Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler.
Number of rules (primarily dangerous function names) in C/C++ ruleset: 223
Examining data/openslide-3.4.1+dfsg/src/openslide-decode-xml.h
Examining data/openslide-3.4.1+dfsg/src/openslide-vendor-hamamatsu.c
Examining data/openslide-3.4.1+dfsg/src/openslide-tables.c
Examining data/openslide-3.4.1+dfsg/src/openslide-decode-tiff.c
Examining data/openslide-3.4.1+dfsg/src/openslide-decode-tiff.h
Examining data/openslide-3.4.1+dfsg/src/openslide-vendor-ventana.c
Examining data/openslide-3.4.1+dfsg/src/openslide-vendor-philips.c
Examining data/openslide-3.4.1+dfsg/src/openslide-decode-sqlite.h
Examining data/openslide-3.4.1+dfsg/src/openslide-hash.h
Examining data/openslide-3.4.1+dfsg/src/openslide-grid.c
Examining data/openslide-3.4.1+dfsg/src/openslide-cairo.h
Examining data/openslide-3.4.1+dfsg/src/openslide.c
Examining data/openslide-3.4.1+dfsg/src/openslide-vendor-trestle.c
Examining data/openslide-3.4.1+dfsg/src/openslide-private.h
Examining data/openslide-3.4.1+dfsg/src/openslide-decode-tifflike.c
Examining data/openslide-3.4.1+dfsg/src/openslide-decode-tifflike.h
Examining data/openslide-3.4.1+dfsg/src/openslide-decode-gdkpixbuf.c
Examining data/openslide-3.4.1+dfsg/src/openslide-decode-png.h
Examining data/openslide-3.4.1+dfsg/src/openslide.h
Examining data/openslide-3.4.1+dfsg/src/openslide-vendor-sakura.c
Examining data/openslide-3.4.1+dfsg/src/openslide-jdatasrc.c
Examining data/openslide-3.4.1+dfsg/src/openslide-vendor-generic-tiff.c
Examining data/openslide-3.4.1+dfsg/src/openslide-vendor-mirax.c
Examining data/openslide-3.4.1+dfsg/src/openslide-features.h
Examining data/openslide-3.4.1+dfsg/src/openslide-decode-gdkpixbuf.h
Examining data/openslide-3.4.1+dfsg/src/openslide-decode-jpeg.h
Examining data/openslide-3.4.1+dfsg/src/openslide-util.c
Examining data/openslide-3.4.1+dfsg/src/openslide-error.h
Examining data/openslide-3.4.1+dfsg/src/openslide-decode-jp2k.c
Examining data/openslide-3.4.1+dfsg/src/openslide-decode-png.c
Examining data/openslide-3.4.1+dfsg/src/make-tables.c
Examining data/openslide-3.4.1+dfsg/src/openslide-decode-jpeg.c
Examining data/openslide-3.4.1+dfsg/src/openslide-decode-sqlite.c
Examining data/openslide-3.4.1+dfsg/src/openslide-hash.c
Examining data/openslide-3.4.1+dfsg/src/openslide-cache.c
Examining data/openslide-3.4.1+dfsg/src/openslide-vendor-aperio.c
Examining data/openslide-3.4.1+dfsg/src/openslide-decode-jp2k.h
Examining data/openslide-3.4.1+dfsg/src/openslide-vendor-leica.c
Examining data/openslide-3.4.1+dfsg/src/openslide-error.c
Examining data/openslide-3.4.1+dfsg/src/openslide-decode-xml.c
Examining data/openslide-3.4.1+dfsg/test/parallel.c
Examining data/openslide-3.4.1+dfsg/test/test-common.h
Examining data/openslide-3.4.1+dfsg/test/try_open.c
Examining data/openslide-3.4.1+dfsg/test/test-common.c
Examining data/openslide-3.4.1+dfsg/test/mosaic.c
Examining data/openslide-3.4.1+dfsg/test/test.c
Examining data/openslide-3.4.1+dfsg/test/extended.c
Examining data/openslide-3.4.1+dfsg/test/profile.c
Examining data/openslide-3.4.1+dfsg/test/query.c
Examining data/openslide-3.4.1+dfsg/test/symlink.c
Examining data/openslide-3.4.1+dfsg/tools/openslide-quickhash1sum.c
Examining data/openslide-3.4.1+dfsg/tools/openslide-tools-common.c
Examining data/openslide-3.4.1+dfsg/tools/openslide-show-properties.c
Examining data/openslide-3.4.1+dfsg/tools/openslide-write-png.c
Examining data/openslide-3.4.1+dfsg/tools/openslide-tools-common.h
FINAL RESULTS:
data/openslide-3.4.1+dfsg/src/make-tables.c:32:3: [4] (format) vfprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
vfprintf(stderr, fmt, ap);
data/openslide-3.4.1+dfsg/src/openslide-decode-tifflike.c:765:7: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf(" %"PRIu64, uints[i]);
data/openslide-3.4.1+dfsg/src/openslide-decode-tifflike.c:774:7: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf(" %.16"PRIx64, uints[i]);
data/openslide-3.4.1+dfsg/src/openslide-decode-tifflike.c:785:7: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf(" %"PRId64, sints[i]);
data/openslide-3.4.1+dfsg/test/extended.c:41:3: [4] (format) vfprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
vfprintf(stderr, str, ap);
data/openslide-3.4.1+dfsg/test/mosaic.c:51:3: [4] (format) vfprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
vfprintf(stderr, fmt, ap);
data/openslide-3.4.1+dfsg/test/profile.c:43:3: [4] (format) vfprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
vfprintf(stderr, str, ap);
data/openslide-3.4.1+dfsg/test/try_open.c:47:5: [4] (format) vfprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
vfprintf(stderr, str, ap);
data/openslide-3.4.1+dfsg/tools/openslide-tools-common.c:72:5: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stderr, version_format, g_get_prgname(), openslide_get_version());
data/openslide-3.4.1+dfsg/src/make-tables.c:87:13: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE *f = fopen(argv[1], "w");
data/openslide-3.4.1+dfsg/src/openslide-decode-jp2k.c:191:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buf, params->data, count);
data/openslide-3.4.1+dfsg/src/openslide-decode-jpeg.c:76:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[JMSG_LENGTH_MAX];
data/openslide-3.4.1+dfsg/src/openslide-decode-tiff.c:175:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char emsg[1024] = "unknown error";
data/openslide-3.4.1+dfsg/src/openslide-decode-tifflike.c:229:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(item->buffer, buf, item->count);
data/openslide-3.4.1+dfsg/src/openslide-decode-tifflike.c:250:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(item->uints, buf, sizeof(uint64_t) * item->count);
data/openslide-3.4.1+dfsg/src/openslide-decode-tifflike.c:276:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(item->sints, buf, sizeof(int64_t) * item->count);
data/openslide-3.4.1+dfsg/src/openslide-decode-tifflike.c:290:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(item->floats, buf, sizeof(double) * item->count);
data/openslide-3.4.1+dfsg/src/openslide-decode-tifflike.c:313:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(item->buffer, buf, item->count);
data/openslide-3.4.1+dfsg/src/openslide-decode-tifflike.c:513:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&item->offset, value, 8);
data/openslide-3.4.1+dfsg/src/openslide-decode-tifflike.c:517:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&off32, value, 4);
data/openslide-3.4.1+dfsg/src/openslide-grid.c:810:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(tile_array, tiles->pdata, tiles->len * sizeof(struct range_tile *));
data/openslide-3.4.1+dfsg/src/openslide-private.h:121:10: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
bool (*open)(openslide_t *osr, const char *filename,
data/openslide-3.4.1+dfsg/src/openslide-private.h:359:9: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
#define fopen _OPENSLIDE_POISON(_openslide_fopen)
data/openslide-3.4.1+dfsg/src/openslide-util.c:159:8: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
#undef fopen
data/openslide-3.4.1+dfsg/src/openslide-util.c:163:13: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE *f = fopen(path, m);
data/openslide-3.4.1+dfsg/src/openslide-util.c:196:9: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
#define fopen _OPENSLIDE_POISON(_openslide_fopen)
data/openslide-3.4.1+dfsg/src/openslide-util.c:220:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[G_ASCII_DTOSTR_BUF_SIZE];
data/openslide-3.4.1+dfsg/src/openslide.c:117:40: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
format->detect && format->open);
data/openslide-3.4.1+dfsg/src/openslide.c:151:25: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
bool result = format->open(osr, filename, tl,
data/openslide-3.4.1+dfsg/src/openslide.c:717:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(dest, buf, pixels * sizeof(uint32_t));
data/openslide-3.4.1+dfsg/test/parallel.c:75:17: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
int threads = atoi(argv[2]);
data/openslide-3.4.1+dfsg/test/profile.c:54:15: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
int level = atoi(argv[2]);
data/openslide-3.4.1+dfsg/test/test.c:92:13: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE *f = fopen(filename, "wb");
data/openslide-3.4.1+dfsg/tools/openslide-write-png.c:224:15: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE *png = fopen(output, "wb");
data/openslide-3.4.1+dfsg/src/openslide-decode-sqlite.c:95:35: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (sqlite3_prepare_v2(db, sql, strlen(sql) + 1, &stmt, NULL)) {
data/openslide-3.4.1+dfsg/src/openslide-decode-xml.c:38:36: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
xmlDoc *doc = xmlReadMemory(xml, strlen(xml), "/", NULL,
data/openslide-3.4.1+dfsg/src/openslide-hash.c:54:43: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
_openslide_hash_data(hash, str_to_hash, strlen(str_to_hash) + 1);
data/openslide-3.4.1+dfsg/src/openslide-vendor-hamamatsu.c:892:20: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
int prefix = getc(f);
data/openslide-3.4.1+dfsg/src/openslide-vendor-hamamatsu.c:894:20: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
int marker = getc(f);
data/openslide-3.4.1+dfsg/src/openslide-vendor-hamamatsu.c:1729:10: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if ((fgetc(f) != 'G') || (fgetc(f) != 'N')) {
data/openslide-3.4.1+dfsg/src/openslide-vendor-hamamatsu.c:1729:31: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if ((fgetc(f) != 'G') || (fgetc(f) != 'N')) {
data/openslide-3.4.1+dfsg/src/openslide-vendor-hamamatsu.c:1898:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
char *suffix = key + strlen(KEY_IMAGE_FILE);
data/openslide-3.4.1+dfsg/src/openslide-vendor-mirax.c:398:39: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
char *dirname = g_strndup(filename, strlen(filename) - strlen(MRXS_EXT));
data/openslide-3.4.1+dfsg/src/openslide-vendor-mirax.c:398:58: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
char *dirname = g_strndup(filename, strlen(filename) - strlen(MRXS_EXT));
data/openslide-3.4.1+dfsg/src/openslide-vendor-mirax.c:1120:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
const int64_t hier_root = strlen(INDEX_VERSION) + strlen(uuid);
data/openslide-3.4.1+dfsg/src/openslide-vendor-mirax.c:1120:53: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
const int64_t hier_root = strlen(INDEX_VERSION) + strlen(uuid);
data/openslide-3.4.1+dfsg/src/openslide-vendor-mirax.c:1124:46: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
teststr = read_string_from_file(indexfile, strlen(INDEX_VERSION));
data/openslide-3.4.1+dfsg/src/openslide-vendor-mirax.c:1133:46: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
teststr = read_string_from_file(indexfile, strlen(uuid));
data/openslide-3.4.1+dfsg/src/openslide-vendor-mirax.c:1533:33: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
dirname = g_strndup(filename, strlen(filename) - strlen(MRXS_EXT));
data/openslide-3.4.1+dfsg/src/openslide-vendor-mirax.c:1533:52: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
dirname = g_strndup(filename, strlen(filename) - strlen(MRXS_EXT));
data/openslide-3.4.1+dfsg/src/openslide-vendor-trestle.c:259:51: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
uint64_t bg = g_ascii_strtoull((*cur_str) + strlen(BACKGROUND_COLOR), NULL, 16);
data/openslide-3.4.1+dfsg/tools/openslide-write-png.c:95:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
text_ptr[0].text_length = strlen(text);
ANALYSIS SUMMARY:
Hits = 52
Lines analyzed = 20043 in approximately 0.48 seconds (41705 lines/second)
Physical Source Lines of Code (SLOC) = 13778
Hits@level = [0] 102 [1] 18 [2] 25 [3] 0 [4] 9 [5] 0
Hits@level+ = [0+] 154 [1+] 52 [2+] 34 [3+] 9 [4+] 9 [5+] 0
Hits/KSLOC@level+ = [0+] 11.1772 [1+] 3.77413 [2+] 2.4677 [3+] 0.653215 [4+] 0.653215 [5+] 0
Dot directories skipped = 1 (--followdotdir overrides)
Minimum risk level = 1
Not every hit is necessarily a security vulnerability.
There may be other security vulnerabilities; review your code!
See 'Secure Programming HOWTO'
(https://dwheeler.com/secure-programs) for more information.