Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler.
Number of rules (primarily dangerous function names) in C/C++ ruleset: 223
Examining data/apngasm-2.91/apngasm.cpp
Examining data/apngasm-2.91/zlib/inffixed.h
Examining data/apngasm-2.91/zlib/deflate1.h
Examining data/apngasm-2.91/zlib/trees.h
Examining data/apngasm-2.91/zlib/zutil.c
Examining data/apngasm-2.91/zlib/infback.c
Examining data/apngasm-2.91/zlib/gzguts.h
Examining data/apngasm-2.91/zlib/gzlib.c
Examining data/apngasm-2.91/zlib/zutil.h
Examining data/apngasm-2.91/zlib/trees.c
Examining data/apngasm-2.91/zlib/gzwrite.c
Examining data/apngasm-2.91/zlib/crc32.c
Examining data/apngasm-2.91/zlib/gzclose.c
Examining data/apngasm-2.91/zlib/deflate1.c
Examining data/apngasm-2.91/zlib/adler32.c
Examining data/apngasm-2.91/zlib/inflate.h
Examining data/apngasm-2.91/zlib/crc32.h
Examining data/apngasm-2.91/zlib/gzread.c
Examining data/apngasm-2.91/zlib/uncompr.c
Examining data/apngasm-2.91/zlib/inftrees.c
Examining data/apngasm-2.91/zlib/compress.c
Examining data/apngasm-2.91/zlib/inflate.c
Examining data/apngasm-2.91/zlib/inffast.h
Examining data/apngasm-2.91/zlib/inftrees.h
Examining data/apngasm-2.91/zlib/zlib.h
Examining data/apngasm-2.91/zlib/inffast.c
Examining data/apngasm-2.91/zlib/zconf.h
Examining data/apngasm-2.91/libpng/pngread.c
Examining data/apngasm-2.91/libpng/pngrio.c
Examining data/apngasm-2.91/libpng/pngdebug.h
Examining data/apngasm-2.91/libpng/png.h
Examining data/apngasm-2.91/libpng/pngrutil.c
Examining data/apngasm-2.91/libpng/pngtrans.c
Examining data/apngasm-2.91/libpng/pngmem.c
Examining data/apngasm-2.91/libpng/pngwtran.c
Examining data/apngasm-2.91/libpng/png.c
Examining data/apngasm-2.91/libpng/pngget.c
Examining data/apngasm-2.91/libpng/pngpriv.h
Examining data/apngasm-2.91/libpng/pngwio.c
Examining data/apngasm-2.91/libpng/pngstruct.h
Examining data/apngasm-2.91/libpng/pngset.c
Examining data/apngasm-2.91/libpng/pngconf.h
Examining data/apngasm-2.91/libpng/pngwrite.c
Examining data/apngasm-2.91/libpng/pngpread.c
Examining data/apngasm-2.91/libpng/pngwutil.c
Examining data/apngasm-2.91/libpng/pngerror.c
Examining data/apngasm-2.91/libpng/pnginfo.h
Examining data/apngasm-2.91/libpng/pngrtran.c
Examining data/apngasm-2.91/libpng/pnglibconf.h
Examining data/apngasm-2.91/7z/LiteralCoder.h
Examining data/apngasm-2.91/7z/LiteralCoder.cc
Examining data/apngasm-2.91/7z/DeflateDecoder.cc
Examining data/apngasm-2.91/7z/BinTree2Main.h
Examining data/apngasm-2.91/7z/BinTreeMF.h
Examining data/apngasm-2.91/7z/LZMADecoder.cc
Examining data/apngasm-2.91/7z/AriConst.h
Examining data/apngasm-2.91/7z/LZMADecoder.h
Examining data/apngasm-2.91/7z/OutByte.cc
Examining data/apngasm-2.91/7z/Portable.h
Examining data/apngasm-2.91/7z/BitTreeCoder.h
Examining data/apngasm-2.91/7z/BinTreeMFMain.h
Examining data/apngasm-2.91/7z/CRC.h
Examining data/apngasm-2.91/7z/WindowOut.cc
Examining data/apngasm-2.91/7z/BinTree4bMain.h
Examining data/apngasm-2.91/7z/RangeCoder.h
Examining data/apngasm-2.91/7z/BinTree4b.h
Examining data/apngasm-2.91/7z/HuffmanDecoder.h
Examining data/apngasm-2.91/7z/WindowIn.cc
Examining data/apngasm-2.91/7z/DeflateEncoder.cc
Examining data/apngasm-2.91/7z/BinTreeMain.h
Examining data/apngasm-2.91/7z/LSBFEncoder.h
Examining data/apngasm-2.91/7z/BinTree3Z.h
Examining data/apngasm-2.91/7z/BinTree3ZMain.h
Examining data/apngasm-2.91/7z/LZMA.cc
Examining data/apngasm-2.91/7z/BinTree3Main.h
Examining data/apngasm-2.91/7z/BinTree2.h
Examining data/apngasm-2.91/7z/7zdeflate.cc
Examining data/apngasm-2.91/7z/LSBFDecoder.h
Examining data/apngasm-2.91/7z/OutByte.h
Examining data/apngasm-2.91/7z/WindowIn.h
Examining data/apngasm-2.91/7z/BinTree3.h
Examining data/apngasm-2.91/7z/AriBitCoder.h
Examining data/apngasm-2.91/7z/LenCoder.h
Examining data/apngasm-2.91/7z/WindowOut.h
Examining data/apngasm-2.91/7z/LZMA.h
Examining data/apngasm-2.91/7z/IInOutStreams.h
Examining data/apngasm-2.91/7z/InByte.h
Examining data/apngasm-2.91/7z/BinTree.h
Examining data/apngasm-2.91/7z/IInOutStreams.cc
Examining data/apngasm-2.91/7z/7z.h
Examining data/apngasm-2.91/7z/LenCoder.cc
Examining data/apngasm-2.91/7z/DeflateEncoder.h
Examining data/apngasm-2.91/7z/LSBFDecoder.cc
Examining data/apngasm-2.91/7z/LSBFEncoder.cc
Examining data/apngasm-2.91/7z/CRC.cc
Examining data/apngasm-2.91/7z/7zlzma.cc
Examining data/apngasm-2.91/7z/DeflateDecoder.h
Examining data/apngasm-2.91/7z/InByte.cc
Examining data/apngasm-2.91/7z/HuffmanEncoder.cc
Examining data/apngasm-2.91/7z/Const.h
Examining data/apngasm-2.91/7z/BinTree4Main.h
Examining data/apngasm-2.91/7z/RCDefs.h
Examining data/apngasm-2.91/7z/HuffmanEncoder.h
Examining data/apngasm-2.91/7z/LZMAEncoder.h
Examining data/apngasm-2.91/7z/AriBitCoder.cc
Examining data/apngasm-2.91/7z/AriPrice.h
Examining data/apngasm-2.91/7z/BinTree4.h
Examining data/apngasm-2.91/7z/LZMAEncoder.cc
Examining data/apngasm-2.91/zopfli/deflate.c
Examining data/apngasm-2.91/zopfli/symbols.h
Examining data/apngasm-2.91/zopfli/blocksplitter.c
Examining data/apngasm-2.91/zopfli/zlib_container.h
Examining data/apngasm-2.91/zopfli/util.c
Examining data/apngasm-2.91/zopfli/lz77.h
Examining data/apngasm-2.91/zopfli/zopfli.h
Examining data/apngasm-2.91/zopfli/tree.c
Examining data/apngasm-2.91/zopfli/hash.c
Examining data/apngasm-2.91/zopfli/hash.h
Examining data/apngasm-2.91/zopfli/cache.c
Examining data/apngasm-2.91/zopfli/squeeze.c
Examining data/apngasm-2.91/zopfli/gzip_container.h
Examining data/apngasm-2.91/zopfli/util.h
Examining data/apngasm-2.91/zopfli/cache.h
Examining data/apngasm-2.91/zopfli/zopfli_lib.c
Examining data/apngasm-2.91/zopfli/lz77.c
Examining data/apngasm-2.91/zopfli/gzip_container.c
Examining data/apngasm-2.91/zopfli/zlib_container.c
Examining data/apngasm-2.91/zopfli/squeeze.h
Examining data/apngasm-2.91/zopfli/blocksplitter.h
Examining data/apngasm-2.91/zopfli/katajainen.h
Examining data/apngasm-2.91/zopfli/katajainen.c
Examining data/apngasm-2.91/zopfli/tree.h
Examining data/apngasm-2.91/zopfli/deflate.h
Examining data/apngasm-2.91/image.cpp
Examining data/apngasm-2.91/image.h
FINAL RESULTS:
data/apngasm-2.91/apngasm.cpp:595:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(szFormat, szImage);
data/apngasm-2.91/apngasm.cpp:596:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(szFormat+(szExt-1-szImage), "%%0%dd%%s", i);
data/apngasm-2.91/apngasm.cpp:598:7: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(szNext, szFormat, cur, szExt);
data/apngasm-2.91/apngasm.cpp:601:7: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(szNext, szFormat, cur, szExt);
data/apngasm-2.91/apngasm.cpp:622:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(szFormat, szImage);
data/apngasm-2.91/apngasm.cpp:623:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(szFormat+(szExt-i-szImage), "%%0%dd%%s", i);
data/apngasm-2.91/apngasm.cpp:624:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(szNext, szImage);
data/apngasm-2.91/apngasm.cpp:637:5: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(szNext, szFormat, cur+frames, szExt);
data/apngasm-2.91/apngasm.cpp:646:5: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(szNext, szFormat, cur+i, szExt);
data/apngasm-2.91/apngasm.cpp:655:5: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(szNext, szFormat, cur+i, ".txt");
data/apngasm-2.91/libpng/pngdebug.h:84:8: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(PNG_DEBUG_FILE,"%s" m PNG_STRING_NEWLINE,(num_tabs==1 ? " " : \
data/apngasm-2.91/libpng/pngdebug.h:92:8: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(PNG_DEBUG_FILE,"%s" m PNG_STRING_NEWLINE,(num_tabs==1 ? " " : \
data/apngasm-2.91/libpng/pngdebug.h:100:8: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(PNG_DEBUG_FILE,"%s" m PNG_STRING_NEWLINE,(num_tabs==1 ? " " : \
data/apngasm-2.91/libpng/pngdebug.h:113:8: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(PNG_DEBUG_FILE,format); \
data/apngasm-2.91/libpng/pngdebug.h:124:8: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(PNG_DEBUG_FILE,format,p1); \
data/apngasm-2.91/libpng/pngdebug.h:135:8: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(PNG_DEBUG_FILE,format,p1,p2); \
data/apngasm-2.91/libpng/pngerror.c:734:10: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stderr, PNG_STRING_NEWLINE);
data/apngasm-2.91/libpng/pngerror.c:741:10: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stderr, PNG_STRING_NEWLINE);
data/apngasm-2.91/libpng/pngerror.c:749:7: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stderr, PNG_STRING_NEWLINE);
data/apngasm-2.91/libpng/pngerror.c:805:10: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stderr, PNG_STRING_NEWLINE);
data/apngasm-2.91/libpng/pngerror.c:812:10: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stderr, PNG_STRING_NEWLINE);
data/apngasm-2.91/libpng/pngerror.c:820:7: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf(stderr, PNG_STRING_NEWLINE);
data/apngasm-2.91/zlib/gzguts.h:78:18: [4] (format) vsnprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
# if !defined(vsnprintf) && !defined(NO_vsnprintf)
data/apngasm-2.91/zlib/gzguts.h:80:18: [4] (format) vsnprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
# define vsnprintf _vsnprintf
data/apngasm-2.91/zlib/gzguts.h:103:11: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
# define snprintf _snprintf
data/apngasm-2.91/zlib/gzguts.h:103:20: [4] (format) _snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
# define snprintf _snprintf
data/apngasm-2.91/zlib/gzlib.c:216:9: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(state->path, path);
data/apngasm-2.91/zlib/gzlib.c:610:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(state->msg, state->path);
data/apngasm-2.91/zlib/gzlib.c:612:5: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(state->msg, msg);
data/apngasm-2.91/zlib/gzwrite.c:346:11: [4] (format) vsprintf:
Potential format string problem (CWE-134). Make format string constant.
(void)vsprintf((char *)(state->in), format, va);
data/apngasm-2.91/zlib/gzwrite.c:350:11: [4] (format) vsprintf:
Potential format string problem (CWE-134). Make format string constant.
len = vsprintf((char *)(state->in), format, va);
data/apngasm-2.91/zlib/gzwrite.c:354:11: [4] (format) vsnprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
(void)vsnprintf((char *)(state->in), size, format, va);
data/apngasm-2.91/zlib/gzwrite.c:357:11: [4] (format) vsnprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
len = vsnprintf((char *)(state->in), size, format, va);
data/apngasm-2.91/zlib/gzwrite.c:431:5: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf((char *)(state->in), format, a1, a2, a3, a4, a5, a6, a7, a8,
data/apngasm-2.91/zlib/gzwrite.c:436:11: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
len = sprintf((char *)(state->in), format, a1, a2, a3, a4, a5, a6, a7, a8,
data/apngasm-2.91/zlib/gzwrite.c:441:5: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
snprintf((char *)(state->in), size, format, a1, a2, a3, a4, a5, a6, a7, a8,
data/apngasm-2.91/zlib/gzwrite.c:445:11: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
len = snprintf((char *)(state->in), size, format, a1, a2, a3, a4, a5, a6,
data/apngasm-2.91/zlib/zutil.h:224:39: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
# define Trace(x) {if (z_verbose>=0) fprintf x ;}
data/apngasm-2.91/zlib/zutil.h:225:39: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
# define Tracev(x) {if (z_verbose>0) fprintf x ;}
data/apngasm-2.91/zlib/zutil.h:226:40: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
# define Tracevv(x) {if (z_verbose>1) fprintf x ;}
data/apngasm-2.91/zlib/zutil.h:227:48: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
# define Tracec(c,x) {if (z_verbose>0 && (c)) fprintf x ;}
data/apngasm-2.91/zlib/zutil.h:228:49: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
# define Tracecv(c,x) {if (z_verbose>1 && (c)) fprintf x ;}
data/apngasm-2.91/7z/DeflateEncoder.cc:561:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(m_LastLevels, aNewLevels, kMaxTableSize);
data/apngasm-2.91/7z/DeflateEncoder.cc:624:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(m_LastLevels, aNewLevels, kMaxTableSize);
data/apngasm-2.91/7z/IInOutStreams.cc:8:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(aData, data, aSize);
data/apngasm-2.91/7z/IInOutStreams.cc:20:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(data, aData, aSize);
data/apngasm-2.91/apngasm.cpp:56:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char png_sign[8] = {137, 80, 78, 71, 13, 10, 26, 10};
data/apngasm-2.91/apngasm.cpp:57:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char png_Software[28] = { 83, 111, 102, 116, 119, 97, 114, 101, '\0',
data/apngasm-2.91/apngasm.cpp:63:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buf[4];
data/apngasm-2.91/apngasm.cpp:248:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(dp, best_row, rowbytes+1);
data/apngasm-2.91/apngasm.cpp:270:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(dp, image->rows[j] + xbytes, rowbytes);
data/apngasm-2.91/apngasm.cpp:288:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(zbuf, data, size);
data/apngasm-2.91/apngasm.cpp:449:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(pc, &c2, 3);
data/apngasm-2.91/apngasm.cpp:515:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(img[i].rows[y], image->rows[y] + x, rowbytes);
data/apngasm-2.91/apngasm.cpp:530:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(img[i].rows[y], image->rows[row++], rowbytes);
data/apngasm-2.91/apngasm.cpp:578:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char szFormat[256];
data/apngasm-2.91/apngasm.cpp:579:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char szNext[256];
data/apngasm-2.91/apngasm.cpp:599:16: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((f = fopen(szNext, "rb")) != 0) break;
data/apngasm-2.91/apngasm.cpp:602:16: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((f = fopen(szNext, "rb")) != 0) break;
data/apngasm-2.91/apngasm.cpp:621:11: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
cur = atoi(szExt-i);
data/apngasm-2.91/apngasm.cpp:627:12: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((f = fopen(szNext, "rb")) == 0)
data/apngasm-2.91/apngasm.cpp:638:9: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
f = fopen(szNext, "rb");
data/apngasm-2.91/apngasm.cpp:656:9: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
f = fopen(szNext, "rt");
data/apngasm-2.91/apngasm.cpp:659:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char szStr[256];
data/apngasm-2.91/apngasm.cpp:722:12: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((f = fopen(szOut, "wb")) == 0)
data/apngasm-2.91/apngasm.cpp:728:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buf_IHDR[13];
data/apngasm-2.91/apngasm.cpp:729:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buf_acTL[8];
data/apngasm-2.91/apngasm.cpp:730:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buf_fcTL[26];
data/apngasm-2.91/apngasm.cpp:845:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(temp.rows[j], img[i].rows[j], rowbytes);
data/apngasm-2.91/apngasm.cpp:849:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(temp.rows[j+y0] + (k+x0)*3, &tcolor, 3);
data/apngasm-2.91/apngasm.cpp:891:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(rest.rows[j], img[i].rows[j], rowbytes);
data/apngasm-2.91/apngasm.cpp:898:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(rest.rows[j+y0] + (k+x0)*3, &tcolor, 3);
data/apngasm-2.91/apngasm.cpp:1018:17: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
loops = atoi(szOption+2);
data/apngasm-2.91/apngasm.cpp:1045:16: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
iter = atoi(szOption+2);
data/apngasm-2.91/apngasm.cpp:1051:14: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
hs = atoi(szOption+3);
data/apngasm-2.91/apngasm.cpp:1057:14: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
vs = atoi(szOption+3);
data/apngasm-2.91/apngasm.cpp:1063:15: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
int n = atoi(szOption);
data/apngasm-2.91/image.cpp:41:12: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((f = fopen(szName, "rb")) == 0)
data/apngasm-2.91/image.cpp:85:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(image->pl, palette, image->ps * 3);
data/apngasm-2.91/image.cpp:108:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(image->tr, trans_alpha, image->ts);
data/apngasm-2.91/image.cpp:125:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char col[4];
data/apngasm-2.91/image.cpp:126:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char header[18];
data/apngasm-2.91/image.cpp:128:12: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((f = fopen(szName, "rb")) == 0)
data/apngasm-2.91/image.cpp:270:12: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((f = fopen(szName, "rb")) != 0)
data/apngasm-2.91/image.cpp:596:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char cube[4096];
data/apngasm-2.91/image.cpp:597:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char gray[256];
data/apngasm-2.91/image.cpp:812:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char gray[256];
data/apngasm-2.91/image.cpp:962:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char gray[256];
data/apngasm-2.91/image.cpp:1099:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char gray[256];
data/apngasm-2.91/image.cpp:1299:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char cube[4096];
data/apngasm-2.91/image.cpp:1338:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char gray[256];
data/apngasm-2.91/image.h:39:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char tr[256];
data/apngasm-2.91/image.h:62:32: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
if ((ps = image->ps) != 0) memcpy(&pl[0], &image->pl[0], ps*3);
data/apngasm-2.91/image.h:63:32: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
if ((ts = image->ts) != 0) memcpy(&tr[0], &image->tr[0], ts);
data/apngasm-2.91/libpng/png.c:203:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char m[128];
data/apngasm-2.91/libpng/png.c:696:31: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
png_convert_to_rfc1123_buffer(char out[29], png_const_timep ptime)
data/apngasm-2.91/libpng/png.c:698:21: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static PNG_CONST char short_months[12][4] =
data/apngasm-2.91/libpng/png.c:714:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char number_buf[5]; /* enough for a four-digit year */
data/apngasm-2.91/libpng/png.c:1792:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char message[196]; /* see below for calculation */
data/apngasm-2.91/libpng/png.c:1811:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char number[PNG_NUMBER_BUFFER_SIZE]; /* +24 = 114*/
data/apngasm-2.91/libpng/png.c:2936:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char exponent[10];
data/apngasm-2.91/libpng/png.c:3194:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char digits[10];
data/apngasm-2.91/libpng/png.h:1071:54: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
PNG_EXPORT(241, int, png_convert_to_rfc1123_buffer, (char out[29],
data/apngasm-2.91/libpng/png.h:2732:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char message[64];
data/apngasm-2.91/libpng/pngdebug.h:109:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char format[256]; \
data/apngasm-2.91/libpng/pngdebug.h:120:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char format[256]; \
data/apngasm-2.91/libpng/pngdebug.h:131:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char format[256]; \
data/apngasm-2.91/libpng/pngerror.c:43:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char msg[16];
data/apngasm-2.91/libpng/pngerror.c:258:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[PNG_NUMBER_BUFFER_SIZE];
data/apngasm-2.91/libpng/pngerror.c:268:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[PNG_NUMBER_BUFFER_SIZE];
data/apngasm-2.91/libpng/pngerror.c:293:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char msg[192];
data/apngasm-2.91/libpng/pngerror.c:428:18: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static PNG_CONST char png_digit[16] = {
data/apngasm-2.91/libpng/pngerror.c:483:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char msg[18+PNG_MAX_ERROR_TEXT];
data/apngasm-2.91/libpng/pngerror.c:499:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char msg[18+PNG_MAX_ERROR_TEXT];
data/apngasm-2.91/libpng/pngerror.c:577:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char msg[fixed_message_ln+PNG_MAX_ERROR_TEXT];
data/apngasm-2.91/libpng/pngerror.c:578:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(msg, fixed_message, fixed_message_ln);
data/apngasm-2.91/libpng/pngerror.c:721:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char error_number[16];
data/apngasm-2.91/libpng/pngerror.c:792:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char warning_number[16];
data/apngasm-2.91/libpng/pngmem.c:154:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(new_array, old_array, element_size*(unsigned)old_elements);
data/apngasm-2.91/libpng/pngpread.c:438:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ptr, png_ptr->save_buffer_ptr, save_size);
data/apngasm-2.91/libpng/pngpread.c:455:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ptr, png_ptr->current_buffer_ptr, save_size);
data/apngasm-2.91/libpng/pngpread.c:505:10: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(png_ptr->save_buffer, old_buffer, png_ptr->save_buffer_size);
data/apngasm-2.91/libpng/pngpread.c:513:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(png_ptr->save_buffer + png_ptr->save_buffer_size,
data/apngasm-2.91/libpng/pngpread.c:764:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(png_ptr->prev_row, png_ptr->row_buf, row_info.rowbytes + 1);
data/apngasm-2.91/libpng/pngpriv.h:1658:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
typedef char png_warning_parameters[PNG_WARNING_PARAMETER_COUNT][
data/apngasm-2.91/libpng/pngread.c:553:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(png_ptr->prev_row, png_ptr->row_buf, row_info.rowbytes + 1);
data/apngasm-2.91/libpng/pngread.c:1491:21: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE *fp = fopen(file_name, "rb");
data/apngasm-2.91/libpng/pngread.c:1539:16: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(out, memory, need);
data/apngasm-2.91/libpng/pngrutil.c:342:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char msg[64];
data/apngasm-2.91/libpng/pngrutil.c:684:28: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(text, png_ptr->read_buffer, prefix_size);
data/apngasm-2.91/libpng/pngrutil.c:1403:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char keyword[81];
data/apngasm-2.91/libpng/pngrutil.c:1472:28: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(profile, profile_header,
data/apngasm-2.91/libpng/pngrutil.c:1538:43: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(info_ptr->iccp_name, keyword,
data/apngasm-2.91/libpng/pngrutil.c:3512:19: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(dp, sp, bytes_to_copy);
data/apngasm-2.91/libpng/pngrutil.c:3537:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(dp, sp, PNG_ROWBYTES(pixel_depth, row_width));
data/apngasm-2.91/libpng/pngrutil.c:3769:16: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(v, sp, pixel_bytes);
data/apngasm-2.91/libpng/pngrutil.c:3773:19: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(dp, v, pixel_bytes);
data/apngasm-2.91/libpng/pngset.c:321:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(info_ptr->pcal_purpose, purpose, length);
data/apngasm-2.91/libpng/pngset.c:343:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(info_ptr->pcal_units, units, length);
data/apngasm-2.91/libpng/pngset.c:373:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(info_ptr->pcal_params[i], params[i], length);
data/apngasm-2.91/libpng/pngset.c:423:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(info_ptr->scal_s_width, swidth, lengthw);
data/apngasm-2.91/libpng/pngset.c:442:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(info_ptr->scal_s_height, sheight, lengthh);
data/apngasm-2.91/libpng/pngset.c:465:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char swidth[PNG_sCAL_MAX_DIGITS+1];
data/apngasm-2.91/libpng/pngset.c:466:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char sheight[PNG_sCAL_MAX_DIGITS+1];
data/apngasm-2.91/libpng/pngset.c:495:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char swidth[PNG_sCAL_MAX_DIGITS+1];
data/apngasm-2.91/libpng/pngset.c:496:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char sheight[PNG_sCAL_MAX_DIGITS+1];
data/apngasm-2.91/libpng/pngset.c:579:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(png_ptr->palette, palette, (unsigned int)num_palette *
data/apngasm-2.91/libpng/pngset.c:688:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(new_iccp_name, name, length);
data/apngasm-2.91/libpng/pngset.c:701:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(new_iccp_profile, profile, proflen);
data/apngasm-2.91/libpng/pngset.c:871:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(textp->key, text_ptr[i].key, key_len);
data/apngasm-2.91/libpng/pngset.c:877:10: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(textp->lang, text_ptr[i].lang, lang_len);
data/apngasm-2.91/libpng/pngset.c:880:10: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(textp->lang_key, text_ptr[i].lang_key, lang_key_len);
data/apngasm-2.91/libpng/pngset.c:893:10: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(textp->text, text_ptr[i].text, text_length);
data/apngasm-2.91/libpng/pngset.c:974:11: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(info_ptr->trans_alpha, trans_alpha, (png_size_t)num_trans);
data/apngasm-2.91/libpng/pngset.c:1076:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(np->name, entries->name, length);
data/apngasm-2.91/libpng/pngset.c:1096:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(np->entries, entries->entries,
data/apngasm-2.91/libpng/pngset.c:1214:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(np->name, unknowns->name, (sizeof np->name));
data/apngasm-2.91/libpng/pngset.c:1237:10: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(np->data, unknowns->data, unknowns->size);
data/apngasm-2.91/libpng/pngset.c:1316:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(list, add, 4);
data/apngasm-2.91/libpng/pngset.c:1416:10: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(new_list, png_ptr->chunk_list, 5*old_num_chunks);
data/apngasm-2.91/libpng/pngset.c:1449:16: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(outlist, inlist, 5);
data/apngasm-2.91/libpng/pngstruct.h:362:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char time_buffer[29]; /* String to hold RFC 1123 time text */
data/apngasm-2.91/libpng/pngwrite.c:831:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(png_ptr->row_buf + 1, row, row_info.rowbytes);
data/apngasm-2.91/libpng/pngwrite.c:2168:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(display->memory+ob, data, size);
data/apngasm-2.91/libpng/pngwrite.c:2327:21: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE *fp = fopen(file_name, "wb");
data/apngasm-2.91/libpng/pngwutil.c:299:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char msg[64];
data/apngasm-2.91/libpng/pngwutil.c:1801:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buf + 1, width, wlen + 1); /* Append the '\0' here */
data/apngasm-2.91/libpng/pngwutil.c:1802:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buf + wlen + 2, height, hlen); /* Do NOT append the '\0' here */
data/apngasm-2.91/libpng/pngwutil.c:2221:19: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(dp, sp, pixel_bytes);
data/apngasm-2.91/zlib/crc32.c:145:15: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
out = fopen("crc32.h", "w");
data/apngasm-2.91/zlib/gzguts.h:39:11: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
# define open _open
data/apngasm-2.91/zlib/gzlib.c:36:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char buf[1024];
data/apngasm-2.91/zlib/gzlib.c:65:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, "unknown win32 error (%ld)", error);
data/apngasm-2.91/zlib/gzlib.c:245:9: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
open((const char *)path, oflag, 0666));
data/apngasm-2.91/zlib/gzlib.c:296:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(path, "<fd:%d>", fd); /* for debugging */
data/apngasm-2.91/zlib/gzlib.c:611:5: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(state->msg, ": ");
data/apngasm-2.91/zlib/gzread.c:158:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(state->x.next, strm->next_in, strm->avail_in);
data/apngasm-2.91/zlib/gzread.c:332:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buf, state->x.next, n);
data/apngasm-2.91/zlib/gzread.c:391:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buf[1];
data/apngasm-2.91/zlib/gzread.c:531:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buf, state->x.next, n);
data/apngasm-2.91/zlib/gzwrite.c:218:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(state->in + have, buf, copy);
data/apngasm-2.91/zlib/gzwrite.c:250:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buf[1];
data/apngasm-2.91/zlib/inflate.c:623:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char hbuf[4]; /* buffer for gzip header crc calculation */
data/apngasm-2.91/zlib/inflate.c:1382:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buf[4]; /* to restore bit buffer to byte string */
data/apngasm-2.91/zlib/trees.c:330:20: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE *header = fopen("trees.h", "w");
data/apngasm-2.91/zlib/zutil.c:17:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
z_const char * const z_errmsg[10] = {
data/apngasm-2.91/zlib/zutil.h:47:16: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
extern z_const char * const z_errmsg[10]; /* indexed by 2-zlib_error */
data/apngasm-2.91/zlib/zutil.h:107:6: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fopen((name), (mode), "mbc=60", "ctx=stm", "rfm=fix", "mrs=512")
data/apngasm-2.91/zlib/zutil.h:184:30: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
# define F_OPEN(name, mode) fopen((name), (mode))
data/apngasm-2.91/zlib/zutil.h:208:21: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
# define zmemcpy memcpy
data/apngasm-2.91/zopfli/deflate.c:555:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ll_lengths, ll_lengths2, sizeof(ll_lengths2));
data/apngasm-2.91/zopfli/deflate.c:556:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(d_lengths, d_lengths2, sizeof(d_lengths2));
data/apngasm-2.91/zopfli/squeeze.c:54:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(dest->litlens, source->litlens,
data/apngasm-2.91/zopfli/squeeze.c:56:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(dest->dists, source->dists, ZOPFLI_NUM_D * sizeof(dest->dists[0]));
data/apngasm-2.91/zopfli/squeeze.c:58:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(dest->ll_symbols, source->ll_symbols,
data/apngasm-2.91/zopfli/squeeze.c:60:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(dest->d_symbols, source->d_symbols,
data/apngasm-2.91/libpng/pngrutil.c:2497:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
text_info.text_length = strlen(text);
data/apngasm-2.91/libpng/pngset.c:278:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
length = strlen(purpose) + 1;
data/apngasm-2.91/libpng/pngset.c:303:43: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
!png_check_fp_string(params[i], strlen(params[i])))
data/apngasm-2.91/libpng/pngset.c:329:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
length = strlen(units) + 1;
data/apngasm-2.91/libpng/pngset.c:360:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
length = strlen(params[i]) + 1;
data/apngasm-2.91/libpng/pngset.c:399:37: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (swidth == NULL || (lengthw = strlen(swidth)) == 0 ||
data/apngasm-2.91/libpng/pngset.c:403:38: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (sheight == NULL || (lengthh = strlen(sheight)) == 0 ||
data/apngasm-2.91/libpng/pngset.c:678:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
length = strlen(name)+1;
data/apngasm-2.91/libpng/pngset.c:804:17: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
key_len = strlen(text_ptr[i].key);
data/apngasm-2.91/libpng/pngset.c:818:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
lang_len = strlen(text_ptr[i].lang);
data/apngasm-2.91/libpng/pngset.c:824:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
lang_key_len = strlen(text_ptr[i].lang_key);
data/apngasm-2.91/libpng/pngset.c:851:24: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
text_length = strlen(text_ptr[i].text);
data/apngasm-2.91/libpng/pngset.c:1070:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
length = strlen(entries->name) + 1;
data/apngasm-2.91/libpng/pngwutil.c:1520:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
text_len = strlen(text);
data/apngasm-2.91/libpng/pngwutil.c:1575:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
text == NULL ? 0 : strlen(text));
data/apngasm-2.91/libpng/pngwutil.c:1643:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
lang_len = strlen(lang)+1;
data/apngasm-2.91/libpng/pngwutil.c:1645:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
lang_key_len = strlen(lang_key)+1;
data/apngasm-2.91/libpng/pngwutil.c:1659:57: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
png_text_compress_init(&comp, (png_const_bytep)text, strlen(text));
data/apngasm-2.91/libpng/pngwutil.c:1741:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
units_len = strlen(units) + (nparams == 0 ? 0 : 1);
data/apngasm-2.91/libpng/pngwutil.c:1753:23: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
params_len[i] = strlen(params[i]) + (i == nparams - 1 ? 0 : 1);
data/apngasm-2.91/libpng/pngwutil.c:1790:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
wlen = strlen(width);
data/apngasm-2.91/libpng/pngwutil.c:1791:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
hlen = strlen(height);
data/apngasm-2.91/zlib/gzguts.h:40:11: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
# define read _read
data/apngasm-2.91/zlib/gzlib.c:199:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen((const char *)path);
data/apngasm-2.91/zlib/gzlib.c:601:38: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((state->msg = (char *)malloc(strlen(state->path) + strlen(msg) + 3)) ==
data/apngasm-2.91/zlib/gzlib.c:601:60: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((state->msg = (char *)malloc(strlen(state->path) + strlen(msg) + 3)) ==
data/apngasm-2.91/zlib/gzlib.c:607:26: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
snprintf(state->msg, strlen(state->path) + strlen(msg) + 3,
data/apngasm-2.91/zlib/gzlib.c:607:48: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
snprintf(state->msg, strlen(state->path) + strlen(msg) + 3,
data/apngasm-2.91/zlib/gzread.c:30:15: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
ret = read(state->fd, buf + *have, len - *have);
data/apngasm-2.91/zlib/gzwrite.c:301:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = (unsigned)strlen(str);
data/apngasm-2.91/zlib/gzwrite.c:355:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen((char *)(state->in));
data/apngasm-2.91/zlib/gzwrite.c:443:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen((char *)(state->in));
ANALYSIS SUMMARY:
Hits = 228
Lines analyzed = 63533 in approximately 1.67 seconds (38001 lines/second)
Physical Source Lines of Code (SLOC) = 42036
Hits@level = [0] 97 [1] 32 [2] 154 [3] 0 [4] 42 [5] 0
Hits@level+ = [0+] 325 [1+] 228 [2+] 196 [3+] 42 [4+] 42 [5+] 0
Hits/KSLOC@level+ = [0+] 7.73147 [1+] 5.42392 [2+] 4.66267 [3+] 0.999144 [4+] 0.999144 [5+] 0
Dot directories skipped = 1 (--followdotdir overrides)
Minimum risk level = 1
Not every hit is necessarily a security vulnerability.
There may be other security vulnerabilities; review your code!
See 'Secure Programming HOWTO'
(https://dwheeler.com/secure-programs) for more information.