Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler.
Number of rules (primarily dangerous function names) in C/C++ ruleset: 223
Examining data/m2300w-0.51/src/m2400w.c
Examining data/m2300w-0.51/src/m2300w.c
FINAL RESULTS:
data/m2300w-0.51/src/m2300w.c:1196:22: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while ((option = getopt (argc, argv, "v:hi:o:c:m:p:r:s")) >= 0)
data/m2300w-0.51/src/m2400w.c:1239:22: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while ((option = getopt (argc, argv, "v:hi:o:c:m:p:r:s")) >= 0)
data/m2300w-0.51/src/m2300w.c:84:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char desc[32];
data/m2300w-0.51/src/m2300w.c:150:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char desc[32];
data/m2300w-0.51/src/m2300w.c:176:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char jobHeaderT1[6];
data/m2300w-0.51/src/m2300w.c:179:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char jobHeaderT2[6];
data/m2300w-0.51/src/m2300w.c:196:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char seitenHeaderT1[2];
data/m2300w-0.51/src/m2300w.c:198:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char seitenHeaderT2[3];
data/m2300w-0.51/src/m2300w.c:200:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char seitenHeaderT2b[3];
data/m2300w-0.51/src/m2300w.c:203:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char seitenHeaderT3[2];
data/m2300w-0.51/src/m2300w.c:207:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char seitenHeaderT4[1];
data/m2300w-0.51/src/m2300w.c:209:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char seitenHeaderT5[2];
data/m2300w-0.51/src/m2300w.c:211:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char seitenHeaderT6[6];
data/m2300w-0.51/src/m2300w.c:213:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char seitenHeaderT7[5];
data/m2300w-0.51/src/m2300w.c:240:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char jobFooterT1[2];
data/m2300w-0.51/src/m2300w.c:242:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char jobFooterT2[4];
data/m2300w-0.51/src/m2300w.c:257:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char fileFooterT1[2];
data/m2300w-0.51/src/m2300w.c:259:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char fileFooterT2[4];
data/m2300w-0.51/src/m2300w.c:274:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char blockHeaderT1[2];
data/m2300w-0.51/src/m2300w.c:277:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char blockHeaderT2[3];
data/m2300w-0.51/src/m2300w.c:414:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char rleOut[2];
data/m2300w-0.51/src/m2300w.c:434:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char rBOut[65];
data/m2300w-0.51/src/m2300w.c:439:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (&rBOut[1], &stFeld[colorID].encBuffer[(rohByteCount * 64)],
data/m2300w-0.51/src/m2300w.c:441:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (&stFeld[colorID].
data/m2300w-0.51/src/m2300w.c:470:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (&rBOut[1], &stFeld[colorID].encBuffer[(rohByteCount * 64)],
data/m2300w-0.51/src/m2300w.c:472:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (&stFeld[colorID].
data/m2300w-0.51/src/m2300w.c:501:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (&stFeld[colorID].
data/m2300w-0.51/src/m2300w.c:523:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (&stFeld[colorID].
data/m2300w-0.51/src/m2300w.c:551:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char dummyTable[1] = { 0x80 };
data/m2300w-0.51/src/m2300w.c:558:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (&stFeld[colorID].
data/m2300w-0.51/src/m2300w.c:653:6: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (&stFeld[colorID].pageOut[stFeld[colorID].indexPageOut],
data/m2300w-0.51/src/m2300w.c:667:6: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (&stFeld[colorID].pageOut[stFeld[colorID].indexPageOut],
data/m2300w-0.51/src/m2300w.c:765:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[255];
data/m2300w-0.51/src/m2300w.c:883:14: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
inpX = atoi (strtok (buffer, " "));
data/m2300w-0.51/src/m2300w.c:884:14: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
inpY = atoi (strtok (NULL, " "));
data/m2300w-0.51/src/m2300w.c:1225:18: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
MediaCode = atoi (optarg);
data/m2300w-0.51/src/m2300w.c:1233:18: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
PaperCode = atoi (optarg);
data/m2300w-0.51/src/m2300w.c:1241:16: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
ResXmul = atoi (optarg);
data/m2300w-0.51/src/m2300w.c:1262:13: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
verb = atoi (optarg);
data/m2300w-0.51/src/m2300w.c:1291:19: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((in_stream = fopen (inFile, "r")) == NULL) {
data/m2300w-0.51/src/m2300w.c:1303:20: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((out_stream = fopen (outFile, "w")) == NULL) {
data/m2300w-0.51/src/m2400w.c:83:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char desc[32];
data/m2300w-0.51/src/m2400w.c:149:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char desc[32];
data/m2300w-0.51/src/m2400w.c:175:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char jobHeaderT1[6];
data/m2300w-0.51/src/m2400w.c:178:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char jobHeaderT2[6];
data/m2300w-0.51/src/m2400w.c:195:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char seitenHeaderT1[2];
data/m2300w-0.51/src/m2400w.c:197:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char seitenHeaderT2[3];
data/m2300w-0.51/src/m2400w.c:199:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char seitenHeaderT2b[3];
data/m2300w-0.51/src/m2400w.c:202:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char seitenHeaderT3[2];
data/m2300w-0.51/src/m2400w.c:206:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char seitenHeaderT4[1];
data/m2300w-0.51/src/m2400w.c:208:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char seitenHeaderT5[2];
data/m2300w-0.51/src/m2400w.c:210:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char seitenHeaderT6[6];
data/m2300w-0.51/src/m2400w.c:212:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char seitenHeaderT7[5];
data/m2300w-0.51/src/m2400w.c:239:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char jobFooterT1[2];
data/m2300w-0.51/src/m2400w.c:241:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char jobFooterT2[4];
data/m2300w-0.51/src/m2400w.c:256:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char fileFooterT1[2];
data/m2300w-0.51/src/m2400w.c:258:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char fileFooterT2[4];
data/m2300w-0.51/src/m2400w.c:273:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char blockHeaderT1[2];
data/m2300w-0.51/src/m2400w.c:276:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char blockHeaderT2[3];
data/m2300w-0.51/src/m2400w.c:417:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char rleOut[2];
data/m2300w-0.51/src/m2400w.c:437:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char rBOut[65];
data/m2300w-0.51/src/m2400w.c:442:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (&rBOut[1], &stFeld[colorID].encBuffer[(rohByteCount * 64)],
data/m2300w-0.51/src/m2400w.c:444:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (&stFeld[colorID].
data/m2300w-0.51/src/m2400w.c:473:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (&rBOut[1], &stFeld[colorID].encBuffer[(rohByteCount * 64)],
data/m2300w-0.51/src/m2400w.c:475:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (&stFeld[colorID].
data/m2300w-0.51/src/m2400w.c:504:6: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (&stFeld[colorID].
data/m2300w-0.51/src/m2400w.c:525:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (&stFeld[colorID].
data/m2300w-0.51/src/m2400w.c:547:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (&stFeld[colorID].
data/m2300w-0.51/src/m2400w.c:575:11: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char dummyTable[1] = { 0x80 };
data/m2300w-0.51/src/m2400w.c:582:2: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (&stFeld[colorID].
data/m2300w-0.51/src/m2400w.c:677:6: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (&stFeld[colorID].pageOut[stFeld[colorID].indexPageOut],
data/m2300w-0.51/src/m2400w.c:691:6: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy (&stFeld[colorID].pageOut[stFeld[colorID].indexPageOut],
data/m2300w-0.51/src/m2400w.c:807:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char buffer[255];
data/m2300w-0.51/src/m2400w.c:925:14: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
inpX = atoi (strtok (buffer, " "));
data/m2300w-0.51/src/m2400w.c:926:14: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
inpY = atoi (strtok (NULL, " "));
data/m2300w-0.51/src/m2400w.c:1268:18: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
MediaCode = atoi (optarg);
data/m2300w-0.51/src/m2400w.c:1276:18: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
PaperCode = atoi (optarg);
data/m2300w-0.51/src/m2400w.c:1284:16: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
ResXmul = atoi (optarg);
data/m2300w-0.51/src/m2400w.c:1312:13: [2] (integer) atoi:
Unless checked, the resulting number can exceed the expected range
(CWE-190). If source untrusted, check both minimum and maximum, even if the
input had no minus sign (large numbers can roll over into negative number;
consider saving to an unsigned value if that is intended).
verb = atoi (optarg);
data/m2300w-0.51/src/m2400w.c:1341:19: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((in_stream = fopen (inFile, "r")) == NULL) {
data/m2300w-0.51/src/m2400w.c:1353:20: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
if ((out_stream = fopen (outFile, "w")) == NULL) {
data/m2300w-0.51/src/m2300w.c:970:16: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if ((c = fgetc (in_stream)) != EOF) {
data/m2300w-0.51/src/m2300w.c:1007:16: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if ((c = fgetc (in_stream)) != EOF) {
data/m2300w-0.51/src/m2300w.c:1037:12: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if ((c = fgetc (in_stream)) != EOF) {
data/m2300w-0.51/src/m2300w.c:1085:16: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if ((c = fgetc (in_stream)) != EOF) {
data/m2300w-0.51/src/m2300w.c:1120:16: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if ((c = fgetc (in_stream)) != EOF) {
data/m2300w-0.51/src/m2400w.c:1012:16: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if ((c = fgetc (in_stream)) != EOF) {
data/m2300w-0.51/src/m2400w.c:1049:16: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if ((c = fgetc (in_stream)) != EOF) {
data/m2300w-0.51/src/m2400w.c:1079:12: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if ((c = fgetc (in_stream)) != EOF) {
data/m2300w-0.51/src/m2400w.c:1127:16: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if ((c = fgetc (in_stream)) != EOF) {
data/m2300w-0.51/src/m2400w.c:1162:16: [1] (buffer) fgetc:
Check buffer boundaries if used in a loop including recursive loops
(CWE-120, CWE-20).
if ((c = fgetc (in_stream)) != EOF) {
ANALYSIS SUMMARY:
Hits = 91
Lines analyzed = 2845 in approximately 0.14 seconds (19968 lines/second)
Physical Source Lines of Code (SLOC) = 2260
Hits@level = [0] 173 [1] 10 [2] 79 [3] 2 [4] 0 [5] 0
Hits@level+ = [0+] 264 [1+] 91 [2+] 81 [3+] 2 [4+] 0 [5+] 0
Hits/KSLOC@level+ = [0+] 116.814 [1+] 40.2655 [2+] 35.8407 [3+] 0.884956 [4+] 0 [5+] 0
Dot directories skipped = 1 (--followdotdir overrides)
Minimum risk level = 1
Not every hit is necessarily a security vulnerability.
There may be other security vulnerabilities; review your code!
See 'Secure Programming HOWTO'
(https://dwheeler.com/secure-programs) for more information.