.0+dfsg/src/HelpBrowser/HelpSideBar.h Examining data/luminance-hdr-2.6.0+dfsg/src/HelpBrowser/LuminancePaths.cpp Examining data/luminance-hdr-2.6.0+dfsg/src/HelpBrowser/LuminancePaths.h Examining data/luminance-hdr-2.6.0+dfsg/src/HelpBrowser/helpbrowser.cpp Examining data/luminance-hdr-2.6.0+dfsg/src/HelpBrowser/helpbrowser.h Examining data/luminance-hdr-2.6.0+dfsg/src/HelpBrowser/schelptreemodel.cpp Examining data/luminance-hdr-2.6.0+dfsg/src/HelpBrowser/schelptreemodel.h Examining data/luminance-hdr-2.6.0+dfsg/src/HelpBrowser/sctextbrowser.cpp Examining data/luminance-hdr-2.6.0+dfsg/src/HelpBrowser/sctextbrowser.h Examining data/luminance-hdr-2.6.0+dfsg/src/HelpBrowser/treeitem.cpp Examining data/luminance-hdr-2.6.0+dfsg/src/HelpBrowser/treeitem.h Examining data/luminance-hdr-2.6.0+dfsg/src/HelpBrowser/treemodel.cpp Examining data/luminance-hdr-2.6.0+dfsg/src/HelpBrowser/treemodel.h Examining data/luminance-hdr-2.6.0+dfsg/src/Libpfs/array2d.h Examining data/luminance-hdr-2.6.0+dfsg/src/Libpfs/array2d_fwd.h Examining data/luminance-hdr-2.6.0+dfsg/src/Libpfs/channel.cpp Examining data/luminance-hdr-2.6.0+dfsg/src/Libpfs/channel.h Examining data/luminance-hdr-2.6.0+dfsg/src/Libpfs/colorspace/cmyk.h Examining data/luminance-hdr-2.6.0+dfsg/src/Libpfs/colorspace/colorspace.cpp Examining data/luminance-hdr-2.6.0+dfsg/src/Libpfs/colorspace/colorspace.h Examining data/luminance-hdr-2.6.0+dfsg/src/Libpfs/colorspace/convert.h Examining data/luminance-hdr-2.6.0+dfsg/src/Libpfs/colorspace/copy.h Examining data/luminance-hdr-2.6.0+dfsg/src/Libpfs/colorspace/gamma.h Examining data/luminance-hdr-2.6.0+dfsg/src/Libpfs/colorspace/lcms.h Examining data/luminance-hdr-2.6.0+dfsg/src/Libpfs/colorspace/normalizer.h Examining data/luminance-hdr-2.6.0+dfsg/src/Libpfs/colorspace/rgb.cpp Examining data/luminance-hdr-2.6.0+dfsg/src/Libpfs/colorspace/rgb.h Examining data/luminance-hdr-2.6.0+dfsg/src/Libpfs/colorspace/rgbremapper.cpp Examining data/luminance-hdr-2.6.0+dfsg/src/Libpfs/colorspace/rgbremapper.h Examining data/luminance-hdr-2.6.0+dfsg/src/Libpfs/colorspace/rgbremapper_fwd.h Examining data/luminance-hdr-2.6.0+dfsg/src/Libpfs/colorspace/saturation.h Examining data/luminance-hdr-2.6.0+dfsg/src/Libpfs/colorspace/xyz.cpp Examining data/luminance-hdr-2.6.0+dfsg/src/Libpfs/colorspace/xyz.h Examining data/luminance-hdr-2.6.0+dfsg/src/Libpfs/colorspace/yuv.cpp Examining data/luminance-hdr-2.6.0+dfsg/src/Libpfs/colorspace/yuv.h Examining data/luminance-hdr-2.6.0+dfsg/src/Libpfs/exception.h Examining data/luminance-hdr-2.6.0+dfsg/src/Libpfs/exif/exifdata.cpp Examining data/luminance-hdr-2.6.0+dfsg/src/Libpfs/exif/exifdata.hpp Examining data/luminance-hdr-2.6.0+dfsg/src/Libpfs/fixedstrideiterator.h Examining data/luminance-hdr-2.6.0+dfsg/src/Libpfs/frame.cpp Examining data/luminance-hdr-2.6.0+dfsg/src/Libpfs/frame.h Examining data/luminance-hdr-2.6.0+dfsg/src/Libpfs/io/exrreader.cpp Examining data/luminance-hdr-2.6.0+dfsg/src/Libpfs/io/exrreader.h Examining data/luminance-hdr-2.6.0+dfsg/src/Libpfs/io/exrwriter.cpp Examining data/luminance-hdr-2.6.0+dfsg/src/Libpfs/io/exrwriter.h Examining data/luminance-hdr-2.6.0+dfsg/src/Libpfs/io/fitsreader.cpp Examining data/luminance-hdr-2.6.0+dfsg/src/Libpfs/io/fitsreader.h Examining data/luminance-hdr-2.6.0+dfsg/src/Libpfs/io/framereader.cpp Examining data/luminance-hdr-2.6.0+dfsg/src/Libpfs/io/framereader.h Examining data/luminance-hdr-2.6.0+dfsg/src/Libpfs/io/framereaderfactory.cpp Examining data/luminance-hdr-2.6.0+dfsg/src/Libpfs/io/framereaderfactory.h Examining data/luminance-hdr-2.6.0+dfsg/src/Libpfs/io/framewriter.cpp Examining data/luminance-hdr-2.6.0+dfsg/src/Libpfs/io/framewriter.h Examining data/luminance-hdr-2.6.0+dfsg/src/Libpfs/io/framewriterfactory.cpp Examining data/luminance-hdr-2.6.0+dfsg/src/Libpfs/io/framewriterfactory.h Examining data/luminance-hdr-2.6.0+dfsg/src/Libpfs/io/ioexception.h Examining data/luminance-hdr-2.6.0+dfsg/src/Libpfs/io/jpegreader.cpp Examining data/luminance-hdr-2.6.0+dfsg/src/Libpfs/io/jpegreader.h Examining data/luminance-hdr-2.6.0+dfsg/src/Libpfs/io/jpegwriter.cpp Examining data/luminance-hdr-2.6.0+dfsg/src/Libpfs/io/jpegwriter.h Examining data/luminance-hdr-2.6.0+dfsg/src/Libpfs/io/pfscommon.h Examining data/luminance-hdr-2.6.0+dfsg/src/Libpfs/io/pfsreader.cpp Examining data/luminance-hdr-2.6.0+dfsg/src/Libpfs/io/pfsreader.h Examining data/luminance-hdr-2.6.0+dfsg/src/Libpfs/io/pfswriter.cpp Examining data/luminance-hdr-2.6.0+dfsg/src/Libpfs/io/pfswriter.h Examining data/luminance-hdr-2.6.0+dfsg/src/Libpfs/io/pngwriter.cpp Examining data/luminance-hdr-2.6.0+dfsg/src/Libpfs/io/pngwriter.h Examining data/luminance-hdr-2.6.0+dfsg/src/Libpfs/io/rawreader.cpp Examining data/luminance-hdr-2.6.0+dfsg/src/Libpfs/io/rawreader.h Examining data/luminance-hdr-2.6.0+dfsg/src/Libpfs/io/rgbecommon.h Examining data/luminance-hdr-2.6.0+dfsg/src/Libpfs/io/rgbereader.cpp Examining data/luminance-hdr-2.6.0+dfsg/src/Libpfs/io/rgbereader.h Examining data/luminance-hdr-2.6.0+dfsg/src/Libpfs/io/rgbewriter.cpp Examining data/luminance-hdr-2.6.0+dfsg/src/Libpfs/io/rgbewriter.h Examining data/luminance-hdr-2.6.0+dfsg/src/Libpfs/io/tiffcommon.h Examining data/luminance-hdr-2.6.0+dfsg/src/Libpfs/io/tiffreader.cpp Examining data/luminance-hdr-2.6.0+dfsg/src/Libpfs/io/tiffreader.h Examining data/luminance-hdr-2.6.0+dfsg/src/Libpfs/io/tiffwriter.cpp Examining data/luminance-hdr-2.6.0+dfsg/src/Libpfs/io/tiffwriter.h Examining data/luminance-hdr-2.6.0+dfsg/src/Libpfs/manip/copy.cpp Examining data/luminance-hdr-2.6.0+dfsg/src/Libpfs/manip/copy.h Examining data/luminance-hdr-2.6.0+dfsg/src/Libpfs/manip/cut.cpp Examining data/luminance-hdr-2.6.0+dfsg/src/Libpfs/manip/cut.h Examining data/luminance-hdr-2.6.0+dfsg/src/Libpfs/manip/gamma.cpp Examining data/luminance-hdr-2.6.0+dfsg/src/Libpfs/manip/gamma.h Examining data/luminance-hdr-2.6.0+dfsg/src/Libpfs/manip/gamma_levels.cpp Examining data/luminance-hdr-2.6.0+dfsg/src/Libpfs/manip/gamma_levels.h Examining data/luminance-hdr-2.6.0+dfsg/src/Libpfs/manip/projection.cpp Examining data/luminance-hdr-2.6.0+dfsg/src/Libpfs/manip/projection.h Examining data/luminance-hdr-2.6.0+dfsg/src/Libpfs/manip/resize.cpp Examining data/luminance-hdr-2.6.0+dfsg/src/Libpfs/manip/resize.h Examining data/luminance-hdr-2.6.0+dfsg/src/Libpfs/manip/rotate.cpp Examining data/luminance-hdr-2.6.0+dfsg/src/Libpfs/manip/rotate.h Examining data/luminance-hdr-2.6.0+dfsg/src/Libpfs/manip/saturation.cpp Examining data/luminance-hdr-2.6.0+dfsg/src/Libpfs/manip/saturation.h Examining data/luminance-hdr-2.6.0+dfsg/src/Libpfs/manip/shift.cpp Examining data/luminance-hdr-2.6.0+dfsg/src/Libpfs/manip/shift.h Examining data/luminance-hdr-2.6.0+dfsg/src/Libpfs/params.h Examining data/luminance-hdr-2.6.0+dfsg/src/Libpfs/pfs.h Examining data/luminance-hdr-2.6.0+dfsg/src/Libpfs/progress.cpp Examining data/luminance-hdr-2.6.0+dfsg/src/Libpfs/progress.h Examining data/luminance-hdr-2.6.0+dfsg/src/Libpfs/rt_algo.cpp Examining data/luminance-hdr-2.6.0+dfsg/src/Libpfs/rt_algo.h Examining data/luminance-hdr-2.6.0+dfsg/src/Libpfs/strideiterator.h Examining data/luminance-hdr-2.6.0+dfsg/src/Libpfs/tag.cpp Examining data/luminance-hdr-2.6.0+dfsg/src/Libpfs/tag.h Examining data/luminance-hdr-2.6.0+dfsg/src/Libpfs/tm/TonemapOperator.cpp Examining data/luminance-hdr-2.6.0+dfsg/src/Libpfs/tm/TonemapOperator.h Examining data/luminance-hdr-2.6.0+dfsg/src/Libpfs/utils/chain.h Examining data/luminance-hdr-2.6.0+dfsg/src/Libpfs/utils/clamp.h Examining data/luminance-hdr-2.6.0+dfsg/src/Libpfs/utils/dotproduct.h Examining data/luminance-hdr-2.6.0+dfsg/src/Libpfs/utils/minmax.h Examining data/luminance-hdr-2.6.0+dfsg/src/Libpfs/utils/msec_timer.cpp Examining data/luminance-hdr-2.6.0+dfsg/src/Libpfs/utils/msec_timer.h Examining data/luminance-hdr-2.6.0+dfsg/src/Libpfs/utils/numeric.h Examining data/luminance-hdr-2.6.0+dfsg/src/Libpfs/utils/resourcehandler.h Examining data/luminance-hdr-2.6.0+dfsg/src/Libpfs/utils/resourcehandlerlcms.h Examining data/luminance-hdr-2.6.0+dfsg/src/Libpfs/utils/resourcehandlerstdio.h Examining data/luminance-hdr-2.6.0+dfsg/src/Libpfs/utils/sse.cpp Examining data/luminance-hdr-2.6.0+dfsg/src/Libpfs/utils/sse.h Examining data/luminance-hdr-2.6.0+dfsg/src/Libpfs/utils/string.cpp Examining data/luminance-hdr-2.6.0+dfsg/src/Libpfs/utils/string.h Examining data/luminance-hdr-2.6.0+dfsg/src/Libpfs/utils/transform.h Examining data/luminance-hdr-2.6.0+dfsg/src/LibpfsAdditions/formathelper.cpp Examining data/luminance-hdr-2.6.0+dfsg/src/LibpfsAdditions/formathelper.h Examining data/luminance-hdr-2.6.0+dfsg/src/MainCli/commandline.cpp Examining data/luminance-hdr-2.6.0+dfsg/src/MainCli/commandline.h Examining data/luminance-hdr-2.6.0+dfsg/src/MainCli/ezETAProgressBar.hpp Examining data/luminance-hdr-2.6.0+dfsg/src/MainCli/main.cpp Examining data/luminance-hdr-2.6.0+dfsg/src/MainGui/main.cpp Examining data/luminance-hdr-2.6.0+dfsg/src/MainWindow/DnDOption.cpp Examining data/luminance-hdr-2.6.0+dfsg/src/MainWindow/DnDOption.h Examining data/luminance-hdr-2.6.0+dfsg/src/MainWindow/DonationDialog.cpp Examining data/luminance-hdr-2.6.0+dfsg/src/MainWindow/DonationDialog.h Examining data/luminance-hdr-2.6.0+dfsg/src/MainWindow/MainWindow.cpp Examining data/luminance-hdr-2.6.0+dfsg/src/MainWindow/MainWindow.h Examining data/luminance-hdr-2.6.0+dfsg/src/MainWindow/UpdateChecker.cpp Examining data/luminance-hdr-2.6.0+dfsg/src/MainWindow/UpdateChecker.h Examining data/luminance-hdr-2.6.0+dfsg/src/OsIntegration/ecwin7.cpp Examining data/luminance-hdr-2.6.0+dfsg/src/OsIntegration/ecwin7.h Examining data/luminance-hdr-2.6.0+dfsg/src/OsIntegration/osintegration.cpp Examining data/luminance-hdr-2.6.0+dfsg/src/OsIntegration/osintegration.h Examining data/luminance-hdr-2.6.0+dfsg/src/Preferences/PreferencesDialog.cpp Examining data/luminance-hdr-2.6.0+dfsg/src/Preferences/PreferencesDialog.h Examining data/luminance-hdr-2.6.0+dfsg/src/PreviewPanel/PreviewLabel.cpp Examining data/luminance-hdr-2.6.0+dfsg/src/PreviewPanel/PreviewLabel.h Examining data/luminance-hdr-2.6.0+dfsg/src/PreviewPanel/PreviewPanel.cpp Examining data/luminance-hdr-2.6.0+dfsg/src/PreviewPanel/PreviewPanel.h Examining data/luminance-hdr-2.6.0+dfsg/src/PreviewSettings/PreviewSettings.cpp Examining data/luminance-hdr-2.6.0+dfsg/src/PreviewSettings/PreviewSettings.h Examining data/luminance-hdr-2.6.0+dfsg/src/Projection/ProjectionsDialog.cpp Examining data/luminance-hdr-2.6.0+dfsg/src/Projection/ProjectionsDialog.h Examining data/luminance-hdr-2.6.0+dfsg/src/Resize/ResizeDialog.cpp Examining data/luminance-hdr-2.6.0+dfsg/src/Resize/ResizeDialog.h Examining data/luminance-hdr-2.6.0+dfsg/src/StopWatch.h Examining data/luminance-hdr-2.6.0+dfsg/src/TonemappingOperators/ashikhmin02/pfstmo_ashikhmin02.cpp Examining data/luminance-hdr-2.6.0+dfsg/src/TonemappingOperators/ashikhmin02/pyramid.h Examining data/luminance-hdr-2.6.0+dfsg/src/TonemappingOperators/ashikhmin02/tmo_ashikhmin02.cpp Examining data/luminance-hdr-2.6.0+dfsg/src/TonemappingOperators/ashikhmin02/tmo_ashikhmin02.h Examining data/luminance-hdr-2.6.0+dfsg/src/TonemappingOperators/drago03/pfstmo_drago03.cpp Examining data/luminance-hdr-2.6.0+dfsg/src/TonemappingOperators/drago03/tmo_drago03.cpp Examining data/luminance-hdr-2.6.0+dfsg/src/TonemappingOperators/drago03/tmo_drago03.h Examining data/luminance-hdr-2.6.0+dfsg/src/TonemappingOperators/durand02/bilateral.cpp Examining data/luminance-hdr-2.6.0+dfsg/src/TonemappingOperators/durand02/bilateral.h Examining data/luminance-hdr-2.6.0+dfsg/src/TonemappingOperators/durand02/fastbilateral.cpp Examining data/luminance-hdr-2.6.0+dfsg/src/TonemappingOperators/durand02/fastbilateral.h Examining data/luminance-hdr-2.6.0+dfsg/src/TonemappingOperators/durand02/pfstmo_durand02.cpp Examining data/luminance-hdr-2.6.0+dfsg/src/TonemappingOperators/durand02/tmo_durand02.cpp Examining data/luminance-hdr-2.6.0+dfsg/src/TonemappingOperators/durand02/tmo_durand02.h Examining data/luminance-hdr-2.6.0+dfsg/src/TonemappingOperators/fattal02/pde.cpp Examining data/luminance-hdr-2.6.0+dfsg/src/TonemappingOperators/fattal02/pde.h Examining data/luminance-hdr-2.6.0+dfsg/src/TonemappingOperators/fattal02/pde_fft.cpp Examining data/luminance-hdr-2.6.0+dfsg/src/TonemappingOperators/fattal02/pfstmo_fattal02.cpp Examining data/luminance-hdr-2.6.0+dfsg/src/TonemappingOperators/fattal02/tmo_fattal02.cpp Examining data/luminance-hdr-2.6.0+dfsg/src/TonemappingOperators/fattal02/tmo_fattal02.h Examining data/luminance-hdr-2.6.0+dfsg/src/TonemappingOperators/ferradans11/pfstmo_ferradans11.cpp Examining data/luminance-hdr-2.6.0+dfsg/src/TonemappingOperators/ferradans11/tmo_ferradans11.cpp Examining data/luminance-hdr-2.6.0+dfsg/src/TonemappingOperators/ferradans11/tmo_ferradans11.h Examining data/luminance-hdr-2.6.0+dfsg/src/TonemappingOperators/ferwerda96/pfstmo_ferwerda96.cpp Examining data/luminance-hdr-2.6.0+dfsg/src/TonemappingOperators/ferwerda96/tmo_ferwerda96.cpp Examining data/luminance-hdr-2.6.0+dfsg/src/TonemappingOperators/ferwerda96/tmo_ferwerda96.h Examining data/luminance-hdr-2.6.0+dfsg/src/TonemappingOperators/kimkautz08/pfstmo_kimkautz08.cpp Examining data/luminance-hdr-2.6.0+dfsg/src/TonemappingOperators/kimkautz08/tmo_kimkautz08.cpp Examining data/luminance-hdr-2.6.0+dfsg/src/TonemappingOperators/kimkautz08/tmo_kimkautz08.h Examining data/luminance-hdr-2.6.0+dfsg/src/TonemappingOperators/lischinski06/lischinski_minimization.cpp Examining data/luminance-hdr-2.6.0+dfsg/src/TonemappingOperators/lischinski06/lischinski_minimization.h Examining data/luminance-hdr-2.6.0+dfsg/src/TonemappingOperators/lischinski06/pfstmo_lischinski06.cpp Examining data/luminance-hdr-2.6.0+dfsg/src/TonemappingOperators/lischinski06/tmo_lischinski06.cpp Examining data/luminance-hdr-2.6.0+dfsg/src/TonemappingOperators/lischinski06/tmo_lischinski06.h Examining data/luminance-hdr-2.6.0+dfsg/src/TonemappingOperators/mai11/compression_tmo.cpp Examining data/luminance-hdr-2.6.0+dfsg/src/TonemappingOperators/mai11/compression_tmo.h Examining data/luminance-hdr-2.6.0+dfsg/src/TonemappingOperators/mai11/pfstmo_mai11.cpp Examining data/luminance-hdr-2.6.0+dfsg/src/TonemappingOperators/mantiuk06/contrast_domain.cpp Examining data/luminance-hdr-2.6.0+dfsg/src/TonemappingOperators/mantiuk06/contrast_domain.h Examining data/luminance-hdr-2.6.0+dfsg/src/TonemappingOperators/mantiuk06/pfstmo_mantiuk06.cpp Examining data/luminance-hdr-2.6.0+dfsg/src/TonemappingOperators/mantiuk06/pyramid.cpp Examining data/luminance-hdr-2.6.0+dfsg/src/TonemappingOperators/mantiuk06/pyramid.h Examining data/luminance-hdr-2.6.0+dfsg/src/TonemappingOperators/mantiuk08/cqp/cqpminimizer.c Examining data/luminance-hdr-2.6.0+dfsg/src/TonemappingOperators/mantiuk08/cqp/gsl_cqp.h Examining data/luminance-hdr-2.6.0+dfsg/src/TonemappingOperators/mantiuk08/cqp/initial_point.c Examining data/luminance-hdr-2.6.0+dfsg/src/TonemappingOperators/mantiuk08/cqp/initial_point.h Examining data/luminance-hdr-2.6.0+dfsg/src/TonemappingOperators/mantiuk08/cqp/mg_pdip.c Examining data/luminance-hdr-2.6.0+dfsg/src/TonemappingOperators/mantiuk08/display_adaptive_tmo.cpp Examining data/luminance-hdr-2.6.0+dfsg/src/TonemappingOperators/mantiuk08/display_adaptive_tmo.h Examining data/luminance-hdr-2.6.0+dfsg/src/TonemappingOperators/mantiuk08/display_function.cpp Examining data/luminance-hdr-2.6.0+dfsg/src/TonemappingOperators/mantiuk08/display_size.cpp Examining data/luminance-hdr-2.6.0+dfsg/src/TonemappingOperators/mantiuk08/display_size.h Examining data/luminance-hdr-2.6.0+dfsg/src/TonemappingOperators/mantiuk08/pfstmo_mantiuk08.cpp Examining data/luminance-hdr-2.6.0+dfsg/src/TonemappingOperators/mantiuk08/display_function.h Examining data/luminance-hdr-2.6.0+dfsg/src/TonemappingOperators/pattanaik00/pfstmo_pattanaik00.cpp Examining data/luminance-hdr-2.6.0+dfsg/src/TonemappingOperators/pattanaik00/tmo_pattanaik00.cpp Examining data/luminance-hdr-2.6.0+dfsg/src/TonemappingOperators/pattanaik00/tmo_pattanaik00.h Examining data/luminance-hdr-2.6.0+dfsg/src/TonemappingOperators/pfstmdefaultparams.h Examining data/luminance-hdr-2.6.0+dfsg/src/TonemappingOperators/pfstmo.h Examining data/luminance-hdr-2.6.0+dfsg/src/TonemappingOperators/reinhard02/pfstmo_reinhard02.cpp Examining data/luminance-hdr-2.6.0+dfsg/src/TonemappingOperators/reinhard02/tmo_reinhard02.cpp Examining data/luminance-hdr-2.6.0+dfsg/src/TonemappingOperators/reinhard02/tmo_reinhard02.h Examining data/luminance-hdr-2.6.0+dfsg/src/TonemappingOperators/reinhard05/pfstmo_reinhard05.cpp Examining data/luminance-hdr-2.6.0+dfsg/src/TonemappingOperators/reinhard05/tmo_reinhard05.cpp Examining data/luminance-hdr-2.6.0+dfsg/src/TonemappingOperators/reinhard05/tmo_reinhard05.h Examining data/luminance-hdr-2.6.0+dfsg/src/TonemappingOperators/vanhateren06/pfstmo_vanhateren06.cpp Examining data/luminance-hdr-2.6.0+dfsg/src/TonemappingOperators/vanhateren06/tmo_vanhateren06.cpp Examining data/luminance-hdr-2.6.0+dfsg/src/TonemappingOperators/vanhateren06/tmo_vanhateren06.h Examining data/luminance-hdr-2.6.0+dfsg/src/TonemappingPanel/SavingParametersDialog.cpp Examining data/luminance-hdr-2.6.0+dfsg/src/TonemappingPanel/SavingParametersDialog.h Examining data/luminance-hdr-2.6.0+dfsg/src/TonemappingPanel/TMOProgressIndicator.cpp Examining data/luminance-hdr-2.6.0+dfsg/src/TonemappingPanel/TMOProgressIndicator.h Examining data/luminance-hdr-2.6.0+dfsg/src/TonemappingPanel/ThresholdWidget.cpp Examining data/luminance-hdr-2.6.0+dfsg/src/TonemappingPanel/ThresholdWidget.h Examining data/luminance-hdr-2.6.0+dfsg/src/TonemappingPanel/TonemappingPanel.cpp Examining data/luminance-hdr-2.6.0+dfsg/src/TonemappingPanel/TonemappingPanel.h Examining data/luminance-hdr-2.6.0+dfsg/src/TonemappingPanel/TonemappingSettings.cpp Examining data/luminance-hdr-2.6.0+dfsg/src/TonemappingPanel/TonemappingSettings.h Examining data/luminance-hdr-2.6.0+dfsg/src/TransplantExif/TransplantExifDialog.cpp Examining data/luminance-hdr-2.6.0+dfsg/src/TransplantExif/TransplantExifDialog.h Examining data/luminance-hdr-2.6.0+dfsg/src/UI/ExportToHtmlDialog.cpp Examining data/luminance-hdr-2.6.0+dfsg/src/UI/ExportToHtmlDialog.h Examining data/luminance-hdr-2.6.0+dfsg/src/UI/ExtWizardPage.cpp Examining data/luminance-hdr-2.6.0+dfsg/src/UI/ExtWizardPage.h Examining data/luminance-hdr-2.6.0+dfsg/src/UI/FitsImporter.cpp Examining data/luminance-hdr-2.6.0+dfsg/src/UI/FitsImporter.h Examining data/luminance-hdr-2.6.0+dfsg/src/UI/FlowLayout.cpp Examining data/luminance-hdr-2.6.0+dfsg/src/UI/FlowLayout.h Examining data/luminance-hdr-2.6.0+dfsg/src/UI/GammaAndLevels.cpp Examining data/luminance-hdr-2.6.0+dfsg/src/UI/GammaAndLevels.h Examining data/luminance-hdr-2.6.0+dfsg/src/UI/Gang.cpp Examining data/luminance-hdr-2.6.0+dfsg/src/UI/Gang.h Examining data/luminance-hdr-2.6.0+dfsg/src/UI/ImageQualityDialog.cpp Examining data/luminance-hdr-2.6.0+dfsg/src/UI/ImageQualityDialog.h Examining data/luminance-hdr-2.6.0+dfsg/src/UI/PreviewFrame.cpp Examining data/luminance-hdr-2.6.0+dfsg/src/UI/PreviewFrame.h Examining data/luminance-hdr-2.6.0+dfsg/src/UI/SavedParametersDialog.cpp Examining data/luminance-hdr-2.6.0+dfsg/src/UI/SavedParametersDialog.h Examining data/luminance-hdr-2.6.0+dfsg/src/UI/SimplePreviewLabel.cpp Examining data/luminance-hdr-2.6.0+dfsg/src/UI/SimplePreviewLabel.h Examining data/luminance-hdr-2.6.0+dfsg/src/UI/SupportedCamerasDialog.cpp Examining data/luminance-hdr-2.6.0+dfsg/src/UI/SupportedCamerasDialog.h Examining data/luminance-hdr-2.6.0+dfsg/src/UI/TiffModeDialog.cpp Examining data/luminance-hdr-2.6.0+dfsg/src/UI/TiffModeDialog.h Examining data/luminance-hdr-2.6.0+dfsg/src/UI/UMessageBox.cpp Examining data/luminance-hdr-2.6.0+dfsg/src/UI/UMessageBox.h Examining data/luminance-hdr-2.6.0+dfsg/src/Viewers/GenericViewer.cpp Examining data/luminance-hdr-2.6.0+dfsg/src/Viewers/GenericViewer.h Examining data/luminance-hdr-2.6.0+dfsg/src/Viewers/HdrViewer.cpp Examining data/luminance-hdr-2.6.0+dfsg/src/Viewers/HdrViewer.h Examining data/luminance-hdr-2.6.0+dfsg/src/Viewers/Histogram.cpp Examining data/luminance-hdr-2.6.0+dfsg/src/Viewers/Histogram.h Examining data/luminance-hdr-2.6.0+dfsg/src/Viewers/IGraphicsPixmapItem.cpp Examining data/luminance-hdr-2.6.0+dfsg/src/Viewers/IGraphicsPixmapItem.h Examining data/luminance-hdr-2.6.0+dfsg/src/Viewers/IGraphicsView.cpp Examining data/luminance-hdr-2.6.0+dfsg/src/Viewers/IGraphicsView.h Examining data/luminance-hdr-2.6.0+dfsg/src/Viewers/ISelectionAnchor.cpp Examining data/luminance-hdr-2.6.0+dfsg/src/Viewers/ISelectionAnchor.h Examining data/luminance-hdr-2.6.0+dfsg/src/Viewers/ISelectionBox.cpp Examining data/luminance-hdr-2.6.0+dfsg/src/Viewers/ISelectionBox.h Examining data/luminance-hdr-2.6.0+dfsg/src/Viewers/LdrViewer.cpp Examining data/luminance-hdr-2.6.0+dfsg/src/Viewers/LdrViewer.h Examining data/luminance-hdr-2.6.0+dfsg/src/Viewers/LuminanceRangeWidget.cpp Examining data/luminance-hdr-2.6.0+dfsg/src/Viewers/LuminanceRangeWidget.h Examining data/luminance-hdr-2.6.0+dfsg/src/Viewers/PanIconWidget.cpp Examining data/luminance-hdr-2.6.0+dfsg/src/Viewers/PanIconWidget.h Examining data/luminance-hdr-2.6.0+dfsg/src/arch/freebsd/math.h Examining data/luminance-hdr-2.6.0+dfsg/src/arch/malloc.h Examining data/luminance-hdr-2.6.0+dfsg/src/arch/math.h Examining data/luminance-hdr-2.6.0+dfsg/src/arch/msvc/math.h Examining data/luminance-hdr-2.6.0+dfsg/src/arch/string.h Examining data/luminance-hdr-2.6.0+dfsg/src/contrib/qtwaitingspinner/QtWaitingSpinner.cpp Examining data/luminance-hdr-2.6.0+dfsg/src/contrib/qtwaitingspinner/QtWaitingSpinner.h Examining data/luminance-hdr-2.6.0+dfsg/src/gauss.h Examining data/luminance-hdr-2.6.0+dfsg/src/helpersse2.h Examining data/luminance-hdr-2.6.0+dfsg/src/mytime.h Examining data/luminance-hdr-2.6.0+dfsg/src/noncopyable.h Examining data/luminance-hdr-2.6.0+dfsg/src/opthelper.h Examining data/luminance-hdr-2.6.0+dfsg/src/rt_math.h Examining data/luminance-hdr-2.6.0+dfsg/src/sleef.c Examining data/luminance-hdr-2.6.0+dfsg/src/sleefsseavx.c Examining data/luminance-hdr-2.6.0+dfsg/test/CompareVector.h Examining data/luminance-hdr-2.6.0+dfsg/test/FusionAlgorithms/PrintResponses.cpp Examining data/luminance-hdr-2.6.0+dfsg/test/FusionAlgorithms/PrintWeights.cpp Examining data/luminance-hdr-2.6.0+dfsg/test/ImageInspector/ImageInspectorMain.cpp Examining data/luminance-hdr-2.6.0+dfsg/test/InputOutputTest/InputOutputMain.cpp Examining data/luminance-hdr-2.6.0+dfsg/test/PrintArray2D.cpp Examining data/luminance-hdr-2.6.0+dfsg/test/PrintArray2D.h Examining data/luminance-hdr-2.6.0+dfsg/test/SeqInt.h Examining data/luminance-hdr-2.6.0+dfsg/test/TestCMYK2RGB.cpp Examining data/luminance-hdr-2.6.0+dfsg/test/TestConvertSample.cpp Examining data/luminance-hdr-2.6.0+dfsg/test/TestFloatRgb.cpp Examining data/luminance-hdr-2.6.0+dfsg/test/TestFrameArray2D.cpp Examining data/luminance-hdr-2.6.0+dfsg/test/TestFusionOperator.cpp Examining data/luminance-hdr-2.6.0+dfsg/test/TestHdrCreationWizard.cpp Examining data/luminance-hdr-2.6.0+dfsg/test/TestImageQualityDialog.cpp Examining data/luminance-hdr-2.6.0+dfsg/test/TestMTB.cpp Examining data/luminance-hdr-2.6.0+dfsg/test/TestMantiuk06Basic.cpp Examining data/luminance-hdr-2.6.0+dfsg/test/TestMantiuk06Pyramid.cpp Examining data/luminance-hdr-2.6.0+dfsg/test/TestMinMax.cpp Examining data/luminance-hdr-2.6.0+dfsg/test/TestPfsCut.cpp Examining data/luminance-hdr-2.6.0+dfsg/test/TestPfsRotate.cpp Examining data/luminance-hdr-2.6.0+dfsg/test/TestPfsShift.cpp Examining data/luminance-hdr-2.6.0+dfsg/test/TestPoissonSolver.cpp Examining data/luminance-hdr-2.6.0+dfsg/test/TestRGB2XYZ.cpp Examining data/luminance-hdr-2.6.0+dfsg/test/TestSRGB2XYZ.cpp Examining data/luminance-hdr-2.6.0+dfsg/test/TestVex.cpp Examining data/luminance-hdr-2.6.0+dfsg/test/TestVexDotProduct.cpp Examining data/luminance-hdr-2.6.0+dfsg/test/TestXYZ2RGB.cpp Examining data/luminance-hdr-2.6.0+dfsg/test/WhiteBalance/WhiteBalanceMain.cpp Examining data/luminance-hdr-2.6.0+dfsg/test/mantiuk06/contrast_domain.cpp Examining data/luminance-hdr-2.6.0+dfsg/test/mantiuk06/contrast_domain.h FINAL RESULTS: data/luminance-hdr-2.6.0+dfsg/src/Common/LuminanceOptions.cpp:273:40: [4] (shell) system: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. ->value(KEY_GUI_LANG, QLocale::system().name().left(2)) data/luminance-hdr-2.6.0+dfsg/src/HdrCreation/responses.cpp:178:5: [4] (format) sprintf: Potential format string problem (CWE-134). Make format string constant. sprintf(fn, filename, counter); data/luminance-hdr-2.6.0+dfsg/src/HdrHTML/pfsouthdrhtml.cpp:60:5: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(p_t_temp, p_t.toStdString().c_str()); data/luminance-hdr-2.6.0+dfsg/src/HdrHTML/pfsouthdrhtml.cpp:63:5: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(i_t_temp, i_t.toStdString().c_str()); data/luminance-hdr-2.6.0+dfsg/src/HelpBrowser/LuminancePaths.cpp:78:30: [4] (shell) system: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. QStringList l_c(QLocale::system().name().split(sep)); data/luminance-hdr-2.6.0+dfsg/src/Libpfs/io/pfsreader.cpp:35:21: [4] (buffer) fscanf: The scanf() family's %s operation, without a limit specification, permits buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a different input function. If the scanf format is influenceable by an attacker, it's exploitable. int readItems = fscanf(in, "%d" PFSEOL, &tagCount); data/luminance-hdr-2.6.0+dfsg/src/Libpfs/io/pfsreader.cpp:88:12: [4] (buffer) fscanf: The scanf() family's %s operation, without a limit specification, permits buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a different input function. If the scanf format is influenceable by an attacker, it's exploitable. read = fscanf(m_file.data(), "%d %d" PFSEOL, &width, &height); data/luminance-hdr-2.6.0+dfsg/src/Libpfs/io/pfsreader.cpp:98:12: [4] (buffer) fscanf: The scanf() family's %s operation, without a limit specification, permits buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a different input function. If the scanf format is influenceable by an attacker, it's exploitable. read = fscanf(m_file.data(), "%d" PFSEOL, &channelCount); data/luminance-hdr-2.6.0+dfsg/src/Libpfs/io/pfswriter.cpp:37:5: [4] (format) fprintf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. fprintf(out, "%d" PFSEOL, (int)tags.size()); data/luminance-hdr-2.6.0+dfsg/src/Libpfs/io/pfswriter.cpp:41:9: [4] (format) fprintf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. fprintf(out, PFSEOL); data/luminance-hdr-2.6.0+dfsg/src/Libpfs/io/pfswriter.cpp:63:5: [4] (format) fprintf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. fprintf(outputStream.data(), "%d %d" PFSEOL, (int)frame.getWidth(), data/luminance-hdr-2.6.0+dfsg/src/Libpfs/io/pfswriter.cpp:65:5: [4] (format) fprintf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. fprintf(outputStream.data(), "%d" PFSEOL, (int)channels.size()); data/luminance-hdr-2.6.0+dfsg/src/Libpfs/io/pfswriter.cpp:72:9: [4] (format) fprintf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. fprintf(outputStream.data(), "%s" PFSEOL, (*it)->getName().c_str()); data/luminance-hdr-2.6.0+dfsg/src/Common/CommonFunctions.cpp:281:53: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). FrameReaderPtr reader = FrameReaderFactory::open(filePath.constData()); data/luminance-hdr-2.6.0+dfsg/src/Common/CommonFunctions.cpp:389:53: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). FrameWriterPtr writer = FrameWriterFactory::open( data/luminance-hdr-2.6.0+dfsg/src/Common/LuminanceOptions.cpp:133:22: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if (file.open(QIODevice::WriteOnly)) file.close(); data/luminance-hdr-2.6.0+dfsg/src/Common/LuminanceOptions.cpp:660:15: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if (!file.open(QIODevice::ReadWrite)) { data/luminance-hdr-2.6.0+dfsg/src/Core/IOWorker.cpp:99:33: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). FrameWriterFactory::open(encodedName.constData(), writerParams); data/luminance-hdr-2.6.0+dfsg/src/Core/IOWorker.cpp:165:33: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). FrameWriterFactory::open(encodedName.constData(), params); data/luminance-hdr-2.6.0+dfsg/src/Core/IOWorker.cpp:252:33: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). FrameReaderFactory::open(encodedFileName.constData()); data/luminance-hdr-2.6.0+dfsg/src/Core/TonemappingOptions.cpp:549:15: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if (!file.open(QIODevice::ReadOnly | QIODevice::Text) || file.size() == 0) { data/luminance-hdr-2.6.0+dfsg/src/Exif/ExifOperations.cpp:116:48: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). sourceImage = Exiv2::ImageFactory::open(from); data/luminance-hdr-2.6.0+dfsg/src/Exif/ExifOperations.cpp:131:71: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). Exiv2::Image::AutoPtr destinationImage = Exiv2::ImageFactory::open(to); data/luminance-hdr-2.6.0+dfsg/src/Exif/ExifOperations.cpp:341:60: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). Exiv2::Image::AutoPtr image = Exiv2::ImageFactory::open(filename); data/luminance-hdr-2.6.0+dfsg/src/Exif/ExifOperations.cpp:384:60: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). Exiv2::Image::AutoPtr image = Exiv2::ImageFactory::open(filename); data/luminance-hdr-2.6.0+dfsg/src/HdrCreation/responses.cpp:70:32: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). ScopedStdIoFile outputFile(fopen(fileName.c_str(), "w")); data/luminance-hdr-2.6.0+dfsg/src/HdrCreation/responses.cpp:77:31: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). ScopedStdIoFile inputFile(fopen(fileName.c_str(), "r")); data/luminance-hdr-2.6.0+dfsg/src/HdrCreation/responses.cpp:168:16: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). FILE *fp = fopen(filename, "w"); data/luminance-hdr-2.6.0+dfsg/src/HdrCreation/responses.cpp:177:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char fn[2048]; data/luminance-hdr-2.6.0+dfsg/src/HdrCreation/responses.cpp:207:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char line[1024]; data/luminance-hdr-2.6.0+dfsg/src/HdrCreation/weights.cpp:178:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char line[1024]; data/luminance-hdr-2.6.0+dfsg/src/HdrHTML/hdrhtml.cpp:176:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(this->y_i, other.y_i, lut_size * sizeof(float)); data/luminance-hdr-2.6.0+dfsg/src/HdrHTML/hdrhtml.cpp:186:13: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(this->y_i, other.y_i, lut_size * sizeof(float)); data/luminance-hdr-2.6.0+dfsg/src/HdrHTML/hdrhtml.cpp:261:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(this->y_i, other.y_i, lut_size * sizeof(Ty)); data/luminance-hdr-2.6.0+dfsg/src/HdrHTML/hdrhtml.cpp:270:13: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(this->y_i, other.y_i, lut_size * sizeof(Ty)); data/luminance-hdr-2.6.0+dfsg/src/HdrHTML/hdrhtml.cpp:402:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char line[MAX_LINE_LENGTH]; data/luminance-hdr-2.6.0+dfsg/src/HdrHTML/hdrhtml.cpp:516:13: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char line[MAX_LINE_LENGTH]; data/luminance-hdr-2.6.0+dfsg/src/HdrHTML/pfsouthdrhtml.cpp:59:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char p_t_temp[MAX_LINE_LENGTH]; data/luminance-hdr-2.6.0+dfsg/src/HdrHTML/pfsouthdrhtml.cpp:62:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char i_t_temp[MAX_LINE_LENGTH]; data/luminance-hdr-2.6.0+dfsg/src/HdrWizard/HdrCreationManager.cpp:518:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(patches, m_patches, agGridSize * agGridSize); data/luminance-hdr-2.6.0+dfsg/src/HdrWizard/HdrCreationManager.cpp:818:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(patches, m_patches, agGridSize * agGridSize); data/luminance-hdr-2.6.0+dfsg/src/HdrWizard/HdrCreationManager.cpp:824:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(m_patches, patches, agGridSize * agGridSize); data/luminance-hdr-2.6.0+dfsg/src/HdrWizard/PreviewWidget.cpp:785:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(m_patches, patches, agGridSize * agGridSize); data/luminance-hdr-2.6.0+dfsg/src/HdrWizard/PreviewWidget.cpp:853:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(patches, m_patches, agGridSize * agGridSize); data/luminance-hdr-2.6.0+dfsg/src/HelpBrowser/helpbrowser.cpp:457:15: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if (f.open(QIODevice::ReadOnly)) { data/luminance-hdr-2.6.0+dfsg/src/HelpBrowser/schelptreemodel.cpp:57:15: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if (!file.open(QIODevice::ReadOnly)) return; data/luminance-hdr-2.6.0+dfsg/src/Libpfs/exif/exifdata.cpp:55:62: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). ::Exiv2::Image::AutoPtr image = Exiv2::ImageFactory::open(filename); data/luminance-hdr-2.6.0+dfsg/src/Libpfs/io/exrreader.cpp:79:16: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). EXRReader::open(); data/luminance-hdr-2.6.0+dfsg/src/Libpfs/io/exrreader.cpp:84:17: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). void EXRReader::open() { data/luminance-hdr-2.6.0+dfsg/src/Libpfs/io/exrreader.cpp:139:20: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if (!isOpen()) open(); data/luminance-hdr-2.6.0+dfsg/src/Libpfs/io/exrreader.h:38:10: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). void open(); data/luminance-hdr-2.6.0+dfsg/src/Libpfs/io/fitsreader.cpp:68:17: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). FitsReader::open(); data/luminance-hdr-2.6.0+dfsg/src/Libpfs/io/fitsreader.cpp:73:18: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). void FitsReader::open() { data/luminance-hdr-2.6.0+dfsg/src/Libpfs/io/fitsreader.cpp:104:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char error_string[FLEN_ERRMSG]; data/luminance-hdr-2.6.0+dfsg/src/Libpfs/io/fitsreader.cpp:156:20: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if (!isOpen()) open(); data/luminance-hdr-2.6.0+dfsg/src/Libpfs/io/fitsreader.cpp:182:17: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char error_string[FLEN_ERRMSG]; data/luminance-hdr-2.6.0+dfsg/src/Libpfs/io/fitsreader.cpp:201:17: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char error_string[FLEN_ERRMSG]; data/luminance-hdr-2.6.0+dfsg/src/Libpfs/io/fitsreader.cpp:221:17: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char error_string[FLEN_ERRMSG]; data/luminance-hdr-2.6.0+dfsg/src/Libpfs/io/fitsreader.cpp:241:17: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char error_string[FLEN_ERRMSG]; data/luminance-hdr-2.6.0+dfsg/src/Libpfs/io/fitsreader.cpp:261:17: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char error_string[FLEN_ERRMSG]; data/luminance-hdr-2.6.0+dfsg/src/Libpfs/io/fitsreader.cpp:282:17: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char error_string[FLEN_ERRMSG]; data/luminance-hdr-2.6.0+dfsg/src/Libpfs/io/fitsreader.h:50:10: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). void open(); data/luminance-hdr-2.6.0+dfsg/src/Libpfs/io/framereader.h:51:18: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). virtual void open() = 0; data/luminance-hdr-2.6.0+dfsg/src/Libpfs/io/framereaderfactory.cpp:33:36: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). FrameReaderPtr FrameReaderFactory::open(const std::string &filename) { data/luminance-hdr-2.6.0+dfsg/src/Libpfs/io/framereaderfactory.h:45:27: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). static FrameReaderPtr open(const std::string &filename); data/luminance-hdr-2.6.0+dfsg/src/Libpfs/io/framewriterfactory.cpp:33:36: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). FrameWriterPtr FrameWriterFactory::open(const std::string &filename, data/luminance-hdr-2.6.0+dfsg/src/Libpfs/io/framewriterfactory.h:45:27: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). static FrameWriterPtr open(const std::string &filename, data/luminance-hdr-2.6.0+dfsg/src/Libpfs/io/jpegreader.cpp:90:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char marker_present[MAX_SEQ_NO + 1]; /* 1 if marker found */ data/luminance-hdr-2.6.0+dfsg/src/Libpfs/io/jpegreader.cpp:183:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buffer[JMSG_LENGTH_MAX]; data/luminance-hdr-2.6.0+dfsg/src/Libpfs/io/jpegreader.cpp:189:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buffer[JMSG_LENGTH_MAX]; data/luminance-hdr-2.6.0+dfsg/src/Libpfs/io/jpegreader.cpp:210:17: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). JpegReader::open(); data/luminance-hdr-2.6.0+dfsg/src/Libpfs/io/jpegreader.cpp:224:18: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). void JpegReader::open() { data/luminance-hdr-2.6.0+dfsg/src/Libpfs/io/jpegreader.cpp:233:25: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). m_data->file_.reset(fopen(filename().c_str(), "rb")); data/luminance-hdr-2.6.0+dfsg/src/Libpfs/io/jpegreader.h:43:10: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). void open(); data/luminance-hdr-2.6.0+dfsg/src/Libpfs/io/jpegwriter.cpp:142:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buffer[JMSG_LENGTH_MAX]; data/luminance-hdr-2.6.0+dfsg/src/Libpfs/io/jpegwriter.cpp:148:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buffer[JMSG_LENGTH_MAX]; data/luminance-hdr-2.6.0+dfsg/src/Libpfs/io/jpegwriter.cpp:391:9: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). open(filename); data/luminance-hdr-2.6.0+dfsg/src/Libpfs/io/jpegwriter.cpp:399:10: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). void open(const std::string &filename) { data/luminance-hdr-2.6.0+dfsg/src/Libpfs/io/jpegwriter.cpp:400:24: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). m_handle.reset(fopen(filename.c_str(), "wb")); data/luminance-hdr-2.6.0+dfsg/src/Libpfs/io/pfsreader.cpp:41:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[MAX_TAG_STRING + 1]; data/luminance-hdr-2.6.0+dfsg/src/Libpfs/io/pfsreader.cpp:65:16: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). PfsReader::open(); data/luminance-hdr-2.6.0+dfsg/src/Libpfs/io/pfsreader.cpp:68:17: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). void PfsReader::open() { data/luminance-hdr-2.6.0+dfsg/src/Libpfs/io/pfsreader.cpp:69:18: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). m_file.reset(fopen(filename().c_str(), "rb")); data/luminance-hdr-2.6.0+dfsg/src/Libpfs/io/pfsreader.cpp:78:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[5]; data/luminance-hdr-2.6.0+dfsg/src/Libpfs/io/pfsreader.cpp:114:20: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if (!isOpen()) open(); data/luminance-hdr-2.6.0+dfsg/src/Libpfs/io/pfsreader.cpp:123:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char channelName[MAX_CHANNEL_NAME + 1], *rs; data/luminance-hdr-2.6.0+dfsg/src/Libpfs/io/pfsreader.cpp:141:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[5]; data/luminance-hdr-2.6.0+dfsg/src/Libpfs/io/pfsreader.h:46:10: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). void open(); data/luminance-hdr-2.6.0+dfsg/src/Libpfs/io/pfswriter.cpp:48:41: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). utils::ScopedStdIoFile outputStream(fopen(filename().c_str(), "wb")); data/luminance-hdr-2.6.0+dfsg/src/Libpfs/io/pngwriter.cpp:222:9: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). open(filename); data/luminance-hdr-2.6.0+dfsg/src/Libpfs/io/pngwriter.cpp:232:10: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). void open(const std::string &filename) { data/luminance-hdr-2.6.0+dfsg/src/Libpfs/io/pngwriter.cpp:233:24: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). m_handle.reset(fopen(filename.c_str(), "wb")); data/luminance-hdr-2.6.0+dfsg/src/Libpfs/io/rawreader.cpp:406:16: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). RAWReader::open(); data/luminance-hdr-2.6.0+dfsg/src/Libpfs/io/rawreader.cpp:411:17: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). void RAWReader::open() { data/luminance-hdr-2.6.0+dfsg/src/Libpfs/io/rawreader.cpp:430:5: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). open(); data/luminance-hdr-2.6.0+dfsg/src/Libpfs/io/rawreader.h:50:10: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). void open(); data/luminance-hdr-2.6.0+dfsg/src/Libpfs/io/rgbereader.cpp:60:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char head[255]; data/luminance-hdr-2.6.0+dfsg/src/Libpfs/io/rgbereader.cpp:112:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char xbuf[4], ybuf[4]; data/luminance-hdr-2.6.0+dfsg/src/Libpfs/io/rgbereader.cpp:230:17: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). RGBEReader::open(); data/luminance-hdr-2.6.0+dfsg/src/Libpfs/io/rgbereader.cpp:233:18: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). void RGBEReader::open() { data/luminance-hdr-2.6.0+dfsg/src/Libpfs/io/rgbereader.cpp:234:18: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). m_file.reset(fopen(filename().c_str(), "rb")); data/luminance-hdr-2.6.0+dfsg/src/Libpfs/io/rgbereader.cpp:263:20: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if (!isOpen()) open(); data/luminance-hdr-2.6.0+dfsg/src/Libpfs/io/rgbereader.h:50:10: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). void open(); data/luminance-hdr-2.6.0+dfsg/src/Libpfs/io/rgbewriter.cpp:152:18: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char header[4]; data/luminance-hdr-2.6.0+dfsg/src/Libpfs/io/rgbewriter.cpp:179:41: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). utils::ScopedStdIoFile outputStream(fopen(filename().c_str(), "wb")); data/luminance-hdr-2.6.0+dfsg/src/Libpfs/io/tiffreader.cpp:411:17: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). TiffReader::open(); data/luminance-hdr-2.6.0+dfsg/src/Libpfs/io/tiffreader.cpp:420:18: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). void TiffReader::open() { data/luminance-hdr-2.6.0+dfsg/src/Libpfs/io/tiffreader.cpp:533:9: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). open(); data/luminance-hdr-2.6.0+dfsg/src/Libpfs/io/tiffreader.h:42:10: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). void open(); data/luminance-hdr-2.6.0+dfsg/src/MainCli/ezETAProgressBar.hpp:92:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char tmp[16]; data/luminance-hdr-2.6.0+dfsg/src/MainCli/ezETAProgressBar.hpp:96:13: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(tmp, "%dd ", days); data/luminance-hdr-2.6.0+dfsg/src/MainCli/ezETAProgressBar.hpp:101:13: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(tmp, "%dh ", hours); data/luminance-hdr-2.6.0+dfsg/src/MainCli/ezETAProgressBar.hpp:106:13: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(tmp, "%dm ", mins); data/luminance-hdr-2.6.0+dfsg/src/MainCli/ezETAProgressBar.hpp:111:13: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(tmp, "%ds", (int)sec); data/luminance-hdr-2.6.0+dfsg/src/MainCli/ezETAProgressBar.hpp:123:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char pctstr[5]; data/luminance-hdr-2.6.0+dfsg/src/MainCli/ezETAProgressBar.hpp:124:9: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(pctstr, "%3d%%", (int)(100 * Pct)); data/luminance-hdr-2.6.0+dfsg/src/MainGui/main.cpp:69:18: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). bool ok = db.open(); data/luminance-hdr-2.6.0+dfsg/src/MainGui/main.cpp:102:17: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if (outFile.open(QIODevice::WriteOnly | QIODevice::Append)) { data/luminance-hdr-2.6.0+dfsg/src/Preferences/PreferencesDialog.cpp:595:29: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). bool dirWritable = file.open(QIODevice::ReadWrite); data/luminance-hdr-2.6.0+dfsg/src/TonemappingOperators/ferradans11/tmo_ferradans11.cpp:74:15: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). FILE *fh = fopen( fileName, "wb" ); data/luminance-hdr-2.6.0+dfsg/src/TonemappingOperators/mai11/compression_tmo.cpp:92:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(this->y_i, other.y_i, lut_size * sizeof(double)); data/luminance-hdr-2.6.0+dfsg/src/TonemappingOperators/mai11/compression_tmo.cpp:102:13: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(this->y_i, other.y_i, lut_size * sizeof(double)); data/luminance-hdr-2.6.0+dfsg/src/TonemappingOperators/mantiuk08/display_adaptive_tmo.cpp:220:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(this->y_i, other.y_i, lut_size * sizeof(double)); data/luminance-hdr-2.6.0+dfsg/src/TonemappingOperators/mantiuk08/display_adaptive_tmo.cpp:230:13: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(this->y_i, other.y_i, lut_size * sizeof(double)); data/luminance-hdr-2.6.0+dfsg/src/TonemappingOperators/mantiuk08/display_adaptive_tmo.cpp:262:16: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). FILE *fh = fopen(fileName, "wb"); data/luminance-hdr-2.6.0+dfsg/src/TonemappingOperators/mantiuk08/display_adaptive_tmo.cpp:461:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char fname[20]; data/luminance-hdr-2.6.0+dfsg/src/TonemappingOperators/mantiuk08/display_adaptive_tmo.cpp:462:9: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(fname, "l_%d.pfs", f + 1); data/luminance-hdr-2.6.0+dfsg/src/TonemappingOperators/mantiuk08/display_function.cpp:127:16: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). FILE *fh = fopen(file_name, "r"); data/luminance-hdr-2.6.0+dfsg/src/TonemappingOperators/mantiuk08/display_function.cpp:134:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[max_line]; data/luminance-hdr-2.6.0+dfsg/src/TonemappingPanel/TonemappingPanel.cpp:397:18: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). bool ok = db.open(); data/luminance-hdr-2.6.0+dfsg/src/TonemappingPanel/TonemappingPanel.cpp:1157:15: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if (!file.open(QIODevice::WriteOnly | QIODevice::Text)) { data/luminance-hdr-2.6.0+dfsg/src/TonemappingPanel/TonemappingPanel.cpp:1284:15: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if (!file.open(QIODevice::ReadOnly | QIODevice::Text) || file.size() == 0) { data/luminance-hdr-2.6.0+dfsg/src/UI/UMessageBox.cpp:104:23: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if (!file.open(QIODevice::ReadOnly | QIODevice::Text)) break; data/luminance-hdr-2.6.0+dfsg/src/UI/UMessageBox.cpp:131:23: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if (!file.open(QIODevice::ReadOnly | QIODevice::Text)) break; data/luminance-hdr-2.6.0+dfsg/src/Viewers/LuminanceRangeWidget.cpp:138:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char str[15]; data/luminance-hdr-2.6.0+dfsg/src/Viewers/LuminanceRangeWidget.cpp:139:9: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(str, "%g", x); data/luminance-hdr-2.6.0+dfsg/src/gauss.h:132:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy (dst[i] + 1, temp + 1, (W - 2)*sizeof(T)); data/luminance-hdr-2.6.0+dfsg/src/gauss.h:613:13: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy (dst[0], src[0], W * H * sizeof(T)); data/luminance-hdr-2.6.0+dfsg/test/ImageInspector/ImageInspectorMain.cpp:122:49: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). FrameReaderPtr reader = FrameReaderFactory::open(filename); data/luminance-hdr-2.6.0+dfsg/test/InputOutputTest/InputOutputMain.cpp:47:53: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). FrameReaderPtr reader = FrameReaderFactory::open(input); data/luminance-hdr-2.6.0+dfsg/test/InputOutputTest/InputOutputMain.cpp:72:53: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). FrameWriterPtr writer = FrameWriterFactory::open(output, pfs::Params()); data/luminance-hdr-2.6.0+dfsg/test/TestFusionOperator.cpp:28:49: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). FrameReaderPtr reader = FrameReaderFactory::open(filename); data/luminance-hdr-2.6.0+dfsg/test/TestFusionOperator.cpp:126:47: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). FrameWriterPtr writer = FrameWriterFactory::open(outputFile, pfs::Params()); data/luminance-hdr-2.6.0+dfsg/test/WhiteBalance/WhiteBalanceMain.cpp:71:49: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). FrameReaderPtr reader = FrameReaderFactory::open(inputFile); data/luminance-hdr-2.6.0+dfsg/test/WhiteBalance/WhiteBalanceMain.cpp:76:46: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). FrameWriterPtr writer = FrameWriterFactory::open(outputFile, pfs::Params()); data/luminance-hdr-2.6.0+dfsg/test/mantiuk06/contrast_domain.cpp:1137:14: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). FILE *fh = fopen( file_name, "wb" ); data/luminance-hdr-2.6.0+dfsg/test/mantiuk06/contrast_domain.cpp:1176:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char ss[30]; data/luminance-hdr-2.6.0+dfsg/test/mantiuk06/contrast_domain.cpp:1187:5: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(ss, "Gx %p ", pyramid->Gx); data/luminance-hdr-2.6.0+dfsg/test/mantiuk06/contrast_domain.cpp:1192:5: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(ss, "Gy %p ", pyramid->Gy); data/luminance-hdr-2.6.0+dfsg/src/Common/CommonFunctions.cpp:282:17: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). reader->read(*currentItem.frame(), getRawSettings()); data/luminance-hdr-2.6.0+dfsg/src/Core/IOWorker.cpp:253:17: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). reader->read(*hdrpfsframe, params); data/luminance-hdr-2.6.0+dfsg/src/HdrHTML/hdrhtml.cpp:498:10: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). void read(const char *file_name, int columns) { data/luminance-hdr-2.6.0+dfsg/src/HdrHTML/hdrhtml.cpp:603:21: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). basis_table.read(lut_filename.str().c_str(), basis_no + 1); data/luminance-hdr-2.6.0+dfsg/src/HdrHTML/hdrhtml.cpp:819:17: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). coeff_table.read(lut_filename.str().c_str(), image_list.front().basis + 1); data/luminance-hdr-2.6.0+dfsg/src/Libpfs/io/exrreader.cpp:138:17: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). void EXRReader::read(Frame &frame, const Params & /*params*/) { data/luminance-hdr-2.6.0+dfsg/src/Libpfs/io/exrreader.h:39:10: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). void read(Frame &frame, const Params ¶ms); data/luminance-hdr-2.6.0+dfsg/src/Libpfs/io/fitsreader.cpp:155:18: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). void FitsReader::read(Frame &frame, const Params &) { data/luminance-hdr-2.6.0+dfsg/src/Libpfs/io/fitsreader.h:52:10: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). void read(Frame &frame, const Params &); data/luminance-hdr-2.6.0+dfsg/src/Libpfs/io/framereader.cpp:36:19: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). void FrameReader::read(pfs::Frame &frame, const pfs::Params ¶ms) { data/luminance-hdr-2.6.0+dfsg/src/Libpfs/io/framereader.h:54:18: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). virtual void read(pfs::Frame &frame, const pfs::Params ¶ms); data/luminance-hdr-2.6.0+dfsg/src/Libpfs/io/jpegreader.cpp:376:18: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). void JpegReader::read(Frame &frame, const Params ¶ms) { data/luminance-hdr-2.6.0+dfsg/src/Libpfs/io/jpegreader.cpp:424:22: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). FrameReader::read(tempFrame, params); data/luminance-hdr-2.6.0+dfsg/src/Libpfs/io/jpegreader.h:46:10: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). void read(Frame &frame, const Params ¶ms); data/luminance-hdr-2.6.0+dfsg/src/Libpfs/io/pfsreader.cpp:89:9: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). if (read != 2 || width <= 0 || width > MAX_RES || height <= 0 || data/luminance-hdr-2.6.0+dfsg/src/Libpfs/io/pfsreader.cpp:99:9: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). if (read != 1 || channelCount < 0 || channelCount > MAX_CHANNEL_COUNT) { data/luminance-hdr-2.6.0+dfsg/src/Libpfs/io/pfsreader.cpp:113:17: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). void PfsReader::read(Frame &frame, const Params & /*params*/) { data/luminance-hdr-2.6.0+dfsg/src/Libpfs/io/pfsreader.cpp:129:22: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). size_t len = strlen(channelName); data/luminance-hdr-2.6.0+dfsg/src/Libpfs/io/pfsreader.cpp:154:13: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). if (read != size) { data/luminance-hdr-2.6.0+dfsg/src/Libpfs/io/pfsreader.h:48:10: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). void read(pfs::Frame &frame, const pfs::Params &); data/luminance-hdr-2.6.0+dfsg/src/Libpfs/io/rawreader.cpp:424:17: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). void RAWReader::read(Frame &frame, const Params ¶ms) { data/luminance-hdr-2.6.0+dfsg/src/Libpfs/io/rawreader.cpp:488:18: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). FrameReader::read(tempFrame, params); data/luminance-hdr-2.6.0+dfsg/src/Libpfs/io/rawreader.h:54:10: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). void read(Frame &frame, const Params ¶ms); data/luminance-hdr-2.6.0+dfsg/src/Libpfs/io/rgbereader.cpp:114:9: [1] (buffer) sscanf: It's unclear if the %s limit in the format string is small enough (CWE-120). Check that the limit is sufficiently small, or use a different input function. sscanf(head, "%3s %d %3s %d", ybuf, &height, xbuf, &width) != 4) { data/luminance-hdr-2.6.0+dfsg/src/Libpfs/io/rgbereader.cpp:262:18: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). void RGBEReader::read(Frame &frame, const Params & /*params*/) { data/luminance-hdr-2.6.0+dfsg/src/Libpfs/io/rgbereader.h:52:10: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). void read(pfs::Frame &frame, const pfs::Params ¶ms); data/luminance-hdr-2.6.0+dfsg/src/Libpfs/io/tiffreader.cpp:188:10: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). void read(Frame &frame, const Params & /*params*/) { data/luminance-hdr-2.6.0+dfsg/src/Libpfs/io/tiffreader.cpp:531:18: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). void TiffReader::read(Frame &frame, const Params ¶ms) { data/luminance-hdr-2.6.0+dfsg/src/Libpfs/io/tiffreader.cpp:536:13: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). m_data->read(frame, params); data/luminance-hdr-2.6.0+dfsg/src/Libpfs/io/tiffreader.cpp:537:18: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). FrameReader::read(frame, params); data/luminance-hdr-2.6.0+dfsg/src/Libpfs/io/tiffreader.h:46:10: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). void read(Frame &frame, const Params ¶ms); data/luminance-hdr-2.6.0+dfsg/src/Libpfs/manip/projection.cpp:254:41: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strncmp(opts, OPTION_ANGLE, strlen(OPTION_ANGLE)) == 0) { data/luminance-hdr-2.6.0+dfsg/src/Libpfs/manip/projection.cpp:255:40: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). totalAngle = strtod(opts + strlen(OPTION_ANGLE) + 1, &delimiter); data/luminance-hdr-2.6.0+dfsg/test/ImageInspector/ImageInspectorMain.cpp:123:13: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). reader->read(myFrame, pfs::Params()); data/luminance-hdr-2.6.0+dfsg/test/InputOutputTest/InputOutputMain.cpp:48:17: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). reader->read(myFrame, pfs::Params()); data/luminance-hdr-2.6.0+dfsg/test/TestFusionOperator.cpp:31:13: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). reader->read(*image, pfs::Params()); data/luminance-hdr-2.6.0+dfsg/test/WhiteBalance/WhiteBalanceMain.cpp:72:13: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). reader->read(frame, Params()); ANALYSIS SUMMARY: Hits = 186 Lines analyzed = 73289 in approximately 1.95 seconds (37648 lines/second) Physical Source Lines of Code (SLOC) = 48000 Hits@level = [0] 82 [1] 37 [2] 136 [3] 0 [4] 13 [5] 0 Hits@level+ = [0+] 268 [1+] 186 [2+] 149 [3+] 13 [4+] 13 [5+] 0 Hits/KSLOC@level+ = [0+] 5.58333 [1+] 3.875 [2+] 3.10417 [3+] 0.270833 [4+] 0.270833 [5+] 0 Dot directories skipped = 3 (--followdotdir overrides) Minimum risk level = 1 Not every hit is necessarily a security vulnerability. There may be other security vulnerabilities; review your code! See 'Secure Programming HOWTO' (https://dwheeler.com/secure-programs) for more information.