Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler. Number of rules (primarily dangerous function names) in C/C++ ruleset: 223 Examining data/rgbpaint-0.8.7/src/canvas.h Examining data/rgbpaint-0.8.7/src/global.h Examining data/rgbpaint-0.8.7/src/mainwindow.h Examining data/rgbpaint-0.8.7/src/mygtk.h Examining data/rgbpaint-0.8.7/src/otherwindow.h Examining data/rgbpaint-0.8.7/src/png.h Examining data/rgbpaint-0.8.7/src/toolbar.h Examining data/rgbpaint-0.8.7/src/viewer.h Examining data/rgbpaint-0.8.7/src/png.c Examining data/rgbpaint-0.8.7/src/memory.c Examining data/rgbpaint-0.8.7/src/memory.h Examining data/rgbpaint-0.8.7/src/canvas.c Examining data/rgbpaint-0.8.7/src/mainwindow.c Examining data/rgbpaint-0.8.7/src/mygtk.c Examining data/rgbpaint-0.8.7/src/otherwindow.c Examining data/rgbpaint-0.8.7/src/main.c Examining data/rgbpaint-0.8.7/src/toolbar.c Examining data/rgbpaint-0.8.7/src/viewer.c FINAL RESULTS: data/rgbpaint-0.8.7/src/canvas.c:331:3: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy( out, c ); data/rgbpaint-0.8.7/src/canvas.c:202:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(mem_clipboard + delta, mem_img[mem_channel] + ofs, len); data/rgbpaint-0.8.7/src/canvas.c:327:3: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(out, "Error in cleanse_txt using g_*_to_utf8"); data/rgbpaint-0.8.7/src/canvas.c:344:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char mess[512], real_fname[300]; data/rgbpaint-0.8.7/src/canvas.c:413:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char mess[512]; data/rgbpaint-0.8.7/src/canvas.c:589:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char fname[256], *c, *ext, *ext2; data/rgbpaint-0.8.7/src/canvas.c:674:8: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char fs_last_dir[260]; data/rgbpaint-0.8.7/src/canvas.c:1268:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char txt[280], *c; data/rgbpaint-0.8.7/src/main.c:119:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char ppath[256]; data/rgbpaint-0.8.7/src/main.c:269:10: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fh = open(argv[i], O_RDWR); data/rgbpaint-0.8.7/src/mainwindow.c:172:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char mess[512]; data/rgbpaint-0.8.7/src/mainwindow.c:175:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(settings->img, mem_img, sizeof(chanlist)); data/rgbpaint-0.8.7/src/mainwindow.c:820:18: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static unsigned char greyz[2] = {GREY_W, GREY_B}; data/rgbpaint-0.8.7/src/mainwindow.c:878:4: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(rgb, rgb - fwid, wid3); data/rgbpaint-0.8.7/src/mainwindow.c:1036:11: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char *dest, crgb[3] = {INT_2_R(col), INT_2_G(col), INT_2_B(col)}; data/rgbpaint-0.8.7/src/mainwindow.c:1162:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(alpha, mem_img[CHN_ALPHA] + di, l); data/rgbpaint-0.8.7/src/mainwindow.c:1171:6: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(pix, mem_img[mem_channel] + data/rgbpaint-0.8.7/src/mainwindow.c:1802:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char txt[300], txt2[600], *extra = "-"; data/rgbpaint-0.8.7/src/memory.c:40:1: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char mem_filename[256]; // File name of file loaded/saved data/rgbpaint-0.8.7/src/memory.c:71:10: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char mem_grid_rgb[3] = {50,50,50}; // RGB colour of grid data/rgbpaint-0.8.7/src/memory.c:271:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(undo->img, mem_img, sizeof(chanlist)); data/rgbpaint-0.8.7/src/memory.c:396:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(img, undo->img[i], mem_lim); data/rgbpaint-0.8.7/src/memory.c:406:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(mem_img, holder, sizeof(chanlist)); data/rgbpaint-0.8.7/src/memory.c:412:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(undo->img, holder, sizeof(chanlist)); data/rgbpaint-0.8.7/src/memory.c:536:7: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fp = fopen(filename, "r"); data/rgbpaint-0.8.7/src/memory.c:582:17: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static unsigned char gamma_table[256], bc_table[256]; data/rgbpaint-0.8.7/src/memory.c:593:11: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char rgb[3]; data/rgbpaint-0.8.7/src/memory.c:839:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(line1, line2, sizeof(linedata)); data/rgbpaint-0.8.7/src/memory.c:1026:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(old_img, mem_img, sizeof(chanlist)); data/rgbpaint-0.8.7/src/memory.c:1084:6: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(dest, src, j); data/rgbpaint-0.8.7/src/memory.c:1121:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(dest, src, bpp); data/rgbpaint-0.8.7/src/memory.c:1130:4: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(dest, src, bpp); data/rgbpaint-0.8.7/src/memory.c:1143:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(dest, src, bpp); data/rgbpaint-0.8.7/src/memory.c:1152:4: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(dest, src, bpp); data/rgbpaint-0.8.7/src/memory.c:1192:13: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. if (mask0) memcpy(mask, mask0, cnt); data/rgbpaint-0.8.7/src/memory.h:67:18: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. typedef unsigned char *chanlist[NUM_CHANNELS]; data/rgbpaint-0.8.7/src/memory.h:78:1: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char mem_filename[256]; // File name of file loaded/saved data/rgbpaint-0.8.7/src/memory.h:110:10: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char mem_grid_rgb[3]; // RGB colour of grid data/rgbpaint-0.8.7/src/memory.h:167:28: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. #define mem_pal_copy(A, B) memcpy((A), (B), sizeof(png_color) * 256) data/rgbpaint-0.8.7/src/mygtk.c:99:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char *butxt[3] = {text1, text2, text3}; data/rgbpaint-0.8.7/src/otherwindow.c:241:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char txt[32]; data/rgbpaint-0.8.7/src/otherwindow.c:327:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char txt[32], data/rgbpaint-0.8.7/src/png.c:110:4: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(settings->img, mem_img, sizeof(chanlist)); data/rgbpaint-0.8.7/src/png.c:153:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char txt[20]; data/rgbpaint-0.8.7/src/toolbar.c:136:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char txt[32]; data/rgbpaint-0.8.7/src/toolbar.c:185:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char txt[256]; data/rgbpaint-0.8.7/src/toolbar.c:355:18: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static unsigned char cursor_tip[3][3] = { {1, 19}, {10, 10}, {2, 18} }; data/rgbpaint-0.8.7/src/viewer.c:344:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(mem_img[CHN_IMAGE], rgb, w * h * 3); data/rgbpaint-0.8.7/src/viewer.c:370:8: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char font_name[256], font_text[256]; data/rgbpaint-0.8.7/src/canvas.c:338:2: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy( mem_filename, fname, 250 ); data/rgbpaint-0.8.7/src/canvas.c:355:7: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). i = strlen(real_fname); data/rgbpaint-0.8.7/src/canvas.c:358:3: [1] (buffer) strncat: Easily used incorrectly (e.g., incorrectly computing the correct maximum size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf, or automatically resizing strings. strncat(real_fname, fname, 256); data/rgbpaint-0.8.7/src/canvas.c:360:7: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). else strncpy(real_fname, fname, 256); data/rgbpaint-0.8.7/src/canvas.c:603:2: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(fname, gtk_entry_get_text(GTK_ENTRY( data/rgbpaint-0.8.7/src/canvas.c:632:8: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). i = strlen(fname); data/rgbpaint-0.8.7/src/canvas.c:633:8: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). j = strlen(ext); data/rgbpaint-0.8.7/src/canvas.c:636:4: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(fname + i + 1, ext, j + 1); data/rgbpaint-0.8.7/src/canvas.c:678:2: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(fs_last_dir, s, 256); data/rgbpaint-0.8.7/src/canvas.c:712:3: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy( txt, mem_filename, 256 ); // If we have a filename and saving data/rgbpaint-0.8.7/src/canvas.c:715:8: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if ( strlen(fs_last_dir) == 0 ) txt[0]=0; // Nothing set so leave empty data/rgbpaint-0.8.7/src/main.c:343:4: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy( ppath, argv[file_arg_start], 250 ); data/rgbpaint-0.8.7/src/mygtk.c:220:3: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy(dest, c, cnt); data/rgbpaint-0.8.7/src/mygtk.c:223:7: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). else strncpy(dest, src, cnt); data/rgbpaint-0.8.7/src/toolbar.c:120:7: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if ( strlen(txt) > 2) // Weed out bogus calls ANALYSIS SUMMARY: Hits = 64 Lines analyzed = 8512 in approximately 0.22 seconds (39237 lines/second) Physical Source Lines of Code (SLOC) = 6212 Hits@level = [0] 25 [1] 15 [2] 48 [3] 0 [4] 1 [5] 0 Hits@level+ = [0+] 89 [1+] 64 [2+] 49 [3+] 1 [4+] 1 [5+] 0 Hits/KSLOC@level+ = [0+] 14.3271 [1+] 10.3026 [2+] 7.88796 [3+] 0.160979 [4+] 0.160979 [5+] 0 Dot directories skipped = 1 (--followdotdir overrides) Minimum risk level = 1 Not every hit is necessarily a security vulnerability. There may be other security vulnerabilities; review your code! See 'Secure Programming HOWTO' (https://dwheeler.com/secure-programs) for more information.