Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler.
Number of rules (primarily dangerous function names) in C/C++ ruleset: 223
Examining data/ffms2-2.23/include/ffms.h
Examining data/ffms2-2.23/include/ffmscompat.h
Examining data/ffms2-2.23/src/avisynth/avisynth.cpp
Examining data/ffms2-2.23/src/avisynth/avssources.cpp
Examining data/ffms2-2.23/src/avisynth/avssources.h
Examining data/ffms2-2.23/src/config/libs.cpp
Examining data/ffms2-2.23/src/config/msvc-config.h
Examining data/ffms2-2.23/src/core/audiosource.cpp
Examining data/ffms2-2.23/src/core/audiosource.h
Examining data/ffms2-2.23/src/core/ffms.cpp
Examining data/ffms2-2.23/src/core/filehandle.cpp
Examining data/ffms2-2.23/src/core/filehandle.h
Examining data/ffms2-2.23/src/core/indexing.cpp
Examining data/ffms2-2.23/src/core/indexing.h
Examining data/ffms2-2.23/src/core/lavfaudio.cpp
Examining data/ffms2-2.23/src/core/lavfindexer.cpp
Examining data/ffms2-2.23/src/core/lavfvideo.cpp
Examining data/ffms2-2.23/src/core/track.cpp
Examining data/ffms2-2.23/src/core/track.h
Examining data/ffms2-2.23/src/core/utils.cpp
Examining data/ffms2-2.23/src/core/utils.h
Examining data/ffms2-2.23/src/core/videosource.cpp
Examining data/ffms2-2.23/src/core/videosource.h
Examining data/ffms2-2.23/src/core/videoutils.cpp
Examining data/ffms2-2.23/src/core/videoutils.h
Examining data/ffms2-2.23/src/core/wave64writer.cpp
Examining data/ffms2-2.23/src/core/wave64writer.h
Examining data/ffms2-2.23/src/core/zipfile.cpp
Examining data/ffms2-2.23/src/core/zipfile.h
Examining data/ffms2-2.23/src/index/ffmsindex.cpp
Examining data/ffms2-2.23/src/vapoursynth/VSHelper.h
Examining data/ffms2-2.23/src/vapoursynth/VapourSynth.h
Examining data/ffms2-2.23/src/vapoursynth/vapoursource.cpp
Examining data/ffms2-2.23/src/vapoursynth/vapoursource.h
Examining data/ffms2-2.23/src/vapoursynth/vapoursynth.cpp
FINAL RESULTS:
data/ffms2-2.23/include/ffmscompat.h:49:10: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
# define snprintf _snprintf
data/ffms2-2.23/include/ffmscompat.h:49:19: [4] (format) _snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
# define snprintf _snprintf
data/ffms2-2.23/src/core/ffms.cpp:60:13: [4] (format) vsnprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
written += vsnprintf(line + written, sizeof(line) - written, fmt, vl);
data/ffms2-2.23/src/core/ffms.cpp:75:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(prev, line);
data/ffms2-2.23/src/core/ffms.cpp:358:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(FileName, s.c_str());
data/ffms2-2.23/src/core/filehandle.cpp:107:9: [4] (format) vsnprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
ret = vsnprintf(OutBuffer.data(), OutBuffer.size(), fmt, args);
data/ffms2-2.23/src/core/filehandle.h:47:24: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
__attribute__((format(printf, 2, 3)))
data/ffms2-2.23/src/index/ffmsindex.cpp:143:9: [4] (format) snprintf:
If format strings can be influenced by an attacker, they can be exploited,
and note that sprintf variations do not always \0-terminate (CWE-134). Use
a constant for the format specification.
return snprintf(FileName, FileName ? FNSize : 0, AudioFile.c_str(), SourceFile, Track) + 1;
data/ffms2-2.23/src/avisynth/avssources.h:30:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ErrorBuffer[1024];
data/ffms2-2.23/src/core/audiosource.cpp:254:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(dst, data, DecodeFrame->nb_samples * BytesPerSample);
data/ffms2-2.23/src/core/audiosource.cpp:323:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ptr, ptr - MissingBytes, MissingBytes);
data/ffms2-2.23/src/core/audiosource.cpp:367:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(Dst + DstOffset * BytesPerSample, it->Data.get() + SrcOffset * BytesPerSample, Bytes);
data/ffms2-2.23/src/core/ffms.cpp:52:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char line[1024] = {}, prev[1024] = {};
data/ffms2-2.23/src/core/indexing.cpp:56:47: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
void FFMS_Index::CalculateFileSignature(const char *Filename, int64_t *Filesize, uint8_t Digest[20]) {
data/ffms2-2.23/src/core/indexing.h:54:43: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static void CalculateFileSignature(const char *Filename, int64_t *Filesize, uint8_t Digest[20]);
data/ffms2-2.23/src/core/wave64writer.cpp:80:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(Header + 0, GuidRIFF, 16);
data/ffms2-2.23/src/core/wave64writer.cpp:86:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(Header + 3, GuidWAVE, 16);
data/ffms2-2.23/src/core/wave64writer.cpp:87:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(Header + 5, Guidfmt, 16);
data/ffms2-2.23/src/core/wave64writer.cpp:91:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(Header + 8, &WFEX, sizeof(WFEX));
data/ffms2-2.23/src/core/wave64writer.cpp:92:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(Header + 11, Guiddata, 16);
data/ffms2-2.23/src/core/zipfile.cpp:144:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(ret, reinterpret_cast<uint8_t *>(&index_buffer[0]), index_buffer.size());
data/ffms2-2.23/src/index/ffmsindex.cpp:101:19: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
IgnoreErrors = atoi(OPTION_ARG("s"));
data/ffms2-2.23/src/index/ffmsindex.cpp:150:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tn[3];
data/ffms2-2.23/src/index/ffmsindex.cpp:156:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ErrorMsg[1024];
data/ffms2-2.23/src/vapoursynth/VSHelper.h:119:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(dstp, srcp, row_size * height);
data/ffms2-2.23/src/vapoursynth/VSHelper.h:125:17: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(dstp8, srcp8, row_size);
data/ffms2-2.23/src/vapoursynth/VapourSynth.h:143:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char name[32];
data/ffms2-2.23/src/vapoursynth/vapoursource.cpp:114:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ErrorMsg[1024];
data/ffms2-2.23/src/vapoursynth/vapoursource.cpp:207:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ErrorMsg[1024];
data/ffms2-2.23/src/vapoursynth/vapoursource.cpp:259:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ErrorMsg[1024];
data/ffms2-2.23/src/vapoursynth/vapoursynth.cpp:34:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ErrorMsg[1024];
data/ffms2-2.23/src/vapoursynth/vapoursynth.cpp:132:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ErrorMsg[1024];
data/ffms2-2.23/src/vapoursynth/vapoursynth.cpp:257:2: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[100];
data/ffms2-2.23/src/vapoursynth/vapoursynth.cpp:258:2: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(buf, "%d.%d.%d.%d", Version >> 24, (Version & 0xFF0000) >> 16, (Version & 0xFF00) >> 8, Version & 0xFF);
data/ffms2-2.23/src/core/ffms.cpp:343:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
s.replace(idx, strlen(from), to);
ANALYSIS SUMMARY:
Hits = 35
Lines analyzed = 7712 in approximately 0.27 seconds (29074 lines/second)
Physical Source Lines of Code (SLOC) = 5569
Hits@level = [0] 2 [1] 1 [2] 26 [3] 0 [4] 8 [5] 0
Hits@level+ = [0+] 37 [1+] 35 [2+] 34 [3+] 8 [4+] 8 [5+] 0
Hits/KSLOC@level+ = [0+] 6.64392 [1+] 6.28479 [2+] 6.10523 [3+] 1.43652 [4+] 1.43652 [5+] 0
Dot directories skipped = 1 (--followdotdir overrides)
Minimum risk level = 1
Not every hit is necessarily a security vulnerability.
There may be other security vulnerabilities; review your code!
See 'Secure Programming HOWTO'
(https://dwheeler.com/secure-programs) for more information.