Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler. Number of rules (primarily dangerous function names) in C/C++ ruleset: 223 Examining data/dcraw-9.28/parse.c Examining data/dcraw-9.28/fujiturn.c Examining data/dcraw-9.28/fuji_green.c Examining data/dcraw-9.28/clean_crw.c Examining data/dcraw-9.28/dcraw.c FINAL RESULTS: data/dcraw-9.28/clean_crw.c:52:5: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf (fname, "%s.clean", argv[arg]); data/dcraw-9.28/dcraw.c:58:9: [4] (format) snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. #define snprintf _snprintf data/dcraw-9.28/dcraw.c:58:18: [4] (format) _snprintf: If format strings can be influenced by an attacker, they can be exploited, and note that sprintf variations do not always \0-terminate (CWE-134). Use a constant for the format specification. #define snprintf _snprintf data/dcraw-9.28/dcraw.c:1334:7: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy (make, table[i].make ); data/dcraw-9.28/dcraw.c:1335:7: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy (model, table[i].model); data/dcraw-9.28/dcraw.c:3430:3: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf (str, "%sRGBNeutral", model2); data/dcraw-9.28/dcraw.c:5610:2: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy (model, mod[i]); data/dcraw-9.28/dcraw.c:6062:4: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy(model,cp+1); data/dcraw-9.28/dcraw.c:6445:3: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy (jname, ifname); data/dcraw-9.28/dcraw.c:6449:5: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy (jext, isupper(ext[1]) ? ".JPG":".jpg"); data/dcraw-9.28/dcraw.c:6667:5: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy (model, cp+1); data/dcraw-9.28/dcraw.c:6841:9: [4] (buffer) sscanf: The scanf() family's %s operation, without a limit specification, permits buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a different input function. if (sscanf (date, "%*s %s %d %d:%d:%d %d", month, &t.tm_mday, data/dcraw-9.28/dcraw.c:7115:6: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy (make, value); data/dcraw-9.28/dcraw.c:7117:6: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy (model, value); data/dcraw-9.28/dcraw.c:7119:6: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy (model2, value); data/dcraw-9.28/dcraw.c:8293:3: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf (name, "%s %s", make, model); data/dcraw-9.28/dcraw.c:8833:2: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy (make, table[i].make ); data/dcraw-9.28/dcraw.c:8834:2: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy (model, table[i].model); data/dcraw-9.28/dcraw.c:8884:6: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy (make, corp[i]); data/dcraw-9.28/dcraw.c:8899:5: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy (model, model+8); data/dcraw-9.28/dcraw.c:8901:5: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy (model, model+15); data/dcraw-9.28/dcraw.c:8969:2: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy (model, unique[i].model); data/dcraw-9.28/dcraw.c:8973:7: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy (model, sonique[i].model); data/dcraw-9.28/dcraw.c:9223:7: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf (model+20, "DYNAX %-10s", model+6+(model[0]=='M')); data/dcraw-9.28/dcraw.c:9672:5: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy (cdesc, colors == 3 ? "RGBG":"GMCY"); data/dcraw-9.28/dcraw.c:9813:5: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy ((char *)oprof+pbody[5]+12, name[output_color-1]); data/dcraw-9.28/dcraw.c:9820:5: [4] (format) fprintf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. fprintf (stderr, raw_color ? _("Building histograms...\n") : data/dcraw-9.28/dcraw.c:9989:3: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy (th->soft, "dcraw v"DCRAW_VERSION); data/dcraw-9.28/dcraw.c:10507:7: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy (ofname, ifname); data/dcraw-9.28/dcraw.c:10514:7: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat (ofname, write_ext); data/dcraw-9.28/fuji_green.c:355:7: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy (ofname, ifname); data/dcraw-9.28/fuji_green.c:357:7: [4] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). strcat (ofname, write_ext); data/dcraw-9.28/parse.c:603:7: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy (make, name); data/dcraw-9.28/parse.c:604:7: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy (model, name + strlen(make)+1); data/dcraw-9.28/parse.c:899:6: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy (make, value); data/dcraw-9.28/parse.c:901:6: [4] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). strcpy (model, value); data/dcraw-9.28/clean_crw.c:39:10: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fp = fopen (argv[arg], "rb"); data/dcraw-9.28/clean_crw.c:72:17: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if ((fp = fopen (fname, "wb"))) { data/dcraw-9.28/dcraw.c:108:1: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char *meta_data, xtrans[6][6], xtrans_abs[6][6]; data/dcraw-9.28/dcraw.c:109:1: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char cdesc[5], desc[512], make[64], model[64], model2[64], artist[64]; data/dcraw-9.28/dcraw.c:231:16: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static const char filter[16][16] = data/dcraw-9.28/dcraw.c:342:11: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. union { char c[8]; double d; } u; data/dcraw-9.28/dcraw.c:1322:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char make[12], model[15]; data/dcraw-9.28/dcraw.c:1345:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char tail[424]; data/dcraw-9.28/dcraw.c:1500:23: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static const signed char dir[12][2] = data/dcraw-9.28/dcraw.c:2288:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy (buf[c][0]+!c, buf[c][2], sizeof buf[c][0]-2*!c); data/dcraw-9.28/dcraw.c:2403:11: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. FORC3 memcpy (cur[c], curve, sizeof cur[0]); data/dcraw-9.28/dcraw.c:3150:32: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). if (!bit && !load_flags && atoi(model+2) < 14) get4(); data/dcraw-9.28/dcraw.c:3312:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy (ptr, dp, size*4); data/dcraw-9.28/dcraw.c:3384:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char str[128]; data/dcraw-9.28/dcraw.c:3472:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy (black, black+8, sizeof *black*8); data/dcraw-9.28/dcraw.c:3473:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy (black+height-11, black+height-22, 11*sizeof *black); data/dcraw-9.28/dcraw.c:3474:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy (last, black, sizeof last); data/dcraw-9.28/dcraw.c:3484:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy (last[2], black[row+1], sizeof last[2]); data/dcraw-9.28/dcraw.c:3490:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy (fsum, black, sizeof fsum); data/dcraw-9.28/dcraw.c:3494:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy (last[0], black[height-1], sizeof last[0]); data/dcraw-9.28/dcraw.c:3514:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy (prev, pix, sizeof prev); data/dcraw-9.28/dcraw.c:3724:7: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy (smrow[2], smrow[1], sizeof **smrow * width); data/dcraw-9.28/dcraw.c:3760:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy (image[row*i], image[(row+active[1])*width+active[0]], data/dcraw-9.28/dcraw.c:3863:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char *fname, *cp, line[128]; data/dcraw-9.28/dcraw.c:3868:10: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). fp = fopen (cfname, "r"); data/dcraw-9.28/dcraw.c:3886:7: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy (cp, "/.badpixels"); data/dcraw-9.28/dcraw.c:3887:17: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if ((fp = fopen (fname, "r"))) break; data/dcraw-9.28/dcraw.c:3925:14: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if (!(fp = fopen (fname, "rb"))) { data/dcraw-9.28/dcraw.c:3984:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy (gamm, g, sizeof gamm); data/dcraw-9.28/dcraw.c:4222:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy (pre_mul, user_mul, sizeof pre_mul); data/dcraw-9.28/dcraw.c:4261:7: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy (pre_mul, cam_mul, sizeof pre_mul); data/dcraw-9.28/dcraw.c:4543:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy (brow[2][col], pix, sizeof *image); data/dcraw-9.28/dcraw.c:4567:7: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy (image[(row-2)*width+2], brow[0]+2, (width-4)*sizeof *image); data/dcraw-9.28/dcraw.c:4571:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy (image[(row-2)*width+2], brow[0]+2, (width-4)*sizeof *image); data/dcraw-9.28/dcraw.c:4572:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy (image[(row-1)*width+2], brow[1]+2, (width-4)*sizeof *image); data/dcraw-9.28/dcraw.c:4681:4: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char (*homo)[TS][TS], *buffer; data/dcraw-9.28/dcraw.c:4693:11: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. homo = (char (*)[TS][TS]) (buffer + TS*TS*(ndir*10+6)); data/dcraw-9.28/dcraw.c:4735:4: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy (rgb[0][row-top][col-left], image[row*width+col], 6); data/dcraw-9.28/dcraw.c:4736:13: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. FORC3 memcpy (rgb[c+1], rgb[0], sizeof *rgb); data/dcraw-9.28/dcraw.c:4757:4: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy (rgb+=4, buffer, 4*sizeof *rgb); data/dcraw-9.28/dcraw.c:4906:4: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char (*homo)[TS][TS], *buffer; data/dcraw-9.28/dcraw.c:4916:11: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. homo = (char (*)[TS][TS]) (buffer + 24*TS*TS); data/dcraw-9.28/dcraw.c:5075:23: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static const signed char dir[8][2] = data/dcraw-9.28/dcraw.c:5211:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[10]; data/dcraw-9.28/dcraw.c:5493:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char str[20]; data/dcraw-9.28/dcraw.c:5582:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char data[40]; data/dcraw-9.28/dcraw.c:5705:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char software[64], *cbuf, *cp; data/dcraw-9.28/dcraw.c:5878:2: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy (make, "Sarnoff"); data/dcraw-9.28/dcraw.c:5911:15: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. FORC(36) ((char *)xtrans)[c] = fgetc(ifp) & 3; data/dcraw-9.28/dcraw.c:5921:18: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. if (cfa == 070) memcpy (cfa_pc,"\003\004\005",3); /* CMY */ data/dcraw-9.28/dcraw.c:5922:18: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. if (cfa == 072) memcpy (cfa_pc,"\005\003\004\001",4); /* GMCY */ data/dcraw-9.28/dcraw.c:5953:2: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy (make, "Leaf"); data/dcraw-9.28/dcraw.c:5992:2: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy (make, "Imacon"); data/dcraw-9.28/dcraw.c:6022:2: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf (model, "Ixpress %d-Mp", height*width/1000000); data/dcraw-9.28/dcraw.c:6040:16: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. if (!make[0]) strcpy (make, "Hasselblad"); data/dcraw-9.28/dcraw.c:6055:16: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. if (!make[0]) strcpy (make, "DNG"); data/dcraw-9.28/dcraw.c:6177:16: [2] (tmpfile) tmpfile: Function tmpfile() has a security flaw on some systems (e.g., older System V systems) (CWE-377). if ((ifp = tmpfile())) { data/dcraw-9.28/dcraw.c:6451:7: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy (jfile, file+4, 4); data/dcraw-9.28/dcraw.c:6452:7: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy (jfile+4, file, 4); data/dcraw-9.28/dcraw.c:6463:16: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if ((ifp = fopen (jname, "rb"))) { data/dcraw-9.28/dcraw.c:6611:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char line[128], *val; data/dcraw-9.28/dcraw.c:6627:22: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). thumb_offset = atoi(val); data/dcraw-9.28/dcraw.c:6629:19: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). raw_width = atoi(val); data/dcraw-9.28/dcraw.c:6631:20: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). raw_height = atoi(val); data/dcraw-9.28/dcraw.c:6633:21: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). thumb_width = atoi(val); data/dcraw-9.28/dcraw.c:6635:22: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). thumb_height = atoi(val); data/dcraw-9.28/dcraw.c:6642:3: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy (make, "Rollei"); data/dcraw-9.28/dcraw.c:6643:3: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy (model,"d530flex"); data/dcraw-9.28/dcraw.c:6650:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char str[8], *cp; data/dcraw-9.28/dcraw.c:6738:3: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy (make, "Phase One"); data/dcraw-9.28/dcraw.c:6741:16: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. case 2060: strcpy (model,"LightPhase"); break; data/dcraw-9.28/dcraw.c:6742:16: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. case 2682: strcpy (model,"H 10"); break; data/dcraw-9.28/dcraw.c:6743:16: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. case 4128: strcpy (model,"H 20"); break; data/dcraw-9.28/dcraw.c:6744:16: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. case 5488: strcpy (model,"H 25"); break; data/dcraw-9.28/dcraw.c:6816:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char tag[4], date[64], month[64]; data/dcraw-9.28/dcraw.c:6817:16: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. static const char mon[12][4] = data/dcraw-9.28/dcraw.c:6922:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char tag[4]; data/dcraw-9.28/dcraw.c:6952:3: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy (make, "SMaL"); data/dcraw-9.28/dcraw.c:6953:3: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf (model, "v%d %dx%d", ver, width, height); data/dcraw-9.28/dcraw.c:6980:3: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy (make, "CINE"); data/dcraw-9.28/dcraw.c:6981:3: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf (model, "%d", get4()); data/dcraw-9.28/dcraw.c:7049:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char name[64], value[64]; data/dcraw-9.28/dcraw.c:7113:18: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). iso_speed = atoi(value); data/dcraw-9.28/dcraw.c:7121:18: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). timestamp = atoi(value); data/dcraw-9.28/dcraw.c:7123:16: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). shutter = atoi(value) / 1000000.0; data/dcraw-9.28/dcraw.c:8290:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char name[130]; data/dcraw-9.28/dcraw.c:8459:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char model[20]; data/dcraw-9.28/dcraw.c:8548:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char make[10], model[20]; data/dcraw-9.28/dcraw.c:8659:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char head[32], *cp; data/dcraw-9.28/dcraw.c:8717:5: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy (make, "Contax"); data/dcraw-9.28/dcraw.c:8718:5: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy (model,"N Digital"); data/dcraw-9.28/dcraw.c:8724:5: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy (make, "Logitech"); data/dcraw-9.28/dcraw.c:8725:5: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy (model,"Fotoman Pixtura"); data/dcraw-9.28/dcraw.c:8727:5: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy (make, "Apple"); data/dcraw-9.28/dcraw.c:8728:5: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy (model,"QuickTake 100"); data/dcraw-9.28/dcraw.c:8731:5: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy (make, "Apple"); data/dcraw-9.28/dcraw.c:8732:5: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy (model,"QuickTake 150"); data/dcraw-9.28/dcraw.c:8776:5: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy (make, "NOKIA"); data/dcraw-9.28/dcraw.c:8795:5: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy (make, "ARRI"); data/dcraw-9.28/dcraw.c:8814:5: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy (make, "Red"); data/dcraw-9.28/dcraw.c:8815:5: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy (model,"One"); data/dcraw-9.28/dcraw.c:8873:7: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy (make, "OmniVision"); data/dcraw-9.28/dcraw.c:8890:5: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy (make, "Pentax"); data/dcraw-9.28/dcraw.c:8991:5: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy (model,"C603"); data/dcraw-9.28/dcraw.c:9051:23: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. if (canon_s2is()) strcpy (model+10, "S2 IS"); data/dcraw-9.28/dcraw.c:9133:7: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy (model, "E995"); data/dcraw-9.28/dcraw.c:9143:7: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy (model,"E2500"); data/dcraw-9.28/dcraw.c:9152:28: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). if (model[0] == 'E' && atoi(model+1) < 3700) data/dcraw-9.28/dcraw.c:9169:7: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy (make, "Minolta"); data/dcraw-9.28/dcraw.c:9170:7: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy (model,"DiMAGE Z2"); data/dcraw-9.28/dcraw.c:9179:7: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy (make, "ISG"); data/dcraw-9.28/dcraw.c:9184:7: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy (model,"S2Pro"); data/dcraw-9.28/dcraw.c:9203:18: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. FORC(36) ((char *)xtrans)[c] = data/dcraw-9.28/dcraw.c:9295:5: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy (model, "WB550"); data/dcraw-9.28/dcraw.c:9337:7: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy (model, "V96C"); data/dcraw-9.28/dcraw.c:9363:2: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy (cdesc, "RBTG"); data/dcraw-9.28/dcraw.c:9364:2: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy (model, "CatchLight"); data/dcraw-9.28/dcraw.c:9367:2: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy (model, "DCB2"); data/dcraw-9.28/dcraw.c:9371:22: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. if (!model[0]) strcpy (model, "Cantare"); data/dcraw-9.28/dcraw.c:9382:7: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy (model, "Valeo 6"); data/dcraw-9.28/dcraw.c:9387:7: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy (model, "Valeo 6"); data/dcraw-9.28/dcraw.c:9459:5: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy (cdesc, "RGBE"); data/dcraw-9.28/dcraw.c:9536:7: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy (cdesc, "MYCY"); data/dcraw-9.28/dcraw.c:9538:7: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy (model, "DC25"); data/dcraw-9.28/dcraw.c:9559:7: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy (model, "DC40"); data/dcraw-9.28/dcraw.c:9566:7: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy (model, "DC50"); data/dcraw-9.28/dcraw.c:9572:7: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy (model, "DC120"); data/dcraw-9.28/dcraw.c:9594:18: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. if (head[5]) strcpy (model+10, "200"); data/dcraw-9.28/dcraw.c:9623:5: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf (model, "%dx%d", width, height); data/dcraw-9.28/dcraw.c:9635:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy (rgb_cam, cmatrix, sizeof cmatrix); data/dcraw-9.28/dcraw.c:9706:18: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). else if ((fp = fopen (output, "rb"))) { data/dcraw-9.28/dcraw.c:9783:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy (out_cam, rgb_cam, sizeof out_cam); data/dcraw-9.28/dcraw.c:9789:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy (oprof, phead, sizeof phead); data/dcraw-9.28/dcraw.c:9797:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy (oprof+32, pbody, sizeof pbody); data/dcraw-9.28/dcraw.c:9799:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy ((char *)oprof+pbody[8]+8, pwhite, sizeof pwhite); data/dcraw-9.28/dcraw.c:9802:7: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy ((char *)oprof+pbody[i*3+2], pcurve, sizeof pcurve); data/dcraw-9.28/dcraw.c:9812:5: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy ((char *)oprof+pbody[2]+8, "auto-generated by dcraw"); data/dcraw-9.28/dcraw.c:9929:11: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. union { char c[4]; short s[2]; int i; } val; data/dcraw-9.28/dcraw.c:9945:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char desc[512], make[64], model[64], soft[32], date[20], artist[64]; data/dcraw-9.28/dcraw.c:9961:32: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. FORC(4) tt->val.c[c] = ((char *)th)[val+c]; data/dcraw-9.28/dcraw.c:9991:3: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf (th->date, "%04d:%02d:%02d %02d:%02d:%02d", data/dcraw-9.28/dcraw.c:10041:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy (th->gps, gpsdata, sizeof th->gps); data/dcraw-9.28/dcraw.c:10057:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy (exif, "\xff\xe1 Exif\0\0", 10); data/dcraw-9.28/dcraw.c:10204:32: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). case 'k': user_black = atoi(argv[arg++]); break; data/dcraw-9.28/dcraw.c:10205:32: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). case 'S': user_sat = atoi(argv[arg++]); break; data/dcraw-9.28/dcraw.c:10206:32: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). case 't': user_flip = atoi(argv[arg++]); break; data/dcraw-9.28/dcraw.c:10207:32: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). case 'q': user_qual = atoi(argv[arg++]); break; data/dcraw-9.28/dcraw.c:10208:32: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). case 'm': med_passes = atoi(argv[arg++]); break; data/dcraw-9.28/dcraw.c:10209:32: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). case 'H': highlight = atoi(argv[arg++]); break; data/dcraw-9.28/dcraw.c:10211:20: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). shot_select = abs(atoi(argv[arg])); data/dcraw-9.28/dcraw.c:10216:19: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). output_color = atoi(argv[arg++]); data/dcraw-9.28/dcraw.c:10232:38: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). case 'A': FORC4 greybox[c] = atoi(argv[arg++]); data/dcraw-9.28/dcraw.c:10281:17: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if (!(ifp = fopen (ifname, "rb"))) { data/dcraw-9.28/dcraw.c:10505:7: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy (ofname,_("standard output")); data/dcraw-9.28/dcraw.c:10510:2: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf (ofname+strlen(ofname), "_%0*d", data/dcraw-9.28/dcraw.c:10513:2: [2] (buffer) strcat: Does not check for buffer overflows when concatenating to destination [MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or snprintf (warning: strncat is easily misused). Risk is low because the source is a constant string. strcat (ofname, ".thumb"); data/dcraw-9.28/dcraw.c:10515:13: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). ofp = fopen (ofname, "wb"); data/dcraw-9.28/fuji_green.c:21:1: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char *ifname, make[64], model[64]; data/dcraw-9.28/fuji_green.c:152:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char head[32], *c; data/dcraw-9.28/fuji_green.c:179:5: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy (model+7," S2Pro"); data/dcraw-9.28/fuji_green.c:251:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy (head+14, hw, sizeof hw); data/dcraw-9.28/fuji_green.c:329:17: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if (!(ifp = fopen (ifname, "rb"))) { data/dcraw-9.28/fuji_green.c:353:7: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy (ofname, "standard output"); data/dcraw-9.28/fuji_green.c:358:13: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). ofp = fopen (ofname, "wb"); data/dcraw-9.28/parse.c:39:1: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char *fname, make[128], model[128], model2[128]; data/dcraw-9.28/parse.c:83:11: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. union { char c[8]; double d; } u; data/dcraw-9.28/parse.c:243:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[10]; data/dcraw-9.28/parse.c:473:16: [2] (tmpfile) tmpfile: Function tmpfile() has a security flaw on some systems (e.g., older System V systems) (CWE-377). if ((ifp = tmpfile())) { data/dcraw-9.28/parse.c:508:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char tag[4]; data/dcraw-9.28/parse.c:536:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char c, name[256]; data/dcraw-9.28/parse.c:633:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char tag[4], type[4], buf[64]; data/dcraw-9.28/parse.c:662:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char data[256]; data/dcraw-9.28/parse.c:698:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char line[128], *val; data/dcraw-9.28/parse.c:709:3: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy (make, "Rollei"); data/dcraw-9.28/parse.c:710:3: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy (model, "d530flex"); data/dcraw-9.28/parse.c:737:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char name[128], value[128], *camf, *pos, *cp, *dp; data/dcraw-9.28/parse.c:932:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char str[256]; data/dcraw-9.28/parse.c:965:3: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy (make, "Phase One"); data/dcraw-9.28/parse.c:966:3: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy (model, "unknown"); data/dcraw-9.28/parse.c:1040:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char buf[0x8000]; data/dcraw-9.28/parse.c:1069:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char c, ctag[4], buf[0x8000]; data/dcraw-9.28/parse.c:1116:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char tag[4], buf[400]; data/dcraw-9.28/parse.c:1157:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char tag[4], buf[64]; data/dcraw-9.28/parse.c:1202:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char head[32], *cp; data/dcraw-9.28/parse.c:1272:11: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). ifp = fopen (fname,"rb"); data/dcraw-9.28/clean_crw.c:46:29: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). buffer = malloc (size + strlen(argv[arg]) + 10); data/dcraw-9.28/dcraw.c:49:9: [1] (buffer) fgetc: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). #define fgetc getc_unlocked data/dcraw-9.28/dcraw.c:269:33: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (!strncasecmp(c, needle, strlen(needle))) data/dcraw-9.28/dcraw.c:358:17: [1] (buffer) fgetc: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). u.c[i ^ rev] = fgetc(ifp); data/dcraw-9.28/dcraw.c:360:21: [1] (buffer) fgetc: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). default: return fgetc(ifp); data/dcraw-9.28/dcraw.c:590:9: [1] (buffer) getc: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). if (getc(ifp) > 15) return 1; data/dcraw-9.28/dcraw.c:605:42: [1] (buffer) fgetc: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). while (!reset && vbits < nbits && (c = fgetc(ifp)) != EOF && data/dcraw-9.28/dcraw.c:606:45: [1] (buffer) fgetc: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). !(reset = zero_after_ff && c == 0xff && fgetc(ifp))) { data/dcraw-9.28/dcraw.c:798:6: [1] (buffer) fgetc: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). c = fgetc(ifp); data/dcraw-9.28/dcraw.c:824:8: [1] (buffer) fgetc: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). if ((fgetc(ifp),fgetc(ifp)) != 0xd8) return 0; data/dcraw-9.28/dcraw.c:824:19: [1] (buffer) fgetc: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). if ((fgetc(ifp),fgetc(ifp)) != 0xd8) return 0; data/dcraw-9.28/dcraw.c:841:32: [1] (buffer) getc: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). if (len == 9 && !dng_version) getc(ifp); data/dcraw-9.28/dcraw.c:905:36: [1] (buffer) fgetc: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). do mark = (mark << 8) + (c = fgetc(ifp)); data/dcraw-9.28/dcraw.c:1179:25: [1] (buffer) fgetc: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). FORC(dep) bit[1][c] = fgetc(ifp); data/dcraw-9.28/dcraw.c:1215:10: [1] (buffer) fgetc: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). ver0 = fgetc(ifp); data/dcraw-9.28/dcraw.c:1216:10: [1] (buffer) fgetc: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). ver1 = fgetc(ifp); data/dcraw-9.28/dcraw.c:1270:29: [1] (buffer) fgetc: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). FORC(6) bitbuf |= (UINT64) fgetc(ifp) << c*8; data/dcraw-9.28/dcraw.c:1291:11: [1] (buffer) fgetc: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). histo[fgetc(ifp)]++; data/dcraw-9.28/dcraw.c:1959:24: [1] (buffer) fgetc: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). bitbuf |= ((UINT64) fgetc(ifp) << i); data/dcraw-9.28/dcraw.c:1963:48: [1] (buffer) fgetc: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). if (load_flags & 1 && (col % 10) == 9 && fgetc(ifp) && data/dcraw-9.28/dcraw.c:2565:9: [1] (buffer) fgetc: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). c = fgetc(ifp); data/dcraw-9.28/dcraw.c:2580:15: [1] (buffer) fgetc: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). bitbuf = fgetc(ifp) << 8; data/dcraw-9.28/dcraw.c:2581:15: [1] (buffer) fgetc: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). bitbuf += fgetc(ifp); data/dcraw-9.28/dcraw.c:2588:20: [1] (buffer) fgetc: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). bitbuf += (INT64) fgetc(ifp) << (bits+(j^8)); data/dcraw-9.28/dcraw.c:2695:26: [1] (buffer) fgetc: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). fseek (ifp, (unsigned) fgetc(ifp)*4 - 1, SEEK_CUR); data/dcraw-9.28/dcraw.c:2826:9: [1] (buffer) fgetc: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). opt = fgetc(ifp); data/dcraw-9.28/dcraw.c:2999:18: [1] (buffer) fgetc: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). nseg = (uchar) fgetc(ifp); data/dcraw-9.28/dcraw.c:3004:11: [1] (buffer) fgetc: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). holes = fgetc(ifp); data/dcraw-9.28/dcraw.c:3129:33: [1] (buffer) fgetc: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). bitbuf = (bitbuf << 8) + fgetc(ifp); data/dcraw-9.28/dcraw.c:3160:33: [1] (buffer) fgetc: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). bitbuf = (bitbuf << 8) + fgetc(ifp); data/dcraw-9.28/dcraw.c:3177:12: [1] (buffer) getc: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). clen = getc(ifp); data/dcraw-9.28/dcraw.c:3178:12: [1] (buffer) getc: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). code = getc(ifp); data/dcraw-9.28/dcraw.c:3883:18: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). cp = fname + strlen(fname); data/dcraw-9.28/dcraw.c:3928:7: [1] (buffer) fgetc: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). if (fgetc(fp) != 'P' || fgetc(fp) != '5') error = 1; data/dcraw-9.28/dcraw.c:3928:27: [1] (buffer) fgetc: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). if (fgetc(fp) != 'P' || fgetc(fp) != '5') error = 1; data/dcraw-9.28/dcraw.c:3929:35: [1] (buffer) fgetc: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). while (!error && nd < 3 && (c = fgetc(fp)) != EOF) { data/dcraw-9.28/dcraw.c:5303:15: [1] (buffer) fgetc: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). c = c << 8 | fgetc(ifp); data/dcraw-9.28/dcraw.c:5305:47: [1] (buffer) fgetc: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). if (get4() == 257 && (i=len) && (c = (get4(),fgetc(ifp))) < 3) data/dcraw-9.28/dcraw.c:5334:19: [1] (buffer) fgetc: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). while ((c = fgetc(ifp)) && c != EOF) data/dcraw-9.28/dcraw.c:5364:23: [1] (buffer) fgetc: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). ver97 = ver97 * 10 + fgetc(ifp)-'0'; data/dcraw-9.28/dcraw.c:5394:20: [1] (buffer) fgetc: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). cj = xlat[1][fgetc(ifp)^fgetc(ifp)^fgetc(ifp)^fgetc(ifp)]; data/dcraw-9.28/dcraw.c:5394:31: [1] (buffer) fgetc: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). cj = xlat[1][fgetc(ifp)^fgetc(ifp)^fgetc(ifp)^fgetc(ifp)]; data/dcraw-9.28/dcraw.c:5394:42: [1] (buffer) fgetc: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). cj = xlat[1][fgetc(ifp)^fgetc(ifp)^fgetc(ifp)^fgetc(ifp)]; data/dcraw-9.28/dcraw.c:5394:53: [1] (buffer) fgetc: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). cj = xlat[1][fgetc(ifp)^fgetc(ifp)^fgetc(ifp)^fgetc(ifp)]; data/dcraw-9.28/dcraw.c:5498:32: [1] (buffer) fgetc: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). for (i=19; i--; ) str[i] = fgetc(ifp); data/dcraw-9.28/dcraw.c:5539:18: [1] (buffer) fgetc: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). exif_cfa |= fgetc(ifp) * 0x01010101 << c; data/dcraw-9.28/dcraw.c:5554:22: [1] (buffer) getc: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). gpsdata[29+tag/2] = getc(ifp); break; data/dcraw-9.28/dcraw.c:5689:29: [1] (buffer) fgetc: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). if (tag == 64013) wbi = fgetc(ifp); data/dcraw-9.28/dcraw.c:5749:19: [1] (buffer) fgetc: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). if (type != 7 || fgetc(ifp) != 0xff || fgetc(ifp) != 0xd8) break; data/dcraw-9.28/dcraw.c:5749:41: [1] (buffer) fgetc: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). if (type != 7 || fgetc(ifp) != 0xff || fgetc(ifp) != 0xd8) break; data/dcraw-9.28/dcraw.c:5911:35: [1] (buffer) fgetc: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). FORC(36) ((char *)xtrans)[c] = fgetc(ifp) & 3; data/dcraw-9.28/dcraw.c:6054:43: [1] (buffer) fgetc: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). FORC4 dng_version = (dng_version << 8) + fgetc(ifp); data/dcraw-9.28/dcraw.c:6397:7: [1] (buffer) fgetc: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). if (fgetc(ifp) || fgetc(ifp)-'M' || fgetc(ifp)-'R') return; data/dcraw-9.28/dcraw.c:6397:21: [1] (buffer) fgetc: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). if (fgetc(ifp) || fgetc(ifp)-'M' || fgetc(ifp)-'R') return; data/dcraw-9.28/dcraw.c:6397:39: [1] (buffer) fgetc: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). if (fgetc(ifp) || fgetc(ifp)-'M' || fgetc(ifp)-'R') return; data/dcraw-9.28/dcraw.c:6398:11: [1] (buffer) fgetc: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). order = fgetc(ifp) * 0x101; data/dcraw-9.28/dcraw.c:6402:24: [1] (buffer) fgetc: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). tag = tag << 8 | fgetc(ifp); data/dcraw-9.28/dcraw.c:6442:15: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (!ext || strlen(ext) != 4 || ext-file != 8) return; data/dcraw-9.28/dcraw.c:6443:28: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). jname = (char *) malloc (strlen(ifname) + 1); data/dcraw-9.28/dcraw.c:6525:19: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). fseek (ifp, strlen(make) - 63, SEEK_CUR); data/dcraw-9.28/dcraw.c:6621:20: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). val = line + strlen(line); data/dcraw-9.28/dcraw.c:6766:21: [1] (buffer) fgetc: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). fuji_layout = fgetc(ifp) >> 7; data/dcraw-9.28/dcraw.c:6767:22: [1] (buffer) fgetc: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). fuji_width = !(fgetc(ifp) & 8); data/dcraw-9.28/dcraw.c:6770:38: [1] (buffer) fgetc: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). FORC(36) xtrans_abs[0][35-c] = fgetc(ifp) & 3; data/dcraw-9.28/dcraw.c:6792:7: [1] (buffer) fgetc: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). if (fgetc(ifp) != 0xff || fgetc(ifp) != 0xd8) return 0; data/dcraw-9.28/dcraw.c:6792:29: [1] (buffer) fgetc: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). if (fgetc(ifp) != 0xff || fgetc(ifp) != 0xd8) return 0; data/dcraw-9.28/dcraw.c:6794:10: [1] (buffer) fgetc: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). while (fgetc(ifp) == 0xff && (mark = fgetc(ifp)) != 0xda) { data/dcraw-9.28/dcraw.c:6794:40: [1] (buffer) fgetc: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). while (fgetc(ifp) == 0xff && (mark = fgetc(ifp)) != 0xda) { data/dcraw-9.28/dcraw.c:6799:7: [1] (buffer) fgetc: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). fgetc(ifp); data/dcraw-9.28/dcraw.c:6945:9: [1] (buffer) fgetc: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). ver = fgetc(ifp); data/dcraw-9.28/dcraw.c:7085:6: [1] (buffer) fgetc: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). if (fgetc(ifp) == 0xff && fgetc(ifp) == 0xd8 data/dcraw-9.28/dcraw.c:7085:28: [1] (buffer) fgetc: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). if (fgetc(ifp) == 0xff && fgetc(ifp) == 0xd8 data/dcraw-9.28/dcraw.c:8295:42: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (!strncmp (name, table[i].prefix, strlen(table[i].prefix))) { data/dcraw-9.28/dcraw.c:8365:26: [1] (buffer) fgetc: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). bitbuf |= (unsigned) (fgetc(ifp) << i); data/dcraw-9.28/dcraw.c:8713:9: [1] (buffer) fgetc: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). if (fgetc(ifp) != 0xff) data/dcraw-9.28/dcraw.c:8891:15: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). cp = make + strlen(make); /* Remove trailing spaces */ data/dcraw-9.28/dcraw.c:8893:16: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). cp = model + strlen(model); data/dcraw-9.28/dcraw.c:8895:7: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). i = strlen(make); /* Remove make from model */ data/dcraw-9.28/dcraw.c:8968:30: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (model[4] == 'K' && strlen(model) == 8) data/dcraw-9.28/dcraw.c:9798:27: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). oprof[pbody[5]/4+2] = strlen(name[output_color-1]) + 1; data/dcraw-9.28/dcraw.c:9986:3: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy (th->desc, desc, 512); data/dcraw-9.28/dcraw.c:9987:3: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy (th->make, make, 64); data/dcraw-9.28/dcraw.c:9988:3: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy (th->model, model, 64); data/dcraw-9.28/dcraw.c:9993:3: [1] (buffer) strncpy: Easily used incorrectly; doesn't always \0-terminate or check for invalid pointers [MS-banned] (CWE-120). strncpy (th->artist, artist, 64); data/dcraw-9.28/dcraw.c:10502:31: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ofname = (char *) malloc (strlen(ifname) + 64); data/dcraw-9.28/dcraw.c:10510:18: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). sprintf (ofname+strlen(ofname), "_%0*d", data/dcraw-9.28/fuji_green.c:44:7: [1] (buffer) fgetc: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). a = fgetc(ifp); data/dcraw-9.28/fuji_green.c:45:7: [1] (buffer) fgetc: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). b = fgetc(ifp); data/dcraw-9.28/fuji_green.c:56:7: [1] (buffer) fgetc: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). a = fgetc(ifp); data/dcraw-9.28/fuji_green.c:57:7: [1] (buffer) fgetc: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). b = fgetc(ifp); data/dcraw-9.28/fuji_green.c:58:7: [1] (buffer) fgetc: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). c = fgetc(ifp); data/dcraw-9.28/fuji_green.c:59:7: [1] (buffer) fgetc: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). d = fgetc(ifp); data/dcraw-9.28/fuji_green.c:113:21: [1] (buffer) fgetc: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). fuji_layout = fgetc(ifp) >> 7; data/dcraw-9.28/fuji_green.c:173:15: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). c = model + strlen(model); /* Remove trailing spaces */ data/dcraw-9.28/fuji_green.c:350:22: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). ofname = malloc (strlen(ifname) + 16); data/dcraw-9.28/parse.c:88:20: [1] (buffer) fgetc: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). u.c[i ^ rev] = fgetc(ifp); data/dcraw-9.28/parse.c:101:32: [1] (buffer) fgetc: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). while (vbits < nbits && (c = fgetc(ifp)) != EOF) { data/dcraw-9.28/parse.c:144:54: [1] (buffer) fgetc: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). printf ("%c%02x",(j & 31) || count < 17 ? ' ':'\n', fgetc(ifp) & 0xff); data/dcraw-9.28/parse.c:147:6: [1] (buffer) fgetc: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). c = fgetc(ifp); data/dcraw-9.28/parse.c:183:46: [1] (buffer) fgetc: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). printf ("%s%02x", j & 31 ? " ":"\n\t", fgetc(ifp)); data/dcraw-9.28/parse.c:283:30: [1] (buffer) fgetc: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). while (len--) putchar (fgetc(ifp)); data/dcraw-9.28/parse.c:304:21: [1] (buffer) fgetc: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). while ((val = fgetc(ifp)) && val != EOF) data/dcraw-9.28/parse.c:313:13: [1] (buffer) fgetc: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). key = fgetc(ifp)^fgetc(ifp)^fgetc(ifp)^fgetc(ifp); data/dcraw-9.28/parse.c:313:24: [1] (buffer) fgetc: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). key = fgetc(ifp)^fgetc(ifp)^fgetc(ifp)^fgetc(ifp); data/dcraw-9.28/parse.c:313:35: [1] (buffer) fgetc: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). key = fgetc(ifp)^fgetc(ifp)^fgetc(ifp)^fgetc(ifp); data/dcraw-9.28/parse.c:313:46: [1] (buffer) fgetc: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). key = fgetc(ifp)^fgetc(ifp)^fgetc(ifp)^fgetc(ifp); data/dcraw-9.28/parse.c:511:7: [1] (buffer) fgetc: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). if (fgetc(ifp) || fgetc(ifp)-'M' || fgetc(ifp)-'R') return; data/dcraw-9.28/parse.c:511:21: [1] (buffer) fgetc: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). if (fgetc(ifp) || fgetc(ifp)-'M' || fgetc(ifp)-'R') return; data/dcraw-9.28/parse.c:511:39: [1] (buffer) fgetc: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). if (fgetc(ifp) || fgetc(ifp)-'M' || fgetc(ifp)-'R') return; data/dcraw-9.28/parse.c:512:11: [1] (buffer) fgetc: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). order = fgetc(ifp) * 0x101; data/dcraw-9.28/parse.c:574:55: [1] (buffer) fgetc: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). printf ("%c%02x",(j & 31) || dlen < 16 ? ' ':'\n', fgetc(ifp) & 0xff); data/dcraw-9.28/parse.c:579:8: [1] (buffer) fgetc: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). c = fgetc(ifp); data/dcraw-9.28/parse.c:604:29: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). strcpy (model, name + strlen(make)+1); data/dcraw-9.28/parse.c:614:7: [1] (buffer) fgetc: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). if (fgetc(ifp) != 0xff || fgetc(ifp) != 0xd8) return 0; data/dcraw-9.28/parse.c:614:29: [1] (buffer) fgetc: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). if (fgetc(ifp) != 0xff || fgetc(ifp) != 0xd8) return 0; data/dcraw-9.28/parse.c:616:10: [1] (buffer) fgetc: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). while (fgetc(ifp) == 0xff && fgetc(ifp) >> 4 != 0xd) { data/dcraw-9.28/parse.c:616:32: [1] (buffer) fgetc: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). while (fgetc(ifp) == 0xff && fgetc(ifp) >> 4 != 0xd) { data/dcraw-9.28/parse.c:707:20: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). val = line + strlen(line); data/dcraw-9.28/parse.c:794:12: [1] (buffer) getc: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). tag = getc(ifp); data/dcraw-9.28/parse.c:795:12: [1] (buffer) getc: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). val = getc(ifp); data/dcraw-9.28/parse.c:923:23: [1] (buffer) fgetc: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). printf (" %02x",fgetc(ifp)); data/dcraw-9.28/parse.c:1011:22: [1] (buffer) fgetc: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). printf ("%02X%c", fgetc(ifp), i == 3 ? '\n':' '); data/dcraw-9.28/parse.c:1030:22: [1] (buffer) fgetc: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). printf ("%02X%c", fgetc(ifp), data/dcraw-9.28/parse.c:1060:20: [1] (buffer) getc: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). printf ("%02x", getc(ifp)); data/dcraw-9.28/parse.c:1138:46: [1] (buffer) fgetc: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). printf ("%s%02x",(0x550 >> i) & 1 ? "-":"", fgetc(ifp)); ANALYSIS SUMMARY: Hits = 346 Lines analyzed = 12381 in approximately 0.52 seconds (23701 lines/second) Physical Source Lines of Code (SLOC) = 11572 Hits@level = [0] 321 [1] 125 [2] 185 [3] 0 [4] 36 [5] 0 Hits@level+ = [0+] 667 [1+] 346 [2+] 221 [3+] 36 [4+] 36 [5+] 0 Hits/KSLOC@level+ = [0+] 57.6391 [1+] 29.8998 [2+] 19.0978 [3+] 3.11096 [4+] 3.11096 [5+] 0 Dot directories skipped = 1 (--followdotdir overrides) Minimum risk level = 1 Not every hit is necessarily a security vulnerability. There may be other security vulnerabilities; review your code! See 'Secure Programming HOWTO' (https://dwheeler.com/secure-programs) for more information.