stdin

Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler.
Number of rules (primarily dangerous function names) in C/C++ ruleset: 223
Examining data/xfstt-1.11/libfstt/table_hdmx.cc
Examining data/xfstt-1.11/libfstt/table_cvt.cc
Examining data/xfstt-1.11/libfstt/table_ebdt.cc
Examining data/xfstt-1.11/libfstt/ttf.h
Examining data/xfstt-1.11/libfstt/table_gasp.cc
Examining data/xfstt-1.11/libfstt/table_ltsh.cc
Examining data/xfstt-1.11/libfstt/raster_hints.cc
Examining data/xfstt-1.11/libfstt/table_head.cc
Examining data/xfstt-1.11/libfstt/table_fpgm.cc
Examining data/xfstt-1.11/libfstt/table_eblc.cc
Examining data/xfstt-1.11/libfstt/table_os2.cc
Examining data/xfstt-1.11/libfstt/table_cmap.cc
Examining data/xfstt-1.11/libfstt/table_prep.cc
Examining data/xfstt-1.11/libfstt/table_maxp.cc
Examining data/xfstt-1.11/libfstt/table_hmtx.cc
Examining data/xfstt-1.11/libfstt/arch.h
Examining data/xfstt-1.11/libfstt/table_hhea.cc
Examining data/xfstt-1.11/libfstt/table_kern.cc
Examining data/xfstt-1.11/libfstt/table_name.cc
Examining data/xfstt-1.11/libfstt/ttfont.cc
Examining data/xfstt-1.11/libfstt/table_glyf.cc
Examining data/xfstt-1.11/libfstt/rafile.cc
Examining data/xfstt-1.11/libfstt/table_loca.cc
Examining data/xfstt-1.11/libfstt/table_vdmx.cc
Examining data/xfstt-1.11/libfstt/raster_scale.cc
Examining data/xfstt-1.11/libfstt/raster_draw.cc
Examining data/xfstt-1.11/src/encoding.cc
Examining data/xfstt-1.11/src/gettext.h
Examining data/xfstt-1.11/src/perftest.cc
Examining data/xfstt-1.11/src/patchttf.cc
Examining data/xfstt-1.11/src/showttf.cc
Examining data/xfstt-1.11/src/xfstt.cc
Examining data/xfstt-1.11/src/mesg.h
Examining data/xfstt-1.11/src/xfstt.h
Examining data/xfstt-1.11/src/mesg.cc
Examining data/xfstt-1.11/src/encoding.h
Examining data/xfstt-1.11/src/ttfn.h

FINAL RESULTS:

data/xfstt-1.11/libfstt/ttf.h:54:30:  [4] (format) fprintf:
  If format strings can be influenced by an attacker, they can be exploited
  (CWE-134). Use a constant for the format specification.
#  define debug(format, ...)	fprintf(stderr, format, ##__VA_ARGS__)
data/xfstt-1.11/src/mesg.cc:40:7:  [4] (format) vfprintf:
  If format strings can be influenced by an attacker, they can be exploited
  (CWE-134). Use a constant for the format specification.
	std::vfprintf(stdout, format, args);
data/xfstt-1.11/src/mesg.cc:52:7:  [4] (format) vfprintf:
  If format strings can be influenced by an attacker, they can be exploited
  (CWE-134). Use a constant for the format specification.
	std::vfprintf(stderr, format, args);
data/xfstt-1.11/src/mesg.cc:64:7:  [4] (format) vfprintf:
  If format strings can be influenced by an attacker, they can be exploited
  (CWE-134). Use a constant for the format specification.
	std::vfprintf(stderr, format, args);
data/xfstt-1.11/src/xfstt.cc:216:3:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
		sprintf(pathName, "%s/%s", ttdir, de->d_name);
data/xfstt-1.11/src/xfstt.cc:387:3:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
		strcpy(buf, xlfdName);
data/xfstt-1.11/src/xfstt.cc:388:3:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
		strcpy(buf + ttfn->xlfdLen, xlfdExt);
data/xfstt-1.11/src/xfstt.cc:389:3:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
		strcpy(buf + ttfn->xlfdLen + 12, encodings[mapIndex]->Name.c_str());
data/xfstt-1.11/src/xfstt.cc:422:3:  [4] (buffer) strcpy:
  Does not check for buffer overflows when copying to destination [MS-banned]
  (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
  easily misused).
		strcpy(buf - 3, encodings[mapIndex]->Name.c_str());
data/xfstt-1.11/src/xfstt.cc:991:3:  [4] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf.
		sprintf(s_unix.sun_path, "%s/fs%d", sockdir, conn.port);
data/xfstt-1.11/libfstt/rafile.cc:168:11:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
	int fd = open(fileName, O_RDONLY);
data/xfstt-1.11/libfstt/raster_draw.cc:372:2:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
	memcpy(buf0, bmp, length);
data/xfstt-1.11/libfstt/ttf.h:206:2:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	char faceName[32];
data/xfstt-1.11/libfstt/ttfont.cc:383:13:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
	FILE *fd = fopen(filename, "wb");
data/xfstt-1.11/src/patchttf.cc:69:13:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
	FILE *fp = fopen(inTTname.c_str(), "rb");
data/xfstt-1.11/src/patchttf.cc:163:7:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
	fp = fopen(outTTname.c_str(), "wb");
data/xfstt-1.11/src/perftest.cc:127:12:  [2] (integer) atoi:
  Unless checked, the resulting number can exceed the expected range
  (CWE-190). If source untrusted, check both minimum and maximum, even if the
  input had no minus sign (large numbers can roll over into negative number;
  consider saving to an unsigned value if that is intended).
		ptsize = atoi(argv[1]);
data/xfstt-1.11/src/ttfn.h:55:2:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	char	magic[2];		// magic == "TT"
data/xfstt-1.11/src/ttfn.h:58:2:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	char	panose[10][2];		// in hex
data/xfstt-1.11/src/xfstt.cc:215:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
		char pathName[ttdir_len + namelen + 2];
data/xfstt-1.11/src/xfstt.cc:308:21:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
	FILE *ttinfoFile = fopen(ttinfofilename.c_str(), "wb");
data/xfstt-1.11/src/xfstt.cc:309:21:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
	FILE *ttnameFile = fopen(ttnamefilename.c_str(), "wb");
data/xfstt-1.11/src/xfstt.cc:321:2:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
	memcpy(ttinfo.magic, "TTFN", 4);
data/xfstt-1.11/src/xfstt.cc:325:2:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
	memcpy(ttinfo.type, "INFO", 4);
data/xfstt-1.11/src/xfstt.cc:327:2:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
	memcpy(ttinfo.type, "NAME", 4);
data/xfstt-1.11/src/xfstt.cc:455:2:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	char panose[sizeof(fn.panose) + 1];
data/xfstt-1.11/src/xfstt.cc:456:2:  [2] (buffer) sprintf:
  Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
  vsnprintf. Risk is low because the source has a constant maximum length.
	sprintf(panose, "%02X%02X%02X%02X%02X%02X%02X%02X%02X%02X",
data/xfstt-1.11/src/xfstt.cc:462:2:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
	memcpy(&fn.panose[0][0], panose, sizeof(fn.panose));
data/xfstt-1.11/src/xfstt.cc:472:2:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
	memcpy(buf, (char *)&fn, sizeof(fn));
data/xfstt-1.11/src/xfstt.cc:793:11:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
	int fd = open(ttinfofilename.c_str(), O_RDONLY);
data/xfstt-1.11/src/xfstt.cc:829:7:  [2] (misc) open:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
	fd = open(ttnamefilename.c_str(), O_RDONLY);
data/xfstt-1.11/src/xfstt.cc:1146:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
		char vendor[2], pad[2];
data/xfstt-1.11/src/xfstt.cc:1491:3:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
		char pad[2];
data/xfstt-1.11/src/xfstt.cc:1872:5:  [2] (buffer) memcpy:
  Does not check for buffer overflows when copying to destination (CWE-120).
  Make sure destination can always hold the source data.
				memcpy(bmp, src, ci->length);
data/xfstt-1.11/src/xfstt.cc:2179:19:  [2] (misc) fopen:
  Check when opening files - can an attacker redirect it (via symlinks),
  force the opening of special file type (e.g., device files), move things
  around to create a race condition, control its ancestors, or change its
  contents? (CWE-362).
		FILE *pidfile = fopen(pidfilename, "w");
data/xfstt-1.11/src/xfstt.h:51:2:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	char	magic[4];		// == TTFN
data/xfstt-1.11/src/xfstt.h:52:2:  [2] (buffer) char:
  Statically-sized arrays can be improperly restricted, leading to potential
  overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
  functions that limit length, or ensure that the size is larger than the
  maximum possible length.
	char	type[4];		// == INFO or NAME
data/xfstt-1.11/src/showttf.cc:294:22:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	                    strlen(title), title);
data/xfstt-1.11/src/xfstt.cc:185:18:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
	int ttdir_len = strlen(ttdir);
data/xfstt-1.11/src/xfstt.cc:195:17:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
		int namelen = strlen(de->d_name);
data/xfstt-1.11/src/xfstt.cc:228:18:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
		info.pathLen = strlen(pathName);
data/xfstt-1.11/src/xfstt.cc:392:11:  [1] (buffer) strlen:
  Does not handle strings that are not \0-terminated; if given one it may
  perform an over-read (it could cause a crash if unprotected) (CWE-126).
		*buf0 = strlen(buf);
data/xfstt-1.11/src/xfstt.cc:473:2:  [1] (buffer) strncpy:
  Easily used incorrectly; doesn't always \0-terminate or check for invalid
  pointers [MS-banned] (CWE-120).
	strncpy(buf + sizeof(fn), fontName, ttfn->nameLen);
data/xfstt-1.11/src/xfstt.cc:994:15:  [1] (access) umask:
  Ensure that umask is given most restrictive possible setting (e.g., 066 or
  077) (CWE-732).
		old_umask = umask(0);
data/xfstt-1.11/src/xfstt.cc:1016:3:  [1] (access) umask:
  Ensure that umask is given most restrictive possible setting (e.g., 066 or
  077) (CWE-732).
		umask(old_umask);
data/xfstt-1.11/src/xfstt.cc:1110:10:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
	int i = read(client.sd, client.buf, MAXREQSIZE);
data/xfstt-1.11/src/xfstt.cc:1287:10:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
	int l = read(client.sd, client.buf, sz_fsReq);
data/xfstt-1.11/src/xfstt.cc:1307:7:  [1] (buffer) read:
  Check buffer boundaries if used in a loop including recursive loops
  (CWE-120, CWE-20).
		i = read(client.sd, client.buf + l, size - l);

ANALYSIS SUMMARY:

Hits = 48
Lines analyzed = 11358 in approximately 0.31 seconds (36720 lines/second)
Physical Source Lines of Code (SLOC) = 8851
Hits@level = [0]  33 [1]  11 [2]  27 [3]   0 [4]  10 [5]   0
Hits@level+ = [0+]  81 [1+]  48 [2+]  37 [3+]  10 [4+]  10 [5+]   0
Hits/KSLOC@level+ = [0+] 9.15151 [1+] 5.42312 [2+] 4.18032 [3+] 1.12982 [4+] 1.12982 [5+]   0
Dot directories skipped = 1 (--followdotdir overrides)
Minimum risk level = 1
Not every hit is necessarily a security vulnerability.
There may be other security vulnerabilities; review your code!
See 'Secure Programming HOWTO'
(https://dwheeler.com/secure-programs) for more information.