Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler.
Number of rules (primarily dangerous function names) in C/C++ ruleset: 223
Examining data/openctm-1.0.3+dfsg1/lib/compressMG1.c
Examining data/openctm-1.0.3+dfsg1/lib/openctmpp.h
Examining data/openctm-1.0.3+dfsg1/lib/internal.h
Examining data/openctm-1.0.3+dfsg1/lib/openctm.h
Examining data/openctm-1.0.3+dfsg1/lib/compressRAW.c
Examining data/openctm-1.0.3+dfsg1/lib/liblzma/NameMangle.h
Examining data/openctm-1.0.3+dfsg1/lib/liblzma/Alloc.c
Examining data/openctm-1.0.3+dfsg1/lib/liblzma/LzmaDec.h
Examining data/openctm-1.0.3+dfsg1/lib/liblzma/LzHash.h
Examining data/openctm-1.0.3+dfsg1/lib/liblzma/Types.h
Examining data/openctm-1.0.3+dfsg1/lib/liblzma/LzFind.c
Examining data/openctm-1.0.3+dfsg1/lib/liblzma/LzmaLib.c
Examining data/openctm-1.0.3+dfsg1/lib/liblzma/LzmaEnc.h
Examining data/openctm-1.0.3+dfsg1/lib/liblzma/LzmaLib.h
Examining data/openctm-1.0.3+dfsg1/lib/liblzma/LzmaEnc.c
Examining data/openctm-1.0.3+dfsg1/lib/liblzma/Alloc.h
Examining data/openctm-1.0.3+dfsg1/lib/liblzma/LzFind.h
Examining data/openctm-1.0.3+dfsg1/lib/liblzma/LzmaDec.c
Examining data/openctm-1.0.3+dfsg1/lib/compressMG2.c
Examining data/openctm-1.0.3+dfsg1/lib/openctm.c
Examining data/openctm-1.0.3+dfsg1/lib/stream.c
Examining data/openctm-1.0.3+dfsg1/tools/ctm.cpp
Examining data/openctm-1.0.3+dfsg1/tools/image.h
Examining data/openctm-1.0.3+dfsg1/tools/convoptions.h
Examining data/openctm-1.0.3+dfsg1/tools/obj.cpp
Examining data/openctm-1.0.3+dfsg1/tools/lwo.h
Examining data/openctm-1.0.3+dfsg1/tools/bin2c.cpp
Examining data/openctm-1.0.3+dfsg1/tools/sysdialog_gtk.cpp
Examining data/openctm-1.0.3+dfsg1/tools/dae.h
Examining data/openctm-1.0.3+dfsg1/tools/off.cpp
Examining data/openctm-1.0.3+dfsg1/tools/ply.h
Examining data/openctm-1.0.3+dfsg1/tools/wrl.h
Examining data/openctm-1.0.3+dfsg1/tools/sysdialog.h
Examining data/openctm-1.0.3+dfsg1/tools/systimer.cpp
Examining data/openctm-1.0.3+dfsg1/tools/convoptions.cpp
Examining data/openctm-1.0.3+dfsg1/tools/ctmviewer.cpp
Examining data/openctm-1.0.3+dfsg1/tools/common.h
Examining data/openctm-1.0.3+dfsg1/tools/rply/rply.c
Examining data/openctm-1.0.3+dfsg1/tools/rply/rply.h
Examining data/openctm-1.0.3+dfsg1/tools/meshio.h
Examining data/openctm-1.0.3+dfsg1/tools/sysdialog_win.cpp
Examining data/openctm-1.0.3+dfsg1/tools/3ds.cpp
Examining data/openctm-1.0.3+dfsg1/tools/mesh.h
Examining data/openctm-1.0.3+dfsg1/tools/wrl.cpp
Examining data/openctm-1.0.3+dfsg1/tools/mesh.cpp
Examining data/openctm-1.0.3+dfsg1/tools/ply.cpp
Examining data/openctm-1.0.3+dfsg1/tools/stl.cpp
Examining data/openctm-1.0.3+dfsg1/tools/common.cpp
Examining data/openctm-1.0.3+dfsg1/tools/obj.h
Examining data/openctm-1.0.3+dfsg1/tools/off.h
Examining data/openctm-1.0.3+dfsg1/tools/stl.h
Examining data/openctm-1.0.3+dfsg1/tools/meshio.cpp
Examining data/openctm-1.0.3+dfsg1/tools/lwo.cpp
Examining data/openctm-1.0.3+dfsg1/tools/ctmconv.cpp
Examining data/openctm-1.0.3+dfsg1/tools/icons/icon_save.h
Examining data/openctm-1.0.3+dfsg1/tools/icons/icon_texture.h
Examining data/openctm-1.0.3+dfsg1/tools/icons/icon_help.h
Examining data/openctm-1.0.3+dfsg1/tools/icons/icon_open.h
Examining data/openctm-1.0.3+dfsg1/tools/3ds.h
Examining data/openctm-1.0.3+dfsg1/tools/ctmbench.cpp
Examining data/openctm-1.0.3+dfsg1/tools/systimer.h
Examining data/openctm-1.0.3+dfsg1/tools/dae.cpp
Examining data/openctm-1.0.3+dfsg1/tools/ctm.h
Examining data/openctm-1.0.3+dfsg1/tools/image.cpp
FINAL RESULTS:
data/openctm-1.0.3+dfsg1/lib/openctm.c:927:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(self->mFileComment, aFileComment);
data/openctm-1.0.3+dfsg1/lib/openctm.c:1019:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(map->mName, aName);
data/openctm-1.0.3+dfsg1/lib/openctm.c:1040:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(map->mFileName, aFileName);
data/openctm-1.0.3+dfsg1/tools/rply/rply.c:421:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(element->name, name);
data/openctm-1.0.3+dfsg1/tools/rply/rply.c:439:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(property->name, name);
data/openctm-1.0.3+dfsg1/tools/rply/rply.c:463:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(property->name, name);
data/openctm-1.0.3+dfsg1/tools/rply/rply.c:488:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(new_comment, comment);
data/openctm-1.0.3+dfsg1/tools/rply/rply.c:502:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(new_obj_info, obj_info);
data/openctm-1.0.3+dfsg1/tools/rply/rply.c:1132:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(property->name, BWORD(ply));
data/openctm-1.0.3+dfsg1/tools/rply/rply.c:1147:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(element->name, BWORD(ply));
data/openctm-1.0.3+dfsg1/tools/rply/rply.c:1171:5: [4] (format) vsprintf:
Potential format string problem (CWE-134). Make format string constant.
vsprintf(buffer, fmt, ap);
data/openctm-1.0.3+dfsg1/lib/liblzma/LzmaDec.c:789:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(p->tempBuf, src, inSize);
data/openctm-1.0.3+dfsg1/lib/liblzma/LzmaDec.c:877:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(dest, p->dic + dicPos, outSizeCur);
data/openctm-1.0.3+dfsg1/lib/liblzma/LzmaEnc.c:248:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(data, p->data, curSize);
data/openctm-1.0.3+dfsg1/lib/liblzma/LzmaEnc.c:371:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(dest->isMatch[i], p->isMatch[i], sizeof(p->isMatch[i]));
data/openctm-1.0.3+dfsg1/lib/liblzma/LzmaEnc.c:372:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(dest->isRep0Long[i], p->isRep0Long[i], sizeof(p->isRep0Long[i]));
data/openctm-1.0.3+dfsg1/lib/liblzma/LzmaEnc.c:375:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(dest->posSlotEncoder[i], p->posSlotEncoder[i], sizeof(p->posSlotEncoder[i]));
data/openctm-1.0.3+dfsg1/lib/liblzma/LzmaEnc.c:376:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(dest->isRep, p->isRep, sizeof(p->isRep));
data/openctm-1.0.3+dfsg1/lib/liblzma/LzmaEnc.c:377:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(dest->isRepG0, p->isRepG0, sizeof(p->isRepG0));
data/openctm-1.0.3+dfsg1/lib/liblzma/LzmaEnc.c:378:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(dest->isRepG1, p->isRepG1, sizeof(p->isRepG1));
data/openctm-1.0.3+dfsg1/lib/liblzma/LzmaEnc.c:379:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(dest->isRepG2, p->isRepG2, sizeof(p->isRepG2));
data/openctm-1.0.3+dfsg1/lib/liblzma/LzmaEnc.c:380:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(dest->posEncoders, p->posEncoders, sizeof(p->posEncoders));
data/openctm-1.0.3+dfsg1/lib/liblzma/LzmaEnc.c:381:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(dest->posAlignEncoder, p->posAlignEncoder, sizeof(p->posAlignEncoder));
data/openctm-1.0.3+dfsg1/lib/liblzma/LzmaEnc.c:382:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(dest->reps, p->reps, sizeof(p->reps));
data/openctm-1.0.3+dfsg1/lib/liblzma/LzmaEnc.c:383:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(dest->litProbs, p->litProbs, (0x300 << p->lclp) * sizeof(CLzmaProb));
data/openctm-1.0.3+dfsg1/lib/liblzma/LzmaEnc.c:397:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(dest->isMatch[i], p->isMatch[i], sizeof(p->isMatch[i]));
data/openctm-1.0.3+dfsg1/lib/liblzma/LzmaEnc.c:398:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(dest->isRep0Long[i], p->isRep0Long[i], sizeof(p->isRep0Long[i]));
data/openctm-1.0.3+dfsg1/lib/liblzma/LzmaEnc.c:401:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(dest->posSlotEncoder[i], p->posSlotEncoder[i], sizeof(p->posSlotEncoder[i]));
data/openctm-1.0.3+dfsg1/lib/liblzma/LzmaEnc.c:402:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(dest->isRep, p->isRep, sizeof(p->isRep));
data/openctm-1.0.3+dfsg1/lib/liblzma/LzmaEnc.c:403:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(dest->isRepG0, p->isRepG0, sizeof(p->isRepG0));
data/openctm-1.0.3+dfsg1/lib/liblzma/LzmaEnc.c:404:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(dest->isRepG1, p->isRepG1, sizeof(p->isRepG1));
data/openctm-1.0.3+dfsg1/lib/liblzma/LzmaEnc.c:405:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(dest->isRepG2, p->isRepG2, sizeof(p->isRepG2));
data/openctm-1.0.3+dfsg1/lib/liblzma/LzmaEnc.c:406:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(dest->posEncoders, p->posEncoders, sizeof(p->posEncoders));
data/openctm-1.0.3+dfsg1/lib/liblzma/LzmaEnc.c:407:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(dest->posAlignEncoder, p->posAlignEncoder, sizeof(p->posAlignEncoder));
data/openctm-1.0.3+dfsg1/lib/liblzma/LzmaEnc.c:408:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(dest->reps, p->reps, sizeof(p->reps));
data/openctm-1.0.3+dfsg1/lib/liblzma/LzmaEnc.c:409:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(dest->litProbs, p->litProbs, (0x300 << dest->lclp) * sizeof(CLzmaProb));
data/openctm-1.0.3+dfsg1/lib/liblzma/LzmaEnc.c:2120:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(p->data, data, size);
data/openctm-1.0.3+dfsg1/lib/openctm.c:1120:7: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
f = fopen(aFileName, "rb");
data/openctm-1.0.3+dfsg1/lib/openctm.c:1329:7: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
f = fopen(aFileName, "wb");
data/openctm-1.0.3+dfsg1/lib/stream.c:66:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buf[4];
data/openctm-1.0.3+dfsg1/lib/stream.c:80:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buf[4];
data/openctm-1.0.3+dfsg1/lib/stream.c:181:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char props[5];
data/openctm-1.0.3+dfsg1/lib/stream.c:260:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char * packed, outProps[5], *tmp;
data/openctm-1.0.3+dfsg1/lib/stream.c:361:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char props[5];
data/openctm-1.0.3+dfsg1/lib/stream.c:437:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char * packed, outProps[5], *tmp;
data/openctm-1.0.3+dfsg1/tools/3ds.cpp:74:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buf[2];
data/openctm-1.0.3+dfsg1/tools/3ds.cpp:82:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buf[2];
data/openctm-1.0.3+dfsg1/tools/3ds.cpp:91:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buf[4];
data/openctm-1.0.3+dfsg1/tools/3ds.cpp:100:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buf[4];
data/openctm-1.0.3+dfsg1/tools/bin2c.cpp:56:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buf[19];
data/openctm-1.0.3+dfsg1/tools/ctmbench.cpp:165:16: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
iterations = atoi(argv[1]);
data/openctm-1.0.3+dfsg1/tools/ctmviewer.cpp:520:21: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE * inFile = fopen(name.c_str(), "rb");
data/openctm-1.0.3+dfsg1/tools/ctmviewer.cpp:527:16: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
inFile = fopen(name.c_str(), "rb");
data/openctm-1.0.3+dfsg1/tools/dae.cpp:117:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char val[100];
data/openctm-1.0.3+dfsg1/tools/dae.cpp:121:13: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
value = atoi(val);
data/openctm-1.0.3+dfsg1/tools/dae.cpp:135:26: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
inputs.back().offset = atoi(inputElem->Attribute("offset"));
data/openctm-1.0.3+dfsg1/tools/dae.cpp:263:32: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
sources[id].stride = atoi(accessorElem->Attribute("stride"));
data/openctm-1.0.3+dfsg1/tools/dae.cpp:264:31: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
sources[id].count = atoi(accessorElem->Attribute("count"));
data/openctm-1.0.3+dfsg1/tools/dae.cpp:266:27: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
sources[id].offset = atoi(accessorElem->Attribute("offset"));
data/openctm-1.0.3+dfsg1/tools/dae.cpp:268:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char val[100];
data/openctm-1.0.3+dfsg1/tools/dae.cpp:488:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[500];
data/openctm-1.0.3+dfsg1/tools/dae.cpp:492:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, "%i-%02i-%02iT%02i:%02i:%02i.%03iZ", tm.wYear,
data/openctm-1.0.3+dfsg1/tools/dae.cpp:500:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, "%i-%02i-%02iT%02i:%02i:%02i", tm.tm_year + 1900,
data/openctm-1.0.3+dfsg1/tools/image.cpp:61:19: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE * inFile = fopen(aFileName, "rb");
data/openctm-1.0.3+dfsg1/tools/image.cpp:79:16: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char * scanLines[1];
data/openctm-1.0.3+dfsg1/tools/lwo.cpp:51:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buf[2];
data/openctm-1.0.3+dfsg1/tools/lwo.cpp:60:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buf[4];
data/openctm-1.0.3+dfsg1/tools/lwo.cpp:71:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buf[4];
data/openctm-1.0.3+dfsg1/tools/lwo.cpp:89:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buf[12];
data/openctm-1.0.3+dfsg1/tools/lwo.cpp:155:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buf[2];
data/openctm-1.0.3+dfsg1/tools/lwo.cpp:164:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buf[4];
data/openctm-1.0.3+dfsg1/tools/lwo.cpp:175:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buf[4];
data/openctm-1.0.3+dfsg1/tools/lwo.cpp:193:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buf[12];
data/openctm-1.0.3+dfsg1/tools/rply/rply.c:80:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[WORDSIZE];
data/openctm-1.0.3+dfsg1/tools/rply/rply.c:98:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[WORDSIZE];
data/openctm-1.0.3+dfsg1/tools/rply/rply.c:164:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[BUFFERSIZE];
data/openctm-1.0.3+dfsg1/tools/rply/rply.c:288:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char magic[5] = " ";
data/openctm-1.0.3+dfsg1/tools/rply/rply.c:297:10: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fp = fopen(name, "rb");
data/openctm-1.0.3+dfsg1/tools/rply/rply.c:388:10: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fp = fopen(name, "wb");
data/openctm-1.0.3+dfsg1/tools/rply/rply.c:1168:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[1024];
data/openctm-1.0.3+dfsg1/tools/stl.cpp:48:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buf[4];
data/openctm-1.0.3+dfsg1/tools/stl.cpp:57:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buf[4];
data/openctm-1.0.3+dfsg1/tools/stl.cpp:128:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char comment[81];
data/openctm-1.0.3+dfsg1/tools/stl.cpp:198:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char comment[80];
data/openctm-1.0.3+dfsg1/tools/sysdialog_win.cpp:93:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fileNameBuf[1000];
data/openctm-1.0.3+dfsg1/tools/sysdialog_win.cpp:119:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&filterBuf[pos], name.c_str(), name.size());
data/openctm-1.0.3+dfsg1/tools/sysdialog_win.cpp:121:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&filterBuf[pos], pattern.c_str(), pattern.size());
data/openctm-1.0.3+dfsg1/tools/sysdialog_win.cpp:154:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fileNameBuf[1000];
data/openctm-1.0.3+dfsg1/tools/sysdialog_win.cpp:181:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&filterBuf[pos], name.c_str(), name.size());
data/openctm-1.0.3+dfsg1/tools/sysdialog_win.cpp:183:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&filterBuf[pos], pattern.c_str(), pattern.size());
data/openctm-1.0.3+dfsg1/lib/openctm.c:916:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(aFileComment);
data/openctm-1.0.3+dfsg1/lib/openctm.c:1008:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(aName);
data/openctm-1.0.3+dfsg1/lib/openctm.c:1027:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(aFileName);
data/openctm-1.0.3+dfsg1/lib/stream.c:158:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(aValue);
data/openctm-1.0.3+dfsg1/tools/3ds.cpp:75:11: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
aStream.read((char *) buf, 2);
data/openctm-1.0.3+dfsg1/tools/3ds.cpp:92:11: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
aStream.read((char *) buf, 4);
data/openctm-1.0.3+dfsg1/tools/bin2c.cpp:57:7: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
f.read((char *) buf, 19);
data/openctm-1.0.3+dfsg1/tools/lwo.cpp:52:11: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
aStream.read((char *) buf, 2);
data/openctm-1.0.3+dfsg1/tools/lwo.cpp:61:11: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
aStream.read((char *) buf, 4);
data/openctm-1.0.3+dfsg1/tools/lwo.cpp:72:11: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
aStream.read((char *) buf, 4);
data/openctm-1.0.3+dfsg1/tools/lwo.cpp:91:11: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
aStream.read((char *) buf, 12);
data/openctm-1.0.3+dfsg1/tools/lwo.cpp:119:11: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
aStream.read((char *) &result[0], aCount);
data/openctm-1.0.3+dfsg1/tools/lwo.cpp:219:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len = strlen(aString);
data/openctm-1.0.3+dfsg1/tools/lwo.cpp:226:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len = strlen(aString) + 1;
data/openctm-1.0.3+dfsg1/tools/rply/rply.c:414:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
assert(name && strlen(name) < WORDSIZE && ninstances >= 0);
data/openctm-1.0.3+dfsg1/tools/rply/rply.c:415:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(name) >= WORDSIZE || ninstances < 0) {
data/openctm-1.0.3+dfsg1/tools/rply/rply.c:430:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
assert(name && strlen(name) < WORDSIZE);
data/openctm-1.0.3+dfsg1/tools/rply/rply.c:432:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(name) >= WORDSIZE || type >= PLY_LIST) {
data/openctm-1.0.3+dfsg1/tools/rply/rply.c:449:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
assert(name && strlen(name) < WORDSIZE);
data/openctm-1.0.3+dfsg1/tools/rply/rply.c:450:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(name) >= WORDSIZE) {
data/openctm-1.0.3+dfsg1/tools/rply/rply.c:480:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
assert(ply && comment && strlen(comment) < LINESIZE);
data/openctm-1.0.3+dfsg1/tools/rply/rply.c:481:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!comment || strlen(comment) >= LINESIZE) {
data/openctm-1.0.3+dfsg1/tools/rply/rply.c:494:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
assert(ply && obj_info && strlen(obj_info) < LINESIZE);
data/openctm-1.0.3+dfsg1/tools/rply/rply.c:495:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!obj_info || strlen(obj_info) >= LINESIZE) {
data/openctm-1.0.3+dfsg1/tools/rply/rply.c:833:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(BLINE(ply)) >= WORDSIZE) {
data/openctm-1.0.3+dfsg1/tools/rply/rply.c:886:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(BLINE(ply)) >= LINESIZE) {
data/openctm-1.0.3+dfsg1/tools/stl.cpp:49:11: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
aStream.read((char *) buf, 4);
data/openctm-1.0.3+dfsg1/tools/stl.cpp:129:5: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
f.read(comment, 80);
data/openctm-1.0.3+dfsg1/tools/wrl.cpp:64:20: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
mStream->read(mBuffer, mBufSize);
ANALYSIS SUMMARY:
Hits = 119
Lines analyzed = 20777 in approximately 0.54 seconds (38130 lines/second)
Physical Source Lines of Code (SLOC) = 14441
Hits@level = [0] 55 [1] 29 [2] 79 [3] 0 [4] 11 [5] 0
Hits@level+ = [0+] 174 [1+] 119 [2+] 90 [3+] 11 [4+] 11 [5+] 0
Hits/KSLOC@level+ = [0+] 12.049 [1+] 8.24043 [2+] 6.23226 [3+] 0.76172 [4+] 0.76172 [5+] 0
Dot directories skipped = 1 (--followdotdir overrides)
Minimum risk level = 1
Not every hit is necessarily a security vulnerability.
There may be other security vulnerabilities; review your code!
See 'Secure Programming HOWTO'
(https://dwheeler.com/secure-programs) for more information.