Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler.
Number of rules (primarily dangerous function names) in C/C++ ruleset: 223
Examining data/checkit-tiff-0.2.3/src/checkit_check_config.c
Examining data/checkit-tiff-0.2.3/src/checkit_tiff.c
Examining data/checkit-tiff-0.2.3/src/checkit_tiff_risk.c
Examining data/checkit-tiff-0.2.3/src/headers/check.h
Examining data/checkit-tiff-0.2.3/src/headers/check_helper.h
Examining data/checkit-tiff-0.2.3/src/headers/config_parser.h
Examining data/checkit-tiff-0.2.3/src/headers/tiff.h
Examining data/checkit-tiff-0.2.3/src/headers/tiffconf.h
Examining data/checkit-tiff-0.2.3/src/helper/check_helper.c
Examining data/checkit-tiff-0.2.3/src/helper/check_print.c
Examining data/checkit-tiff-0.2.3/src/helper/check_renderer.c
Examining data/checkit-tiff-0.2.3/src/helper/check_tiffparse.c
Examining data/checkit-tiff-0.2.3/src/ifdrules/check_all_IFDs_are_word_aligned.c
Examining data/checkit-tiff-0.2.3/src/ifdrules/check_all_offsets_are_used_once_only.c
Examining data/checkit-tiff-0.2.3/src/ifdrules/check_all_offsets_are_word_aligned.c
Examining data/checkit-tiff-0.2.3/src/ifdrules/check_has_only_one_ifd.c
Examining data/checkit-tiff-0.2.3/src/ifdrules/check_tagorder.c
Examining data/checkit-tiff-0.2.3/src/parser/config_dsl.grammar.c
Examining data/checkit-tiff-0.2.3/src/parser/config_parser.c
Examining data/checkit-tiff-0.2.3/src/risk_analyzer/lst_offset_mappings.c
Examining data/checkit-tiff-0.2.3/src/tagrules/check_datetime.c
Examining data/checkit-tiff-0.2.3/src/tagrules/check_icc.c
Examining data/checkit-tiff-0.2.3/src/tagrules/check_notag.c
Examining data/checkit-tiff-0.2.3/src/tagrules/check_tag.c
Examining data/checkit-tiff-0.2.3/src/tagrules/check_tag_has_some_of_these_values.c
Examining data/checkit-tiff-0.2.3/src/tagrules/check_tag_has_valid_asciivalue.c
Examining data/checkit-tiff-0.2.3/src/tagrules/check_tag_has_valid_type.c
Examining data/checkit-tiff-0.2.3/src/tagrules/check_tag_has_value.c
Examining data/checkit-tiff-0.2.3/src/tagrules/check_tag_has_value_in_range.c
Examining data/checkit-tiff-0.2.3/src/tagrules/check_tag_has_value_matching_regex.c
Examining data/checkit-tiff-0.2.3/src/tagrules/check_tag_has_value_quiet.c
Examining data/checkit-tiff-0.2.3/src/tagrules/check_tag_has_valuelist.c
Examining data/checkit-tiff-0.2.3/src/tagrules/check_tag_quiet.c
Examining data/checkit-tiff-0.2.3/src/validate_icc/check_icc_header.c
Examining data/checkit-tiff-0.2.3/src/validate_icc/validate_icc.h
FINAL RESULTS:
data/checkit-tiff-0.2.3/src/helper/check_helper.c:34:7: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat( dest, src);
data/checkit-tiff-0.2.3/src/parser/config_dsl.grammar.c:44:25: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
# define yyprintf(args) fprintf args
data/checkit-tiff-0.2.3/src/validate_icc/check_icc_header.c:13:20: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
#define FAIL(...) {snprintf(errmessage, errsize, __VA_ARGS__); return 1;};
data/checkit-tiff-0.2.3/src/checkit_tiff.c:116:15: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while ((c = getopt (argc, argv, "chmdx")) != -1) {
data/checkit-tiff-0.2.3/src/checkit_tiff_risk.c:45:15: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while ((c = getopt (argc, argv, "hms")) != -1) {
data/checkit-tiff-0.2.3/src/checkit_tiff.c:170:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tiff_dir [ len ];
data/checkit-tiff-0.2.3/src/checkit_tiff.c:191:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fqname [ len ];
data/checkit-tiff-0.2.3/src/headers/config_parser.h:59:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char * regex_stack[INTERNALSTACKDEPTH];
data/checkit-tiff-0.2.3/src/headers/config_parser.h:81:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
const char * regex_stack[MAXSTACKDEPTH];
data/checkit-tiff-0.2.3/src/helper/check_helper.c:43:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char array[VALUESTRLEN];
data/checkit-tiff-0.2.3/src/helper/check_helper.c:49:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char array[VALUESTRLEN];
data/checkit-tiff-0.2.3/src/helper/check_helper.c:55:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char array[VALUESTRLEN];
data/checkit-tiff-0.2.3/src/helper/check_helper.c:61:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char array[VALUESTRLEN];
data/checkit-tiff-0.2.3/src/helper/check_helper.c:67:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char array[VALUESTRLEN];
data/checkit-tiff-0.2.3/src/helper/check_renderer.c:75:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char res[1024] = "";
data/checkit-tiff-0.2.3/src/helper/check_renderer.c:107:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char res[1024] = "";
data/checkit-tiff-0.2.3/src/helper/check_renderer.c:125:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char res[1024] = "";
data/checkit-tiff-0.2.3/src/helper/check_renderer.c:160:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char res[1024] = "<checkit_tiff_result>";
data/checkit-tiff-0.2.3/src/helper/check_tiffparse.c:92:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buf, ctif->actual_streamp, count);
data/checkit-tiff-0.2.3/src/helper/check_tiffparse.c:599:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char array[EXPECTSTRLEN];
data/checkit-tiff-0.2.3/src/helper/check_tiffparse.c:628:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char array[EXPECTSTRLEN];
data/checkit-tiff-0.2.3/src/helper/check_tiffparse.c:658:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char array[EXPECTSTRLEN];
data/checkit-tiff-0.2.3/src/helper/check_tiffparse.c:1135:13: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
int tif = open(tiff_file, O_RDONLY | O_BINARY);
data/checkit-tiff-0.2.3/src/helper/check_tiffparse.c:1137:13: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
int tif = open(tiff_file, O_RDONLY);
data/checkit-tiff-0.2.3/src/helper/check_tiffparse.c:1287:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((void *) (*long_pp), (void *) &entry.data32, (sizeof(uint32)*entry.count));
data/checkit-tiff-0.2.3/src/helper/check_tiffparse.c:1293:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((void *) (*long_pp), (void *) offset.datacharp, (sizeof(uint32)*offset.count));
data/checkit-tiff-0.2.3/src/helper/check_tiffparse.c:1314:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((void *) (*short_pp), (void *) &entry.data16, (sizeof(uint16)*entry.count));
data/checkit-tiff-0.2.3/src/helper/check_tiffparse.c:1321:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((void *) (*short_pp), (void *)offset.datacharp, (sizeof(uint16)*offset.count));
data/checkit-tiff-0.2.3/src/ifdrules/check_all_IFDs_are_word_aligned.c:23:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char array[VALUESTRLEN];
data/checkit-tiff-0.2.3/src/ifdrules/check_all_offsets_are_used_once_only.c:37:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char array[TIFFAILSTRLEN];
data/checkit-tiff-0.2.3/src/ifdrules/check_all_offsets_are_word_aligned.c:27:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char array[TIFFAILSTRLEN];
data/checkit-tiff-0.2.3/src/ifdrules/check_has_only_one_ifd.c:30:7: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char array[TIFFAILSTRLEN];
data/checkit-tiff-0.2.3/src/ifdrules/check_tagorder.c:45:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char array[TIFFAILSTRLEN];
data/checkit-tiff-0.2.3/src/parser/config_dsl.grammar.c:212:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(yy->__text, yy->__buf + begin, yyleng);
data/checkit-tiff-0.2.3/src/parser/config_dsl.grammar.c:529:50: [2] (integer) atol:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
parser_state.any_reference = only_ref; i_push(atol(yytext) );;
data/checkit-tiff-0.2.3/src/parser/config_dsl.grammar.c:646:11: [2] (integer) atol:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
i_push(atol(yytext) );;
data/checkit-tiff-0.2.3/src/parser/config_dsl.grammar.c:659:14: [2] (integer) atol:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
i_push(2<<atol(yytext) ); ;
data/checkit-tiff-0.2.3/src/parser/config_parser.c:848:15: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE * cfg = fopen(include_file, "r");
data/checkit-tiff-0.2.3/src/parser/config_parser.c:909:15: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE * cfg = fopen(cfg_file, "r");
data/checkit-tiff-0.2.3/src/tagrules/check_datetime.c:90:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char array[TIFFAILSTRLEN];
data/checkit-tiff-0.2.3/src/tagrules/check_datetime.c:96:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char array[TIFFAILSTRLEN];
data/checkit-tiff-0.2.3/src/tagrules/check_datetime.c:102:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char array[TIFFAILSTRLEN];
data/checkit-tiff-0.2.3/src/tagrules/check_icc.c:41:16: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char array[VALUESTRLEN];
data/checkit-tiff-0.2.3/src/tagrules/check_tag_has_some_of_these_values.c:19:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char msg[EXPECTSTRLEN];
data/checkit-tiff-0.2.3/src/tagrules/check_tag_has_some_of_these_values.c:20:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char expected[EXPECTSTRLEN]="";
data/checkit-tiff-0.2.3/src/tagrules/check_tag_has_some_of_these_values.c:93:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char array[VALUESTRLEN];
data/checkit-tiff-0.2.3/src/tagrules/check_tag_has_valid_asciivalue.c:42:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char array[VALUESTRLEN];
data/checkit-tiff-0.2.3/src/tagrules/check_tag_has_valid_type.c:99:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char array[VALUESTRLEN];
data/checkit-tiff-0.2.3/src/tagrules/check_tag_has_value_in_range.c:23:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char msg[EXPECTSTRLEN];
data/checkit-tiff-0.2.3/src/tagrules/check_tag_has_value_in_range.c:118:29: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char array[VALUESTRLEN];
data/checkit-tiff-0.2.3/src/tagrules/check_tag_has_value_matching_regex.c:14:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char msg[EXPECTSTRLEN];
data/checkit-tiff-0.2.3/src/tagrules/check_tag_has_value_matching_regex.c:62:29: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char array[VALUESTRLEN];
data/checkit-tiff-0.2.3/src/tagrules/check_tag_has_value_matching_regex.c:72:24: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char array[VALUESTRLEN];
data/checkit-tiff-0.2.3/src/tagrules/check_tag_has_value_quiet.c:23:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char array[VALUESTRLEN];
data/checkit-tiff-0.2.3/src/tagrules/check_tag_has_value_quiet.c:50:16: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char array[VALUESTRLEN];
data/checkit-tiff-0.2.3/src/tagrules/check_tag_has_valuelist.c:25:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char msg[EXPECTSTRLEN];
data/checkit-tiff-0.2.3/src/tagrules/check_tag_has_valuelist.c:45:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char expected[EXPECTSTRLEN];
data/checkit-tiff-0.2.3/src/tagrules/check_tag_has_valuelist.c:47:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char value[VALUESTRLEN];
data/checkit-tiff-0.2.3/src/tagrules/check_tag_has_valuelist.c:60:29: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char expected[EXPECTSTRLEN];
data/checkit-tiff-0.2.3/src/tagrules/check_tag_has_valuelist.c:62:29: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char value[VALUESTRLEN];
data/checkit-tiff-0.2.3/src/tagrules/check_tag_has_valuelist.c:79:29: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char expected[EXPECTSTRLEN];
data/checkit-tiff-0.2.3/src/tagrules/check_tag_has_valuelist.c:81:29: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char value[VALUESTRLEN];
data/checkit-tiff-0.2.3/src/tagrules/check_tag_has_valuelist.c:98:30: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char expected[EXPECTSTRLEN];
data/checkit-tiff-0.2.3/src/tagrules/check_tag_has_valuelist.c:100:30: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char value[VALUESTRLEN];
data/checkit-tiff-0.2.3/src/tagrules/check_tag_has_valuelist.c:117:30: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char expected[EXPECTSTRLEN];
data/checkit-tiff-0.2.3/src/tagrules/check_tag_has_valuelist.c:119:30: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char value[VALUESTRLEN];
data/checkit-tiff-0.2.3/src/tagrules/check_tag_has_valuelist.c:133:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char array[VALUESTRLEN];
data/checkit-tiff-0.2.3/src/validate_icc/check_icc_header.c:32:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char preferredcmmtype[5]=" "; memcpy(preferredcmmtype, &iccdata[4],4);
data/checkit-tiff-0.2.3/src/validate_icc/check_icc_header.c:32:36: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
char preferredcmmtype[5]=" "; memcpy(preferredcmmtype, &iccdata[4],4);
data/checkit-tiff-0.2.3/src/validate_icc/check_icc_header.c:65:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char profileversion[6]=" "; snprintf(profileversion, 6, "%i.%i.%i", (iccdata[8]) & 0x000f, ((iccdata[9] & 0x00f0) >>4), (iccdata[9] & 0x000f));
data/checkit-tiff-0.2.3/src/validate_icc/check_icc_header.c:69:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char profileclass[5]=" "; memcpy(profileclass, &iccdata[12],4);
data/checkit-tiff-0.2.3/src/validate_icc/check_icc_header.c:69:32: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
char profileclass[5]=" "; memcpy(profileclass, &iccdata[12],4);
data/checkit-tiff-0.2.3/src/validate_icc/check_icc_header.c:81:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char colorspacedata[5]=" "; memcpy(colorspacedata, &iccdata[16],4);
data/checkit-tiff-0.2.3/src/validate_icc/check_icc_header.c:81:34: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
char colorspacedata[5]=" "; memcpy(colorspacedata, &iccdata[16],4);
data/checkit-tiff-0.2.3/src/validate_icc/check_icc_header.c:111:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char connectionspacedata[5]=" "; memcpy(connectionspacedata, &iccdata[20],4);
data/checkit-tiff-0.2.3/src/validate_icc/check_icc_header.c:111:39: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
char connectionspacedata[5]=" "; memcpy(connectionspacedata, &iccdata[20],4);
data/checkit-tiff-0.2.3/src/validate_icc/check_icc_header.c:119:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char datetime[20]; snprintf(datetime, 20, "%.4d:%.2d:%.2d %.2d:%.2d:%.2d",
data/checkit-tiff-0.2.3/src/validate_icc/check_icc_header.c:131:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char profilefilesignature[5]=" "; memcpy(profilefilesignature, &iccdata[36],4);
data/checkit-tiff-0.2.3/src/validate_icc/check_icc_header.c:131:40: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
char profilefilesignature[5]=" "; memcpy(profilefilesignature, &iccdata[36],4);
data/checkit-tiff-0.2.3/src/validate_icc/check_icc_header.c:134:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char primaryplattformsignature[5]=" "; memcpy(primaryplattformsignature, &iccdata[40],4);
data/checkit-tiff-0.2.3/src/validate_icc/check_icc_header.c:134:45: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
char primaryplattformsignature[5]=" "; memcpy(primaryplattformsignature, &iccdata[40],4);
data/checkit-tiff-0.2.3/src/validate_icc/check_icc_header.c:148:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char devicemanufacturer[5]=" "; memcpy(devicemanufacturer, &iccdata[48],4);
data/checkit-tiff-0.2.3/src/validate_icc/check_icc_header.c:148:38: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
char devicemanufacturer[5]=" "; memcpy(devicemanufacturer, &iccdata[48],4);
data/checkit-tiff-0.2.3/src/validate_icc/check_icc_header.c:151:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char devicemodel[5]=" "; memcpy(devicemodel, &iccdata[52],4);
data/checkit-tiff-0.2.3/src/validate_icc/check_icc_header.c:151:31: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
char devicemodel[5]=" "; memcpy(devicemodel, &iccdata[52],4);
data/checkit-tiff-0.2.3/src/validate_icc/check_icc_header.c:206:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char profileversion[6]=" "; snprintf(profileversion, 6, "%i.%i.%i", (iccdata[8]) & 0x000f, ((iccdata[9] & 0x00f0) >>4), (iccdata[9] & 0x000f));
data/checkit-tiff-0.2.3/src/checkit_tiff.c:169:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t len = strlen( tiff_file_or_dir);
data/checkit-tiff-0.2.3/src/checkit_tiff.c:171:5: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(tiff_dir, tiff_file_or_dir, len);
data/checkit-tiff-0.2.3/src/checkit_tiff.c:190:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen( tiff_dir ) + strlen( ent->d_name ) + 2;
data/checkit-tiff-0.2.3/src/checkit_tiff.c:190:36: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen( tiff_dir ) + strlen( ent->d_name ) + 2;
data/checkit-tiff-0.2.3/src/helper/check_helper.c:30:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int destsize = strlen(dest);
data/checkit-tiff-0.2.3/src/helper/check_helper.c:31:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int srclen = strlen(src);
data/checkit-tiff-0.2.3/src/helper/check_helper.c:36:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
destsize = strlen(dest);
data/checkit-tiff-0.2.3/src/helper/check_print.c:19:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t len = strlen (s);
data/checkit-tiff-0.2.3/src/helper/check_print.c:24:21: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
return (char *) strncpy (result, s, len);
data/checkit-tiff-0.2.3/src/helper/check_tiffparse.c:77:11: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
return read(ctif->fd, buf, count);
data/checkit-tiff-0.2.3/src/helper/check_tiffparse.c:101:10: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
return read(ctif->fd, buf, count);
data/checkit-tiff-0.2.3/src/parser/config_dsl.grammar.c:95:14: [1] (buffer) getchar:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
int yyc= getchar(); \
data/checkit-tiff-0.2.3/src/parser/config_dsl.grammar.c:110:14: [1] (buffer) getchar:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
int yyc= getchar(); \
data/checkit-tiff-0.2.3/src/parser/config_parser.c:34:14: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
int yyc= fgetc(parser_state.stream); \
ANALYSIS SUMMARY:
Hits = 100
Lines analyzed = 8273 in approximately 0.35 seconds (23923 lines/second)
Physical Source Lines of Code (SLOC) = 6787
Hits@level = [0] 253 [1] 14 [2] 81 [3] 2 [4] 3 [5] 0
Hits@level+ = [0+] 353 [1+] 100 [2+] 86 [3+] 5 [4+] 3 [5+] 0
Hits/KSLOC@level+ = [0+] 52.0112 [1+] 14.7341 [2+] 12.6713 [3+] 0.736703 [4+] 0.442022 [5+] 0
Dot directories skipped = 1 (--followdotdir overrides)
Minimum risk level = 1
Not every hit is necessarily a security vulnerability.
There may be other security vulnerabilities; review your code!
See 'Secure Programming HOWTO'
(https://dwheeler.com/secure-programs) for more information.