Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler. Number of rules (primarily dangerous function names) in C/C++ ruleset: 223 Examining data/yorick-mpeg-0.1/config.h Examining data/yorick-mpeg-0.1/libavcodec/avcodec.h Examining data/yorick-mpeg-0.1/libavcodec/bswap.h Examining data/yorick-mpeg-0.1/libavcodec/common.c Examining data/yorick-mpeg-0.1/libavcodec/common.h Examining data/yorick-mpeg-0.1/libavcodec/dsputil.c Examining data/yorick-mpeg-0.1/libavcodec/dsputil.h Examining data/yorick-mpeg-0.1/libavcodec/imgconvert.c Examining data/yorick-mpeg-0.1/libavcodec/integer.c Examining data/yorick-mpeg-0.1/libavcodec/integer.h Examining data/yorick-mpeg-0.1/libavcodec/jfdctint.c Examining data/yorick-mpeg-0.1/libavcodec/mem.c Examining data/yorick-mpeg-0.1/libavcodec/motion_est.c Examining data/yorick-mpeg-0.1/libavcodec/mpeg12.c Examining data/yorick-mpeg-0.1/libavcodec/mpegvideo.h Examining data/yorick-mpeg-0.1/libavcodec/ratecontrol.c Examining data/yorick-mpeg-0.1/libavcodec/simple_idct.c Examining data/yorick-mpeg-0.1/libavcodec/simple_idct.h Examining data/yorick-mpeg-0.1/libavcodec/utils.c Examining data/yorick-mpeg-0.1/libavcodec/mpegvideo.c Examining data/yorick-mpeg-0.1/ympeg.c FINAL RESULTS: data/yorick-mpeg-0.1/libavcodec/common.h:92:13: [4] (format) snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. # define snprintf _snprintf data/yorick-mpeg-0.1/libavcodec/common.h:92:22: [4] (format) _snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. # define snprintf _snprintf data/yorick-mpeg-0.1/libavcodec/common.h:93:13: [4] (format) vsnprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. # define vsnprintf _vsnprintf data/yorick-mpeg-0.1/libavcodec/common.h:245:11: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. # define printf please_use_av_log data/yorick-mpeg-0.1/libavcodec/common.h:246:11: [4] (format) fprintf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. # define fprintf please_use_av_log data/yorick-mpeg-0.1/libavcodec/utils.c:464:8: [4] (format) fprintf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. #undef fprintf data/yorick-mpeg-0.1/libavcodec/utils.c:468:9: [4] (format) fprintf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. #define fprintf please_use_av_log data/yorick-mpeg-0.1/libavcodec/utils.c:472:3: [4] (format) vfprintf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. vfprintf(stderr, fmt, vl); data/yorick-mpeg-0.1/libavcodec/common.h:243:9: [3] (random) srand: This function is not sufficiently random for security-related functions such as key and nonce creation (CWE-327). Use a more secure technique for acquiring random values. #define srand srand_is_forbidden_due_to_state_trashing data/yorick-mpeg-0.1/libavcodec/avcodec.h:370:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char codec_name[32]; data/yorick-mpeg-0.1/libavcodec/mpeg12.c:56:23: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static const unsigned char vlc_dc_lum_bits[12] = { data/yorick-mpeg-0.1/libavcodec/mpeg12.c:63:16: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. const unsigned char vlc_dc_chroma_bits[12] = { data/yorick-mpeg-0.1/libavcodec/mpegvideo.c:643:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(rl->max_level[last], max_level, MAX_RUN + 1); data/yorick-mpeg-0.1/libavcodec/mpegvideo.c:645:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(rl->max_run[last], max_run, MAX_LEVEL + 1); data/yorick-mpeg-0.1/libavcodec/mpegvideo.c:647:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(rl->index_run[last], index_run, MAX_RUN + 1); data/yorick-mpeg-0.1/libavcodec/mpegvideo.c:824:13: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(dst, src, src_stride*h); data/yorick-mpeg-0.1/libavcodec/mpegvideo.c:827:15: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(dst, src, w); data/yorick-mpeg-0.1/libavcodec/mpegvideo.c:1459:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(pbBufPtr(pb), src+i, 2*words-i); data/yorick-mpeg-0.1/ympeg.c:129:32: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). FILE *f = (name && name[0])? fopen(name, "w") : 0; data/yorick-mpeg-0.1/libavcodec/mem.c:35:9: [1] (free) memalign: On some systems (though not Linux-based systems) an attempt to free() results from memalign() may fail. This may, on a few systems, be exploitable. Also note that memalign() may not check that the boundary parameter is correct (CWE-676). Use posix_memalign instead (defined in POSIX's 1003.1d). Don't switch to valloc(); it is marked as obsolete in BSD 4.3, as legacy in SUSv2, and is no longer defined in SUSv3. In some cases, malloc()'s alignment may be sufficient. #define memalign(align,size) malloc (size) data/yorick-mpeg-0.1/libavcodec/mem.c:61:11: [1] (free) memalign: On some systems (though not Linux-based systems) an attempt to free() results from memalign() may fail. This may, on a few systems, be exploitable. Also note that memalign() may not check that the boundary parameter is correct (CWE-676). Use posix_memalign instead (defined in POSIX's 1003.1d). Don't switch to valloc(); it is marked as obsolete in BSD 4.3, as legacy in SUSv2, and is no longer defined in SUSv3. In some cases, malloc()'s alignment may be sufficient. ptr = memalign(16,size); ANALYSIS SUMMARY: Hits = 21 Lines analyzed = 8841 in approximately 0.25 seconds (35049 lines/second) Physical Source Lines of Code (SLOC) = 6221 Hits@level = [0] 1 [1] 2 [2] 10 [3] 1 [4] 8 [5] 0 Hits@level+ = [0+] 22 [1+] 21 [2+] 19 [3+] 9 [4+] 8 [5+] 0 Hits/KSLOC@level+ = [0+] 3.53641 [1+] 3.37566 [2+] 3.05417 [3+] 1.44671 [4+] 1.28597 [5+] 0 Dot directories skipped = 1 (--followdotdir overrides) Minimum risk level = 1 Not every hit is necessarily a security vulnerability. There may be other security vulnerabilities; review your code! See 'Secure Programming HOWTO' (https://dwheeler.com/secure-programs) for more information.