Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler.
Number of rules (primarily dangerous function names) in C/C++ ruleset: 223
Examining data/aggdraw-1.3.12/agg2/font_freetype/agg_font_freetype.cpp
Examining data/aggdraw-1.3.12/agg2/font_freetype/agg_font_freetype.h
Examining data/aggdraw-1.3.12/agg2/include/agg_alpha_mask_u8.h
Examining data/aggdraw-1.3.12/agg2/include/agg_arc.h
Examining data/aggdraw-1.3.12/agg2/include/agg_array.h
Examining data/aggdraw-1.3.12/agg2/include/agg_arrowhead.h
Examining data/aggdraw-1.3.12/agg2/include/agg_basics.h
Examining data/aggdraw-1.3.12/agg2/include/agg_bezier_arc.h
Examining data/aggdraw-1.3.12/agg2/include/agg_bitset_iterator.h
Examining data/aggdraw-1.3.12/agg2/include/agg_bounding_rect.h
Examining data/aggdraw-1.3.12/agg2/include/agg_bspline.h
Examining data/aggdraw-1.3.12/agg2/include/agg_clip_liang_barsky.h
Examining data/aggdraw-1.3.12/agg2/include/agg_color_rgba.h
Examining data/aggdraw-1.3.12/agg2/include/agg_color_rgba8.h
Examining data/aggdraw-1.3.12/agg2/include/agg_conv_adaptor_vcgen.h
Examining data/aggdraw-1.3.12/agg2/include/agg_conv_adaptor_vpgen.h
Examining data/aggdraw-1.3.12/agg2/include/agg_conv_bspline.h
Examining data/aggdraw-1.3.12/agg2/include/agg_conv_clip_polygon.h
Examining data/aggdraw-1.3.12/agg2/include/agg_conv_close_polygon.h
Examining data/aggdraw-1.3.12/agg2/include/agg_conv_concat.h
Examining data/aggdraw-1.3.12/agg2/include/agg_conv_contour.h
Examining data/aggdraw-1.3.12/agg2/include/agg_conv_curve.h
Examining data/aggdraw-1.3.12/agg2/include/agg_conv_dash.h
Examining data/aggdraw-1.3.12/agg2/include/agg_conv_gpc.h
Examining data/aggdraw-1.3.12/agg2/include/agg_conv_marker.h
Examining data/aggdraw-1.3.12/agg2/include/agg_conv_marker_adaptor.h
Examining data/aggdraw-1.3.12/agg2/include/agg_conv_segmentator.h
Examining data/aggdraw-1.3.12/agg2/include/agg_conv_shorten_path.h
Examining data/aggdraw-1.3.12/agg2/include/agg_conv_smooth_poly1.h
Examining data/aggdraw-1.3.12/agg2/include/agg_conv_stroke.h
Examining data/aggdraw-1.3.12/agg2/include/agg_conv_transform.h
Examining data/aggdraw-1.3.12/agg2/include/agg_conv_unclose_polygon.h
Examining data/aggdraw-1.3.12/agg2/include/agg_curves.h
Examining data/aggdraw-1.3.12/agg2/include/agg_dda_line.h
Examining data/aggdraw-1.3.12/agg2/include/agg_ellipse.h
Examining data/aggdraw-1.3.12/agg2/include/agg_ellipse_bresenham.h
Examining data/aggdraw-1.3.12/agg2/include/agg_embedded_raster_fonts.h
Examining data/aggdraw-1.3.12/agg2/include/agg_font_cache_manager.h
Examining data/aggdraw-1.3.12/agg2/include/agg_gamma_functions.h
Examining data/aggdraw-1.3.12/agg2/include/agg_gamma_lut.h
Examining data/aggdraw-1.3.12/agg2/include/agg_glyph_raster_bin.h
Examining data/aggdraw-1.3.12/agg2/include/agg_gray8.h
Examining data/aggdraw-1.3.12/agg2/include/agg_gsv_text.h
Examining data/aggdraw-1.3.12/agg2/include/agg_image_filters.h
Examining data/aggdraw-1.3.12/agg2/include/agg_line_aa_basics.h
Examining data/aggdraw-1.3.12/agg2/include/agg_math.h
Examining data/aggdraw-1.3.12/agg2/include/agg_path_storage.h
Examining data/aggdraw-1.3.12/agg2/include/agg_path_storage_integer.h
Examining data/aggdraw-1.3.12/agg2/include/agg_pattern_filters_rgba8.h
Examining data/aggdraw-1.3.12/agg2/include/agg_pixfmt_amask_adaptor.h
Examining data/aggdraw-1.3.12/agg2/include/agg_pixfmt_gray8.h
Examining data/aggdraw-1.3.12/agg2/include/agg_pixfmt_rgb24.h
Examining data/aggdraw-1.3.12/agg2/include/agg_pixfmt_rgb24_gamma.h
Examining data/aggdraw-1.3.12/agg2/include/agg_pixfmt_rgb24_pre.h
Examining data/aggdraw-1.3.12/agg2/include/agg_pixfmt_rgb555.h
Examining data/aggdraw-1.3.12/agg2/include/agg_pixfmt_rgb565.h
Examining data/aggdraw-1.3.12/agg2/include/agg_pixfmt_rgba32.h
Examining data/aggdraw-1.3.12/agg2/include/agg_pixfmt_rgba32_plain.h
Examining data/aggdraw-1.3.12/agg2/include/agg_pixfmt_rgba32_pre.h
Examining data/aggdraw-1.3.12/agg2/include/agg_rasterizer_outline.h
Examining data/aggdraw-1.3.12/agg2/include/agg_rasterizer_outline_aa.h
Examining data/aggdraw-1.3.12/agg2/include/agg_rasterizer_scanline_aa.h
Examining data/aggdraw-1.3.12/agg2/include/agg_render_scanlines.h
Examining data/aggdraw-1.3.12/agg2/include/agg_renderer_base.h
Examining data/aggdraw-1.3.12/agg2/include/agg_renderer_markers.h
Examining data/aggdraw-1.3.12/agg2/include/agg_renderer_mclip.h
Examining data/aggdraw-1.3.12/agg2/include/agg_renderer_outline_aa.h
Examining data/aggdraw-1.3.12/agg2/include/agg_renderer_outline_image.h
Examining data/aggdraw-1.3.12/agg2/include/agg_renderer_primitives.h
Examining data/aggdraw-1.3.12/agg2/include/agg_renderer_raster_text.h
Examining data/aggdraw-1.3.12/agg2/include/agg_renderer_scanline.h
Examining data/aggdraw-1.3.12/agg2/include/agg_rendering_buffer.h
Examining data/aggdraw-1.3.12/agg2/include/agg_rounded_rect.h
Examining data/aggdraw-1.3.12/agg2/include/agg_scanline_bin.h
Examining data/aggdraw-1.3.12/agg2/include/agg_scanline_boolean_algebra.h
Examining data/aggdraw-1.3.12/agg2/include/agg_scanline_p.h
Examining data/aggdraw-1.3.12/agg2/include/agg_scanline_storage_aa.h
Examining data/aggdraw-1.3.12/agg2/include/agg_scanline_storage_bin.h
Examining data/aggdraw-1.3.12/agg2/include/agg_scanline_u.h
Examining data/aggdraw-1.3.12/agg2/include/agg_shorten_path.h
Examining data/aggdraw-1.3.12/agg2/include/agg_simul_eq.h
Examining data/aggdraw-1.3.12/agg2/include/agg_span_allocator.h
Examining data/aggdraw-1.3.12/agg2/include/agg_span_converter.h
Examining data/aggdraw-1.3.12/agg2/include/agg_span_generator.h
Examining data/aggdraw-1.3.12/agg2/include/agg_span_gouraud.h
Examining data/aggdraw-1.3.12/agg2/include/agg_span_gouraud_gray8.h
Examining data/aggdraw-1.3.12/agg2/include/agg_span_gouraud_rgba8.h
Examining data/aggdraw-1.3.12/agg2/include/agg_span_gouraud_rgba8_gamma.h
Examining data/aggdraw-1.3.12/agg2/include/agg_span_gradient.h
Examining data/aggdraw-1.3.12/agg2/include/agg_span_image_filter.h
Examining data/aggdraw-1.3.12/agg2/include/agg_span_image_filter_rgb24.h
Examining data/aggdraw-1.3.12/agg2/include/agg_span_image_filter_rgb24_gamma.h
Examining data/aggdraw-1.3.12/agg2/include/agg_span_image_filter_rgba32.h
Examining data/aggdraw-1.3.12/agg2/include/agg_span_interpolator_adaptor.h
Examining data/aggdraw-1.3.12/agg2/include/agg_span_interpolator_linear.h
Examining data/aggdraw-1.3.12/agg2/include/agg_span_interpolator_trans.h
Examining data/aggdraw-1.3.12/agg2/include/agg_span_pattern.h
Examining data/aggdraw-1.3.12/agg2/include/agg_span_pattern_rgb24.h
Examining data/aggdraw-1.3.12/agg2/include/agg_span_pattern_rgba32.h
Examining data/aggdraw-1.3.12/agg2/include/agg_span_solid.h
Examining data/aggdraw-1.3.12/agg2/include/agg_trans_affine.h
Examining data/aggdraw-1.3.12/agg2/include/agg_trans_bilinear.h
Examining data/aggdraw-1.3.12/agg2/include/agg_trans_double_path.h
Examining data/aggdraw-1.3.12/agg2/include/agg_trans_perspective.h
Examining data/aggdraw-1.3.12/agg2/include/agg_trans_single_path.h
Examining data/aggdraw-1.3.12/agg2/include/agg_trans_viewport.h
Examining data/aggdraw-1.3.12/agg2/include/agg_trans_warp_magnifier.h
Examining data/aggdraw-1.3.12/agg2/include/agg_vcgen_bspline.h
Examining data/aggdraw-1.3.12/agg2/include/agg_vcgen_contour.h
Examining data/aggdraw-1.3.12/agg2/include/agg_vcgen_dash.h
Examining data/aggdraw-1.3.12/agg2/include/agg_vcgen_markers_term.h
Examining data/aggdraw-1.3.12/agg2/include/agg_vcgen_smooth_poly1.h
Examining data/aggdraw-1.3.12/agg2/include/agg_vcgen_stroke.h
Examining data/aggdraw-1.3.12/agg2/include/agg_vcgen_vertex_sequence.h
Examining data/aggdraw-1.3.12/agg2/include/agg_vertex_iterator.h
Examining data/aggdraw-1.3.12/agg2/include/agg_vertex_sequence.h
Examining data/aggdraw-1.3.12/agg2/include/agg_vpgen_clip_polygon.h
Examining data/aggdraw-1.3.12/agg2/include/agg_vpgen_segmentator.h
Examining data/aggdraw-1.3.12/agg2/include/ctrl/agg_cbox_ctrl.h
Examining data/aggdraw-1.3.12/agg2/include/ctrl/agg_ctrl.h
Examining data/aggdraw-1.3.12/agg2/include/ctrl/agg_gamma_ctrl.h
Examining data/aggdraw-1.3.12/agg2/include/ctrl/agg_gamma_spline.h
Examining data/aggdraw-1.3.12/agg2/include/ctrl/agg_rbox_ctrl.h
Examining data/aggdraw-1.3.12/agg2/include/ctrl/agg_scale_ctrl.h
Examining data/aggdraw-1.3.12/agg2/include/ctrl/agg_slider_ctrl.h
Examining data/aggdraw-1.3.12/agg2/include/ctrl/agg_spline_ctrl.h
Examining data/aggdraw-1.3.12/agg2/include/dbg_new/agg_dbg_new.h
Examining data/aggdraw-1.3.12/agg2/include/platform/agg_platform_support.h
Examining data/aggdraw-1.3.12/agg2/include/platform/mac/agg_mac_pmap.h
Examining data/aggdraw-1.3.12/agg2/include/platform/win32/agg_win32_bmp.h
Examining data/aggdraw-1.3.12/agg2/include/util/agg_color_conv.h
Examining data/aggdraw-1.3.12/agg2/include/util/agg_color_conv_rgb8.h
Examining data/aggdraw-1.3.12/agg2/src/agg_arc.cpp
Examining data/aggdraw-1.3.12/agg2/src/agg_arrowhead.cpp
Examining data/aggdraw-1.3.12/agg2/src/agg_bezier_arc.cpp
Examining data/aggdraw-1.3.12/agg2/src/agg_bspline.cpp
Examining data/aggdraw-1.3.12/agg2/src/agg_curves.cpp
Examining data/aggdraw-1.3.12/agg2/src/agg_embedded_raster_fonts.cpp
Examining data/aggdraw-1.3.12/agg2/src/agg_gsv_text.cpp
Examining data/aggdraw-1.3.12/agg2/src/agg_image_filters.cpp
Examining data/aggdraw-1.3.12/agg2/src/agg_line_aa_basics.cpp
Examining data/aggdraw-1.3.12/agg2/src/agg_line_profile_aa.cpp
Examining data/aggdraw-1.3.12/agg2/src/agg_path_storage.cpp
Examining data/aggdraw-1.3.12/agg2/src/agg_rasterizer_scanline_aa.cpp
Examining data/aggdraw-1.3.12/agg2/src/agg_rounded_rect.cpp
Examining data/aggdraw-1.3.12/agg2/src/agg_sqrt_tables.cpp
Examining data/aggdraw-1.3.12/agg2/src/agg_trans_affine.cpp
Examining data/aggdraw-1.3.12/agg2/src/agg_trans_double_path.cpp
Examining data/aggdraw-1.3.12/agg2/src/agg_trans_single_path.cpp
Examining data/aggdraw-1.3.12/agg2/src/agg_trans_warp_magnifier.cpp
Examining data/aggdraw-1.3.12/agg2/src/agg_vcgen_bspline.cpp
Examining data/aggdraw-1.3.12/agg2/src/agg_vcgen_contour.cpp
Examining data/aggdraw-1.3.12/agg2/src/agg_vcgen_dash.cpp
Examining data/aggdraw-1.3.12/agg2/src/agg_vcgen_markers_term.cpp
Examining data/aggdraw-1.3.12/agg2/src/agg_vcgen_smooth_poly1.cpp
Examining data/aggdraw-1.3.12/agg2/src/agg_vcgen_stroke.cpp
Examining data/aggdraw-1.3.12/agg2/src/agg_vpgen_clip_polygon.cpp
Examining data/aggdraw-1.3.12/agg2/src/agg_vpgen_segmentator.cpp
Examining data/aggdraw-1.3.12/agg2/src/ctrl/agg_cbox_ctrl.cpp
Examining data/aggdraw-1.3.12/agg2/src/ctrl/agg_gamma_ctrl.cpp
Examining data/aggdraw-1.3.12/agg2/src/ctrl/agg_gamma_spline.cpp
Examining data/aggdraw-1.3.12/agg2/src/ctrl/agg_rbox_ctrl.cpp
Examining data/aggdraw-1.3.12/agg2/src/ctrl/agg_scale_ctrl.cpp
Examining data/aggdraw-1.3.12/agg2/src/ctrl/agg_slider_ctrl.cpp
Examining data/aggdraw-1.3.12/agg2/src/ctrl/agg_spline_ctrl.cpp
Examining data/aggdraw-1.3.12/agg2/src/dbg_new/agg_dbg_new.cpp
Examining data/aggdraw-1.3.12/agg2/src/platform/BeOS/agg_platform_support.cpp
Examining data/aggdraw-1.3.12/agg2/src/platform/X11/agg_platform_support.cpp
Examining data/aggdraw-1.3.12/agg2/src/platform/mac/agg_mac_pmap.cpp
Examining data/aggdraw-1.3.12/agg2/src/platform/mac/agg_platform_support.cpp
Examining data/aggdraw-1.3.12/agg2/src/platform/sdl/agg_platform_support.cpp
Examining data/aggdraw-1.3.12/agg2/src/platform/win32/agg_platform_support.cpp
Examining data/aggdraw-1.3.12/agg2/src/platform/win32/agg_win32_bmp.cpp
Examining data/aggdraw-1.3.12/aggdraw.cxx
FINAL RESULTS:
data/aggdraw-1.3.12/agg2/font_freetype/agg_font_freetype.cpp:540:21: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(m_face_names[m_num_faces], font_name);
data/aggdraw-1.3.12/agg2/font_freetype/agg_font_freetype.cpp:765:13: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(m_signature,
data/aggdraw-1.3.12/agg2/include/agg_font_cache_manager.h:60:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(m_font_signature, font_signature);
data/aggdraw-1.3.12/agg2/include/dbg_new/agg_dbg_new.h:39:17: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
inline void printf(char* fmt, ...)
data/aggdraw-1.3.12/agg2/include/dbg_new/agg_dbg_new.h:45:8: [4] (format) vsprintf:
Potential format string problem (CWE-134). Make format string constant.
vsprintf(msg, fmt, arg);
data/aggdraw-1.3.12/agg2/src/ctrl/agg_rbox_ctrl.cpp:77:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(m_items[m_num_items], text);
data/aggdraw-1.3.12/agg2/src/ctrl/agg_slider_ctrl.cpp:165:17: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(buf, m_label, value());
data/aggdraw-1.3.12/agg2/src/dbg_new/agg_dbg_new.cpp:338:11: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
::strcpy(inf_ptr, file);
data/aggdraw-1.3.12/agg2/src/platform/BeOS/agg_platform_support.cpp:557:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(m_caption, cap);
data/aggdraw-1.3.12/agg2/src/platform/X11/agg_platform_support.cpp:369:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(m_caption, cap);
data/aggdraw-1.3.12/agg2/src/platform/X11/agg_platform_support.cpp:1004:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(buf, file);
data/aggdraw-1.3.12/agg2/src/platform/X11/agg_platform_support.cpp:1142:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(buf, file);
data/aggdraw-1.3.12/agg2/src/platform/mac/agg_platform_support.cpp:464:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(m_caption, cap);
data/aggdraw-1.3.12/agg2/src/platform/mac/agg_platform_support.cpp:638:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(fn, file);
data/aggdraw-1.3.12/agg2/src/platform/mac/agg_platform_support.cpp:657:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(fn, file);
data/aggdraw-1.3.12/agg2/src/platform/sdl/agg_platform_support.cpp:185:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(m_caption, cap);
data/aggdraw-1.3.12/agg2/src/platform/sdl/agg_platform_support.cpp:496:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(fn, file);
data/aggdraw-1.3.12/agg2/src/platform/sdl/agg_platform_support.cpp:558:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(fn, file);
data/aggdraw-1.3.12/agg2/src/platform/win32/agg_platform_support.cpp:446:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(m_caption, cap);
data/aggdraw-1.3.12/agg2/src/platform/win32/agg_platform_support.cpp:966:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(fn, file);
data/aggdraw-1.3.12/agg2/src/platform/win32/agg_platform_support.cpp:985:13: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(fn, file);
data/aggdraw-1.3.12/aggdraw.cxx:1912:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(self->filename, filename);
data/aggdraw-1.3.12/agg2/font_freetype/agg_font_freetype.cpp:524:21: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(m_faces,
data/aggdraw-1.3.12/agg2/font_freetype/agg_font_freetype.cpp:527:21: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(m_face_names,
data/aggdraw-1.3.12/agg2/font_freetype/agg_font_freetype.cpp:756:26: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char gamma_table[rasterizer_scanline_aa<>::aa_num];
data/aggdraw-1.3.12/agg2/include/agg_array.h:83:17: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(data, m_array, m_size * sizeof(T));
data/aggdraw-1.3.12/agg2/include/agg_array.h:107:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(m_array, v.m_array, sizeof(T) * v.m_size);
data/aggdraw-1.3.12/agg2/include/agg_array.h:115:22: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
if(v.m_size) memcpy(m_array, v.m_array, sizeof(T) * v.m_size);
data/aggdraw-1.3.12/agg2/include/agg_array.h:326:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(m_blocks[i], v.m_blocks[i], block_size * sizeof(T));
data/aggdraw-1.3.12/agg2/include/agg_array.h:342:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(m_blocks[i], v.m_blocks[i], block_size * sizeof(T));
data/aggdraw-1.3.12/agg2/include/agg_array.h:359:17: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(new_blocks,
data/aggdraw-1.3.12/agg2/include/agg_array.h:459:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ptr, &(*this)[i], sizeof(T));
data/aggdraw-1.3.12/agg2/include/agg_array.h:554:21: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(new_blocks,
data/aggdraw-1.3.12/agg2/include/agg_font_cache_manager.h:170:21: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(m_fonts,
data/aggdraw-1.3.12/agg2/include/agg_gsv_text.h:90:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char m_chr[2];
data/aggdraw-1.3.12/agg2/include/agg_path_storage_integer.h:126:17: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ptr, &m_storage[i], sizeof(vertex_integer_type));
data/aggdraw-1.3.12/agg2/include/agg_path_storage_integer.h:266:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&v, m_ptr, sizeof(vertex_integer_type));
data/aggdraw-1.3.12/agg2/include/agg_pixfmt_amask_adaptor.h:58:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(m_span, covers, len * sizeof(cover_type));
data/aggdraw-1.3.12/agg2/include/agg_rendering_buffer.h:121:17: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(row(y), mtx.row(y), l);
data/aggdraw-1.3.12/agg2/include/agg_scanline_p.h:146:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(m_cover_ptr, covers, len * sizeof(T));
data/aggdraw-1.3.12/agg2/include/agg_scanline_storage_aa.h:92:17: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ptr, cells, sizeof(T) * num_cells);
data/aggdraw-1.3.12/agg2/include/agg_scanline_storage_aa.h:98:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(s.ptr, cells, sizeof(T) * num_cells);
data/aggdraw-1.3.12/agg2/include/agg_scanline_storage_aa.h:139:17: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(dst.ptr, src.ptr, dst.len * sizeof(T));
data/aggdraw-1.3.12/agg2/include/agg_scanline_storage_aa.h:470:25: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(data, covers, sizeof(T));
data/aggdraw-1.3.12/agg2/include/agg_scanline_storage_aa.h:475:25: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(data, covers, unsigned(sp.len) * sizeof(T));
data/aggdraw-1.3.12/agg2/include/agg_scanline_u.h:220:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(m_covers + x, covers, len * sizeof(T));
data/aggdraw-1.3.12/agg2/include/agg_trans_viewport.h:177:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ptr, &m_world_x1, sizeof(m_world_x1)); ptr += sizeof(m_world_x1);
data/aggdraw-1.3.12/agg2/include/agg_trans_viewport.h:178:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ptr, &m_world_y1, sizeof(m_world_y1)); ptr += sizeof(m_world_y1);
data/aggdraw-1.3.12/agg2/include/agg_trans_viewport.h:179:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ptr, &m_world_x2, sizeof(m_world_x2)); ptr += sizeof(m_world_x2);
data/aggdraw-1.3.12/agg2/include/agg_trans_viewport.h:180:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ptr, &m_world_y2, sizeof(m_world_y2)); ptr += sizeof(m_world_y2);
data/aggdraw-1.3.12/agg2/include/agg_trans_viewport.h:181:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ptr, &m_device_x1, sizeof(m_device_x1)); ptr += sizeof(m_device_x1);
data/aggdraw-1.3.12/agg2/include/agg_trans_viewport.h:182:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ptr, &m_device_y1, sizeof(m_device_y1)); ptr += sizeof(m_device_y1);
data/aggdraw-1.3.12/agg2/include/agg_trans_viewport.h:183:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ptr, &m_device_x2, sizeof(m_device_x2)); ptr += sizeof(m_device_x2);
data/aggdraw-1.3.12/agg2/include/agg_trans_viewport.h:184:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ptr, &m_device_y2, sizeof(m_device_y2)); ptr += sizeof(m_device_y2);
data/aggdraw-1.3.12/agg2/include/agg_trans_viewport.h:185:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ptr, &m_aspect, sizeof(m_aspect)); ptr += sizeof(m_aspect);
data/aggdraw-1.3.12/agg2/include/agg_trans_viewport.h:186:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ptr, &m_align_x, sizeof(m_align_x)); ptr += sizeof(m_align_x);
data/aggdraw-1.3.12/agg2/include/agg_trans_viewport.h:187:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ptr, &m_align_y, sizeof(m_align_y)); ptr += sizeof(m_align_y);
data/aggdraw-1.3.12/agg2/include/agg_trans_viewport.h:188:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ptr, &m_wx1, sizeof(m_wx1)); ptr += sizeof(m_wx1);
data/aggdraw-1.3.12/agg2/include/agg_trans_viewport.h:189:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ptr, &m_wy1, sizeof(m_wy1)); ptr += sizeof(m_wy1);
data/aggdraw-1.3.12/agg2/include/agg_trans_viewport.h:190:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ptr, &m_wx2, sizeof(m_wx2)); ptr += sizeof(m_wx2);
data/aggdraw-1.3.12/agg2/include/agg_trans_viewport.h:191:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ptr, &m_wy2, sizeof(m_wy2)); ptr += sizeof(m_wy2);
data/aggdraw-1.3.12/agg2/include/agg_trans_viewport.h:192:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ptr, &m_dx1, sizeof(m_dx1)); ptr += sizeof(m_dx1);
data/aggdraw-1.3.12/agg2/include/agg_trans_viewport.h:193:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ptr, &m_dy1, sizeof(m_dy1)); ptr += sizeof(m_dy1);
data/aggdraw-1.3.12/agg2/include/agg_trans_viewport.h:194:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ptr, &m_kx, sizeof(m_kx)); ptr += sizeof(m_kx);
data/aggdraw-1.3.12/agg2/include/agg_trans_viewport.h:195:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ptr, &m_ky, sizeof(m_ky)); ptr += sizeof(m_ky);
data/aggdraw-1.3.12/agg2/include/ctrl/agg_cbox_ctrl.h:65:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char m_label[128];
data/aggdraw-1.3.12/agg2/include/ctrl/agg_gamma_spline.h:79:18: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char m_gamma[256];
data/aggdraw-1.3.12/agg2/include/ctrl/agg_slider_ctrl.h:80:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char m_label[64];
data/aggdraw-1.3.12/agg2/include/ctrl/agg_spline_ctrl.h:90:18: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char m_spline_values8[256];
data/aggdraw-1.3.12/agg2/include/dbg_new/agg_dbg_new.h:41:19: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE* fd = fopen("stdout.txt", "at");
data/aggdraw-1.3.12/agg2/include/dbg_new/agg_dbg_new.h:42:15: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char msg[1024];
data/aggdraw-1.3.12/agg2/include/platform/agg_platform_support.h:640:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char m_caption[256];
data/aggdraw-1.3.12/agg2/src/agg_gsv_text.cpp:561:20: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE* fd = fopen(file, "rb");
data/aggdraw-1.3.12/agg2/src/agg_gsv_text.cpp:595:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(m_text_buf, text, new_size);
data/aggdraw-1.3.12/agg2/src/agg_path_storage.cpp:105:17: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(new_coords,
data/aggdraw-1.3.12/agg2/src/agg_path_storage.cpp:109:17: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(new_cmds,
data/aggdraw-1.3.12/agg2/src/agg_rasterizer_scanline_aa.cpp:138:21: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(new_cells, m_cells, m_max_blocks * sizeof(cell_aa*));
data/aggdraw-1.3.12/agg2/src/ctrl/agg_cbox_ctrl.cpp:54:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(m_label, l, len);
data/aggdraw-1.3.12/agg2/src/ctrl/agg_gamma_ctrl.cpp:130:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tbuf[32];
data/aggdraw-1.3.12/agg2/src/ctrl/agg_gamma_ctrl.cpp:243:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(tbuf, "%5.3f %5.3f %5.3f %5.3f", kx1, ky1, kx2, ky2);
data/aggdraw-1.3.12/agg2/src/ctrl/agg_slider_ctrl.cpp:108:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(m_label, fmt, len);
data/aggdraw-1.3.12/agg2/src/ctrl/agg_slider_ctrl.cpp:164:17: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[256];
data/aggdraw-1.3.12/agg2/src/dbg_new/agg_dbg_new.cpp:39:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char file_name[512];
data/aggdraw-1.3.12/agg2/src/dbg_new/agg_dbg_new.cpp:73:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(dbg_new_prev_word + dbg_new_max_count,
data/aggdraw-1.3.12/agg2/src/dbg_new/agg_dbg_new.cpp:91:17: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&prev,
data/aggdraw-1.3.12/agg2/src/dbg_new/agg_dbg_new.cpp:126:23: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE* fd = fopen("stdout.txt", "wt");
data/aggdraw-1.3.12/agg2/src/dbg_new/agg_dbg_new.cpp:136:11: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
::memcpy(dbg_new_info[dbg_new_level].file_name, file, len);
data/aggdraw-1.3.12/agg2/src/dbg_new/agg_dbg_new.cpp:319:11: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
::memcpy(inf_ptr, &size, sizeof(unsigned));
data/aggdraw-1.3.12/agg2/src/dbg_new/agg_dbg_new.cpp:332:11: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
::memcpy(inf_ptr, &line, sizeof(unsigned));
data/aggdraw-1.3.12/agg2/src/dbg_new/agg_dbg_new.cpp:335:11: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
::memcpy(inf_ptr, &fname_len, sizeof(unsigned));
data/aggdraw-1.3.12/agg2/src/dbg_new/agg_dbg_new.cpp:349:11: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
::memcpy(crc32_ptr, &crc32_sum, sizeof(unsigned long));
data/aggdraw-1.3.12/agg2/src/dbg_new/agg_dbg_new.cpp:417:11: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
::memcpy(&size, free_ptr, sizeof(unsigned));
data/aggdraw-1.3.12/agg2/src/dbg_new/agg_dbg_new.cpp:423:11: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
::memcpy(&crc32_sum, inf_ptr, sizeof(unsigned long));
data/aggdraw-1.3.12/agg2/src/dbg_new/agg_dbg_new.cpp:430:11: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
::memcpy(&line, inf_ptr, sizeof(unsigned));
data/aggdraw-1.3.12/agg2/src/dbg_new/agg_dbg_new.cpp:434:11: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
::memcpy(&fname_len, inf_ptr, sizeof(unsigned));
data/aggdraw-1.3.12/agg2/src/dbg_new/agg_dbg_new.cpp:437:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char file[512];
data/aggdraw-1.3.12/agg2/src/dbg_new/agg_dbg_new.cpp:439:11: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
::memcpy(file, inf_ptr, fname_len);
data/aggdraw-1.3.12/agg2/src/platform/BeOS/agg_platform_support.cpp:544:9: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(m_caption, "Anti-Grain Geometry Application");
data/aggdraw-1.3.12/agg2/src/platform/X11/agg_platform_support.cpp:355:9: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(m_caption, "AGG Application");
data/aggdraw-1.3.12/agg2/src/platform/X11/agg_platform_support.cpp:1003:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[1024];
data/aggdraw-1.3.12/agg2/src/platform/X11/agg_platform_support.cpp:1008:17: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(buf, ".ppm");
data/aggdraw-1.3.12/agg2/src/platform/X11/agg_platform_support.cpp:1011:24: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE* fd = fopen(buf, "rb");
data/aggdraw-1.3.12/agg2/src/platform/X11/agg_platform_support.cpp:1036:30: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
unsigned width = atoi(ptr);
data/aggdraw-1.3.12/agg2/src/platform/X11/agg_platform_support.cpp:1049:31: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
unsigned height = atoi(ptr);
data/aggdraw-1.3.12/agg2/src/platform/X11/agg_platform_support.cpp:1057:16: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if(atoi(ptr) != 255)
data/aggdraw-1.3.12/agg2/src/platform/X11/agg_platform_support.cpp:1141:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[1024];
data/aggdraw-1.3.12/agg2/src/platform/X11/agg_platform_support.cpp:1146:17: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(buf, ".ppm");
data/aggdraw-1.3.12/agg2/src/platform/X11/agg_platform_support.cpp:1149:24: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE* fd = fopen(buf, "wb");
data/aggdraw-1.3.12/agg2/src/platform/mac/agg_platform_support.cpp:449:9: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(m_caption, "Anti-Grain Geometry Application");
data/aggdraw-1.3.12/agg2/src/platform/mac/agg_platform_support.cpp:637:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fn[1024];
data/aggdraw-1.3.12/agg2/src/platform/mac/agg_platform_support.cpp:642:17: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(fn, ".bmp");
data/aggdraw-1.3.12/agg2/src/platform/mac/agg_platform_support.cpp:656:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fn[1024];
data/aggdraw-1.3.12/agg2/src/platform/mac/agg_platform_support.cpp:661:17: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(fn, ".bmp");
data/aggdraw-1.3.12/agg2/src/platform/sdl/agg_platform_support.cpp:170:9: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(m_caption, "Anti-Grain Geometry Application");
data/aggdraw-1.3.12/agg2/src/platform/sdl/agg_platform_support.cpp:495:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fn[1024];
data/aggdraw-1.3.12/agg2/src/platform/sdl/agg_platform_support.cpp:500:17: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(fn, ".bmp");
data/aggdraw-1.3.12/agg2/src/platform/sdl/agg_platform_support.cpp:557:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fn[1024];
data/aggdraw-1.3.12/agg2/src/platform/sdl/agg_platform_support.cpp:562:17: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(fn, ".bmp");
data/aggdraw-1.3.12/agg2/src/platform/win32/agg_platform_support.cpp:431:9: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(m_caption, "Anti-Grain Geometry Application");
data/aggdraw-1.3.12/agg2/src/platform/win32/agg_platform_support.cpp:965:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fn[1024];
data/aggdraw-1.3.12/agg2/src/platform/win32/agg_platform_support.cpp:970:17: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(fn, ".bmp");
data/aggdraw-1.3.12/agg2/src/platform/win32/agg_platform_support.cpp:984:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fn[1024];
data/aggdraw-1.3.12/agg2/src/platform/win32/agg_platform_support.cpp:989:17: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(fn, ".bmp");
data/aggdraw-1.3.12/agg2/src/platform/win32/agg_platform_support.cpp:1303:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(argv_ptr, tok.ptr, tok.len);
data/aggdraw-1.3.12/agg2/src/platform/win32/agg_win32_bmp.cpp:383:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buf, m_buf, m_bmp->bmiHeader.biSizeImage);
data/aggdraw-1.3.12/agg2/src/platform/win32/agg_win32_bmp.cpp:466:20: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE *fd = fopen(filename, "rb");
data/aggdraw-1.3.12/agg2/src/platform/win32/agg_win32_bmp.cpp:501:20: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE *fd = fopen(filename, "wb");
data/aggdraw-1.3.12/aggdraw.cxx:604:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[10];
data/aggdraw-1.3.12/aggdraw.cxx:726:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(self->buffer_data, data, self->buffer_size);
data/aggdraw-1.3.12/aggdraw.cxx:943:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[10];
data/aggdraw-1.3.12/aggdraw.cxx:1560:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(self->buffer_data, data, self->buffer_size);
data/aggdraw-1.3.12/agg2/font_freetype/agg_font_freetype.cpp:539:59: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
m_face_names[m_num_faces] = new char [strlen(font_name) + 1];
data/aggdraw-1.3.12/agg2/font_freetype/agg_font_freetype.cpp:743:33: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
unsigned name_len = strlen(m_name);
data/aggdraw-1.3.12/agg2/include/agg_array.h:713:50: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
unsigned remove_duplicates(Array& arr, Equal equal)
data/aggdraw-1.3.12/agg2/include/agg_array.h:721:17: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
if(!equal(e, arr[i - 1]))
data/aggdraw-1.3.12/agg2/include/agg_font_cache_manager.h:59:60: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
m_font_signature = (char*)m_allocator.allocate(strlen(font_signature) + 1);
data/aggdraw-1.3.12/agg2/src/agg_gsv_text.cpp:589:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
unsigned new_size = strlen(text) + 1;
data/aggdraw-1.3.12/agg2/src/ctrl/agg_cbox_ctrl.cpp:52:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
unsigned len = strlen(l);
data/aggdraw-1.3.12/agg2/src/ctrl/agg_rbox_ctrl.cpp:76:45: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
m_items[m_num_items] = new char[strlen(text) + 1];
data/aggdraw-1.3.12/agg2/src/ctrl/agg_slider_ctrl.cpp:106:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
unsigned len = strlen(fmt);
data/aggdraw-1.3.12/agg2/src/dbg_new/agg_dbg_new.cpp:134:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len = strlen(file);
data/aggdraw-1.3.12/agg2/src/dbg_new/agg_dbg_new.cpp:302:32: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
unsigned fname_len = ::strlen(file) + 1;
data/aggdraw-1.3.12/agg2/src/platform/X11/agg_platform_support.cpp:207:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
tp.nitems = strlen(capt);
data/aggdraw-1.3.12/agg2/src/platform/X11/agg_platform_support.cpp:1005:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len = strlen(buf);
data/aggdraw-1.3.12/agg2/src/platform/X11/agg_platform_support.cpp:1143:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len = strlen(buf);
data/aggdraw-1.3.12/agg2/src/platform/mac/agg_platform_support.cpp:639:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len = strlen(fn);
data/aggdraw-1.3.12/agg2/src/platform/mac/agg_platform_support.cpp:658:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len = strlen(fn);
data/aggdraw-1.3.12/agg2/src/platform/sdl/agg_platform_support.cpp:497:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len = strlen(fn);
data/aggdraw-1.3.12/agg2/src/platform/sdl/agg_platform_support.cpp:559:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len = strlen(fn);
data/aggdraw-1.3.12/agg2/src/platform/win32/agg_platform_support.cpp:967:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len = strlen(fn);
data/aggdraw-1.3.12/agg2/src/platform/win32/agg_platform_support.cpp:986:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int len = strlen(fn);
data/aggdraw-1.3.12/agg2/src/platform/win32/agg_platform_support.cpp:1129:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
m_sep_len(sep ? strlen(sep) : 0),
data/aggdraw-1.3.12/agg2/src/platform/win32/agg_platform_support.cpp:1284:32: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
char* argv_str = new char [strlen(lpszCmdLine) + 3];
data/aggdraw-1.3.12/aggdraw.cxx:619:13: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(buffer, PyBytes_AS_STRING(mode_obj), sizeof buffer);
data/aggdraw-1.3.12/aggdraw.cxx:627:17: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(buffer, PyBytes_AsString(ascii_mode), sizeof buffer);
data/aggdraw-1.3.12/aggdraw.cxx:801:39: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
self->info.bmiHeader.biBitCount = strlen(mode)*8;
data/aggdraw-1.3.12/aggdraw.cxx:950:13: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(buffer, PyBytes_AsString(ascii_color), sizeof buffer);
data/aggdraw-1.3.12/aggdraw.cxx:959:33: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (ink && ink[0] == '#' && strlen(ink) == 7) {
data/aggdraw-1.3.12/aggdraw.cxx:1911:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
self->filename = new char[strlen(filename)+1];
data/aggdraw-1.3.12/aggdraw.cxx:2116:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
e = path + strlen(path);
ANALYSIS SUMMARY:
Hits = 160
Lines analyzed = 58363 in approximately 1.45 seconds (40159 lines/second)
Physical Source Lines of Code (SLOC) = 41440
Hits@level = [0] 33 [1] 29 [2] 109 [3] 0 [4] 22 [5] 0
Hits@level+ = [0+] 193 [1+] 160 [2+] 131 [3+] 22 [4+] 22 [5+] 0
Hits/KSLOC@level+ = [0+] 4.65734 [1+] 3.861 [2+] 3.1612 [3+] 0.530888 [4+] 0.530888 [5+] 0
Dot directories skipped = 1 (--followdotdir overrides)
Minimum risk level = 1
Not every hit is necessarily a security vulnerability.
There may be other security vulnerabilities; review your code!
See 'Secure Programming HOWTO'
(https://dwheeler.com/secure-programs) for more information.