Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler.
Number of rules (primarily dangerous function names) in C/C++ ruleset: 223
Examining data/liblastfm-1.0.9/demos/demo1.cpp
Examining data/liblastfm-1.0.9/demos/demo2.cpp
Examining data/liblastfm-1.0.9/demos/demo3.cpp
Examining data/liblastfm-1.0.9/src/AbstractType.h
Examining data/liblastfm-1.0.9/src/Album.cpp
Examining data/liblastfm-1.0.9/src/Album.h
Examining data/liblastfm-1.0.9/src/Artist.cpp
Examining data/liblastfm-1.0.9/src/Artist.h
Examining data/liblastfm-1.0.9/src/Audioscrobbler.cpp
Examining data/liblastfm-1.0.9/src/Audioscrobbler.h
Examining data/liblastfm-1.0.9/src/Auth.cpp
Examining data/liblastfm-1.0.9/src/Auth.h
Examining data/liblastfm-1.0.9/src/Chart.cpp
Examining data/liblastfm-1.0.9/src/Chart.h
Examining data/liblastfm-1.0.9/src/FingerprintId.cpp
Examining data/liblastfm-1.0.9/src/FingerprintId.h
Examining data/liblastfm-1.0.9/src/InternetConnectionMonitor.cpp
Examining data/liblastfm-1.0.9/src/InternetConnectionMonitor.h
Examining data/liblastfm-1.0.9/src/Library.cpp
Examining data/liblastfm-1.0.9/src/Library.h
Examining data/liblastfm-1.0.9/src/Mbid.cpp
Examining data/liblastfm-1.0.9/src/Mbid.h
Examining data/liblastfm-1.0.9/src/NetworkAccessManager.cpp
Examining data/liblastfm-1.0.9/src/NetworkAccessManager.h
Examining data/liblastfm-1.0.9/src/NetworkConnectionMonitor.cpp
Examining data/liblastfm-1.0.9/src/NetworkConnectionMonitor.h
Examining data/liblastfm-1.0.9/src/Playlist.cpp
Examining data/liblastfm-1.0.9/src/Playlist.h
Examining data/liblastfm-1.0.9/src/RadioStation.cpp
Examining data/liblastfm-1.0.9/src/RadioStation.h
Examining data/liblastfm-1.0.9/src/RadioTuner.cpp
Examining data/liblastfm-1.0.9/src/RadioTuner.h
Examining data/liblastfm-1.0.9/src/ScrobbleCache.cpp
Examining data/liblastfm-1.0.9/src/ScrobbleCache.h
Examining data/liblastfm-1.0.9/src/ScrobblePoint.cpp
Examining data/liblastfm-1.0.9/src/ScrobblePoint.h
Examining data/liblastfm-1.0.9/src/Tag.cpp
Examining data/liblastfm-1.0.9/src/Tag.h
Examining data/liblastfm-1.0.9/src/Tasteometer.cpp
Examining data/liblastfm-1.0.9/src/Tasteometer.h
Examining data/liblastfm-1.0.9/src/Track.cpp
Examining data/liblastfm-1.0.9/src/Track.h
Examining data/liblastfm-1.0.9/src/Url.cpp
Examining data/liblastfm-1.0.9/src/Url.h
Examining data/liblastfm-1.0.9/src/UrlBuilder.cpp
Examining data/liblastfm-1.0.9/src/UrlBuilder.h
Examining data/liblastfm-1.0.9/src/User.cpp
Examining data/liblastfm-1.0.9/src/User.h
Examining data/liblastfm-1.0.9/src/XmlQuery.cpp
Examining data/liblastfm-1.0.9/src/XmlQuery.h
Examining data/liblastfm-1.0.9/src/Xspf.cpp
Examining data/liblastfm-1.0.9/src/Xspf.h
Examining data/liblastfm-1.0.9/src/fingerprint/Collection.cpp
Examining data/liblastfm-1.0.9/src/fingerprint/Collection.h
Examining data/liblastfm-1.0.9/src/fingerprint/EXAMPLE.cpp
Examining data/liblastfm-1.0.9/src/fingerprint/Fingerprint.cpp
Examining data/liblastfm-1.0.9/src/fingerprint/Fingerprint.h
Examining data/liblastfm-1.0.9/src/fingerprint/FingerprintableSource.h
Examining data/liblastfm-1.0.9/src/fingerprint/Sha256.cpp
Examining data/liblastfm-1.0.9/src/fingerprint/Sha256.h
Examining data/liblastfm-1.0.9/src/fingerprint/contrib/AacSource.cpp
Examining data/liblastfm-1.0.9/src/fingerprint/contrib/AacSource.h
Examining data/liblastfm-1.0.9/src/fingerprint/contrib/AacSource_p.h
Examining data/liblastfm-1.0.9/src/fingerprint/contrib/FlacSource.cpp
Examining data/liblastfm-1.0.9/src/fingerprint/contrib/FlacSource.h
Examining data/liblastfm-1.0.9/src/fingerprint/contrib/MadSource.cpp
Examining data/liblastfm-1.0.9/src/fingerprint/contrib/MadSource.h
Examining data/liblastfm-1.0.9/src/fingerprint/contrib/VorbisSource.cpp
Examining data/liblastfm-1.0.9/src/fingerprint/contrib/VorbisSource.h
Examining data/liblastfm-1.0.9/src/fingerprint/contrib/main.cpp
Examining data/liblastfm-1.0.9/src/fingerprint/fplib/CircularArray.h
Examining data/liblastfm-1.0.9/src/fingerprint/fplib/Filter.cpp
Examining data/liblastfm-1.0.9/src/fingerprint/fplib/Filter.h
Examining data/liblastfm-1.0.9/src/fingerprint/fplib/FingerprintExtractor.cpp
Examining data/liblastfm-1.0.9/src/fingerprint/fplib/FingerprintExtractor.h
Examining data/liblastfm-1.0.9/src/fingerprint/fplib/FloatingAverage.h
Examining data/liblastfm-1.0.9/src/fingerprint/fplib/OptFFT.cpp
Examining data/liblastfm-1.0.9/src/fingerprint/fplib/OptFFT.h
Examining data/liblastfm-1.0.9/src/fingerprint/fplib/fp_helper_fun.h
Examining data/liblastfm-1.0.9/src/linux/LNetworkConnectionMonitor.h
Examining data/liblastfm-1.0.9/src/linux/LNetworkConnectionMonitor_linux.cpp
Examining data/liblastfm-1.0.9/src/mac/MNetworkConnectionMonitor.h
Examining data/liblastfm-1.0.9/src/mac/MNetworkConnectionMonitor_mac.cpp
Examining data/liblastfm-1.0.9/src/mac/ProxyDict.h
Examining data/liblastfm-1.0.9/src/mbid_mp3.c
Examining data/liblastfm-1.0.9/src/misc.cpp
Examining data/liblastfm-1.0.9/src/misc.h
Examining data/liblastfm-1.0.9/src/win/ComSetup.h
Examining data/liblastfm-1.0.9/src/win/IeSettings.h
Examining data/liblastfm-1.0.9/src/win/NdisEvents.cpp
Examining data/liblastfm-1.0.9/src/win/NdisEvents.h
Examining data/liblastfm-1.0.9/src/win/WNetworkConnectionMonitor.h
Examining data/liblastfm-1.0.9/src/win/WNetworkConnectionMonitor_win.cpp
Examining data/liblastfm-1.0.9/src/win/WmiSink.cpp
Examining data/liblastfm-1.0.9/src/win/WmiSink.h
Examining data/liblastfm-1.0.9/src/ws.cpp
Examining data/liblastfm-1.0.9/src/ws.h
Examining data/liblastfm-1.0.9/tests/TestTrack.h
Examining data/liblastfm-1.0.9/tests/TestUrlBuilder.h
FINAL RESULTS:
data/liblastfm-1.0.9/src/Mbid.cpp:78:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char out[MBID_BUFFER_SIZE];
data/liblastfm-1.0.9/src/ScrobbleCache.cpp:86:10: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
file.open( QFile::Text | QFile::ReadOnly );
data/liblastfm-1.0.9/src/ScrobbleCache.cpp:117:14: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
file.open( QIODevice::WriteOnly | QIODevice::Text );
data/liblastfm-1.0.9/src/fingerprint/Collection.cpp:45:15: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if (!m_db.open()) {
data/liblastfm-1.0.9/src/fingerprint/Fingerprint.cpp:206:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char hash[SHA256_HASH_SIZE];
data/liblastfm-1.0.9/src/fingerprint/Sha256.cpp:203:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[128];
data/liblastfm-1.0.9/src/fingerprint/Sha256.cpp:336:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (&sc->buffer.bytes[sc->bufferLength], data, bytesToCopy);
data/liblastfm-1.0.9/src/fingerprint/Sha256.cpp:362:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (&sc->buffer.bytes[sc->bufferLength], data, len);
data/liblastfm-1.0.9/src/fingerprint/Sha256.cpp:376:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (&sc->buffer.bytes[sc->bufferLength], data, bytesToCopy);
data/liblastfm-1.0.9/src/fingerprint/Sha256.cpp:437:3: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[1000];
data/liblastfm-1.0.9/src/fingerprint/contrib/AacSource.cpp:213:10: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fp = fopen(QFile::encodeName(m_fileName), "rb" );
data/liblastfm-1.0.9/src/fingerprint/contrib/AacSource.cpp:355:18: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char header[8];
data/liblastfm-1.0.9/src/fingerprint/contrib/AacSource.cpp:376:26: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char rest[2];
data/liblastfm-1.0.9/src/fingerprint/contrib/AacSource.cpp:510:10: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fp = fopen(QFile::encodeName(m_fileName), "rb");
data/liblastfm-1.0.9/src/fingerprint/contrib/AacSource.cpp:746:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char header[10];
data/liblastfm-1.0.9/src/fingerprint/contrib/AacSource.cpp:749:10: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fp = fopen(QFile::encodeName(m_fileName), "rb");
data/liblastfm-1.0.9/src/fingerprint/contrib/AacSource.cpp:892:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( pBuffer, m_aacFile->m_overflow, samples_to_use * sizeof(signed short) );
data/liblastfm-1.0.9/src/fingerprint/contrib/AacSource.cpp:923:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( pBufferIt, sampleBuffer, samples_to_use * sizeof(signed short) );
data/liblastfm-1.0.9/src/fingerprint/contrib/AacSource.cpp:930:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( m_aacFile->m_overflow, static_cast<signed short*>(sampleBuffer) + samples_to_use, (frameInfo.samples - samples_to_use) * sizeof(signed short) );
data/liblastfm-1.0.9/src/fingerprint/contrib/FlacSource.cpp:154:19: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE *f = fopen(QFile::encodeName(m_fileName), "rb" );
data/liblastfm-1.0.9/src/fingerprint/contrib/FlacSource.cpp:158:22: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char header[35];
data/liblastfm-1.0.9/src/fingerprint/contrib/FlacSource.cpp:311:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( pBufferIt, m_outBuf + m_outBufPos, sizeof(signed short)*samples_to_use );
data/liblastfm-1.0.9/src/fingerprint/contrib/MadSource.cpp:193:28: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
bool fine = m_inputFile.open( QIODevice::ReadOnly );
data/liblastfm-1.0.9/src/fingerprint/contrib/MadSource.cpp:223:26: [2] (misc) open:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
bool fine = inputFile.open( QIODevice::ReadOnly );
data/liblastfm-1.0.9/src/fingerprint/contrib/VorbisSource.cpp:67:16: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
FILE *fp = fopen(QFile::encodeName(m_fileName), "rb" );
data/liblastfm-1.0.9/src/fingerprint/contrib/VorbisSource.cpp:116:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char sampleBuffer[4096];
data/liblastfm-1.0.9/src/fingerprint/contrib/VorbisSource.cpp:158:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buf[ bufferSize * wordSize ];
data/liblastfm-1.0.9/src/fingerprint/contrib/VorbisSource.cpp:194:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( pBufferIt, buf, charReadBytes );
data/liblastfm-1.0.9/src/fingerprint/contrib/main.cpp:109:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char header[35];
data/liblastfm-1.0.9/src/fingerprint/contrib/main.cpp:111:10: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fp = fopen(QFile::encodeName(fileName), "rb");
data/liblastfm-1.0.9/src/fingerprint/fplib/CircularArray.h:274:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( pDest, _pData, sizeof(T)*_size );
data/liblastfm-1.0.9/src/fingerprint/fplib/FingerprintExtractor.cpp:443:10: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( pd.m_pDownsampledPCM, pd.m_pDownsampledPCM + pd.m_downsampledProcessSize,
data/liblastfm-1.0.9/src/fingerprint/fplib/OptFFT.cpp:340:7: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy( pIn_It, &pInData[i*OVERLAPSAMPLES], sizeof(float) * FRAMESIZE);
data/liblastfm-1.0.9/src/mbid_mp3.c:68:23: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
int getMP3_MBID(const char *path, char mbid[MBID_BUFFER_SIZE])
data/liblastfm-1.0.9/src/mbid_mp3.c:68:35: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
int getMP3_MBID(const char *path, char mbid[MBID_BUFFER_SIZE])
data/liblastfm-1.0.9/src/mbid_mp3.c:72:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char head[3];
data/liblastfm-1.0.9/src/mbid_mp3.c:73:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char version[2];
data/liblastfm-1.0.9/src/mbid_mp3.c:74:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char flag[1];
data/liblastfm-1.0.9/src/mbid_mp3.c:75:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char size[4];
data/liblastfm-1.0.9/src/mbid_mp3.c:76:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char size_extended[4];
data/liblastfm-1.0.9/src/mbid_mp3.c:79:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char frame[4];
data/liblastfm-1.0.9/src/mbid_mp3.c:80:4: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char frame_header[4];
data/liblastfm-1.0.9/src/mbid_mp3.c:89:9: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
fp = fopen(path,"rb");
data/liblastfm-1.0.9/src/mbid_mp3.c:154:13: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char frame_data[59];
data/liblastfm-1.0.9/src/misc.cpp:53:9: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char path[MAX_PATH];
data/liblastfm-1.0.9/src/misc.cpp:106:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char path[MAX_PATH];
data/liblastfm-1.0.9/src/ScrobbleCache.cpp:40:10: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
void read( QDomDocument& xml ); /// reads from m_path into m_tracks
data/liblastfm-1.0.9/src/ScrobbleCache.cpp:54:8: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
d->read( xml );
data/liblastfm-1.0.9/src/ScrobbleCache.cpp:81:31: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
lastfm::ScrobbleCachePrivate::read( QDomDocument& xml )
data/liblastfm-1.0.9/src/fingerprint/Fingerprint.cpp:226:20: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
inFile.read( reinterpret_cast<char*>(pMovableBuffer), SHA_BUFFER_SIZE );
data/liblastfm-1.0.9/src/fingerprint/contrib/MadSource.cpp:330:26: [1] (buffer) read:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
readSize = mp3File.read( reinterpret_cast<char*>(pReadStart), readSize );
data/liblastfm-1.0.9/src/mbid_mp3.c:159:16: [1] (buffer) strncpy:
Easily used incorrectly; doesn't always \0-terminate or check for invalid
pointers [MS-banned] (CWE-120).
strncpy(mbid,tmbid,MBID_BUFFER_SIZE-1);
ANALYSIS SUMMARY:
Hits = 52
Lines analyzed = 16141 in approximately 0.46 seconds (35428 lines/second)
Physical Source Lines of Code (SLOC) = 10266
Hits@level = [0] 22 [1] 6 [2] 46 [3] 0 [4] 0 [5] 0
Hits@level+ = [0+] 74 [1+] 52 [2+] 46 [3+] 0 [4+] 0 [5+] 0
Hits/KSLOC@level+ = [0+] 7.20826 [1+] 5.06526 [2+] 4.48081 [3+] 0 [4+] 0 [5+] 0
Dot directories skipped = 1 (--followdotdir overrides)
Minimum risk level = 1
Not every hit is necessarily a security vulnerability.
There may be other security vulnerabilities; review your code!
See 'Secure Programming HOWTO'
(https://dwheeler.com/secure-programs) for more information.