Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler. Number of rules (primarily dangerous function names) in C/C++ ruleset: 223 Examining data/gpick-0.2.6~rc1/extern/lempar.c Examining data/gpick-0.2.6~rc1/source/BezierCubicCurve.h Examining data/gpick-0.2.6~rc1/source/BlendColors.cpp Examining data/gpick-0.2.6~rc1/source/BlendColors.h Examining data/gpick-0.2.6~rc1/source/BrightnessDarkness.cpp Examining data/gpick-0.2.6~rc1/source/BrightnessDarkness.h Examining data/gpick-0.2.6~rc1/source/Clipboard.cpp Examining data/gpick-0.2.6~rc1/source/Clipboard.h Examining data/gpick-0.2.6~rc1/source/ClosestColors.cpp Examining data/gpick-0.2.6~rc1/source/ClosestColors.h Examining data/gpick-0.2.6~rc1/source/Color.cpp Examining data/gpick-0.2.6~rc1/source/Color.h Examining data/gpick-0.2.6~rc1/source/ColorList.cpp Examining data/gpick-0.2.6~rc1/source/ColorList.h Examining data/gpick-0.2.6~rc1/source/ColorMixer.cpp Examining data/gpick-0.2.6~rc1/source/ColorMixer.h Examining data/gpick-0.2.6~rc1/source/ColorObject.cpp Examining data/gpick-0.2.6~rc1/source/ColorObject.h Examining data/gpick-0.2.6~rc1/source/ColorPicker.cpp Examining data/gpick-0.2.6~rc1/source/ColorPicker.h Examining data/gpick-0.2.6~rc1/source/ColorRYB.cpp Examining data/gpick-0.2.6~rc1/source/ColorRYB.h Examining data/gpick-0.2.6~rc1/source/ColorSource.cpp Examining data/gpick-0.2.6~rc1/source/ColorSource.h Examining data/gpick-0.2.6~rc1/source/ColorSourceManager.cpp Examining data/gpick-0.2.6~rc1/source/ColorSourceManager.h Examining data/gpick-0.2.6~rc1/source/ColorSpaceType.cpp Examining data/gpick-0.2.6~rc1/source/ColorSpaceType.h Examining data/gpick-0.2.6~rc1/source/ColorUtils.h Examining data/gpick-0.2.6~rc1/source/ColorWheelType.cpp Examining data/gpick-0.2.6~rc1/source/ColorWheelType.h Examining data/gpick-0.2.6~rc1/source/Converter.cpp Examining data/gpick-0.2.6~rc1/source/Converter.h Examining data/gpick-0.2.6~rc1/source/CopyMenu.cpp Examining data/gpick-0.2.6~rc1/source/CopyMenu.h Examining data/gpick-0.2.6~rc1/source/CopyMenuItem.cpp Examining data/gpick-0.2.6~rc1/source/CopyMenuItem.h Examining data/gpick-0.2.6~rc1/source/CopyPaste.cpp Examining data/gpick-0.2.6~rc1/source/CopyPaste.h Examining data/gpick-0.2.6~rc1/source/DragDrop.cpp Examining data/gpick-0.2.6~rc1/source/DragDrop.h Examining data/gpick-0.2.6~rc1/source/DynvHelpers.cpp Examining data/gpick-0.2.6~rc1/source/DynvHelpers.h Examining data/gpick-0.2.6~rc1/source/Endian.h Examining data/gpick-0.2.6~rc1/source/FileFormat.cpp Examining data/gpick-0.2.6~rc1/source/FileFormat.h Examining data/gpick-0.2.6~rc1/source/FloatingPicker.cpp Examining data/gpick-0.2.6~rc1/source/FloatingPicker.h Examining data/gpick-0.2.6~rc1/source/GenerateScheme.cpp Examining data/gpick-0.2.6~rc1/source/GenerateScheme.h Examining data/gpick-0.2.6~rc1/source/GlobalState.cpp Examining data/gpick-0.2.6~rc1/source/GlobalState.h Examining data/gpick-0.2.6~rc1/source/HtmlUtils.cpp Examining data/gpick-0.2.6~rc1/source/HtmlUtils.h Examining data/gpick-0.2.6~rc1/source/ImportExport.cpp Examining data/gpick-0.2.6~rc1/source/ImportExport.h Examining data/gpick-0.2.6~rc1/source/Internationalisation.h Examining data/gpick-0.2.6~rc1/source/LayoutPreview.cpp Examining data/gpick-0.2.6~rc1/source/LayoutPreview.h Examining data/gpick-0.2.6~rc1/source/LuaExt.cpp Examining data/gpick-0.2.6~rc1/source/LuaExt.h Examining data/gpick-0.2.6~rc1/source/MathUtil.cpp Examining data/gpick-0.2.6~rc1/source/MathUtil.h Examining data/gpick-0.2.6~rc1/source/NearestColorsMenu.cpp Examining data/gpick-0.2.6~rc1/source/NearestColorsMenu.h Examining data/gpick-0.2.6~rc1/source/Noise.cpp Examining data/gpick-0.2.6~rc1/source/Noise.h Examining data/gpick-0.2.6~rc1/source/Paths.cpp Examining data/gpick-0.2.6~rc1/source/Paths.h Examining data/gpick-0.2.6~rc1/source/Random.cpp Examining data/gpick-0.2.6~rc1/source/Random.h Examining data/gpick-0.2.6~rc1/source/Rect2.h Examining data/gpick-0.2.6~rc1/source/RegisterSources.cpp Examining data/gpick-0.2.6~rc1/source/RegisterSources.h Examining data/gpick-0.2.6~rc1/source/Sampler.cpp Examining data/gpick-0.2.6~rc1/source/Sampler.h Examining data/gpick-0.2.6~rc1/source/ScreenReader.cpp Examining data/gpick-0.2.6~rc1/source/ScreenReader.h Examining data/gpick-0.2.6~rc1/source/StandardMenu.cpp Examining data/gpick-0.2.6~rc1/source/StandardMenu.h Examining data/gpick-0.2.6~rc1/source/StringUtils.cpp Examining data/gpick-0.2.6~rc1/source/StringUtils.h Examining data/gpick-0.2.6~rc1/source/ToolColorNaming.cpp Examining data/gpick-0.2.6~rc1/source/ToolColorNaming.h Examining data/gpick-0.2.6~rc1/source/Variations.cpp Examining data/gpick-0.2.6~rc1/source/Variations.h Examining data/gpick-0.2.6~rc1/source/Vector2.h Examining data/gpick-0.2.6~rc1/source/color_names/ColorNames.cpp Examining data/gpick-0.2.6~rc1/source/color_names/ColorNames.h Examining data/gpick-0.2.6~rc1/source/cssparser/css_grammar_wrap.cpp Examining data/gpick-0.2.6~rc1/source/cssparser/css_parser.cpp Examining data/gpick-0.2.6~rc1/source/cssparser/css_parser.h Examining data/gpick-0.2.6~rc1/source/cssparser/memory_manager.cpp Examining data/gpick-0.2.6~rc1/source/cssparser/memory_manager.h Examining data/gpick-0.2.6~rc1/source/dbus/Control.cpp Examining data/gpick-0.2.6~rc1/source/dbus/Control.h Examining data/gpick-0.2.6~rc1/source/dbus/DbusInterface.c Examining data/gpick-0.2.6~rc1/source/dbus/DbusInterface.h Examining data/gpick-0.2.6~rc1/source/dynv/DynvHandler.cpp Examining data/gpick-0.2.6~rc1/source/dynv/DynvHandler.h Examining data/gpick-0.2.6~rc1/source/dynv/DynvIO.cpp Examining data/gpick-0.2.6~rc1/source/dynv/DynvIO.h Examining data/gpick-0.2.6~rc1/source/dynv/DynvMemoryIO.cpp Examining data/gpick-0.2.6~rc1/source/dynv/DynvMemoryIO.h Examining data/gpick-0.2.6~rc1/source/dynv/DynvSystem.cpp Examining data/gpick-0.2.6~rc1/source/dynv/DynvSystem.h Examining data/gpick-0.2.6~rc1/source/dynv/DynvVarBool.cpp Examining data/gpick-0.2.6~rc1/source/dynv/DynvVarBool.h Examining data/gpick-0.2.6~rc1/source/dynv/DynvVarColor.cpp Examining data/gpick-0.2.6~rc1/source/dynv/DynvVarColor.h Examining data/gpick-0.2.6~rc1/source/dynv/DynvVarDynv.cpp Examining data/gpick-0.2.6~rc1/source/dynv/DynvVarDynv.h Examining data/gpick-0.2.6~rc1/source/dynv/DynvVarFloat.cpp Examining data/gpick-0.2.6~rc1/source/dynv/DynvVarFloat.h Examining data/gpick-0.2.6~rc1/source/dynv/DynvVarInt32.cpp Examining data/gpick-0.2.6~rc1/source/dynv/DynvVarInt32.h Examining data/gpick-0.2.6~rc1/source/dynv/DynvVarPtr.cpp Examining data/gpick-0.2.6~rc1/source/dynv/DynvVarPtr.h Examining data/gpick-0.2.6~rc1/source/dynv/DynvVarString.cpp Examining data/gpick-0.2.6~rc1/source/dynv/DynvVarString.h Examining data/gpick-0.2.6~rc1/source/dynv/DynvVariable.cpp Examining data/gpick-0.2.6~rc1/source/dynv/DynvVariable.h Examining data/gpick-0.2.6~rc1/source/dynv/DynvXml.cpp Examining data/gpick-0.2.6~rc1/source/dynv/DynvXml.h Examining data/gpick-0.2.6~rc1/source/gtk/ColorCell.cpp Examining data/gpick-0.2.6~rc1/source/gtk/ColorCell.h Examining data/gpick-0.2.6~rc1/source/gtk/ColorComponent.cpp Examining data/gpick-0.2.6~rc1/source/gtk/ColorComponent.h Examining data/gpick-0.2.6~rc1/source/gtk/ColorWheel.cpp Examining data/gpick-0.2.6~rc1/source/gtk/ColorWheel.h Examining data/gpick-0.2.6~rc1/source/gtk/ColorWidget.cpp Examining data/gpick-0.2.6~rc1/source/gtk/ColorWidget.h Examining data/gpick-0.2.6~rc1/source/gtk/LayoutPreview.cpp Examining data/gpick-0.2.6~rc1/source/gtk/LayoutPreview.h Examining data/gpick-0.2.6~rc1/source/gtk/Range2D.cpp Examining data/gpick-0.2.6~rc1/source/gtk/Range2D.h Examining data/gpick-0.2.6~rc1/source/gtk/Swatch.cpp Examining data/gpick-0.2.6~rc1/source/gtk/Swatch.h Examining data/gpick-0.2.6~rc1/source/gtk/Zoomed.cpp Examining data/gpick-0.2.6~rc1/source/gtk/Zoomed.h Examining data/gpick-0.2.6~rc1/source/internationalisation/Internationalisation.cpp Examining data/gpick-0.2.6~rc1/source/layout/Box.cpp Examining data/gpick-0.2.6~rc1/source/layout/Box.h Examining data/gpick-0.2.6~rc1/source/layout/Context.cpp Examining data/gpick-0.2.6~rc1/source/layout/Context.h Examining data/gpick-0.2.6~rc1/source/layout/Layout.cpp Examining data/gpick-0.2.6~rc1/source/layout/Layout.h Examining data/gpick-0.2.6~rc1/source/layout/LuaBindings.cpp Examining data/gpick-0.2.6~rc1/source/layout/LuaBindings.h Examining data/gpick-0.2.6~rc1/source/layout/ReferenceCounter.cpp Examining data/gpick-0.2.6~rc1/source/layout/ReferenceCounter.h Examining data/gpick-0.2.6~rc1/source/layout/Style.cpp Examining data/gpick-0.2.6~rc1/source/layout/Style.h Examining data/gpick-0.2.6~rc1/source/layout/System.cpp Examining data/gpick-0.2.6~rc1/source/layout/System.h Examining data/gpick-0.2.6~rc1/source/main.cpp Examining data/gpick-0.2.6~rc1/source/main.h Examining data/gpick-0.2.6~rc1/source/parser/TextFile.cpp Examining data/gpick-0.2.6~rc1/source/parser/TextFile.h Examining data/gpick-0.2.6~rc1/source/test/DynvTest.cpp Examining data/gpick-0.2.6~rc1/source/test/TextFileTest.cpp Examining data/gpick-0.2.6~rc1/source/tools/ColorSpaceSampler.cpp Examining data/gpick-0.2.6~rc1/source/tools/ColorSpaceSampler.h Examining data/gpick-0.2.6~rc1/source/tools/PaletteFromCssFile.cpp Examining data/gpick-0.2.6~rc1/source/tools/PaletteFromCssFile.h Examining data/gpick-0.2.6~rc1/source/tools/PaletteFromImage.cpp Examining data/gpick-0.2.6~rc1/source/tools/PaletteFromImage.h Examining data/gpick-0.2.6~rc1/source/transformation/Chain.cpp Examining data/gpick-0.2.6~rc1/source/transformation/Chain.h Examining data/gpick-0.2.6~rc1/source/transformation/ColorVisionDeficiency.cpp Examining data/gpick-0.2.6~rc1/source/transformation/ColorVisionDeficiency.h Examining data/gpick-0.2.6~rc1/source/transformation/Configuration.cpp Examining data/gpick-0.2.6~rc1/source/transformation/Configuration.h Examining data/gpick-0.2.6~rc1/source/transformation/Factory.cpp Examining data/gpick-0.2.6~rc1/source/transformation/Factory.h Examining data/gpick-0.2.6~rc1/source/transformation/GammaModification.cpp Examining data/gpick-0.2.6~rc1/source/transformation/GammaModification.h Examining data/gpick-0.2.6~rc1/source/transformation/Invert.cpp Examining data/gpick-0.2.6~rc1/source/transformation/Invert.h Examining data/gpick-0.2.6~rc1/source/transformation/Quantization.cpp Examining data/gpick-0.2.6~rc1/source/transformation/Quantization.h Examining data/gpick-0.2.6~rc1/source/transformation/Transformation.cpp Examining data/gpick-0.2.6~rc1/source/transformation/Transformation.h Examining data/gpick-0.2.6~rc1/source/uiAbout.cpp Examining data/gpick-0.2.6~rc1/source/uiAbout.h Examining data/gpick-0.2.6~rc1/source/uiApp.cpp Examining data/gpick-0.2.6~rc1/source/uiApp.h Examining data/gpick-0.2.6~rc1/source/uiColorDictionaries.cpp Examining data/gpick-0.2.6~rc1/source/uiColorDictionaries.h Examining data/gpick-0.2.6~rc1/source/uiColorInput.cpp Examining data/gpick-0.2.6~rc1/source/uiColorInput.h Examining data/gpick-0.2.6~rc1/source/uiConverter.cpp Examining data/gpick-0.2.6~rc1/source/uiConverter.h Examining data/gpick-0.2.6~rc1/source/uiDialogAutonumber.cpp Examining data/gpick-0.2.6~rc1/source/uiDialogAutonumber.h Examining data/gpick-0.2.6~rc1/source/uiDialogGenerate.cpp Examining data/gpick-0.2.6~rc1/source/uiDialogGenerate.h Examining data/gpick-0.2.6~rc1/source/uiDialogMix.cpp Examining data/gpick-0.2.6~rc1/source/uiDialogMix.h Examining data/gpick-0.2.6~rc1/source/uiDialogOptions.cpp Examining data/gpick-0.2.6~rc1/source/uiDialogOptions.h Examining data/gpick-0.2.6~rc1/source/uiDialogSort.cpp Examining data/gpick-0.2.6~rc1/source/uiDialogSort.h Examining data/gpick-0.2.6~rc1/source/uiDialogVariations.cpp Examining data/gpick-0.2.6~rc1/source/uiDialogVariations.h Examining data/gpick-0.2.6~rc1/source/uiImportExport.cpp Examining data/gpick-0.2.6~rc1/source/uiImportExport.h Examining data/gpick-0.2.6~rc1/source/uiListPalette.cpp Examining data/gpick-0.2.6~rc1/source/uiListPalette.h Examining data/gpick-0.2.6~rc1/source/uiStatusIcon.cpp Examining data/gpick-0.2.6~rc1/source/uiStatusIcon.h Examining data/gpick-0.2.6~rc1/source/uiTransformations.cpp Examining data/gpick-0.2.6~rc1/source/uiTransformations.h Examining data/gpick-0.2.6~rc1/source/uiUtilities.cpp Examining data/gpick-0.2.6~rc1/source/uiUtilities.h Examining data/gpick-0.2.6~rc1/source/version/Version.cpp Examining data/gpick-0.2.6~rc1/source/version/Version.h FINAL RESULTS: data/gpick-0.2.6~rc1/source/gtk/LayoutPreview.cpp:47:10: [4] (shell) system: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. System *system; data/gpick-0.2.6~rc1/source/gtk/LayoutPreview.cpp:74:10: [4] (shell) system: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. if (ns->system) System::unref(ns->system); data/gpick-0.2.6~rc1/source/gtk/LayoutPreview.cpp:74:36: [4] (shell) system: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. if (ns->system) System::unref(ns->system); data/gpick-0.2.6~rc1/source/gtk/LayoutPreview.cpp:111:10: [4] (shell) system: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. if (ns->system && ns->system->box){ data/gpick-0.2.6~rc1/source/gtk/LayoutPreview.cpp:136:10: [4] (shell) system: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. if (ns->system){ data/gpick-0.2.6~rc1/source/gtk/LayoutPreview.cpp:144:69: [4] (shell) system: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. int gtk_layout_preview_set_system(GtkLayoutPreview* widget, System* system) data/gpick-0.2.6~rc1/source/gtk/LayoutPreview.cpp:147:10: [4] (shell) system: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. if (ns->system){ data/gpick-0.2.6~rc1/source/gtk/LayoutPreview.cpp:148:21: [4] (shell) system: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. System::unref(ns->system); data/gpick-0.2.6~rc1/source/gtk/LayoutPreview.cpp:150:6: [4] (shell) system: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. if (system){ data/gpick-0.2.6~rc1/source/gtk/LayoutPreview.cpp:160:11: [4] (shell) system: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. if (!ns->system) return -1; data/gpick-0.2.6~rc1/source/gtk/LayoutPreview.cpp:173:11: [4] (shell) system: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. if (!ns->system) return -1; data/gpick-0.2.6~rc1/source/gtk/LayoutPreview.cpp:185:11: [4] (shell) system: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. if (!ns->system) return -1; data/gpick-0.2.6~rc1/source/gtk/LayoutPreview.cpp:196:11: [4] (shell) system: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. if (!ns->system) return -1; data/gpick-0.2.6~rc1/source/gtk/LayoutPreview.cpp:208:10: [4] (shell) system: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. if (ns->system && ns->selected_style){ data/gpick-0.2.6~rc1/source/gtk/LayoutPreview.cpp:217:10: [4] (shell) system: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. if (ns->system && ns->selected_style){ data/gpick-0.2.6~rc1/source/gtk/LayoutPreview.cpp:227:10: [4] (shell) system: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. if (ns->system && ns->selected_style && !ns->selected_box->locked){ data/gpick-0.2.6~rc1/source/gtk/LayoutPreview.cpp:238:10: [4] (shell) system: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. if (ns->system && ns->selected_style && ns->selected_box){ data/gpick-0.2.6~rc1/source/gtk/LayoutPreview.cpp:246:10: [4] (shell) system: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. if (ns->system && ns->selected_style && ns->selected_box){ data/gpick-0.2.6~rc1/source/gtk/LayoutPreview.h:47:77: [4] (shell) system: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. int gtk_layout_preview_set_system(GtkLayoutPreview* widget, layout::System* system); data/gpick-0.2.6~rc1/source/layout/LuaBindings.cpp:248:44: [4] (shell) system: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. int lua_pushlsystem (lua_State *L, System* system) { data/gpick-0.2.6~rc1/source/layout/LuaBindings.cpp:252:28: [4] (shell) system: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. *c = static_cast<System*>(system); data/gpick-0.2.6~rc1/source/layout/LuaBindings.h:34:44: [4] (shell) system: This causes a new program to execute and is difficult to use safely (CWE-78). try using a library call that implements the same functionality if available. int lua_pushlsystem (lua_State *L, System* system); data/gpick-0.2.6~rc1/source/Random.cpp:72:14: [3] (random) random: This function is not sufficiently random for security-related functions such as key and nonce creation (CWE-327). Use a more secure technique for acquiring random values. random_seed(random, &seed); data/gpick-0.2.6~rc1/source/Random.cpp:73:13: [3] (random) random: This function is not sufficiently random for security-related functions such as key and nonce creation (CWE-327). Use a more secure technique for acquiring random values. random_get(random); data/gpick-0.2.6~rc1/source/Random.cpp:74:9: [3] (random) random: This function is not sufficiently random for security-related functions such as key and nonce creation (CWE-327). Use a more secure technique for acquiring random values. return random; data/gpick-0.2.6~rc1/source/uiDialogGenerate.cpp:167:21: [3] (random) random: This function is not sufficiently random for security-related functions such as key and nonce creation (CWE-327). Use a more secure technique for acquiring random values. random_destroy(random); data/gpick-0.2.6~rc1/source/uiDialogGenerate.cpp:181:34: [3] (random) random: This function is not sufficiently random for security-related functions such as key and nonce creation (CWE-327). Use a more secure technique for acquiring random values. + chaos * (random_get_double(random) - 0.5) + additional_rotation / 360.0; data/gpick-0.2.6~rc1/source/uiDialogGenerate.cpp:189:17: [3] (random) random: This function is not sufficiently random for security-related functions such as key and nonce creation (CWE-327). Use a more secure technique for acquiring random values. random_destroy(random); data/gpick-0.2.6~rc1/source/ColorMixer.cpp:435:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char tmp[32]; data/gpick-0.2.6~rc1/source/ColorMixer.cpp:438:3: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(tmp, "color%d", i); data/gpick-0.2.6~rc1/source/ColorMixer.cpp:622:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char tmp[32]; data/gpick-0.2.6~rc1/source/ColorMixer.cpp:633:3: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(tmp, "color%d", i); data/gpick-0.2.6~rc1/source/ColorPicker.cpp:164:8: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. const char *text[4]; data/gpick-0.2.6~rc1/source/ColorPicker.cpp:703:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char tmp[32]; data/gpick-0.2.6~rc1/source/ColorPicker.cpp:705:3: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(tmp, "swatch.color%d", i); data/gpick-0.2.6~rc1/source/ColorPicker.cpp:975:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char tmp[32]; data/gpick-0.2.6~rc1/source/ColorPicker.cpp:979:6: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(tmp, "swatch.color%d", i); data/gpick-0.2.6~rc1/source/CopyPaste.cpp:130:9: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&color_object, gtk_selection_data_get_data(selection_data), sizeof(ColorObject*)); data/gpick-0.2.6~rc1/source/DragDrop.cpp:87:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(dd, user_dd, sizeof(DragDrop)); data/gpick-0.2.6~rc1/source/DragDrop.cpp:142:6: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(color_objects, gtk_selection_data_get_data(selection_data) + offsetof(ColorObjectList, color_object), sizeof(ColorObject*) * data.color_object_n); data/gpick-0.2.6~rc1/source/DragDrop.cpp:163:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(buffer, gtk_selection_data_get_data(selection_data), length); data/gpick-0.2.6~rc1/source/DragDrop.cpp:426:6: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(&data->color_object[0], color_objects, sizeof(ColorObject*) * color_object_n); data/gpick-0.2.6~rc1/source/FileFormat.cpp:34:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char type[16]; data/gpick-0.2.6~rc1/source/FileFormat.cpp:49:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(header->type, type, len); data/gpick-0.2.6~rc1/source/GenerateScheme.cpp:383:41: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). name_assigner.assign(color_object, &c, atoi(widget_ident.c_str()+7), type); data/gpick-0.2.6~rc1/source/GenerateScheme.cpp:563:35: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). name_assigner.assign(*color, &c, atoi(widget_ident.c_str() + 7), type); data/gpick-0.2.6~rc1/source/ImportExport.cpp:601:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char magic[4]; data/gpick-0.2.6~rc1/source/ImportExport.cpp:637:5: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char color_space[4]; data/gpick-0.2.6~rc1/source/ImportExport.cpp:842:11: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). m_file.open(filename, ios::in); data/gpick-0.2.6~rc1/source/MathUtil.cpp:106:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(result, matrix, sizeof(matrix3x3)); data/gpick-0.2.6~rc1/source/MathUtil.cpp:261:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(result, vector, sizeof(vector3)); data/gpick-0.2.6~rc1/source/Random.cpp:88:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(r->seed, seed, r->seed_size * sizeof(unsigned long)); data/gpick-0.2.6~rc1/source/Variations.cpp:454:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char tmp[32]; data/gpick-0.2.6~rc1/source/Variations.cpp:456:3: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(tmp, "type%d", i); data/gpick-0.2.6~rc1/source/Variations.cpp:459:3: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(tmp, "color%d", i); data/gpick-0.2.6~rc1/source/Variations.cpp:662:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char tmp[32]; data/gpick-0.2.6~rc1/source/Variations.cpp:664:3: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(tmp, "type%d", i); data/gpick-0.2.6~rc1/source/Variations.cpp:673:3: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf(tmp, "color%d", i); data/gpick-0.2.6~rc1/source/color_names/ColorNames.cpp:159:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char skip_mask[SpaceDivisions][SpaceDivisions][SpaceDivisions]; data/gpick-0.2.6~rc1/source/cssparser/css_parser.cpp:212:12: [2] (misc) fopen: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). FILE* f = fopen(filename, "rt"); data/gpick-0.2.6~rc1/source/cssparser/memory_manager.cpp:156:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(newptr, mem_ptr, (((uint32_t*)mem_ptr)-1)[0]); data/gpick-0.2.6~rc1/source/dynv/DynvMemoryIO.cpp:43:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(nb, mem_io->buffer, mem_io->position); data/gpick-0.2.6~rc1/source/dynv/DynvMemoryIO.cpp:53:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(mem_io->buffer + mem_io->position, data, size); data/gpick-0.2.6~rc1/source/dynv/DynvMemoryIO.cpp:67:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(data, mem_io->buffer + mem_io->position, size); data/gpick-0.2.6~rc1/source/dynv/DynvSystem.cpp:251:6: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(array, var, handler->data_size); data/gpick-0.2.6~rc1/source/dynv/DynvSystem.cpp:253:6: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(array, &var, handler->data_size); data/gpick-0.2.6~rc1/source/dynv/DynvVarColor.cpp:45:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(variable->ptr_value, *(void**)value, sizeof(float[4])); data/gpick-0.2.6~rc1/source/dynv/DynvVarColor.cpp:72:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(value, variable->ptr_value, 16); data/gpick-0.2.6~rc1/source/dynv/DynvVarColor.cpp:98:4: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(variable->ptr_value, value, 16); data/gpick-0.2.6~rc1/source/dynv/DynvVarString.cpp:48:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(variable->ptr_value, *(void**)value, len); data/gpick-0.2.6~rc1/source/dynv/DynvVarString.cpp:117:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(variable->ptr_value, data, len); data/gpick-0.2.6~rc1/source/gtk/ColorComponent.cpp:65:8: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. const char *label[MaxNumberOfComponents][2]; data/gpick-0.2.6~rc1/source/gtk/Swatch.cpp:296:2: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char numb[2] = " "; data/gpick-0.2.6~rc1/source/tools/PaletteFromImage.cpp:145:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(n, node, sizeof(Node)); data/gpick-0.2.6~rc1/source/uiDialogSort.cpp:280:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy(n, node, sizeof(Node)); data/gpick-0.2.6~rc1/source/ColorPicker.cpp:560:76: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). gtk_clipboard_set_text(gtk_clipboard_get(GDK_SELECTION_CLIPBOARD), text, strlen(text)); data/gpick-0.2.6~rc1/source/ColorPicker.cpp:562:74: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). gtk_clipboard_set_text(gtk_clipboard_get(GDK_SELECTION_PRIMARY), text, strlen(text)); data/gpick-0.2.6~rc1/source/ColorSource.h:31:8: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). bool read; data/gpick-0.2.6~rc1/source/FileFormat.cpp:46:15: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). size_t len = strlen(type); data/gpick-0.2.6~rc1/source/FileFormat.cpp:69:8: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). file.read((char*) &header, sizeof(header)); data/gpick-0.2.6~rc1/source/FileFormat.cpp:81:10: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). file.read((char*) dynv_io_memory_get_buffer(mem_io), header.size); data/gpick-0.2.6~rc1/source/FileFormat.cpp:87:10: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). file.read((char*) dynv_io_memory_get_buffer(mem_io), header.size); data/gpick-0.2.6~rc1/source/FileFormat.cpp:107:10: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). file.read((char*) dynv_io_memory_get_buffer(mem_io), header.size); data/gpick-0.2.6~rc1/source/FileFormat.cpp:109:21: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). uint32_t index, read; data/gpick-0.2.6~rc1/source/FileFormat.cpp:111:58: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). if (dynv_io_read(mem_io, &index, sizeof(uint32_t), &read) == 0){ data/gpick-0.2.6~rc1/source/FileFormat.cpp:112:11: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). if (read != sizeof(uint32_t)) break; data/gpick-0.2.6~rc1/source/FileFormat.cpp:128:10: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). file.read((char*) dynv_io_memory_get_buffer(mem_io), header.size); data/gpick-0.2.6~rc1/source/FileFormat.cpp:130:14: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). uint32_t read; data/gpick-0.2.6~rc1/source/FileFormat.cpp:132:59: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). if (dynv_io_read(mem_io, &version, sizeof(uint32_t), &read) == 0){ data/gpick-0.2.6~rc1/source/FileFormat.cpp:140:9: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). file.read((char*) &header, sizeof(header)); data/gpick-0.2.6~rc1/source/ImportExport.cpp:602:4: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). f.read(magic, 4); data/gpick-0.2.6~rc1/source/ImportExport.cpp:609:4: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). f.read((char*)&version, 4); data/gpick-0.2.6~rc1/source/ImportExport.cpp:612:4: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). f.read((char*)&blocks, 4); data/gpick-0.2.6~rc1/source/ImportExport.cpp:618:5: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). f.read((char*)&block_type, 2); data/gpick-0.2.6~rc1/source/ImportExport.cpp:620:5: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). f.read((char*)&block_size, 4); data/gpick-0.2.6~rc1/source/ImportExport.cpp:626:7: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). f.read((char*)&name_length, 2); data/gpick-0.2.6~rc1/source/ImportExport.cpp:630:7: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). f.read((char*)name_u16, name_length*2); data/gpick-0.2.6~rc1/source/ImportExport.cpp:638:7: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). f.read(color_space, 4); data/gpick-0.2.6~rc1/source/ImportExport.cpp:642:8: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). f.read((char*)&rgb[0], 4); data/gpick-0.2.6~rc1/source/ImportExport.cpp:643:8: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). f.read((char*)&rgb[1], 4); data/gpick-0.2.6~rc1/source/ImportExport.cpp:644:8: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). f.read((char*)&rgb[2], 4); data/gpick-0.2.6~rc1/source/ImportExport.cpp:655:8: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). f.read((char*)&cmyk[0], 4); data/gpick-0.2.6~rc1/source/ImportExport.cpp:656:8: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). f.read((char*)&cmyk[1], 4); data/gpick-0.2.6~rc1/source/ImportExport.cpp:657:8: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). f.read((char*)&cmyk[2], 4); data/gpick-0.2.6~rc1/source/ImportExport.cpp:658:8: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). f.read((char*)&cmyk[3], 4); data/gpick-0.2.6~rc1/source/ImportExport.cpp:671:8: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). f.read((char*)&gray, 4); data/gpick-0.2.6~rc1/source/ImportExport.cpp:678:8: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). f.read((char*)&lab[0], 4); data/gpick-0.2.6~rc1/source/ImportExport.cpp:679:8: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). f.read((char*)&lab[1], 4); data/gpick-0.2.6~rc1/source/ImportExport.cpp:680:8: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). f.read((char*)&lab[2], 4); data/gpick-0.2.6~rc1/source/ImportExport.cpp:701:7: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). f.read((char*)&color_type, 2); data/gpick-0.2.6~rc1/source/ImportExport.cpp:860:18: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). virtual size_t read(char *buffer, size_t length) data/gpick-0.2.6~rc1/source/ImportExport.cpp:862:11: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). m_file.read(buffer, length); data/gpick-0.2.6~rc1/source/cssparser/css_parser.cpp:135:6: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). if (strlen(value) == 4){ data/gpick-0.2.6~rc1/source/dynv/DynvHandler.cpp:124:10: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). length=strlen(handler->name); data/gpick-0.2.6~rc1/source/dynv/DynvHandler.cpp:137:11: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). uint32_t read; data/gpick-0.2.6~rc1/source/dynv/DynvHandler.cpp:143:43: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). if (dynv_io_read(io, &handler_count, 4, &read) == 0){ data/gpick-0.2.6~rc1/source/dynv/DynvHandler.cpp:144:7: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). if (read != 4) return -1; data/gpick-0.2.6~rc1/source/dynv/DynvHandler.cpp:152:33: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). dynv_io_read(io, &length, 4, &read); data/gpick-0.2.6~rc1/source/dynv/DynvHandler.cpp:155:35: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). dynv_io_read(io, name, length, &read); data/gpick-0.2.6~rc1/source/dynv/DynvIO.h:26:8: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). int (*read)(struct dynvIO* io, void* data, uint32_t size, uint32_t* data_read); data/gpick-0.2.6~rc1/source/dynv/DynvSystem.cpp:378:10: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). length=strlen(variable->name); data/gpick-0.2.6~rc1/source/dynv/DynvSystem.cpp:392:11: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). uint32_t read; data/gpick-0.2.6~rc1/source/dynv/DynvSystem.cpp:398:44: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). if (dynv_io_read(io, &variable_count, 4, &read) == 0){ data/gpick-0.2.6~rc1/source/dynv/DynvSystem.cpp:399:7: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). if (read != 4) return -1; data/gpick-0.2.6~rc1/source/dynv/DynvSystem.cpp:412:49: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). dynv_io_read(io, &handler_id, handler_bytes, &read); data/gpick-0.2.6~rc1/source/dynv/DynvSystem.cpp:417:34: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). dynv_io_read(io, &length, 4, &read); data/gpick-0.2.6~rc1/source/dynv/DynvSystem.cpp:420:36: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). dynv_io_read(io, name, length, &read); data/gpick-0.2.6~rc1/source/dynv/DynvSystem.cpp:427:36: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). dynv_io_read(io, &length, 4, &read); data/gpick-0.2.6~rc1/source/dynv/DynvSystem.cpp:433:35: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). dynv_io_read(io, &length, 4, &read); data/gpick-0.2.6~rc1/source/dynv/DynvSystem.cpp:441:34: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). dynv_io_read(io, &length, 4, &read); data/gpick-0.2.6~rc1/source/dynv/DynvSystem.cpp:445:34: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). dynv_io_read(io, &length, 4, &read); data/gpick-0.2.6~rc1/source/dynv/DynvSystem.cpp:459:13: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). return io->read(io, data, size, data_read); data/gpick-0.2.6~rc1/source/dynv/DynvVarColor.cpp:87:11: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). uint32_t read; data/gpick-0.2.6~rc1/source/dynv/DynvVarColor.cpp:90:32: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). dynv_io_read(io, &length, 4, &read); data/gpick-0.2.6~rc1/source/dynv/DynvVarColor.cpp:92:35: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). if (dynv_io_read(io, value, 16, &read) == 0){ data/gpick-0.2.6~rc1/source/dynv/DynvVarFloat.cpp:68:11: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). uint32_t read; data/gpick-0.2.6~rc1/source/dynv/DynvVarFloat.cpp:70:30: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). dynv_io_read(io, &size, 4, &read); data/gpick-0.2.6~rc1/source/dynv/DynvVarFloat.cpp:77:35: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). if (dynv_io_read(io, &value, 4, &read) == 0){ data/gpick-0.2.6~rc1/source/dynv/DynvVarInt32.cpp:62:11: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). uint32_t read; data/gpick-0.2.6~rc1/source/dynv/DynvVarInt32.cpp:64:31: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). dynv_io_read(io, &value, 4, &read); data/gpick-0.2.6~rc1/source/dynv/DynvVarInt32.cpp:66:35: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). if (dynv_io_read(io, &value, 4, &read) == 0){ data/gpick-0.2.6~rc1/source/dynv/DynvVarString.cpp:46:17: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). uint32_t len = strlen(*(char**)value)+1; data/gpick-0.2.6~rc1/source/dynv/DynvVarString.cpp:63:20: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). uint32_t length = strlen((char*)variable->ptr_value); data/gpick-0.2.6~rc1/source/dynv/DynvVarString.cpp:82:11: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). uint32_t read; data/gpick-0.2.6~rc1/source/dynv/DynvVarString.cpp:85:36: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). if (dynv_io_read(io, &length, 4, &read) == 0){ data/gpick-0.2.6~rc1/source/dynv/DynvVarString.cpp:86:7: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). if (read != 4) return -1; data/gpick-0.2.6~rc1/source/dynv/DynvVarString.cpp:93:53: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). if (dynv_io_read(io, variable->ptr_value, length, &read) == 0){ data/gpick-0.2.6~rc1/source/dynv/DynvVarString.cpp:94:7: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). if (read != length) return -1; data/gpick-0.2.6~rc1/source/dynv/DynvVarString.cpp:115:17: [1] (buffer) strlen: Does not handle strings that are not \0-terminated; if given one it may perform an over-read (it could cause a crash if unprotected) (CWE-126). uint32_t len = strlen(data)+1; data/gpick-0.2.6~rc1/source/dynv/DynvXml.cpp:221:6: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). in.read((char*)buffer, 4096); data/gpick-0.2.6~rc1/source/parser/TextFile.h:47:19: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). virtual size_t read(char *buffer, size_t length) = 0; data/gpick-0.2.6~rc1/source/test/TextFileTest.cpp:33:18: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). virtual size_t read(char *buffer, size_t length) data/gpick-0.2.6~rc1/source/test/TextFileTest.cpp:35:14: [1] (buffer) read: Check buffer boundaries if used in a loop including recursive loops (CWE-120, CWE-20). m_stream->read(buffer, length); ANALYSIS SUMMARY: Hits = 153 Lines analyzed = 38381 in approximately 1.37 seconds (28094 lines/second) Physical Source Lines of Code (SLOC) = 29380 Hits@level = [0] 26 [1] 78 [2] 47 [3] 6 [4] 22 [5] 0 Hits@level+ = [0+] 179 [1+] 153 [2+] 75 [3+] 28 [4+] 22 [5+] 0 Hits/KSLOC@level+ = [0+] 6.09258 [1+] 5.20762 [2+] 2.55276 [3+] 0.953029 [4+] 0.748809 [5+] 0 Dot directories skipped = 1 (--followdotdir overrides) Minimum risk level = 1 Not every hit is necessarily a security vulnerability. There may be other security vulnerabilities; review your code! See 'Secure Programming HOWTO' (https://dwheeler.com/secure-programs) for more information.