Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler. Number of rules (primarily dangerous function names) in C/C++ ruleset: 223 Examining data/zopfli-1.0.3/src/zopfli/blocksplitter.c Examining data/zopfli-1.0.3/src/zopfli/blocksplitter.h Examining data/zopfli-1.0.3/src/zopfli/cache.c Examining data/zopfli-1.0.3/src/zopfli/cache.h Examining data/zopfli-1.0.3/src/zopfli/deflate.c Examining data/zopfli-1.0.3/src/zopfli/deflate.h Examining data/zopfli-1.0.3/src/zopfli/gzip_container.c Examining data/zopfli-1.0.3/src/zopfli/gzip_container.h Examining data/zopfli-1.0.3/src/zopfli/hash.c Examining data/zopfli-1.0.3/src/zopfli/hash.h Examining data/zopfli-1.0.3/src/zopfli/katajainen.c Examining data/zopfli-1.0.3/src/zopfli/katajainen.h Examining data/zopfli-1.0.3/src/zopfli/lz77.c Examining data/zopfli-1.0.3/src/zopfli/lz77.h Examining data/zopfli-1.0.3/src/zopfli/squeeze.c Examining data/zopfli-1.0.3/src/zopfli/squeeze.h Examining data/zopfli-1.0.3/src/zopfli/symbols.h Examining data/zopfli-1.0.3/src/zopfli/tree.c Examining data/zopfli-1.0.3/src/zopfli/tree.h Examining data/zopfli-1.0.3/src/zopfli/util.c Examining data/zopfli-1.0.3/src/zopfli/util.h Examining data/zopfli-1.0.3/src/zopfli/zlib_container.c Examining data/zopfli-1.0.3/src/zopfli/zlib_container.h Examining data/zopfli-1.0.3/src/zopfli/zopfli.h Examining data/zopfli-1.0.3/src/zopfli/zopfli_bin.c Examining data/zopfli-1.0.3/src/zopfli/zopfli_lib.c Examining data/zopfli-1.0.3/src/zopflipng/lodepng/lodepng.cpp Examining data/zopfli-1.0.3/src/zopflipng/lodepng/lodepng.h Examining data/zopfli-1.0.3/src/zopflipng/lodepng/lodepng_util.cpp Examining data/zopfli-1.0.3/src/zopflipng/lodepng/lodepng_util.h Examining data/zopfli-1.0.3/src/zopflipng/zopflipng_bin.cc Examining data/zopfli-1.0.3/src/zopflipng/zopflipng_lib.h Examining data/zopfli-1.0.3/src/zopflipng/zopflipng_lib.cc FINAL RESULTS: data/zopfli-1.0.3/src/zopfli/zopfli_bin.c:135:3: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(result, str1); data/zopfli-1.0.3/src/zopfli/zopfli_bin.c:136:3: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat(result, str2); data/zopfli-1.0.3/src/zopflipng/zopflipng_bin.cc:377:9: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. printf(always_zopflify data/zopfli-1.0.3/src/zopflipng/zopflipng_bin.cc:418:11: [4] (format) printf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. printf(resultpng.size() == origoutfilesize data/zopfli-1.0.3/src/zopfli/deflate.c:555:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(ll_lengths, ll_lengths2, sizeof(ll_lengths2)); data/zopfli-1.0.3/src/zopfli/deflate.c:556:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(d_lengths, d_lengths2, sizeof(d_lengths2)); data/zopfli-1.0.3/src/zopfli/squeeze.c:54:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(dest->litlens, source->litlens, data/zopfli-1.0.3/src/zopfli/squeeze.c:56:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(dest->dists, source->dists, ZOPFLI_NUM_D * sizeof(dest->dists[0])); data/zopfli-1.0.3/src/zopfli/squeeze.c:58:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(dest->ll_symbols, source->ll_symbols, data/zopfli-1.0.3/src/zopfli/squeeze.c:60:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(dest->d_symbols, source->d_symbols, data/zopfli-1.0.3/src/zopfli/zopfli_bin.c:51:10: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). file = fopen(filename, "rb"); data/zopfli-1.0.3/src/zopfli/zopfli_bin.c:86:16: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). FILE* file = fopen(filename, "wb" ); data/zopfli-1.0.3/src/zopfli/zopfli_bin.c:165:31: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). options.numiterations = atoi(arg + 3); data/zopfli-1.0.3/src/zopflipng/lodepng/lodepng.cpp:383:10: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). file = fopen(filename, "rb"); data/zopfli-1.0.3/src/zopflipng/lodepng/lodepng.cpp:403:10: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). file = fopen(filename, "rb"); data/zopfli-1.0.3/src/zopflipng/lodepng/lodepng.cpp:427:10: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). file = fopen(filename, "wb" ); data/zopfli-1.0.3/src/zopflipng/lodepng/lodepng.cpp:2451:25: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. void lodepng_chunk_type(char type[5], const unsigned char* chunk) { data/zopfli-1.0.3/src/zopflipng/lodepng/lodepng.cpp:2519:89: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char* lodepng_chunk_find(unsigned char* chunk, const unsigned char* end, const char type[5]) { data/zopfli-1.0.3/src/zopflipng/lodepng/lodepng.cpp:2527:107: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. const unsigned char* lodepng_chunk_find_const(const unsigned char* chunk, const unsigned char* end, const char type[5]) { data/zopfli-1.0.3/src/zopflipng/lodepng/lodepng.cpp:3819:12: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char image[8]; data/zopfli-1.0.3/src/zopflipng/lodepng/lodepng.cpp:5047:12: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char data[13]; data/zopfli-1.0.3/src/zopflipng/lodepng/lodepng.cpp:5210:12: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char data[6]; data/zopfli-1.0.3/src/zopflipng/lodepng/lodepng.cpp:5232:12: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char data[7]; data/zopfli-1.0.3/src/zopflipng/lodepng/lodepng.cpp:5244:12: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char data[9]; data/zopfli-1.0.3/src/zopflipng/lodepng/lodepng.cpp:5251:12: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char data[4]; data/zopfli-1.0.3/src/zopflipng/lodepng/lodepng.cpp:5257:12: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char data[32]; data/zopfli-1.0.3/src/zopflipng/lodepng/lodepng.h:685:12: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char palette[1024]; /*Remembers up to the first 256 RGBA colors, in no particular order, only valid when numcolors is valid*/ data/zopfli-1.0.3/src/zopflipng/lodepng/lodepng.h:843:25: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. void lodepng_chunk_type(char type[5], const unsigned char* chunk); data/zopfli-1.0.3/src/zopflipng/lodepng/lodepng.h:882:89: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. unsigned char* lodepng_chunk_find(unsigned char* chunk, const unsigned char* end, const char type[5]); data/zopfli-1.0.3/src/zopflipng/lodepng/lodepng.h:883:107: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. const unsigned char* lodepng_chunk_find_const(const unsigned char* chunk, const unsigned char* end, const char type[5]); data/zopfli-1.0.3/src/zopflipng/lodepng/lodepng_util.cpp:47:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char type[5]; data/zopfli-1.0.3/src/zopflipng/lodepng/lodepng_util.cpp:73:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char type[5]; data/zopfli-1.0.3/src/zopflipng/lodepng/lodepng_util.cpp:112:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char type[5]; data/zopfli-1.0.3/src/zopflipng/lodepng/lodepng_util.cpp:163:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char type[5]; data/zopfli-1.0.3/src/zopflipng/zopflipng_bin.cc:53:16: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). FILE* file = fopen(filename.c_str(), "rb"); data/zopfli-1.0.3/src/zopflipng/zopflipng_bin.cc:64:16: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). FILE* file = fopen(filename.c_str(), "rb"); data/zopfli-1.0.3/src/zopflipng/zopflipng_bin.cc:192:17: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). int num = atoi(value.c_str()); data/zopfli-1.0.3/src/zopflipng/zopflipng_lib.cc:520:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(*resultpng, data/zopfli-1.0.3/src/zopfli/zopfli_bin.c:132:16: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). size_t len = strlen(str1) + strlen(str2); data/zopfli-1.0.3/src/zopfli/zopfli_bin.c:132:31: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). size_t len = strlen(str1) + strlen(str2); data/zopfli-1.0.3/src/zopflipng/zopflipng_bin.cc:428:30: [1] (buffer) getchar: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). while (int input = getchar()) { ANALYSIS SUMMARY: Hits = 41 Lines analyzed = 16279 in approximately 0.56 seconds (29257 lines/second) Physical Source Lines of Code (SLOC) = 10362 Hits@level = [0] 52 [1] 3 [2] 34 [3] 0 [4] 4 [5] 0 Hits@level+ = [0+] 93 [1+] 41 [2+] 38 [3+] 4 [4+] 4 [5+] 0 Hits/KSLOC@level+ = [0+] 8.9751 [1+] 3.95677 [2+] 3.66725 [3+] 0.386026 [4+] 0.386026 [5+] 0 Dot directories skipped = 1 (--followdotdir overrides) Minimum risk level = 1 Not every hit is necessarily a security vulnerability. There may be other security vulnerabilities; review your code! See 'Secure Programming HOWTO' (https://dwheeler.com/secure-programs) for more information.