Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler.
Number of rules (primarily dangerous function names) in C/C++ ruleset: 223
Examining data/volpack-1.0b3/vp_renderA.c
Examining data/volpack-1.0b3/vp_check.c
Examining data/volpack-1.0b3/vp_renderB.c
Examining data/volpack-1.0b3/volpack.h
Examining data/volpack-1.0b3/vp_util.c
Examining data/volpack-1.0b3/vp_view.c
Examining data/volpack-1.0b3/examples/denfile.c
Examining data/volpack-1.0b3/examples/scalevolume.c
Examining data/volpack-1.0b3/examples/volume.h
Examining data/volpack-1.0b3/examples/classifyvolume.c
Examining data/volpack-1.0b3/examples/makeoctree.c
Examining data/volpack-1.0b3/examples/makevolume.c
Examining data/volpack-1.0b3/examples/rendervolume.c
Examining data/volpack-1.0b3/vp_octree.c
Examining data/volpack-1.0b3/vp_renderC.c
Examining data/volpack-1.0b3/patchlevel.h
Examining data/volpack-1.0b3/vp_extract.c
Examining data/volpack-1.0b3/vp_shade.c
Examining data/volpack-1.0b3/vp_renderR.c
Examining data/volpack-1.0b3/vp_warp.c
Examining data/volpack-1.0b3/vp_linalg.c
Examining data/volpack-1.0b3/vp_resample.c
Examining data/volpack-1.0b3/vp_file.c
Examining data/volpack-1.0b3/vp_transpose.c
Examining data/volpack-1.0b3/vp_context.c
Examining data/volpack-1.0b3/vp_rle.c
Examining data/volpack-1.0b3/vp_global.h
FINAL RESULTS:
data/volpack-1.0b3/vp_util.c:99:5: [4] (format) vfprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
vfprintf(stderr, fmt, args);
data/volpack-1.0b3/vp_util.c:141:2: [4] (format) vfprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
vfprintf(stdout, fmt, args);
data/volpack-1.0b3/examples/classifyvolume.c:92:20: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((density_fd = open(BRAIN_FILE, 0)) < 0) {
data/volpack-1.0b3/examples/classifyvolume.c:110:19: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((volume_fd = open(VOLUME_FILE, 0)) < 0) {
data/volpack-1.0b3/examples/classifyvolume.c:139:19: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((octree_fd = open(OCTREE_FILE, 0)) < 0) {
data/volpack-1.0b3/examples/denfile.c:51:15: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((fd = open(filename, 0)) < 0) {
data/volpack-1.0b3/examples/makeoctree.c:44:22: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((volume_fd = open(VOLUME_FILE, 0)) < 0) {
data/volpack-1.0b3/examples/makevolume.c:72:23: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((density_fd = open(BRAIN_FILE, 0)) < 0) {
data/volpack-1.0b3/examples/rendervolume.c:49:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char image[IMAGE_WIDTH][IMAGE_HEIGHT]; /* output image */
data/volpack-1.0b3/examples/rendervolume.c:50:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char filename[512]; /* output file name */
data/volpack-1.0b3/examples/rendervolume.c:63:11: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
else if (atoi(*argv) > 0)
data/volpack-1.0b3/examples/rendervolume.c:64:18: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
numframes = atoi(*argv);
data/volpack-1.0b3/examples/rendervolume.c:79:21: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((clvolume_fd = open(CLVOLUME_FILE, 0)) < 0) {
data/volpack-1.0b3/examples/rendervolume.c:95:19: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((volume_fd = open(VOLUME_FILE, 0)) < 0) {
data/volpack-1.0b3/examples/rendervolume.c:122:23: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((octree_fd = open(OCTREE_FILE, 0)) < 0) {
data/volpack-1.0b3/examples/rendervolume.c:194:6: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(filename, "brainsmall.ppm");
data/volpack-1.0b3/examples/rendervolume.c:196:6: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(filename, "brainsmall_%d.ppm", n + 1000);
data/volpack-1.0b3/examples/rendervolume.c:216:21: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((image_fp = fopen(filename, "w")) == NULL) {
data/volpack-1.0b3/vp_context.c:681:5: [2] (buffer) bcopy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
bcopy(matrix, vpc->transforms[vpc->current_matrix], sizeof(vpMatrix4));
data/volpack-1.0b3/vp_context.c:702:2: [2] (buffer) bcopy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
bcopy(vpc->transforms[matrix_code], matrix, sizeof(vpMatrix4));
data/volpack-1.0b3/vp_context.c:730:5: [2] (buffer) bcopy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
bcopy(tmp, vpc->transforms[vpc->current_matrix], sizeof(vpMatrix4));
data/volpack-1.0b3/vp_context.c:753:5: [2] (buffer) bcopy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
bcopy(tmp, vpc->transforms[vpc->current_matrix], sizeof(vpMatrix4));
data/volpack-1.0b3/vp_context.c:779:5: [2] (buffer) bcopy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
bcopy(tmp, vpc->transforms[vpc->current_matrix], sizeof(vpMatrix4));
data/volpack-1.0b3/vp_context.c:802:5: [2] (buffer) bcopy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
bcopy(tmp, vpc->transforms[vpc->current_matrix], sizeof(vpMatrix4));
data/volpack-1.0b3/vp_context.c:856:5: [2] (buffer) bcopy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
bcopy(tmp, vpc->transforms[VP_PROJECT], sizeof(vpMatrix4));
data/volpack-1.0b3/vp_context.c:918:2: [2] (buffer) bcopy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
bcopy(m2, m3, sizeof(vpMatrix4));
data/volpack-1.0b3/vp_context.c:966:5: [2] (buffer) bcopy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
bcopy(m1, vpc->transforms[VP_PROJECT], sizeof(vpMatrix4));
data/volpack-1.0b3/vp_context.c:2094:15: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((fd = open("/dev/mmem", O_RDONLY)) < 0)
data/volpack-1.0b3/vp_file.c:119:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char pad_data[8];
data/volpack-1.0b3/vp_file.c:220:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char pad_data[8];
data/volpack-1.0b3/vp_file.c:277:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char pad_data[8];
data/volpack-1.0b3/vp_file.c:499:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char pad_data[8];
data/volpack-1.0b3/vp_global.h:57:9: [2] (buffer) bcopy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
#define bcopy(s, d, n) memcpy ((d), (s), (n))
data/volpack-1.0b3/vp_global.h:57:24: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
#define bcopy(s, d, n) memcpy ((d), (s), (n))
data/volpack-1.0b3/vp_global.h:300:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char data[GBUFFER_SIZE]; /* data */
data/volpack-1.0b3/vp_global.h:316:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char octree_runs[VP_MAX_VOLUME_DIM];
data/volpack-1.0b3/vp_octree.c:246:23: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
mm_pyramid[level] = (char *)mm_pyramid[level-1] + level_offset;
data/volpack-1.0b3/vp_octree.c:461:16: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
pyr_ptr = (char *)mm_pyramid[level] + ((z*nodes_per_side + y) *
data/volpack-1.0b3/vp_octree.c:702:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *node_stack[VP_MAX_OCTREE_LEVELS]; /* stack of node addresses */
data/volpack-1.0b3/vp_octree.c:819:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *node_stack[VP_MAX_OCTREE_LEVELS]; /* stack of node addresses */
data/volpack-1.0b3/vp_octree.c:1400:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char run_lengths[VP_MAX_VOLUME_DIM];
data/volpack-1.0b3/vp_rle.c:432:5: [2] (buffer) bcopy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
bcopy(rawvoxel, data_ptr, rle_bytes_per_voxel-1);
data/volpack-1.0b3/vp_rle.c:684:8: [2] (buffer) bcopy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
bcopy(lengths, z_lengths, lengths_bytes_left);
data/volpack-1.0b3/vp_rle.c:701:8: [2] (buffer) bcopy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
bcopy(data, z_data, data_bytes_left);
data/volpack-1.0b3/vp_rle.c:849:2: [2] (buffer) bcopy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
bcopy(voxel, (char *)data + rundata->p.p2.data_offset,
data/volpack-1.0b3/vp_shade.c:490:6: [2] (buffer) bcopy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
bcopy(vpc->light_color[c], light_color[num_lights],
data/volpack-1.0b3/vp_shade.c:492:6: [2] (buffer) bcopy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
bcopy(vpc->light_vector[c], obj_light[num_lights],
data/volpack-1.0b3/vp_shade.c:498:5: [2] (buffer) bcopy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
bcopy(vpc->transforms[VP_MODEL], a, sizeof(vpMatrix4));
data/volpack-1.0b3/vp_transpose.c:100:5: [2] (buffer) bcopy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
bcopy(blk, vpc->raw_voxels, xlen*ylen*zlen*bytes_per_voxel);
data/volpack-1.0b3/vp_view.c:641:3: [2] (buffer) bcopy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
bcopy(vpc->dc_table, new_dc_table,
data/volpack-1.0b3/examples/classifyvolume.c:102:6: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (read(density_fd, density, density_size) != density_size) {
data/volpack-1.0b3/examples/denfile.c:222:6: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (read(fd, buf, n) != n)
data/volpack-1.0b3/examples/denfile.c:254:6: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (read(fd, buf, n) != n)
data/volpack-1.0b3/examples/denfile.c:302:6: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (read(fd, buf, n) != n)
data/volpack-1.0b3/examples/makevolume.c:82:9: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (read(density_fd, density, density_size) != density_size) {
data/volpack-1.0b3/vp_context.c:58:16: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
extern int read(), write();
data/volpack-1.0b3/vp_context.c:127:22: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
vpc->read_func = read;
data/volpack-1.0b3/vp_context.c:1169:16: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
extern int read(), write();
data/volpack-1.0b3/vp_context.c:1183:23: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
vpc->read_func = read;
ANALYSIS SUMMARY:
Hits = 59
Lines analyzed = 16283 in approximately 0.51 seconds (31638 lines/second)
Physical Source Lines of Code (SLOC) = 12177
Hits@level = [0] 203 [1] 9 [2] 48 [3] 0 [4] 2 [5] 0
Hits@level+ = [0+] 262 [1+] 59 [2+] 50 [3+] 2 [4+] 2 [5+] 0
Hits/KSLOC@level+ = [0+] 21.516 [1+] 4.8452 [2+] 4.1061 [3+] 0.164244 [4+] 0.164244 [5+] 0
Dot directories skipped = 1 (--followdotdir overrides)
Minimum risk level = 1
Not every hit is necessarily a security vulnerability.
There may be other security vulnerabilities; review your code!
See 'Secure Programming HOWTO'
(https://dwheeler.com/secure-programs) for more information.