Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler.
Number of rules (primarily dangerous function names) in C/C++ ruleset: 223
Examining data/zziplib-0.13.62/zzipwrap/zzipwrap.c
Examining data/zziplib-0.13.62/zzipwrap/wrap.c
Examining data/zziplib-0.13.62/zzipwrap/wrap.h
Examining data/zziplib-0.13.62/SDL/SDL_rwops_zzip.c
Examining data/zziplib-0.13.62/SDL/SDL_rwops_zzcat.c
Examining data/zziplib-0.13.62/SDL/SDL_rwops_zzip.h
Examining data/zziplib-0.13.62/bins/unzzipcat-mem.c
Examining data/zziplib-0.13.62/bins/zzdir.c
Examining data/zziplib-0.13.62/bins/zzobfuscated.c
Examining data/zziplib-0.13.62/bins/zzxorcat.c
Examining data/zziplib-0.13.62/bins/unzzipcat-seeko.c
Examining data/zziplib-0.13.62/bins/unzzipdir-mem.c
Examining data/zziplib-0.13.62/bins/zziptest.c
Examining data/zziplib-0.13.62/bins/unzzipdir.c
Examining data/zziplib-0.13.62/bins/unzip-mem.c
Examining data/zziplib-0.13.62/bins/zzxordir.c
Examining data/zziplib-0.13.62/bins/zzxorcopy.c
Examining data/zziplib-0.13.62/bins/zzcat.c
Examining data/zziplib-0.13.62/bins/zzip.c
Examining data/zziplib-0.13.62/bins/unzzip.c
Examining data/zziplib-0.13.62/bins/unzzipcat.c
Examining data/zziplib-0.13.62/zzip/plugin.c
Examining data/zziplib-0.13.62/zzip/conf.h
Examining data/zziplib-0.13.62/zzip/dir.c
Examining data/zziplib-0.13.62/zzip/__hints.h
Examining data/zziplib-0.13.62/zzip/__fnmatch.h
Examining data/zziplib-0.13.62/zzip/stat.c
Examining data/zziplib-0.13.62/zzip/info.c
Examining data/zziplib-0.13.62/zzip/err.c
Examining data/zziplib-0.13.62/zzip/file.h
Examining data/zziplib-0.13.62/zzip/info.h
Examining data/zziplib-0.13.62/zzip/write.h
Examining data/zziplib-0.13.62/zzip/autoconf.h
Examining data/zziplib-0.13.62/zzip/mmapped.h
Examining data/zziplib-0.13.62/zzip/__dirent.h
Examining data/zziplib-0.13.62/zzip/types.h
Examining data/zziplib-0.13.62/zzip/fseeko.h
Examining data/zziplib-0.13.62/zzip/stdint.h
Examining data/zziplib-0.13.62/zzip/zzip.h
Examining data/zziplib-0.13.62/zzip/fetch.h
Examining data/zziplib-0.13.62/zzip/file.c
Examining data/zziplib-0.13.62/zzip/plugin.h
Examining data/zziplib-0.13.62/zzip/_config.h
Examining data/zziplib-0.13.62/zzip/_msvc.h
Examining data/zziplib-0.13.62/zzip/__debug.h
Examining data/zziplib-0.13.62/zzip/write.c
Examining data/zziplib-0.13.62/zzip/fetch.c
Examining data/zziplib-0.13.62/zzip/__mmap.h
Examining data/zziplib-0.13.62/zzip/format.h
Examining data/zziplib-0.13.62/zzip/lib.h
Examining data/zziplib-0.13.62/zzip/zzip32.h
Examining data/zziplib-0.13.62/zzip/memdisk.h
Examining data/zziplib-0.13.62/zzip/fseeko.c
Examining data/zziplib-0.13.62/zzip/memdisk.c
Examining data/zziplib-0.13.62/zzip/mmapped.c
Examining data/zziplib-0.13.62/zzip/zip.c
Examining data/zziplib-0.13.62/test/zzipself.c
Examining data/zziplib-0.13.62/test/zzipsetstub.c
FINAL RESULTS:
data/zziplib-0.13.62/SDL/SDL_rwops_zzcat.c:24:9: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf (usage);
data/zziplib-0.13.62/bins/unzip-mem.c:324:2: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf (usage);
data/zziplib-0.13.62/bins/unzip-mem.c:329:2: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf (__FILE__" version "ZZIP_PACKAGE" "ZZIP_VERSION"\n");
data/zziplib-0.13.62/bins/unzip-mem.c:361:2: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf (usage);
data/zziplib-0.13.62/bins/unzzip.c:38:9: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf (usage);
data/zziplib-0.13.62/bins/unzzip.c:43:2: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf (__FILE__" version "ZZIP_PACKAGE" "ZZIP_VERSION"\n");
data/zziplib-0.13.62/bins/unzzipcat-mem.c:73:9: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf (usage);
data/zziplib-0.13.62/bins/unzzipcat-mem.c:78:2: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf (__FILE__" version "ZZIP_PACKAGE" "ZZIP_VERSION"\n");
data/zziplib-0.13.62/bins/unzzipcat-seeko.c:62:9: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf (usage);
data/zziplib-0.13.62/bins/unzzipcat-seeko.c:67:2: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf (__FILE__" version "ZZIP_PACKAGE" "ZZIP_VERSION"\n");
data/zziplib-0.13.62/bins/unzzipcat.c:73:9: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf (usage);
data/zziplib-0.13.62/bins/unzzipcat.c:78:2: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf (__FILE__" version "ZZIP_PACKAGE" "ZZIP_VERSION"\n");
data/zziplib-0.13.62/bins/unzzipdir-mem.c:44:9: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf (usage);
data/zziplib-0.13.62/bins/unzzipdir-mem.c:49:2: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf (__FILE__" version "ZZIP_PACKAGE" "ZZIP_VERSION"\n");
data/zziplib-0.13.62/bins/unzzipdir.c:44:9: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf (usage);
data/zziplib-0.13.62/bins/unzzipdir.c:49:2: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf (__FILE__" version "ZZIP_PACKAGE" "ZZIP_VERSION"\n");
data/zziplib-0.13.62/bins/zzcat.c:30:9: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf (usage);
data/zziplib-0.13.62/bins/zzcat.c:35:2: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf (__FILE__" version "ZZIP_PACKAGE" "ZZIP_VERSION"\n");
data/zziplib-0.13.62/bins/zzdir.c:31:9: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf (usage);
data/zziplib-0.13.62/bins/zzdir.c:36:2: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf (__FILE__" version "ZZIP_PACKAGE" "ZZIP_VERSION"\n");
data/zziplib-0.13.62/bins/zzip.c:41:9: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf (usage);
data/zziplib-0.13.62/bins/zzip.c:46:2: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf (__FILE__" version "ZZIP_PACKAGE" "ZZIP_VERSION"\n");
data/zziplib-0.13.62/bins/zziptest.c:56:6: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf (__FILE__" version "ZZIP_PACKAGE" "ZZIP_VERSION"\n");
data/zziplib-0.13.62/bins/zzobfuscated.c:71:9: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf (usage);
data/zziplib-0.13.62/bins/zzobfuscated.c:76:2: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf (__FILE__" version "ZZIP_PACKAGE" "ZZIP_VERSION"\n");
data/zziplib-0.13.62/bins/zzobfuscated.c:117:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(name, "obfuscated/%s", argv[argn]);
data/zziplib-0.13.62/bins/zzxorcat.c:58:9: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf (usage);
data/zziplib-0.13.62/bins/zzxorcat.c:63:2: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf (__FILE__" version "ZZIP_PACKAGE" "ZZIP_VERSION"\n");
data/zziplib-0.13.62/bins/zzxorcopy.c:56:9: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf (usage);
data/zziplib-0.13.62/bins/zzxorcopy.c:61:2: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf (__FILE__" version "ZZIP_PACKAGE" "ZZIP_VERSION"\n");
data/zziplib-0.13.62/bins/zzxorcopy.c:78:6: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf (usage);
data/zziplib-0.13.62/bins/zzxordir.c:62:9: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf (usage);
data/zziplib-0.13.62/bins/zzxordir.c:67:2: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf (__FILE__" version "ZZIP_PACKAGE" "ZZIP_VERSION"\n");
data/zziplib-0.13.62/test/zzipself.c:31:9: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf (usage);
data/zziplib-0.13.62/test/zzipsetstub.c:18:9: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf (usage);
data/zziplib-0.13.62/zzip/__dirent.h:179:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (nd->dd_name, szPath);
data/zziplib-0.13.62/zzip/__dirent.h:185:2: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat (nd->dd_name, win32_SLASH);
data/zziplib-0.13.62/zzip/__dirent.h:189:5: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat (nd->dd_name, win32_SUFFIX);
data/zziplib-0.13.62/zzip/dir.c:83:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(filename, dir->realname);
data/zziplib-0.13.62/zzip/dir.c:85:5: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(filename, dirent->d_name);
data/zziplib-0.13.62/zzip/zip.c:810:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(file + len, *ext);
data/zziplib-0.13.62/zzipwrap/zzipwrap.c:48:9: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf (usage);
data/zziplib-0.13.62/SDL/SDL_rwops_zzcat.c:38:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[17];
data/zziplib-0.13.62/bins/unzip-mem.c:92:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[1024]; int len;
data/zziplib-0.13.62/bins/unzip-mem.c:103:18: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE* file = fopen (entry->zz_name, "w");
data/zziplib-0.13.62/bins/unzip-mem.c:126:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buffer[1024]; int len;
data/zziplib-0.13.62/bins/unzip-mem.c:162:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char _zzip_time_[30];
data/zziplib-0.13.62/bins/unzip-mem.c:166:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (_zzip_time_, "%02i-%02i-%02i %02i:%02i",
data/zziplib-0.13.62/bins/unzzip.c:87:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[17]; zzip_ssize_t n;
data/zziplib-0.13.62/bins/unzzipcat-mem.c:42:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[1024]; int len;
data/zziplib-0.13.62/bins/unzzipcat-mem.c:55:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[1024]; int len;
data/zziplib-0.13.62/bins/unzzipcat-seeko.c:33:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[1024]; int len;
data/zziplib-0.13.62/bins/unzzipcat-seeko.c:46:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[1024]; int len;
data/zziplib-0.13.62/bins/unzzipcat-seeko.c:71:12: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
disk = fopen (argv[1], "r");
data/zziplib-0.13.62/bins/unzzipcat.c:42:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[1024]; int len;
data/zziplib-0.13.62/bins/unzzipcat.c:55:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[1024]; int len;
data/zziplib-0.13.62/bins/zzcat.c:48:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[17];
data/zziplib-0.13.62/bins/zzip.c:63:14: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
int input = open (argv[argn], O_RDONLY);
data/zziplib-0.13.62/bins/zzip.c:71:6: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[17]; zzip_ssize_t n;
data/zziplib-0.13.62/bins/zziptest.c:65:17: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
{ int fd = open (name, O_RDONLY|O_BINARY);
data/zziplib-0.13.62/bins/zziptest.c:121:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[17];
data/zziplib-0.13.62/bins/zzobfuscated.c:90:16: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fin = fopen(argv[1], "rb");
data/zziplib-0.13.62/bins/zzobfuscated.c:95:16: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fout = fopen((argc == 2) ? "obfuscated" : "obfuscated.dat", "wb");
data/zziplib-0.13.62/bins/zzobfuscated.c:115:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[256];
data/zziplib-0.13.62/bins/zzobfuscated.c:119:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(name, "obfuscated");
data/zziplib-0.13.62/bins/zzobfuscated.c:129:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[17];
data/zziplib-0.13.62/bins/zzxorcat.c:75:46: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (isdigit(argv[argn][1])) xor_value = atoi (argv[argn]+1);
data/zziplib-0.13.62/bins/zzxorcat.c:87:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[17];
data/zziplib-0.13.62/bins/zzxorcopy.c:72:46: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (isdigit(argv[argn][1])) xor_value = atoi (argv[argn]+1);
data/zziplib-0.13.62/bins/zzxorcopy.c:82:14: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
iF = fopen (argv[argn], "rb");
data/zziplib-0.13.62/bins/zzxorcopy.c:85:14: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
oF = fopen (argv[argn], "wb");
data/zziplib-0.13.62/bins/zzxorcopy.c:89:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[17];
data/zziplib-0.13.62/bins/zzxordir.c:80:46: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (isdigit(argv[argn][1])) xor_value = atoi (argv[argn]+1);
data/zziplib-0.13.62/test/zzipself.c:55:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[17];
data/zziplib-0.13.62/test/zzipsetstub.c:23:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[17]; int n;
data/zziplib-0.13.62/test/zzipsetstub.c:35:12: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
zipFILE = fopen (zipfile, "r+b");
data/zziplib-0.13.62/test/zzipsetstub.c:38:12: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
sfxFILE = fopen (sfxfile, "rb");
data/zziplib-0.13.62/zzip/__dirent.h:101:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char dd_name[1];
data/zziplib-0.13.62/zzip/dir.c:76:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char filename[PATH_MAX];
data/zziplib-0.13.62/zzip/file.c:774:26: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
int fd = (os->fd.open)(filename, o_flags); /* io->fd.open */
data/zziplib-0.13.62/zzip/file.c:806:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char basename[PATH_MAX];
data/zziplib-0.13.62/zzip/file.c:812:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(basename, filename, filename_len + 1);
data/zziplib-0.13.62/zzip/fseeko.c:156:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(name, entry->tail, len);
data/zziplib-0.13.62/zzip/fseeko.c:511:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buffer[PAGESIZE]; /* work buffer for inflate algorithm */
data/zziplib-0.13.62/zzip/fseeko.c:536:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(found, entry, sizeof(*entry)); /* prescan_copy */
data/zziplib-0.13.62/zzip/fseeko.c:540:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(found->tail, entry->tail, entry->tailalloc);
data/zziplib-0.13.62/zzip/lib.h:42:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char d_name[1]; /* the actual name of the entry, may contain DIRSEPs */
data/zziplib-0.13.62/zzip/memdisk.c:213:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(mem, ptr1, ext1);
data/zziplib-0.13.62/zzip/memdisk.c:214:15: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
((char *) (mem))[ext1 + 0] = 0;
data/zziplib-0.13.62/zzip/memdisk.c:215:15: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
((char *) (mem))[ext1 + 1] = 0;
data/zziplib-0.13.62/zzip/memdisk.c:222:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(mem, ptr2, ext2);
data/zziplib-0.13.62/zzip/memdisk.c:223:15: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
((char *) (mem))[ext2 + 0] = 0;
data/zziplib-0.13.62/zzip/memdisk.c:224:15: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
((char *) (mem))[ext2 + 1] = 0;
data/zziplib-0.13.62/zzip/mmapped.c:149:18: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
___ int fd = open(filename, O_RDONLY | O_BINARY);
data/zziplib-0.13.62/zzip/mmapped.c:622:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ptr, file->stored, size);
data/zziplib-0.13.62/zzip/plugin.c:47:6: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
&open,
data/zziplib-0.13.62/zzip/plugin.c:81:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(io, &default_io, sizeof(default_io));
data/zziplib-0.13.62/zzip/plugin.h:45:20: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
int (*open)(zzip_char_t* name, int flags, ...);
data/zziplib-0.13.62/zzip/write.c:156:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(dir->realname, name, name_len + 1);
data/zziplib-0.13.62/zzip/write.c:176:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(dir->realname + name_len, exx, exx_len); /* append! */
data/zziplib-0.13.62/zzip/write.c:179:22: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fd = (io->fd.open)(dir->realname, O_CREAT | O_TRUNC | O_WRONLY, o_mode);
data/zziplib-0.13.62/zzip/zip.c:193:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
auto char buffer[2 * ZZIP_BUFSIZ];
data/zziplib-0.13.62/zzip/zip.c:308:25: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(trailer, tail, sizeof(*trailer));
data/zziplib-0.13.62/zzip/zip.c:311:25: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(trailer, tail, sizeof(*trailer) - 2);
data/zziplib-0.13.62/zzip/zip.c:542:16: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
{ memcpy(hdr->d_name, fd_map+zz_fd_gap + zz_offset+sizeof(*d), u_namlen); }
data/zziplib-0.13.62/zzip/zip.c:795:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
auto char file[PATH_MAX];
data/zziplib-0.13.62/zzip/zip.c:801:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(file, filename, len + 1);
data/zziplib-0.13.62/zzip/zip.c:811:22: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fd = (io->fd.open)(file, filemode);
data/zziplib-0.13.62/zzip/zip.c:846:18: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fd = (io->fd.open)(filename, O_RDONLY | O_BINARY);
data/zziplib-0.13.62/zzipwrap/wrap.c:108:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (&buf[bytes_written], &zzip_memory_buffer[transfer_start],transfer_bytes);
data/zziplib-0.13.62/zzipwrap/wrap.c:132:5: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fd=open(pathname, flags);
data/zziplib-0.13.62/bins/unzip-mem.c:119:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen (entry->zz_name) < 24) {
data/zziplib-0.13.62/bins/unzip-mem.c:120:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
printf ("%.*s", 24 - (int) strlen (entry->zz_name),
data/zziplib-0.13.62/bins/zzip.c:81:18: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
while ((n = read (input, buf, 16)))
data/zziplib-0.13.62/bins/zzobfuscated.c:41:32: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
const zzip_ssize_t bytes = read(fd, buf, len);
data/zziplib-0.13.62/bins/zzobfuscated.c:80:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(argv[1]) > 128) {
data/zziplib-0.13.62/bins/zzobfuscated.c:100:22: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
while ((ch = fgetc(fin)) != EOF) {
data/zziplib-0.13.62/bins/zzxorcat.c:42:22: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
zzip_ssize_t r = read(f, p, l);
data/zziplib-0.13.62/bins/zzxordir.c:45:22: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
zzip_ssize_t r = read(f, p, l);
data/zziplib-0.13.62/zzip/__dirent.h:169:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
nd = (DIR *) calloc (1, sizeof (DIR) + strlen (szPath)
data/zziplib-0.13.62/zzip/__dirent.h:170:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
+ strlen (win32_SLASH) + strlen (win32_SUFFIX));
data/zziplib-0.13.62/zzip/__dirent.h:170:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
+ strlen (win32_SLASH) + strlen (win32_SUFFIX));
data/zziplib-0.13.62/zzip/__dirent.h:183:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
nd->dd_name[strlen (nd->dd_name) - 1] != '/' &&
data/zziplib-0.13.62/zzip/__dirent.h:184:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
nd->dd_name[strlen (nd->dd_name) - 1] != '\\') {
data/zziplib-0.13.62/zzip/__dirent.h:263:43: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
dirp->dd_dir.d_namlen = (unsigned short) strlen (dirp->dd_dir.d_name);
data/zziplib-0.13.62/zzip/conf.h:197:23: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
# define _zzip_read read
data/zziplib-0.13.62/zzip/dir.c:84:5: [1] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant character.
strcat(filename, "/");
data/zziplib-0.13.62/zzip/file.c:276:39: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
dataoff = dir->io->fd.read(dir->fd, (void *) p, sizeof(*p));
data/zziplib-0.13.62/zzip/file.c:427:45: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
zzip_ssize_t i = fp->io->fd.read(dir->fd, fp->buf32k, cl);
data/zziplib-0.13.62/zzip/file.c:455:25: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
rv = fp->io->fd.read(dir->fd, buf, l);
data/zziplib-0.13.62/zzip/file.c:481:29: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
{ return fp->io->fd.read(fp->fd, buf, len); } /* stat fd */
data/zziplib-0.13.62/zzip/file.c:808:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int filename_len = strlen(filename);
data/zziplib-0.13.62/zzip/file.c:817:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
zzip_size_t len = strlen(stream->dir->realname);
data/zziplib-0.13.62/zzip/mmapped.c:158:24: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if ((st.st_size == read(fd, buffer, st.st_size)) &&
data/zziplib-0.13.62/zzip/mmapped.c:231:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(r, p, maxlen);
data/zziplib-0.13.62/zzip/plugin.h:47:20: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
zzip_ssize_t (*read)(int fd, void* buf, zzip_size_t len);
data/zziplib-0.13.62/zzip/write.c:151:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int name_len = strlen(name);
data/zziplib-0.13.62/zzip/write.c:167:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((exx_len = strlen(*exx) + 1) <= name_len &&
data/zziplib-0.13.62/zzip/write.c:174:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (! (exx_len = strlen(*exx)) || exx_len >= MAX_EXT_LEN)
data/zziplib-0.13.62/zzip/zip.c:287:24: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (io->fd.read(fd, buf, (zzip_size_t) maplen) < maplen)
data/zziplib-0.13.62/zzip/zip.c:484:24: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (io->fd.read(fd, &dirent, sizeof(dirent)) < __sizeof(dirent))
data/zziplib-0.13.62/zzip/zip.c:544:22: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
{ io->fd.read(fd, hdr->d_name, u_namlen); }
data/zziplib-0.13.62/zzip/zip.c:797:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
zzip_size_t len = strlen(filename);
data/zziplib-0.13.62/zzipwrap/wrap.c:86:15: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
bytes_read=read(fd,zzip_memory_buffer,zzip_memory_blocksize);
ANALYSIS SUMMARY:
Hits = 144
Lines analyzed = 11571 in approximately 0.39 seconds (29527 lines/second)
Physical Source Lines of Code (SLOC) = 7698
Hits@level = [0] 101 [1] 33 [2] 69 [3] 0 [4] 42 [5] 0
Hits@level+ = [0+] 245 [1+] 144 [2+] 111 [3+] 42 [4+] 42 [5+] 0
Hits/KSLOC@level+ = [0+] 31.8264 [1+] 18.7062 [2+] 14.4193 [3+] 5.45596 [4+] 5.45596 [5+] 0
Dot directories skipped = 1 (--followdotdir overrides)
Minimum risk level = 1
Not every hit is necessarily a security vulnerability.
There may be other security vulnerabilities; review your code!
See 'Secure Programming HOWTO'
(https://dwheeler.com/secure-programs) for more information.