Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler. Number of rules (primarily dangerous function names) in C/C++ ruleset: 223 Examining data/unifont-13.0.04/src/unihex2bmp.c Examining data/unifont-13.0.04/src/unigencircles.c Examining data/unifont-13.0.04/src/unibmp2hex.c Examining data/unifont-13.0.04/src/unifontpic.c Examining data/unifont-13.0.04/src/unicoverage.c Examining data/unifont-13.0.04/src/unidup.c Examining data/unifont-13.0.04/src/unipagecount.c Examining data/unifont-13.0.04/src/unibdf2hex.c Examining data/unifont-13.0.04/src/unifont1per.c Examining data/unifont-13.0.04/src/unibmpbump.c Examining data/unifont-13.0.04/src/unigenwidth.c Examining data/unifont-13.0.04/src/unifontpic.h Examining data/unifont-13.0.04/src/unihexgen.c FINAL RESULTS: data/unifont-13.0.04/src/unifont1per.c:115:7: [4] (buffer) sscanf: The scanf() family's %s operation, without a limit specification, permits buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a different input function. sscanf (instring, "%X:%s", &code_point, glyph); data/unifont-13.0.04/src/unibdf2hex.c:43:4: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char inbuf[MAXBUF]; data/unifont-13.0.04/src/unibmp2hex.c:104:4: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char filetype[2]; data/unifont-13.0.04/src/unibmp2hex.c:121:10: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char color_table[256][4]; /* R, G, B, alpha for up to 256 colors */ data/unifont-13.0.04/src/unibmp2hex.c:131:4: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char header[MAXBUF]; /* input buffer for bitmap file header */ data/unifont-13.0.04/src/unibmp2hex.c:136:13: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char thischar1[16], thischar2[16]; /* bytes of hex char */ data/unifont-13.0.04/src/unibmp2hex.c:137:13: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char thischar0[16], thischar3[16]; /* bytes for quadruple-width */ data/unifont-13.0.04/src/unibmp2hex.c:144:13: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char bitmap[17*32][18*32/8]; /* final bitmap */ data/unifont-13.0.04/src/unibmp2hex.c:150:4: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char wide[0x200000]={0x200000 * 0}; data/unifont-13.0.04/src/unibmp2hex.c:194:19: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if ((infp = fopen (infile, "r")) == NULL) { data/unifont-13.0.04/src/unibmp2hex.c:203:20: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if ((outfp = fopen (outfile, "w")) == NULL) { data/unifont-13.0.04/src/unibmpbump.c:45:4: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char file_format[3]; /* "BM" for original Windows format */ data/unifont-13.0.04/src/unibmpbump.c:47:13: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char rsvd_hdr[4]; /* 4 reserved bytes */ data/unifont-13.0.04/src/unibmpbump.c:80:13: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char color_map[2][4]; /* two of R, G, B, and possibly alpha */ data/unifont-13.0.04/src/unibmpbump.c:100:4: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char *compression_type[MAX_COMPRESSION_METHOD + 1] = { data/unifont-13.0.04/src/unibmpbump.c:183:19: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if ((infp = fopen (infile, "r")) == NULL) { data/unifont-13.0.04/src/unibmpbump.c:192:20: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if ((outfp = fopen (outfile, "w")) == NULL) { data/unifont-13.0.04/src/unibmpbump.c:473:13: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char inchar[4]; data/unifont-13.0.04/src/unibmpbump.c:500:4: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char zero_pattern[16] = { data/unifont-13.0.04/src/unicoverage.c:57:4: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char inbuf[256]; /* input buffer */ data/unifont-13.0.04/src/unicoverage.c:64:4: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char coverstring[MAXBUF]; /* description of current coverage range */ data/unifont-13.0.04/src/unicoverage.c:68:22: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if ((coveragefp = fopen ("coverage.dat", "r")) == NULL) { data/unifont-13.0.04/src/unicoverage.c:97:19: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if ((infp = fopen (infile, "r")) == NULL) { data/unifont-13.0.04/src/unicoverage.c:106:20: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if ((outfp = fopen (outfile, "w")) == NULL) { data/unifont-13.0.04/src/unicoverage.c:170:11: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static char inbuf[MAXBUF]; data/unifont-13.0.04/src/unidup.c:39:4: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char inbuf[MAXBUF]; data/unifont-13.0.04/src/unidup.c:45:23: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if ((infilefp = fopen (infile, "r")) == NULL) { data/unifont-13.0.04/src/unifont1per.c:67:13: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char header [62] = { data/unifont-13.0.04/src/unifont1per.c:101:4: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char instring[MAXSTRING]; /* input string */ data/unifont-13.0.04/src/unifont1per.c:103:4: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char glyph[MAXSTRING]; /* bitmap string for this glyph */ data/unifont-13.0.04/src/unifont1per.c:106:4: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char filename[MAXFILENAME];/* name of current output file */ data/unifont-13.0.04/src/unifont1per.c:121:20: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if ((outfp = fopen (filename, "w")) != NULL) { data/unifont-13.0.04/src/unifontpic.c:79:4: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char instring[MAXSTRING]; data/unifont-13.0.04/src/unifontpic.c:102:19: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). dpi = atoi (&argv[i][2]); /* dots/inch specified on command line */ data/unifont-13.0.04/src/unifontpic.c:116:21: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). plane = atoi (&argv[i][2]); /* Unicode plane, 0..17 */ data/unifont-13.0.04/src/unifontpic.c:192:9: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. gethex (char *instring, int plane_array[0x10000][16], int plane) data/unifont-13.0.04/src/unifontpic.c:267:4: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char header_string[HDR_LEN]; /* centered header */ data/unifont-13.0.04/src/unifontpic.c:268:4: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char raw_header[HDR_LEN]; /* left-aligned header */ data/unifont-13.0.04/src/unifontpic.c:357:4: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy (&header_string[startcol], raw_header, hdrlen); data/unifont-13.0.04/src/unifontpic.c:548:4: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char header_string[257]; data/unifont-13.0.04/src/unifontpic.c:549:4: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char raw_header[HDR_LEN]; data/unifont-13.0.04/src/unifontpic.c:638:4: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy (&header_string[startcol], raw_header, hdrlen); data/unifont-13.0.04/src/unifontpic.h:35:7: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. const char *ascii_hex [128] = { data/unifont-13.0.04/src/unifontpic.h:178:1: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char hexdigit[16][5] = { data/unifont-13.0.04/src/unigencircles.c:64:4: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char teststring[MAXSTRING]; /* current input line */ data/unifont-13.0.04/src/unigencircles.c:69:4: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char combining[0x110000]; /* 1 --> combining glyph; 0 --> non-combining */ data/unifont-13.0.04/src/unigencircles.c:70:4: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char x_offset [0x110000]; /* second value in *combining.txt files */ data/unifont-13.0.04/src/unigencircles.c:92:20: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if ((infilefp = fopen (argv[1],"r")) == NULL) { data/unifont-13.0.04/src/unigencircles.c:114:20: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if ((infilefp = fopen (argv[2],"r")) == NULL) { data/unifont-13.0.04/src/unigencircles.c:152:4: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char newstring[256]; data/unifont-13.0.04/src/unigencircles.c:154:4: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char circle[32]={0x0,0x0, /* row 1 */ data/unifont-13.0.04/src/unigencircles.c:195:4: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy (glyphstring, newstring, i); data/unifont-13.0.04/src/unigencircles.c:208:4: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char newstring[256]; data/unifont-13.0.04/src/unigencircles.c:213:4: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char circle08[64]={0x0,0x0,0x0,0x0, /* row 1 */ data/unifont-13.0.04/src/unigencircles.c:232:4: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char circle16[64]={0x0,0x0,0x0,0x0, /* row 1 */ data/unifont-13.0.04/src/unigencircles.c:282:4: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy (glyphstring, newstring, i); data/unifont-13.0.04/src/unigenwidth.c:53:4: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char teststring[MAXSTRING]; data/unifont-13.0.04/src/unigenwidth.c:57:4: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char glyph_width[0x20000]; data/unifont-13.0.04/src/unigenwidth.c:58:4: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char pikto_width[PIKTO_SIZE]; data/unifont-13.0.04/src/unigenwidth.c:70:20: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if ((infilefp = fopen (argv[1],"r")) == NULL) { data/unifont-13.0.04/src/unigenwidth.c:101:20: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if ((infilefp = fopen (argv[2],"r")) == NULL) { data/unifont-13.0.04/src/unihex2bmp.c:54:1: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char *hex[18]= { data/unifont-13.0.04/src/unihex2bmp.c:74:10: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char hexbits[18][32]; /* The above digits converted into bitmap */ data/unifont-13.0.04/src/unihex2bmp.c:88:4: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char inbuf[256]; /* input buffer */ data/unifont-13.0.04/src/unihex2bmp.c:99:13: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char bitmap[17*32][18*4]; /* final bitmap */ data/unifont-13.0.04/src/unihex2bmp.c:100:13: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char charbits[32][4]; /* bitmap for one character, 4 bytes/row */ data/unifont-13.0.04/src/unihex2bmp.c:151:19: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if ((infp = fopen (infile, "r")) == NULL) { data/unifont-13.0.04/src/unihex2bmp.c:160:20: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if ((outfp = fopen (outfile, "w")) == NULL) { data/unifont-13.0.04/src/unihex2bmp.c:340:10: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. hex2bit (char *instring, unsigned char character[32][4]) data/unifont-13.0.04/src/unihex2bmp.c:340:35: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. hex2bit (char *instring, unsigned char character[32][4]) data/unifont-13.0.04/src/unihex2bmp.c:384:16: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. init (unsigned char bitmap[17*32][18*4]) data/unifont-13.0.04/src/unihex2bmp.c:387:13: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char charbits[32][4]; /* bitmap for one character, 4 bytes/row */ data/unifont-13.0.04/src/unihexgen.c:76:1: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char hexdigit[16][5] = { data/unifont-13.0.04/src/unipagecount.c:46:4: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char inbuf[MAXBUF]; /* Max 256 characters in an input line */ data/unifont-13.0.04/src/unipagecount.c:76:24: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). plane = atoi(&argv[1][2]); data/unifont-13.0.04/src/unibmp2hex.c:193:8: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen (infile) > 0) { data/unifont-13.0.04/src/unibmp2hex.c:202:8: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen (outfile) > 0) { data/unifont-13.0.04/src/unibmp2hex.c:317:21: [1] (buffer) fgetc: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). if ((header[0] = fgetc (infp)) != EOF) { data/unifont-13.0.04/src/unibmp2hex.c:318:24: [1] (buffer) fgetc: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). if ((header[1] = fgetc (infp)) != EOF) { data/unifont-13.0.04/src/unibmp2hex.c:342:22: [1] (buffer) fgetc: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). header[i] = fgetc (infp); data/unifont-13.0.04/src/unibmp2hex.c:348:22: [1] (buffer) fgetc: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). inchar = fgetc (infp); data/unifont-13.0.04/src/unibmp2hex.c:362:22: [1] (buffer) fgetc: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). header[i] = fgetc (infp); data/unifont-13.0.04/src/unibmp2hex.c:425:33: [1] (buffer) fgetc: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). color_table[i][0] = fgetc (infp); /* Red */ data/unifont-13.0.04/src/unibmp2hex.c:426:33: [1] (buffer) fgetc: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). color_table[i][1] = fgetc (infp); /* Green */ data/unifont-13.0.04/src/unibmp2hex.c:427:33: [1] (buffer) fgetc: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). color_table[i][2] = fgetc (infp); /* Blue */ data/unifont-13.0.04/src/unibmp2hex.c:428:33: [1] (buffer) fgetc: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). color_table[i][3] = fgetc (infp); /* Alpha */ data/unifont-13.0.04/src/unibmp2hex.c:473:30: [1] (buffer) fgetc: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). next_pixels = fgetc (infp); data/unifont-13.0.04/src/unibmp2hex.c:479:33: [1] (buffer) fgetc: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). this_pixel = (fgetc (infp) & 0xFF) + data/unifont-13.0.04/src/unibmp2hex.c:480:33: [1] (buffer) fgetc: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). (fgetc (infp) & 0xFF) + data/unifont-13.0.04/src/unibmp2hex.c:481:33: [1] (buffer) fgetc: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). (fgetc (infp) & 0xFF); data/unifont-13.0.04/src/unibmp2hex.c:483:26: [1] (buffer) fgetc: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). (void) fgetc (infp); /* ignore alpha value */ data/unifont-13.0.04/src/unibmpbump.c:182:8: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen (infile) > 0) { data/unifont-13.0.04/src/unibmpbump.c:191:8: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen (outfile) > 0) { data/unifont-13.0.04/src/unicoverage.c:96:8: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen (infile) > 0) { data/unifont-13.0.04/src/unicoverage.c:105:8: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen (outfile) > 0) { data/unifont-13.0.04/src/unicoverage.c:175:19: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). retval = strlen (inbuf); data/unifont-13.0.04/src/unicoverage.c:183:13: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy (coverstring, &inbuf[i], MAXBUF); data/unifont-13.0.04/src/unifont1per.c:117:21: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). glyph_width = strlen (glyph) / (glyph_height / 4); data/unifont-13.0.04/src/unifontpic.c:215:17: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ndigits = strlen (bitstring); data/unifont-13.0.04/src/unifontpic.c:353:13: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). hdrlen = strlen (raw_header); data/unifont-13.0.04/src/unifontpic.c:633:13: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). hdrlen = strlen (raw_header); data/unifont-13.0.04/src/unigencircles.c:133:14: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen (gstart) < 35) data/unifont-13.0.04/src/unigenwidth.c:88:30: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). glyph_width[loc] = (strlen (gstart) - 1) >> 5; data/unifont-13.0.04/src/unigenwidth.c:92:43: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). pikto_width[loc - PIKTO_START] = strlen (gstart) <= 34 ? 1 : 2; data/unifont-13.0.04/src/unihex2bmp.c:150:8: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen (infile) > 0) { data/unifont-13.0.04/src/unihex2bmp.c:159:8: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen (outfile) > 0) { data/unifont-13.0.04/src/unihex2bmp.c:352:8: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen (instring) <= 34) /* 32 + possible '\r', '\n' */ data/unifont-13.0.04/src/unihex2bmp.c:354:13: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). else if (strlen (instring) <= 66) /* 64 + possible '\r', '\n' */ data/unifont-13.0.04/src/unihex2bmp.c:356:13: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). else if (strlen (instring) <= 98) /* 96 + possible '\r', '\n' */ data/unifont-13.0.04/src/unipagecount.c:58:11: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). size_t strlen(); ANALYSIS SUMMARY: Hits = 110 Lines analyzed = 4422 in approximately 0.20 seconds (21600 lines/second) Physical Source Lines of Code (SLOC) = 2611 Hits@level = [0] 347 [1] 35 [2] 74 [3] 0 [4] 1 [5] 0 Hits@level+ = [0+] 457 [1+] 110 [2+] 75 [3+] 1 [4+] 1 [5+] 0 Hits/KSLOC@level+ = [0+] 175.029 [1+] 42.1295 [2+] 28.7246 [3+] 0.382995 [4+] 0.382995 [5+] 0 Dot directories skipped = 1 (--followdotdir overrides) Minimum risk level = 1 Not every hit is necessarily a security vulnerability. There may be other security vulnerabilities; review your code! See 'Secure Programming HOWTO' (https://dwheeler.com/secure-programs) for more information.