Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler.
Number of rules (primarily dangerous function names) in C/C++ ruleset: 223
Examining data/dcraw-9.28/parse.c
Examining data/dcraw-9.28/fujiturn.c
Examining data/dcraw-9.28/fuji_green.c
Examining data/dcraw-9.28/clean_crw.c
Examining data/dcraw-9.28/dcraw.c
FINAL RESULTS:
data/dcraw-9.28/clean_crw.c:52:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (fname, "%s.clean", argv[arg]);
data/dcraw-9.28/dcraw.c:58:9: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
#define snprintf _snprintf
data/dcraw-9.28/dcraw.c:58:18: [4] (format) _snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
#define snprintf _snprintf
data/dcraw-9.28/dcraw.c:1334:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (make, table[i].make );
data/dcraw-9.28/dcraw.c:1335:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (model, table[i].model);
data/dcraw-9.28/dcraw.c:3430:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (str, "%sRGBNeutral", model2);
data/dcraw-9.28/dcraw.c:5610:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (model, mod[i]);
data/dcraw-9.28/dcraw.c:6062:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(model,cp+1);
data/dcraw-9.28/dcraw.c:6445:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (jname, ifname);
data/dcraw-9.28/dcraw.c:6449:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (jext, isupper(ext[1]) ? ".JPG":".jpg");
data/dcraw-9.28/dcraw.c:6667:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (model, cp+1);
data/dcraw-9.28/dcraw.c:6841:9: [4] (buffer) sscanf:
The scanf() family's %s operation, without a limit specification, permits
buffer overflows (CWE-120, CWE-20). Specify a limit to %s, or use a
different input function.
if (sscanf (date, "%*s %s %d %d:%d:%d %d", month, &t.tm_mday,
data/dcraw-9.28/dcraw.c:7115:6: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (make, value);
data/dcraw-9.28/dcraw.c:7117:6: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (model, value);
data/dcraw-9.28/dcraw.c:7119:6: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (model2, value);
data/dcraw-9.28/dcraw.c:8293:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (name, "%s %s", make, model);
data/dcraw-9.28/dcraw.c:8833:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (make, table[i].make );
data/dcraw-9.28/dcraw.c:8834:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (model, table[i].model);
data/dcraw-9.28/dcraw.c:8884:6: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (make, corp[i]);
data/dcraw-9.28/dcraw.c:8899:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (model, model+8);
data/dcraw-9.28/dcraw.c:8901:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (model, model+15);
data/dcraw-9.28/dcraw.c:8969:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (model, unique[i].model);
data/dcraw-9.28/dcraw.c:8973:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (model, sonique[i].model);
data/dcraw-9.28/dcraw.c:9223:7: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf (model+20, "DYNAX %-10s", model+6+(model[0]=='M'));
data/dcraw-9.28/dcraw.c:9672:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (cdesc, colors == 3 ? "RGBG":"GMCY");
data/dcraw-9.28/dcraw.c:9813:5: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy ((char *)oprof+pbody[5]+12, name[output_color-1]);
data/dcraw-9.28/dcraw.c:9820:5: [4] (format) fprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
fprintf (stderr, raw_color ? _("Building histograms...\n") :
data/dcraw-9.28/dcraw.c:9989:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (th->soft, "dcraw v"DCRAW_VERSION);
data/dcraw-9.28/dcraw.c:10507:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (ofname, ifname);
data/dcraw-9.28/dcraw.c:10514:7: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat (ofname, write_ext);
data/dcraw-9.28/fuji_green.c:355:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (ofname, ifname);
data/dcraw-9.28/fuji_green.c:357:7: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat (ofname, write_ext);
data/dcraw-9.28/parse.c:603:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (make, name);
data/dcraw-9.28/parse.c:604:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (model, name + strlen(make)+1);
data/dcraw-9.28/parse.c:899:6: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (make, value);
data/dcraw-9.28/parse.c:901:6: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (model, value);
data/dcraw-9.28/clean_crw.c:39:10: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fp = fopen (argv[arg], "rb");
data/dcraw-9.28/clean_crw.c:72:17: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((fp = fopen (fname, "wb"))) {
data/dcraw-9.28/dcraw.c:108:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *meta_data, xtrans[6][6], xtrans_abs[6][6];
data/dcraw-9.28/dcraw.c:109:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char cdesc[5], desc[512], make[64], model[64], model2[64], artist[64];
data/dcraw-9.28/dcraw.c:231:16: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const char filter[16][16] =
data/dcraw-9.28/dcraw.c:342:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
union { char c[8]; double d; } u;
data/dcraw-9.28/dcraw.c:1322:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char make[12], model[15];
data/dcraw-9.28/dcraw.c:1345:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tail[424];
data/dcraw-9.28/dcraw.c:1500:23: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const signed char dir[12][2] =
data/dcraw-9.28/dcraw.c:2288:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (buf[c][0]+!c, buf[c][2], sizeof buf[c][0]-2*!c);
data/dcraw-9.28/dcraw.c:2403:11: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
FORC3 memcpy (cur[c], curve, sizeof cur[0]);
data/dcraw-9.28/dcraw.c:3150:32: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (!bit && !load_flags && atoi(model+2) < 14) get4();
data/dcraw-9.28/dcraw.c:3312:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (ptr, dp, size*4);
data/dcraw-9.28/dcraw.c:3384:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[128];
data/dcraw-9.28/dcraw.c:3472:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (black, black+8, sizeof *black*8);
data/dcraw-9.28/dcraw.c:3473:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (black+height-11, black+height-22, 11*sizeof *black);
data/dcraw-9.28/dcraw.c:3474:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (last, black, sizeof last);
data/dcraw-9.28/dcraw.c:3484:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (last[2], black[row+1], sizeof last[2]);
data/dcraw-9.28/dcraw.c:3490:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (fsum, black, sizeof fsum);
data/dcraw-9.28/dcraw.c:3494:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (last[0], black[height-1], sizeof last[0]);
data/dcraw-9.28/dcraw.c:3514:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (prev, pix, sizeof prev);
data/dcraw-9.28/dcraw.c:3724:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (smrow[2], smrow[1], sizeof **smrow * width);
data/dcraw-9.28/dcraw.c:3760:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (image[row*i], image[(row+active[1])*width+active[0]],
data/dcraw-9.28/dcraw.c:3863:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *fname, *cp, line[128];
data/dcraw-9.28/dcraw.c:3868:10: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fp = fopen (cfname, "r");
data/dcraw-9.28/dcraw.c:3886:7: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (cp, "/.badpixels");
data/dcraw-9.28/dcraw.c:3887:17: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((fp = fopen (fname, "r"))) break;
data/dcraw-9.28/dcraw.c:3925:14: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (!(fp = fopen (fname, "rb"))) {
data/dcraw-9.28/dcraw.c:3984:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (gamm, g, sizeof gamm);
data/dcraw-9.28/dcraw.c:4222:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (pre_mul, user_mul, sizeof pre_mul);
data/dcraw-9.28/dcraw.c:4261:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (pre_mul, cam_mul, sizeof pre_mul);
data/dcraw-9.28/dcraw.c:4543:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (brow[2][col], pix, sizeof *image);
data/dcraw-9.28/dcraw.c:4567:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (image[(row-2)*width+2], brow[0]+2, (width-4)*sizeof *image);
data/dcraw-9.28/dcraw.c:4571:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (image[(row-2)*width+2], brow[0]+2, (width-4)*sizeof *image);
data/dcraw-9.28/dcraw.c:4572:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (image[(row-1)*width+2], brow[1]+2, (width-4)*sizeof *image);
data/dcraw-9.28/dcraw.c:4681:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char (*homo)[TS][TS], *buffer;
data/dcraw-9.28/dcraw.c:4693:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
homo = (char (*)[TS][TS]) (buffer + TS*TS*(ndir*10+6));
data/dcraw-9.28/dcraw.c:4735:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (rgb[0][row-top][col-left], image[row*width+col], 6);
data/dcraw-9.28/dcraw.c:4736:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
FORC3 memcpy (rgb[c+1], rgb[0], sizeof *rgb);
data/dcraw-9.28/dcraw.c:4757:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (rgb+=4, buffer, 4*sizeof *rgb);
data/dcraw-9.28/dcraw.c:4906:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char (*homo)[TS][TS], *buffer;
data/dcraw-9.28/dcraw.c:4916:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
homo = (char (*)[TS][TS]) (buffer + 24*TS*TS);
data/dcraw-9.28/dcraw.c:5075:23: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const signed char dir[8][2] =
data/dcraw-9.28/dcraw.c:5211:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[10];
data/dcraw-9.28/dcraw.c:5493:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[20];
data/dcraw-9.28/dcraw.c:5582:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char data[40];
data/dcraw-9.28/dcraw.c:5705:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char software[64], *cbuf, *cp;
data/dcraw-9.28/dcraw.c:5878:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (make, "Sarnoff");
data/dcraw-9.28/dcraw.c:5911:15: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
FORC(36) ((char *)xtrans)[c] = fgetc(ifp) & 3;
data/dcraw-9.28/dcraw.c:5921:18: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
if (cfa == 070) memcpy (cfa_pc,"\003\004\005",3); /* CMY */
data/dcraw-9.28/dcraw.c:5922:18: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
if (cfa == 072) memcpy (cfa_pc,"\005\003\004\001",4); /* GMCY */
data/dcraw-9.28/dcraw.c:5953:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (make, "Leaf");
data/dcraw-9.28/dcraw.c:5992:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (make, "Imacon");
data/dcraw-9.28/dcraw.c:6022:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (model, "Ixpress %d-Mp", height*width/1000000);
data/dcraw-9.28/dcraw.c:6040:16: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
if (!make[0]) strcpy (make, "Hasselblad");
data/dcraw-9.28/dcraw.c:6055:16: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
if (!make[0]) strcpy (make, "DNG");
data/dcraw-9.28/dcraw.c:6177:16: [2] (tmpfile) tmpfile:
Function tmpfile() has a security flaw on some systems (e.g., older System
V systems) (CWE-377).
if ((ifp = tmpfile())) {
data/dcraw-9.28/dcraw.c:6451:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (jfile, file+4, 4);
data/dcraw-9.28/dcraw.c:6452:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (jfile+4, file, 4);
data/dcraw-9.28/dcraw.c:6463:16: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((ifp = fopen (jname, "rb"))) {
data/dcraw-9.28/dcraw.c:6611:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line[128], *val;
data/dcraw-9.28/dcraw.c:6627:22: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
thumb_offset = atoi(val);
data/dcraw-9.28/dcraw.c:6629:19: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
raw_width = atoi(val);
data/dcraw-9.28/dcraw.c:6631:20: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
raw_height = atoi(val);
data/dcraw-9.28/dcraw.c:6633:21: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
thumb_width = atoi(val);
data/dcraw-9.28/dcraw.c:6635:22: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
thumb_height = atoi(val);
data/dcraw-9.28/dcraw.c:6642:3: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (make, "Rollei");
data/dcraw-9.28/dcraw.c:6643:3: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (model,"d530flex");
data/dcraw-9.28/dcraw.c:6650:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[8], *cp;
data/dcraw-9.28/dcraw.c:6738:3: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (make, "Phase One");
data/dcraw-9.28/dcraw.c:6741:16: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
case 2060: strcpy (model,"LightPhase"); break;
data/dcraw-9.28/dcraw.c:6742:16: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
case 2682: strcpy (model,"H 10"); break;
data/dcraw-9.28/dcraw.c:6743:16: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
case 4128: strcpy (model,"H 20"); break;
data/dcraw-9.28/dcraw.c:6744:16: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
case 5488: strcpy (model,"H 25"); break;
data/dcraw-9.28/dcraw.c:6816:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tag[4], date[64], month[64];
data/dcraw-9.28/dcraw.c:6817:16: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const char mon[12][4] =
data/dcraw-9.28/dcraw.c:6922:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tag[4];
data/dcraw-9.28/dcraw.c:6952:3: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (make, "SMaL");
data/dcraw-9.28/dcraw.c:6953:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (model, "v%d %dx%d", ver, width, height);
data/dcraw-9.28/dcraw.c:6980:3: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (make, "CINE");
data/dcraw-9.28/dcraw.c:6981:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (model, "%d", get4());
data/dcraw-9.28/dcraw.c:7049:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[64], value[64];
data/dcraw-9.28/dcraw.c:7113:18: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
iso_speed = atoi(value);
data/dcraw-9.28/dcraw.c:7121:18: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
timestamp = atoi(value);
data/dcraw-9.28/dcraw.c:7123:16: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
shutter = atoi(value) / 1000000.0;
data/dcraw-9.28/dcraw.c:8290:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[130];
data/dcraw-9.28/dcraw.c:8459:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char model[20];
data/dcraw-9.28/dcraw.c:8548:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char make[10], model[20];
data/dcraw-9.28/dcraw.c:8659:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char head[32], *cp;
data/dcraw-9.28/dcraw.c:8717:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (make, "Contax");
data/dcraw-9.28/dcraw.c:8718:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (model,"N Digital");
data/dcraw-9.28/dcraw.c:8724:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (make, "Logitech");
data/dcraw-9.28/dcraw.c:8725:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (model,"Fotoman Pixtura");
data/dcraw-9.28/dcraw.c:8727:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (make, "Apple");
data/dcraw-9.28/dcraw.c:8728:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (model,"QuickTake 100");
data/dcraw-9.28/dcraw.c:8731:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (make, "Apple");
data/dcraw-9.28/dcraw.c:8732:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (model,"QuickTake 150");
data/dcraw-9.28/dcraw.c:8776:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (make, "NOKIA");
data/dcraw-9.28/dcraw.c:8795:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (make, "ARRI");
data/dcraw-9.28/dcraw.c:8814:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (make, "Red");
data/dcraw-9.28/dcraw.c:8815:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (model,"One");
data/dcraw-9.28/dcraw.c:8873:7: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (make, "OmniVision");
data/dcraw-9.28/dcraw.c:8890:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (make, "Pentax");
data/dcraw-9.28/dcraw.c:8991:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (model,"C603");
data/dcraw-9.28/dcraw.c:9051:23: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
if (canon_s2is()) strcpy (model+10, "S2 IS");
data/dcraw-9.28/dcraw.c:9133:7: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (model, "E995");
data/dcraw-9.28/dcraw.c:9143:7: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (model,"E2500");
data/dcraw-9.28/dcraw.c:9152:28: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (model[0] == 'E' && atoi(model+1) < 3700)
data/dcraw-9.28/dcraw.c:9169:7: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (make, "Minolta");
data/dcraw-9.28/dcraw.c:9170:7: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (model,"DiMAGE Z2");
data/dcraw-9.28/dcraw.c:9179:7: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (make, "ISG");
data/dcraw-9.28/dcraw.c:9184:7: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (model,"S2Pro");
data/dcraw-9.28/dcraw.c:9203:18: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
FORC(36) ((char *)xtrans)[c] =
data/dcraw-9.28/dcraw.c:9295:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (model, "WB550");
data/dcraw-9.28/dcraw.c:9337:7: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (model, "V96C");
data/dcraw-9.28/dcraw.c:9363:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (cdesc, "RBTG");
data/dcraw-9.28/dcraw.c:9364:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (model, "CatchLight");
data/dcraw-9.28/dcraw.c:9367:2: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (model, "DCB2");
data/dcraw-9.28/dcraw.c:9371:22: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
if (!model[0]) strcpy (model, "Cantare");
data/dcraw-9.28/dcraw.c:9382:7: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (model, "Valeo 6");
data/dcraw-9.28/dcraw.c:9387:7: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (model, "Valeo 6");
data/dcraw-9.28/dcraw.c:9459:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (cdesc, "RGBE");
data/dcraw-9.28/dcraw.c:9536:7: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (cdesc, "MYCY");
data/dcraw-9.28/dcraw.c:9538:7: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (model, "DC25");
data/dcraw-9.28/dcraw.c:9559:7: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (model, "DC40");
data/dcraw-9.28/dcraw.c:9566:7: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (model, "DC50");
data/dcraw-9.28/dcraw.c:9572:7: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (model, "DC120");
data/dcraw-9.28/dcraw.c:9594:18: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
if (head[5]) strcpy (model+10, "200");
data/dcraw-9.28/dcraw.c:9623:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (model, "%dx%d", width, height);
data/dcraw-9.28/dcraw.c:9635:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (rgb_cam, cmatrix, sizeof cmatrix);
data/dcraw-9.28/dcraw.c:9706:18: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
else if ((fp = fopen (output, "rb"))) {
data/dcraw-9.28/dcraw.c:9783:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (out_cam, rgb_cam, sizeof out_cam);
data/dcraw-9.28/dcraw.c:9789:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (oprof, phead, sizeof phead);
data/dcraw-9.28/dcraw.c:9797:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (oprof+32, pbody, sizeof pbody);
data/dcraw-9.28/dcraw.c:9799:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy ((char *)oprof+pbody[8]+8, pwhite, sizeof pwhite);
data/dcraw-9.28/dcraw.c:9802:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy ((char *)oprof+pbody[i*3+2], pcurve, sizeof pcurve);
data/dcraw-9.28/dcraw.c:9812:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy ((char *)oprof+pbody[2]+8, "auto-generated by dcraw");
data/dcraw-9.28/dcraw.c:9929:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
union { char c[4]; short s[2]; int i; } val;
data/dcraw-9.28/dcraw.c:9945:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char desc[512], make[64], model[64], soft[32], date[20], artist[64];
data/dcraw-9.28/dcraw.c:9961:32: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
FORC(4) tt->val.c[c] = ((char *)th)[val+c];
data/dcraw-9.28/dcraw.c:9991:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (th->date, "%04d:%02d:%02d %02d:%02d:%02d",
data/dcraw-9.28/dcraw.c:10041:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (th->gps, gpsdata, sizeof th->gps);
data/dcraw-9.28/dcraw.c:10057:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (exif, "\xff\xe1 Exif\0\0", 10);
data/dcraw-9.28/dcraw.c:10204:32: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
case 'k': user_black = atoi(argv[arg++]); break;
data/dcraw-9.28/dcraw.c:10205:32: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
case 'S': user_sat = atoi(argv[arg++]); break;
data/dcraw-9.28/dcraw.c:10206:32: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
case 't': user_flip = atoi(argv[arg++]); break;
data/dcraw-9.28/dcraw.c:10207:32: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
case 'q': user_qual = atoi(argv[arg++]); break;
data/dcraw-9.28/dcraw.c:10208:32: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
case 'm': med_passes = atoi(argv[arg++]); break;
data/dcraw-9.28/dcraw.c:10209:32: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
case 'H': highlight = atoi(argv[arg++]); break;
data/dcraw-9.28/dcraw.c:10211:20: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
shot_select = abs(atoi(argv[arg]));
data/dcraw-9.28/dcraw.c:10216:19: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
output_color = atoi(argv[arg++]);
data/dcraw-9.28/dcraw.c:10232:38: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
case 'A': FORC4 greybox[c] = atoi(argv[arg++]);
data/dcraw-9.28/dcraw.c:10281:17: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (!(ifp = fopen (ifname, "rb"))) {
data/dcraw-9.28/dcraw.c:10505:7: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (ofname,_("standard output"));
data/dcraw-9.28/dcraw.c:10510:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf (ofname+strlen(ofname), "_%0*d",
data/dcraw-9.28/dcraw.c:10513:2: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat (ofname, ".thumb");
data/dcraw-9.28/dcraw.c:10515:13: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
ofp = fopen (ofname, "wb");
data/dcraw-9.28/fuji_green.c:21:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *ifname, make[64], model[64];
data/dcraw-9.28/fuji_green.c:152:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char head[32], *c;
data/dcraw-9.28/fuji_green.c:179:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (model+7," S2Pro");
data/dcraw-9.28/fuji_green.c:251:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (head+14, hw, sizeof hw);
data/dcraw-9.28/fuji_green.c:329:17: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (!(ifp = fopen (ifname, "rb"))) {
data/dcraw-9.28/fuji_green.c:353:7: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (ofname, "standard output");
data/dcraw-9.28/fuji_green.c:358:13: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
ofp = fopen (ofname, "wb");
data/dcraw-9.28/parse.c:39:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char *fname, make[128], model[128], model2[128];
data/dcraw-9.28/parse.c:83:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
union { char c[8]; double d; } u;
data/dcraw-9.28/parse.c:243:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[10];
data/dcraw-9.28/parse.c:473:16: [2] (tmpfile) tmpfile:
Function tmpfile() has a security flaw on some systems (e.g., older System
V systems) (CWE-377).
if ((ifp = tmpfile())) {
data/dcraw-9.28/parse.c:508:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tag[4];
data/dcraw-9.28/parse.c:536:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char c, name[256];
data/dcraw-9.28/parse.c:633:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tag[4], type[4], buf[64];
data/dcraw-9.28/parse.c:662:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char data[256];
data/dcraw-9.28/parse.c:698:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char line[128], *val;
data/dcraw-9.28/parse.c:709:3: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (make, "Rollei");
data/dcraw-9.28/parse.c:710:3: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (model, "d530flex");
data/dcraw-9.28/parse.c:737:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[128], value[128], *camf, *pos, *cp, *dp;
data/dcraw-9.28/parse.c:932:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[256];
data/dcraw-9.28/parse.c:965:3: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (make, "Phase One");
data/dcraw-9.28/parse.c:966:3: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy (model, "unknown");
data/dcraw-9.28/parse.c:1040:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[0x8000];
data/dcraw-9.28/parse.c:1069:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char c, ctag[4], buf[0x8000];
data/dcraw-9.28/parse.c:1116:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tag[4], buf[400];
data/dcraw-9.28/parse.c:1157:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tag[4], buf[64];
data/dcraw-9.28/parse.c:1202:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char head[32], *cp;
data/dcraw-9.28/parse.c:1272:11: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
ifp = fopen (fname,"rb");
data/dcraw-9.28/clean_crw.c:46:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
buffer = malloc (size + strlen(argv[arg]) + 10);
data/dcraw-9.28/dcraw.c:49:9: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
#define fgetc getc_unlocked
data/dcraw-9.28/dcraw.c:269:33: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!strncasecmp(c, needle, strlen(needle)))
data/dcraw-9.28/dcraw.c:358:17: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
u.c[i ^ rev] = fgetc(ifp);
data/dcraw-9.28/dcraw.c:360:21: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
default: return fgetc(ifp);
data/dcraw-9.28/dcraw.c:590:9: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (getc(ifp) > 15) return 1;
data/dcraw-9.28/dcraw.c:605:42: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
while (!reset && vbits < nbits && (c = fgetc(ifp)) != EOF &&
data/dcraw-9.28/dcraw.c:606:45: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
!(reset = zero_after_ff && c == 0xff && fgetc(ifp))) {
data/dcraw-9.28/dcraw.c:798:6: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
c = fgetc(ifp);
data/dcraw-9.28/dcraw.c:824:8: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if ((fgetc(ifp),fgetc(ifp)) != 0xd8) return 0;
data/dcraw-9.28/dcraw.c:824:19: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if ((fgetc(ifp),fgetc(ifp)) != 0xd8) return 0;
data/dcraw-9.28/dcraw.c:841:32: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (len == 9 && !dng_version) getc(ifp);
data/dcraw-9.28/dcraw.c:905:36: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
do mark = (mark << 8) + (c = fgetc(ifp));
data/dcraw-9.28/dcraw.c:1179:25: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
FORC(dep) bit[1][c] = fgetc(ifp);
data/dcraw-9.28/dcraw.c:1215:10: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
ver0 = fgetc(ifp);
data/dcraw-9.28/dcraw.c:1216:10: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
ver1 = fgetc(ifp);
data/dcraw-9.28/dcraw.c:1270:29: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
FORC(6) bitbuf |= (UINT64) fgetc(ifp) << c*8;
data/dcraw-9.28/dcraw.c:1291:11: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
histo[fgetc(ifp)]++;
data/dcraw-9.28/dcraw.c:1959:24: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
bitbuf |= ((UINT64) fgetc(ifp) << i);
data/dcraw-9.28/dcraw.c:1963:48: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (load_flags & 1 && (col % 10) == 9 && fgetc(ifp) &&
data/dcraw-9.28/dcraw.c:2565:9: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
c = fgetc(ifp);
data/dcraw-9.28/dcraw.c:2580:15: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
bitbuf = fgetc(ifp) << 8;
data/dcraw-9.28/dcraw.c:2581:15: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
bitbuf += fgetc(ifp);
data/dcraw-9.28/dcraw.c:2588:20: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
bitbuf += (INT64) fgetc(ifp) << (bits+(j^8));
data/dcraw-9.28/dcraw.c:2695:26: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
fseek (ifp, (unsigned) fgetc(ifp)*4 - 1, SEEK_CUR);
data/dcraw-9.28/dcraw.c:2826:9: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
opt = fgetc(ifp);
data/dcraw-9.28/dcraw.c:2999:18: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
nseg = (uchar) fgetc(ifp);
data/dcraw-9.28/dcraw.c:3004:11: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
holes = fgetc(ifp);
data/dcraw-9.28/dcraw.c:3129:33: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
bitbuf = (bitbuf << 8) + fgetc(ifp);
data/dcraw-9.28/dcraw.c:3160:33: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
bitbuf = (bitbuf << 8) + fgetc(ifp);
data/dcraw-9.28/dcraw.c:3177:12: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
clen = getc(ifp);
data/dcraw-9.28/dcraw.c:3178:12: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
code = getc(ifp);
data/dcraw-9.28/dcraw.c:3883:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
cp = fname + strlen(fname);
data/dcraw-9.28/dcraw.c:3928:7: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (fgetc(fp) != 'P' || fgetc(fp) != '5') error = 1;
data/dcraw-9.28/dcraw.c:3928:27: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (fgetc(fp) != 'P' || fgetc(fp) != '5') error = 1;
data/dcraw-9.28/dcraw.c:3929:35: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
while (!error && nd < 3 && (c = fgetc(fp)) != EOF) {
data/dcraw-9.28/dcraw.c:5303:15: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
c = c << 8 | fgetc(ifp);
data/dcraw-9.28/dcraw.c:5305:47: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (get4() == 257 && (i=len) && (c = (get4(),fgetc(ifp))) < 3)
data/dcraw-9.28/dcraw.c:5334:19: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
while ((c = fgetc(ifp)) && c != EOF)
data/dcraw-9.28/dcraw.c:5364:23: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
ver97 = ver97 * 10 + fgetc(ifp)-'0';
data/dcraw-9.28/dcraw.c:5394:20: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
cj = xlat[1][fgetc(ifp)^fgetc(ifp)^fgetc(ifp)^fgetc(ifp)];
data/dcraw-9.28/dcraw.c:5394:31: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
cj = xlat[1][fgetc(ifp)^fgetc(ifp)^fgetc(ifp)^fgetc(ifp)];
data/dcraw-9.28/dcraw.c:5394:42: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
cj = xlat[1][fgetc(ifp)^fgetc(ifp)^fgetc(ifp)^fgetc(ifp)];
data/dcraw-9.28/dcraw.c:5394:53: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
cj = xlat[1][fgetc(ifp)^fgetc(ifp)^fgetc(ifp)^fgetc(ifp)];
data/dcraw-9.28/dcraw.c:5498:32: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
for (i=19; i--; ) str[i] = fgetc(ifp);
data/dcraw-9.28/dcraw.c:5539:18: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
exif_cfa |= fgetc(ifp) * 0x01010101 << c;
data/dcraw-9.28/dcraw.c:5554:22: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
gpsdata[29+tag/2] = getc(ifp); break;
data/dcraw-9.28/dcraw.c:5689:29: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (tag == 64013) wbi = fgetc(ifp);
data/dcraw-9.28/dcraw.c:5749:19: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (type != 7 || fgetc(ifp) != 0xff || fgetc(ifp) != 0xd8) break;
data/dcraw-9.28/dcraw.c:5749:41: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (type != 7 || fgetc(ifp) != 0xff || fgetc(ifp) != 0xd8) break;
data/dcraw-9.28/dcraw.c:5911:35: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
FORC(36) ((char *)xtrans)[c] = fgetc(ifp) & 3;
data/dcraw-9.28/dcraw.c:6054:43: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
FORC4 dng_version = (dng_version << 8) + fgetc(ifp);
data/dcraw-9.28/dcraw.c:6397:7: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (fgetc(ifp) || fgetc(ifp)-'M' || fgetc(ifp)-'R') return;
data/dcraw-9.28/dcraw.c:6397:21: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (fgetc(ifp) || fgetc(ifp)-'M' || fgetc(ifp)-'R') return;
data/dcraw-9.28/dcraw.c:6397:39: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (fgetc(ifp) || fgetc(ifp)-'M' || fgetc(ifp)-'R') return;
data/dcraw-9.28/dcraw.c:6398:11: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
order = fgetc(ifp) * 0x101;
data/dcraw-9.28/dcraw.c:6402:24: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
tag = tag << 8 | fgetc(ifp);
data/dcraw-9.28/dcraw.c:6442:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!ext || strlen(ext) != 4 || ext-file != 8) return;
data/dcraw-9.28/dcraw.c:6443:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
jname = (char *) malloc (strlen(ifname) + 1);
data/dcraw-9.28/dcraw.c:6525:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
fseek (ifp, strlen(make) - 63, SEEK_CUR);
data/dcraw-9.28/dcraw.c:6621:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
val = line + strlen(line);
data/dcraw-9.28/dcraw.c:6766:21: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
fuji_layout = fgetc(ifp) >> 7;
data/dcraw-9.28/dcraw.c:6767:22: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
fuji_width = !(fgetc(ifp) & 8);
data/dcraw-9.28/dcraw.c:6770:38: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
FORC(36) xtrans_abs[0][35-c] = fgetc(ifp) & 3;
data/dcraw-9.28/dcraw.c:6792:7: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (fgetc(ifp) != 0xff || fgetc(ifp) != 0xd8) return 0;
data/dcraw-9.28/dcraw.c:6792:29: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (fgetc(ifp) != 0xff || fgetc(ifp) != 0xd8) return 0;
data/dcraw-9.28/dcraw.c:6794:10: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
while (fgetc(ifp) == 0xff && (mark = fgetc(ifp)) != 0xda) {
data/dcraw-9.28/dcraw.c:6794:40: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
while (fgetc(ifp) == 0xff && (mark = fgetc(ifp)) != 0xda) {
data/dcraw-9.28/dcraw.c:6799:7: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
fgetc(ifp);
data/dcraw-9.28/dcraw.c:6945:9: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
ver = fgetc(ifp);
data/dcraw-9.28/dcraw.c:7085:6: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (fgetc(ifp) == 0xff && fgetc(ifp) == 0xd8
data/dcraw-9.28/dcraw.c:7085:28: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (fgetc(ifp) == 0xff && fgetc(ifp) == 0xd8
data/dcraw-9.28/dcraw.c:8295:42: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (!strncmp (name, table[i].prefix, strlen(table[i].prefix))) {
data/dcraw-9.28/dcraw.c:8365:26: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
bitbuf |= (unsigned) (fgetc(ifp) << i);
data/dcraw-9.28/dcraw.c:8713:9: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (fgetc(ifp) != 0xff)
data/dcraw-9.28/dcraw.c:8891:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
cp = make + strlen(make); /* Remove trailing spaces */
data/dcraw-9.28/dcraw.c:8893:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
cp = model + strlen(model);
data/dcraw-9.28/dcraw.c:8895:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
i = strlen(make); /* Remove make from model */
data/dcraw-9.28/dcraw.c:8968:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (model[4] == 'K' && strlen(model) == 8)
data/dcraw-9.28/dcraw.c:9798:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
oprof[pbody[5]/4+2] = strlen(name[output_color-1]) + 1;
data/dcraw-9.28/dcraw.c:9986:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy (th->desc, desc, 512);
data/dcraw-9.28/dcraw.c:9987:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy (th->make, make, 64);
data/dcraw-9.28/dcraw.c:9988:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy (th->model, model, 64);
data/dcraw-9.28/dcraw.c:9993:3: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy (th->artist, artist, 64);
data/dcraw-9.28/dcraw.c:10502:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ofname = (char *) malloc (strlen(ifname) + 64);
data/dcraw-9.28/dcraw.c:10510:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sprintf (ofname+strlen(ofname), "_%0*d",
data/dcraw-9.28/fuji_green.c:44:7: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
a = fgetc(ifp);
data/dcraw-9.28/fuji_green.c:45:7: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
b = fgetc(ifp);
data/dcraw-9.28/fuji_green.c:56:7: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
a = fgetc(ifp);
data/dcraw-9.28/fuji_green.c:57:7: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
b = fgetc(ifp);
data/dcraw-9.28/fuji_green.c:58:7: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
c = fgetc(ifp);
data/dcraw-9.28/fuji_green.c:59:7: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
d = fgetc(ifp);
data/dcraw-9.28/fuji_green.c:113:21: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
fuji_layout = fgetc(ifp) >> 7;
data/dcraw-9.28/fuji_green.c:173:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
c = model + strlen(model); /* Remove trailing spaces */
data/dcraw-9.28/fuji_green.c:350:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
ofname = malloc (strlen(ifname) + 16);
data/dcraw-9.28/parse.c:88:20: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
u.c[i ^ rev] = fgetc(ifp);
data/dcraw-9.28/parse.c:101:32: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
while (vbits < nbits && (c = fgetc(ifp)) != EOF) {
data/dcraw-9.28/parse.c:144:54: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
printf ("%c%02x",(j & 31) || count < 17 ? ' ':'\n', fgetc(ifp) & 0xff);
data/dcraw-9.28/parse.c:147:6: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
c = fgetc(ifp);
data/dcraw-9.28/parse.c:183:46: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
printf ("%s%02x", j & 31 ? " ":"\n\t", fgetc(ifp));
data/dcraw-9.28/parse.c:283:30: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
while (len--) putchar (fgetc(ifp));
data/dcraw-9.28/parse.c:304:21: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
while ((val = fgetc(ifp)) && val != EOF)
data/dcraw-9.28/parse.c:313:13: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
key = fgetc(ifp)^fgetc(ifp)^fgetc(ifp)^fgetc(ifp);
data/dcraw-9.28/parse.c:313:24: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
key = fgetc(ifp)^fgetc(ifp)^fgetc(ifp)^fgetc(ifp);
data/dcraw-9.28/parse.c:313:35: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
key = fgetc(ifp)^fgetc(ifp)^fgetc(ifp)^fgetc(ifp);
data/dcraw-9.28/parse.c:313:46: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
key = fgetc(ifp)^fgetc(ifp)^fgetc(ifp)^fgetc(ifp);
data/dcraw-9.28/parse.c:511:7: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (fgetc(ifp) || fgetc(ifp)-'M' || fgetc(ifp)-'R') return;
data/dcraw-9.28/parse.c:511:21: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (fgetc(ifp) || fgetc(ifp)-'M' || fgetc(ifp)-'R') return;
data/dcraw-9.28/parse.c:511:39: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (fgetc(ifp) || fgetc(ifp)-'M' || fgetc(ifp)-'R') return;
data/dcraw-9.28/parse.c:512:11: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
order = fgetc(ifp) * 0x101;
data/dcraw-9.28/parse.c:574:55: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
printf ("%c%02x",(j & 31) || dlen < 16 ? ' ':'\n', fgetc(ifp) & 0xff);
data/dcraw-9.28/parse.c:579:8: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
c = fgetc(ifp);
data/dcraw-9.28/parse.c:604:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
strcpy (model, name + strlen(make)+1);
data/dcraw-9.28/parse.c:614:7: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (fgetc(ifp) != 0xff || fgetc(ifp) != 0xd8) return 0;
data/dcraw-9.28/parse.c:614:29: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if (fgetc(ifp) != 0xff || fgetc(ifp) != 0xd8) return 0;
data/dcraw-9.28/parse.c:616:10: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
while (fgetc(ifp) == 0xff && fgetc(ifp) >> 4 != 0xd) {
data/dcraw-9.28/parse.c:616:32: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
while (fgetc(ifp) == 0xff && fgetc(ifp) >> 4 != 0xd) {
data/dcraw-9.28/parse.c:707:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
val = line + strlen(line);
data/dcraw-9.28/parse.c:794:12: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
tag = getc(ifp);
data/dcraw-9.28/parse.c:795:12: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
val = getc(ifp);
data/dcraw-9.28/parse.c:923:23: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
printf (" %02x",fgetc(ifp));
data/dcraw-9.28/parse.c:1011:22: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
printf ("%02X%c", fgetc(ifp), i == 3 ? '\n':' ');
data/dcraw-9.28/parse.c:1030:22: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
printf ("%02X%c", fgetc(ifp),
data/dcraw-9.28/parse.c:1060:20: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
printf ("%02x", getc(ifp));
data/dcraw-9.28/parse.c:1138:46: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
printf ("%s%02x",(0x550 >> i) & 1 ? "-":"", fgetc(ifp));
ANALYSIS SUMMARY:
Hits = 346
Lines analyzed = 12381 in approximately 0.52 seconds (23701 lines/second)
Physical Source Lines of Code (SLOC) = 11572
Hits@level = [0] 321 [1] 125 [2] 185 [3] 0 [4] 36 [5] 0
Hits@level+ = [0+] 667 [1+] 346 [2+] 221 [3+] 36 [4+] 36 [5+] 0
Hits/KSLOC@level+ = [0+] 57.6391 [1+] 29.8998 [2+] 19.0978 [3+] 3.11096 [4+] 3.11096 [5+] 0
Dot directories skipped = 1 (--followdotdir overrides)
Minimum risk level = 1
Not every hit is necessarily a security vulnerability.
There may be other security vulnerabilities; review your code!
See 'Secure Programming HOWTO'
(https://dwheeler.com/secure-programs) for more information.