Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler.
Number of rules (primarily dangerous function names) in C/C++ ruleset: 223
Examining data/sdl-ttf2.0-2.0.11/glfont.c
Examining data/sdl-ttf2.0-2.0.11/SDL_ttf.h
Examining data/sdl-ttf2.0-2.0.11/showfont.c
Examining data/sdl-ttf2.0-2.0.11/VisualC/external/include/freetype/config/ftconfig.h
Examining data/sdl-ttf2.0-2.0.11/VisualC/external/include/freetype/config/ftheader.h
Examining data/sdl-ttf2.0-2.0.11/VisualC/external/include/freetype/config/ftmodule.h
Examining data/sdl-ttf2.0-2.0.11/VisualC/external/include/freetype/config/ftoption.h
Examining data/sdl-ttf2.0-2.0.11/VisualC/external/include/freetype/config/ftstdlib.h
Examining data/sdl-ttf2.0-2.0.11/VisualC/external/include/freetype/freetype.h
Examining data/sdl-ttf2.0-2.0.11/VisualC/external/include/freetype/ftadvanc.h
Examining data/sdl-ttf2.0-2.0.11/VisualC/external/include/freetype/ftbbox.h
Examining data/sdl-ttf2.0-2.0.11/VisualC/external/include/freetype/ftbdf.h
Examining data/sdl-ttf2.0-2.0.11/VisualC/external/include/freetype/ftbitmap.h
Examining data/sdl-ttf2.0-2.0.11/VisualC/external/include/freetype/ftbzip2.h
Examining data/sdl-ttf2.0-2.0.11/VisualC/external/include/freetype/ftcache.h
Examining data/sdl-ttf2.0-2.0.11/VisualC/external/include/freetype/ftchapters.h
Examining data/sdl-ttf2.0-2.0.11/VisualC/external/include/freetype/ftcid.h
Examining data/sdl-ttf2.0-2.0.11/VisualC/external/include/freetype/fterrdef.h
Examining data/sdl-ttf2.0-2.0.11/VisualC/external/include/freetype/fterrors.h
Examining data/sdl-ttf2.0-2.0.11/VisualC/external/include/freetype/ftgasp.h
Examining data/sdl-ttf2.0-2.0.11/VisualC/external/include/freetype/ftglyph.h
Examining data/sdl-ttf2.0-2.0.11/VisualC/external/include/freetype/ftgxval.h
Examining data/sdl-ttf2.0-2.0.11/VisualC/external/include/freetype/ftgzip.h
Examining data/sdl-ttf2.0-2.0.11/VisualC/external/include/freetype/ftimage.h
Examining data/sdl-ttf2.0-2.0.11/VisualC/external/include/freetype/ftincrem.h
Examining data/sdl-ttf2.0-2.0.11/VisualC/external/include/freetype/ftlcdfil.h
Examining data/sdl-ttf2.0-2.0.11/VisualC/external/include/freetype/ftlist.h
Examining data/sdl-ttf2.0-2.0.11/VisualC/external/include/freetype/ftlzw.h
Examining data/sdl-ttf2.0-2.0.11/VisualC/external/include/freetype/ftmac.h
Examining data/sdl-ttf2.0-2.0.11/VisualC/external/include/freetype/ftmm.h
Examining data/sdl-ttf2.0-2.0.11/VisualC/external/include/freetype/ftmodapi.h
Examining data/sdl-ttf2.0-2.0.11/VisualC/external/include/freetype/ftmoderr.h
Examining data/sdl-ttf2.0-2.0.11/VisualC/external/include/freetype/ftotval.h
Examining data/sdl-ttf2.0-2.0.11/VisualC/external/include/freetype/ftoutln.h
Examining data/sdl-ttf2.0-2.0.11/VisualC/external/include/freetype/ftpfr.h
Examining data/sdl-ttf2.0-2.0.11/VisualC/external/include/freetype/ftrender.h
Examining data/sdl-ttf2.0-2.0.11/VisualC/external/include/freetype/ftsizes.h
Examining data/sdl-ttf2.0-2.0.11/VisualC/external/include/freetype/ftsnames.h
Examining data/sdl-ttf2.0-2.0.11/VisualC/external/include/freetype/ftstroke.h
Examining data/sdl-ttf2.0-2.0.11/VisualC/external/include/freetype/ftsynth.h
Examining data/sdl-ttf2.0-2.0.11/VisualC/external/include/freetype/ftsystem.h
Examining data/sdl-ttf2.0-2.0.11/VisualC/external/include/freetype/fttrigon.h
Examining data/sdl-ttf2.0-2.0.11/VisualC/external/include/freetype/fttypes.h
Examining data/sdl-ttf2.0-2.0.11/VisualC/external/include/freetype/ftwinfnt.h
Examining data/sdl-ttf2.0-2.0.11/VisualC/external/include/freetype/ftxf86.h
Examining data/sdl-ttf2.0-2.0.11/VisualC/external/include/freetype/t1tables.h
Examining data/sdl-ttf2.0-2.0.11/VisualC/external/include/freetype/ttnameid.h
Examining data/sdl-ttf2.0-2.0.11/VisualC/external/include/freetype/tttables.h
Examining data/sdl-ttf2.0-2.0.11/VisualC/external/include/freetype/tttags.h
Examining data/sdl-ttf2.0-2.0.11/VisualC/external/include/freetype/ttunpat.h
Examining data/sdl-ttf2.0-2.0.11/VisualC/external/include/ft2build.h
Examining data/sdl-ttf2.0-2.0.11/VisualC/resource.h
Examining data/sdl-ttf2.0-2.0.11/Xcode/Frameworks/FreeType.framework/Headers/freetype/config/ftconfig.h
Examining data/sdl-ttf2.0-2.0.11/Xcode/Frameworks/FreeType.framework/Headers/freetype/config/ftheader.h
Examining data/sdl-ttf2.0-2.0.11/Xcode/Frameworks/FreeType.framework/Headers/freetype/config/ftmodule.h
Examining data/sdl-ttf2.0-2.0.11/Xcode/Frameworks/FreeType.framework/Headers/freetype/config/ftoption.h
Examining data/sdl-ttf2.0-2.0.11/Xcode/Frameworks/FreeType.framework/Headers/freetype/config/ftstdlib.h
Examining data/sdl-ttf2.0-2.0.11/Xcode/Frameworks/FreeType.framework/Headers/freetype/freetype.h
Examining data/sdl-ttf2.0-2.0.11/Xcode/Frameworks/FreeType.framework/Headers/freetype/ftadvanc.h
Examining data/sdl-ttf2.0-2.0.11/Xcode/Frameworks/FreeType.framework/Headers/freetype/ftbbox.h
Examining data/sdl-ttf2.0-2.0.11/Xcode/Frameworks/FreeType.framework/Headers/freetype/ftbdf.h
Examining data/sdl-ttf2.0-2.0.11/Xcode/Frameworks/FreeType.framework/Headers/freetype/ftbitmap.h
Examining data/sdl-ttf2.0-2.0.11/Xcode/Frameworks/FreeType.framework/Headers/freetype/ftbzip2.h
Examining data/sdl-ttf2.0-2.0.11/Xcode/Frameworks/FreeType.framework/Headers/freetype/ftcache.h
Examining data/sdl-ttf2.0-2.0.11/Xcode/Frameworks/FreeType.framework/Headers/freetype/ftchapters.h
Examining data/sdl-ttf2.0-2.0.11/Xcode/Frameworks/FreeType.framework/Headers/freetype/ftcid.h
Examining data/sdl-ttf2.0-2.0.11/Xcode/Frameworks/FreeType.framework/Headers/freetype/fterrdef.h
Examining data/sdl-ttf2.0-2.0.11/Xcode/Frameworks/FreeType.framework/Headers/freetype/fterrors.h
Examining data/sdl-ttf2.0-2.0.11/Xcode/Frameworks/FreeType.framework/Headers/freetype/ftgasp.h
Examining data/sdl-ttf2.0-2.0.11/Xcode/Frameworks/FreeType.framework/Headers/freetype/ftglyph.h
Examining data/sdl-ttf2.0-2.0.11/Xcode/Frameworks/FreeType.framework/Headers/freetype/ftgxval.h
Examining data/sdl-ttf2.0-2.0.11/Xcode/Frameworks/FreeType.framework/Headers/freetype/ftgzip.h
Examining data/sdl-ttf2.0-2.0.11/Xcode/Frameworks/FreeType.framework/Headers/freetype/ftimage.h
Examining data/sdl-ttf2.0-2.0.11/Xcode/Frameworks/FreeType.framework/Headers/freetype/ftincrem.h
Examining data/sdl-ttf2.0-2.0.11/Xcode/Frameworks/FreeType.framework/Headers/freetype/ftlcdfil.h
Examining data/sdl-ttf2.0-2.0.11/Xcode/Frameworks/FreeType.framework/Headers/freetype/ftlist.h
Examining data/sdl-ttf2.0-2.0.11/Xcode/Frameworks/FreeType.framework/Headers/freetype/ftlzw.h
Examining data/sdl-ttf2.0-2.0.11/Xcode/Frameworks/FreeType.framework/Headers/freetype/ftmac.h
Examining data/sdl-ttf2.0-2.0.11/Xcode/Frameworks/FreeType.framework/Headers/freetype/ftmm.h
Examining data/sdl-ttf2.0-2.0.11/Xcode/Frameworks/FreeType.framework/Headers/freetype/ftmodapi.h
Examining data/sdl-ttf2.0-2.0.11/Xcode/Frameworks/FreeType.framework/Headers/freetype/ftmoderr.h
Examining data/sdl-ttf2.0-2.0.11/Xcode/Frameworks/FreeType.framework/Headers/freetype/ftotval.h
Examining data/sdl-ttf2.0-2.0.11/Xcode/Frameworks/FreeType.framework/Headers/freetype/ftoutln.h
Examining data/sdl-ttf2.0-2.0.11/Xcode/Frameworks/FreeType.framework/Headers/freetype/ftpfr.h
Examining data/sdl-ttf2.0-2.0.11/Xcode/Frameworks/FreeType.framework/Headers/freetype/ftrender.h
Examining data/sdl-ttf2.0-2.0.11/Xcode/Frameworks/FreeType.framework/Headers/freetype/ftsizes.h
Examining data/sdl-ttf2.0-2.0.11/Xcode/Frameworks/FreeType.framework/Headers/freetype/ftsnames.h
Examining data/sdl-ttf2.0-2.0.11/Xcode/Frameworks/FreeType.framework/Headers/freetype/ftstroke.h
Examining data/sdl-ttf2.0-2.0.11/Xcode/Frameworks/FreeType.framework/Headers/freetype/ftsynth.h
Examining data/sdl-ttf2.0-2.0.11/Xcode/Frameworks/FreeType.framework/Headers/freetype/ftsystem.h
Examining data/sdl-ttf2.0-2.0.11/Xcode/Frameworks/FreeType.framework/Headers/freetype/fttrigon.h
Examining data/sdl-ttf2.0-2.0.11/Xcode/Frameworks/FreeType.framework/Headers/freetype/fttypes.h
Examining data/sdl-ttf2.0-2.0.11/Xcode/Frameworks/FreeType.framework/Headers/freetype/ftwinfnt.h
Examining data/sdl-ttf2.0-2.0.11/Xcode/Frameworks/FreeType.framework/Headers/freetype/ftxf86.h
Examining data/sdl-ttf2.0-2.0.11/Xcode/Frameworks/FreeType.framework/Headers/freetype/t1tables.h
Examining data/sdl-ttf2.0-2.0.11/Xcode/Frameworks/FreeType.framework/Headers/freetype/ttnameid.h
Examining data/sdl-ttf2.0-2.0.11/Xcode/Frameworks/FreeType.framework/Headers/freetype/tttables.h
Examining data/sdl-ttf2.0-2.0.11/Xcode/Frameworks/FreeType.framework/Headers/freetype/tttags.h
Examining data/sdl-ttf2.0-2.0.11/Xcode/Frameworks/FreeType.framework/Headers/freetype/ttunpat.h
Examining data/sdl-ttf2.0-2.0.11/Xcode/Frameworks/FreeType.framework/Headers/ft2build.h
Examining data/sdl-ttf2.0-2.0.11/Xcode/Frameworks/FreeType.framework/Versions/A/Headers/freetype/config/ftconfig.h
Examining data/sdl-ttf2.0-2.0.11/Xcode/Frameworks/FreeType.framework/Versions/A/Headers/freetype/config/ftheader.h
Examining data/sdl-ttf2.0-2.0.11/Xcode/Frameworks/FreeType.framework/Versions/A/Headers/freetype/config/ftmodule.h
Examining data/sdl-ttf2.0-2.0.11/Xcode/Frameworks/FreeType.framework/Versions/A/Headers/freetype/config/ftoption.h
Examining data/sdl-ttf2.0-2.0.11/Xcode/Frameworks/FreeType.framework/Versions/A/Headers/freetype/config/ftstdlib.h
Examining data/sdl-ttf2.0-2.0.11/Xcode/Frameworks/FreeType.framework/Versions/A/Headers/freetype/freetype.h
Examining data/sdl-ttf2.0-2.0.11/Xcode/Frameworks/FreeType.framework/Versions/A/Headers/freetype/ftadvanc.h
Examining data/sdl-ttf2.0-2.0.11/Xcode/Frameworks/FreeType.framework/Versions/A/Headers/freetype/ftbbox.h
Examining data/sdl-ttf2.0-2.0.11/Xcode/Frameworks/FreeType.framework/Versions/A/Headers/freetype/ftbdf.h
Examining data/sdl-ttf2.0-2.0.11/Xcode/Frameworks/FreeType.framework/Versions/A/Headers/freetype/ftbitmap.h
Examining data/sdl-ttf2.0-2.0.11/Xcode/Frameworks/FreeType.framework/Versions/A/Headers/freetype/ftbzip2.h
Examining data/sdl-ttf2.0-2.0.11/Xcode/Frameworks/FreeType.framework/Versions/A/Headers/freetype/ftcache.h
Examining data/sdl-ttf2.0-2.0.11/Xcode/Frameworks/FreeType.framework/Versions/A/Headers/freetype/ftchapters.h
Examining data/sdl-ttf2.0-2.0.11/Xcode/Frameworks/FreeType.framework/Versions/A/Headers/freetype/ftcid.h
Examining data/sdl-ttf2.0-2.0.11/Xcode/Frameworks/FreeType.framework/Versions/A/Headers/freetype/fterrdef.h
Examining data/sdl-ttf2.0-2.0.11/Xcode/Frameworks/FreeType.framework/Versions/A/Headers/freetype/fterrors.h
Examining data/sdl-ttf2.0-2.0.11/Xcode/Frameworks/FreeType.framework/Versions/A/Headers/freetype/ftgasp.h
Examining data/sdl-ttf2.0-2.0.11/Xcode/Frameworks/FreeType.framework/Versions/A/Headers/freetype/ftglyph.h
Examining data/sdl-ttf2.0-2.0.11/Xcode/Frameworks/FreeType.framework/Versions/A/Headers/freetype/ftgxval.h
Examining data/sdl-ttf2.0-2.0.11/Xcode/Frameworks/FreeType.framework/Versions/A/Headers/freetype/ftgzip.h
Examining data/sdl-ttf2.0-2.0.11/Xcode/Frameworks/FreeType.framework/Versions/A/Headers/freetype/ftimage.h
Examining data/sdl-ttf2.0-2.0.11/Xcode/Frameworks/FreeType.framework/Versions/A/Headers/freetype/ftincrem.h
Examining data/sdl-ttf2.0-2.0.11/Xcode/Frameworks/FreeType.framework/Versions/A/Headers/freetype/ftlcdfil.h
Examining data/sdl-ttf2.0-2.0.11/Xcode/Frameworks/FreeType.framework/Versions/A/Headers/freetype/ftlist.h
Examining data/sdl-ttf2.0-2.0.11/Xcode/Frameworks/FreeType.framework/Versions/A/Headers/freetype/ftlzw.h
Examining data/sdl-ttf2.0-2.0.11/Xcode/Frameworks/FreeType.framework/Versions/A/Headers/freetype/ftmac.h
Examining data/sdl-ttf2.0-2.0.11/Xcode/Frameworks/FreeType.framework/Versions/A/Headers/freetype/ftmm.h
Examining data/sdl-ttf2.0-2.0.11/Xcode/Frameworks/FreeType.framework/Versions/A/Headers/freetype/ftmodapi.h
Examining data/sdl-ttf2.0-2.0.11/Xcode/Frameworks/FreeType.framework/Versions/A/Headers/freetype/ftmoderr.h
Examining data/sdl-ttf2.0-2.0.11/Xcode/Frameworks/FreeType.framework/Versions/A/Headers/freetype/ftotval.h
Examining data/sdl-ttf2.0-2.0.11/Xcode/Frameworks/FreeType.framework/Versions/A/Headers/freetype/ftoutln.h
Examining data/sdl-ttf2.0-2.0.11/Xcode/Frameworks/FreeType.framework/Versions/A/Headers/freetype/ftpfr.h
Examining data/sdl-ttf2.0-2.0.11/Xcode/Frameworks/FreeType.framework/Versions/A/Headers/freetype/ftrender.h
Examining data/sdl-ttf2.0-2.0.11/Xcode/Frameworks/FreeType.framework/Versions/A/Headers/freetype/ftsizes.h
Examining data/sdl-ttf2.0-2.0.11/Xcode/Frameworks/FreeType.framework/Versions/A/Headers/freetype/ftsnames.h
Examining data/sdl-ttf2.0-2.0.11/Xcode/Frameworks/FreeType.framework/Versions/A/Headers/freetype/ftstroke.h
Examining data/sdl-ttf2.0-2.0.11/Xcode/Frameworks/FreeType.framework/Versions/A/Headers/freetype/ftsynth.h
Examining data/sdl-ttf2.0-2.0.11/Xcode/Frameworks/FreeType.framework/Versions/A/Headers/freetype/ftsystem.h
Examining data/sdl-ttf2.0-2.0.11/Xcode/Frameworks/FreeType.framework/Versions/A/Headers/freetype/fttrigon.h
Examining data/sdl-ttf2.0-2.0.11/Xcode/Frameworks/FreeType.framework/Versions/A/Headers/freetype/fttypes.h
Examining data/sdl-ttf2.0-2.0.11/Xcode/Frameworks/FreeType.framework/Versions/A/Headers/freetype/ftwinfnt.h
Examining data/sdl-ttf2.0-2.0.11/Xcode/Frameworks/FreeType.framework/Versions/A/Headers/freetype/ftxf86.h
Examining data/sdl-ttf2.0-2.0.11/Xcode/Frameworks/FreeType.framework/Versions/A/Headers/freetype/t1tables.h
Examining data/sdl-ttf2.0-2.0.11/Xcode/Frameworks/FreeType.framework/Versions/A/Headers/freetype/ttnameid.h
Examining data/sdl-ttf2.0-2.0.11/Xcode/Frameworks/FreeType.framework/Versions/A/Headers/freetype/tttables.h
Examining data/sdl-ttf2.0-2.0.11/Xcode/Frameworks/FreeType.framework/Versions/A/Headers/freetype/tttags.h
Examining data/sdl-ttf2.0-2.0.11/Xcode/Frameworks/FreeType.framework/Versions/A/Headers/freetype/ttunpat.h
Examining data/sdl-ttf2.0-2.0.11/Xcode/Frameworks/FreeType.framework/Versions/A/Headers/ft2build.h
Examining data/sdl-ttf2.0-2.0.11/Xcode/Frameworks/FreeType.framework/Versions/Current/Headers/freetype/config/ftconfig.h
Examining data/sdl-ttf2.0-2.0.11/Xcode/Frameworks/FreeType.framework/Versions/Current/Headers/freetype/config/ftheader.h
Examining data/sdl-ttf2.0-2.0.11/Xcode/Frameworks/FreeType.framework/Versions/Current/Headers/freetype/config/ftmodule.h
Examining data/sdl-ttf2.0-2.0.11/Xcode/Frameworks/FreeType.framework/Versions/Current/Headers/freetype/config/ftoption.h
Examining data/sdl-ttf2.0-2.0.11/Xcode/Frameworks/FreeType.framework/Versions/Current/Headers/freetype/config/ftstdlib.h
Examining data/sdl-ttf2.0-2.0.11/Xcode/Frameworks/FreeType.framework/Versions/Current/Headers/freetype/freetype.h
Examining data/sdl-ttf2.0-2.0.11/Xcode/Frameworks/FreeType.framework/Versions/Current/Headers/freetype/ftadvanc.h
Examining data/sdl-ttf2.0-2.0.11/Xcode/Frameworks/FreeType.framework/Versions/Current/Headers/freetype/ftbbox.h
Examining data/sdl-ttf2.0-2.0.11/Xcode/Frameworks/FreeType.framework/Versions/Current/Headers/freetype/ftbdf.h
Examining data/sdl-ttf2.0-2.0.11/Xcode/Frameworks/FreeType.framework/Versions/Current/Headers/freetype/ftbitmap.h
Examining data/sdl-ttf2.0-2.0.11/Xcode/Frameworks/FreeType.framework/Versions/Current/Headers/freetype/ftbzip2.h
Examining data/sdl-ttf2.0-2.0.11/Xcode/Frameworks/FreeType.framework/Versions/Current/Headers/freetype/ftcache.h
Examining data/sdl-ttf2.0-2.0.11/Xcode/Frameworks/FreeType.framework/Versions/Current/Headers/freetype/ftchapters.h
Examining data/sdl-ttf2.0-2.0.11/Xcode/Frameworks/FreeType.framework/Versions/Current/Headers/freetype/ftcid.h
Examining data/sdl-ttf2.0-2.0.11/Xcode/Frameworks/FreeType.framework/Versions/Current/Headers/freetype/fterrdef.h
Examining data/sdl-ttf2.0-2.0.11/Xcode/Frameworks/FreeType.framework/Versions/Current/Headers/freetype/fterrors.h
Examining data/sdl-ttf2.0-2.0.11/Xcode/Frameworks/FreeType.framework/Versions/Current/Headers/freetype/ftgasp.h
Examining data/sdl-ttf2.0-2.0.11/Xcode/Frameworks/FreeType.framework/Versions/Current/Headers/freetype/ftglyph.h
Examining data/sdl-ttf2.0-2.0.11/Xcode/Frameworks/FreeType.framework/Versions/Current/Headers/freetype/ftgxval.h
Examining data/sdl-ttf2.0-2.0.11/Xcode/Frameworks/FreeType.framework/Versions/Current/Headers/freetype/ftgzip.h
Examining data/sdl-ttf2.0-2.0.11/Xcode/Frameworks/FreeType.framework/Versions/Current/Headers/freetype/ftimage.h
Examining data/sdl-ttf2.0-2.0.11/Xcode/Frameworks/FreeType.framework/Versions/Current/Headers/freetype/ftincrem.h
Examining data/sdl-ttf2.0-2.0.11/Xcode/Frameworks/FreeType.framework/Versions/Current/Headers/freetype/ftlcdfil.h
Examining data/sdl-ttf2.0-2.0.11/Xcode/Frameworks/FreeType.framework/Versions/Current/Headers/freetype/ftlist.h
Examining data/sdl-ttf2.0-2.0.11/Xcode/Frameworks/FreeType.framework/Versions/Current/Headers/freetype/ftlzw.h
Examining data/sdl-ttf2.0-2.0.11/Xcode/Frameworks/FreeType.framework/Versions/Current/Headers/freetype/ftmac.h
Examining data/sdl-ttf2.0-2.0.11/Xcode/Frameworks/FreeType.framework/Versions/Current/Headers/freetype/ftmm.h
Examining data/sdl-ttf2.0-2.0.11/Xcode/Frameworks/FreeType.framework/Versions/Current/Headers/freetype/ftmodapi.h
Examining data/sdl-ttf2.0-2.0.11/Xcode/Frameworks/FreeType.framework/Versions/Current/Headers/freetype/ftmoderr.h
Examining data/sdl-ttf2.0-2.0.11/Xcode/Frameworks/FreeType.framework/Versions/Current/Headers/freetype/ftotval.h
Examining data/sdl-ttf2.0-2.0.11/Xcode/Frameworks/FreeType.framework/Versions/Current/Headers/freetype/ftoutln.h
Examining data/sdl-ttf2.0-2.0.11/Xcode/Frameworks/FreeType.framework/Versions/Current/Headers/freetype/ftpfr.h
Examining data/sdl-ttf2.0-2.0.11/Xcode/Frameworks/FreeType.framework/Versions/Current/Headers/freetype/ftrender.h
Examining data/sdl-ttf2.0-2.0.11/Xcode/Frameworks/FreeType.framework/Versions/Current/Headers/freetype/ftsizes.h
Examining data/sdl-ttf2.0-2.0.11/Xcode/Frameworks/FreeType.framework/Versions/Current/Headers/freetype/ftsnames.h
Examining data/sdl-ttf2.0-2.0.11/Xcode/Frameworks/FreeType.framework/Versions/Current/Headers/freetype/ftstroke.h
Examining data/sdl-ttf2.0-2.0.11/Xcode/Frameworks/FreeType.framework/Versions/Current/Headers/freetype/ftsynth.h
Examining data/sdl-ttf2.0-2.0.11/Xcode/Frameworks/FreeType.framework/Versions/Current/Headers/freetype/ftsystem.h
Examining data/sdl-ttf2.0-2.0.11/Xcode/Frameworks/FreeType.framework/Versions/Current/Headers/freetype/fttrigon.h
Examining data/sdl-ttf2.0-2.0.11/Xcode/Frameworks/FreeType.framework/Versions/Current/Headers/freetype/fttypes.h
Examining data/sdl-ttf2.0-2.0.11/Xcode/Frameworks/FreeType.framework/Versions/Current/Headers/freetype/ftwinfnt.h
Examining data/sdl-ttf2.0-2.0.11/Xcode/Frameworks/FreeType.framework/Versions/Current/Headers/freetype/ftxf86.h
Examining data/sdl-ttf2.0-2.0.11/Xcode/Frameworks/FreeType.framework/Versions/Current/Headers/freetype/t1tables.h
Examining data/sdl-ttf2.0-2.0.11/Xcode/Frameworks/FreeType.framework/Versions/Current/Headers/freetype/ttnameid.h
Examining data/sdl-ttf2.0-2.0.11/Xcode/Frameworks/FreeType.framework/Versions/Current/Headers/freetype/tttables.h
Examining data/sdl-ttf2.0-2.0.11/Xcode/Frameworks/FreeType.framework/Versions/Current/Headers/freetype/tttags.h
Examining data/sdl-ttf2.0-2.0.11/Xcode/Frameworks/FreeType.framework/Versions/Current/Headers/freetype/ttunpat.h
Examining data/sdl-ttf2.0-2.0.11/Xcode/Frameworks/FreeType.framework/Versions/Current/Headers/ft2build.h
Examining data/sdl-ttf2.0-2.0.11/Xcode/glfont/SDLMain.h
Examining data/sdl-ttf2.0-2.0.11/Xcode/showfont/SDLMain.h
Examining data/sdl-ttf2.0-2.0.11/SDL_ttf.c
FINAL RESULTS:
data/sdl-ttf2.0-2.0.11/SDL_ttf.c:331:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buffer, "%s: %s", msg, err_msg);
data/sdl-ttf2.0-2.0.11/VisualC/external/include/freetype/config/ftstdlib.h:84:21: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
#define ft_strcat strcat
data/sdl-ttf2.0-2.0.11/VisualC/external/include/freetype/config/ftstdlib.h:86:21: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
#define ft_strcpy strcpy
data/sdl-ttf2.0-2.0.11/VisualC/external/include/freetype/config/ftstdlib.h:109:21: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
#define ft_sprintf sprintf
data/sdl-ttf2.0-2.0.11/Xcode/Frameworks/FreeType.framework/Headers/freetype/config/ftstdlib.h:84:21: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
#define ft_strcat strcat
data/sdl-ttf2.0-2.0.11/Xcode/Frameworks/FreeType.framework/Headers/freetype/config/ftstdlib.h:86:21: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
#define ft_strcpy strcpy
data/sdl-ttf2.0-2.0.11/Xcode/Frameworks/FreeType.framework/Headers/freetype/config/ftstdlib.h:109:21: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
#define ft_sprintf sprintf
data/sdl-ttf2.0-2.0.11/Xcode/Frameworks/FreeType.framework/Versions/A/Headers/freetype/config/ftstdlib.h:84:21: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
#define ft_strcat strcat
data/sdl-ttf2.0-2.0.11/Xcode/Frameworks/FreeType.framework/Versions/A/Headers/freetype/config/ftstdlib.h:86:21: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
#define ft_strcpy strcpy
data/sdl-ttf2.0-2.0.11/Xcode/Frameworks/FreeType.framework/Versions/A/Headers/freetype/config/ftstdlib.h:109:21: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
#define ft_sprintf sprintf
data/sdl-ttf2.0-2.0.11/Xcode/Frameworks/FreeType.framework/Versions/Current/Headers/freetype/config/ftstdlib.h:84:21: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
#define ft_strcat strcat
data/sdl-ttf2.0-2.0.11/Xcode/Frameworks/FreeType.framework/Versions/Current/Headers/freetype/config/ftstdlib.h:86:21: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
#define ft_strcpy strcpy
data/sdl-ttf2.0-2.0.11/Xcode/Frameworks/FreeType.framework/Versions/Current/Headers/freetype/config/ftstdlib.h:109:21: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
#define ft_sprintf sprintf
data/sdl-ttf2.0-2.0.11/glfont.c:260:5: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stderr, Usage, argv0);
data/sdl-ttf2.0-2.0.11/glfont.c:270:5: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stderr, Usage, argv0);
data/sdl-ttf2.0-2.0.11/glfont.c:277:4: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stderr, Usage, argv0);
data/sdl-ttf2.0-2.0.11/glfont.c:286:3: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stderr, Usage, argv0);
data/sdl-ttf2.0-2.0.11/showfont.c:114:5: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stderr, Usage, argv0);
data/sdl-ttf2.0-2.0.11/showfont.c:136:5: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stderr, Usage, argv0);
data/sdl-ttf2.0-2.0.11/showfont.c:146:5: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stderr, Usage, argv0);
data/sdl-ttf2.0-2.0.11/showfont.c:153:4: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stderr, Usage, argv0);
data/sdl-ttf2.0-2.0.11/showfont.c:162:3: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stderr, Usage, argv0);
data/sdl-ttf2.0-2.0.11/showfont.c:242:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(string, "Font file: %s", argv[0]); /* possible overflow */
data/sdl-ttf2.0-2.0.11/SDL_ttf.c:319:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[1024];
data/sdl-ttf2.0-2.0.11/SDL_ttf.c:690:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( dst, src, sizeof( *dst ) );
data/sdl-ttf2.0-2.0.11/SDL_ttf.c:837:6: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(dst->buffer+doffset,
data/sdl-ttf2.0-2.0.11/SDL_ttf.c:928:33: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unicode[i] = ((const unsigned char *)text)[i];
data/sdl-ttf2.0-2.0.11/SDL_ttf.c:941:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
ch = ((const unsigned char *)utf8)[i];
data/sdl-ttf2.0-2.0.11/SDL_ttf.c:1480:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( dst, src, glyph->bitmap.width );
data/sdl-ttf2.0-2.0.11/SDL_ttf.c:1756:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( dst, src, glyph->pixmap.width );
data/sdl-ttf2.0-2.0.11/VisualC/external/include/freetype/config/ftstdlib.h:81:21: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
#define ft_memcpy memcpy
data/sdl-ttf2.0-2.0.11/VisualC/external/include/freetype/config/ftstdlib.h:105:21: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
#define ft_fopen fopen
data/sdl-ttf2.0-2.0.11/VisualC/external/include/freetype/config/ftstdlib.h:144:19: [2] (integer) atol:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
#define ft_atol atol
data/sdl-ttf2.0-2.0.11/VisualC/external/include/freetype/ftstroke.h:374:40: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FT_Bool open );
data/sdl-ttf2.0-2.0.11/Xcode/Frameworks/FreeType.framework/Headers/freetype/config/ftstdlib.h:81:21: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
#define ft_memcpy memcpy
data/sdl-ttf2.0-2.0.11/Xcode/Frameworks/FreeType.framework/Headers/freetype/config/ftstdlib.h:105:21: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
#define ft_fopen fopen
data/sdl-ttf2.0-2.0.11/Xcode/Frameworks/FreeType.framework/Headers/freetype/config/ftstdlib.h:144:19: [2] (integer) atol:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
#define ft_atol atol
data/sdl-ttf2.0-2.0.11/Xcode/Frameworks/FreeType.framework/Headers/freetype/ftstroke.h:374:40: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FT_Bool open );
data/sdl-ttf2.0-2.0.11/Xcode/Frameworks/FreeType.framework/Versions/A/Headers/freetype/config/ftstdlib.h:81:21: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
#define ft_memcpy memcpy
data/sdl-ttf2.0-2.0.11/Xcode/Frameworks/FreeType.framework/Versions/A/Headers/freetype/config/ftstdlib.h:105:21: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
#define ft_fopen fopen
data/sdl-ttf2.0-2.0.11/Xcode/Frameworks/FreeType.framework/Versions/A/Headers/freetype/config/ftstdlib.h:144:19: [2] (integer) atol:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
#define ft_atol atol
data/sdl-ttf2.0-2.0.11/Xcode/Frameworks/FreeType.framework/Versions/A/Headers/freetype/ftstroke.h:374:40: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FT_Bool open );
data/sdl-ttf2.0-2.0.11/Xcode/Frameworks/FreeType.framework/Versions/Current/Headers/freetype/config/ftstdlib.h:81:21: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
#define ft_memcpy memcpy
data/sdl-ttf2.0-2.0.11/Xcode/Frameworks/FreeType.framework/Versions/Current/Headers/freetype/config/ftstdlib.h:105:21: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
#define ft_fopen fopen
data/sdl-ttf2.0-2.0.11/Xcode/Frameworks/FreeType.framework/Versions/Current/Headers/freetype/config/ftstdlib.h:144:19: [2] (integer) atol:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
#define ft_atol atol
data/sdl-ttf2.0-2.0.11/Xcode/Frameworks/FreeType.framework/Versions/Current/Headers/freetype/ftstroke.h:374:40: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FT_Bool open );
data/sdl-ttf2.0-2.0.11/glfont.c:306:12: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
ptsize = atoi(argv[1]);
data/sdl-ttf2.0-2.0.11/glfont.c:329:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char outname[64];
data/sdl-ttf2.0-2.0.11/glfont.c:330:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( outname, "glyph-%d.bmp", i );
data/sdl-ttf2.0-2.0.11/showfont.c:76:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *message, string[128];
data/sdl-ttf2.0-2.0.11/showfont.c:182:12: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
ptsize = atoi(argv[1]);
data/sdl-ttf2.0-2.0.11/showfont.c:208:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char outname[64];
data/sdl-ttf2.0-2.0.11/showfont.c:209:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf( outname, "glyph-%d.bmp", i );
data/sdl-ttf2.0-2.0.11/SDL_ttf.c:1061:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
unicode_len = strlen(text);
data/sdl-ttf2.0-2.0.11/SDL_ttf.c:1085:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
unicode_len = strlen(text);
data/sdl-ttf2.0-2.0.11/SDL_ttf.c:1249:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
unicode_len = strlen(text);
data/sdl-ttf2.0-2.0.11/SDL_ttf.c:1276:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
unicode_len = strlen(text);
data/sdl-ttf2.0-2.0.11/SDL_ttf.c:1510:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
unicode_len = strlen(text);
data/sdl-ttf2.0-2.0.11/SDL_ttf.c:1537:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
unicode_len = strlen(text);
data/sdl-ttf2.0-2.0.11/SDL_ttf.c:1785:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
unicode_len = strlen(text);
data/sdl-ttf2.0-2.0.11/SDL_ttf.c:1812:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
unicode_len = strlen(text);
data/sdl-ttf2.0-2.0.11/VisualC/external/include/freetype/config/ftstdlib.h:87:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
#define ft_strlen strlen
data/sdl-ttf2.0-2.0.11/VisualC/external/include/freetype/config/ftstdlib.h:89:21: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
#define ft_strncpy strncpy
data/sdl-ttf2.0-2.0.11/VisualC/external/include/freetype/ftsystem.h:329:26: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
FT_Stream_IoFunc read;
data/sdl-ttf2.0-2.0.11/Xcode/Frameworks/FreeType.framework/Headers/freetype/config/ftstdlib.h:87:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
#define ft_strlen strlen
data/sdl-ttf2.0-2.0.11/Xcode/Frameworks/FreeType.framework/Headers/freetype/config/ftstdlib.h:89:21: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
#define ft_strncpy strncpy
data/sdl-ttf2.0-2.0.11/Xcode/Frameworks/FreeType.framework/Headers/freetype/ftsystem.h:329:26: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
FT_Stream_IoFunc read;
data/sdl-ttf2.0-2.0.11/Xcode/Frameworks/FreeType.framework/Versions/A/Headers/freetype/config/ftstdlib.h:87:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
#define ft_strlen strlen
data/sdl-ttf2.0-2.0.11/Xcode/Frameworks/FreeType.framework/Versions/A/Headers/freetype/config/ftstdlib.h:89:21: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
#define ft_strncpy strncpy
data/sdl-ttf2.0-2.0.11/Xcode/Frameworks/FreeType.framework/Versions/A/Headers/freetype/ftsystem.h:329:26: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
FT_Stream_IoFunc read;
data/sdl-ttf2.0-2.0.11/Xcode/Frameworks/FreeType.framework/Versions/Current/Headers/freetype/config/ftstdlib.h:87:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
#define ft_strlen strlen
data/sdl-ttf2.0-2.0.11/Xcode/Frameworks/FreeType.framework/Versions/Current/Headers/freetype/config/ftstdlib.h:89:21: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
#define ft_strncpy strncpy
data/sdl-ttf2.0-2.0.11/Xcode/Frameworks/FreeType.framework/Versions/Current/Headers/freetype/ftsystem.h:329:26: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
FT_Stream_IoFunc read;
data/sdl-ttf2.0-2.0.11/showfont.c:290:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t from_sz = strlen(message) + 1;
ANALYSIS SUMMARY:
Hits = 74
Lines analyzed = 85606 in approximately 2.33 seconds (36761 lines/second)
Physical Source Lines of Code (SLOC) = 18486
Hits@level = [0] 32 [1] 21 [2] 30 [3] 0 [4] 23 [5] 0
Hits@level+ = [0+] 106 [1+] 74 [2+] 53 [3+] 23 [4+] 23 [5+] 0
Hits/KSLOC@level+ = [0+] 5.73407 [1+] 4.00303 [2+] 2.86703 [3+] 1.24418 [4+] 1.24418 [5+] 0
Dot directories skipped = 1 (--followdotdir overrides)
Minimum risk level = 1
Not every hit is necessarily a security vulnerability.
There may be other security vulnerabilities; review your code!
See 'Secure Programming HOWTO'
(https://dwheeler.com/secure-programs) for more information.