Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler.
Number of rules (primarily dangerous function names) in C/C++ ruleset: 223
Examining data/stlcmd-1.1/src/csgjs/CSG.cpp
Examining data/stlcmd-1.1/src/csgjs/CSG.h
Examining data/stlcmd-1.1/src/csgjs/Trees.cpp
Examining data/stlcmd-1.1/src/csgjs/Trees.h
Examining data/stlcmd-1.1/src/csgjs/constants.h
Examining data/stlcmd-1.1/src/csgjs/math/HashKeys.cpp
Examining data/stlcmd-1.1/src/csgjs/math/HashKeys.h
Examining data/stlcmd-1.1/src/csgjs/math/Line3.cpp
Examining data/stlcmd-1.1/src/csgjs/math/Line3.h
Examining data/stlcmd-1.1/src/csgjs/math/Matrix4x4.cpp
Examining data/stlcmd-1.1/src/csgjs/math/Matrix4x4.h
Examining data/stlcmd-1.1/src/csgjs/math/Plane.h
Examining data/stlcmd-1.1/src/csgjs/math/Polygon3.cpp
Examining data/stlcmd-1.1/src/csgjs/math/Polygon3.h
Examining data/stlcmd-1.1/src/csgjs/math/Vector3.cpp
Examining data/stlcmd-1.1/src/csgjs/math/Vector3.h
Examining data/stlcmd-1.1/src/csgjs/math/Vertex3.h
Examining data/stlcmd-1.1/src/csgjs/util.cpp
Examining data/stlcmd-1.1/src/csgjs/util.h
Examining data/stlcmd-1.1/src/stl_bbox.cpp
Examining data/stlcmd-1.1/src/stl_boolean.cpp
Examining data/stlcmd-1.1/src/stl_borders.cpp
Examining data/stlcmd-1.1/src/stl_cone.cpp
Examining data/stlcmd-1.1/src/stl_convex.cpp
Examining data/stlcmd-1.1/src/stl_count.cpp
Examining data/stlcmd-1.1/src/stl_cube.cpp
Examining data/stlcmd-1.1/src/stl_cylinder.cpp
Examining data/stlcmd-1.1/src/stl_empty.cpp
Examining data/stlcmd-1.1/src/stl_header.cpp
Examining data/stlcmd-1.1/src/stl_merge.cpp
Examining data/stlcmd-1.1/src/stl_normals.cpp
Examining data/stlcmd-1.1/src/stl_sphere.cpp
Examining data/stlcmd-1.1/src/stl_spreadsheet.cpp
Examining data/stlcmd-1.1/src/stl_threads.cpp
Examining data/stlcmd-1.1/src/stl_torus.cpp
Examining data/stlcmd-1.1/src/stl_transform.cpp
Examining data/stlcmd-1.1/src/stl_util.h
FINAL RESULTS:
data/stlcmd-1.1/src/stl_boolean.cpp:59:16: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while((c = getopt(argc, argv, "a:b:iud")) != -1) {
data/stlcmd-1.1/src/stl_borders.cpp:122:16: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while((c = getopt(argc, argv, "")) != -1) {
data/stlcmd-1.1/src/stl_cone.cpp:53:16: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while((c = getopt(argc, argv, "r:h:s:t:")) != -1) {
data/stlcmd-1.1/src/stl_convex.cpp:125:16: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while((c = getopt(argc, argv, "v")) != -1) {
data/stlcmd-1.1/src/stl_cube.cpp:50:16: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while((c = getopt(argc, argv, "w:")) != -1) {
data/stlcmd-1.1/src/stl_cylinder.cpp:52:16: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while((c = getopt(argc, argv, "r:h:s:")) != -1) {
data/stlcmd-1.1/src/stl_header.cpp:52:16: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while((c = getopt(argc, argv, "s:o:")) != -1) {
data/stlcmd-1.1/src/stl_merge.cpp:51:16: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while((c = getopt(argc, argv, "o:")) != -1) {
data/stlcmd-1.1/src/stl_normals.cpp:60:16: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while((c = getopt(argc, argv, "vcr")) != -1) {
data/stlcmd-1.1/src/stl_sphere.cpp:52:16: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while((c = getopt(argc, argv, "r:s:t:")) != -1) {
data/stlcmd-1.1/src/stl_threads.cpp:355:16: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while((c = getopt(argc, argv, "fP:D:a:h:s:o:")) != -1) {
data/stlcmd-1.1/src/stl_torus.cpp:57:16: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while((c = getopt(argc, argv, "i:o:s:c:")) != -1) {
data/stlcmd-1.1/src/csgjs/util.cpp:20:9: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
f = fopen(filename, "rb");
data/stlcmd-1.1/src/csgjs/util.cpp:57:18: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE *outf = fopen(filename, "wb");
data/stlcmd-1.1/src/csgjs/util.cpp:62:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char header[81] = {0};
data/stlcmd-1.1/src/stl_bbox.cpp:54:9: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
f = fopen(file, "rb");
data/stlcmd-1.1/src/stl_borders.cpp:141:13: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
f = fopen(file, "rb");
data/stlcmd-1.1/src/stl_cone.cpp:65:28: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
segments = atoi(optarg);
data/stlcmd-1.1/src/stl_cone.cpp:84:16: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
outf = fopen(file, "wb");
data/stlcmd-1.1/src/stl_cone.cpp:93:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char header[81] = {0};
data/stlcmd-1.1/src/stl_convex.cpp:147:13: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
f = fopen(file, "rb");
data/stlcmd-1.1/src/stl_count.cpp:51:13: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
f = fopen(filename, "r+b");
data/stlcmd-1.1/src/stl_cube.cpp:72:16: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
outf = fopen(file, "wb");
data/stlcmd-1.1/src/stl_cube.cpp:81:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char header[81] = {0};
data/stlcmd-1.1/src/stl_cylinder.cpp:62:28: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
segments = atoi(optarg);
data/stlcmd-1.1/src/stl_cylinder.cpp:81:16: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
outf = fopen(file, "wb");
data/stlcmd-1.1/src/stl_cylinder.cpp:90:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char header[81] = {0};
data/stlcmd-1.1/src/stl_empty.cpp:52:12: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
outf = fopen(file, "wb");
data/stlcmd-1.1/src/stl_empty.cpp:58:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char header[81] = {0};
data/stlcmd-1.1/src/stl_header.cpp:75:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char header[80];
data/stlcmd-1.1/src/stl_header.cpp:83:9: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
f = fopen(filename, "r+b");
data/stlcmd-1.1/src/stl_header.cpp:92:16: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
outf = fopen(out_file, "wb");
data/stlcmd-1.1/src/stl_header.cpp:100:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[BUFFER_SIZE];
data/stlcmd-1.1/src/stl_merge.cpp:74:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[100];
data/stlcmd-1.1/src/stl_merge.cpp:84:13: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
f = fopen(file, "rb");
data/stlcmd-1.1/src/stl_merge.cpp:102:16: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
outf = fopen(out_file, "wb");
data/stlcmd-1.1/src/stl_merge.cpp:104:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[100];
data/stlcmd-1.1/src/stl_merge.cpp:115:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char header[81] = {0}; // include an extra char for terminating \0 of snprintf
data/stlcmd-1.1/src/stl_merge.cpp:116:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char base1[50];
data/stlcmd-1.1/src/stl_merge.cpp:117:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char base2[50];
data/stlcmd-1.1/src/stl_merge.cpp:123:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[BUFFER_SIZE];
data/stlcmd-1.1/src/stl_merge.cpp:128:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[100];
data/stlcmd-1.1/src/stl_merge.cpp:132:13: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
f = fopen(file, "rb");
data/stlcmd-1.1/src/stl_normals.cpp:91:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[100];
data/stlcmd-1.1/src/stl_normals.cpp:99:15: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
inf = fopen(in_file, "rb");
data/stlcmd-1.1/src/stl_normals.cpp:111:20: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
outf = fopen(out_file, "wb");
data/stlcmd-1.1/src/stl_normals.cpp:125:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char header[80] = {0};
data/stlcmd-1.1/src/stl_sphere.cpp:58:30: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
s_segments = atoi(optarg);
data/stlcmd-1.1/src/stl_sphere.cpp:61:30: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
s_segments = atoi(optarg);
data/stlcmd-1.1/src/stl_sphere.cpp:93:16: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
outf = fopen(file, "wb");
data/stlcmd-1.1/src/stl_sphere.cpp:102:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char header[81] = {0};
data/stlcmd-1.1/src/stl_spreadsheet.cpp:57:9: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
f = fopen(file, "rb");
data/stlcmd-1.1/src/stl_threads.cpp:373:28: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
segments = atoi(optarg);
data/stlcmd-1.1/src/stl_threads.cpp:398:12: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
outf = fopen(file, "wb");
data/stlcmd-1.1/src/stl_threads.cpp:404:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char header[81] = {0};
data/stlcmd-1.1/src/stl_torus.cpp:66:28: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
segments = atoi(optarg);
data/stlcmd-1.1/src/stl_torus.cpp:69:33: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
minorSegments = atoi(optarg);
data/stlcmd-1.1/src/stl_torus.cpp:93:16: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
outf = fopen(file, "wb");
data/stlcmd-1.1/src/stl_torus.cpp:102:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char header[81] = {0};
data/stlcmd-1.1/src/stl_transform.cpp:231:9: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
f = fopen(file, "rb");
data/stlcmd-1.1/src/stl_transform.cpp:237:12: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
outf = fopen(outfile, "wb");
data/stlcmd-1.1/src/stl_transform.cpp:249:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char header[81] = {0}; // include an extra char for terminating \0 of snprintf
data/stlcmd-1.1/src/stl_util.h:36:9: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
f = fopen(filename, "rb");
data/stlcmd-1.1/src/stl_count.cpp:72:35: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
while(bights_read < 80 && getc(stdin) != EOF) {
data/stlcmd-1.1/src/stl_count.cpp:86:39: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
while(bights_read < 4 && (c = getc(stdin)) != EOF) {
data/stlcmd-1.1/src/stl_count.cpp:99:44: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
while(bights_read < num_tris*16 && getc(stdin) != EOF) {
data/stlcmd-1.1/src/stl_header.cpp:90:9: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(header, set_header, 80);
data/stlcmd-1.1/src/stl_header.cpp:109:9: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(header, set_header, 80);
ANALYSIS SUMMARY:
Hits = 68
Lines analyzed = 6688 in approximately 0.19 seconds (35847 lines/second)
Physical Source Lines of Code (SLOC) = 4998
Hits@level = [0] 192 [1] 5 [2] 51 [3] 12 [4] 0 [5] 0
Hits@level+ = [0+] 260 [1+] 68 [2+] 63 [3+] 12 [4+] 0 [5+] 0
Hits/KSLOC@level+ = [0+] 52.0208 [1+] 13.6054 [2+] 12.605 [3+] 2.40096 [4+] 0 [5+] 0
Dot directories skipped = 1 (--followdotdir overrides)
Minimum risk level = 1
Not every hit is necessarily a security vulnerability.
There may be other security vulnerabilities; review your code!
See 'Secure Programming HOWTO'
(https://dwheeler.com/secure-programs) for more information.