Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler.
Number of rules (primarily dangerous function names) in C/C++ ruleset: 223
Examining data/libcdr-0.1.6/inc/libcdr/libcdr.h
Examining data/libcdr-0.1.6/inc/libcdr/libcdr_api.h
Examining data/libcdr-0.1.6/inc/libcdr/CDRDocument.h
Examining data/libcdr-0.1.6/inc/libcdr/CMXDocument.h
Examining data/libcdr-0.1.6/src/lib/CDRDocument.cpp
Examining data/libcdr-0.1.6/src/lib/CMXDocument.cpp
Examining data/libcdr-0.1.6/src/lib/CDRCollector.cpp
Examining data/libcdr-0.1.6/src/lib/CDRContentCollector.cpp
Examining data/libcdr-0.1.6/src/lib/CDRInternalStream.cpp
Examining data/libcdr-0.1.6/src/lib/CDROutputElementList.cpp
Examining data/libcdr-0.1.6/src/lib/CDRParser.cpp
Examining data/libcdr-0.1.6/src/lib/CDRPath.cpp
Examining data/libcdr-0.1.6/src/lib/CDRStylesCollector.cpp
Examining data/libcdr-0.1.6/src/lib/CDRTransforms.cpp
Examining data/libcdr-0.1.6/src/lib/CDRTypes.cpp
Examining data/libcdr-0.1.6/src/lib/CMXParser.cpp
Examining data/libcdr-0.1.6/src/lib/CommonParser.cpp
Examining data/libcdr-0.1.6/src/lib/CDRCollector.h
Examining data/libcdr-0.1.6/src/lib/CDRColorPalettes.h
Examining data/libcdr-0.1.6/src/lib/CDRColorProfiles.h
Examining data/libcdr-0.1.6/src/lib/CDRContentCollector.h
Examining data/libcdr-0.1.6/src/lib/CDRDocumentStructure.h
Examining data/libcdr-0.1.6/src/lib/CDRInternalStream.h
Examining data/libcdr-0.1.6/src/lib/CDROutputElementList.h
Examining data/libcdr-0.1.6/src/lib/CDRParser.h
Examining data/libcdr-0.1.6/src/lib/CDRPath.h
Examining data/libcdr-0.1.6/src/lib/CDRStylesCollector.h
Examining data/libcdr-0.1.6/src/lib/CDRTransforms.h
Examining data/libcdr-0.1.6/src/lib/CDRTypes.h
Examining data/libcdr-0.1.6/src/lib/CMXDocumentStructure.h
Examining data/libcdr-0.1.6/src/lib/CMXParser.h
Examining data/libcdr-0.1.6/src/lib/CommonParser.h
Examining data/libcdr-0.1.6/src/lib/libcdr_utils.h
Examining data/libcdr-0.1.6/src/lib/libcdr_utils.cpp
Examining data/libcdr-0.1.6/src/conv/raw/cdr2raw.cpp
Examining data/libcdr-0.1.6/src/conv/raw/cmx2raw.cpp
Examining data/libcdr-0.1.6/src/conv/svg/cdr2xhtml.cpp
Examining data/libcdr-0.1.6/src/conv/svg/cmx2xhtml.cpp
Examining data/libcdr-0.1.6/src/conv/text/cdr2text.cpp
Examining data/libcdr-0.1.6/src/conv/text/cmx2text.cpp
Examining data/libcdr-0.1.6/src/fuzz/cdrfuzzer.cpp
Examining data/libcdr-0.1.6/src/fuzz/cmxfuzzer.cpp
Examining data/libcdr-0.1.6/src/test/CDRInternalStreamTest.cpp
Examining data/libcdr-0.1.6/src/test/test.cpp
FINAL RESULTS:
data/libcdr-0.1.6/src/lib/CDRCollector.cpp:579:14: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
tempString.sprintf("#%.6x", _getRGBColor(color));
data/libcdr-0.1.6/src/lib/CDRContentCollector.cpp:614:14: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
filename.sprintf("vect%.8x.svg", m_spnd);
data/libcdr-0.1.6/src/lib/CDRContentCollector.cpp:797:20: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
filename.sprintf("pattern%.8x.bmp", m_currentFillStyle.imageFill.id);
data/libcdr-0.1.6/src/lib/CDRContentCollector.cpp:1276:12: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
filename.sprintf("vect%.8x.cmx", id);
data/libcdr-0.1.6/src/lib/CDRContentCollector.cpp:1285:12: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
filename.sprintf("vect%.8x.svg", id);
data/libcdr-0.1.6/src/lib/CDRPath.cpp:799:11: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
viewBox.sprintf("%i %i %i %i", 0, 0, (int)(2540*(qx - px)), (int)(2540*(qy - py)));
data/libcdr-0.1.6/src/lib/CDRPath.cpp:807:16: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sElement.sprintf("M%i %i", (int)((vec[i]["svg:x"]->getDouble()-px)*2540),
data/libcdr-0.1.6/src/lib/CDRPath.cpp:813:16: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sElement.sprintf("L%i %i", (int)((vec[i]["svg:x"]->getDouble()-px)*2540),
data/libcdr-0.1.6/src/lib/CDRPath.cpp:819:16: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sElement.sprintf("C%i %i %i %i %i %i", (int)((vec[i]["svg:x1"]->getDouble()-px)*2540),
data/libcdr-0.1.6/src/lib/CDRPath.cpp:827:16: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sElement.sprintf("Q%i %i %i %i", (int)((vec[i]["svg:x1"]->getDouble()-px)*2540),
data/libcdr-0.1.6/src/lib/CDRPath.cpp:834:16: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
sElement.sprintf("A%i %i %i %i %i %i %i", (int)((vec[i]["svg:rx"]->getDouble())*2540),
data/libcdr-0.1.6/src/lib/CDRStylesCollector.cpp:148:14: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
filename.sprintf("bitmap%.8x.bmp", imageId);
data/libcdr-0.1.6/src/lib/CDRStylesCollector.cpp:168:12: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
filename.sprintf("bitmap%.8x.bmp", imageId);
data/libcdr-0.1.6/src/lib/CDRTransforms.cpp:210:10: [4] (format) sprintf:
Potential format string problem (CWE-134). Make format string constant.
output.sprintf("[%f %f %f | %f %f %f]", m_v0, m_v1, m_x0, m_v3, m_v4, m_y0);
data/libcdr-0.1.6/src/lib/libcdr_utils.cpp:471:8: [4] (format) vfprintf:
If format strings can be influenced by an attacker, they can be exploited
(CWE-134). Use a constant for the format specification.
std::vfprintf(stderr, format, args);
data/libcdr-0.1.6/src/lib/CDRCollector.cpp:86:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&profile[0], tmpProfile, numBytesRead);
data/libcdr-0.1.6/src/lib/CDRCollector.cpp:349:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char rgb[3] = { 0, 0, 0 };
data/libcdr-0.1.6/src/lib/CDRCollector.cpp:367:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char rgb[3] = { 0, 0, 0 };
data/libcdr-0.1.6/src/lib/CDRCollector.cpp:385:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char input[3] = { col2, col1, col0 };
data/libcdr-0.1.6/src/lib/CDRCollector.cpp:386:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char output[3] = { 0, 0, 0 };
data/libcdr-0.1.6/src/lib/CDRCollector.cpp:549:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char rgb[3] = { 0, 0, 0 };
data/libcdr-0.1.6/src/lib/CDRCollector.cpp:563:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char rgb[3] = { 0, 0, 0 };
data/libcdr-0.1.6/src/lib/CDRContentCollector.cpp:609:31: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
output.append((unsigned char *)svgOutput[0].cstr(), strlen(svgOutput[0].cstr()));
data/libcdr-0.1.6/src/lib/CDRContentCollector.cpp:615:15: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE *f = fopen(filename.cstr(), "wb");
data/libcdr-0.1.6/src/lib/CDRContentCollector.cpp:798:21: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE *f = fopen(filename.cstr(), "wb");
data/libcdr-0.1.6/src/lib/CDRContentCollector.cpp:1271:29: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
output.append((unsigned char *)svgOutput[0].cstr(), strlen(svgOutput[0].cstr()));
data/libcdr-0.1.6/src/lib/CDRContentCollector.cpp:1277:13: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE *f = fopen(filename.cstr(), "wb");
data/libcdr-0.1.6/src/lib/CDRContentCollector.cpp:1286:7: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
f = fopen(filename.cstr(), "wb");
data/libcdr-0.1.6/src/lib/CDRInternalStream.cpp:42:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&m_buffer[0], tmpBuffer, size);
data/libcdr-0.1.6/src/lib/CDRInternalStream.cpp:48:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char out[CHUNK];
data/libcdr-0.1.6/src/lib/CDRParser.cpp:1370:13: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE *f = fopen("previewImage.bmp", "wb");
data/libcdr-0.1.6/src/lib/CDRParser.cpp:2266:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&bitmap[0], tmpBuffer, tmpNumBytesRead);
data/libcdr-0.1.6/src/lib/CDRParser.cpp:2290:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&bitmap[0], tmpBuffer, tmpNumBytesRead);
data/libcdr-0.1.6/src/lib/CDRParser.cpp:2346:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&pattern[0], tmpBuffer, dataSize);
data/libcdr-0.1.6/src/lib/CDRParser.cpp:2437:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&profile[0], tmpProfile, numBytesRead);
data/libcdr-0.1.6/src/lib/CDRParser.cpp:2969:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&textData[0], buffer, numBytesRead);
data/libcdr-0.1.6/src/lib/CDRParser.cpp:3076:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&textData[0], buffer, numBytesRead);
data/libcdr-0.1.6/src/lib/CDRParser.cpp:3388:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&styleBuffer[0], tmpBuffer, numBytesRead);
data/libcdr-0.1.6/src/lib/CDRStylesCollector.cpp:149:15: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE *f = fopen(filename.cstr(), "wb");
data/libcdr-0.1.6/src/lib/CDRStylesCollector.cpp:169:13: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE *f = fopen(filename.cstr(), "wb");
data/libcdr-0.1.6/src/lib/CMXParser.cpp:230:12: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
if (4 == atoi(tmpString.cstr()))
data/libcdr-0.1.6/src/lib/CMXParser.cpp:236:36: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
auto coordSize = (unsigned short)atoi(tmpString.cstr());
data/libcdr-0.1.6/src/lib/CMXParser.cpp:329:13: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE *f = fopen("previewImage.bmp", "wb");
data/libcdr-0.1.6/src/lib/CommonParser.cpp:172:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&bitmap[0], tmpBuffer, bmpsize);
data/libcdr-0.1.6/src/lib/CommonParser.cpp:199:3: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(&pattern[0], tmpBuffer, dataSize);
data/libcdr-0.1.6/src/lib/libcdr_utils.cpp:153:12: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char outbuf[U8_MAX_LENGTH+1];
data/libcdr-0.1.6/src/lib/libcdr_utils.cpp:477:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
static char sValue[5] = { 0, 0, 0, 0, 0 };
data/libcdr-0.1.6/src/lib/CDRCollector.cpp:82:44: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
const unsigned char *tmpProfile = input->read((unsigned long)-1, numBytesRead);
data/libcdr-0.1.6/src/lib/CDRContentCollector.cpp:608:72: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
librevenge::RVNGBinaryData output((const unsigned char *)header, strlen(header));
data/libcdr-0.1.6/src/lib/CDRContentCollector.cpp:609:59: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
output.append((unsigned char *)svgOutput[0].cstr(), strlen(svgOutput[0].cstr()));
data/libcdr-0.1.6/src/lib/CDRContentCollector.cpp:1270:70: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
librevenge::RVNGBinaryData output((const unsigned char *)header, strlen(header));
data/libcdr-0.1.6/src/lib/CDRContentCollector.cpp:1271:57: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
output.append((unsigned char *)svgOutput[0].cstr(), strlen(svgOutput[0].cstr()));
data/libcdr-0.1.6/src/lib/CDRInternalStream.cpp:36:45: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
const unsigned char *tmpBuffer = input->read(size, tmpNumBytesRead);
data/libcdr-0.1.6/src/lib/CDRInternalStream.cpp:61:45: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
const unsigned char *tmpBuffer = input->read(size, tmpNumBytesRead);
data/libcdr-0.1.6/src/lib/CDRInternalStream.cpp:98:49: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
const unsigned char *libcdr::CDRInternalStream::read(unsigned long numBytes, unsigned long &numBytesRead)
data/libcdr-0.1.6/src/lib/CDRInternalStream.h:51:24: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
const unsigned char *read(unsigned long numBytes, unsigned long &numBytesRead) override;
data/libcdr-0.1.6/src/lib/CDRParser.cpp:121:32: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
const auto end = it + std::strlen(it);
data/libcdr-0.1.6/src/lib/CDRParser.cpp:2262:43: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
const unsigned char *tmpBuffer = input->read(length, tmpNumBytesRead);
data/libcdr-0.1.6/src/lib/CDRParser.cpp:2286:45: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
const unsigned char *tmpBuffer = input->read(lngth, tmpNumBytesRead);
data/libcdr-0.1.6/src/lib/CDRParser.cpp:2342:43: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
const unsigned char *tmpBuffer = input->read(dataSize, tmpNumBytesRead);
data/libcdr-0.1.6/src/lib/CDRParser.cpp:2431:44: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
const unsigned char *tmpProfile = input->read(length, numBytesRead);
data/libcdr-0.1.6/src/lib/CDRParser.cpp:2466:40: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
const unsigned char *buffer = input->read(length-4, numBytesRead);
data/libcdr-0.1.6/src/lib/CDRParser.cpp:2964:44: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
const unsigned char *buffer = input->read(numBytes, numBytesRead);
data/libcdr-0.1.6/src/lib/CDRParser.cpp:3071:42: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
const unsigned char *buffer = input->read(numBytes, numBytesRead);
data/libcdr-0.1.6/src/lib/CDRParser.cpp:3386:43: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
const unsigned char *tmpBuffer = input->read(length, numBytesRead);
data/libcdr-0.1.6/src/lib/CommonParser.cpp:167:43: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
const unsigned char *tmpBuffer = input->read(bmpsize, tmpNumBytesRead);
data/libcdr-0.1.6/src/lib/CommonParser.cpp:194:43: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
const unsigned char *tmpBuffer = input->read(dataSize, tmpNumBytesRead);
data/libcdr-0.1.6/src/lib/libcdr_utils.cpp:171:29: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
uint8_t const *p = input->read(sizeof(uint8_t), numBytesRead);
data/libcdr-0.1.6/src/lib/libcdr_utils.cpp:187:29: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
uint8_t const *p = input->read(sizeof(uint16_t), numBytesRead);
data/libcdr-0.1.6/src/lib/libcdr_utils.cpp:212:29: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
uint8_t const *p = input->read(sizeof(uint32_t), numBytesRead);
data/libcdr-0.1.6/src/lib/libcdr_utils.cpp:237:29: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
uint8_t const *p = input->read(sizeof(uint64_t), numBytesRead);
data/libcdr-0.1.6/src/test/CDRInternalStreamTest.cpp:59:35: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
const unsigned char *s = strm.read(1, readBytes);
data/libcdr-0.1.6/src/test/CDRInternalStreamTest.cpp:71:33: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
const unsigned char *s = strm.read(sizeof(data), readBytes);
data/libcdr-0.1.6/src/test/CDRInternalStreamTest.cpp:73:23: [1] (buffer) equal:
Function does not check the second iterator for over-read conditions
(CWE-126). This function is often discouraged by most C++ coding standards
in favor of its safer alternatives provided since C++14. Consider using a
form of this function that checks the second iterator before potentially
overflowing it.
CPPUNIT_ASSERT(std::equal(data, data + sizeof(data), s));
ANALYSIS SUMMARY:
Hits = 74
Lines analyzed = 34888 in approximately 2.88 seconds (12115 lines/second)
Physical Source Lines of Code (SLOC) = 33031
Hits@level = [0] 90 [1] 27 [2] 32 [3] 0 [4] 15 [5] 0
Hits@level+ = [0+] 164 [1+] 74 [2+] 47 [3+] 15 [4+] 15 [5+] 0
Hits/KSLOC@level+ = [0+] 4.96503 [1+] 2.24032 [2+] 1.42291 [3+] 0.454119 [4+] 0.454119 [5+] 0
Dot directories skipped = 1 (--followdotdir overrides)
Minimum risk level = 1
Not every hit is necessarily a security vulnerability.
There may be other security vulnerabilities; review your code!
See 'Secure Programming HOWTO'
(https://dwheeler.com/secure-programs) for more information.