Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler.
Number of rules (primarily dangerous function names) in C/C++ ruleset: 223
Examining data/taglib-extras-1.0.1/taglib-extras/rmff/rmff.cpp
Examining data/taglib-extras-1.0.1/taglib-extras/rmff/realmediafile.h
Examining data/taglib-extras-1.0.1/taglib-extras/rmff/realmediafiletyperesolver.h
Examining data/taglib-extras-1.0.1/taglib-extras/rmff/realmediafile.cpp
Examining data/taglib-extras-1.0.1/taglib-extras/rmff/rmff.h
Examining data/taglib-extras-1.0.1/taglib-extras/rmff/realmediafiletyperesolver.cpp
Examining data/taglib-extras-1.0.1/taglib-extras/tplugins.h
Examining data/taglib-extras-1.0.1/taglib-extras/tplugins.cpp
Examining data/taglib-extras-1.0.1/taglib-extras/taglib-extras_export.h
Examining data/taglib-extras-1.0.1/taglib-extras/tfile_helper.cpp
Examining data/taglib-extras-1.0.1/taglib-extras/audible/audiblefiletyperesolver.h
Examining data/taglib-extras-1.0.1/taglib-extras/audible/audiblefile.cpp
Examining data/taglib-extras-1.0.1/taglib-extras/audible/audiblefiletyperesolver.cpp
Examining data/taglib-extras-1.0.1/taglib-extras/audible/audibleproperties.h
Examining data/taglib-extras-1.0.1/taglib-extras/audible/audibleproperties.cpp
Examining data/taglib-extras-1.0.1/taglib-extras/audible/audibletag.cpp
Examining data/taglib-extras-1.0.1/taglib-extras/audible/audibletag.h
Examining data/taglib-extras-1.0.1/taglib-extras/audible/audiblefile.h
Examining data/taglib-extras-1.0.1/taglib-extras/tfile_helper.h
FINAL RESULTS:
data/taglib-extras-1.0.1/taglib-extras/rmff/rmff.cpp:871:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(name, nam);
data/taglib-extras-1.0.1/taglib-extras/rmff/rmff.cpp:916:7: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(name, (char *)props->name);
data/taglib-extras-1.0.1/taglib-extras/audible/audibletag.cpp:78:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[1023];
data/taglib-extras-1.0.1/taglib-extras/rmff/rmff.cpp:53:28: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
#define UNPACK4(a, buf, i) memcpy((void *)&a, (void *) &buf[i], 4),i+=4,a=ntohl(a)
data/taglib-extras-1.0.1/taglib-extras/rmff/rmff.cpp:54:28: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
#define UNPACK2(a, buf, i) memcpy((void *)&a, (void *) &buf[i], 2),i+=2,a=ntohs(a)
data/taglib-extras-1.0.1/taglib-extras/rmff/rmff.cpp:153:11: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
m_fd = open(m_filename, O_RDONLY);
data/taglib-extras-1.0.1/taglib-extras/rmff/rmff.cpp:195:11: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
m_fd = open(m_filename, O_RDONLY);
data/taglib-extras-1.0.1/taglib-extras/rmff/rmff.cpp:256:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buf[65536];
data/taglib-extras-1.0.1/taglib-extras/rmff/rmff.cpp:289:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char oid[5];
data/taglib-extras-1.0.1/taglib-extras/rmff/rmff.cpp:290:10: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((void *)oid, (void *)&object_id, 4);
data/taglib-extras-1.0.1/taglib-extras/rmff/rmff.cpp:338:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((void *)&fourcc, buf, 4); i+=4;
data/taglib-extras-1.0.1/taglib-extras/rmff/rmff.cpp:451:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(media_hdr->stream_name, &buf[i], media_hdr->stream_name_size);
data/taglib-extras-1.0.1/taglib-extras/rmff/rmff.cpp:455:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(media_hdr->mime_type, &buf[i], media_hdr->mime_type_size);
data/taglib-extras-1.0.1/taglib-extras/rmff/rmff.cpp:461:10: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(media_hdr->type_specific_data, &buf[i], media_hdr->type_specific_len);
data/taglib-extras-1.0.1/taglib-extras/rmff/rmff.cpp:508:28: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((void *)media_hdr->lstr->properties[j].name, (void *)&buf[i],
data/taglib-extras-1.0.1/taglib-extras/rmff/rmff.cpp:519:28: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((void *)media_hdr->lstr->properties[j].value_data, (void *)&buf[i],
data/taglib-extras-1.0.1/taglib-extras/rmff/rmff.cpp:560:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((void *)cont->title, (void *)&buf[i], cont->title_len); i+=cont->title_len;
data/taglib-extras-1.0.1/taglib-extras/rmff/rmff.cpp:566:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((void *)cont->author, (void *)&buf[i], cont->author_len); i+=cont->author_len;
data/taglib-extras-1.0.1/taglib-extras/rmff/rmff.cpp:572:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((void *)cont->copyright, (void *)&buf[i], cont->copyright_len); i+=cont->copyright_len;
data/taglib-extras-1.0.1/taglib-extras/rmff/rmff.cpp:578:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((void *)cont->comment, (void *)&buf[i], cont->comment_len); i+=cont->comment_len;
data/taglib-extras-1.0.1/taglib-extras/rmff/rmff.cpp:598:16: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buf[255];
data/taglib-extras-1.0.1/taglib-extras/rmff/rmff.cpp:638:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((void *)props->name, (void *)&buf[i], props->name_length);
data/taglib-extras-1.0.1/taglib-extras/rmff/rmff.cpp:645:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( (void *) props->value, (void *)&buf[i], props->value_length );
data/taglib-extras-1.0.1/taglib-extras/rmff/rmff.cpp:691:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buf[65536];
data/taglib-extras-1.0.1/taglib-extras/rmff/rmff.cpp:694:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((void *)&object_id, "RMMD", 4);
data/taglib-extras-1.0.1/taglib-extras/rmff/rmff.cpp:712:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((void *)&m_md->object_id, (void *)&buf[i], 4); i+=4;
data/taglib-extras-1.0.1/taglib-extras/rmff/rmff.cpp:732:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char object_id[5];
data/taglib-extras-1.0.1/taglib-extras/rmff/rmff.cpp:750:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char object_id[5];
data/taglib-extras-1.0.1/taglib-extras/rmff/rmff.cpp:779:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char object_id[5];
data/taglib-extras-1.0.1/taglib-extras/rmff/rmff.cpp:836:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char object_id[5];
data/taglib-extras-1.0.1/taglib-extras/rmff/rmff.cpp:869:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[8192];
data/taglib-extras-1.0.1/taglib-extras/rmff/rmff.cpp:935:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[8192];
data/taglib-extras-1.0.1/taglib-extras/rmff/rmff.cpp:936:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char oid[5];
data/taglib-extras-1.0.1/taglib-extras/rmff/rmff.cpp:938:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((void *)oid, (void *)&m_md->s.object_id, 4);
data/taglib-extras-1.0.1/taglib-extras/tfile_helper.h:41:11: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
: fopen(filename, mode))
data/taglib-extras-1.0.1/taglib-extras/tfile_helper.h:56:40: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
#define TagLibOpenFile(filename, mode) fopen(filename, mode)
data/taglib-extras-1.0.1/taglib-extras/audible/audiblefile.cpp:59:9: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
read(readProperties, propertiesStyle );
data/taglib-extras-1.0.1/taglib-extras/audible/audiblefile.cpp:100:21: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
void Audible::File::read(bool readProperties, Properties::ReadStyle propertiesStyle)
data/taglib-extras-1.0.1/taglib-extras/audible/audiblefile.h:74:22: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
void read(bool readProperties, Properties::ReadStyle propertiesStyle);
data/taglib-extras-1.0.1/taglib-extras/audible/audibleproperties.h:79:22: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
void read();
data/taglib-extras-1.0.1/taglib-extras/audible/audibletag.cpp:82:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ( fread(buf, strlen("product_id"), 1, fp) != 1 )
data/taglib-extras-1.0.1/taglib-extras/audible/audibletag.cpp:85:34: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if(memcmp(buf, "product_id", strlen("product_id")))
data/taglib-extras-1.0.1/taglib-extras/rmff/rmff.cpp:331:19: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if ( (nbytes = read(m_fd, (void *) buf, RMFF_HDR_SIZE)) != RMFF_HDR_SIZE )
data/taglib-extras-1.0.1/taglib-extras/rmff/rmff.cpp:364:19: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if ( (nbytes = read(m_fd, (void *) &buf[i], readamount > (int)sz - i ? (int)sz - i : readamount )) != readamount )
data/taglib-extras-1.0.1/taglib-extras/rmff/rmff.cpp:736:7: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(object_id, (const char *)&m_hdr->s.object_id, 4);
data/taglib-extras-1.0.1/taglib-extras/rmff/rmff.cpp:754:7: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(object_id, (const char *)&m_props->s.object_id, 4);
data/taglib-extras-1.0.1/taglib-extras/rmff/rmff.cpp:784:7: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(object_id, (const char *)&media_hdr->s.object_id, 4);
data/taglib-extras-1.0.1/taglib-extras/rmff/rmff.cpp:840:7: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(object_id, (const char *)&m_contenthdr->s.object_id, 4);
data/taglib-extras-1.0.1/taglib-extras/rmff/rmff.cpp:917:7: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(name, "/");
data/taglib-extras-1.0.1/taglib-extras/rmff/rmff.cpp:948:4: [1] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant character.
strcpy(name, "");
ANALYSIS SUMMARY:
Hits = 50
Lines analyzed = 3004 in approximately 0.09 seconds (31896 lines/second)
Physical Source Lines of Code (SLOC) = 1882
Hits@level = [0] 8 [1] 14 [2] 34 [3] 0 [4] 2 [5] 0
Hits@level+ = [0+] 58 [1+] 50 [2+] 36 [3+] 2 [4+] 2 [5+] 0
Hits/KSLOC@level+ = [0+] 30.8183 [1+] 26.5675 [2+] 19.1286 [3+] 1.0627 [4+] 1.0627 [5+] 0
Dot directories skipped = 1 (--followdotdir overrides)
Minimum risk level = 1
Not every hit is necessarily a security vulnerability.
There may be other security vulnerabilities; review your code!
See 'Secure Programming HOWTO'
(https://dwheeler.com/secure-programs) for more information.