Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler.
Number of rules (primarily dangerous function names) in C/C++ ruleset: 223
Examining data/h5utils-1.13.1/arrayh4.c
Examining data/h5utils-1.13.1/arrayh4.h
Examining data/h5utils-1.13.1/arrayh5.c
Examining data/h5utils-1.13.1/arrayh5.h
Examining data/h5utils-1.13.1/copyright.h
Examining data/h5utils-1.13.1/h4fromh5.c
Examining data/h5utils-1.13.1/h5cyl2cart.c
Examining data/h5utils-1.13.1/h5fromh4.c
Examining data/h5utils-1.13.1/h5fromtxt.c
Examining data/h5utils-1.13.1/h5math.c
Examining data/h5utils-1.13.1/h5read.cc
Examining data/h5utils-1.13.1/h5topng.c
Examining data/h5utils-1.13.1/h5totxt.c
Examining data/h5utils-1.13.1/h5tov5d.c
Examining data/h5utils-1.13.1/h5tovtk.c
Examining data/h5utils-1.13.1/h5utils.c
Examining data/h5utils-1.13.1/h5utils.h
Examining data/h5utils-1.13.1/writepng.c
Examining data/h5utils-1.13.1/writepng.h
FINAL RESULTS:
data/h5utils-1.13.1/arrayh5.c:173:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(*dname, name);
data/h5utils-1.13.1/arrayh5.c:218:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(dname, datapath);
data/h5utils-1.13.1/arrayh5.c:414:4: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(dname, datapath);
data/h5utils-1.13.1/h4fromh5.c:67:6: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf("h4fromh5 " PACKAGE_VERSION " by Steven G. Johnson\n"
data/h5utils-1.13.1/h5cyl2cart.c:116:6: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf("h5cyl2cart " PACKAGE_VERSION
data/h5utils-1.13.1/h5cyl2cart.c:159:7: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(tmp, dname);
data/h5utils-1.13.1/h5cyl2cart.c:224:31: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcpy(tmp, "cart-"); strcat(tmp, dname);
data/h5utils-1.13.1/h5cyl2cart.c:228:31: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcpy(tmp, "cart-"); strcat(tmp, dnamei);
data/h5utils-1.13.1/h5fromh4.c:68:6: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf("h5fromh4 " PACKAGE_VERSION " by Steven G. Johnson\n"
data/h5utils-1.13.1/h5fromtxt.c:77:6: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf("h5fromtxt " PACKAGE_VERSION " by Steven G. Johnson\n"
data/h5utils-1.13.1/h5math.c:97:6: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf("h5totxt " PACKAGE_VERSION " by Steven G. Johnson\n"
data/h5utils-1.13.1/h5math.c:266:9: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(expr_string, buf);
data/h5utils-1.13.1/h5topng.c:152:6: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(cmap_fname, CMAP_DIR); strcat(cmap_fname, colormap);
data/h5utils-1.13.1/h5topng.c:152:36: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcpy(cmap_fname, CMAP_DIR); strcat(cmap_fname, colormap);
data/h5utils-1.13.1/h5topng.c:268:6: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf("h5topng " PACKAGE_VERSION " by Steven G. Johnson\n"
data/h5utils-1.13.1/h5topng.c:515:5: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(suff, s);
data/h5utils-1.13.1/h5totxt.c:82:6: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf("h5totxt " PACKAGE_VERSION " by Steven G. Johnson\n"
data/h5utils-1.13.1/h5tovtk.c:198:6: [4] (format) printf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
printf("h5tovtk " PACKAGE_VERSION " by Steven G. Johnson\n"
data/h5utils-1.13.1/h5utils.c:36:6: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(sd, s);
data/h5utils-1.13.1/h5utils.c:52:6: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(new_s, s);
data/h5utils-1.13.1/h5utils.c:56:6: [4] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused).
strcat(new_s, new_suff);
data/h5utils-1.13.1/h5utils.c:82:11: [4] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused).
strcpy(filename, fname);
data/h5utils-1.13.1/h4fromh5.c:61:18: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while ((c = getopt(argc, argv, "hd:vTo:V")) != -1)
data/h5utils-1.13.1/h5cyl2cart.c:110:18: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while ((c = getopt(argc, argv, "hVvm:o:r:d:i:")) != -1)
data/h5utils-1.13.1/h5fromh4.c:62:18: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while ((c = getopt(argc, argv, "hd:vo:aV")) != -1)
data/h5utils-1.13.1/h5fromtxt.c:71:18: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while ((c = getopt(argc, argv, "hn:d:vTaV")) != -1)
data/h5utils-1.13.1/h5math.c:91:18: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while ((c = getopt(argc, argv, "hVvan:f:e:x:y:z:t:0d:r:")) != -1)
data/h5utils-1.13.1/h5topng.c:262:18: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while ((c = getopt(argc, argv, "ho:x:y:z:t:0c:m:M:RC:b:d:vX:Y:S:TrZs:Va:A:8")) != -1)
data/h5utils-1.13.1/h5totxt.c:76:18: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while ((c = getopt(argc, argv, "ho:x:y:z:t:0ad:vTs:.:V")) != -1)
data/h5utils-1.13.1/h5tov5d.c:302:18: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while ((c = getopt(argc, argv, "ho:d:vTV124x:y:z:t:0")) != -1)
data/h5utils-1.13.1/h5tovtk.c:192:18: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while ((c = getopt(argc, argv, "ho:d:vV124mMZranx:y:z:t:0")) != -1)
data/h5utils-1.13.1/arrayh5.c:82:18: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
if (a.data) memcpy(b.data, a.data, sizeof(double) * a.N);
data/h5utils-1.13.1/h5cyl2cart.c:124:10: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
m = atoi(optarg);
data/h5utils-1.13.1/h5cyl2cart.c:160:7: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(tmp, ".r");
data/h5utils-1.13.1/h5cyl2cart.c:224:9: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(tmp, "cart-"); strcat(tmp, dname);
data/h5utils-1.13.1/h5cyl2cart.c:228:9: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(tmp, "cart-"); strcat(tmp, dnamei);
data/h5utils-1.13.1/h5math.c:135:18: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
islice[0] = atoi(optarg);
data/h5utils-1.13.1/h5math.c:139:18: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
islice[1] = atoi(optarg);
data/h5utils-1.13.1/h5math.c:143:18: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
islice[2] = atoi(optarg);
data/h5utils-1.13.1/h5math.c:147:18: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
islice[3] = atoi(optarg);
data/h5utils-1.13.1/h5math.c:242:4: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(vars[i], "d%d", i + 1);
data/h5utils-1.13.1/h5math.c:252:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[1024] = "";
data/h5utils-1.13.1/h5math.c:254:30: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE *f = expr_filename ? fopen(expr_filename, "r") : stdin;
data/h5utils-1.13.1/h5topng.c:154:17: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
|| !(cmap_f = fopen(cmap_fname, "r"))) {
data/h5utils-1.13.1/h5topng.c:157:19: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (!(cmap_f = fopen(cmap_fname, "r"))) {
data/h5utils-1.13.1/h5topng.c:510:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char s[128];
data/h5utils-1.13.1/h5topng.c:511:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(s, ".%c%0*d", dimname[dim],
data/h5utils-1.13.1/h5topng.c:517:9: [2] (buffer) strcat:
Does not check for buffer overflows when concatenating to destination
[MS-banned] (CWE-120). Consider using strcat_s, strncat, strlcat, or
snprintf (warning: strncat is easily misused). Risk is low because the
source is a constant string.
strcat(suff, ".png");
data/h5utils-1.13.1/h5totxt.c:107:12: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
dec = atoi(optarg);
data/h5utils-1.13.1/h5totxt.c:110:18: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
islice[0] = atoi(optarg);
data/h5utils-1.13.1/h5totxt.c:114:18: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
islice[1] = atoi(optarg);
data/h5utils-1.13.1/h5totxt.c:118:18: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
islice[2] = atoi(optarg);
data/h5utils-1.13.1/h5totxt.c:122:18: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
islice[3] = atoi(optarg);
data/h5utils-1.13.1/h5totxt.c:184:11: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
f = fopen(txt_fname, "w");
data/h5utils-1.13.1/h5tov5d.c:84:6: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char VarName[MAXVARS][10]; /* names of variables */
data/h5utils-1.13.1/h5tov5d.c:219:5: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
sprintf(VarName[iv], "%d", iv);
data/h5utils-1.13.1/h5tov5d.c:221:5: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(VarName[iv], "Infinity");
data/h5utils-1.13.1/h5tov5d.c:329:18: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
islice[0] = atoi(optarg);
data/h5utils-1.13.1/h5tov5d.c:333:18: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
islice[1] = atoi(optarg);
data/h5utils-1.13.1/h5tov5d.c:337:18: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
islice[2] = atoi(optarg);
data/h5utils-1.13.1/h5tov5d.c:341:18: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
islice[3] = atoi(optarg);
data/h5utils-1.13.1/h5tovtk.c:205:18: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
islice[0] = atoi(optarg);
data/h5utils-1.13.1/h5tovtk.c:209:18: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
islice[1] = atoi(optarg);
data/h5utils-1.13.1/h5tovtk.c:213:18: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
islice[2] = atoi(optarg);
data/h5utils-1.13.1/h5tovtk.c:217:18: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
islice[3] = atoi(optarg);
data/h5utils-1.13.1/h5tovtk.c:335:11: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
f = fopen(vtk_fname, "w");
data/h5utils-1.13.1/h5tovtk.c:375:13: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
f = fopen(vtk_fname, "w");
data/h5utils-1.13.1/writepng.c:286:11: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fp = fopen(filename, "wb");
data/h5utils-1.13.1/arrayh5.c:172:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
CHK_MALLOC(*dname, char, strlen(name) + 1);
data/h5utils-1.13.1/arrayh5.c:217:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
CHK_MALLOC(dname, char, strlen(datapath) + 1);
data/h5utils-1.13.1/arrayh5.c:413:28: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
CHK_MALLOC(dname, char, strlen(datapath) + 1);
data/h5utils-1.13.1/h5cyl2cart.c:155:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t len = strlen(dname);
data/h5utils-1.13.1/h5cyl2cart.c:182:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t len = strlen(dname);
data/h5utils-1.13.1/h5cyl2cart.c:200:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
size_t len = strlen(dnamei);
data/h5utils-1.13.1/h5cyl2cart.c:223:46: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
tmp = (char*) malloc(sizeof(char) * (strlen(dname)+6));
data/h5utils-1.13.1/h5cyl2cart.c:227:46: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
tmp = (char*) malloc(sizeof(char) * (strlen(dnamei)+6));
data/h5utils-1.13.1/h5fromh4.c:115:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(dname) >= strlen(".hdf") &&
data/h5utils-1.13.1/h5fromh4.c:115:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if (strlen(dname) >= strlen(".hdf") &&
data/h5utils-1.13.1/h5fromh4.c:116:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
!strcmp(dname + strlen(dname)-strlen(".hdf"),
data/h5utils-1.13.1/h5fromh4.c:116:36: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
!strcmp(dname + strlen(dname)-strlen(".hdf"),
data/h5utils-1.13.1/h5fromh4.c:118:13: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
dname[strlen(dname) - strlen(".hdf")] = 0;
data/h5utils-1.13.1/h5fromh4.c:118:29: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
dname[strlen(dname) - strlen(".hdf")] = 0;
data/h5utils-1.13.1/h5fromtxt.c:138:23: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
while (isspace(c = getc(stdin)));
data/h5utils-1.13.1/h5fromtxt.c:158:13: [1] (buffer) getc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
c = getc(stdin);
data/h5utils-1.13.1/h5math.c:262:10: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(buf) + 1;
data/h5utils-1.13.1/h5math.c:264:16: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len += strlen(buf);
data/h5utils-1.13.1/h5topng.c:94:23: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
while (isspace(c = fgetc(f)));
data/h5utils-1.13.1/h5topng.c:96:28: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
while (isspace(c = fgetc(f)) && c != '\n' && c != EOF);
data/h5utils-1.13.1/h5topng.c:98:29: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
while ('\n' != (c = fgetc(f)) && c != EOF)
data/h5utils-1.13.1/h5topng.c:145:7: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
(strlen(CMAP_DIR)
data/h5utils-1.13.1/h5topng.c:146:9: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
+ strlen(colormap) + 1));
data/h5utils-1.13.1/h5tov5d.c:207:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int suff = strlen(v5d_fname) - 4;
data/h5utils-1.13.1/h5utils.c:34:49: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
char *sd = (char *) malloc(sizeof(char) * (strlen(s) + 1));
data/h5utils-1.13.1/h5utils.c:45:14: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
s_len = strlen(s);
data/h5utils-1.13.1/h5utils.c:46:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
old_suff_len = strlen(old_suff);
data/h5utils-1.13.1/h5utils.c:47:21: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
new_suff_len = strlen(new_suff);
data/h5utils-1.13.1/h5utils.c:69:18: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
fname_len = strlen(fname);
data/h5utils-1.13.1/h5utils.c:72:27: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
int colon_len = strlen(colon);
data/h5utils-1.13.1/h5utils.c:75:11: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(filename, fname, fname_len-colon_len+1);
ANALYSIS SUMMARY:
Hits = 99
Lines analyzed = 4385 in approximately 0.20 seconds (22229 lines/second)
Physical Source Lines of Code (SLOC) = 3406
Hits@level = [0] 114 [1] 31 [2] 37 [3] 9 [4] 22 [5] 0
Hits@level+ = [0+] 213 [1+] 99 [2+] 68 [3+] 31 [4+] 22 [5+] 0
Hits/KSLOC@level+ = [0+] 62.5367 [1+] 29.0664 [2+] 19.9648 [3+] 9.10159 [4+] 6.45919 [5+] 0
Dot directories skipped = 1 (--followdotdir overrides)
Minimum risk level = 1
Not every hit is necessarily a security vulnerability.
There may be other security vulnerabilities; review your code!
See 'Secure Programming HOWTO'
(https://dwheeler.com/secure-programs) for more information.