Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler.
Number of rules (primarily dangerous function names) in C/C++ ruleset: 223
Examining data/writerperfect-0.9.6/src/lib/UsageHelper.cxx
Examining data/writerperfect-0.9.6/src/lib/UserOptions.cxx
Examining data/writerperfect-0.9.6/src/lib/OutputFileHelper.cxx
Examining data/writerperfect-0.9.6/src/lib/WPWrapper.cxx
Examining data/writerperfect-0.9.6/src/lib/StringXMLSerializer.cxx
Examining data/writerperfect-0.9.6/src/lib/FemtoZip.cxx
Examining data/writerperfect-0.9.6/src/conv/wrapper/WPWrapperZMF.cxx
Examining data/writerperfect-0.9.6/src/conv/wrapper/WPWrapperABW.cxx
Examining data/writerperfect-0.9.6/src/conv/wrapper/WPWrapperMWAW.cxx
Examining data/writerperfect-0.9.6/src/conv/wrapper/WPWrapperWPS.cxx
Examining data/writerperfect-0.9.6/src/conv/wrapper/WPWrapperMSPUB.cxx
Examining data/writerperfect-0.9.6/src/conv/wrapper/WPWrapperWPG.cxx
Examining data/writerperfect-0.9.6/src/conv/wrapper/WPWrapperFREEHAND.cxx
Examining data/writerperfect-0.9.6/src/conv/wrapper/WPWrapperQXP.cxx
Examining data/writerperfect-0.9.6/src/conv/wrapper/WPWrapperETONYEK.cxx
Examining data/writerperfect-0.9.6/src/conv/wrapper/WPWrapperPAGEMAKER.cxx
Examining data/writerperfect-0.9.6/src/conv/wrapper/WPWrapperCDR.cxx
Examining data/writerperfect-0.9.6/src/conv/wrapper/WPWrapperWPD.cxx
Examining data/writerperfect-0.9.6/src/conv/wrapper/WPWrapperEBOOK.cxx
Examining data/writerperfect-0.9.6/src/conv/wrapper/WPWrapperSTAROFFICE.cxx
Examining data/writerperfect-0.9.6/src/conv/wrapper/WPWrapperVISIO.cxx
Examining data/writerperfect-0.9.6/src/conv/epub/wps2epub.cxx
Examining data/writerperfect-0.9.6/src/conv/epub/cmx2epub.cxx
Examining data/writerperfect-0.9.6/src/conv/epub/zmf2epub.cxx
Examining data/writerperfect-0.9.6/src/conv/epub/ebook2epub.cxx
Examining data/writerperfect-0.9.6/src/conv/epub/fh2epub.cxx
Examining data/writerperfect-0.9.6/src/conv/epub/EpubPackage.cxx
Examining data/writerperfect-0.9.6/src/conv/epub/wpft2epub.cxx
Examining data/writerperfect-0.9.6/src/conv/epub/vsd2epub.cxx
Examining data/writerperfect-0.9.6/src/conv/epub/qxp2epub.cxx
Examining data/writerperfect-0.9.6/src/conv/epub/wpg2epub.cxx
Examining data/writerperfect-0.9.6/src/conv/epub/EpubConverter.cxx
Examining data/writerperfect-0.9.6/src/conv/epub/sd2epub.cxx
Examining data/writerperfect-0.9.6/src/conv/epub/pub2epub.cxx
Examining data/writerperfect-0.9.6/src/conv/epub/cdr2epub.cxx
Examining data/writerperfect-0.9.6/src/conv/epub/vss2epub.cxx
Examining data/writerperfect-0.9.6/src/conv/epub/mwaw2epub.cxx
Examining data/writerperfect-0.9.6/src/conv/epub/wpd2epub.cxx
Examining data/writerperfect-0.9.6/src/conv/epub/pages2epub.cxx
Examining data/writerperfect-0.9.6/src/conv/epub/abw2epub.cxx
Examining data/writerperfect-0.9.6/src/conv/epub/pmd2epub.cxx
Examining data/writerperfect-0.9.6/src/conv/epub/key2epub.cxx
Examining data/writerperfect-0.9.6/src/conv/odf/cdr2odg.cxx
Examining data/writerperfect-0.9.6/src/conv/odf/qxp2odg.cxx
Examining data/writerperfect-0.9.6/src/conv/odf/OdfWrapperSTAROFFICE.cxx
Examining data/writerperfect-0.9.6/src/conv/odf/wpft2odf.cxx
Examining data/writerperfect-0.9.6/src/conv/odf/zmf2odg.cxx
Examining data/writerperfect-0.9.6/src/conv/odf/OdfConverter.cxx
Examining data/writerperfect-0.9.6/src/conv/odf/sd2odf.cxx
Examining data/writerperfect-0.9.6/src/conv/odf/vsd2odg.cxx
Examining data/writerperfect-0.9.6/src/conv/odf/vss2odg.cxx
Examining data/writerperfect-0.9.6/src/conv/odf/numbers2ods.cxx
Examining data/writerperfect-0.9.6/src/conv/odf/key2odp.cxx
Examining data/writerperfect-0.9.6/src/conv/odf/OdfWrapperWPS.cxx
Examining data/writerperfect-0.9.6/src/conv/odf/wpg2odg.cxx
Examining data/writerperfect-0.9.6/src/conv/odf/wpd2odt.cxx
Examining data/writerperfect-0.9.6/src/conv/odf/pages2odt.cxx
Examining data/writerperfect-0.9.6/src/conv/odf/OdfPackage.cxx
Examining data/writerperfect-0.9.6/src/conv/odf/mwaw2odf.cxx
Examining data/writerperfect-0.9.6/src/conv/odf/OdfWrapper.cxx
Examining data/writerperfect-0.9.6/src/conv/odf/pub2odg.cxx
Examining data/writerperfect-0.9.6/src/conv/odf/abw2odt.cxx
Examining data/writerperfect-0.9.6/src/conv/odf/wps2odt.cxx
Examining data/writerperfect-0.9.6/src/conv/odf/pmd2odg.cxx
Examining data/writerperfect-0.9.6/src/conv/odf/OdfWrapperWPD.cxx
Examining data/writerperfect-0.9.6/src/conv/odf/fh2odg.cxx
Examining data/writerperfect-0.9.6/src/conv/odf/OdfWrapperMWAW.cxx
Examining data/writerperfect-0.9.6/src/conv/odf/wks2ods.cxx
Examining data/writerperfect-0.9.6/src/conv/odf/cmx2odg.cxx
Examining data/writerperfect-0.9.6/src/conv/odf/OdfWrapperMSPUB.cxx
Examining data/writerperfect-0.9.6/src/conv/odf/ebook2odt.cxx
Examining data/writerperfect-0.9.6/src/conv/abw/sd2abw.cxx
Examining data/writerperfect-0.9.6/src/conv/abw/ABWWrapperSTAROFFICE.cxx
Examining data/writerperfect-0.9.6/src/conv/abw/wps2abw.cxx
Examining data/writerperfect-0.9.6/src/conv/abw/ABWWrapperWPS.cxx
Examining data/writerperfect-0.9.6/src/conv/abw/ABWStringDocumentHandler.cxx
Examining data/writerperfect-0.9.6/src/conv/abw/mwaw2abw.cxx
Examining data/writerperfect-0.9.6/src/conv/abw/abw2abw.cxx
Examining data/writerperfect-0.9.6/src/conv/abw/pages2abw.cxx
Examining data/writerperfect-0.9.6/src/conv/abw/wpft2abw.cxx
Examining data/writerperfect-0.9.6/src/conv/abw/ebook2abw.cxx
Examining data/writerperfect-0.9.6/src/conv/abw/ABWWrapper.cxx
Examining data/writerperfect-0.9.6/src/conv/abw/ABWWrapperWPD.cxx
Examining data/writerperfect-0.9.6/src/conv/abw/wpd2abw.cxx
Examining data/writerperfect-0.9.6/src/conv/abw/ABWWrapperMWAW.cxx
Examining data/writerperfect-0.9.6/src/conv/abw/ABWConverter.cxx
FINAL RESULTS:
data/writerperfect-0.9.6/src/lib/FemtoZip.cxx:48:21: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
#define FZ_DEBUG(M) printf M
data/writerperfect-0.9.6/src/lib/StringXMLSerializer.cxx:77:18: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
m_openedTagName.sprintf("%s", psName);
data/writerperfect-0.9.6/src/conv/abw/ABWStringDocumentHandler.cxx:60:19: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE *fhandle = fopen(output, "wb");
data/writerperfect-0.9.6/src/conv/abw/ABWWrapper.cxx:60:26: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
output.append((unsigned char *)svgOutput[0].cstr(), strlen(svgOutput[0].cstr()));
data/writerperfect-0.9.6/src/conv/odf/OdfWrapper.cxx:80:26: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
output.append((unsigned char *)svgOutput[0].cstr(), strlen(svgOutput[0].cstr()));
data/writerperfect-0.9.6/src/conv/wrapper/WPWrapperETONYEK.cxx:67:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char const *(extensions[3])= {".key", ".numbers", ".pages"};
data/writerperfect-0.9.6/src/lib/FemtoZip.cxx:174:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buffer[46];
data/writerperfect-0.9.6/src/lib/FemtoZip.cxx:185:13: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fhandle = fopen(zipfile, "wb");
data/writerperfect-0.9.6/src/conv/abw/ABWStringDocumentHandler.cxx:58:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (output && strlen(output))
data/writerperfect-0.9.6/src/conv/abw/ABWWrapper.cxx:59:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
output.append((unsigned char *)svgHeader, strlen(svgHeader));
data/writerperfect-0.9.6/src/conv/abw/ABWWrapper.cxx:60:54: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
output.append((unsigned char *)svgOutput[0].cstr(), strlen(svgOutput[0].cstr()));
data/writerperfect-0.9.6/src/conv/odf/OdfWrapper.cxx:79:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
output.append((unsigned char *)svgHeader, strlen(svgHeader));
data/writerperfect-0.9.6/src/conv/odf/OdfWrapper.cxx:80:54: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
output.append((unsigned char *)svgOutput[0].cstr(), strlen(svgOutput[0].cstr()));
data/writerperfect-0.9.6/src/conv/wrapper/WPWrapperMWAW.cxx:72:23: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
const unsigned char *read(unsigned long numBytes, unsigned long &numBytesRead);
data/writerperfect-0.9.6/src/conv/wrapper/WPWrapperMWAW.cxx:143:36: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
const unsigned char *StringStream::read(unsigned long numBytes, unsigned long &numBytesRead)
data/writerperfect-0.9.6/src/conv/wrapper/WPWrapperMWAW.cxx:220:23: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
const unsigned char *read(unsigned long, unsigned long &)
data/writerperfect-0.9.6/src/conv/wrapper/WPWrapperMWAW.cxx:375:34: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
const unsigned char *buf=input.read(46, numBytesRead);
data/writerperfect-0.9.6/src/conv/wrapper/WPWrapperWPS.cxx:71:23: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
const unsigned char *read(unsigned long, unsigned long &)
data/writerperfect-0.9.6/src/conv/wrapper/WPWrapperWPS.cxx:174:34: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
const unsigned char *data=input.read(6, numBytesRead);
data/writerperfect-0.9.6/src/lib/FemtoZip.cxx:225:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t namelen = strlen(entry->name);
data/writerperfect-0.9.6/src/lib/FemtoZip.cxx:363:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t namelen = strlen(entry->name);
data/writerperfect-0.9.6/src/lib/FemtoZip.cxx:591:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
d->writeData(strlen(str), str);
data/writerperfect-0.9.6/src/lib/OutputFileHelper.cxx:164:90: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
return writeChildFile(childFileName, reinterpret_cast<const unsigned char *>(str), std::strlen(str));
ANALYSIS SUMMARY:
Hits = 23
Lines analyzed = 6902 in approximately 0.27 seconds (25588 lines/second)
Physical Source Lines of Code (SLOC) = 4075
Hits@level = [0] 36 [1] 15 [2] 6 [3] 0 [4] 2 [5] 0
Hits@level+ = [0+] 59 [1+] 23 [2+] 8 [3+] 2 [4+] 2 [5+] 0
Hits/KSLOC@level+ = [0+] 14.4785 [1+] 5.64417 [2+] 1.96319 [3+] 0.490798 [4+] 0.490798 [5+] 0
Dot directories skipped = 1 (--followdotdir overrides)
Minimum risk level = 1
Not every hit is necessarily a security vulnerability.
There may be other security vulnerabilities; review your code!
See 'Secure Programming HOWTO'
(https://dwheeler.com/secure-programs) for more information.