Flawfinder version 2.0.10, (C) 2001-2019 David A. Wheeler.
Number of rules (primarily dangerous function names) in C/C++ ruleset: 223
Examining data/mp3guessenc-0.27.5+dfsg.1/mp3guessenc.h
Examining data/mp3guessenc-0.27.5+dfsg.1/bit_utils.c
Examining data/mp3guessenc-0.27.5+dfsg.1/tools/strencode.c
Examining data/mp3guessenc-0.27.5+dfsg.1/tags.c
Examining data/mp3guessenc-0.27.5+dfsg.1/scrambled.h
Examining data/mp3guessenc-0.27.5+dfsg.1/tags.h
Examining data/mp3guessenc-0.27.5+dfsg.1/decode.h
Examining data/mp3guessenc-0.27.5+dfsg.1/decode.c
Examining data/mp3guessenc-0.27.5+dfsg.1/mp3g_io_config.h
Examining data/mp3guessenc-0.27.5+dfsg.1/bit_utils.h
Examining data/mp3guessenc-0.27.5+dfsg.1/mp3guessenc.c
FINAL RESULTS:
data/mp3guessenc-0.27.5+dfsg.1/tools/strencode.c:58:9: [4] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf.
sprintf(data,"Unable to retrieve informations about `%s'.\nError",argv[f2c]);
data/mp3guessenc-0.27.5+dfsg.1/mp3guessenc.c:2748:22: [3] (buffer) getopt:
Some older implementations do not protect against internal buffer overflows
(CWE-120, CWE-20). Check implementation on installation, or limit the size
of all string inputs.
while ((option = getopt(argc, argv, "acefghimnprs"
data/mp3guessenc-0.27.5+dfsg.1/bit_utils.c:221:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(p23b[p23b_in].buf, buff, block_len);
data/mp3guessenc-0.27.5+dfsg.1/bit_utils.c:287:17: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buffer+copied, p23b[p23b_out].buf+p23b_pos/8, len);
data/mp3guessenc-0.27.5+dfsg.1/bit_utils.c:299:21: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buffer+copied,p23b[p23b_out].buf+p23b_pos/8,(int)((endbit-p23b[p23b_out].pos-p23b_pos)/8));
data/mp3guessenc-0.27.5+dfsg.1/bit_utils.c:308:25: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(buffer+copied,p23b[p23b_out].buf+p23b_pos/8,buffer_size);
data/mp3guessenc-0.27.5+dfsg.1/bit_utils.h:55:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char buf[LARGEST_FRAME];
data/mp3guessenc-0.27.5+dfsg.1/mp3guessenc.c:188:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char subband_limit[5]={27,30,8,12,30}; /* sub band limits for mpeg layerII */
data/mp3guessenc-0.27.5+dfsg.1/mp3guessenc.c:189:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char subband_quanttable[5][30]=
data/mp3guessenc-0.27.5+dfsg.1/mp3guessenc.c:200:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char mp3g_storage[LARGEST_BUFFER];
data/mp3guessenc-0.27.5+dfsg.1/mp3guessenc.c:445:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char reflected_nibble[16]={
data/mp3guessenc-0.27.5+dfsg.1/mp3guessenc.c:512:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char pred_coeff_table[6][16]={
data/mp3guessenc-0.27.5+dfsg.1/mp3guessenc.c:521:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char sbgr_table[30]={ 0, 1, 2, 3, 4, 5, 6, 7, 8, 8, 9, 9, 10, 10, 10,
data/mp3guessenc-0.27.5+dfsg.1/mp3guessenc.c:524:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char idx, jdx, ext_bs_present, lfe_present, center, surround, tc_sbgr_select,
data/mp3guessenc-0.27.5+dfsg.1/mp3guessenc.c:1439:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char halfway_index[5][30]=
data/mp3guessenc-0.27.5+dfsg.1/mp3guessenc.c:1448:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char samples_table[6][15]=
data/mp3guessenc-0.27.5+dfsg.1/mp3guessenc.c:1749:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char local_buff[LARGEST_FRAME];
data/mp3guessenc-0.27.5+dfsg.1/mp3guessenc.c:2246:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char max_len,blk_max_len,dummy_string[12];
data/mp3guessenc-0.27.5+dfsg.1/mp3guessenc.c:2249:13: [2] (buffer) sprintf:
Does not check for buffer overflows (CWE-120). Use sprintf_s, snprintf, or
vsnprintf. Risk is low because the source has a constant maximum length.
max_len=sprintf(dummy_string,"%u",si->totFrameNum);
data/mp3guessenc-0.27.5+dfsg.1/mp3guessenc.c:2724:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char source[DATA_LEN];
data/mp3guessenc-0.27.5+dfsg.1/mp3guessenc.c:2822:21: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(source, scrambled_data, DATA_LEN);
data/mp3guessenc-0.27.5+dfsg.1/mp3guessenc.c:2901:18: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
input_file = fopen(argv[optind],"rb");
data/mp3guessenc-0.27.5+dfsg.1/mp3guessenc.h:156:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char encoder_string[LAME_STRING_LENGTH];
data/mp3guessenc-0.27.5+dfsg.1/mp3guessenc.h:172:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char enhSignature[2]; /* these bytes of enhanced mp3 features must be initialized to 0xFF */
data/mp3guessenc-0.27.5+dfsg.1/mp3guessenc.h:213:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char min_global_gain[2];
data/mp3guessenc-0.27.5+dfsg.1/mp3guessenc.h:214:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char max_global_gain[2];
data/mp3guessenc-0.27.5+dfsg.1/mp3guessenc.h:231:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char usesScfsi[2];
data/mp3guessenc-0.27.5+dfsg.1/mp3guessenc.h:233:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char min_global_gain[2];
data/mp3guessenc-0.27.5+dfsg.1/mp3guessenc.h:234:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char max_global_gain[2];
data/mp3guessenc-0.27.5+dfsg.1/mp3guessenc.h:238:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char allocation[5][32]; /* bit allocation data used in both layerI and II */
data/mp3guessenc-0.27.5+dfsg.1/mp3guessenc.h:239:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char scfsi[2][30]; /* scale factor selection info - used in layerII */
data/mp3guessenc-0.27.5+dfsg.1/scrambled.h:3:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char scrambled_data[DATA_LEN]={172,229,240,150,33,19,51,57,81,52,85,
data/mp3guessenc-0.27.5+dfsg.1/tags.c:304:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char preamble[8];
data/mp3guessenc-0.27.5+dfsg.1/tags.c:305:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char version[4];
data/mp3guessenc-0.27.5+dfsg.1/tags.c:306:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char tag_size[4];
data/mp3guessenc-0.27.5+dfsg.1/tags.c:307:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char item_count[4];
data/mp3guessenc-0.27.5+dfsg.1/tags.c:308:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char tag_flags[4];
data/mp3guessenc-0.27.5+dfsg.1/tags.c:309:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char reserved[8];
data/mp3guessenc-0.27.5+dfsg.1/tags.c:313:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char image_extension[4];
data/mp3guessenc-0.27.5+dfsg.1/tags.c:314:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char image_binary[4];
data/mp3guessenc-0.27.5+dfsg.1/tags.c:315:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char unused[4];
data/mp3guessenc-0.27.5+dfsg.1/tags.c:316:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char version_info[4];
data/mp3guessenc-0.27.5+dfsg.1/tags.c:317:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char audio_metadata[4];
data/mp3guessenc-0.27.5+dfsg.1/tags.c:318:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char footer[MMTAG_FOOTER_SIZE];
data/mp3guessenc-0.27.5+dfsg.1/tags.c:327:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char empty[12];
data/mp3guessenc-0.27.5+dfsg.1/tags.c:328:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char sync[MMTAG_VERSION_BLOCK_SUBSECTION_LENGTH];
data/mp3guessenc-0.27.5+dfsg.1/tags.c:329:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char xing[MMTAG_VERSION_BLOCK_SUBSECTION_LENGTH];
data/mp3guessenc-0.27.5+dfsg.1/tags.c:330:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char musm[MMTAG_VERSION_BLOCK_SUBSECTION_LENGTH];
data/mp3guessenc-0.27.5+dfsg.1/tags.c:334:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char ckid[WAVE_RIFF_IDS_LENGTH];
data/mp3guessenc-0.27.5+dfsg.1/tags.c:335:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char cksize[4];
data/mp3guessenc-0.27.5+dfsg.1/tags.c:338:10: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char sideinfo_tab[2][2] = {{32,17},{17,9}}; /* MPEG1 {2ch,1ch}, MPEG2/2.5 {2ch,1ch} */
data/mp3guessenc-0.27.5+dfsg.1/tags.c:447:13: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(lame_string,"GOGO");
data/mp3guessenc-0.27.5+dfsg.1/tags.c:464:13: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(lame_string,"LAME"); /* this is likely to be the first call to extract_lame_string */
data/mp3guessenc-0.27.5+dfsg.1/tags.c:473:17: [2] (buffer) strcpy:
Does not check for buffer overflows when copying to destination [MS-banned]
(CWE-120). Consider using snprintf, strcpy_s, or strlcpy (warning: strncpy
easily misused). Risk is low because the source is a constant string.
strcpy(lame_string,"LAME");
data/mp3guessenc-0.27.5+dfsg.1/tags.c:634:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(p->lametag, buf+offset, LAMETAGSIZE);
data/mp3guessenc-0.27.5+dfsg.1/tags.c:997:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char footer[ID3V2_FOOTER_LENGTH];
data/mp3guessenc-0.27.5+dfsg.1/tags.c:1090:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char lyrics3v1_tag[LYRICS3V1_TAG_MAXSIZE];
data/mp3guessenc-0.27.5+dfsg.1/tags.c:1092:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char sign[LYRICS3_END_SIGNATURE_LEN],*p;
data/mp3guessenc-0.27.5+dfsg.1/tags.c:1126:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char sign[LYRICS3V2_TAGSIZE_LEN+LYRICS3_END_SIGNATURE_LEN],*p;
data/mp3guessenc-0.27.5+dfsg.1/tags.c:1165:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char search[MMTAG_SAFE_SEARCH_SIZE], *p;
data/mp3guessenc-0.27.5+dfsg.1/tags.c:1177:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(mmtag->tag_ver, &mm_tail_infos.footer[MMTAG_VERSION_OFFSET], MMTAG_VERSION_LEN);
data/mp3guessenc-0.27.5+dfsg.1/tags.c:1186:21: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(mmtag->mm_ver, &p[MMTAG_VERSION_BLOCK_MM_VER_OFFSET], MMTAG_VERSION_BLOCK_STRING_LEN);
data/mp3guessenc-0.27.5+dfsg.1/tags.c:1187:21: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(mmtag->enc_ver, &p[MMTAG_VERSION_BLOCK_XING_VER_OFFSET], MMTAG_VERSION_BLOCK_STRING_LEN);
data/mp3guessenc-0.27.5+dfsg.1/tags.c:1210:25: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(mmtag->image_ext, &search[MMTAG_HEADER_SIZE], MMTAG_IMAGE_EXTENSION_LEN);
data/mp3guessenc-0.27.5+dfsg.1/tags.c:1240:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(mmtag->mm_ver, mm_infos.musm, MMTAG_VERSION_BLOCK_STRING_LEN);
data/mp3guessenc-0.27.5+dfsg.1/tags.c:1241:13: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(mmtag->enc_ver, mm_infos.xing, MMTAG_VERSION_BLOCK_STRING_LEN);
data/mp3guessenc-0.27.5+dfsg.1/tags.c:1292:9: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy((void *)&apefooter, p_apefooter, sizeof(apefooter_t));
data/mp3guessenc-0.27.5+dfsg.1/tags.h:43:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char tag[3];
data/mp3guessenc-0.27.5+dfsg.1/tags.h:44:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char title[30];
data/mp3guessenc-0.27.5+dfsg.1/tags.h:45:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char artist[30];
data/mp3guessenc-0.27.5+dfsg.1/tags.h:46:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char album[30];
data/mp3guessenc-0.27.5+dfsg.1/tags.h:47:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char year[4];
data/mp3guessenc-0.27.5+dfsg.1/tags.h:48:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char comment[30];
data/mp3guessenc-0.27.5+dfsg.1/tags.h:58:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char mm_ver[5]; /* this field is actually four bytes long, this trick ensures there will always be a null string terminator */
data/mp3guessenc-0.27.5+dfsg.1/tags.h:59:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char tag_ver[5]; /* this field is actually four bytes long, this trick ensures there will always be a null string terminator */
data/mp3guessenc-0.27.5+dfsg.1/tags.h:60:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char enc_ver[5]; /* this field is actually four bytes long, this trick ensures there will always be a null string terminator */
data/mp3guessenc-0.27.5+dfsg.1/tags.h:61:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char image_ext[5];/* this field is actually four bytes long, this trick ensures there will always be a null string terminator */
data/mp3guessenc-0.27.5+dfsg.1/tags.h:86:14: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
unsigned char lametag[LAMETAGSIZE];
data/mp3guessenc-0.27.5+dfsg.1/tools/strencode.c:15:5: [2] (buffer) char:
Statically-sized arrays can be improperly restricted, leading to potential
overflows or other issues (CWE-119!/CWE-120). Perform bounds checking, use
functions that limit length, or ensure that the size is larger than the
maximum possible length.
char data[MAX_BUFFER_LEN],s[MAX_BUFFER_LEN],
data/mp3guessenc-0.27.5+dfsg.1/tools/strencode.c:75:16: [2] (misc) fopen:
Check when opening files - can an attacker redirect it (via symlinks),
force the opening of special file type (e.g., device files), move things
around to create a race condition, control its ancestors, or change its
contents? (CWE-362).
input_file=fopen(argv[f2c],"rb");
data/mp3guessenc-0.27.5+dfsg.1/tools/strencode.c:112:5: [2] (buffer) memcpy:
Does not check for buffer overflows when copying to destination (CWE-120).
Make sure destination can always hold the source data.
memcpy(s,data,len);
data/mp3guessenc-0.27.5+dfsg.1/decode.c:40:13: [1] (buffer) strncat:
Easily used incorrectly (e.g., incorrectly computing the correct maximum
size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf,
or automatically resizing strings.
strncat(source,argv[optind],avail);
data/mp3guessenc-0.27.5+dfsg.1/decode.c:42:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
avail-=strlen(source);
data/mp3guessenc-0.27.5+dfsg.1/decode.c:45:17: [1] (buffer) strncat:
Easily used incorrectly (e.g., incorrectly computing the correct maximum
size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf,
or automatically resizing strings. Risk is low because the source is a
constant character.
strncat(source," ",avail);
data/mp3guessenc-0.27.5+dfsg.1/decode.c:46:17: [1] (buffer) strncat:
Easily used incorrectly (e.g., incorrectly computing the correct maximum
size to add) [MS-banned] (CWE-120). Consider strcat_s, strlcat, snprintf,
or automatically resizing strings.
strncat(source,argv[optind],avail-1);
data/mp3guessenc-0.27.5+dfsg.1/decode.c:48:30: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
avail=maxlen-strlen(source)-1;
data/mp3guessenc-0.27.5+dfsg.1/decode.c:52:19: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
avail=strlen(codename);
data/mp3guessenc-0.27.5+dfsg.1/decode.c:54:22: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
if ((int)strlen(source)==avail)
data/mp3guessenc-0.27.5+dfsg.1/tags.c:364:15: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len = strlen(needle);
data/mp3guessenc-0.27.5+dfsg.1/tags.c:478:20: [1] (buffer) strlen:
Does not handle strings that are not \0-terminated; if given one it may
perform an over-read (it could cause a crash if unprotected) (CWE-126).
len_before=strlen(lame_string);
ANALYSIS SUMMARY:
Hits = 90
Lines analyzed = 5961 in approximately 0.19 seconds (31526 lines/second)
Physical Source Lines of Code (SLOC) = 4401
Hits@level = [0] 292 [1] 9 [2] 79 [3] 1 [4] 1 [5] 0
Hits@level+ = [0+] 382 [1+] 90 [2+] 81 [3+] 2 [4+] 1 [5+] 0
Hits/KSLOC@level+ = [0+] 86.7985 [1+] 20.4499 [2+] 18.4049 [3+] 0.454442 [4+] 0.227221 [5+] 0
Dot directories skipped = 1 (--followdotdir overrides)
Minimum risk level = 1
Not every hit is necessarily a security vulnerability.
There may be other security vulnerabilities; review your code!
See 'Secure Programming HOWTO'
(https://dwheeler.com/secure-programs) for more information.