Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler.
Number of rules (primarily dangerous function names) in C/C++ ruleset: 223
Examining data/mkcue-1/diskid.cc
Examining data/mkcue-1/diskid.h
Examining data/mkcue-1/errors.h
Examining data/mkcue-1/osdep/mb_beos.cpp
Examining data/mkcue-1/osdep/mb_beos.h
Examining data/mkcue-1/osdep/mb_cygwin.cpp
Examining data/mkcue-1/osdep/mb_cygwin.h
Examining data/mkcue-1/osdep/mb_darwin.cpp
Examining data/mkcue-1/osdep/mb_darwin.h
Examining data/mkcue-1/osdep/mb_freebsd.cpp
Examining data/mkcue-1/osdep/mb_freebsd.h
Examining data/mkcue-1/osdep/mb_irix.cpp
Examining data/mkcue-1/osdep/mb_irix.h
Examining data/mkcue-1/osdep/mb_linux.cpp
Examining data/mkcue-1/osdep/mb_linux.h
Examining data/mkcue-1/osdep/mb_netbsd.cpp
Examining data/mkcue-1/osdep/mb_netbsd.h
Examining data/mkcue-1/osdep/mb_openbsd.cpp
Examining data/mkcue-1/osdep/mb_openbsd.h
Examining data/mkcue-1/osdep/mb_os2.cpp
Examining data/mkcue-1/osdep/mb_os2.h
Examining data/mkcue-1/osdep/mb_qnx.cpp
Examining data/mkcue-1/osdep/mb_qnx.h
Examining data/mkcue-1/osdep/mb_solaris.cpp
Examining data/mkcue-1/osdep/mb_solaris.h
Examining data/mkcue-1/osdep/mb_win32.cpp
Examining data/mkcue-1/osdep/mb_win32.h
Examining data/mkcue-1/types.h
Examining data/mkcue-1/mkcue.cc
FINAL RESULTS:
data/mkcue-1/osdep/mb_beos.cpp:72:9: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(err, "Error while accessing the CD drive: %s.",
data/mkcue-1/osdep/mb_beos.cpp:85:9: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(err, "Error while accessing %s: %s.",
data/mkcue-1/osdep/mb_cygwin.h:97:12: [4] (shell) ShellExecute:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
#definedef ShellExecute ShellExecuteW
data/mkcue-1/osdep/mb_cygwin.h:101:9: [4] (shell) ShellExecute:
This causes a new program to execute and is difficult to use safely
(CWE-78). try using a library call that implements the same functionality
if available.
#define ShellExecute ShellExecuteA
data/mkcue-1/osdep/mb_darwin.cpp:64:8: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(err, "Cannot open '%s'", device);
data/mkcue-1/osdep/mb_freebsd.cpp:114:8: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(err, "Cannot open '%s'", device);
data/mkcue-1/osdep/mb_irix.cpp:128:8: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(err, "Cannot open %s",
data/mkcue-1/osdep/mb_irix.cpp:132:12: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(err + strlen(err), ": %s", strerror(errno));
data/mkcue-1/osdep/mb_linux.cpp:139:8: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(err,"Cannot open '%s'", device);
data/mkcue-1/osdep/mb_netbsd.cpp:111:8: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(err, "Cannot open '%s'", device);
data/mkcue-1/osdep/mb_openbsd.cpp:112:8: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(err, "Cannot open '%s'\n", device);
data/mkcue-1/osdep/mb_solaris.cpp:118:8: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(err, "Cannot open '%s'", device);
data/mkcue-1/osdep/mb_win32.cpp:60:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(temp, "%s type cdaudio", cd_desc);
data/mkcue-1/osdep/mb_win32.cpp:72:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(mciCommand, "open %s shareable alias %s wait", cd_desc, alias);
data/mkcue-1/osdep/mb_win32.cpp:78:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(mciCommand, "status %s number of tracks wait", cd_desc);
data/mkcue-1/osdep/mb_win32.cpp:88:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(mciCommand, "set %s time format msf wait", cd_desc);
data/mkcue-1/osdep/mb_win32.cpp:92:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(mciCommand, "status %s position track %d wait",
data/mkcue-1/osdep/mb_win32.cpp:100:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(mciCommand, "status %s length track %d wait",
data/mkcue-1/osdep/mb_win32.cpp:109:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(mciCommand, "close %s wait", cd_desc);
data/mkcue-1/mkcue.cc:34:18: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while ((ch = getopt(argc, argv, "t:v")) != -1) {
data/mkcue-1/diskid.cc:62:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char digest[20], *base64;
data/mkcue-1/diskid.cc:82:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char DiscId[33])
data/mkcue-1/diskid.cc:85:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char digest[20], *base64;
data/mkcue-1/diskid.cc:87:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char temp[9];
data/mkcue-1/diskid.cc:95:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(temp, "%02X", pCDInfo->FirstTrack);
data/mkcue-1/diskid.cc:98:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(temp, "%02X", pCDInfo->LastTrack);
data/mkcue-1/diskid.cc:103:8: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(temp, "%08lX", pCDInfo->FrameOffset[i]);
data/mkcue-1/diskid.cc:109:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(DiscId, base64, size);
data/mkcue-1/diskid.cc:116:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char text[100];
data/mkcue-1/diskid.cc:118:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(text, "%d", i);
data/mkcue-1/diskid.cc:154:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char id[33];
data/mkcue-1/diskid.cc:217:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char id[33];
data/mkcue-1/diskid.cc:289:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char id[33], toc_string[1024], tracks[10];
data/mkcue-1/diskid.cc:299:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(toc_string,
data/mkcue-1/diskid.cc:307:8: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(toc_string + strlen(toc_string),
data/mkcue-1/diskid.cc:312:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(tracks, "%d", cdinfo.LastTrack);
data/mkcue-1/osdep/mb_beos.cpp:71:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char err[255];
data/mkcue-1/osdep/mb_beos.cpp:84:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char err[255];
data/mkcue-1/osdep/mb_beos.cpp:195:21: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
devfd = open(name, O_RDONLY);
data/mkcue-1/osdep/mb_cygwin.cpp:81:79: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
mciOpenParms.lpstrDeviceType = (LPSTR) MAKELONG(MCI_DEVTYPE_CD_AUDIO, atoi(device));
data/mkcue-1/osdep/mb_cygwin.cpp:87:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char err[256];
data/mkcue-1/osdep/mb_cygwin.cpp:89:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(err, "Cannot open device id %d.", atoi(device));
data/mkcue-1/osdep/mb_cygwin.cpp:89:55: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
sprintf(err, "Cannot open device id %d.", atoi(device));
data/mkcue-1/osdep/mb_darwin.cpp:59:9: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fd = open(device, O_RDONLY | O_NONBLOCK);
data/mkcue-1/osdep/mb_darwin.cpp:62:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char err[256];
data/mkcue-1/osdep/mb_freebsd.cpp:109:9: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fd = open(device, O_RDONLY);
data/mkcue-1/osdep/mb_freebsd.cpp:112:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char err[256];
data/mkcue-1/osdep/mb_irix.cpp:124:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char err[256];
data/mkcue-1/osdep/mb_irix.cpp:142:8: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(err, "The CD-ROM isn't ready. Reason: ");
data/mkcue-1/osdep/mb_irix.cpp:146:12: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(err, "The drive does not have a CD loaded.");
data/mkcue-1/osdep/mb_irix.cpp:150:12: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(err, "The drive is loaded with a CD-ROM. Subsequent ");
data/mkcue-1/osdep/mb_irix.cpp:151:12: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(err, "play or read operations will return I/O errors.");
data/mkcue-1/osdep/mb_irix.cpp:155:12: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(err, "An error occurred while trying to read the disc or");
data/mkcue-1/osdep/mb_irix.cpp:156:12: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(err, " it table of contents.");
data/mkcue-1/osdep/mb_irix.cpp:160:12: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(err, "The drive is in CD player mode playing an audio ");
data/mkcue-1/osdep/mb_irix.cpp:161:12: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(err, "CD through its audio jacks.");
data/mkcue-1/osdep/mb_irix.cpp:166:12: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(err, "The drive is in CD player mode with play paused.");
data/mkcue-1/osdep/mb_irix.cpp:170:12: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(err, "An unknown error occured.");
data/mkcue-1/osdep/mb_linux.cpp:135:9: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fd = open(device, O_RDONLY | O_NONBLOCK);
data/mkcue-1/osdep/mb_linux.cpp:138:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char err[256];
data/mkcue-1/osdep/mb_netbsd.cpp:101:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char err[256];
data/mkcue-1/osdep/mb_netbsd.cpp:108:9: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fd = open(device, O_RDONLY);
data/mkcue-1/osdep/mb_openbsd.cpp:108:9: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fd = open(device, O_RDONLY);
data/mkcue-1/osdep/mb_openbsd.cpp:111:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char err[256];
data/mkcue-1/osdep/mb_os2.cpp:60:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char err[256];
data/mkcue-1/osdep/mb_os2.cpp:77:79: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
mciOpenParms.lpstrDeviceType = (LPSTR) MAKELONG(MCI_DEVTYPE_CD_AUDIO, atoi(device));
data/mkcue-1/osdep/mb_os2.cpp:83:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(err, "Cannot open device id %d.", atoi(device));
data/mkcue-1/osdep/mb_os2.cpp:83:55: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
sprintf(err, "Cannot open device id %d.", atoi(device));
data/mkcue-1/osdep/mb_solaris.cpp:108:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char err[256];
data/mkcue-1/osdep/mb_solaris.cpp:115:9: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fd = open(device, O_RDONLY);
data/mkcue-1/osdep/mb_win32.cpp:52:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char mciCommand[128];
data/mkcue-1/osdep/mb_win32.cpp:53:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char mciReturn[128];
data/mkcue-1/osdep/mb_win32.cpp:54:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[256], alias[128], temp[128];
data/mkcue-1/osdep/mb_win32.cpp:64:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(alias, "mb_client_%u_%u", GetTickCount(), GetCurrentThreadId());
data/mkcue-1/osdep/mb_win32.cpp:67:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(mciCommand, "sysinfo cdaudio quantity wait", cd_desc);
data/mkcue-1/osdep/mb_win32.cpp:69:8: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (atoi(mciReturn) <= 0)
data/mkcue-1/osdep/mb_win32.cpp:84:16: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
numTracks = atoi(mciReturn);
data/mkcue-1/osdep/mb_win32.cpp:96:38: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
disc.FrameOffset[readtracks] = atoi(mciReturn) * 4500 +
data/mkcue-1/osdep/mb_win32.cpp:97:38: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
atoi(mciReturn + 3) * 75 +
data/mkcue-1/osdep/mb_win32.cpp:98:38: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
atoi(mciReturn + 6);
data/mkcue-1/osdep/mb_win32.cpp:104:26: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
disc.FrameOffset[0] = atoi(mciReturn) * 4500 +
data/mkcue-1/osdep/mb_win32.cpp:105:26: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
atoi(mciReturn + 3) * 75 +
data/mkcue-1/osdep/mb_win32.cpp:106:26: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
atoi(mciReturn + 6) +
data/mkcue-1/diskid.cc:96:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sha_update(&sha, (unsigned char *)temp, strlen(temp));
data/mkcue-1/diskid.cc:99:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sha_update(&sha, (unsigned char *)temp, strlen(temp));
data/mkcue-1/diskid.cc:104:48: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sha_update(&sha, (unsigned char *)temp, strlen(temp));
data/mkcue-1/diskid.cc:307:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(toc_string + strlen(toc_string),
data/mkcue-1/osdep/mb_irix.cpp:132:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf(err + strlen(err), ": %s", strerror(errno));
data/mkcue-1/osdep/mb_win32.cpp:56:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (cd_desc == NULL || strlen(cd_desc) == 0 || strcmp(cd_desc, "cdaudio") == 0)
ANALYSIS SUMMARY:
Hits = 89
Lines analyzed = 3265 in approximately 0.10 seconds (32721 lines/second)
Physical Source Lines of Code (SLOC) = 1747
Hits@level = [0] 7 [1] 6 [2] 63 [3] 1 [4] 19 [5] 0
Hits@level+ = [0+] 96 [1+] 89 [2+] 83 [3+] 20 [4+] 19 [5+] 0
Hits/KSLOC@level+ = [0+] 54.9513 [1+] 50.9445 [2+] 47.51 [3+] 11.4482 [4+] 10.8758 [5+] 0
Dot directories skipped = 1 (--followdotdir overrides)
Minimum risk level = 1
Not every hit is necessarily a security vulnerability.
There may be other security vulnerabilities; review your code!
See 'Secure Programming HOWTO'
(https://dwheeler.com/secure-programs) for more information.