Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler.
Number of rules (primarily dangerous function names) in C/C++ ruleset: 223
Examining data/edid-decode-0.1~git20191209.e719d04/edid-decode.cpp
Examining data/edid-decode-0.1~git20191209.e719d04/edid-decode.h
Examining data/edid-decode-0.1~git20191209.e719d04/parse-base-block.cpp
Examining data/edid-decode-0.1~git20191209.e719d04/parse-cta-block.cpp
Examining data/edid-decode-0.1~git20191209.e719d04/parse-di-ext-block.cpp
Examining data/edid-decode-0.1~git20191209.e719d04/parse-displayid-block.cpp
Examining data/edid-decode-0.1~git20191209.e719d04/parse-ls-ext-block.cpp
Examining data/edid-decode-0.1~git20191209.e719d04/parse-vtb-ext-block.cpp
FINAL RESULTS:
data/edid-decode-0.1~git20191209.e719d04/edid-decode.cpp:94:2: [4] (format) vsprintf:
Potential format string problem (CWE-134). Make format string constant.
vsprintf(buf, fmt, ap);
data/edid-decode-0.1~git20191209.e719d04/edid-decode.cpp:204:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buf, "%u%s", t->vact, t->interlaced ? "i" : "");
data/edid-decode-0.1~git20191209.e719d04/parse-cta-block.cpp:376:4: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(suffix, "VIC %3u%s", vic, native ? ", native" : "");
data/edid-decode-0.1~git20191209.e719d04/parse-cta-block.cpp:401:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(buf, "VIC %3u%s%s", vic, *suffix ? ", " : "", suffix);
data/edid-decode-0.1~git20191209.e719d04/edid-decode.cpp:915:12: [3] (buffer) getopt_long:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
int ch = getopt_long(argc, argv, short_options,
data/edid-decode-0.1~git20191209.e719d04/edid-decode.cpp:24:17: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static unsigned char edid[EDID_PAGE_SIZE * EDID_MAX_BLOCKS];
data/edid-decode-0.1~git20191209.e719d04/edid-decode.cpp:49:8: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char options[OptLast];
data/edid-decode-0.1~git20191209.e719d04/edid-decode.cpp:90:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[256] = "";
data/edid-decode-0.1~git20191209.e719d04/edid-decode.cpp:203:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[10];
data/edid-decode-0.1~git20191209.e719d04/edid-decode.cpp:299:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[10];
data/edid-decode-0.1~git20191209.e719d04/edid-decode.cpp:301:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, "0x%02hhx", x);
data/edid-decode-0.1~git20191209.e719d04/edid-decode.cpp:339:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[3];
data/edid-decode-0.1~git20191209.e719d04/edid-decode.cpp:475:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[EDID_PAGE_SIZE];
data/edid-decode-0.1~git20191209.e719d04/edid-decode.cpp:536:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(edid, data, edid_data.size());
data/edid-decode-0.1~git20191209.e719d04/edid-decode.cpp:660:19: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
} else if ((fd = open(from_file, O_RDONLY)) == -1) {
data/edid-decode-0.1~git20191209.e719d04/edid-decode.cpp:668:21: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
} else if ((out = fopen(to_file, "w")) == NULL) {
data/edid-decode-0.1~git20191209.e719d04/edid-decode.cpp:703:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[10];
data/edid-decode-0.1~git20191209.e719d04/edid-decode.cpp:715:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, " 0x%02x", block);
data/edid-decode-0.1~git20191209.e719d04/edid-decode.cpp:852:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[512];
data/edid-decode-0.1~git20191209.e719d04/edid-decode.cpp:898:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char short_options[26 * 2 * 2 + 1];
data/edid-decode-0.1~git20191209.e719d04/parse-base-block.cpp:19:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char name[4];
data/edid-decode-0.1~git20191209.e719d04/parse-base-block.cpp:703:24: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char empty[3] = { 0, 0, 0 };
data/edid-decode-0.1~git20191209.e719d04/parse-base-block.cpp:779:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char s[EDID_PAGE_SIZE];
data/edid-decode-0.1~git20191209.e719d04/parse-base-block.cpp:1332:24: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char zero_descr[18] = { 0 };
data/edid-decode-0.1~git20191209.e719d04/parse-base-block.cpp:1467:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[6] = { 0 };
data/edid-decode-0.1~git20191209.e719d04/parse-base-block.cpp:1470:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buf, x + 5, 5);
data/edid-decode-0.1~git20191209.e719d04/parse-base-block.cpp:1686:25: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static const unsigned char srgb_chromaticity[10] = {
data/edid-decode-0.1~git20191209.e719d04/parse-cta-block.cpp:374:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char suffix[16];
data/edid-decode-0.1~git20191209.e719d04/parse-cta-block.cpp:399:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[256];
data/edid-decode-0.1~git20191209.e719d04/parse-cta-block.cpp:462:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char suffix[16];
data/edid-decode-0.1~git20191209.e719d04/parse-cta-block.cpp:466:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(suffix, "VIC %3u", vic);
data/edid-decode-0.1~git20191209.e719d04/parse-displayid-block.cpp:95:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[256];
data/edid-decode-0.1~git20191209.e719d04/parse-displayid-block.cpp:97:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buf, x + 15, x[14]);
data/edid-decode-0.1~git20191209.e719d04/parse-displayid-block.cpp:433:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char suffix[16];
data/edid-decode-0.1~git20191209.e719d04/parse-displayid-block.cpp:436:31: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
case 0: t = find_dmt_id(id); strcpy(suffix, "DMT"); break;
data/edid-decode-0.1~git20191209.e719d04/parse-displayid-block.cpp:437:31: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
case 1: t = find_vic_id(id); sprintf(suffix, "VIC %3u", id); break;
data/edid-decode-0.1~git20191209.e719d04/parse-displayid-block.cpp:438:36: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
case 2: t = find_hdmi_vic_id(id); sprintf(suffix, "HDMI VIC %u", id); break;
data/edid-decode-0.1~git20191209.e719d04/parse-displayid-block.cpp:813:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char suffix[16];
data/edid-decode-0.1~git20191209.e719d04/parse-displayid-block.cpp:818:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(suffix, "DMT");
data/edid-decode-0.1~git20191209.e719d04/parse-displayid-block.cpp:822:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(suffix, "VIC %3u", x[i]);
data/edid-decode-0.1~git20191209.e719d04/parse-displayid-block.cpp:826:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(suffix, "HDMI VIC %u", x[i]);
data/edid-decode-0.1~git20191209.e719d04/parse-displayid-block.cpp:1473:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char suffix[16];
data/edid-decode-0.1~git20191209.e719d04/parse-displayid-block.cpp:1474:9: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(suffix, "VIC %3u", i + 1);
data/edid-decode-0.1~git20191209.e719d04/parse-ls-ext-block.cpp:33:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[4];
data/edid-decode-0.1~git20191209.e719d04/edid-decode.cpp:422:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
start = s + strlen(indentation);
data/edid-decode-0.1~git20191209.e719d04/edid-decode.cpp:478:15: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
ssize_t i = read(fd, buf, sizeof(buf));
data/edid-decode-0.1~git20191209.e719d04/edid-decode.cpp:547:11: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
for (i = strlen(name); i < 15; i++)
data/edid-decode-0.1~git20191209.e719d04/parse-base-block.cpp:1471:8: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(buf) != 5)
ANALYSIS SUMMARY:
Hits = 48
Lines analyzed = 6629 in approximately 0.31 seconds (21168 lines/second)
Physical Source Lines of Code (SLOC) = 5571
Hits@level = [0] 902 [1] 4 [2] 39 [3] 1 [4] 4 [5] 0
Hits@level+ = [0+] 950 [1+] 48 [2+] 44 [3+] 5 [4+] 4 [5+] 0
Hits/KSLOC@level+ = [0+] 170.526 [1+] 8.61605 [2+] 7.89804 [3+] 0.897505 [4+] 0.718004 [5+] 0
Dot directories skipped = 1 (--followdotdir overrides)
Minimum risk level = 1
Not every hit is necessarily a security vulnerability.
There may be other security vulnerabilities; review your code!
See 'Secure Programming HOWTO'
(https://dwheeler.com/secure-programs) for more information.