Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler. Number of rules (primarily dangerous function names) in C/C++ ruleset: 223 Examining data/openlp-2.4.6/openlp/plugins/presentations/lib/pptviewlib/pptviewlib.cpp Examining data/openlp-2.4.6/openlp/plugins/presentations/lib/pptviewlib/pptviewlib.h FINAL RESULTS: data/openlp-2.4.6/openlp/plugins/presentations/lib/pptviewlib/pptviewlib.h:22:32: [4] (format) wprintf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. #define DEBUG(...) if (debug) wprintf(__VA_ARGS__) data/openlp-2.4.6/openlp/plugins/presentations/lib/pptviewlib/pptviewlib.cpp:192:10: [3] (shell) CreateProcess: This causes a new process to execute and is difficult to use safely (CWE-78). Specify the application path in the first argument, NOT as part of the second, or embedded spaces could allow an attacker to force a different program to run. if (!CreateProcess(NULL, cmdLine, NULL, NULL, FALSE, 0, 0, NULL, &si, &pi)) data/openlp-2.4.6/openlp/plugins/presentations/lib/pptviewlib/pptviewlib.cpp:192:10: [3] (shell) CreateProcess: This causes a new process to execute and is difficult to use safely (CWE-78). Specify the application path in the first argument, NOT as part of the second, or embedded spaces could allow an attacker to force a different program to run. if (!CreateProcess(NULL, cmdLine, NULL, NULL, FALSE, 0, 0, NULL, &si, &pi)) data/openlp-2.4.6/openlp/plugins/presentations/lib/pptviewlib/pptviewlib.cpp:889:19: [3] (misc) LoadLibrary: Ensure that the full path to the library is specified, or current directory may be used (CWE-829, CWE-20). Use registry entry or GetWindowsDirectory to find library path, if you aren't already. HMODULE hLib = LoadLibrary(L"User32"); data/openlp-2.4.6/openlp/plugins/presentations/lib/pptviewlib/pptviewlib.cpp:85:5: [2] (buffer) wchar_t: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. wchar_t cmdLine[MAX_PATH * 2]; data/openlp-2.4.6/openlp/plugins/presentations/lib/pptviewlib/pptviewlib.cpp:107:5: [2] (buffer) wchar_t: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. wchar_t cmdLine[MAX_PATH * 2]; data/openlp-2.4.6/openlp/plugins/presentations/lib/pptviewlib/pptviewlib.cpp:266:5: [2] (buffer) wchar_t: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. wchar_t info[MAX_PATH]; data/openlp-2.4.6/openlp/plugins/presentations/lib/pptviewlib/pptviewlib.cpp:268:5: [2] (buffer) wchar_t: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. wchar_t buf[100]; data/openlp-2.4.6/openlp/plugins/presentations/lib/pptviewlib/pptviewlib.cpp:284:31: [2] (integer) _wtoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). if (fileStats.st_mtime != _wtoi(buf)) data/openlp-2.4.6/openlp/plugins/presentations/lib/pptviewlib/pptviewlib.cpp:291:30: [2] (integer) _wtoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). if (fileStats.st_size != _wtoi(buf)) data/openlp-2.4.6/openlp/plugins/presentations/lib/pptviewlib/pptviewlib.cpp:298:22: [2] (integer) _wtoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). int slideCount = _wtoi(buf); data/openlp-2.4.6/openlp/plugins/presentations/lib/pptviewlib/pptviewlib.cpp:300:27: [2] (integer) _wtoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). int firstSlideSteps = _wtoi(buf); data/openlp-2.4.6/openlp/plugins/presentations/lib/pptviewlib/pptviewlib.cpp:321:5: [2] (buffer) wchar_t: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. wchar_t info[MAX_PATH]; data/openlp-2.4.6/openlp/plugins/presentations/lib/pptviewlib/pptviewlib.cpp:350:5: [2] (buffer) wchar_t: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. wchar_t cwd[MAX_PATH]; data/openlp-2.4.6/openlp/plugins/presentations/lib/pptviewlib/pptviewlib.cpp:583:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char ch[10]; data/openlp-2.4.6/openlp/plugins/presentations/lib/pptviewlib/pptviewlib.cpp:640:9: [2] (buffer) wchar_t: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. wchar_t csClassName[32]; data/openlp-2.4.6/openlp/plugins/presentations/lib/pptviewlib/pptviewlib.cpp:733:5: [2] (buffer) wchar_t: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. wchar_t filename[MAX_PATH]; data/openlp-2.4.6/openlp/plugins/presentations/lib/pptviewlib/pptviewlib.h:76:5: [2] (buffer) wchar_t: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. wchar_t filename[MAX_PATH]; data/openlp-2.4.6/openlp/plugins/presentations/lib/pptviewlib/pptviewlib.h:77:5: [2] (buffer) wchar_t: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. wchar_t previewPath[MAX_PATH]; data/openlp-2.4.6/openlp/plugins/presentations/lib/pptviewlib/pptviewlib.cpp:432:19: [1] (buffer) wcslen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). pptViewerPath[wcslen(pptViewerPath) - 4] = '\0'; data/openlp-2.4.6/openlp/plugins/presentations/lib/pptviewlib/pptviewlib.cpp:754:24: [1] (buffer) wcslen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). && wcslen(pptView[id].previewPath) > 0)) ANALYSIS SUMMARY: Hits = 21 Lines analyzed = 1000 in approximately 0.21 seconds (4787 lines/second) Physical Source Lines of Code (SLOC) = 824 Hits@level = [0] 6 [1] 2 [2] 15 [3] 3 [4] 1 [5] 0 Hits@level+ = [0+] 27 [1+] 21 [2+] 19 [3+] 4 [4+] 1 [5+] 0 Hits/KSLOC@level+ = [0+] 32.767 [1+] 25.4854 [2+] 23.0583 [3+] 4.85437 [4+] 1.21359 [5+] 0 Dot directories skipped = 1 (--followdotdir overrides) Minimum risk level = 1 Not every hit is necessarily a security vulnerability. There may be other security vulnerabilities; review your code! See 'Secure Programming HOWTO' (https://dwheeler.com/secure-programs) for more information.