Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler.
Number of rules (primarily dangerous function names) in C/C++ ruleset: 223
Examining data/frei0r-1.7.0/include/msvc/stdint.h
Examining data/frei0r-1.7.0/include/msvc/inttypes.h
Examining data/frei0r-1.7.0/include/frei0r.h
Examining data/frei0r-1.7.0/include/frei0r_colorspace.h
Examining data/frei0r-1.7.0/include/frei0r.hpp
Examining data/frei0r-1.7.0/include/frei0r_cfc.h
Examining data/frei0r-1.7.0/include/blur.h
Examining data/frei0r-1.7.0/include/frei0r_math.h
Examining data/frei0r-1.7.0/include/frei0r_cairo.h
Examining data/frei0r-1.7.0/src/mixer2/dodge/dodge.cpp
Examining data/frei0r-1.7.0/src/mixer2/subtract/subtract.cpp
Examining data/frei0r-1.7.0/src/mixer2/divide/divide.cpp
Examining data/frei0r-1.7.0/src/mixer2/darken/darken.cpp
Examining data/frei0r-1.7.0/src/mixer2/alphaover/alphaover.cpp
Examining data/frei0r-1.7.0/src/mixer2/addition/addition.cpp
Examining data/frei0r-1.7.0/src/mixer2/cairoblend/cairoblend.c
Examining data/frei0r-1.7.0/src/mixer2/color_only/color_only.cpp
Examining data/frei0r-1.7.0/src/mixer2/hue/hue.cpp
Examining data/frei0r-1.7.0/src/mixer2/uvmap/uvmap.c
Examining data/frei0r-1.7.0/src/mixer2/addition_alpha/addition_alpha.cpp
Examining data/frei0r-1.7.0/src/mixer2/lighten/lighten.cpp
Examining data/frei0r-1.7.0/src/mixer2/difference/difference.cpp
Examining data/frei0r-1.7.0/src/mixer2/blend/blend.cpp
Examining data/frei0r-1.7.0/src/mixer2/alphaxor/alphaxor.cpp
Examining data/frei0r-1.7.0/src/mixer2/grain_extract/grain_extract.cpp
Examining data/frei0r-1.7.0/src/mixer2/screen/screen.cpp
Examining data/frei0r-1.7.0/src/mixer2/alphain/alphain.cpp
Examining data/frei0r-1.7.0/src/mixer2/composition/composition.c
Examining data/frei0r-1.7.0/src/mixer2/value/value.cpp
Examining data/frei0r-1.7.0/src/mixer2/multiply/multiply.cpp
Examining data/frei0r-1.7.0/src/mixer2/hardlight/hardlight.cpp
Examining data/frei0r-1.7.0/src/mixer2/xfade0r/xfade0r.cpp
Examining data/frei0r-1.7.0/src/mixer2/alphainjection/alphainjection.c
Examining data/frei0r-1.7.0/src/mixer2/overlay/overlay.cpp
Examining data/frei0r-1.7.0/src/mixer2/saturation/saturation.cpp
Examining data/frei0r-1.7.0/src/mixer2/softlight/softlight.cpp
Examining data/frei0r-1.7.0/src/mixer2/cairoaffineblend/cairoaffineblend.c
Examining data/frei0r-1.7.0/src/mixer2/burn/burn.cpp
Examining data/frei0r-1.7.0/src/mixer2/alphaatop/alphaatop.cpp
Examining data/frei0r-1.7.0/src/mixer2/grain_merge/grain_merge.cpp
Examining data/frei0r-1.7.0/src/mixer2/alphaout/alphaout.cpp
Examining data/frei0r-1.7.0/src/generator/ising0r/ising0r.c
Examining data/frei0r-1.7.0/src/generator/lissajous0r/lissajous0r.cpp
Examining data/frei0r-1.7.0/src/generator/onecol0r/onecol0r.cpp
Examining data/frei0r-1.7.0/src/generator/partik0l/partik0l.cpp
Examining data/frei0r-1.7.0/src/generator/dem0scene/plasma.cpp
Examining data/frei0r-1.7.0/src/generator/test_pat/test_pat_G.c
Examining data/frei0r-1.7.0/src/generator/test_pat/test_pat_R.c
Examining data/frei0r-1.7.0/src/generator/test_pat/test_pat_I.c
Examining data/frei0r-1.7.0/src/generator/test_pat/test_pat_L.c
Examining data/frei0r-1.7.0/src/generator/test_pat/test_pat_B.c
Examining data/frei0r-1.7.0/src/generator/test_pat/test_pat_C.c
Examining data/frei0r-1.7.0/src/generator/nois0r/nois0r.cpp
Examining data/frei0r-1.7.0/src/mixer3/RGB/RGB.c
Examining data/frei0r-1.7.0/src/filter/distort0r/distort0r.c
Examining data/frei0r-1.7.0/src/filter/rgbsplit0r/rgbsplit0r.c
Examining data/frei0r-1.7.0/src/filter/keyspillm0pup/keyspillm0pup.c
Examining data/frei0r-1.7.0/src/filter/softglow/softglow.c
Examining data/frei0r-1.7.0/src/filter/colortap/colortap.c
Examining data/frei0r-1.7.0/src/filter/threelay0r/threelay0r.cpp
Examining data/frei0r-1.7.0/src/filter/denoise/hqdn3d.c
Examining data/frei0r-1.7.0/src/filter/hueshift0r/hueshift0r.c
Examining data/frei0r-1.7.0/src/filter/hueshift0r/matrix.h
Examining data/frei0r-1.7.0/src/filter/nosync0r/nosync0r.cpp
Examining data/frei0r-1.7.0/src/filter/elastic_scale/elastic_scale.cpp
Examining data/frei0r-1.7.0/src/filter/spillsupress/spillsupress.c
Examining data/frei0r-1.7.0/src/filter/gamma/gamma.c
Examining data/frei0r-1.7.0/src/filter/tehroxx0r/tehRoxx0r.c
Examining data/frei0r-1.7.0/src/filter/brightness/brightness.c
Examining data/frei0r-1.7.0/src/filter/glow/glow.c
Examining data/frei0r-1.7.0/src/filter/dither/dither.c
Examining data/frei0r-1.7.0/src/filter/colorhalftone/colorhalftone.c
Examining data/frei0r-1.7.0/src/filter/host_param_test/host_param_test.c
Examining data/frei0r-1.7.0/src/filter/c0rners/interp.h
Examining data/frei0r-1.7.0/src/filter/c0rners/c0rners.c
Examining data/frei0r-1.7.0/src/filter/select0r/select0r.c
Examining data/frei0r-1.7.0/src/filter/tint0r/tint0r.c
Examining data/frei0r-1.7.0/src/filter/threshold0r/threshold0r.c
Examining data/frei0r-1.7.0/src/filter/transparency/transparency.c
Examining data/frei0r-1.7.0/src/filter/vertigo/vertigo.c
Examining data/frei0r-1.7.0/src/filter/luminance/luminance.c
Examining data/frei0r-1.7.0/src/filter/colgate/colgate.c
Examining data/frei0r-1.7.0/src/filter/tutorial/tutorial.cpp
Examining data/frei0r-1.7.0/src/filter/posterize/posterize.c
Examining data/frei0r-1.7.0/src/filter/ndvi/ndvi.cpp
Examining data/frei0r-1.7.0/src/filter/ndvi/gradientlut.hpp
Examining data/frei0r-1.7.0/src/filter/normaliz0r/normaliz0r.c
Examining data/frei0r-1.7.0/src/filter/baltan/baltan.cpp
Examining data/frei0r-1.7.0/src/filter/vectorscope/vectorscope.c
Examining data/frei0r-1.7.0/src/filter/vectorscope/vectorscope_image.h
Examining data/frei0r-1.7.0/src/filter/equaliz0r/equaliz0r.cpp
Examining data/frei0r-1.7.0/src/filter/edgeglow/edgeglow.cpp
Examining data/frei0r-1.7.0/src/filter/premultiply/premultiply.cpp
Examining data/frei0r-1.7.0/src/filter/blur/IIRblur.c
Examining data/frei0r-1.7.0/src/filter/blur/fibe.h
Examining data/frei0r-1.7.0/src/filter/colordistance/colordistance.c
Examining data/frei0r-1.7.0/src/filter/bgsubtract0r/bgsubtract0r.c
Examining data/frei0r-1.7.0/src/filter/cartoon/cartoon.cpp
Examining data/frei0r-1.7.0/src/filter/medians/medians.c
Examining data/frei0r-1.7.0/src/filter/medians/small_medians.h
Examining data/frei0r-1.7.0/src/filter/medians/ctmf.h
Examining data/frei0r-1.7.0/src/filter/sigmoidaltransfer/sigmoidaltransfer.c
Examining data/frei0r-1.7.0/src/filter/saturat0r/saturat0r.c
Examining data/frei0r-1.7.0/src/filter/cairoimagegrid/cairoimagegrid.c
Examining data/frei0r-1.7.0/src/filter/contrast0r/contrast0r.c
Examining data/frei0r-1.7.0/src/filter/bw0r/bw0r.c
Examining data/frei0r-1.7.0/src/filter/sharpness/sharpness.c
Examining data/frei0r-1.7.0/src/filter/bluescreen0r/bluescreen0r.cpp
Examining data/frei0r-1.7.0/src/filter/RGB/G.c
Examining data/frei0r-1.7.0/src/filter/RGB/B.c
Examining data/frei0r-1.7.0/src/filter/RGB/R.c
Examining data/frei0r-1.7.0/src/filter/timeout/timeout.cpp
Examining data/frei0r-1.7.0/src/filter/flippo/flippo.c
Examining data/frei0r-1.7.0/src/filter/levels/levels.c
Examining data/frei0r-1.7.0/src/filter/twolay0r/twolay0r.cpp
Examining data/frei0r-1.7.0/src/filter/facebl0r/facebl0r.cpp
Examining data/frei0r-1.7.0/src/filter/water/water.cpp
Examining data/frei0r-1.7.0/src/filter/lightgraffiti/lightgraffiti.cpp
Examining data/frei0r-1.7.0/src/filter/cluster/cluster.c
Examining data/frei0r-1.7.0/src/filter/cairogradient/cairogradient.c
Examining data/frei0r-1.7.0/src/filter/delay0r/delay0r.cpp
Examining data/frei0r-1.7.0/src/filter/perspective/perspective.c
Examining data/frei0r-1.7.0/src/filter/3dflippo/3dflippo.c
Examining data/frei0r-1.7.0/src/filter/letterb0xed/letterb0xed.c
Examining data/frei0r-1.7.0/src/filter/pixeliz0r/pixeliz0r.c
Examining data/frei0r-1.7.0/src/filter/alpha0ps/alphaspot.c
Examining data/frei0r-1.7.0/src/filter/alpha0ps/fibe_f.h
Examining data/frei0r-1.7.0/src/filter/alpha0ps/alphagrad.c
Examining data/frei0r-1.7.0/src/filter/alpha0ps/alpha0ps.c
Examining data/frei0r-1.7.0/src/filter/glitch0r/glitch0r.c
Examining data/frei0r-1.7.0/src/filter/d90stairsteppingfix/d90stairsteppingfix.cpp
Examining data/frei0r-1.7.0/src/filter/emboss/emboss.c
Examining data/frei0r-1.7.0/src/filter/facedetect/facedetect.cpp
Examining data/frei0r-1.7.0/src/filter/coloradj/coloradj_RGB.c
Examining data/frei0r-1.7.0/src/filter/colorize/colorize.c
Examining data/frei0r-1.7.0/src/filter/sopsat/sopsat.cpp
Examining data/frei0r-1.7.0/src/filter/nervous/nervous.cpp
Examining data/frei0r-1.7.0/src/filter/curves/curves.c
Examining data/frei0r-1.7.0/src/filter/measure/font2.h
Examining data/frei0r-1.7.0/src/filter/measure/pr0be.c
Examining data/frei0r-1.7.0/src/filter/measure/pr0file.c
Examining data/frei0r-1.7.0/src/filter/measure/measure.h
Examining data/frei0r-1.7.0/src/filter/vignette/vignette.cpp
Examining data/frei0r-1.7.0/src/filter/delaygrab/delaygrab.cpp
Examining data/frei0r-1.7.0/src/filter/defish0r/interp.h
Examining data/frei0r-1.7.0/src/filter/defish0r/defish0r.c
Examining data/frei0r-1.7.0/src/filter/lenscorrection/lenscorrection.c
Examining data/frei0r-1.7.0/src/filter/rgbnoise/rgbnoise.c
Examining data/frei0r-1.7.0/src/filter/rgbparade/rgbparade.c
Examining data/frei0r-1.7.0/src/filter/rgbparade/rgbparade_image.h
Examining data/frei0r-1.7.0/src/filter/invert0r/invert0r.c
Examining data/frei0r-1.7.0/src/filter/primaries/primaries.cpp
Examining data/frei0r-1.7.0/src/filter/balanc0r/balanc0r.c
Examining data/frei0r-1.7.0/src/filter/mask0mate/mask0mate.c
Examining data/frei0r-1.7.0/src/filter/sobel/sobel.cpp
Examining data/frei0r-1.7.0/src/filter/scanline0r/scanline0r.cpp
Examining data/frei0r-1.7.0/src/filter/scale0tilt/scale0tilt.c
Examining data/frei0r-1.7.0/src/filter/three_point_balance/three_point_balance.c
Examining data/frei0r-1.7.0/src/filter/squareblur/squareblur.c
FINAL RESULTS:
data/frei0r-1.7.0/src/filter/cairogradient/cairogradient.c:142:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (inst->pattern, pattern_val);
data/frei0r-1.7.0/src/filter/cairogradient/cairogradient.c:160:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (inst->blend_mode, blend_val);
data/frei0r-1.7.0/src/filter/cairogradient/cairogradient.c:182:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( inst->pattern, sval );
data/frei0r-1.7.0/src/filter/cairogradient/cairogradient.c:214:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (inst->blend_mode, sval);
data/frei0r-1.7.0/src/filter/colortap/colortap.c:345:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( inst->table, sval );
data/frei0r-1.7.0/src/filter/colortap/colortap.c:364:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( inst->table, sval );
data/frei0r-1.7.0/src/filter/curves/curves.c:176:2: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(param_names[i], "%s%d%s", POINT, i / 2 + 1, val);
data/frei0r-1.7.0/src/filter/host_param_test/host_param_test.c:104:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( inst->svalue, sval );
data/frei0r-1.7.0/src/filter/host_param_test/host_param_test.c:134:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( inst->svalue, sval );
data/frei0r-1.7.0/src/filter/keyspillm0pup/keyspillm0pup.c:834:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( in->liststr, sval );
data/frei0r-1.7.0/src/filter/keyspillm0pup/keyspillm0pup.c:881:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( p->liststr, tmpch );
data/frei0r-1.7.0/src/filter/keyspillm0pup/keyspillm0pup.c:913:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( p->liststr, tmpch );
data/frei0r-1.7.0/src/filter/keyspillm0pup/keyspillm0pup.c:930:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( p->liststr, tmpch );
data/frei0r-1.7.0/src/filter/measure/pr0be.c:169:1: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(s,"%s",ss);
data/frei0r-1.7.0/src/filter/measure/pr0be.c:195:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(fs,"%s%s%s %s%s", lab, as, rs, ns, xs);
data/frei0r-1.7.0/src/filter/measure/pr0be.c:196:3: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(str,fs,s.avg,s.rms,s.min,s.max);
data/frei0r-1.7.0/src/filter/measure/pr0be.c:202:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(fs,"%s%s%s", lab, as, rs);
data/frei0r-1.7.0/src/filter/measure/pr0be.c:203:3: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(str,fs,s.avg,s.rms);
data/frei0r-1.7.0/src/filter/measure/pr0file.c:144:1: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(s,"%s",ss);
data/frei0r-1.7.0/src/filter/measure/pr0file.c:323:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(fs,"%%s Mk1=%s", frs);
data/frei0r-1.7.0/src/filter/measure/pr0file.c:324:5: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(str,fs,str,data[0]);
data/frei0r-1.7.0/src/filter/measure/pr0file.c:327:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(str,"%s %s",str,"Mk1= -----");
data/frei0r-1.7.0/src/filter/measure/pr0file.c:334:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(fs,"%%s Mk2=%s", frs);
data/frei0r-1.7.0/src/filter/measure/pr0file.c:335:5: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(str,fs,str,data[1]);
data/frei0r-1.7.0/src/filter/measure/pr0file.c:338:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(str,"%s %s",str,"Mk2= -----");
data/frei0r-1.7.0/src/filter/measure/pr0file.c:345:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(fs,"%%s D=%s", frs);
data/frei0r-1.7.0/src/filter/measure/pr0file.c:346:5: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(str,fs,str,data[2]);
data/frei0r-1.7.0/src/filter/measure/pr0file.c:349:5: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(str,"%s %s",str,"D= -----");
data/frei0r-1.7.0/src/filter/measure/pr0file.c:354:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(fs,"%%s Avg=%s", frs);
data/frei0r-1.7.0/src/filter/measure/pr0file.c:355:3: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(str,fs,str,data[3]);
data/frei0r-1.7.0/src/filter/measure/pr0file.c:360:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(fs,"%%s RMS=%s", frs);
data/frei0r-1.7.0/src/filter/measure/pr0file.c:361:3: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(str,fs,str,data[4]);
data/frei0r-1.7.0/src/filter/measure/pr0file.c:366:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(fs,"%%s Min=%s", frs);
data/frei0r-1.7.0/src/filter/measure/pr0file.c:367:3: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(str,fs,str,data[5]);
data/frei0r-1.7.0/src/filter/measure/pr0file.c:372:3: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(fs,"%%s Max=%s", frs);
data/frei0r-1.7.0/src/filter/measure/pr0file.c:373:3: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(str,fs,str,data[6]);
data/frei0r-1.7.0/src/filter/medians/medians.c:503:3: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy( p->liststr, tmpch );
data/frei0r-1.7.0/src/generator/test_pat/test_pat_L.c:187:1: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(str,f,n);
data/frei0r-1.7.0/src/generator/test_pat/test_pat_R.c:106:1: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sprintf(str,f,n);
data/frei0r-1.7.0/src/mixer2/cairoaffineblend/cairoaffineblend.c:138:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (inst->blend_mode, blend_val);
data/frei0r-1.7.0/src/mixer2/cairoaffineblend/cairoaffineblend.c:177:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (inst->blend_mode, sval);
data/frei0r-1.7.0/src/mixer2/cairoblend/cairoblend.c:88:2: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (inst->blend_mode, blend_val);
data/frei0r-1.7.0/src/mixer2/cairoblend/cairoblend.c:112:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy (inst->blend_mode, sval);
data/frei0r-1.7.0/src/filter/facedetect/facedetect.cpp:107:9: [3] (random) srand:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
srand(::time(NULL));
data/frei0r-1.7.0/src/generator/partik0l/partik0l.cpp:246:3: [3] (random) srand:
This function is not sufficiently random for security-related functions
such as key and nonce creation (CWE-327). Use a more secure technique for
acquiring random values.
srand(::time(NULL));
data/frei0r-1.7.0/include/blur.h:115:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(iter_mem, iter_mem - row_width, row_width * sizeof(uint32_t));
data/frei0r-1.7.0/include/blur.h:225:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(outframe, inframe, width*height*sizeof(uint32_t));
data/frei0r-1.7.0/include/blur.h:256:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(sum, acc[y1_offset + x1], SIZE_RGBA*sizeof(uint32_t));
data/frei0r-1.7.0/include/frei0r_cairo.h:290:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(out, in, 4);
data/frei0r-1.7.0/src/filter/blur/IIRblur.c:354:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(outframe, inframe, in->w * in->h * sizeof(uint32_t));
data/frei0r-1.7.0/src/filter/blur/IIRblur.c:371:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&outframe[in->w * (in->h - 3 + i)], &outframe[in->w * (in->h - 4)], in->w * 4);
data/frei0r-1.7.0/src/filter/brightness/brightness.c:31:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char lut[256]; /* look-up table */
data/frei0r-1.7.0/src/filter/coloradj/coloradj_RGB.c:62:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char r[256];
data/frei0r-1.7.0/src/filter/coloradj/coloradj_RGB.c:63:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char g[256];
data/frei0r-1.7.0/src/filter/coloradj/coloradj_RGB.c:64:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char b[256];
data/frei0r-1.7.0/src/filter/contrast0r/contrast0r.c:32:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char lut[256]; /* look-up table */
data/frei0r-1.7.0/src/filter/curves/curves.c:811:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(outframe, inframe, len*sizeof(uint32_t));
data/frei0r-1.7.0/src/filter/curves/curves.c:818:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(outframe, inframe, len*sizeof(uint32_t));
data/frei0r-1.7.0/src/filter/curves/curves.c:826:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(outframe, inframe, len*sizeof(uint32_t));
data/frei0r-1.7.0/src/filter/curves/curves.c:834:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(outframe, inframe, len*sizeof(uint32_t));
data/frei0r-1.7.0/src/filter/delaygrab/delaygrab.cpp:155:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(curqueue,in,geo.size);
data/frei0r-1.7.0/src/filter/delaygrab/delaygrab.cpp:174:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(curimage,curpos,block_per_res);
data/frei0r-1.7.0/src/filter/equaliz0r/equaliz0r.cpp:29:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char rlut[256];
data/frei0r-1.7.0/src/filter/equaliz0r/equaliz0r.cpp:30:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char glut[256];
data/frei0r-1.7.0/src/filter/equaliz0r/equaliz0r.cpp:31:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char blut[256];
data/frei0r-1.7.0/src/filter/facebl0r/facebl0r.cpp:141:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(out, in, size * 4); // of course assuming we are RGBA only
data/frei0r-1.7.0/src/filter/facebl0r/facebl0r.cpp:149:4: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(out, in, size * 4);
data/frei0r-1.7.0/src/filter/facebl0r/facebl0r.cpp:155:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(out, in, size * 4);
data/frei0r-1.7.0/src/filter/facebl0r/facebl0r.cpp:168:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(image->imageData, in, size * 4);
data/frei0r-1.7.0/src/filter/facebl0r/facebl0r.cpp:231:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(out, image->imageData, size * 4);
data/frei0r-1.7.0/src/filter/facedetect/facedetect.cpp:126:17: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(out, in, size * 4);
data/frei0r-1.7.0/src/filter/facedetect/facedetect.cpp:169:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(out, image.data, size * 4);
data/frei0r-1.7.0/src/filter/flippo/flippo.c:156:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(outframe, inframe, rowsize);
data/frei0r-1.7.0/src/filter/flippo/flippo.c:164:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(outframe, inframe, len*sizeof(uint32_t));
data/frei0r-1.7.0/src/filter/gamma/gamma.c:34:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char lut[256]; /* look-up table */
data/frei0r-1.7.0/src/filter/glitch0r/glitch0r.c:325:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((uint32_t *)(dst + g0r_state.currentY),
data/frei0r-1.7.0/src/filter/hueshift0r/hueshift0r.c:136:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(outframe, inframe, len*sizeof(uint32_t));
data/frei0r-1.7.0/src/filter/keyspillm0pup/keyspillm0pup.c:978:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(p->liststr,"%d",p->maskType);
data/frei0r-1.7.0/src/filter/keyspillm0pup/keyspillm0pup.c:995:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(p->liststr,"%d",p->op1);
data/frei0r-1.7.0/src/filter/keyspillm0pup/keyspillm0pup.c:1003:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(p->liststr,"%d",p->op2);
data/frei0r-1.7.0/src/filter/measure/pr0be.c:179:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fs[256],as[16],rs[16],ns[16],xs[16];
data/frei0r-1.7.0/src/filter/measure/pr0be.c:283:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char string[256];
data/frei0r-1.7.0/src/filter/measure/pr0be.c:409:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(string," Hue = %5.1f",h2);
data/frei0r-1.7.0/src/filter/measure/pr0be.c:411:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(string," Sat = %5.3f",ss);
data/frei0r-1.7.0/src/filter/measure/pr0be.c:413:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(string," Val = %5.3f",va);
data/frei0r-1.7.0/src/filter/measure/pr0be.c:418:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(string," a = %5.3f",aa.avg);
data/frei0r-1.7.0/src/filter/measure/pr0be.c:441:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(string," Hue = %5.1f",h2);
data/frei0r-1.7.0/src/filter/measure/pr0be.c:443:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(string," Sat = %5.3f",ss);
data/frei0r-1.7.0/src/filter/measure/pr0be.c:445:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(string," Lgt = %5.3f",li);
data/frei0r-1.7.0/src/filter/measure/pr0be.c:450:7: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(string," a = %5.3f",aa.avg);
data/frei0r-1.7.0/src/filter/measure/pr0file.c:267:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char fs[256],frs[16];
data/frei0r-1.7.0/src/filter/measure/pr0file.c:392:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char string[256];
data/frei0r-1.7.0/src/filter/measure/pr0file.c:482:3: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(string,"<- NOT ENOUGH SPACE ->");
data/frei0r-1.7.0/src/filter/medians/medians.c:451:1: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(in->liststr,"Square3x3");
data/frei0r-1.7.0/src/filter/medians/medians.c:547:1: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(in->ppf, inframe, 4*in->w*in->h);
data/frei0r-1.7.0/src/filter/nervous/nervous.cpp:118:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(planetable[plane],in,geo.size);
data/frei0r-1.7.0/src/filter/nervous/nervous.cpp:141:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(out,planetable[readplane],geo.size);
data/frei0r-1.7.0/src/filter/pixeliz0r/pixeliz0r.c:137:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(dst, src, xsize*ysize*sizeof(uint32_t));
data/frei0r-1.7.0/src/filter/posterize/posterize.c:126:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char levels[256];
data/frei0r-1.7.0/src/filter/primaries/primaries.cpp:31:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char c[4]; // 0=B, 1=G,2=R,3=A ? i think :P
data/frei0r-1.7.0/src/filter/rgbparade/rgbparade_image.h:7:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char pixel_data[783 * 573 * 4 + 1];
data/frei0r-1.7.0/src/filter/sharpness/sharpness.c:96:6: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( dst, src, srcStride*height );
data/frei0r-1.7.0/src/filter/sharpness/sharpness.c:100:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( dst, src, width );
data/frei0r-1.7.0/src/filter/softglow/softglow.c:269:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(inst->sigm_frame, inframe, len*sizeof(uint32_t));
data/frei0r-1.7.0/src/filter/tehroxx0r/tehRoxx0r.c:190:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(dst, src, sizeof(int32_t)*inst->block_size);
data/frei0r-1.7.0/src/filter/tehroxx0r/tehRoxx0r.c:196:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(dst, src, sizeof(int32_t)*inst->block_size);
data/frei0r-1.7.0/src/filter/tehroxx0r/tehRoxx0r.c:202:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(dst, src, sizeof(int32_t)*inst->block_size);
data/frei0r-1.7.0/src/filter/tehroxx0r/tehRoxx0r.c:209:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(dst, src, sizeof(int32_t)*inst->block_size);
data/frei0r-1.7.0/src/filter/threshold0r/threshold0r.c:31:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char lut[256]; /* look-up table */
data/frei0r-1.7.0/src/filter/vectorscope/vectorscope_image.h:7:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char pixel_data[620 * 600 * 4 + 1];
data/frei0r-1.7.0/src/filter/water/water.cpp:149:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(BkGdImage, in, width*height*sizeof(uint32_t));
data/frei0r-1.7.0/src/generator/test_pat/test_pat_L.c:164:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char seg[10]={0xEE,0x24,0xBA,0xB6,0x74,0xD6,0xDE,0xA4,0xFE,0xF6};
data/frei0r-1.7.0/src/generator/test_pat/test_pat_L.c:184:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[64];
data/frei0r-1.7.0/src/generator/test_pat/test_pat_R.c:83:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char seg[10]={0xEE,0x24,0xBA,0xB6,0x74,0xD6,0xDE,0xA4,0xFE,0xF6};
data/frei0r-1.7.0/src/generator/test_pat/test_pat_R.c:103:1: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char str[64];
data/frei0r-1.7.0/src/filter/cairogradient/cairogradient.c:141:35: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
inst->pattern = (char*) malloc (strlen(pattern_val) + 1);
data/frei0r-1.7.0/src/filter/cairogradient/cairogradient.c:159:39: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
inst->blend_mode = (char*) malloc (strlen(blend_val) + 1 );
data/frei0r-1.7.0/src/filter/cairogradient/cairogradient.c:181:51: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
inst->pattern = (char*)realloc (inst->pattern, strlen(sval) + 1);
data/frei0r-1.7.0/src/filter/cairogradient/cairogradient.c:213:58: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
inst->blend_mode = (char*) realloc (inst->blend_mode, strlen(sval) + 1);
data/frei0r-1.7.0/src/filter/colortap/colortap.c:344:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
inst->table = (char*)malloc( strlen(sval) + 1 );
data/frei0r-1.7.0/src/filter/colortap/colortap.c:363:47: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
inst->table = (char*)realloc( inst->table, strlen(sval) + 1 );
data/frei0r-1.7.0/src/filter/curves/curves.c:175:33: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
param_names[i] = (char*)calloc(strlen(POINT) + 2 + strlen(val), sizeof(char));
data/frei0r-1.7.0/src/filter/curves/curves.c:175:53: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
param_names[i] = (char*)calloc(strlen(POINT) + 2 + strlen(val), sizeof(char));
data/frei0r-1.7.0/src/filter/curves/curves.c:302:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(inst->bspline))
data/frei0r-1.7.0/src/filter/curves/curves.c:310:25: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(inst->bspline))
data/frei0r-1.7.0/src/filter/curves/curves.c:319:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(inst->bspline))
data/frei0r-1.7.0/src/filter/curves/curves.c:781:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(inst->bspline) == 0) {
data/frei0r-1.7.0/src/filter/curves/curves.c:903:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (inst->drawCurves && !strlen(inst->bspline)) {
data/frei0r-1.7.0/src/filter/host_param_test/host_param_test.c:103:32: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
inst->svalue = (char*)malloc( strlen(sval) + 1 );
data/frei0r-1.7.0/src/filter/host_param_test/host_param_test.c:133:49: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
inst->svalue = (char*)realloc( inst->svalue, strlen(sval) + 1 );
data/frei0r-1.7.0/src/filter/keyspillm0pup/keyspillm0pup.c:833:31: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
in->liststr = (char*)malloc( strlen(sval) + 1 );
data/frei0r-1.7.0/src/filter/keyspillm0pup/keyspillm0pup.c:880:38: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
p->liststr = realloc( p->liststr, strlen(tmpch) + 1 );
data/frei0r-1.7.0/src/filter/keyspillm0pup/keyspillm0pup.c:912:38: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
p->liststr = realloc( p->liststr, strlen(tmpch) + 1 );
data/frei0r-1.7.0/src/filter/keyspillm0pup/keyspillm0pup.c:929:38: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
p->liststr = realloc( p->liststr, strlen(tmpch) + 1 );
data/frei0r-1.7.0/src/filter/measure/pr0file.c:479:4: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
sl=strlen(string);
data/frei0r-1.7.0/src/filter/medians/medians.c:450:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
in->liststr=calloc(1,strlen("Square3x3")+1);
data/frei0r-1.7.0/src/filter/medians/medians.c:502:44: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
p->liststr = (char*)realloc( p->liststr, strlen(tmpch) + 1 );
data/frei0r-1.7.0/src/mixer2/cairoaffineblend/cairoaffineblend.c:137:39: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
inst->blend_mode = (char*) malloc (strlen(blend_val) + 1 );
data/frei0r-1.7.0/src/mixer2/cairoaffineblend/cairoaffineblend.c:176:57: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
inst->blend_mode = (char*)realloc (inst->blend_mode, strlen(sval) + 1);
data/frei0r-1.7.0/src/mixer2/cairoblend/cairoblend.c:87:39: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
inst->blend_mode = (char*) malloc (strlen(blend_val) + 1 );
data/frei0r-1.7.0/src/mixer2/cairoblend/cairoblend.c:111:57: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
inst->blend_mode = (char*)realloc (inst->blend_mode, strlen(sval) + 1);
ANALYSIS SUMMARY:
Hits = 141
Lines analyzed = 192650 in approximately 11.49 seconds (16768 lines/second)
Physical Source Lines of Code (SLOC) = 179796
Hits@level = [0] 21 [1] 26 [2] 70 [3] 2 [4] 43 [5] 0
Hits@level+ = [0+] 162 [1+] 141 [2+] 115 [3+] 45 [4+] 43 [5+] 0
Hits/KSLOC@level+ = [0+] 0.901021 [1+] 0.784222 [2+] 0.639614 [3+] 0.250284 [4+] 0.23916 [5+] 0
Dot directories skipped = 1 (--followdotdir overrides)
Minimum risk level = 1
Not every hit is necessarily a security vulnerability.
There may be other security vulnerabilities; review your code!
See 'Secure Programming HOWTO'
(https://dwheeler.com/secure-programs) for more information.