Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler. Number of rules (primarily dangerous function names) in C/C++ ruleset: 223 Examining data/libart-lgpl-2.3.21/art_uta_rect.h Examining data/libart-lgpl-2.3.21/art_render_gradient.c Examining data/libart-lgpl-2.3.21/art_rgb_a_affine.c Examining data/libart-lgpl-2.3.21/art_rgb_affine.c Examining data/libart-lgpl-2.3.21/art_uta_vpath.c Examining data/libart-lgpl-2.3.21/art_svp_intersect.c Examining data/libart-lgpl-2.3.21/art_rect_uta.h Examining data/libart-lgpl-2.3.21/art_svp_render_aa.h Examining data/libart-lgpl-2.3.21/art_rect_uta.c Examining data/libart-lgpl-2.3.21/art_bpath.c Examining data/libart-lgpl-2.3.21/art_uta.h Examining data/libart-lgpl-2.3.21/art_pixbuf.c Examining data/libart-lgpl-2.3.21/art_svp_ops.h Examining data/libart-lgpl-2.3.21/art_render_svp.c Examining data/libart-lgpl-2.3.21/art_vpath_svp.h Examining data/libart-lgpl-2.3.21/libart.h Examining data/libart-lgpl-2.3.21/art_uta_svp.h Examining data/libart-lgpl-2.3.21/art_gray_svp.h Examining data/libart-lgpl-2.3.21/art_rgb_bitmap_affine.h Examining data/libart-lgpl-2.3.21/art_rect.h Examining data/libart-lgpl-2.3.21/art_uta_ops.h Examining data/libart-lgpl-2.3.21/art_render_mask.c Examining data/libart-lgpl-2.3.21/art_svp_vpath_stroke.h Examining data/libart-lgpl-2.3.21/art_svp_point.c Examining data/libart-lgpl-2.3.21/art_rect_svp.c Examining data/libart-lgpl-2.3.21/art_affine.c Examining data/libart-lgpl-2.3.21/art_filterlevel.h Examining data/libart-lgpl-2.3.21/art_svp_render_aa.c Examining data/libart-lgpl-2.3.21/art_rgb_svp.c Examining data/libart-lgpl-2.3.21/art_rgb.c Examining data/libart-lgpl-2.3.21/art_vpath.c Examining data/libart-lgpl-2.3.21/art_rgba.h Examining data/libart-lgpl-2.3.21/art_bpath.h Examining data/libart-lgpl-2.3.21/art_svp_vpath.h Examining data/libart-lgpl-2.3.21/art_vpath_dash.c Examining data/libart-lgpl-2.3.21/art_render.c Examining data/libart-lgpl-2.3.21/art_vpath_svp.c Examining data/libart-lgpl-2.3.21/art_svp_wind.c Examining data/libart-lgpl-2.3.21/art_render_svp.h Examining data/libart-lgpl-2.3.21/art_point.h Examining data/libart-lgpl-2.3.21/art_vpath.h Examining data/libart-lgpl-2.3.21/art_render_gradient.h Examining data/libart-lgpl-2.3.21/testart.c Examining data/libart-lgpl-2.3.21/testuta.c Examining data/libart-lgpl-2.3.21/art_uta_ops.c Examining data/libart-lgpl-2.3.21/art_pathcode.h Examining data/libart-lgpl-2.3.21/libart-features.c Examining data/libart-lgpl-2.3.21/art_svp_vpath_stroke.c Examining data/libart-lgpl-2.3.21/art_rgb_pixbuf_affine.c Examining data/libart-lgpl-2.3.21/art_uta_svp.c Examining data/libart-lgpl-2.3.21/art_rgb_pixbuf_affine.h Examining data/libart-lgpl-2.3.21/art_vpath_bpath.c Examining data/libart-lgpl-2.3.21/art_rgb_svp.h Examining data/libart-lgpl-2.3.21/art_misc.c Examining data/libart-lgpl-2.3.21/art_rect.c Examining data/libart-lgpl-2.3.21/art_rgb_a_affine.h Examining data/libart-lgpl-2.3.21/art_rect_svp.h Examining data/libart-lgpl-2.3.21/art_render_mask.h Examining data/libart-lgpl-2.3.21/art_vpath_dash.h Examining data/libart-lgpl-2.3.21/art_rgb.h Examining data/libart-lgpl-2.3.21/art_alphagamma.c Examining data/libart-lgpl-2.3.21/art_misc.h Examining data/libart-lgpl-2.3.21/art_config.h Examining data/libart-lgpl-2.3.21/art_svp_wind.h Examining data/libart-lgpl-2.3.21/art_rgba.c Examining data/libart-lgpl-2.3.21/art_pixbuf.h Examining data/libart-lgpl-2.3.21/art_uta_vpath.h Examining data/libart-lgpl-2.3.21/art_svp.h Examining data/libart-lgpl-2.3.21/art_uta.c Examining data/libart-lgpl-2.3.21/art_svp.c Examining data/libart-lgpl-2.3.21/art_gray_svp.c Examining data/libart-lgpl-2.3.21/art_vpath_bpath.h Examining data/libart-lgpl-2.3.21/art_svp_vpath.c Examining data/libart-lgpl-2.3.21/libart-features.h Examining data/libart-lgpl-2.3.21/art_rgb_affine_private.c Examining data/libart-lgpl-2.3.21/art_rgb_bitmap_affine.c Examining data/libart-lgpl-2.3.21/art_uta_rect.c Examining data/libart-lgpl-2.3.21/art_alphagamma.h Examining data/libart-lgpl-2.3.21/art_svp_ops.c Examining data/libart-lgpl-2.3.21/art_rgb_rgba_affine.c Examining data/libart-lgpl-2.3.21/art_svp_intersect.h Examining data/libart-lgpl-2.3.21/art_render.h Examining data/libart-lgpl-2.3.21/art_rgb_affine.h Examining data/libart-lgpl-2.3.21/art_rgb_rgba_affine.h Examining data/libart-lgpl-2.3.21/art_svp_point.h Examining data/libart-lgpl-2.3.21/art_rgb_affine_private.h Examining data/libart-lgpl-2.3.21/art_affine.h FINAL RESULTS: data/libart-lgpl-2.3.21/art_affine.c:237:8: [4] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. sprintf (str, "%s rotate", tmp); data/libart-lgpl-2.3.21/art_misc.c:43:3: [4] (format) vfprintf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. vfprintf (stderr, fmt, ap); data/libart-lgpl-2.3.21/art_misc.c:60:3: [4] (format) vfprintf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. vfprintf (stderr, fmt, ap); data/libart-lgpl-2.3.21/art_misc.c:76:3: [4] (format) vfprintf: If format strings can be influenced by an attacker, they can be exploited (CWE-134). Use a constant for the format specification. vfprintf (stderr, fmt, ap); data/libart-lgpl-2.3.21/testuta.c:158:5: [3] (random) srand: This function is not sufficiently random for security-related functions such as key and nonce creation (CWE-327). Use a more secure technique for acquiring random values. srand (atoi (argv[1])); data/libart-lgpl-2.3.21/art_affine.c:111:11: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. art_ftoa (char str[80], double x) data/libart-lgpl-2.3.21/art_affine.c:131:11: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. i = sprintf (p, "%06d", (int)floor ((x + EPSILON / 2) * 1e6)); data/libart-lgpl-2.3.21/art_affine.c:140:11: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. i = sprintf (p, "%d", (int)floor (x + EPSILON / 2)); data/libart-lgpl-2.3.21/art_affine.c:160:4: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. sprintf (p, "%06d", ix); data/libart-lgpl-2.3.21/art_affine.c:170:10: [2] (buffer) sprintf: Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or vsnprintf. Risk is low because the source has a constant maximum length. p += sprintf (p, "%g", x); data/libart-lgpl-2.3.21/art_affine.c:191:23: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. art_affine_to_string (char str[128], const double src[6]) data/libart-lgpl-2.3.21/art_affine.c:193:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char tmp[80]; data/libart-lgpl-2.3.21/art_affine.c:222:8: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy (str + ix, " scale"); data/libart-lgpl-2.3.21/art_affine.c:252:4: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy (str + ix, " translate"); data/libart-lgpl-2.3.21/art_affine.c:265:3: [2] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant string. strcpy (str + ix, "] concat"); data/libart-lgpl-2.3.21/art_affine.h:47:23: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. art_affine_to_string (char str[128], const double src[6]); data/libart-lgpl-2.3.21/art_pixbuf.c:276:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy (result->pixels, pixbuf->pixels, size); data/libart-lgpl-2.3.21/art_render_gradient.c:255:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy (tmp_stops, gradient->stops, sizeof (ArtGradientStop)); data/libart-lgpl-2.3.21/art_render_gradient.c:260:5: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy (tmp_stops, gradient->stops, sizeof (ArtGradientStop) * n_stops); data/libart-lgpl-2.3.21/art_render_gradient.c:264:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy (tmp_stops, &gradient->stops[n_stops-1], sizeof (ArtGradientStop)); data/libart-lgpl-2.3.21/art_render_gradient.c:286:7: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy (stops, tmp_stops, sizeof (ArtGradientStop) * n_stops); data/libart-lgpl-2.3.21/art_render_gradient.c:291:4: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy (stops[n_stops * 2 - 1 - i].color, stops[i].color, sizeof (stops[i].color)); data/libart-lgpl-2.3.21/art_render_gradient.c:606:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy (image_source->gradient.stops, gradient->stops, sizeof (ArtGradientStop) * gradient->n_stops); data/libart-lgpl-2.3.21/art_render_gradient.c:710:3: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy (image_source->gradient.stops, gradient->stops, sizeof (ArtGradientStop) * gradient->n_stops); data/libart-lgpl-2.3.21/art_render_mask.c:79:2: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy (dst_line, src_line, z_width); data/libart-lgpl-2.3.21/art_svp_wind.c:1470:8: [2] (buffer) memcpy: Does not check for buffer overflows when copying to destination (CWE-120). Make sure destination can always hold the source data. memcpy (new_points, points, n_points * sizeof (ArtPoint)); data/libart-lgpl-2.3.21/art_vpath.c:207:7: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). int open; data/libart-lgpl-2.3.21/art_vpath.c:230:12: [2] (misc) open: Check when opening files - can an attacker redirect it (via symlinks), force the opening of special file type (e.g., device files), move things around to create a race condition, control its ancestors, or change its contents? (CWE-362). if (!open && (i + 1 == size || src[i + 1].code != ART_LINETO)) data/libart-lgpl-2.3.21/testart.c:49:3: [2] (buffer) char: Statically-sized arrays can be improperly restricted, leading to potential overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length. char str[128]; data/libart-lgpl-2.3.21/testuta.c:158:12: [2] (integer) atoi: Unless checked, the resulting number can exceed the expected range (CWE-190). If source untrusted, check both minimum and maximum, even if the input had no minus sign (large numbers can roll over into negative number; consider saving to an unsigned value if that is intended). srand (atoi (argv[1])); data/libart-lgpl-2.3.21/art_affine.c:119:7: [1] (buffer) strcpy: Does not check for buffer overflows when copying to destination [MS-banned] (CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy easily misused). Risk is low because the source is a constant character. strcpy (str, "0"); ANALYSIS SUMMARY: Hits = 31 Lines analyzed = 16616 in approximately 0.66 seconds (25300 lines/second) Physical Source Lines of Code (SLOC) = 10754 Hits@level = [0] 149 [1] 1 [2] 25 [3] 1 [4] 4 [5] 0 Hits@level+ = [0+] 180 [1+] 31 [2+] 30 [3+] 5 [4+] 4 [5+] 0 Hits/KSLOC@level+ = [0+] 16.738 [1+] 2.88265 [2+] 2.78966 [3+] 0.464943 [4+] 0.371955 [5+] 0 Dot directories skipped = 1 (--followdotdir overrides) Minimum risk level = 1 Not every hit is necessarily a security vulnerability. There may be other security vulnerabilities; review your code! See 'Secure Programming HOWTO' (https://dwheeler.com/secure-programs) for more information.